Installation

in Kibana

=

auf der Purple Konsole

Installation des ersten Agent - Den Purple Server selbst

┌──(root㉿purple)-[~]
└─# curl -L -O https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-8.13.2-linux-x86_64.tar.gz
tar xzvf elastic-agent-8.13.2-linux-x86_64.tar.gz
cd elastic-agent-8.13.2-linux-x86_64
sudo ./elastic-agent install \
  --fleet-server-es=https://10.0.11.101:9200 \
  --fleet-server-service-token=AAEAAWVsYXN0aWMvZmxlZXQtc2VydmVyL3Rva2VuLTE3MTI5MDkzMzYxNDA6dnlELWFyLXlUM21lb205Uk5IUjZoUQ \
  --fleet-server-policy=fleet-server-policy \
  --fleet-server-es-ca-trusted-fingerprint=8aa7113fbaa4284b87cfadb30ab953e4d7ebb23bdce44e55d6d8be3d767f3c15 \
  --fleet-server-port=8220
...
...
...
elastic-agent-8.13.2-linux-x86_64/manifest.yaml
elastic-agent-8.13.2-linux-x86_64/.build_hash.txt
elastic-agent-8.13.2-linux-x86_64/.elastic-agent.active.commit
elastic-agent-8.13.2-linux-x86_64/elastic-agent
Elastic Agent will be installed at /opt/Elastic/Agent and will run as a service. Do you want to continue? [Y/n]:
...
...
...
[=   ] Waiting For Enroll...  [1m50s] {"log.level":"info","@timestamp":"2024-04-12T10:27:26.230+0200","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":482},"message":"Restarting agent daemon, attempt 0","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2024-04-12T10:27:26.232+0200","log.origin":{"file.name":"cmd/enroll_cmd.go","file.line":300},"message":"Successfully triggered restart on running Elastic Agent.","ecs.version":"1.6.0"}
Successfully enrolled the Elastic Agent.
[=   ] Done  [1m50s]                               
Elastic Agent has been successfully installed

Do not “Continue enrolling” at this stage. Just go back to the fleet server policy and add the integration “Elastic-Agent”.