Hi!
I am currently running a fleet of 5-6 agents, but my environment is not that huge, hence I need to apply various integrations to the agents.
The issue that I am having, is that I must use one Agent Policy per server (e.g linux-srv-01_agent-policy) in order to get the proper integrations on each unit.
So for example, I have this setup running:
Linux server 01 - Docker, Elastic, Apache
Linux server 02 - Nginx only
Windows 01 - Hyper-V, Veeam
Windows 02 - Active Directory
This means that if I want to integrate Nginx to a Linux server, I must create a specific policy for that server and then another one in order to integrate Docker on the other server.
This also means that I have to change every integrations default configuration if I decide to change something. For example if I decide that all Elastic Defend integrations should "do this instead", then I would need to apply that change to each and every agent policys Elastic Defend integration.
I just wanted to see if anyone has worked around this in some way?
I think one way of overcoming this is to have agent sub-policies or integration-policies which then can be applied on a specific agent.
This would need to be a devrequest to the developers, but before doing so, I would just like to hear your opinion on this, maybe I have missed out on something here that already solves my problem
Cheers!