You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The intent behind this check is to prevent users from routing custom logs documents to other integration data streams that have their own index settings, mappings, etc defined. Pushing custom logs documents into an integration's ingest pipeline could result in pipeline errors, for example.
We should potentially only be checking Fleet-managed (e.g. managed_by: "fleet") data streams instead of any managed data stream matching the given index pattern.
In cases where users ingest data outside of the context of Fleet, this check can result in false positives, e.g.
Run the following in Kibana dev tools
POST logs-generic-default/_doc
{
"@timestamp": "2024-05-15T00:00:00.000Z",
"message": "foo"
}
Currently, this check will return
true
if anymanaged
data stream exists with the same index pattern defined by an input package policy:kibana/x-pack/plugins/fleet/server/services/epm/packages/install.ts
Lines 1352 to 1354 in 19818f2
The intent behind this check is to prevent users from routing custom logs documents to other integration data streams that have their own index settings, mappings, etc defined. Pushing custom logs documents into an integration's ingest pipeline could result in pipeline errors, for example.
We should potentially only be checking Fleet-managed (e.g.
managed_by: "fleet"
) data streams instead of any managed data stream matching the given index pattern.In cases where users ingest data outside of the context of Fleet, this check can result in false positives, e.g.
generic
datasetThe text was updated successfully, but these errors were encountered: