Elastic Agent - problems following the documentation, stumbled upon dead links and more

BTW we found that if you use http in the above setting it results in that EOF error you can look at this pretty detailed thread about debugging this here and another detailed thread here

you will also need to add the flag to the install command.
--insecure to the install command if you do not use the fingerprint.

So even though SSL is not important to you at this time SSL is a requirement for Fleet / Agent etc it will not work over http, SSL is required.

I do see some reference to not needed TLS Transport for Quick Start but I am not familiar with that.... checking on that

In the end in 8.x Elastic has changed and it is "Secure By Default" and that is required for Fleet and Agent.

If you really just want to try all this is the least amount of you could just set up and Elastic Cloud Trial and all this would be done.. then you would just install the agents you want to collect the telemetry

@SirMuffington

ACTUALLY I stand Corrected!!! :slight_smile:
(I am always making sure everything is secure)

If you only have HTTP then you can connect not recommended but you can..

Look on this page Elastic Agent command reference | Fleet and Elastic Agent Guide [8.5] | Elastic

look at the insecure settings... I have never used them but perhaps that will work for you

--fleet-server-es-insecure

Allows fleet server to connect to Elasticsearch in the following situations:

  • When connecting to an HTTP server.
  • When connecting to an HTTPs server and the certificate chain cannot be verified. The content is encrypted, but the certificate is not verified.

When this flag is used the certificate verification is disabled.

--fleet-server-host <string>
Fleet Server HTTP binding host (overrides the policy).
--fleet-server-insecure-http
Expose Fleet Server over HTTP. This option is not recommended because it’s insecure. It’s useful during development and testing, but should not be used in production. When using this option, you should bind Fleet Server to the local host (this is the default).

I have used this with other agents on the remote hosts when needed.

--insecure

Allow the Elastic Agent to connect to Fleet Server over insecure connections. This setting is required in the following situations:

  • When connecting to an HTTP server. The API keys are sent in clear text.
  • When connecting to an HTTPs server and the certificate chain cannot be verified. The content is encrypted, but the certificate is not verified.
  • When using self-signed certificates generated by Elastic Agent.

We strongly recommend that you use a secure connection.

so give them a try... I won't be able to help much there... but perhaps that will get you over the hump.