diff --git a/docs/settings/fleet-settings.asciidoc b/docs/settings/fleet-settings.asciidoc index d3cad6b4dfdbc..a85c4b67063e6 100644 --- a/docs/settings/fleet-settings.asciidoc +++ b/docs/settings/fleet-settings.asciidoc @@ -13,7 +13,10 @@ In {ecloud}, {fleet} flags are already configured. You can configure `xpack.fleet` settings in your `kibana.yml`. By default, {fleet} is enabled. To use {fleet}, you also need to configure {kib} and {es} hosts. -See the {fleet-guide}/index.html[{fleet}] docs for more information. +Many {fleet} settings can also be configured directly through the {fleet} UI. +See {fleet-guide}/fleet-settings.html[Fleet UI settings] for details. + +See the {fleet-guide}/index.html[{fleet}] docs for more information about {fleet}. [[general-fleet-settings-kb]] ==== General {fleet} settings @@ -174,6 +177,8 @@ xpack.fleet.agentPolicies: `xpack.fleet.outputs`:: List of outputs that are configured when the {fleet} app starts. + +Certain types of outputs have additional required and optional settings. Refer to {fleet-guide}/fleet-settings.html#output-settings[Output settings] in the {fleet} and {agent} Guide for the full list of settings for each output type. ++ If configured in your `kibana.yml`, output settings are grayed out and unavailable in the {fleet} UI. To make these settings editable in the UI, do not configure them in the configuration file. @@ -188,13 +193,9 @@ NOTE: The `xpack.fleet.outputs` settings are intended for advanced configuration `name`::: Output name. `type`::: - Type of Output. Currently we support "elasticsearch", "logstash", "kafka". + Type of Output. Currently we support "elasticsearch", "logstash", "kafka", and "remote_elasticsearch". `hosts`::: Array that contains the list of host for that output. - `config`::: - Extra config for that output. - `proxy_id`::: - Unique ID of a proxy to access the output. ===== + .Optional properties of `xpack.fleet.outputs` @@ -204,7 +205,46 @@ NOTE: The `xpack.fleet.outputs` settings are intended for advanced configuration If `true`, the output specified in `xpack.fleet.outputs` will be the one used to send agent data unless there is another one configured specifically for the agent policy. `is_default_monitoring`::: If `true`, the output specified in `xpack.fleet.outputs` will be the one used to send agent monitoring data unless there is another one configured specifically for the agent policy. + `config`::: + Extra config for that output. + `proxy_id`::: + Unique ID of a proxy to access the output. + `ssl`::: + Set to enable authentication using the Secure Sockets Layer (SSL) protocol. ++ +.Properties of `ssl` +[%collapsible%open] +======= + `certificate`:::: + The SSL certificate that {agents} use to authenticate with the output. Include the full contents of the certificate here. +======= + + `secrets`::: + Include here any values for preconfigured outputs that should be stored as secrets. A secret value is replaced in the `kibana.yml` settings file with a reference, with the original value stored externally as a secure hash. Note that this type of secret storage requires all configured {fleet-server}s to be on version 8.12.0 or later. ++ +.Properties of `secrets` +[%collapsible%open] +======= + `key`::::: + The private certificate key that {agents} use to authenticate with the output. +======= ===== ++ +Example `xpack.fleet.outputs` configuration: ++ +[source,yaml] +---- +xpack.fleet.outputs: + - id: my-logstash-output-with-a-secret + name: preconfigured logstash output with a secret + type: logstash + hosts: ["localhost:9999"] + ssl: + certificate: xxxxxxxxxx + secrets: + ssl: + key: securekey +---- `xpack.fleet.fleetServerHosts`:: List of {fleet-server} hosts that are configured when the {fleet} app starts.