From 5e9a46c2712977719cd1618bdcad616ffb04c63b Mon Sep 17 00:00:00 2001
From: Kibana Machine <42973632+kibanamachine@users.noreply.github.com>
Date: Wed, 16 Nov 2022 16:43:37 -0500
Subject: [PATCH] [8.5] Updated tracks tutorial to support Agent  (#143414)
 (#145457)

# Backport

This will backport the following commits from `main` to `8.5`:
- [Updated tracks tutorial to support Agent
(#143414)](https://github.com/elastic/kibana/pull/143414)

<!--- Backport version: 8.9.7 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"James
Garside","email":"james@jgarside.co.uk"},"sourceCommit":{"committedDate":"2022-11-16T21:15:55Z","message":"Updated
tracks tutorial to support Agent (#143414)\n\n* Updated for Human
readable dataview names\r\n\r\n* Updated tutorial to support Elastic
Agent","sha":"b589297beef876dc84469c7fe328a3849e46d7cb","branchLabelMapping":{"^v8.7.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["[Deprecated-Use
Team:Presentation]Team:Geo","release_note:skip","docs","v8.3.0","v8.4.0","v8.5.0","v8.7.0"],"number":143414,"url":"https://github.com/elastic/kibana/pull/143414","mergeCommit":{"message":"Updated
tracks tutorial to support Agent (#143414)\n\n* Updated for Human
readable dataview names\r\n\r\n* Updated tutorial to support Elastic
Agent","sha":"b589297beef876dc84469c7fe328a3849e46d7cb"}},"sourceBranch":"main","suggestedTargetBranches":["8.3","8.4","8.5"],"targetPullRequestStates":[{"branch":"8.3","label":"v8.3.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.4","label":"v8.4.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.5","label":"v8.5.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.7.0","labelRegex":"^v8.7.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/143414","number":143414,"mergeCommit":{"message":"Updated
tracks tutorial to support Agent (#143414)\n\n* Updated for Human
readable dataview names\r\n\r\n* Updated tutorial to support Elastic
Agent","sha":"b589297beef876dc84469c7fe328a3849e46d7cb"}}]}] BACKPORT-->

Co-authored-by: James Garside <james@jgarside.co.uk>
---
 docs/maps/asset-tracking-tutorial.asciidoc | 58 ++++++++++------------
 1 file changed, 25 insertions(+), 33 deletions(-)

diff --git a/docs/maps/asset-tracking-tutorial.asciidoc b/docs/maps/asset-tracking-tutorial.asciidoc
index 4e6efff35b3a3..f33ce2ef7547e 100644
--- a/docs/maps/asset-tracking-tutorial.asciidoc
+++ b/docs/maps/asset-tracking-tutorial.asciidoc
@@ -8,7 +8,7 @@ In this tutorial, you’ll look at live urban transit data from the city of Port
 
 You’ll learn to:
 
-- Use {filebeat} to ingest the TriMet REST API into Elasticsearch.
+- Use {agent} to ingest the TriMet REST API into {es}.
 - Create a map with layers that visualize asset tracks and last-known locations.
 - Use symbols and colors to style data values and show which direction an asset is heading.
 - Set up tracking containment alerts to monitor moving vehicles.
@@ -23,11 +23,11 @@ image::maps/images/asset-tracking-tutorial/construction_zones.png[]
 
 - If you don’t already have {kib}, set it up with https://www.elastic.co/cloud/elasticsearch-service/signup?baymax=docs-body&elektra=docs[our free trial]. Download the deployment credentials.
 - Obtain an API key for https://developer.trimet.org/[TriMet web services] at https://developer.trimet.org/appid/registration/.
-- https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-installation-configuration.html[Install Filebeat].
+- {fleet-guide}/fleet-overview.html[Fleet] is enabled on your cluster, and one or more {fleet-guide}/elastic-agent-installation.html[{agent}s] is enrolled.
 
 [float]
 === Part 1: Ingest the Portland bus data
-To get to the fun of visualizing and alerting on Portland buses, you must first create a {filebeat} input to ingest the TriMet Portland bus data into {es}.
+To get to the fun of visualizing and alerting on Portland buses, you must first add the *Custom API* integration to an Elastic Agent policy to get the TriMet Portland bus data into {es}.
 
 [float]
 ==== Step 1: Set up an Elasticsearch index
@@ -270,47 +270,39 @@ PUT _ingest/pipeline/tri_met_tracks
 ----------------------------------
 
 [float]
-==== Step 2: Start {filebeat}
+==== Step 2: Configure {agent}
 
-. Replace the contents in your `filebeat.yml` file with the following:
-+
-[source,yaml]
-----------------------------------
-filebeat.inputs:
-# Fetch trimet bus data every minute.
-- type: httpjson
-  interval: 1m
-  request.url: "https://developer.trimet.org/ws/v2/vehicles?appID=<tri_met_app_id>"
-  response.split:
-    target: body.resultSet.vehicle
-  processors:
-    - decode_json_fields:
-        fields: ["message"]
-        target: "trimet"
+. From the {kib} main menu, click *Fleet*, then the *Agent policies* tab.
 
-  pipeline: "tri_met_tracks"
+. Click the name of the agent policy where you want to add the *Custom API* integration. The configuration changes you make only apply to the policy you select.
 
+. Click the name of the *Custom API* integration, or add the integration if the agent policy does not yet have it.
 
-# ---------------------------- Elastic Cloud Output ----------------------------
-cloud.id: <cloud_id>
-cloud.auth: <username:password>
+. From the *Edit Custom API integration* page, expand the *Change defaults* section.
 
-----------------------------------
+. Set the *Dataset name* to *httpjson.trimet*.
+
+. Set the *Ingest Pipeline* to *tri_met_pipeline*.
 
-. Replace `<tri_met_app_id>` with your TriMet application id.
-. Replace `<username:password>` with your Elastic Cloud deployment credentials.
-. Replace `<cloud_id>` with your {ece}/ece-cloud-id.html[elastic cloud id].
-. Open a terminal window, and then navigate to the {filebeat} folder.
-. In your `filebeat` folder, run {filebeat} with the edited config:
+. Set the *Request URL* to *https://developer.trimet.org/ws/v2/vehicles?appID=<tri_met_app_id>*.
+
+. Set *Response Split* to *target: body.resultSet.vehicle*.
+
+. At the bottom of the configuration, expand *Advanced options*.
+
+. Set *Processors* to:
 +
-[source,bash]
+[source,yaml]
 ----------------------------------
-/bin/filebeat -c filebeat.yml
+- decode_json_fields:
+    fields: ["message"]
+    target: "trimet"
 ----------------------------------
 
-. Wait for {filebeat} to start shipping data to Elastic Cloud. {filebeat} should not produce any output to stdout. 
+. Leave everything else as defaults.
+
+. Click *Save integration* to deploy the configuration to any {agent} with the policy assigned.
 
-. Leave the terminal window open and {filebeat} running throughout this tutorial.
 
 [float]
 ==== Step 3: Create a data view for the tri_met_tracks {es} index