The endpoint security for macOS keeps getting to the status 'DEGRADED'. I simply create a new policy, add endpoint security to the policy and enroll the fleet-agent with the provided command.
Full-Disk Access Permissions for elastic-agent and elastic-endpoint have been assigned.
Here are the relevant log files out of the fleet server.
23:14:02.329
elastic_agent
[elastic_agent][info] 2021-06-07T23:14:02+02:00 - message: Application: endpoint-security--7.13.1[d514a70b-1279-46e3-8d98-58cbc75d4abf]: State changed to CONFIG: - type: 'STATE' - sub_type: 'CONFIG'
23:14:22.395
elastic_agent
[elastic_agent][info] 2021-06-07T23:14:22+02:00 - message: Application: endpoint-security--7.13.1[d514a70b-1279-46e3-8d98-58cbc75d4abf]: State changed to CONFIG: Protecting with policy {00000000-0000-0000-0000-000000000000} - type: 'STATE' - sub_type: 'CONFIG'
23:14:26.225
elastic_agent
[elastic_agent][warn] Elastic Agent status changed to: 'degraded'
23:14:26.225
elastic_agent
[elastic_agent][info] 2021-06-07T23:14:26+02:00 - message: Application: endpoint-security--7.13.1[d514a70b-1279-46e3-8d98-58cbc75d4abf]: State changed to DEGRADED: Protecting with policy {8f4e6e72-d37f-4a1a-81b2-9bf3131217cb} - type: 'STATE' - sub_type: 'RUNNING'
The last line keeps repeating over and over.
sudo elastic-agent status
Status: DEGRADED
Message: (no message)
Applications:
* endpoint-security (DEGRADED)
Protecting with policy {8f4e6e72-d37f-4a1a-81b2-9bf3131217cb}
* filebeat (HEALTHY)
Running
* metricbeat (HEALTHY)
Running
Anybody an idea how to get elastic-agent's endpoint-security on macOS 11.3.1 to Healthy?
- System: macOS 11.3.1 (Chip Apple M1)
- elastic and elastic-agent: 7.13.1