Hi
I am trying to automate the setup of an Elastic Stack using docker. At present most of it is working, however I do have a question around the setup of beats. I am hoping you can help.
Basically I want to automate the setup of the beats, into Kibana and Elasticsearch by automatically loading in the relevant templates, this all works fine if I go the standard route of requiring the Elastic template and the Kibana dashboards in their entirety.
However there are times when I only want the Kibana and Elasticsearch index's to be setup, leaving the dashboards blank
The following options seem to be available for the setup of the beats modules
Usage:
winlogbeat setup [flags]
Flags:
--dashboards Setup dashboards
-h, --help help for setup
--machine-learning Setup machine learning job configurations
--pipelines Setup Ingest pipelines
--template Setup index template
Template -> loads the Elasticsearch template
pipelines -> loads the relevant pipeline
dashboards -> loads Kibana index, visualisations and dashboards
In previous version, I think there was a way to only load the Kibana indexes (I could be wrong here)
Am I missing something ? Is what I am trying to do possible without having to setup the stack, export the stuff from Kibana and create versioned files, inputting via the API ?
The other option I thought of was load everything, then delete all visualisations and dashboards. I havent investigated the feasibility of this
I also have an issue with the winlogbeat, around loading templates etc from linux boxes, but there is a github issue for that
Any help is appreciated
Thanks