Hello Elastic Community,
I'm currently transitioning from a Logstash-based pipeline to the Elastic Agent for managing our data collection and monitoring. However, I've run into an issue with capturing TLS metadata (such as the Common Name (CN), cipher suite, protocol version, and client IP) for the connections made by Elastic Agents to the Fleet Server or Elasticsearch. This was previously possible with Logstash, but I haven't found an equivalent method in the Elastic Agent.
In my previous setup with Logstash i was able to extract metadata TLS metadata from incoming connection using
ssl_peer_metadata => true
Is there currently a way to capture TLS metadata from the Elastic Agent input without using logstash?
Thank you in advance for your help!