From 7a6ab6c66b18296659a6d89db6da5b0de75fefe4 Mon Sep 17 00:00:00 2001 From: lcawl Date: Thu, 11 Sep 2025 10:08:58 -0700 Subject: [PATCH 1/3] Revamp the Elastic Stack page --- get-started/the-stack.md | 132 ++++++++++++++++++++++++--------------- 1 file changed, 81 insertions(+), 51 deletions(-) diff --git a/get-started/the-stack.md b/get-started/the-stack.md index 842dfc7402..ee8ae2a13b 100644 --- a/get-started/the-stack.md +++ b/get-started/the-stack.md @@ -7,95 +7,125 @@ mapped_pages: - https://www.elastic.co/guide/en/elastic-stack/current/overview.html products: - id: elastic-stack - - id: kibana +applies_to: + serverless: + stack: --- +# {{search-platform}} -# The {{stack}} +Elastic provides a fusion of search technology and artifical intelligence in the [{{search-platform}}](https://www.elastic.co/platform). +It is the foundation for Elastic's [solutions](/get-started/introduction.md) and for developers seeking to build next generation, generative AI powered applications and services. -This section provides an overview of the {{stack}} and its components. +The {{search-platform}} is a fast and highly scalable set of components — {{es}}, {{kib}}, {{beats}}, {{ls}}, and others — that together enable you to securely take data from any source, in any format, and then store, search, analyze, and visualize it. -$$$kibana-navigation-search$$$ + -## An overview of the {{stack}} [stack-components] +:::{tip} +The components that share the same versioning scheme are often referred to as the _{{stack}}_. Learn more in [](/get-started/versioning-availability.md). +::: -What is the {{stack}}? It’s a fast and highly scalable set of components — {{es}}, {{kib}}, {{beats}}, {{ls}}, and others — that together enable you to securely take data from any source, in any format, and then search, analyze, and visualize it. +You have many options for deploying the {{search-platform}}, which are summarized in [](/get-started/deployment-options.md). +All deployments include [{{es}}](#stack-components-elasticsearch). +Although [{{kib}}](#stack-components-kibana) is not required to use {{es}}, it is included by default when you use deployment methods such as {{serverless-full}}. -The products in the {{es}} are designed to be used together and releases are synchronized to simplify the installation and upgrade process. +Continue reading to learn how these components work together. -You have many options for deploying the {{stack}} to suit your needs. You can deploy it on your own hardware, in the cloud, or use a managed service on {{ecloud}}. +## Ingest [_ingest] -:::{tip} -To learn how to deploy {{es}}, {{kib}}, and supporting orchestration technologies, refer to [](/deploy-manage/index.md). To learn how to deploy additional ingest and consume components, refer to the documentation for the component. -::: +Elastic provides a number of components that ingest data. +Collect and ship logs, metrics, and other types of data with {{agent}} or {{beats}}. +Manage your {{agents}} with {{fleet}}. +Collect detailed performance information with Elastic APM. -![Components of the Elastic Stack](/get-started/images/stack-components-diagram.svg) +If you want to transform or enrich data before it's stored, you can use {{es}} ingest pipelines or {{ls}}. -### Ingest [_ingest] +Trying to decide which ingest component to use? Refer to [](/manage-data/ingest.md) to help you decide. -Elastic provides a number of components that ingest data. Collect and ship logs, metrics, and other types of data with {{agent}} or {{beats}}. Manage your {{agents}} with {{fleet}}. Collect detailed performance information with Elastic APM. +### {{fleet}} and {{agent}} [stack-components-agent] -If you want to transform or enrich data before it’s stored, you can use {{es}} ingest pipelines or {{ls}}. +{{agent}} is a single, unified way to add monitoring for logs, metrics, and other types of data to a host. +It can also protect hosts from security threats, query data from operating systems, forward data from remote services or hardware, and more. +Each agent has a single policy to which you can add integrations for new data sources, security protections, and more. -Trying to decide which ingest component to use? Refer to [Adding data to {{es}}](/manage-data/ingest.md) to help you decide. +{{fleet}} enables you to centrally manage {{agents}} and their policies. +Use {{fleet}} to monitor the state of all your {{agents}}, manage agent policies, and upgrade {{agent}} binaries or integrations. -#### {{fleet}} and {{agent}} [stack-components-agent] +[Learn more about {{fleet}} and {{agent}}](/reference/fleet/index.md). -{{agent}} is a single, unified way to add monitoring for logs, metrics, and other types of data to a host. It can also protect hosts from security threats, query data from operating systems, forward data from remote services or hardware, and more. Each agent has a single policy to which you can add integrations for new data sources, security protections, and more. +### APM [stack-components-apm] -{{fleet}} enables you to centrally manage {{agents}} and their policies. Use {{fleet}} to monitor the state of all your {{agents}}, manage agent policies, and upgrade {{agent}} binaries or integrations. +Elastic APM is an application performance monitoring system. +It allows you to monitor software services and applications in real-time, by collecting detailed performance information on response time for incoming requests, database queries, calls to caches, external HTTP requests, and more. +This makes it easy to pinpoint and fix performance problems quickly. -[Learn more about {{fleet}} and {{agent}}](/reference/fleet/index.md). +[Learn more about APM](/solutions/observability/apm/index.md). -#### APM [stack-components-apm] +### {{beats}} [stack-components-beats] -Elastic APM is an application performance monitoring system built on the {{stack}}. It allows you to monitor software services and applications in real-time, by collecting detailed performance information on response time for incoming requests, database queries, calls to caches, external HTTP requests, and more. This makes it easy to pinpoint and fix performance problems quickly. [Learn more about APM](/solutions/observability/apm/index.md). +{{beats}} are data shippers that you install as agents on your servers to send operational data to {{es}}. +{{beats}} are available for many standard observability data scenarios, including audit data, log files and journals, cloud data, availability, metrics, network traffic, and Windows event logs. -#### {{beats}} [stack-components-beats] +[Learn more about {{beats}}](beats://reference/index.md). -{{beats}} are data shippers that you install as agents on your servers to send operational data to {{es}}. {{beats}} are available for many standard observability data scenarios, including audit data, log files and journals, cloud data, availability, metrics, network traffic, and Windows event logs. [Learn more about {{beats}}](beats://reference/index.md). +### {{es}} ingest pipelines [stack-components-ingest-pipelines] -#### {{es}} ingest pipelines [stack-components-ingest-pipelines] +Ingest pipelines let you perform common transformations on your data before indexing them into {{es}}. +You can configure one or more "processor" tasks to run sequentially, making specific changes to your documents before storing them in {{es}}. -Ingest pipelines let you perform common transformations on your data before indexing them into {{es}}. You can configure one or more "processor" tasks to run sequentially, making specific changes to your documents before storing them in {{es}}. [Learn more about ingest pipelines](/manage-data/ingest/transform-enrich/ingest-pipelines.md). +[Learn more about ingest pipelines](/manage-data/ingest/transform-enrich/ingest-pipelines.md). -#### {{ls}} [stack-components-logstash] +### {{ls}} [stack-components-logstash] -{{ls}} is a data collection engine with real-time pipelining capabilities. It can dynamically unify data from disparate sources and normalize the data into destinations of your choice. {{ls}} supports a broad array of input, filter, and output plugins, with many native codecs further simplifying the ingestion process. [Learn more about {{ls}}](logstash://reference/index.md). +{{ls}} is a data collection engine with real-time pipelining capabilities. +It can dynamically unify data from disparate sources and normalize the data into destinations of your choice. +{{ls}} supports a broad array of input, filter, and output plugins, with many native codecs further simplifying the ingestion process. +[Learn more about {{ls}}](logstash://reference/index.md). -### Store [_store] +## Store, search, and analyze [_store] -#### {{es}} [stack-components-elasticsearch] +{{es}} is the distributed search, storage, and analytics engine at the heart of the {{search-platform}}. -{{es}} is the distributed search and analytics engine at the heart of the {{stack}}. It provides near real-time search and analytics for all types of data. Whether you have structured or unstructured text, numerical data, or geospatial data, {{es}} can efficiently store and index it in a way that supports fast searches. {{es}} provides a REST API that enables you to store data in {{es}} and retrieve it. The REST API also provides access to {{es}}'s search and analytics capabilities. [Learn more about {{es}}](/get-started/index.md). +### {{es}} [stack-components-elasticsearch] +{{es}} provides near real-time search and analytics for all types of data. +Whether you have structured or unstructured text, numerical data, vectors, or geospatial data, {{es}} can efficiently store and index it in a way that supports fast searches. -### Consume [_consume] +{{es}} is built to be a resilient and scalable distributed system. +It runs as a cluster of one or more servers, called nodes. +When you add data to an index, it's divided into pieces called shards, which are spread across the various nodes in the cluster. +This architecture allows {{es}} to handle large volumes of data and ensures that your data remains available even if a node fails. -Use {{kib}} to query and visualize the data that’s stored in {{es}}. Or, use the {{es}} clients to access data in {{es}} directly from common programming languages. +Nearly every aspect of {{es}} can be configured and managed programmatically through its REST APIs. +This allows you to automate repetitive tasks and integrate Elastic management into your existing operational workflows. +For example, you can use the APIs to manage indices, update cluster settings, run complex queries, and configure security. +This API-first approach is fundamental to enabling infrastructure-as-code practices and managing deployments at scale. -#### {{kib}} [stack-components-kibana] +Learn more about [the {{es}} data store](/manage-data/data-store.md), its [distributed architecture](/deploy-manage/distributed-architecture.md), and [APIs](elasticsearch://reference/elasticsearch/rest-apis/index.md). -{{kib}} is the tool to harness your {{es}} data and to manage the {{stack}}. Use it to analyze and visualize the data that’s stored in {{es}}. {{kib}} is also the home for the Search, Observability and Security solutions. [Learn more about {{kib}}](/explore-analyze/index.md). +## Explore [_consume] -#### {{es}} clients [stack-components-elasticsearch-clients] +Use {{kib}} to explore and visualize the data that's stored in {{es}} and to manage the {{search-platform}}. +You can use the {{es}} clients to access data directly by using common programming languages. -The clients provide a convenient mechanism to manage API requests and responses to and from {{es}} from popular languages such as Java, Ruby, Go, Python, and others. Both official and community contributed clients are available. [Learn more about the {{es}} clients](/reference/elasticsearch-clients/index.md). +### {{kib}} [stack-components-kibana] -## Version compatibility -```{applies_to} -deployment: - self: -``` +With {{kib}}, you can: -:::{include} /deploy-manage/deploy/_snippets/stack-version-compatibility.md -::: +* Use **Discover** to interactively search and filter your raw data. +* Build custom visualizations like charts, graphs, and metrics with tools like **Lens**, which offers a drag-and-drop experience. +* Assemble your visualizations into interactive dashboards to get a comprehensive overview of your information. +* Analyze geospatial data using the powerful **Maps** application. -## Installation order -```{applies_to} -deployment: - self: -``` +It also has [query tools](/explore-analyze/query-filter/tools.md) such as **Console**, which provides an interactive way to send requests directly to the {{es}} API and view the responses. +For secure, automated access, you can create and manage API keys to authenticate your scripts and applications. -:::{include} /deploy-manage/deploy/_snippets/installation-order.md -::: +[Learn more about {{kib}}](/explore-analyze/index.md). + +### {{es}} clients [stack-components-elasticsearch-clients] + +The clients provide a convenient mechanism to manage API requests and responses to and from {{es}} from popular languages such as Java, Ruby, Go, Python, and others. +Both official and community contributed clients are available. + +[Learn more about the {{es}} clients](/reference/elasticsearch-clients/index.md). \ No newline at end of file From 86eb9ec042eda55e305b0a41f84714199084a793 Mon Sep 17 00:00:00 2001 From: lcawl Date: Thu, 11 Sep 2025 10:30:39 -0700 Subject: [PATCH 2/3] Edit references and links to Elastic Stack --- deploy-manage/deploy.md | 3 + .../kibana-instance-quickstart.md | 2 +- deploy-manage/deploy/self-managed.md | 5 ++ ...lasticsearch-in-production-environments.md | 2 +- docset.yml | 1 + .../images/platform-components-diagram.svg | 52 +++++++++++ .../images/stack-components-diagram.svg | 88 ------------------- get-started/the-stack.md | 4 +- .../manage-data-from-the-command-line.md | 2 +- reference/fleet/data-streams-scenario1.md | 4 +- reference/fleet/data-streams-scenario2.md | 4 +- reference/fleet/data-streams-scenario4.md | 2 +- reference/fleet/fleet-settings.md | 2 +- reference/fleet/migrate-auditbeat-to-agent.md | 2 +- .../observability/apm/apm-server-binary.md | 5 +- .../apm/apm-server-fleet-managed.md | 2 +- .../observability/apm/collect-metrics.md | 2 +- .../observability/synthetics/analyze-data.md | 2 +- .../synthetics/configure-projects.md | 4 +- .../elastic-security-requirements.md | 2 +- 20 files changed, 82 insertions(+), 108 deletions(-) create mode 100644 get-started/images/platform-components-diagram.svg delete mode 100644 get-started/images/stack-components-diagram.svg diff --git a/deploy-manage/deploy.md b/deploy-manage/deploy.md index 8359e7da1b..59d8363e8d 100644 --- a/deploy-manage/deploy.md +++ b/deploy-manage/deploy.md @@ -89,6 +89,9 @@ Consider this when choosing your deployment type: - Choose {{serverless-full}} if you want automatic access to the latest features and don't want to manage version compatibility - Choose other deployment types if you need more control over version management +:::{include} /deploy-manage/deploy/_snippets/stack-version-compatibility.md +::: + :::{tip} Learn more about [versioning and availability](/get-started/versioning-availability.md). ::: diff --git a/deploy-manage/deploy/cloud-on-k8s/kibana-instance-quickstart.md b/deploy-manage/deploy/cloud-on-k8s/kibana-instance-quickstart.md index 8bd4c51916..9218de9cfe 100644 --- a/deploy-manage/deploy/cloud-on-k8s/kibana-instance-quickstart.md +++ b/deploy-manage/deploy/cloud-on-k8s/kibana-instance-quickstart.md @@ -11,7 +11,7 @@ products: # Deploy a {{kib}} instance [k8s-deploy-kibana] -To deploy a simple [{{kib}}](/get-started/the-stack.md#stack-components-kibana) specification, with one {{kib}} instance: +To deploy a simple {{kib}} specification, with one {{kib}} instance: 1. Specify a {{kib}} instance and associate it with your {{es}} `quickstart` cluster created previously under [Deploying an {{es}} cluster](elasticsearch-deployment-quickstart.md): diff --git a/deploy-manage/deploy/self-managed.md b/deploy-manage/deploy/self-managed.md index 7591b2f9ac..c44d013b03 100644 --- a/deploy-manage/deploy/self-managed.md +++ b/deploy-manage/deploy/self-managed.md @@ -29,6 +29,11 @@ Self-hosted options: For a comparison of these deployment options, refer to [Choosing your deployment type](/deploy-manage/deploy.md#choosing-your-deployment-type) and [](/deploy-manage/deploy/deployment-comparison.md). ::: +## Installation order + +:::{include} /deploy-manage/deploy/_snippets/installation-order.md +::: + ## Section overview This section focuses on deploying {{es}} and {{kib}} without an orchestrator. diff --git a/deploy-manage/production-guidance/elasticsearch-in-production-environments.md b/deploy-manage/production-guidance/elasticsearch-in-production-environments.md index 5bb9adefb4..870c879328 100644 --- a/deploy-manage/production-guidance/elasticsearch-in-production-environments.md +++ b/deploy-manage/production-guidance/elasticsearch-in-production-environments.md @@ -64,7 +64,7 @@ The following topics, covered in other sections of the documentation, offer valu ### Security and monitoring [security-and-monitoring] -As with any enterprise system, you need tools to secure, manage, and monitor your deployments. Security, monitoring, and administrative features that are integrated into {{es}} enable you to use [Kibana](/get-started/the-stack.md) as a control center for managing a cluster. +As with any enterprise system, you need tools to secure, manage, and monitor your deployments. Security, monitoring, and administrative features that are integrated into {{es}} enable you to use {{kib}} as a control center for managing a cluster. * [Learn about securing an {{es}} cluster](../security.md) diff --git a/docset.yml b/docset.yml index f426661537..dabd2ba58a 100644 --- a/docset.yml +++ b/docset.yml @@ -297,3 +297,4 @@ subs: ece-apis: https://www.elastic.co/docs/api/doc/cloud-enterprise/ intake-apis: https://www.elastic.co/docs/api/doc/observability-serverless/ models-app: "Trained Models" + search-platform: "Search AI Platform" diff --git a/get-started/images/platform-components-diagram.svg b/get-started/images/platform-components-diagram.svg new file mode 100644 index 0000000000..1e0eea80c4 --- /dev/null +++ b/get-started/images/platform-components-diagram.svg @@ -0,0 +1,52 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/get-started/images/stack-components-diagram.svg b/get-started/images/stack-components-diagram.svg deleted file mode 100644 index e59c6e5a7d..0000000000 --- a/get-started/images/stack-components-diagram.svg +++ /dev/null @@ -1,88 +0,0 @@ - - -Administer -Visualize -Alert -Analyze - -Index -Store -Search -Analyze - -Consolidate -Transform -Enrich - -Protect -Collect -Preprocess -Ship - - -Elasticsearch clients - -Fleet -and -Elastic Agent - - - - -Logstash - - - - -Kibana - - - - -Elasticsearch ingest pipelines - -Elasticsearch - -Beats - -APM - - - - -Other queues -and processors - - - - -Interfaces, -applications, -consumers, -websites - - - - -Other shippers and sources - -Consume - - -Store - -Ingest - - - - - - - - - - - - -Components of the Elastic Stack - \ No newline at end of file diff --git a/get-started/the-stack.md b/get-started/the-stack.md index ee8ae2a13b..88e1d623e9 100644 --- a/get-started/the-stack.md +++ b/get-started/the-stack.md @@ -18,8 +18,8 @@ It is the foundation for Elastic's [solutions](/get-started/introduction.md) and The {{search-platform}} is a fast and highly scalable set of components — {{es}}, {{kib}}, {{beats}}, {{ls}}, and others — that together enable you to securely take data from any source, in any format, and then store, search, analyze, and visualize it. - +$$$stack-components$$$ +![Components of the {{search-platform}}](/get-started/images/platform-components-diagram.svg) :::{tip} The components that share the same versioning scheme are often referred to as the _{{stack}}_. Learn more in [](/get-started/versioning-availability.md). diff --git a/manage-data/data-store/manage-data-from-the-command-line.md b/manage-data/data-store/manage-data-from-the-command-line.md index 213ce7cf9d..40d28a4bb8 100644 --- a/manage-data/data-store/manage-data-from-the-command-line.md +++ b/manage-data/data-store/manage-data-from-the-command-line.md @@ -15,7 +15,7 @@ products: Learn how to index, update, retrieve, search, and delete documents in an {{es}} cluster from the command line. ::::{tip} -If you are looking for a user interface for {{es}} and your data, head on over to [Kibana](/get-started/the-stack.md)! Not only are there amazing visualization and index management tools, Kibana includes realistic sample data sets to play with so that you can get to know what you *could* do with your data. +If you are looking for a user interface for {{es}} and your data, head on over to {{kib}}! Not only are there amazing visualization and index management tools, Kibana includes realistic sample data sets to play with so that you can get to know what you *could* do with your data. :::: ## Before you begin [before-you-begin] diff --git a/reference/fleet/data-streams-scenario1.md b/reference/fleet/data-streams-scenario1.md index 3caa3f741b..a5d5a66660 100644 --- a/reference/fleet/data-streams-scenario1.md +++ b/reference/fleet/data-streams-scenario1.md @@ -22,7 +22,7 @@ This tutorial explains how to apply a custom index lifecycle policy to all of th ## Step 1: Create an index lifecycle policy [data-streams-scenario1-step1] -1. To open **Lifecycle Policies**, find **Stack Management** in the main menu or use the [global search field](/get-started/the-stack.md#kibana-navigation-search). +1. To open **Lifecycle Policies**, find **Stack Management** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). 2. Click **Create policy**. Name your new policy. For this tutorial, you can use `my-ilm-policy`. Customize the policy to your liking, and when you’re done, click **Save policy**. @@ -32,7 +32,7 @@ Name your new policy. For this tutorial, you can use `my-ilm-policy`. Customize The **Index Templates** view in {{kib}} shows you all of the index templates available to automatically apply settings, mappings, and aliases to indices: -1. To open **Index Management**, find **Stack Management** in the main menu or use the [global search field](/get-started/the-stack.md#kibana-navigation-search). +1. To open **Index Management**, find **Stack Management** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). 2. Select **Index Templates**. 3. Search for `system` to see all index templates associated with the System integration. 4. Select any `logs-*` index template to view the associated component templates. For example, you can select the `logs-system.application` index template. diff --git a/reference/fleet/data-streams-scenario2.md b/reference/fleet/data-streams-scenario2.md index c8a1cfe201..739b509252 100644 --- a/reference/fleet/data-streams-scenario2.md +++ b/reference/fleet/data-streams-scenario2.md @@ -17,7 +17,7 @@ This tutorial explains how to apply a custom index lifecycle policy to the `logs ## Step 1: Create an index lifecycle policy [data-streams-scenario2-step1] -1. To open **Lifecycle Policies**, find **Stack Management** in the main menu or use the [global search field](/get-started/the-stack.md#kibana-navigation-search). +1. To open **Lifecycle Policies**, find **Stack Management** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). 2. Click **Create policy**. Name your new policy. For this tutorial, you can use `my-ilm-policy`. Customize the policy to your liking, and when you’re done, click **Save policy**. @@ -27,7 +27,7 @@ Name your new policy. For this tutorial, you can use `my-ilm-policy`. Customize The **Index Templates** view in {{kib}} shows you all of the index templates available to automatically apply settings, mappings, and aliases to indices: -1. To open **Index Management**, find **Stack Management** in the main menu or use the [global search field](/get-started/the-stack.md#kibana-navigation-search). +1. To open **Index Management**, find **Stack Management** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). 2. Select **Index Templates**. 3. Search for `system` to see all index templates associated with the System integration. 4. Select the index template that matches the data stream for which you want to set up an ILM policy. For this example, you can select the `logs-system.auth` index template. diff --git a/reference/fleet/data-streams-scenario4.md b/reference/fleet/data-streams-scenario4.md index c78c12db2c..29d0179aaf 100644 --- a/reference/fleet/data-streams-scenario4.md +++ b/reference/fleet/data-streams-scenario4.md @@ -16,7 +16,7 @@ If you’ve created a custom integration package, you can apply a single ILM pol ## Step 1: Define the ILM policy [data-streams-scenario4-step1] -1. In {{kib}}, go to **Stack Management** and select **Index Lifecycle Policies**. You can also use the [global search field](/get-started/the-stack.md#kibana-navigation-search). +1. In {{kib}}, go to **Stack Management** and select **Index Lifecycle Policies**. You can also use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). 2. Click **Create policy**. 3. Name the policy, configure it as needed, and click **Save policy**. diff --git a/reference/fleet/fleet-settings.md b/reference/fleet/fleet-settings.md index 723f9e74f2..90761b8538 100644 --- a/reference/fleet/fleet-settings.md +++ b/reference/fleet/fleet-settings.md @@ -155,7 +155,7 @@ You can specify a proxy server to be used in {{fleet-server}}, {{agent}} outputs After an {{agent}} has been unenrolled in {{fleet}}, a number of documents about the agent are retained just in case the agent needs to be recovered at some point. You can choose to have all data related to an unenrolled agent deleted automatically. -Note that this option can also be enabled by adding the `xpack.fleet.enableDeleteUnenrolledAgents: true` setting to the [{{kib}} settings file](/get-started/the-stack.md). +Note that this option can also be enabled by adding the `xpack.fleet.enableDeleteUnenrolledAgents: true` setting to the {{kib}} settings file. To enable automatic deletion of unenrolled agents: diff --git a/reference/fleet/migrate-auditbeat-to-agent.md b/reference/fleet/migrate-auditbeat-to-agent.md index e980059761..9f5a5bd49a 100644 --- a/reference/fleet/migrate-auditbeat-to-agent.md +++ b/reference/fleet/migrate-auditbeat-to-agent.md @@ -34,7 +34,7 @@ The following table describes the integrations you can use instead of {{auditbea | {{fleet}} [system](integration-docs://reference/system/index.md) integration | Collect login events for Windows through the [Security event log](integration-docs://reference/system/index.md#security). | | [System.package](beats://reference/auditbeat/auditbeat-dataset-system-package.md) dataset | [System Audit](integration-docs://reference/system_audit/index.md) integration | This integration is a direct replacement of the System Package dataset. Starting in {{stack}} 8.7, you can port rules and configuration settings to this integration. This integration currently schedules collection of information such as:

* [rpm_packages](https://www.osquery.io/schema/5.1.0/#rpm_packages)
* [deb_packages](https://www.osquery.io/schema/5.1.0/#deb_packages)
* [homebrew_packages](https://www.osquery.io/schema/5.1.0/#homebrew_packages)
| | [Osquery](integration-docs://reference/osquery/index.md) or [Osquery Manager](integration-docs://reference/osquery_manager/index.md) integration | Schedule collection of information like:

* [rpm_packages](https://www.osquery.io/schema/5.1.0/#rpm_packages)
* [deb_packages](https://www.osquery.io/schema/5.1.0/#deb_packages)
* [homebrew_packages](https://www.osquery.io/schema/5.1.0/#homebrew_packages)
* [apps](https://www.osquery.io/schema/5.1.0/#apps) (MacOS)
* [programs](https://www.osquery.io/schema/5.1.0/#programs) (Windows)
* [npm_packages](https://www.osquery.io/schema/5.1.0/#npm_packages)
* [atom_packages](https://www.osquery.io/schema/5.1.0/#atom_packages)
* [chocolatey_packages](https://www.osquery.io/schema/5.1.0/#chocolatey_packages)
* [portage_packages](https://www.osquery.io/schema/5.1.0/#portage_packages)
* [python_packages](https://www.osquery.io/schema/5.1.0/#python_packages)
| -| [System.process](beats://reference/auditbeat/auditbeat-dataset-system-process.md) dataset | [Endpoint](/solutions/security/configure-elastic-defend/install-elastic-defend.md) | Best replacement because out of the box it reports events forevery process in [ECS](integration-docs://reference/index.md) format and has excellentintegration in [Kibana](/get-started/the-stack.md). | +| [System.process](beats://reference/auditbeat/auditbeat-dataset-system-process.md) dataset | [Endpoint](/solutions/security/configure-elastic-defend/install-elastic-defend.md) | Best replacement because out of the box it reports events forevery process in [ECS](integration-docs://reference/index.md) format and has excellent integration in {{kib}}. | | [Custom Windows event log](integration-docs://reference/winlog/index.md) and [Sysmon](integration-docs://reference/sysmon_linux/index.md) integrations | Provide process data. | | [Osquery](integration-docs://reference/osquery/index.md) or[Osquery Manager](integration-docs://reference/osquery_manager/index.md) integration | Collect data from the [process](https://www.osquery.io/schema/5.1.0/#process) table on some OSeswithout polling. | | [System.socket](beats://reference/auditbeat/auditbeat-dataset-system-socket.md) dataset | [Endpoint](/solutions/security/configure-elastic-defend/install-elastic-defend.md) | Best replacement because it supports monitoring network connections on Linux,Windows, and MacOS. Includes process and user metadata. Currently does notdo flow accounting (byte and packet counts) or domain name enrichment (but doescollect DNS queries separately). | diff --git a/solutions/observability/apm/apm-server-binary.md b/solutions/observability/apm/apm-server-binary.md index 9a1c79f24d..bd3dc7c85a 100644 --- a/solutions/observability/apm/apm-server-binary.md +++ b/solutions/observability/apm/apm-server-binary.md @@ -21,7 +21,8 @@ You’ll need: * **{{es}}** for storing and indexing data. * **{{kib}}** for visualizing with the Applications UI. -We recommend you use the same version of {{es}}, {{kib}}, and APM Server. See [Installing the {{stack}}](/get-started/the-stack.md) for more information about installing these products. +We recommend you use the same version of {{es}}, {{kib}}, and APM Server. +For more information about installing these products, refer to [](/deploy-manage/deploy.md). :::{image} /solutions/images/observability-apm-architecture-diy.png :alt: Install Elastic APM yourself @@ -30,7 +31,7 @@ We recommend you use the same version of {{es}}, {{kib}}, and APM Server. See [I ## Step 1: Install [apm-installing] ::::{note} -**Before you begin**: If you haven’t installed the {{stack}}, do that now. See [Learn how to install the {{stack}} on your own hardware](/get-started/the-stack.md). +**Before you begin**: If you haven’t installed the {{stack}}, do that now. Refer to [](/deploy-manage/deploy.md). :::: To download and install APM Server, use the commands below that work with your system. If you use `apt` or `yum`, you can [install APM Server from our repositories](#apm-setup-repositories) to update to the newest version more easily. diff --git a/solutions/observability/apm/apm-server-fleet-managed.md b/solutions/observability/apm/apm-server-fleet-managed.md index 1401a437e1..87a5625cd2 100644 --- a/solutions/observability/apm/apm-server-fleet-managed.md +++ b/solutions/observability/apm/apm-server-fleet-managed.md @@ -22,7 +22,7 @@ This guide will explain how to set up and configure a Fleet-managed APM Server. You need {{es}} for storing and searching your data, and {{kib}} for visualizing and managing it. When setting these components up, you need: -* {{es}} cluster and {{kib}} (version 9.0) with a basic license or higher. [Learn how to install the {{stack}} on your own hardware](/get-started/the-stack.md). +* {{es}} cluster and {{kib}} (version 9.0) with a basic license or higher. Refer to [](/deploy-manage/deploy.md). * Secure, encrypted connection between {{kib}} and {{es}}. For more information, refer to [](/deploy-manage/security/self-setup.md). * Internet connection for {{kib}} to download integration packages from the {{package-registry}}. Make sure the {{kib}} server can connect to `https://epr.elastic.co` on port `443`. If your environment has network traffic restrictions, there are ways to work around this requirement. See [Air-gapped environments](/reference/fleet/air-gapped.md) for more information. * {{kib}} user with `All` privileges on {{fleet}} and {{integrations}}. Since many Integrations assets are shared across spaces, users need the {{kib}} privileges in all spaces. diff --git a/solutions/observability/apm/collect-metrics.md b/solutions/observability/apm/collect-metrics.md index 95a656708c..517dfaed26 100644 --- a/solutions/observability/apm/collect-metrics.md +++ b/solutions/observability/apm/collect-metrics.md @@ -40,7 +40,7 @@ See the [Open Telemetry Metrics API](https://github.com/open-telemetry/opentelem Use **Discover** to validate that metrics are successfully reported to {{kib}}. 1. Open your Observability instance. -2. Find **Discover** in the main menu or use the [global search field](/get-started/the-stack.md#kibana-navigation-search). +2. Find **Discover** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). 3. Click **All logs** → **Data Views** then select **APM**. 4. Filter the data to only show documents with metrics: `processor.name :"metric"` 5. Narrow your search with a known OpenTelemetry field. For example, if you have an `order_value` field, add `order_value: *` to your search to return only OpenTelemetry metrics documents. diff --git a/solutions/observability/synthetics/analyze-data.md b/solutions/observability/synthetics/analyze-data.md index 0370ab4a73..6fecd00c23 100644 --- a/solutions/observability/synthetics/analyze-data.md +++ b/solutions/observability/synthetics/analyze-data.md @@ -19,7 +19,7 @@ The Synthetics UI gives you a high-level overview of your service’s availabili The Synthetics **Overview** tab provides you with a high-level view of all the services you are monitoring to help you quickly diagnose outages and other connectivity issues within your network. -To access this page, find `Synthetics` in the [global search field](/get-started/the-stack.md#kibana-navigation-search) and make sure you’re on the **Overview** tab. +To access this page, find `Synthetics` in the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md) and make sure you’re on the **Overview** tab. This overview includes a snapshot of the current status of all monitors, the number of errors that occurred over the last 6 hours, and the number of alerts over the last 12 hours. All monitors created using projects or using the UI will be listed below with information about the location, current status, and duration average. diff --git a/solutions/observability/synthetics/configure-projects.md b/solutions/observability/synthetics/configure-projects.md index ba7f415f49..02e5606da4 100644 --- a/solutions/observability/synthetics/configure-projects.md +++ b/solutions/observability/synthetics/configure-projects.md @@ -243,7 +243,7 @@ $$$synthetics-configuration-monitor-tags$$$ `tags` (`Array`) To list available locations you can: * Run the [`elastic-synthetics locations` command](/solutions/observability/synthetics/cli.md#elastic-synthetics-locations-command). - * Find `Synthetics` in the [global search field](/get-started/the-stack.md#kibana-navigation-search) and click **Create monitor**. Locations will be listed in *Locations*. + * Find `Synthetics` in the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md) and click **Create monitor**. Locations will be listed in *Locations*. `privateLocations` (`Array`) : The [{{private-location}}s](/solutions/observability/synthetics/monitor-resources-on-private-networks.md) to which the monitors will be deployed. These {{private-location}}s refer to locations hosted and managed by you, whereas `locations` are hosted by Elastic. You can specify a {{private-location}} using the location’s name. @@ -251,7 +251,7 @@ $$$synthetics-configuration-monitor-tags$$$ `tags` (`Array`) To list available {{private-location}}s you can: * Run the [`elastic-synthetics locations` command](/solutions/observability/synthetics/cli.md#elastic-synthetics-locations-command) with the URL for the Observability project or the {{kib}} URL for the deployment from which to fetch available locations. - * Find `Synthetics` in the [global search field](/get-started/the-stack.md#kibana-navigation-search) and click **Create monitor**. {{private-location}}s will be listed in *Locations*. + * Find `Synthetics` in the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md) and click **Create monitor**. {{private-location}}s will be listed in *Locations*. `throttling` (`boolean` | [`ThrottlingOptions`](https://github.com/elastic/synthetics/blob/v1.3.0/src/common_types.ts#L194-L198)) : Control the monitor’s download speeds, upload speeds, and latency to simulate your application’s behavior on slower or laggier networks. Set to `false` to disable throttling altogether. diff --git a/solutions/security/get-started/elastic-security-requirements.md b/solutions/security/get-started/elastic-security-requirements.md index 25bed8f20e..659c25eb5b 100644 --- a/solutions/security/get-started/elastic-security-requirements.md +++ b/solutions/security/get-started/elastic-security-requirements.md @@ -25,7 +25,7 @@ stack: {{ecloud}} offers all of the features of {{es}}, {{kib}}, and {{elastic-sec}} as a hosted service available on AWS, GCP, and Azure. To get started, sign up for a [free {{ecloud}} trial](https://cloud.elastic.co/registration?page=docs&placement=docs-body). -For information about installing and managing the {{stack}} yourself, see [Installing the {{stack}}](/get-started/the-stack.md). +For information about installing and managing the {{stack}} yourself, refer to [](/deploy-manage/deploy/self-managed.md). ### Node role requirements [node-role-requirements] From 17cebdf01c6ab6164f12b910acfe2903a1017317 Mon Sep 17 00:00:00 2001 From: lcawl Date: Thu, 11 Sep 2025 18:33:20 -0700 Subject: [PATCH 3/3] Restore lingering anchor --- get-started/the-stack.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/get-started/the-stack.md b/get-started/the-stack.md index 88e1d623e9..b5f6a68045 100644 --- a/get-started/the-stack.md +++ b/get-started/the-stack.md @@ -128,4 +128,7 @@ For secure, automated access, you can create and manage API keys to authenticate The clients provide a convenient mechanism to manage API requests and responses to and from {{es}} from popular languages such as Java, Ruby, Go, Python, and others. Both official and community contributed clients are available. -[Learn more about the {{es}} clients](/reference/elasticsearch-clients/index.md). \ No newline at end of file +[Learn more about the {{es}} clients](/reference/elasticsearch-clients/index.md). + + +$$$kibana-navigation-search$$$ \ No newline at end of file