How to manage configuration of elastic agents on remote machines?

elk1985 · June 20, 2024, 10:59am

Hi.
I have two problems to solve:
1.How to manage configuration of elastic agents / filebeat config files on remote machines ?
I want to have one centralized place so I can update remotely the Filebeat configuration. Is there a way to do so ?
2. Can I use elastic agent to collect logs and send it to logstash server for parsing and date filtering ? I was trying with that configuration but it is not sending data to logstash and elasticsearch. Any ideas ?
This is a elastic agent yml main file.

outputs:
  default:
    type: logstash
    hosts: ["10.253.24.100:5044"]
inputs:
 - type: filestream 
    id: unique-id-per-input 
    paths: 
    - C:\logs\*.log

leandrojmp · June 20, 2024, 12:29pm

For Elastic Agent the recommend deployed model is to use Fleet, with will allow you to manage the agentes from the Fleet UI, deploying the agents in standalone mode is considered an advanced use case.

For filebeat there is nothign to centrally manage, you would need to build some automation to do that.

This is the documentation about using Fleet to manage the agents.

Yes, you can send logs to Logstash, but you should do the parsing on Elasticsearch.

Elastic Agent relies on integrations, those integrations will use Ingest Pipelines to parse the data and the ingest pipelines are executed in Elasticsearch ingest nodes.

Topic		Replies	Views
Transport data to remote networks via fleet / Beats Beats elastic-agent	3	830	September 23, 2021
How do I use Elastic Agent to send log data to Logstash? Elastic Agent	8	3641	April 20, 2023
How to configure Elasticsearch outputs and credentials when using Elastic Agent? Elastic Observability	1	258	November 4, 2022
What is Elastic agent? Elastic Agent	7	597	November 24, 2022
Elastic agent and filebeat installation in windows PC Elastic Agent filebeat	2	289	November 27, 2022

How to manage configuration of elastic agents on remote machines?

Related topics