[Fleet] Support logstash as an output type in API and Kibana config #125990

nchaulet · 2022-02-17T19:18:24Z

Summary

Resolve #125792

Add support for logasth type in Fleet ouput API and preconfiguration.

The logstash output require the host to not contains the schema, and allow to configure SSL options.

That PR add a new ssl key to the output saved object that is not indexed

Test

The API changes are covered by API integration tests

How to test

You can create a logstash output by adding the following in your Kibana config

xpack.fleet.outputs:
  - id: test123
    name: Test logstash
    hosts: [test.fr:443]
    type: "logstash"
    is_default: true
    is_default_monitoring: true
    ssl: 
      certificate_authorities: ['REPLACE_CACERT1']
      certificate: 'REPLACE_CERT'
      key: 'REPLACE_KEY'

You should see the output correctly created in Kibana and used in the agent policy (it's not editable for now the UI will come in a following PR)

@lykkin This should allow us to start E2E testing with the Agent.

elasticmachine · 2022-02-21T14:06:20Z

Pinging @elastic/fleet (Team:Fleet)

nchaulet · 2022-02-21T14:10:08Z

@elasticmachine merge upstream

nchaulet · 2022-02-21T20:03:22Z

@elasticmachine merge upstream

x-pack/plugins/fleet/common/openapi/components/schemas/output.yaml

x-pack/plugins/fleet/common/types/rest_spec/output.ts

x-pack/test/fleet_api_integration/apis/outputs/crud.ts

x-pack/plugins/fleet/server/types/models/output.ts

juliaElastic

tested functionality, looks good on UI

nchaulet · 2022-02-24T18:29:52Z

@elasticmachine merge upstream

kpollich

LGTM 🚀

nchaulet · 2022-02-28T13:58:46Z

@elasticmachine merge upstream

kibana-ci · 2022-02-28T15:21:47Z

💚 Build Succeeded

Metrics [docs]

Public APIs missing comments

Total count of every public API that lacks a comment. Target amount is 0. Run node scripts/build_api_docs --plugin [yourplugin] --stats comments for more detailed information.

id	before	after	diff
`fleet`	1232	1233	+1

Page load bundle

Size of the bundles that are downloaded on every page load. Target size is below 100kb

id	before	after	diff
`fleet`	110.5KB	110.5KB	+20.0B

Saved Objects .kibana field count

Every field in each saved object type adds overhead to Elasticsearch. Kibana needs to keep the total field count below Elasticsearch's default limit of 1000 fields. Only specify field mappings for the fields you wish to search on or query. See https://www.elastic.co/guide/en/kibana/master/development-plugin-saved-objects.html#_mappings

id	before	after	diff
`ingest-outputs`	12	13	+1

Unknown metric groups

API count

id	before	after	diff
`fleet`	1349	1350	+1

History

💚 Build #26292 succeeded 914e968
💚 Build #25543 succeeded efab450
💚 Build #25389 succeeded d59b27a
💚 Build #25339 succeeded ce7d90e
💔 Build #25299 failed dd848b7
💚 Build #25124 succeeded ab55cb8e2159932fc154a8c6eb27c7d955f9dcb4

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

cc @nchaulet

nchaulet added Team:Fleet Team label for Observability Data Collection Fleet team v8.2.0 labels Feb 17, 2022

nchaulet self-assigned this Feb 17, 2022

nchaulet force-pushed the feature-logstash-output-api branch 2 times, most recently from 2715805 to ab55cb8 Compare February 17, 2022 21:08

[Fleet] Support logstash as an output type

c7db63b

nchaulet force-pushed the feature-logstash-output-api branch from ab55cb8 to c7db63b Compare February 21, 2022 14:03

nchaulet marked this pull request as ready for review February 21, 2022 14:06

nchaulet requested a review from a team as a code owner February 21, 2022 14:06

update openAPI bundled

e46dd21

nchaulet added backport:skip This commit does not require backporting release_note:skip Skip the PR/issue when compiling release notes labels Feb 21, 2022

kibanamachine and others added 3 commits February 21, 2022 09:10

Merge branch 'main' into feature-logstash-output-api

dd848b7

Fix tests

ce6c0e1

Fix rest spec

ce7d90e

Merge branch 'main' into feature-logstash-output-api

d59b27a