Installing Elastic Agent on a remote server

I use Security Onion to monitor computers and install Elastic Agent when ever and where ever I can.

Self Signed Certificates

I use self signed certificates on my Security Onion setup. On the Manager node you’ll find the Certificate Authority’s Public Key in /etc/pki/ca.crt

Ubuntu 20.04, 22.04 and Raspbian

Copy a renamed version into /usr/local/share/ca-certificates and then run sudo update-ca-certificates

Then follow the Elastic Fleet installation instructions for amd64:

curl -L -O https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-8.10.4-linux-x86_64.tar.gz
tar xzvf elastic-agent-8.10.4-linux-x86_64.tar.gz
cd elastic-agent-8.10.4-linux-x86_64
sudo ./elastic-agent install --url=https://your_so_manager:port --enrollment-token=yourtoken

You’ll need a different version for ARM - aarch64 which can be downloaded from the Elastic web site.