Elastic Defend advanced settings #1445
Conversation
natasha-moore-elastic
added
the
Team:Experience
|
Thanks. I'll review this as soon as I can. @joe-desimone @gabriellandau @magermark @nfritts you may want to review also and/or mention this to others. |
|
Hi @natasha-moore-elastic @ferullo |
|
I noticed the in-app help text is included along with additional information (which mirrors the format of the source Google doc). I wonder, now that this online documentation is being added, do we want to shorten the in-app text and provide a link to this page? Or merge the two types of documentation for each option here and then have the in-app text mirror that revised text? Something else? Just leave it as is? I'm up for doing a pass at updating this or the in-app text if you'd like to do any of those things. Otherwise I'm also happy to review this as it is. |
Good question! I included the tooltip text since some settings don’t have any additional description and would have otherwise been blank. Ideally, I’d lean toward keeping the tooltip text short in the UI, and linking from the tooltips to the public docs, where users can get the full context. A lot of the tooltips are already fairly concise (1–2 sentences), so it’s likely not all of them would need changes, if we decided to go that route. That said, since the Docs team is currently going through a major reorg, we’re pretty limited with resources, and any significant edits to this page would need to take a lower priority compared to writing new feature docs for 8.19/9.1. |
Hi @AsuNa-jp, I think you’re good to add the new advanced setting (along with its tooltip text and any additional description) to this PR, thanks! |
|
Hi @natasha-moore-elastic Additionally, I realized that we need to add the following advanced policy config in 8.19/9.1, so I’ve created a new PR on the Kibana side.
I’ve added the same policy and tooltip text to this PR as well (in the commit below), but please feel free to let me know if there’s any issue. 4acd765 |
|
|
||
| *PEM-encoded certificate for {{fleet}} Server certificate authority.* | ||
|
|
||
| Specifies the certificate used to verify the SSL/TLS connection to the {{fleet}} server. We typically recommend configuring this at the {{fleet}} level, so it applies consistently across {{elastic-agent}} and all integrations, rather than setting it specifically for {{elastic-endpoint}}. |
There was a problem hiding this comment.
This applies to all the cert fields, but do you think we should list the cert limitations here (versions that support EC certs being the main one that comes to mind)
There was a problem hiding this comment.
@nfritts We could add the following note under the descriptions for artifacts.global.ca_cert, artifacts.user.ca_cert, and elasticsearch.tls.ca_cert:
"Elliptic Curve (EC) certificates are supported starting with Elastic Endpoint v8.19.0 and v9.1.0. Earlier versions either silently ignore unsupported EC certificates (pre-8.16.0) or report a policy response error (8.16.0–8.18.x). Use RSA certificates or upgrade Elastic Endpoint to a supported version."
Does that sound right?
This taking a little longer is OK. I want to make the right long term decision. I spoke with @roxana-gheorghe and we'd like to do this
If you are ok with that, I can make a pass to accomplish (2) and (3) so you can mostly just accept suggestions in this PR. I realize this likely means this PR slips past 8.19/9.1.
|
Totally agree that would be a much better user experience – feel free to make edits to this PR and thanks for the help! |
Resolves elastic/security-docs#2234 by documenting the Elastic Defend policy advanced settings in the Reference section.
The setting descriptions consist of the Kibana tooltip text (in italics) and, for most settings, an additional description. The Kibana tooltip text was kept because some settings don't have an additional description.
Preview: Elastic Defend advanced settings