APM input settingsedit

This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.

To edit the APM integration input settings, open Kibana and select: Integrations > Elastic APM > Add Elastic APM. Expand the carrot to view all settings.

A limited number of settings are currently supported.

Templates, pipelines, index lifecycle management, etc., cannot be configured with APM Server or Fleet, and must instead be configured with Kibana or Elasticsearch. Learn more.

General settingsedit


(string) Defines the host and port the server is listening on. Use unix:/path/to.sock to listen on a unix domain socket.

Default: localhost:8200


(string) Authorization token for sending APM data. The same token must also be set in each APM agent. This token is not used for RUM endpoints.

Default: No secret token set


(int) Maximum permitted size of an event accepted by the server to be processed (in Bytes).

Default: 307200 Bytes


(string) The default service environment for events without a defined service environment.


(bool) Capture personal data such as IP or User Agent. If true, APM Server captures the IP of the instrumented service and its User Agent if any.

Default: true

Anonymous authentication settingsedit


(bool) Enable or disable anonymous authentication.

Default: true (enabled)


(array) A list of permitted APM agent names for anonymous authentication. Names in this list must match the agent’s agent.name.

Default: [rum-js, js-base, iOS/swift] (only RUM and iOS/Swift agent events are accepted)


(array) A list of permitted service names for anonymous authentication. Names in this list must match the agent’s service.name. This can be used to limit the number of service-specific indices or data streams created.

Default: Not set (any service name is accepted)


(int) The maximum amount of events allowed to be sent to the APM Server anonymous auth endpoint per IP per second.

Default: 10


(int) The number of unique IP addresses to track in an LRU cache. IP addresses in the cache will be rate limited according to the anonymous_rate_limit_event_limit setting. Consider increasing this default if your application has many concurrent clients.

Default: 10000

Real User Monitoring (RUM) settingsedit


(bool) Enables and disables Real User Monitoring (RUM).

Default: false (disabled)


(string) A list of permitted origins for RUM support. User-agents send an Origin header that will be validated against this list. This is done automatically by modern browsers as part of the CORS specification. An origin is made of a protocol scheme, host and port, without the URL path.

Default: ["*"] (allows everything)


(string) By default, HTTP requests made from the RUM agent to the APM integration are limited in the HTTP headers they are allowed to have. If any other headers are added, the request will be rejected by the browser due to Cross-Origin Resource Sharing (CORS) restrictions. If you need to add extra headers to these requests, use this configuration to allow additional headers.

The default list of values includes "Content-Type", "Content-Encoding", and "Accept". Configured values are appended to the default list and used as the value for the Access-Control-Allow-Headers header.


(yaml) Custom HTTP headers to add to RUM responses. For example, for security policy compliance.

API key settingsedit


(bool) Enable or disable API key authorization between APM Server and APM agents.

Default: false (disabled)


(int) Each unique API key triggers one request to Elasticsearch. This setting restricts the number of unique API keys are allowed per minute. The minimum value for this setting should be the number of API keys configured in your monitored services.

Default: 100


(string) RUM API key for sourcemaps. Formatted as <Id>:<API Key>.


(string) API Key for APM central configuration feature. Formatted as <Id>:<API Key>.