Skip to content

Commit 1cbfb94

Browse files
[Cloudflare] Enable Agentless deployment (#18199)
cloudflare: add agentless deployment
1 parent bd71b5e commit 1cbfb94

6 files changed

Lines changed: 35 additions & 2 deletions

File tree

packages/cloudflare/_dev/build/docs/README.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@ Users of [Cloudflare](https://www.cloudflare.com/en-au/learning/what-is-cloudfla
88
99
> Note: Authenticating with API Key (Auth Key) using `X-AUTH-EMAIL` and `X-AUTH-KEY` is considered to be a legacy feature with several limitations that makes it less secure than API token (Auth Token). See [here](https://developers.cloudflare.com/fundamentals/api/get-started/keys/#limitations) for more information on API Key limitations.
1010
11+
## Agentless Enabled Integration
12+
13+
Agentless integrations allow you to collect data without having to manage Elastic Agent in your cloud. They make manual agent deployment unnecessary, so you can focus on your data instead of the agent that collects it. For more information, refer to [Agentless integrations](https://www.elastic.co/guide/en/serverless/current/security-agentless-integrations.html) and the [Agentless integrations FAQ](https://www.elastic.co/guide/en/serverless/current/agentless-integration-troubleshooting.html).
14+
Agentless deployments are only supported in Elastic Serverless and Elastic Cloud environments. This functionality is in beta and is subject to change. Beta features are not subject to the support SLA of official GA features.
15+
1116
## Configuration
1217

1318
### Enabling the integration in Elastic

packages/cloudflare/changelog.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,9 @@
11
# newer versions go on top
2+
- version: "2.33.0"
3+
changes:
4+
- description: Enable Agentless deployment.
5+
type: enhancement
6+
link: https://github.com/elastic/integrations/pull/18199
27
- version: "2.32.1"
38
changes:
49
- description: Use triple-brace Mustache templating when referencing variables in ingest pipelines.

packages/cloudflare/data_stream/audit/elasticsearch/ingest_pipeline/default.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@ processors:
99
target_field: event.original
1010
ignore_missing: true
1111
if: ctx.event?.original == null
12+
- remove:
13+
field: message
14+
ignore_missing: true
15+
if: ctx.event?.original != null
16+
description: 'The `message` field is no longer required if the document has an `event.original` field.'
1217
- json:
1318
field: event.original
1419
target_field: json

packages/cloudflare/data_stream/logpull/elasticsearch/ingest_pipeline/default.yml

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,11 @@ processors:
99
target_field: event.original
1010
ignore_missing: true
1111
if: ctx.event?.original == null
12+
- remove:
13+
field: message
14+
ignore_missing: true
15+
if: ctx.event?.original != null
16+
description: 'The `message` field is no longer required if the document has an `event.original` field.'
1217
- json:
1318
field: event.original
1419
target_field: json

packages/cloudflare/docs/README.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@ Users of [Cloudflare](https://www.cloudflare.com/en-au/learning/what-is-cloudfla
88
99
> Note: Authenticating with API Key (Auth Key) using `X-AUTH-EMAIL` and `X-AUTH-KEY` is considered to be a legacy feature with several limitations that makes it less secure than API token (Auth Token). See [here](https://developers.cloudflare.com/fundamentals/api/get-started/keys/#limitations) for more information on API Key limitations.
1010
11+
## Agentless Enabled Integration
12+
13+
Agentless integrations allow you to collect data without having to manage Elastic Agent in your cloud. They make manual agent deployment unnecessary, so you can focus on your data instead of the agent that collects it. For more information, refer to [Agentless integrations](https://www.elastic.co/guide/en/serverless/current/security-agentless-integrations.html) and the [Agentless integrations FAQ](https://www.elastic.co/guide/en/serverless/current/agentless-integration-troubleshooting.html).
14+
Agentless deployments are only supported in Elastic Serverless and Elastic Cloud environments. This functionality is in beta and is subject to change. Beta features are not subject to the support SLA of official GA features.
15+
1116
## Configuration
1217

1318
### Enabling the integration in Elastic

packages/cloudflare/manifest.yml

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
name: cloudflare
22
title: Cloudflare
3-
version: "2.32.1"
3+
version: "2.33.0"
44
description: Collect logs from Cloudflare with Elastic Agent.
55
type: integration
6-
format_version: "3.0.2"
6+
format_version: "3.3.2"
77
categories: [security, network, cdn_security]
88
conditions:
99
kibana:
@@ -30,6 +30,14 @@ policy_templates:
3030
- name: cloudflare
3131
title: Cloudflare logs
3232
description: Collect logs from Cloudflare
33+
deployment_modes:
34+
default:
35+
enabled: true
36+
agentless:
37+
enabled: true
38+
organization: security
39+
division: engineering
40+
team: security-service-integrations
3341
inputs:
3442
- type: cel
3543
title: "Collect Cloudflare logs via API (v2)"

0 commit comments

Comments
 (0)