Api key name as additional field in apm-server data

Hi there,
I created a couple of API-key on apmserver and tested it with a GO client. I have 2 comments:

  1. I used the Credentials field and not the API Key field. This is not a problem, but it is not clear in the documenation.
  2. I'd like to have the api-key Name field in the Elastic document. Since this field would be filled by apm-server and not by agents, it would be useful for a sort of antitampering. It could be configurated like ssl_peer_metadata => true in Logstash. Is this possible?

Hey @iorfix, keep the great posts coming!

  1. Can you provide a link to the confusing documentation? I am not sure what which piece this is referring to but would love to improve anything that might be unclear.
  2. I haven't been able to come up with a way to accomplish this. Please feel free to open an feature request in the apm-server repo to record agent authentication information.

Hi @gil,
Agent go configuration explicity talks about API KEY: https://www.elastic.co/guide/en/apm/agent/go/current/configuration.html#config-api-key
Creation of a key at server side creates both an Api Key and Credentials, so it is misleading which of the two should be used (instead, I don't understand when to use one, and when the other):
https://www.elastic.co/guide/en/apm/server/master/api-key.html
Moreover, documentation of API Keys on Elastic doesn't mention Credentials at all:
https://www.elastic.co/guide/en/elasticsearch/reference/current/security-api-get-api-key.html
Finally, I was unable to understand how (if) to set apm-server keys on Elastic, and let them flow to apm-server nodes.
I hope this clarifies better my statement.
I'll open a feature request about recording agent authentication information

This topic was automatically closed 20 days after the last reply. New replies are no longer allowed.