Since it looks like your are doing this all on one host / laptop just add another integration to the fleet policy... Not adding a whole another agent.
Just 1 agent per host with Multiple integrations
Fleet happens to be 1 integration... A special one but it technically just an integration...
So try to just add another integration from the Fleet - Agent - Fleet Policy... add another integration to that policy, you can rename the policy if you like.
In a normal use case you would be installing Fleet on one host and the installing/ using the agent to ship telemetry from other hosts.. but you are doing an all in one....
So the next thing i need to do if i understand clearly is to create either a fleet server that play the role of an agent with this policies included or a standalone agent with these polices included as well.
Which one do you think it's the best for my use case (benefit from the MISP and Threat utilities dashboard) ?
----------- Post Update ------------
So once i've connect the fleet server to Kibana it's the only thing that i need to do ?
The MISP and Threat intelligence Utilities integration policies are attach the fleet-server-policy.
When i look at log of elastic agent (which have the fleet server policy) i see these error logs:
{"log.level":"error","@timestamp":"2023-03-18T17:20:51.271+0100","message":"Failed to connect to backoff(elasticsearch(http://elasticsearch:9200)): Get \"http://elasticsearch:9200\": lookup elasticsearch: Temporary failure in name resolution","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"beat/metrics-monitoring","type":"beat/metrics"}
{"log.level":"error","@timestamp":"2023-03-18T17:20:51.272+0100","message":"Error dialing lookup elasticsearch: Temporary failure in name resolution"
It seems that the elastic Agent can't communicate with Elasticsearch.
Do you know if there is any config file where we can change the elasticsearch host from http://elasticsearch:9200 to http://localhost:9200 ?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.