[UII] Support integration-level outputs #189125
Conversation
… behind enterprise license check
…he package (i.e. APM can only have ES output)
Include package policies in search for agent policies to be bumped when output is updated
🤖 GitHub commentsExpand to view the GitHub comments
Just comment with:
|
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
|
@kilfoyle for your radar |
botelastic
bot
added
the
Team:Fleet
|
Pinging @elastic/fleet (Team:Fleet) |
…bana into feat/output-per-integration
| /> | ||
| } | ||
| > | ||
| <EuiSelect |
There was a problem hiding this comment.
Should we use a super select like we do for the agent policy output selector? the default value looks more explicit to me
Currently
Agent policy output selector
There was a problem hiding this comment.
I can address this in a follow up PR
| page: 1, | ||
| perPage: SO_SEARCH_LIMIT, | ||
| }); | ||
|
|
||
| if (agentPolicies.error) { | ||
| throw agentPolicies.error; | ||
| } | ||
| const agentPolicyCount = agentPolicies.data?.items?.length ?? 0; | ||
|
|
||
| const packagePolicies = await sendGetPackagePolicies({ |
There was a problem hiding this comment.
Not necessarily related to that PR but I have more and more concerns about retrieving all package policies client side, this will be a blocker to support a larger number of policies, and I am not sure of the value of showing an exact count of policies for the user.
I am wondering if this could be simplified to two scenarios, the output is not used by any agent policy or the output is used by at least one agent policy.
There was a problem hiding this comment.
I agree with this, and I actually saw that on some of our other settings confirmation modals, we don't show the exact count like this. we just tell the user that this will agents enrolled into affected policies. I'll capture this in a follow up enhancement to remove these granular counts in modals
There was a problem hiding this comment.
Could some one explain what this block is referring to? is it referring to the counts in the Fleet table?
There was a problem hiding this comment.
@nimarezainia It is the count in the confirmation modal when user updates/deletes an output, like "this will update X policies used by X agents"
There was a problem hiding this comment.
@nimarezainia @nchaulet I opened #190432
| throw new PackagePolicyRequestError(canUseMultipleAgentPoliciesErrorMessage); | ||
| } | ||
|
|
||
| if (newPolicy.output_id && pkg) { |
There was a problem hiding this comment.
Should that validation happen at the package policy service level so it will also be validated for preconfigured package policies and in the future if other solution create package policy with output_id
Should we validate also for the update package policy method? (Maybe it's already done and I missed that)
There was a problem hiding this comment.
yes, this should happen at the service level. I was copying what was done for multiple policy IDs but I don't think that was a good pattern. I pushed changes to move both multiple policy and integration output validation to the service level. they are executed together in a preflight function that is added to create, update, bulk create, and bulk update methods
thanks for catching this pattern!
💚 Build Succeeded
Metrics [docs]Public APIs missing comments
Async chunks
Page load bundle
History
To update your PR or re-run it, just comment with: cc @jen-huang |
## Summary Resolves elastic#143905. This PR adds support for integration-level outputs. This means that different integrations within the same agent policy can now be configured to send data to different locations. This feature is gated behind `enterprise` level subscription. For each input, the agent policy will configure sending data to the following outputs in decreasing order of priority: 1. Output set specifically on the integration policy 2. Output set specifically on the integration's parent agent policy (including the case where an integration policy belongs to multiple agent policies) 3. Global default data output set via Fleet Settings Integration-level outputs will respect the same rules as agent policy-level outputs: - Certain integrations are disallowed from using certain output types, attempting to add them to each other via creation, updating, or "defaulting", will fail - `fleet-server`, `synthetics`, and `apm` can only use same-cluster Elasticsearch output - When an output is deleted, any integrations that were specifically using it will "clear" their output configuration and revert back to either `elastic#2` or `elastic#3` in the above list - When an output is edited, all agent policies across all spaces that use it will be bumped to a new revision, this includes: - Agent policies that have that output specifically set in their settings (existing behavior) - Agent policies that contain integrations which specifically has that output set (new behavior) - When a proxy is edited, the same new revision bump above will apply for any outputs using that proxy The final agent policy YAML that is generated will have: - `outputs` block that includes: - Data and monitoring outputs set at the agent policy level (existing behavior) - Any additional outputs set at the integration level, if they differ from the above - `outputs_permissions` block that includes permissions for each Elasticsearch output depending on which integrations and/or agent monitoring are assigned to it Integration policies table now includes `Output` column. If the output is defaulting to agent policy-level output, or global setting output, a tooltip is shown: <img width="1392" alt="image" src="https://github.com/user-attachments/assets/5534716b-49b5-402a-aa4a-4ba6533e0ca8"> Configuring an integration-level output is done under Advanced options in the policy editor. Setting to the blank value will "clear" the output configuration. The list of available outputs is filtered by what outputs are available for that integration (see above): <img width="799" alt="image" src="https://github.com/user-attachments/assets/617af6f4-e8f8-40b1-b476-848f8ac96e76"> An example of failure: ES output cannot be changed to Kafka while there is an integration <img width="1289" alt="image" src="https://github.com/user-attachments/assets/11847eb5-fd5d-4271-8464-983d7ab39218"> ## TODO - [x] Adjust side effects of editing/deleting output when policies use it across different spaces - [x] Add API integration tests - [x] Update OpenAPI spec - [x] Create doc issue ### Checklist Delete any items that are not applicable to this PR. - [x] Any text added follows [EUI's writing guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses sentence case text and includes [i18n support](https://github.com/elastic/kibana/blob/main/packages/kbn-i18n/README.md) - [ ] [Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html) was added for features that require explanation or tutorials - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
Summary
Resolves #143905. This PR adds support for integration-level outputs. This means that different integrations within the same agent policy can now be configured to send data to different locations. This feature is gated behind
enterpriselevel subscription.For each input, the agent policy will configure sending data to the following outputs in decreasing order of priority:
Integration-level outputs will respect the same rules as agent policy-level outputs:
fleet-server,synthetics, andapmcan only use same-cluster Elasticsearch output#2or#3in the above listThe final agent policy YAML that is generated will have:
outputsblock that includes:outputs_permissionsblock that includes permissions for each Elasticsearch output depending on which integrations and/or agent monitoring are assigned to itIntegration policies table now includes
Outputcolumn. If the output is defaulting to agent policy-level output, or global setting output, a tooltip is shown:Configuring an integration-level output is done under Advanced options in the policy editor. Setting to the blank value will "clear" the output configuration. The list of available outputs is filtered by what outputs are available for that integration (see above):
An example of failure: ES output cannot be changed to Kafka while there is an integration
TODO
Checklist
Delete any items that are not applicable to this PR.