Elastic Agent Enrollment behind Proxy Server

I am trying to add Elastic Agents to windows hosts. These hosts need to communicate through a proxy (using squid currently).

I've tried adding the registry keys before running the install command, as well as using environment variables.

With proxy being set as

set HTTP_PROXY="http://proxy.domain.com:3128"
set HTTPS_PROXY="https://proxy.domain.com:3128"

I am getting the following error:

{"log.level":"info","@timestamp":"2022-03-28T14:15:16.562-0500","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":455},"message":"Starting enrollment to URL: https://redacted.fleet.us-east-2.aws.elastic-cloud.com:443/","ecs.version":"1.6.0"}
{"log.level":"warn","@timestamp":"2022-03-28T14:15:16.673-0500","log.logger":"transport","log.origin":{"file.name":"transport/tcp.go","file.line":52},"message":"DNS lookup failure \"\"https\": lookup \"https: no such host","ecs.version":"1.6.0"}
{"log.level":"warn","@timestamp":"2022-03-28T14:15:16.673-0500","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":466},"message":"Remote server is not ready to accept connections, will retry in a moment.","ecs.version":"1.6.0"}

With the proxy being set as:

set HTTP_PROXY="proxy.domain.com:3128"
set HTTPS_PROXY="proxy.domain.com:3128"

I am getting the following error:

{"log.level":"info","@timestamp":"2022-03-28T14:24:52.538-0500","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":455},"message":"Starting 
enrollment to URL: https://redacted.fleet.us-east-2.aws.elastic-cloud.com:443/","ecs.version":"1.6.0"}
    + CategoryInfo          : NotSpecified: ({"log.level":"i...rsion":"1.6.0"}:String) [], RemoteException
    + FullyQualifiedErrorId : NativeCommandError
    + PSComputerName        : CMP-NAME

I am not seeing any traffic hit the proxy server. It looks like the agent is not trying to communicate through the proxy. Any suggestions?

When enrolling, you can append the --proxy-url flag.

--proxy-url="http://proxy.domain.com:3128"
1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.