diff --git a/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts b/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts
index a84118cdf1bfa..9f02aa11f108f 100644
--- a/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts
+++ b/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.test.ts
@@ -371,7 +371,7 @@ describe('storedPackagePoliciesToAgentPermissions()', () => {
       'test-policy': {
         indices: [
           {
-            names: ['logs-osquery_manager.result-test'],
+            names: ['logs-osquery_manager.result-test*'],
             privileges: ['auto_configure', 'create_doc'],
           },
         ],
@@ -429,6 +429,20 @@ describe('getDataStreamPermissions()', () => {
     });
   });
 
+  it('Appends a wildcard suffix when specified', () => {
+    const dataStream = {
+      type: 'logs',
+      dataset: 'test',
+      hidden: true,
+    } as RegistryDataStream;
+    const permissions = getDataStreamPermissions(dataStream, 'namespace', true);
+
+    expect(permissions).toMatchObject({
+      names: ['.logs-test-namespace*'],
+      privileges: ['auto_configure', 'create_doc'],
+    });
+  });
+
   it('uses custom permissions if they are present in the datastream', () => {
     const dataStream = {
       type: 'logs',
diff --git a/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.ts b/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.ts
index 07ad892adc653..7d314f1de1124 100644
--- a/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.ts
+++ b/x-pack/plugins/fleet/server/services/package_policies_to_agent_permissions.ts
@@ -57,6 +57,7 @@ export async function storedPackagePoliciesToAgentPermissions(
       }
 
       let dataStreamsForPermissions: DataStreamMeta[];
+      let wildcardSuffix = false;
 
       switch (pkg.name) {
         case 'endpoint':
@@ -78,6 +79,7 @@ export async function storedPackagePoliciesToAgentPermissions(
           //   `packagePolicy.inputs`, so we will use _all_ data_streams from
           //   the package.
           dataStreamsForPermissions = pkg.data_streams;
+          wildcardSuffix = true;
           break;
 
         default:
@@ -121,7 +123,7 @@ export async function storedPackagePoliciesToAgentPermissions(
         packagePolicy.name,
         {
           indices: dataStreamsForPermissions.map((ds) =>
-            getDataStreamPermissions(ds, packagePolicy.namespace)
+            getDataStreamPermissions(ds, packagePolicy.namespace, wildcardSuffix)
           ),
         },
       ];
@@ -139,7 +141,11 @@ interface DataStreamMeta {
   permissions?: RegistryDataStreamPermissions;
 }
 
-export function getDataStreamPermissions(dataStream: DataStreamMeta, namespace: string = '*') {
+export function getDataStreamPermissions(
+  dataStream: DataStreamMeta,
+  namespace: string = '*',
+  wildcardSuffix: boolean = false
+) {
   let index = `${dataStream.type}-${dataStream.dataset}`;
 
   if (dataStream.dataset_is_prefix) {
@@ -152,6 +158,11 @@ export function getDataStreamPermissions(dataStream: DataStreamMeta, namespace:
 
   index += `-${namespace}`;
 
+  // Some integrations append a date to the end of the index.
+  if (wildcardSuffix) {
+    index += '*';
+  }
+
   return {
     names: [index],
     privileges: dataStream.permissions?.indices || ['auto_configure', 'create_doc'],