June 2022 – Justin Lim

Updated deploy-elastic script – version 9

Posted on June 23, 2022 by jlim0930

Last update to version 8 is listed here The original post for the deploy-elastic.sh script is here Changes: Starting 7.12.x added node.roles. es01 & es02 is tagged as data_content & data_hot and es03 is tagged as data_frozen. This will allow users to play with the frozen tier, configure searchable snapshots, partically mounted indices, restored indices, and more. (make sure to run the script with snapshot option so that minio is stood up) LDAP mode was added. To test various role_mappings and for basic ldap authentication configurations and settings LDAP mode was added and it will work with any versions of… Continue Reading →

Elastic Fleet Server & elastic-agent common troubleshooting

Posted on June 16, 2022 by jlim0930

Common troubleshooting items for any fleet & elastic-agent issues can be found on https://www.elastic.co/guide/en/fleet/current/fleet-troubleshooting.html however there are a few items that I would like to add. Whitespaces When you start the elastic-agent on an endpoint and even if you have everything configured for your elastic-agent, the right policy, integrations, etc however no data is going into elasticsearch. The most common issue is that there is something wrong with your fleet settings. This can be edited from kibana -> fleet -> settings. Either your ES endpoint / Fleet server endpoint / Advanced YAML settings are wrong or there might even be… Continue Reading →