From a9eb310d9d2a8f63c8f4f1a4b31efce824fd3cec Mon Sep 17 00:00:00 2001 From: Blake Rouse Date: Wed, 9 Sep 2020 11:26:27 -0400 Subject: [PATCH 1/2] Add fleet.host.id for sending to endpoint. --- .../pkg/agent/application/fleet_decorator.go | 10 ++++++++-- .../pkg/agent/application/managed_mode.go | 11 ++++++++++- .../testdata/endpoint_basic-endpoint-security.yml | 2 ++ .../pkg/agent/program/testdata/endpoint_basic.yml | 2 ++ 4 files changed, 22 insertions(+), 3 deletions(-) diff --git a/x-pack/elastic-agent/pkg/agent/application/fleet_decorator.go b/x-pack/elastic-agent/pkg/agent/application/fleet_decorator.go index ebb676cb2cd..6402b89e742 100644 --- a/x-pack/elastic-agent/pkg/agent/application/fleet_decorator.go +++ b/x-pack/elastic-agent/pkg/agent/application/fleet_decorator.go @@ -7,12 +7,14 @@ package application import ( "fmt" + "github.com/elastic/go-sysinfo/types" + "github.com/elastic/beats/v7/x-pack/elastic-agent/pkg/agent/transpiler" "github.com/elastic/beats/v7/x-pack/elastic-agent/pkg/config" "github.com/elastic/beats/v7/x-pack/elastic-agent/pkg/core/logger" ) -func injectFleet(cfg *config.Config) func(*logger.Logger, *transpiler.AST) error { +func injectFleet(cfg *config.Config, hostInfo types.HostInfo) func(*logger.Logger, *transpiler.AST) error { return func(logger *logger.Logger, rootAst *transpiler.AST) error { config, err := cfg.ToMapStr() if err != nil { @@ -37,7 +39,11 @@ func injectFleet(cfg *config.Config) func(*logger.Logger, *transpiler.AST) error return fmt.Errorf("failed to get agent key from fleet config") } - fleet := transpiler.NewDict([]transpiler.Node{agent, token, kbn}) + host := transpiler.NewKey("host", transpiler.NewDict([]transpiler.Node{ + transpiler.NewKey("id", transpiler.NewStrVal(hostInfo.UniqueID)), + })) + + fleet := transpiler.NewDict([]transpiler.Node{agent, token, kbn, host}) err = transpiler.Insert(rootAst, fleet, "fleet") if err != nil { return err diff --git a/x-pack/elastic-agent/pkg/agent/application/managed_mode.go b/x-pack/elastic-agent/pkg/agent/application/managed_mode.go index 325d41e4726..cbe9804d354 100644 --- a/x-pack/elastic-agent/pkg/agent/application/managed_mode.go +++ b/x-pack/elastic-agent/pkg/agent/application/managed_mode.go @@ -11,6 +11,8 @@ import ( "net/http" "net/url" + "github.com/elastic/go-sysinfo" + "github.com/elastic/beats/v7/x-pack/elastic-agent/pkg/agent/application/filters" "github.com/elastic/beats/v7/x-pack/elastic-agent/pkg/agent/application/info" "github.com/elastic/beats/v7/x-pack/elastic-agent/pkg/agent/configuration" @@ -113,6 +115,13 @@ func newManaged( errors.M(errors.MetaKeyURI, cfg.Fleet.Kibana.Host)) } + sysInfo, err := sysinfo.Host() + if err != nil { + return nil, errors.New(err, + "fail to get system information", + errors.TypeUnexpected) + } + managedApplication := &Managed{ log: log, agentInfo: agentInfo, @@ -160,7 +169,7 @@ func newManaged( router, &configModifiers{ Decorators: []decoratorFunc{injectMonitoring}, - Filters: []filterFunc{filters.StreamChecker, injectFleet(config)}, + Filters: []filterFunc{filters.StreamChecker, injectFleet(config, sysInfo.Info())}, }, monitor, ) diff --git a/x-pack/elastic-agent/pkg/agent/program/testdata/endpoint_basic-endpoint-security.yml b/x-pack/elastic-agent/pkg/agent/program/testdata/endpoint_basic-endpoint-security.yml index f0505a5f323..b77a83633ae 100644 --- a/x-pack/elastic-agent/pkg/agent/program/testdata/endpoint_basic-endpoint-security.yml +++ b/x-pack/elastic-agent/pkg/agent/program/testdata/endpoint_basic-endpoint-security.yml @@ -2,6 +2,8 @@ revision: 5 fleet: agent: id: fleet-agent-id + host: + id: host-agent-id api: access_api_key: VuaCfGcBCdbkQm-e5aOx:ui2lp2axTNmsyakw9tvNnw kibana: diff --git a/x-pack/elastic-agent/pkg/agent/program/testdata/endpoint_basic.yml b/x-pack/elastic-agent/pkg/agent/program/testdata/endpoint_basic.yml index 832dc4704de..9eee9b3a01d 100644 --- a/x-pack/elastic-agent/pkg/agent/program/testdata/endpoint_basic.yml +++ b/x-pack/elastic-agent/pkg/agent/program/testdata/endpoint_basic.yml @@ -3,6 +3,8 @@ name: Endpoint Host fleet: agent: id: fleet-agent-id + host: + id: host-agent-id access_api_key: VuaCfGcBCdbkQm-e5aOx:ui2lp2axTNmsyakw9tvNnw kibana: protocol: https From 519da33d652369e15cb97c920785c2d5da584065 Mon Sep 17 00:00:00 2001 From: Blake Rouse Date: Wed, 9 Sep 2020 11:29:42 -0400 Subject: [PATCH 2/2] Add changelog entry. --- x-pack/elastic-agent/CHANGELOG.next.asciidoc | 1 + 1 file changed, 1 insertion(+) diff --git a/x-pack/elastic-agent/CHANGELOG.next.asciidoc b/x-pack/elastic-agent/CHANGELOG.next.asciidoc index 938e1ea25ae..d50f72369cd 100644 --- a/x-pack/elastic-agent/CHANGELOG.next.asciidoc +++ b/x-pack/elastic-agent/CHANGELOG.next.asciidoc @@ -19,3 +19,4 @@ - Users of the Docker image can now pass `FLEET_ENROLL_INSECURE=1` to include the `--insecure` flag with the `elastic-agent enroll` command {issue}20312[20312] {pull}20713[20713] - Add support for dynamic inputs with providers and `{{variable|"default"}}` substitution. {pull}20839[20839] - Add support for EQL based condition on inputs {pull}20994[20994] +- Send `fleet.host.id` to Endpoint Security {pull}21042[21042]