You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.
11
+
::::
10
12
11
-
% Scope notes: Pull out the Agentless integrations FAQ section into its own troubleshooting topic, and leave the introductory section in its current place
12
13
13
-
% Use migrated content from existing pages that map to this page:
14
+
Agentless integrations provide a means to ingest data while avoiding the orchestration, management, and maintenance needs associated with standard ingest infrastructure. Using agentless integrations makes manual agent deployment unnecessary, allowing you to focus on your data instead of the agent that collects it.
We currently support one agentless integration: cloud security posture management (CSPM). Using this integration’s agentless deployment option, you can enable Elastic’s CSPM capabilities just by providing the necessary credentials. Agentless CSPM deployments support AWS, Azure, and GCP accounts.
17
+
18
+
To learn more about agentless CSPM deployments, refer to the getting started guides for CSPM on [AWS](../cloud/get-started-with-cspm-for-aws.md), [Azure](../cloud/get-started-with-cspm-for-azure.md), or [GCP](../cloud/get-started-with-cspm-for-gcp.md)
Frequently asked questions and troubleshooting steps for {{elastic-sec}}'s agentless CSPM integration.
10
10
11
-
% Scope notes: Pull out the Agentless integrations FAQ section into its own troubleshooting topic, and leave the introductory section in its current place
12
11
13
-
% Use migrated content from existing pages that map to this page:
12
+
## When I make a new integration, when will I see the agent appear on the Integration Policies page? [_when_i_make_a_new_integration_when_will_i_see_the_agent_appear_on_the_integration_policies_page]
After you create a new agentless integration, the new integration policy may show a button that says **Add agent** instead of the associated agent for several minutes during agent enrollment. No action is needed other than refreshing the page once enrollment is complete.
15
+
16
+
17
+
## How do I troubleshoot an `Offline` agent? [_how_do_i_troubleshoot_an_offline_agent]
18
+
19
+
For agentless integrations to successfully connect to {{elastic-sec}}, the {{fleet}} server host value must be the default. Otherwise, the agent status on the {{fleet}} page will be `Offline`, and logs will include the error `[elastic_agent][error] Cannot checkin in with fleet-server, retrying`.
20
+
21
+
To troubleshoot this issue:
22
+
23
+
1. Find **{{fleet}}** in the navigation menu or use the [global search field](../../get-started/the-stack.md#kibana-navigation-search). Go to the **Settings** tab.
24
+
2. Under **{{fleet}} server hosts**, click the **Actions** button for the policy named `Default`. This opens the Edit {{fleet}} Server flyout. The policy named `Default` should have the **Make this {{fleet}} server the default one** setting enabled. If not, enable it, then delete your integration and create it again.
25
+
26
+
::::{note}
27
+
If the **Make this {{fleet}} server the default one** setting was already enabled but problems persist, it’s possible someone changed the default {{fleet}} server’s **URL** value. In this case, contact Elastic Support to find out what the original **URL** value was, update the settings to match this value, then delete your integration and create it again.
28
+
::::
29
+
30
+
31
+
32
+
## How do I troubleshoot an `Unhealthy` agent? [_how_do_i_troubleshoot_an_unhealthy_agent]
33
+
34
+
On the **{{fleet}}** page, the agent associated with an agentless integration has a name that begins with `agentless`. To troubleshoot an `Unhealthy` agent:
35
+
36
+
* Confirm that you entered the correct credentials for the cloud provider you’re monitoring. The following is an example of an error log resulting from using incorrect AWS credentials:
37
+
38
+
```
39
+
[elastic_agent.cloudbeat][error] Failed to update registry: failed to get AWS accounts: operation error Organizations: ListAccounts, get identity: get credentials: failed to refresh cached credentials, operation error STS: AssumeRole, https response error StatusCode: 403, RequestID: XXX, api error AccessDenied: User: XXX is not authorized to perform: sts:AssumeRole on resource:XXX
40
+
```
41
+
42
+
43
+
For instructions on checking {{fleet}} logs, refer to [{{fleet}} troubleshooting](../ingest/fleet/common-problems.md).
44
+
45
+
46
+
## How do I delete an agentless integration? [_how_do_i_delete_an_agentless_integration]
47
+
48
+
::::{note}
49
+
Deleting your integration will remove all associated resources and stop data ingestion.
50
+
::::
51
+
52
+
53
+
When you create a new agentless CSPM integration, a new agent policy appears within the **Agent policies** tab on the **{{fleet}}** page, but you can’t use the **Delete integration** button on this page. Instead, you must delete the integration from the CSPM Integration’s **Integration policies** tab.
54
+
55
+
1. Find **Integrations** in the navigation menu or use the [global search field](../../get-started/the-stack.md#kibana-navigation-search), then search for and select `CSPM`.
56
+
2. Go to the CSPM Integration’s **Integration policies** tab.
57
+
3. Find the integration policy for the integration you want to delete. Click **Actions**, then **Delete integration**.
58
+
4. Confirm by clicking **Delete integration** again.
0 commit comments