Deprecate fleet.agent.logging.level attribute

[michel-laterman]

What is the problem this PR solves?

log level can be defined in two places in the config

How does this PR solve the problem?

Deprecate the fleet.agent.logging.level attribute and rely on the top level logging.* attributes instead. Add a unit test to make sure that command line overrides are respected.

How to test this PR locally

Download and run 8.13.0-SNAPSHOT

Set ELASTICSEARCH_CA_TRUSTED_FINGERPRINT and ELASTICSEARCH_SERVICE_TOKEN
Alter the default fleet-server.yml to remove

logging.level: "${LOG_LEVEL:DEBUG}"

Run the server with:

./bin/fleet-server -c fleet-server.yml -E logging.level=debug

See that the logs output debug level:

02:46:14.005 DBG Install signal handlers for SIGINT and SIGTERM ecs.version=1.6.0 service.name=fleet-server service.type=fleet-server

And that the policy reload message has debug logs set:

02:46:14.010 INF initial server configuration ecs.version=1.6.0
new={"Fleet":{"Agent":{"Logging":{"Level":""}...}}
"Logging":{"Level":"debug"...}...}
service.name=fleet-server service.type=fleet-server

When installing fleet-server under the elastic-agent we see the command used to invoke contains -E logging.level=debug:

{"log.level":"info","@timestamp":"2024-01-03T03:18:25.032Z","message":"Boot fleet-server","component":{"binary":"fleet-server","dataset":"elastic_agent.fleet_server","id":"fleet-
server-default","type":"fleet-server"},"log":{"source":"fleet-server-default"},"service.name":"fleet-server","service.type":"fleet-server","commit":"54e60efe","pid":24640,"ppid":
24514,"ecs.version":"1.6.0","version":"8.13.0-SNAPSHOT","exe":"/opt/Elastic/Agent/data/elastic-agent-938f0b/components/fleet-server","args":["--agent-mode","-E","logging.level=de
bug","-E","logging.to_stderr=true","-E","http.enabled=true","-E","http.host=unix:///opt/Elastic/Agent/data/tmp/UwGGXFL1il700DVAc6q-T-1Z9J1UjGMU.sock","-E","path.data=/opt/Elastic
/Agent/data/elastic-agent-938f0b/run/fleet-server-default"],"ecs.version":"1.6.0"}

However we do not see any debug logs from fleet-server inbetween fleet-server's startup and the initial policy load loop in fleet-server where the agent wold send a policy with the log level set to info; this is due to the agent filtering the debug levels.

Checklist

• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works
• I have added an entry in ./changelog/fragments using the changelog tool

Related issues

• Closes command line logging override is ignored #3126

[elastic-sonarqube]

Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarQube

[nchaulet]

@michel-laterman does fleet server will still support the log level be changed from the Fleet UI with an action with that change?

[michel-laterman]

Yes, I just tested. changing the log level to debug in the fleet UI will result in elastic-agent and the fleet-server outputting debug logs

[nchaulet]

🚀