Consider: Agent runs in managed mode and the Kibana instance it is connecting to is configured with a custom certificate authority that is not globally trusted in order to connect to Elasticsearch.
IIUC the agent config that is shipped to the Agent from Kibana does not include that custom certificate authority setup and the certificate authority certs are also not shipped as assets to the agent. I believe the programs relying on the output configuration will in that case just fail to connect to Elasticsearch.
In order to make it work any referenced assets from the configuration would need to be shipped to the agent as well.
For example ECK uses custom certificate authorities for Elasticsearch and Kibana to run with a secure configuration by default if a user has not yet set up their own certificates.
Consider: Agent runs in managed mode and the Kibana instance it is connecting to is configured with a custom certificate authority that is not globally trusted in order to connect to Elasticsearch.
IIUC the agent config that is shipped to the Agent from Kibana does not include that custom certificate authority setup and the certificate authority certs are also not shipped as assets to the agent. I believe the programs relying on the output configuration will in that case just fail to connect to Elasticsearch.
In order to make it work any referenced assets from the configuration would need to be shipped to the agent as well.
For example ECK uses custom certificate authorities for Elasticsearch and Kibana to run with a secure configuration by default if a user has not yet set up their own certificates.