Skip to content

[Elasticsearch]: Specify permission requirements for monitoring data #17789

New issue
New issue
Open
Open
[Elasticsearch]: Specify permission requirements for monitoring data#17789
Labels
Integration:elasticsearchElasticsearchTeam:Stack MonitoringStack Monitoring team [elastic/stack-monitoring]needs:triage
@cp-elastic

Description

@cp-elastic
cp-elastic
opened on Mar 12, 2026

Integration Name

Elasticsearch [elasticsearch]

Dataset Name

No response

Integration Version

1.20

Agent Version

8.19

OS Version and Architecture

RHEL8

User Goal

It would be great to specify what the minimum permissions needed for the integration are. This supports a least-privilege approach for folks who are picky about RBAC.

Existing Features

N/A

What did you see?

We tested with the built-in remote_monitoring_collector role and found that some of the metadata like elasticsearch.index.creation_date was not being pulled. We worked around it by giving the user the superuser role temporarily, pending feedback from this issue.

Anything else?

Specifically, we were running into issues with the pivot transform for metrics that populates the Data Streams Usage dashboard not collecting anything due to the above issue. Having specific permissions will allow customers to easily configure the integration and reduce the reliance on superuser.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Integration:elasticsearchElasticsearchTeam:Stack MonitoringStack Monitoring team [elastic/stack-monitoring]needs:triage

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions