Skip to content

[Fleet] Add toggle that grants permission to write to logs datastream#233374

Merged
Supplementing merged 17 commits intoelastic:mainfrom
Supplementing:enhancement-opt-in-logs-datastream
Sep 2, 2025
Merged

[Fleet] Add toggle that grants permission to write to logs datastream#233374
Supplementing merged 17 commits intoelastic:mainfrom
Supplementing:enhancement-opt-in-logs-datastream

Conversation

@Supplementing
Copy link
Contributor

@Supplementing Supplementing commented Aug 28, 2025
edited
Loading

Summary

Closes https://github.com/elastic/ingest-dev/issues/5914

  • Adds a toggle to the ES output flyout to enable writing to logs, and logs.* streams
  • Enabling this adds relevant permissions for agent policies that use the output

Demo/Testing instructions:

video1451176562.mp4

Note: Video was recorded before the property was renamed to write_to_logs_streams, that is the new value you'll see during testing

Checklist

Check the PR satisfies following conditions.

Reviewers should verify this PR satisfies this list as well.

  • Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
  • Documentation was added for features that require explanation or tutorials
  • Unit or functional tests were updated or added to match the most common scenarios
  • If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the docker list
  • This was checked for breaking HTTP API changes, and any breaking changes have been approved by the breaking-change committee. The release_note:breaking label should be applied in these situations.
  • Flaky Test Runner was used on any tests changed
  • The PR description includes the appropriate Release Notes section, and the correct release_note:* label is applied per the guidelines
  • Review the backport guidelines and apply applicable backport:* labels.

Identify risks

N/A

Release Note

  • Added write to logs streams toggle on outputs allowing the user to have greater control of whether agents that use an output have permission to write to the logs stream.
@Supplementing Supplementing requested a review from a team as a code owner August 28, 2025 17:09
@Supplementing Supplementing added backport:skip This PR does not require backporting Team:Fleet Team label for Observability Data Collection Fleet team release_note:feature Makes this part of the condensed release notes labels Aug 28, 2025
@elasticmachine
Copy link
Contributor

elasticmachine commented Aug 28, 2025

Pinging @elastic/fleet (Team:Fleet)
@Supplementing
Copy link
Contributor Author

Supplementing commented Aug 28, 2025

@elasticmachine merge upstream
nchaulet
nchaulet reviewed Aug 28, 2025
View reviewed changes
@kibanamachine
[CI] Auto-commit changed files from 'node scripts/capture_oas_snapsho…
903589b 
…t --include-path /api/status --include-path /api/alerting/rule/ --include-path /api/alerting/rules --include-path /api/actions --include-path /api/security/role --include-path /api/spaces --include-path /api/streams --include-path /api/fleet --include-path /api/saved_objects/_import --include-path /api/saved_objects/_export --include-path /api/maintenance_window --update'
nchaulet
nchaulet approved these changes Aug 28, 2025
View reviewed changes
Copy link
Member

@nchaulet nchaulet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

code LGTM 🚀 one small question about API property naming
@elastic-vault-github-plugin-prod elastic-vault-github-plugin-prod bot requested a review from a team as a code owner August 28, 2025 17:42
@Supplementing Supplementing requested a review from nchaulet August 28, 2025 19:13
@kibanamachine
[CI] Auto-commit changed files from 'node scripts/capture_oas_snapsho…
fcf30b5 
…t --include-path /api/status --include-path /api/alerting/rule/ --include-path /api/alerting/rules --include-path /api/actions --include-path /api/security/role --include-path /api/spaces --include-path /api/streams --include-path /api/fleet --include-path /api/saved_objects/_import --include-path /api/saved_objects/_export --include-path /api/maintenance_window --update'
@Supplementing
Copy link
Contributor Author

Supplementing commented Aug 29, 2025

@elasticmachine merge upstream
@Supplementing
Copy link
Contributor Author

Supplementing commented Aug 29, 2025

CI cypress failure seems to be a random timeout issue, passes on local so re-running CI
@Supplementing Supplementing enabled auto-merge (squash) August 29, 2025 17:10
@Supplementing
Copy link
Contributor Author

Supplementing commented Sep 2, 2025

@elasticmachine merge upstream
elasticmachine and others added 3 commits September 2, 2025 16:40
@elasticmachine
Merge branch 'main' into enhancement-opt-in-logs-datastream
878ec83
@kibanamachine
[CI] Auto-commit changed files from 'node scripts/capture_oas_snapsho…
cca8ea7 
…t --include-path /api/status --include-path /api/alerting/rule/ --include-path /api/alerting/rules --include-path /api/actions --include-path /api/security/role --include-path /api/spaces --include-path /api/streams --include-path /api/fleet --include-path /api/saved_objects/_import --include-path /api/saved_objects/_export --include-path /api/maintenance_window --update'
@kibanamachine
[CI] Auto-commit changed files from 'make api-docs'
53aaffb
@Supplementing Supplementing merged commit cc0bab0 into elastic:main Sep 2, 2025
12 checks passed
@elasticmachine
Copy link
Contributor

elasticmachine commented Sep 2, 2025

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
fleet 2.1MB 2.1MB +733.0B

History
kowalczyk-krzysztof pushed a commit to kowalczyk-krzysztof/kibana that referenced this pull request Sep 3, 2025
@Supplementing @elasticmachine
@kibanamachine @kowalczyk-krzysztof
[Fleet] Add toggle that grants permission to write to logs datastre���
8a9c08d 
…am (elastic#233374)

## Summary

Closes elastic/ingest-dev#5914

- Adds a toggle to the ES output flyout to enable writing to logs, and
logs.* streams
- Enabling this adds relevant permissions for agent policies that use
the output

**Demo/Testing instructions:**


https://github.com/user-attachments/assets/68425625-fc3c-4059-ab7c-5f70c853b10d

**Note: Video was recorded before the property was renamed to
`write_to_logs_streams`, that is the new value you'll see during
testing**

### Checklist

Check the PR satisfies following conditions. 

Reviewers should verify this PR satisfies this list as well.

- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This was checked for breaking HTTP API changes, and any breaking
changes have been approved by the breaking-change committee. The
`release_note:breaking` label should be applied in these situations.
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [ ] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
- [ ] Review the [backport
guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)
and apply applicable `backport:*` labels.

### Identify risks
N/A

## Release Note

- Added `write to logs streams` toggle on outputs allowing the user to
have greater control of whether agents that use an output have
permission to write to the logs stream.

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
ymao1 pushed a commit to ymao1/kibana that referenced this pull request Sep 4, 2025
@Supplementing @elasticmachine
@kibanamachine @ymao1
[Fleet] Add toggle that grants permission to write to logs datastre…
75437a6 
…am (elastic#233374)

## Summary

Closes elastic/ingest-dev#5914

- Adds a toggle to the ES output flyout to enable writing to logs, and
logs.* streams
- Enabling this adds relevant permissions for agent policies that use
the output

**Demo/Testing instructions:**


https://github.com/user-attachments/assets/68425625-fc3c-4059-ab7c-5f70c853b10d

**Note: Video was recorded before the property was renamed to
`write_to_logs_streams`, that is the new value you'll see during
testing**

### Checklist

Check the PR satisfies following conditions. 

Reviewers should verify this PR satisfies this list as well.

- [ ] Any text added follows [EUI's writing
guidelines](https://elastic.github.io/eui/#/guidelines/writing), uses
sentence case text and includes [i18n
support](https://github.com/elastic/kibana/blob/main/src/platform/packages/shared/kbn-i18n/README.md)
- [ ]
[Documentation](https://www.elastic.co/guide/en/kibana/master/development-documentation.html)
was added for features that require explanation or tutorials
- [ ] [Unit or functional
tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html)
were updated or added to match the most common scenarios
- [ ] If a plugin configuration key changed, check if it needs to be
allowlisted in the cloud and added to the [docker
list](https://github.com/elastic/kibana/blob/main/src/dev/build/tasks/os_packages/docker_generator/resources/base/bin/kibana-docker)
- [ ] This was checked for breaking HTTP API changes, and any breaking
changes have been approved by the breaking-change committee. The
`release_note:breaking` label should be applied in these situations.
- [ ] [Flaky Test
Runner](https://ci-stats.kibana.dev/trigger_flaky_test_runner/1) was
used on any tests changed
- [ ] The PR description includes the appropriate Release Notes section,
and the correct `release_note:*` label is applied per the
[guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process)
- [ ] Review the [backport
guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing)
and apply applicable `backport:*` labels.

### Identify risks
N/A

## Release Note

- Added `write to logs streams` toggle on outputs allowing the user to
have greater control of whether agents that use an output have
permission to write to the logs stream.

---------

Co-authored-by: Elastic Machine <elasticmachine@users.noreply.github.com>
Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>
@rdner rdner mentioned this pull request Sep 12, 2025
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backport:skip This PR does not require backporting release_note:feature Makes this part of the condensed release notes Team:Fleet Team label for Observability Data Collection Fleet team v9.2.0

5 participants

@Supplementing @elasticmachine @nchaulet @mdbirnstiehl @kibanamachine