Click on ... menu for the Policy that has Endpoint Security integrated, and click on Add agent.
It provides directions to download and enroll an Elastic Agent for a specific platform.
Follow the step, and once successfully enrolled, you should see the host under Fleet -> Agents
Thats where im confused, ive done that, the result didnt change.
I feel like something is amiss in my fleet setup as everytime it leads me into setting up the fleet server again.
Ive even done stand alone mode without any change.
@rconroy , could you share the output from executing the enroll command on your machine. If you do not want to post in this forum, please feel free to PM me.
I PMd you for clarification.
Thank you for your replies.
I think perhaps this is where im a bit confused, when you add the fleet server integration, does this not add the fleet server to the existing elastic host? or does this need to be a seperate server altogether?
It doesn't need to be a separate server. After adding a Fleet Server Host address and Elasticsearch host address, you need to deploy an agent on the box where you want your Fleet server to run.
Please note that Fleet Server Host and Elasticsearch Host addresses must be accessible by other machines.
Also please make sure that you don't have existing instance of agent running on that box. If you do, you may need to uninstall it and reinstall.
This is a bit confusing, so i must install an agent to the ES server that's actually hosting the fleet server?
Its effectively an agent of itself?
Hi @rconroy, quoted below is from Fleet User Guide, which also include a nice diagram for your reference. In large scale deployment, Fleet server would be deployed on a dedicated host. But for a small deployment, you can deploy it on the same host.
Fleet Server runs as a subprocess inside an Elastic Agent. The agent uses a special policy that describes the Fleet Server configuration. In large scale self-managed deployments or on hosted Elasticsearch Service on Elastic Cloud, Fleet Server is typically run as a dedicated Elastic Agent communication host, but you can optionally use it for data collection on self-managed clusters. For more details, refer to Scale your Fleet Server deployment.
Yes i read thru that, but i think i understand where i got lost.
I think my misunderstanding is that i assumed that setting up the integration installed the fleet service, based on this that assumption appears in error?
That i must complete this separately prior to that actually being present?
That's correct. Installation of Fleet server itself must be done manually as it is a separate component.
OK, to be clear that wasnt the case in 7.9 was it? Or was that perhaps my confusion all along?
It wasn't the case with 7.9. Integration in a separate app is changes in 7.14
I ask as i had the same issue in 7.9 with blank modules... i assumed it was changed but it was odd that i had the same end result in both.
OK, so i did the required steps, took me a minute to figure the ssl settings, but the final message on the fleet agent install was ...
Successfully enrolled the Elastic Agent.
However, it just hung there and the last part on "Waiting for Fleet Server to Connect, never did anything.
There were no errors along the processes.
I had to run this using the --insecure flag as it didnt seem to like my actual certificate teling me
Error: fail to enroll: fail to execute request to fleet-server: x509: certificate signed by unknown authority
Even though it is a fully registered cert from godaddy.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
