[Docs] Correction needed for packetbeat publisher role

elastic / beats

:tropical_fish: Beats - Lightweight shippers for Elasticsearch & Logstash

https://www.elastic.co/products/beats

Other

109 stars 4.93k forks source link

Open laraMorenoIgle opened 5 months ago

laraMorenoIgle commented 5 months ago

Packetbeat introduced few pipelines in 8.13.0 https://github.com/elastic/beats/pull/37291/files, but doc about Packetbeat publisher role was not updated.

See 8.13.0 release notes
As a result, Packetbeat documentation explaining the needed privileges for the publisher role see, should include the read_pipeline privilege, however it is missing.
This is privilege for the publisher role is included in Packetbeat doc explaining how to create an api key.

elasticmachine commented 5 months ago

Pinging @elastic/sec-linux-platform (Team:Security-Linux Platform)

laraMorenoIgle commented 5 months ago

Referring to https://github.com/elastic/beats/issues/39981 where permissions topic is revisited for all beats in general

herrBez commented 5 months ago

Hi there, on the same note, I think we should retire this documentation page https://www.elastic.co/guide/en/beats/packetbeat/current/packetbeat-geoip.html, because it would prevent the standard packetbeat pipelines to be executed. WDYT?