Stack monitoring should work out of the box when using the correct integrations. Make sure to look for the elastic-agent integrations only, not the beats integrations. Those won't work.
Also make sure that in the integration itself you set the stack-monitoring option enabled and proper authentication is set in the option.
When all that is done, also make sure that in the application itself (be it Kibana, Elastic or Logstash) the monitoring endpoint is configured and accessible.
monitoring.ui.enabled: true <!-- This is the default
These settings adjust how Stack Monitoring displays monitoring data. However, the defaults work best in most circumstances. For more information about configuring Kibana, see Setting Kibana server properties.
For debug try the elastic user/pw first see if that works...
then if it does go back and look at the user / roles...
So there are two roles mentioned in the doc that I can see:
remote_monitoring_collector (in "Collecting Elasticsearch monitoring data with Elastic Agent") which appears to be for collecting and sending the data.
monitoring_user (in "View monitoring data in Kibana") which is used by the Kibana integration to "collect data about Kibana". This is what your reply focused on, but the original request was about monitoring the cluster, not Kibana.
The monitoring_user role is also mentioned in "View monitoring data in Kibana", where a user with that role should be configured as monitoring.ui.elasticsearch.username, which defaults to elasticsearch.username, which is commented out by default but suggested as "kibana_system".
If you go into the UI and try to reset the password for kibana_system (so you can hardcode the password as elasticsearch.password in kibana.yml), it warns: "KIbana will lose connection to Elasticsearch". As Kibana is currently connecting just fine to elasticsearch to browse other data, it seems like this does not need to be reset or hardcoded in kibana.yml.
Hi @rastro I am not sure what you are referring to I think you are confusing several topics.
kibana_system is the user that Kibana uses to connect to Elasticsearch, it has nothing to do with the monitoring topic / capabilities... and yes if you change the password through the UI it will break the connection to Elasticsearch
I believe @DaddyYusk Is asking about monitoring Kibana as a component with the Elastic Stack Monitoring (as he seems to already have the cluster monitoring working), which is what my response is focused on. Perhaps I have misunderstood.
As the post subject says, I'm trying to set up Stack Monitoring using elastic-agent.
The data is going to the same cluster.
I should have been able to go to Stack Monitoring and been provided information on the "right way" to set this up (i.e. elastic-agent), but that page gave information on two "wrong ways" (metricbeat and manually).
and I believe I have followed all those steps to release an Elasticsearch integration to the nodes. I can see no indication that this integration is failing.
The last step (labeled "View monitoring data in Kibana", which sort of makes you think that Kibana would show you data now, but really should be "Configuring Kibana to view monitoring data") takes you here: View monitoring data in Kibana | Kibana Guide [8.11] | Elastic
and, from what I read, everything is supposed to default to a working value.
So, back to Stack Monitoring, where you still just get the message on how to set things up incorrectly.
The doc is seemingly written as a reference for the people who wrote the code, which really doesn't serve the rest of the universe very well. I can only imagine how elastic noob must feel!
I've followed all your last 2 posts @stephenb for both "elasticsearch" and "kibana" integration
At the moment, I'm still unable to have Stack Monitoring working.
My actual setup is :
- 3x dedicated ES Master nodes
- 1x Kibana node
- 1x Fleet server node
- ES Hot, Warm and Cold nodes
- No monitoring cluster! I try to have Stack Monitoring enabled on the same production cluster
But something differs for my setup :
As I have dedicated master nodes but no load-balancing proxy fronting, I'm not sure about the proper setup for the Scope.
Have you tried uninstalling and reinstalling the agent?
All that language is so that you do not request the monitoring data from a dedicated master node, which should not be burdened with these types of requests.
Your choices are
User node and add every non-dedicated master node.... (painful but technically best practice)
Use cluster and point it to one of your hot nodes (this may cause a small amount of load to that node, usually pretty small) because, in the end, every node is actually an endpoint to the entire elasticsearch cluster.