hello again
thank you so much stephen for pointing me in the right direction
and yup it was the space in the path and adding the flag --insecure after the token
here is the error message before modifications:
root@fleet:~/elastic-agent-8.14.1-linux-x86_64# sudo ./elastic-agent install --url=https://192.168.1.23:8220 \
--fleet-server-es=https://192.168.1.15:9200
--fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE3MjA4OTgyNzUxNzU6Q3ZMTEFkQlVRR0themNkMDNKSTQ0dw
--fleet-server-policy=fleet-server-policy
--certificate-authorities=/etc/elastic_certs/elasticsearch-ca.pem
--fleet-server-es-ca=/etc/elastic_certs/elasticsearch-ca.pem
--fleet-server-cert=/etc/elastic_certs/fleet-server01.crt
--fleet-server-cert-key=/etc/elastic_certs/fleet-server01.key
--fleet-server-port=8220
Elastic Agent will be installed at /opt/Elastic/Agent and will run as a service. Do you want to continue? [Y/n]:Y
[ ==] Service Started [21s] Elastic Agent successfully installed, starting enrollment.
[=== ] Waiting For Enroll... [23s] {"log.level":"info","@timestamp":"2024-07-13T19:21:59.972Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":480},"message":"Restarting agent daemon, attempt 0","ecs.version":"1.6.0"}
[ =] Waiting For Enroll... [25s] {"log.level":"info","@timestamp":"2024-07-13T19:22:01.980Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":857},"message":"Fleet Server - Starting: spawned pid '4944'","ecs.version":"1.6.0"}
[ =] Waiting For Enroll... [29s] {"log.level":"info","@timestamp":"2024-07-13T19:22:05.985Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":838},"message":"Fleet Server - Running on policy with Fleet Server integration: fleet-server-policy; missing config fleet.agent.id (expected during bootstrap process)","ecs.version":"1.6.0"}
[====] Waiting For Enroll... [30s] {"log.level":"info","@timestamp":"2024-07-13T19:22:06.281Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":517},"message":"Starting enrollment to URL: https://192.168.1.23:8220/","ecs.version":"1.6.0"}
[== ] Waiting For Enroll... [30s] {"log.level":"info","@timestamp":"2024-07-13T19:22:06.530Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":523},"message":"1st enrollment attempt failed, retrying enrolling to URL: https://192.168.1.23:8220/ with exponential backoff (init 1s, max 10s)","ecs.version":"1.6.0"}
Error: fail to enroll: fail to execute request to fleet-server: x509: cannot validate certificate for 192.168.1.23 because it doesn't contain any IP SANs
For help, please see our troubleshooting guide at Troubleshoot common problems | Fleet and Elastic Agent Guide [8.14] | Elastic
[== ] Uninstalled [31s] Error uninstalling. Printing logs
2024-07-13T19:22:06.955Z DEBUG [install] Loaded configuration from /root/elastic-agent-8.14.1-linux-x86_64/elastic-agent.yml
2024-07-13T19:22:06.955Z DEBUG [install] Merged configuration from /root/elastic-agent-8.14.1-linux-x86_64/elastic-agent.yml into result
2024-07-13T19:22:06.955Z DEBUG [install] Merged all configuration files from [/root/elastic-agent-8.14.1-linux-x86_64/elastic-agent.yml], no external input files
2024-07-13T19:22:06.956Z DEBUG [install.composable] Starting controller for composable inputs
2024-07-13T19:22:06.956Z DEBUG [install.composable] Started controller for composable inputs
2024-07-13T19:22:06.956Z DEBUG [install.composable.providers.kubernetes] Kubernetes provider for resource pod skipped, unable to connect: unable to build kube config due to error: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
2024-07-13T19:22:06.956Z DEBUG [install.composable.providers.kubernetes] Kubernetes provider for resource node skipped, unable to connect: unable to build kube config due to error: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
2024-07-13T19:22:06.956Z DEBUG [install.composable] Variable state changed for composable inputs; debounce started
2024-07-13T19:22:06.956Z DEBUG [install.composable] kubernetes_secrets provider skipped, unable to connect: unable to build kube config due to error: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
2024-07-13T19:22:06.956Z DEBUG [install.composable] Kubernetes leaderelection provider skipped, unable to connect: unable to build kube config due to error: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable
2024-07-13T19:22:06.956Z INFO [install.composable.providers.docker] Docker provider skipped, unable to connect: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
2024-07-13T19:22:07.056Z DEBUG [install.composable] Computing new variable state for composable inputs
2024-07-13T19:22:07.056Z DEBUG [install.composable] Stopping controller for composable inputs
2024-07-13T19:22:07.158Z DEBUG [install.composable] Stopped controller for composable inputs
Error: enroll command failed for unknown reason: exit status 1
For help, please see our troubleshooting guide at Troubleshoot common problems | Fleet and Elastic Agent Guide [8.14] | Elastic
and this is after the solution:
root@fleet:~/elastic-agent-8.14.1-linux-x86_64# sudo ./elastic-agent install --url=https://192.168.1.23:8220 \
--fleet-server-es=https://192.168.1.15:9200
--fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE3MjA4OTk4NzU0NTg6RUdHcWJ3U0xUOFdBUlZiemRCQ3ZZQQ --insecure
--fleet-server-policy=fleet-server-policy
--certificate-authorities=/etc/elastic_certs/elasticsearch-ca.pem
--fleet-server-es-ca=/etc/elastic_certs/elasticsearch-ca.pem
--fleet-server-cert=/etc/elastic_certs/fleet-server01.crt
--fleet-server-cert-key=/etc/elastic_certs/fleet-server01.key
--fleet-server-port=8220
Elastic Agent will be installed at /opt/Elastic/Agent and will run as a service. Do you want to continue? [Y/n]:Y
[ =] Service Started [20s] Elastic Agent successfully installed, starting enrollment.
[=== ] Waiting For Enroll... [22s] {"log.level":"info","@timestamp":"2024-07-13T19:46:54.267Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":480},"message":"Restarting agent daemon, attempt 0","ecs.version":"1.6.0"}
[ =] Waiting For Enroll... [24s] {"log.level":"info","@timestamp":"2024-07-13T19:46:56.282Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":824},"message":"Waiting for Elastic Agent to start Fleet Server","ecs.version":"1.6.0"}
[ =] Waiting For Enroll... [28s] {"log.level":"info","@timestamp":"2024-07-13T19:47:00.289Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":838},"message":"Fleet Server - Running on policy with Fleet Server integration: fleet-server-policy; missing config fleet.agent.id (expected during bootstrap process)","ecs.version":"1.6.0"}
{"log.level":"warn","@timestamp":"2024-07-13T19:47:00.289Z","log.logger":"tls","log.origin":{"file.name":"tlscommon/tls_config.go","file.line":107},"message":"SSL/TLS verifications disabled.","ecs.version":"1.6.0"}
[ ==] Waiting For Enroll... [29s] {"log.level":"info","@timestamp":"2024-07-13T19:47:00.329Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":517},"message":"Starting enrollment to URL: https://192.168.1.23:8220/","ecs.version":"1.6.0"}
[====] Waiting For Enroll... [29s] {"log.level":"warn","@timestamp":"2024-07-13T19:47:00.566Z","log.logger":"tls","log.origin":{"file.name":"tlscommon/tls_config.go","file.line":107},"message":"SSL/TLS verifications disabled.","ecs.version":"1.6.0"}
[=== ] Waiting For Enroll... [30s] {"log.level":"info","@timestamp":"2024-07-13T19:47:01.523Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":480},"message":"Restarting agent daemon, attempt 0","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2024-07-13T19:47:01.525Z","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":298},"message":"Successfully triggered restart on running Elastic Agent.","ecs.version":"1.6.0"}
Successfully enrolled the Elastic Agent.
[== ] Done [30s]
Elastic Agent has been successfully installed.
one question is whether adding --insecure flag creates a possible vulnerability or not in a production environment ?
an other one is how can I solve the error on this picture please? :
I've red this article Secure saved objects | Kibana Guide [8.14] | Elastic but it seems like it is related to Securing Saved Objects in Kibana should I do something regarding this issue or just ignore it in a production environment please?