You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: deploy-manage/deploy/cloud-enterprise/manage-elastic-stack-versions.md
+6-60Lines changed: 6 additions & 60 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -19,19 +19,18 @@ products:
19
19
20
20
New or updated versions of the {{stack}} must be prepared to work with {{ece}} and are provided as packs that you can download.
21
21
22
-
::::{important}
23
-
{{es}} 7.8 and later comes with Index Lifecycle Management (ILM) always enabled. Before upgrading to 7.8 or later, to avoid any unpredictable behavior it is important to configure hot-warm clusters on {{ece}} with ILM rather than index curation. Check [migrate to index lifecycle management](/manage-data/lifecycle/index-lifecycle-management/migrate-index-management.md) for existing clusters, and [configure index management](/manage-data/lifecycle/index-lifecycle-management.md) for new clusters.
24
-
::::
25
-
26
-
27
22
28
23
## Most recent {{stack}} packs [ece_most_recent_elastic_stack_packs]
29
24
30
-
:::{important}
25
+
:::{admonition} {{ece}} 4 removed support for {{stack}} 7.x versions
26
+
{{ece}} 4 no longer supports {{stack}} versions prior to 8.0.0. Upgrade all deployments to 8.0.0 or later before upgrading to {{ece}} 4.x. Refer to the [Product compatibility support matrix -> Compatibility with {{ece}}](https://www.elastic.co/support/matrix#matrix_compatibility) for details.
27
+
:::
28
+
29
+
:::{note}
31
30
Enterprise Search is not available in versions 9.0+.
32
31
:::
33
32
34
-
The following are the most recently released {{stack}} packs for version 9.x, 8.x, 7.x, and 6.x, respectively:
33
+
The following are the most recently released {{stack}} packs for version 9.x, 8.x, and 7.x, respectively:
Copy file name to clipboardExpand all lines: deploy-manage/users-roles/cloud-organization/configure-saml-authentication.md
+3-1Lines changed: 3 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -96,7 +96,9 @@ You must have authority to modify your domain’s DNS records and be a member of
96
96
It might take some timeforthe DNS records to be updated and propagatedin the network. If verification isn’t successful, wait a while and try again.
97
97
::::
98
98
99
-
99
+
::::{note}
100
+
After the domain has been claimed by your organization, you can safely remove the TXT record from your DNS provider settings. You must remove this record if you want to claim the same domain in additional {{ecloud}} organizations.
101
+
::::
100
102
101
103
### Step 2: Register a SAML IdP [ec-saml-sso-register-idp]
You can manage and authenticate users with the built-in `file` realm. With the `file` realm, users are defined in local files on each node in the cluster.
18
18
19
-
The `file` realm is useful as a fallback or recovery realm. For example in cases where the cluster is unresponsive or the security index is unavailable, or when you forget the password for your administrative users. In this type of scenario, the `file` realm is a convenient workaround: you can define a new `admin` user in the `file` realm and use it to log in and reset the credentials of all other users.
20
-
21
-
You can configure only one file realm on {{es}} nodes.
22
-
23
-
Refer to [enabling a file realm user for recovery](https://www.youtube.com/watch?v=sueO7sz1buw) for a video walkthrough.
19
+
The `file` realm is useful as a fallback or recovery realm. For example, you might use this realm in cases where the cluster is unresponsive or the security index is unavailable, or when you forget the password for your administrative users. In this type of scenario, the `file` realm is a convenient workaround: you can define a new `admin` user in the `file` realm and use it to log in and reset the credentials of all other users. For a walkthrough of this process, refer to [](/troubleshoot/elasticsearch/file-based-recovery.md). Refer to [enabling a file realm user for recovery](https://www.youtube.com/watch?v=sueO7sz1buw) for a video walkthrough.
24
20
25
21
::::{important}
26
22
* In self-managed deployments, as the administrator of the cluster, it is your responsibility to ensure the same users are defined on every node in the cluster. The {{stack}} {{security-features}} do not deliver any mechanism to guarantee this.
@@ -29,33 +25,27 @@ Refer to [enabling a file realm user for recovery](https://www.youtube.com/watch
29
25
30
26
## Configure a file realm [file-realm-configuration]
31
27
32
-
You don’t need to explicitly configure a `file` realm. The `file` and `native` realms are added to the realm chain by default. Unless configured otherwise, the `file` realm is added first, followed by the `native` realm. You can define only one `file` realm per node.
28
+
You don’t need to explicitly configure a `file` realm. The `file` and `native` realms are added to the realm chain by default. Unless configured otherwise, the `file` realm is added first, followed by the `native` realm. You can define only one `file` realm on each node.
33
29
34
30
1. (Optional) Add a realm configuration to [`elasticsearch.yml`](/deploy-manage/stack-settings.md) under the `xpack.security.authc.realms.file` namespace. At a minimum, you must set the realm’s `order` attribute.
35
31
36
32
For example, the following snippet shows a `file` realm configuration that sets the `order` to zero so the realm is checked first:
37
33
38
34
```yaml
39
-
xpack:
40
-
security:
41
-
authc:
42
-
realms:
43
-
file:
44
-
file1:
45
-
order: 0
35
+
xpack.security.authc.realms.file.file1.order: 0
46
36
```
47
37
48
-
2. If you're using a self-managed {{es}} cluster, optionally change how often the `users` and `users_roles` files are checked.
38
+
2. (Optional) For self-managed deployments, you can change how often the `users` and `users_roles` files are checked.
49
39
50
40
By default, {{es}} checks these files for changes every 5 seconds. You can change this default behavior by changing the `resource.reload.interval.high` setting in the [`elasticsearch.yml`](/deploy-manage/stack-settings.md) file.
51
41
52
42
:::{{warning}}
53
43
Because `resource.reload.interval.high` is a common setting in {{es}}, changing its value may effect other schedules in the system.
54
44
:::
55
45
56
-
3. Restart {{es}}.
46
+
3. In self-managed deployments, if either of these settings is modified, perform a [rolling restart](/deploy-manage/maintenance/start-stop-services/full-cluster-restart-rolling-restart-procedures.md#restart-cluster-rolling) of the {{es}} nodes for your changes to take effect.
57
47
58
-
In {{eck}}, this change is propagated automatically.
48
+
In {{eck}}, changes are automatically propagated.
59
49
60
50
61
51
## Add users
@@ -120,13 +110,13 @@ In a self-managed cluster, you can edit the contents of `ES_PATH_CONF/users` and
120
110
:::{tab-item} {{eck}}
121
111
You can pass `users` and `user_roles` files to {{eck}} using a file realm secret:
Copy file name to clipboardExpand all lines: explore-analyze/alerts-cases/alerts/alerting-common-issues.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -60,7 +60,7 @@ Configuration options are available to specialize connections to TLS servers, in
60
60
Rules are taking a long time to run and are impacting the overall health of your deployment.
61
61
62
62
::::{important}
63
-
By default, only users with a `superuser` role can query the [preview]{{kib}} event log because it is a system index. To enable additional users to run this query, assign `read` privileges to the `.kibana-event-log*` index.
63
+
By default, only users with a `superuser` role can query the {{kib}} event log because it is a system index. To enable additional users to run this query, assign `read` privileges to the `.kibana-event-log*` index.
[preview] In addition, there is a command-line client that uses legacy rule APIs, which can be easier to use, but must be updated for the new APIs. CLI tools to list, create, edit, and delete alerts (rules) and actions (connectors) are available in [kbn-action](https://github.com/pmuellr/kbn-action), which you can install as follows:
65
+
{applies_to}`stack: preview` {applies_to}`serverless: preview` In addition, there is a command-line client that uses legacy rule APIs, which can be easier to use, but must be updated for the new APIs. CLI tools to list, create, edit, and delete alerts (rules) and actions (connectors) are available in [kbn-action](https://github.com/pmuellr/kbn-action), which you can install as follows:
Copy file name to clipboardExpand all lines: explore-analyze/alerts-cases/alerts/create-manage-rules.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -61,7 +61,7 @@ You can add one or more actions to your rule to generate notifications when its
61
61
62
62
Each action uses a connector, which provides connection information for a {{kib}} service or third party integration, depending on where you want to send the notifications.
63
63
64
-
[preview] Some connectors that perform actions within {{kib}}, such as the [Cases connector](kibana://reference/connectors-kibana/cases-action-type.md), require less configuration. For example, you do not need to set the action frequency or variables.
64
+
{applies_to}`stack: preview` {applies_to}`serverless: preview` Some connectors that perform actions within {{kib}}, such as the [Cases connector](kibana://reference/connectors-kibana/cases-action-type.md), require less configuration. For example, you do not need to set the action frequency or variables.
65
65
66
66
After you select a connector, set the action frequency. You can choose to create a summary of alerts on each check interval or on a custom interval. Alternatively, you an choose to run actions for each alert (at each check interval, only when the alert status changes, or at a custom interval).
67
67
@@ -129,7 +129,7 @@ When you snooze a rule, the rule checks continue to run on a schedule but alerts
129
129
130
130
When a rule is in a snoozed state, you can cancel or change the duration of this state.
131
131
132
-
[preview] To temporarily suppress notifications for rules, you can also create a [maintenance window](maintenance-windows.md).
132
+
{applies_to}`stack: preview` {applies_to}`serverless: preview` To temporarily suppress notifications for rules, you can also create a [maintenance window](maintenance-windows.md).
0 commit comments