Hello
I started Elastic Cloud service trial period. I want to ingest Cisco Umbrella logs using Cisco Umbrella integration. Documentation says, that I have to install Elastic Agent in order to ship the logs (logs from self-managed S3 bucket).
I assume Elastic Agent should be installed on Elastic instance. How can I install Elastic Agent if the Elastic deployment is not self-hosted? Or is there something what I missunderstand?
No The Elastic Agent should be on a VM / Ec2 instance in your environment that can access that S3 Bucket.
S3 Bucket -> Elastic Agent (in your VPC / EC2) -> Elastic Cloud
At some point in the future we may have a hosted agent
Thank you @stephenb
Can you tell me what else, except installing the Elastic Agent on EC2 instance, should be configured to successfuly receive logs from self-managed S3 bucket?
I am interested in S3 pooling method. I installed the integration:
Anything should be configured on EC2 after installing the agent? I am not receiving any data. Outboud network communication is allowed.
Thank you!
Issue resolved. I reconfigured the integration and logs are successfully shipped. No additional configuration on EC2 was needed.
Thank you.
But I have one more question. I have a gap in logs between 30.03 and 04.04:
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
