Hi there,
We have a lot of Offline Elastic Agents on hosts which have not checked in for over 6 months. Per documentation, the enrollment-timeout should take care of this by automatically unenroll them and set them as inactive. However, since these hosts have not connected over 6 months, will Fleet still unenroll them based on their last activity timer or does fleet require it to check in again and then expire?
See related documentation:
Thanks,
Ziyi
On which version are you?
This setting was deprecated on 8.7.0 and didn't work if the Fleet Server version was 8.7.0 or higher than that.
An optional timeout in seconds. If provided, and fleet server is below version 8.7.0, an agent will automatically unenroll after being gone for this period of time.
But it also came back in later versions, not exactly which one, but something between 8.15.2 and 8.17.3.
On 8.17.3 I have this:
Inactive agent unenrollment timeout
An optional timeout in seconds. If configured, inactive agents will be automatically unenrolled and their API keys will be invalidated after they've been inactive for this value in seconds. This can be useful for policies containing ephemeral agents, such as those in a Docker or Kubernetes environment.
Hi Leandro,
I am on 8.16.3 and its similar to your 8.17.3. So will setting:
I expect that this also work for agent already passed both timeouts in retro by using their last checkin timer, right?
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.