Skip to content

Commit

Permalink
Automatic merge from master to 5.x branch (#3210)
Browse files Browse the repository at this point in the history
* Rewrite elasticsearch connection URL (#3058)
* Fix metricbeat service times-out at startup (#3056)
* remove init collecting of processes
* add changelog entry

* Clarify that json.message_key is optional in Filebeat (#3055)

I reordered the options based on importance (I put the optional config setting at the end).

And I changed the wording to further clarify that the `json.message_key` setting is optional.

Fixes #2864

* Document add_cloud_metadata processor (#3054)

Fixes #2791

* Remove process.GetProcStatsEvents as not needed anymore (#3066)

* Fix testing for 2x releases (#3057)

* Update docker files to the last major with the most recent minor and bugfix version
* Renamed files to Dockerfile-2x to not have to be renamed every time a new bugfix is released
* Remove scripts and config files which are not needed anymore

To run testsuite for 2x releases, run: `TESTING_ENVIRONMENT=2x make testsuite`

* Remove old release notes files from packetbeat docs (#3067)

* Update go-ucfg (#3045)

- Update go-ucfg
- add support for parsing lists/dictionaries from environment variables and via
  `-E` flag

* Parse elasticsearch URL before logging it (#3075)

* Fix the total CPU time in the Docker dashboard (#3085) (#3086)

Part of #2629. The name of the field was changed, but not in the dashboard.
(cherry picked from commit e271d9f)

* Switch partition metricset from client to broker (#3029)

Update kafka broker query

- Switch paritition metricset from client to broker
- on connect try to find the broker id (address must match advertised host).
- check broker is leader before querying offsets
- query offsets for all replicas
- remove 'isr' from event, and replace with boolean flag `insync_replica`
- replace `replicas` from event with per event `replica`-id
- update sarama to get offset per replica id

* Make error fields optional in partition event (#3089)

* Update data.json

* Make it clear in the docs that publish_async is still experimental (#3096)

Remove example for publish_async from the docs

* Remove metadata prefix from config as not needed (#3095)

* Remove left over string in template test (#3102)

* Fix typo in Dockerfile comment (#3105)

* Document batch_read_size is experimental in Winlogbeat

* Add benchmark test for batch_read_size in Winlogbeat (#3107)

* Fix ES 2.x integration test (#3115)

There was a test that was loading a mock template, and this template
was assuming 5.x.

* Pass `--always-copy` to virtualenv (#3082)

virtualenv creates symlinks so `make setup` fails when ran on a network mounted
fs. `--always-copy` copies files to the destination dir rather than symlinking.

* Add project prefix for composer environment (#3116)

This prefix is need to run tests with different environments in parallel so one does not affect the other. Like this 2x and snapshot builds should be able to coexist

* Reduce allocations in UTF16 conversion (#3113)

When decoding a UTF16 string contained in a buffer larger than just the string, more space was allocated than required.

```
BenchmarkUTF16BytesToString/simple_string-4         	 2000000	       846 ns/op	     384 B/op	       3 allocs/op
BenchmarkUTF16BytesToString/larger_buffer-4         	 2000000	       874 ns/op	     384 B/op	       3 allocs/op
BenchmarkUTF16BytesToString_Original/simple_string-4         	 2000000	       840 ns/op	     384 B/op	       3 allocs/op
BenchmarkUTF16BytesToString_Original/larger_buffer-4         	 1000000	      3055 ns/op	    8720 B/op	       3 allocs/op
```

```
PS C:\Gopath\src\github.com\elastic\beats\winlogbeat> go test -v github.com/elastic/beats/winlogbeat/eventlog -run ^TestBenchmarkBatchReadSize$ -benchmem -benchtime 10s -benchtest
=== RUN   TestBenchmarkBatchReadSize
--- PASS: TestBenchmarkBatchReadSize (68.04s)
        bench_test.go:100: batch_size=10, total_events=20000, batch_time=5.682627ms, events_per_sec=1759.7494961397256, bytes_alloced_per_event=44 kB, total_allocs=4923840
        bench_test.go:100: batch_size=100, total_events=30000, batch_time=53.850879ms, events_per_sec=1856.9799018508127, bytes_alloced_per_event=44 kB, total_allocs=7354285
        bench_test.go:100: batch_size=500, total_events=25000, batch_time=271.118774ms, events_per_sec=1844.2101689350366, bytes_alloced_per_event=43 kB, total_allocs=6125665
        bench_test.go:100: batch_size=1000, total_events=30000, batch_time=558.03918ms, events_per_sec=1791.9888707455987, bytes_alloced_per_event=43 kB, total_allocs=7350324
PASS
ok      github.com/elastic/beats/winlogbeat/eventlog    68.095s

PS C:\Gopath\src\github.com\elastic\beats\winlogbeat> go test -v github.com/elastic/beats/winlogbeat/eventlog -run ^TestBenchmarkBatchReadSize$ -benchmem -benchtime 10s -benchtest
=== RUN   TestBenchmarkBatchReadSize
--- PASS: TestBenchmarkBatchReadSize (71.85s)
        bench_test.go:100: batch_size=10, total_events=30000, batch_time=5.713873ms, events_per_sec=1750.1264028794478, bytes_alloced_per_event=25 kB, total_allocs=7385820
        bench_test.go:100: batch_size=100, total_events=30000, batch_time=52.454484ms, events_per_sec=1906.4147118480853, bytes_alloced_per_event=24 kB, total_allocs=7354318
        bench_test.go:100: batch_size=500, total_events=25000, batch_time=260.56659ms, events_per_sec=1918.8952812407758, bytes_alloced_per_event=24 kB, total_allocs=6125688
        bench_test.go:100: batch_size=1000, total_events=30000, batch_time=530.468816ms, events_per_sec=1885.124949550286, bytes_alloced_per_event=24 kB, total_allocs=7350360
PASS
ok      github.com/elastic/beats/winlogbeat/eventlog    71.908s
```

* Fix for errno 1734 when calling EvtNext (#3112)

When reading a batch of large event log records the Windows function
EvtNext returns errno 1734 (0x6C6) which is RPC_S_INVALID_BOUND ("The
array bounds are invalid."). This seems to be a bug in Windows because
there is no documentation about this behavior.

This fix handles the error by resetting the event log subscription
handle (so events are not lost) and then retries the EvtNext call
with maxHandles/2.

Fixes #3076

* Fetch container stats in parallel (#3127)

Currently fetching container stats is very slow as each request takes up to 2 seconds. To improve the fetching time if lots of containers are around, this creates the rrequests in parallel. The main downside is that this opens lots of connections. This fix should only temporary until the bulk api is available: moby/moby#25361

* Fix heartbeat not accepting `mode` parameter (#3128)

* Remove fixed container names as not needed (#3122)

Add beat name to project namespace

* This makes sure different beats environment do not affect each other for example when Kafka is used
* It also allows to run the testsuites of all the beats in parallel

Introduce `stop-environment` command to stop all containers

* Add doc for decode_json_fields processor (#3110)

* Add doc for decode_json_fields processor
* Use changed param names
* Add example of decode_json_fields processor
* Fix intro language about processors

* Adding AmazonBeat to community beats (#3125)

I created a basic version of amazonbeat, which reads data from an amazon product periodically. This beat does not yet publish to elasticsearch.

* Reuse a byte buffer for holding XML (#3118)

Previously the data was read into a []byte encoded as UTF16. Then that
data was converted to []uint16 so that we can use utf16.Decode(). Then
the []rune slice was converted to a string which did another data copy.
The XML was unmarshalled from the string.

This PR changes the code to convert the UTF16 []byte directly to UTF8 and
puts the result into a reusable bytes.Buffer. The XML is then unmarshalled
directly from the data in buffer.

```
BenchmarkUTF16ToUTF8-4   	 2000000	      1044 ns/op        4 B/op      1 allocs/op
```

```
git checkout 6ba7700
PS > go test github.com/elastic/beats/winlogbeat/eventlog -run TestBenc -benchtest -benchtime 10s -v
=== RUN   TestBenchmarkBatchReadSize
--- PASS: TestBenchmarkBatchReadSize (67.89s)
        bench_test.go:100: batch_size=10, total_events=30000, batch_time=5.119626ms, events_per_sec=1953.2676801000696, bytes_alloced_per_event=44 kB, total_allocs=7385952
        bench_test.go:100: batch_size=100, total_events=30000, batch_time=51.366271ms, events_per_sec=1946.802795943665, bytes_alloced_per_event=44 kB, total_allocs=7354448
        bench_test.go:100: batch_size=500, total_events=25000, batch_time=250.974356ms, events_per_sec=1992.2354138842775, bytes_alloced_per_event=43 kB, total_allocs=6125812
        bench_test.go:100: batch_size=1000, total_events=30000, batch_time=514.796113ms, events_per_sec=1942.5166094834128, bytes_alloced_per_event=43 kB, total_allocs=7350550
PASS
ok      github.com/elastic/beats/winlogbeat/eventlog    67.950s

git checkout 833a806 (#3113)
PS > go test github.com/elastic/beats/winlogbeat/eventlog -run TestBenc -benchtest -benchtime 10s -v
=== RUN   TestBenchmarkBatchReadSize
--- PASS: TestBenchmarkBatchReadSize (65.69s)
        bench_test.go:100: batch_size=10, total_events=30000, batch_time=4.858277ms, events_per_sec=2058.3429063431336, bytes_alloced_per_event=25 kB, total_allocs=7385847
        bench_test.go:100: batch_size=100, total_events=30000, batch_time=51.612952ms, events_per_sec=1937.49816906423, bytes_alloced_per_event=24 kB, total_allocs=7354362
        bench_test.go:100: batch_size=500, total_events=25000, batch_time=241.713826ms, events_per_sec=2068.561853801445, bytes_alloced_per_event=24 kB, total_allocs=6125757
        bench_test.go:100: batch_size=1000, total_events=30000, batch_time=494.961643ms, events_per_sec=2020.3585755431961, bytes_alloced_per_event=24 kB, total_allocs=7350474
PASS
ok      github.com/elastic/beats/winlogbeat/eventlog    65.747s

This PR (#3118)
PS > go test github.com/elastic/beats/winlogbeat/eventlog -run TestBenc -benchtest -benchtime 10s -v
=== RUN   TestBenchmarkBatchReadSize
--- PASS: TestBenchmarkBatchReadSize (65.80s)
        bench_test.go:100: batch_size=10, total_events=30000, batch_time=4.925281ms, events_per_sec=2030.341009985014, bytes_alloced_per_event=14 kB, total_allocs=7295817
        bench_test.go:100: batch_size=100, total_events=30000, batch_time=48.976134ms, events_per_sec=2041.8108134055658, bytes_alloced_per_event=14 kB, total_allocs=7264329
        bench_test.go:100: batch_size=500, total_events=25000, batch_time=250.314316ms, events_per_sec=1997.4886294557757, bytes_alloced_per_event=14 kB, total_allocs=6050719
        bench_test.go:100: batch_size=1000, total_events=30000, batch_time=499.861923ms, events_per_sec=2000.5524605641945, bytes_alloced_per_event=14 kB, total_allocs=7260400
PASS
ok      github.com/elastic/beats/winlogbeat/eventlog    65.856s
```

* Fix make package for community beats (#3094)

gopkg.in needs to be copied from the vendor directory of libbeat in the vendor directory

* Auto generate modules list (#3131)

This is to ensure no modules are forgotten in the future

* Remove duplicated enabled entry from redis config (#3132)

* Remove --always-copy from virtualenv and make it a param (#3136)

In #3082 `--always-copy` was introduced. This caused issue on build on some operating systems. This PR reverts the change but makes `VIRTUALENV_PARAMS` a variable which can be passed to the Makefile. This allows anyone to set `--always-copy` if needed.

* Adjust script to generate fields of type geo_point (#3147)

* Fix for broken dashboard dependency in Cassandra Dashboard (#3146)

The Cassandra Dashboard was linking to the wrong Cassandra visualisation. Some left over with : in the names were still inside

Closes #3140

* Fix quotes (#3142)

* Fix a print statement to be python 3 compliant (#3144)

* Remove -prerelease from the repo names (#3153)

* Add mongobeat to list of community beats (#3156)

Mongobeat discovers instances in a mongo cluster and can be configured to ship multiple document types - from the commands db.stats() and db.serverStatus()

* Update to most recent latest builds (#3161)

* Merge snapshot and latest build for Logstash into 1 docker file

* Pass certificate options to import dashboards script (#3139)

* Pass certificate options to import dashboards script

-cert for client certificate
-key for client certificate key
-cacert for certificate authority

* Add -insecure flag to import_dashboards (#3163)

* Improve speed and stability of CI builds (#3162)

Loading and creating docker images takes quite a bit of time on the travis builds. Especially calls like apt-get update and install take lots of time and bandwidth and fail from time to time, as a host is not available.

Following actions were taken:

* Fake Kibana container is now based on alpine
* Redis stunnel container was also switched to alpine

* Add enabled config for prospectors (#3157)

The enabled config allows easily to enable and disable a specific prospector. This is consistent with metricbeat where each modules has an enabled config. By default enabled is set to true.

* Prototype Filebeat modules implementation (#3158)

Contains the Nginx module, including the fields.yml and several
pipelines.

* Add edits for docker module docs (#3176)

* Restructure and edit processors content (#3160)

* Cleaned up Changelog in master (#3181)

Added the 5.1.0 and 5.1.1 sections, removed duplicates.

* metricbeat: enhance kafka broker matching (#3129)

- compare broker names to hostname
- try to lookup metricbeat host machine fqdn and compare to broker name
- compare all ips of local machine with resolved broker name ips

* Filebeat MySQL module (#3171)

* Contains slowlog and errors filesets
* Test files for two mysql versions (5.5 and 5.7)
* Add support for built-in variables (e.g. `builtin.hostname`)
* Contains a sample Kibana dashboard

Part of #3159.

* Fix #3167 change ownership of files in build/ (#3168)

Add a new Makefile rule: fix-permissions

fix-permissions runs a docker container that changes the ownership
of all files from root to the user that runs the Makefile

* Updating documentation to add udplogbeat (#3190)

* Packer customize package info (#3188)

* packer: Enable overriding of vendor and license
* packer: customize URL of documentation link
* packer: location of readme.md.j2 folder can be specified with PACKER_TEMPLATES_DIR

* Filebeat syslog module (#3191)

* Basic parsing of syslog fields
* Supports multiline messages if the lines after the first one start
  with a space.
* Contains a simple Kibana dashboard

* Deprecate filters option in metrictbeat (#3173)

* Add support for multiple paths per fileset (#3195)

We generally need more than one path per OS, because the logs location
is not always the same. For example, depending on the linux distribution
and how you installed it, MySQL can have it's error logs in a number of
default "paths". The solution is to configure them all, which means that
Filebeat might try to access unexisting folders.

This also improves the python prototype to accept multiple modules and
to accept namespaced parameters. E.g.:

./filebeat.py --modules=nginx,syslog -M nginx.access.paths=...

* case insensitive hostname comparison in kafka broker matching (#3193)

- re-use common.LocalIPAddrs in partition module for resolving IPs
- add missing net.IPAddr type switch to common.LocalIPAddrs
- update matching to extract addresses early on using strings.ToLower
  => ensure case insensitive matching by lowercasing

* Adds a couchbase module for metricbeat (#3081)

* Export cpu cores (#3192)

* Fix: Request headers with split_cookies enabled (#3065)

* Add 3140 to changelog (#3207) (#3208)

(cherry picked from commit 0f4103f)
  • Loading branch information
tsg authored and monicasarbu committed Dec 19, 2016
1 parent ea238ea commit 01b945b
Show file tree
Hide file tree
Showing 246 changed files with 13,725 additions and 1,193 deletions.
112 changes: 86 additions & 26 deletions CHANGELOG.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -8,36 +8,31 @@
// Template, add newest changes here

=== Beats version HEAD
https://github.com/elastic/beats/compare/v5.0.1...master[Check the HEAD diff]
https://github.com/elastic/beats/compare/v5.1.1...master[Check the HEAD diff]

==== Breaking changes

*Affecting all Beats*

*Metricbeat*
- Change data structure of experimental haproxy module. {pull}3003[3003]

*Packetbeat*

*Topbeat*

*Filebeat*
- If a file is falling under ignore_older during startup, offset is now set to end of file instead of 0.
With the previous logic the whole file was sent in case a line was added and it was inconsitent with
files which were harvested previously. {pull}2907[2907]
- tail_files is now only applied on the first scan and not for all new files. {pull}2932[2932]

*Winlogbeat*


==== Bugfixes

*Affecting all Beats*
- Fix empty benign errors logged by processor actions. {pull}3046[3046]

*Metricbeat*

- Calculate the fsstat values per mounting point, and not filesystem. {pull}2777[2777]
- Fix service times-out at startup. {pull}3056[3056]
- Kafka module case sensitive host name matching. {pull}3193[3193]

*Packetbeat*

Expand All @@ -47,40 +42,31 @@ https://github.com/elastic/beats/compare/v5.0.1...master[Check the HEAD diff]
- Fix registry cleanup issue when files falling under ignore_older after restart. {issue}2818[2818]

*Winlogbeat*
- Fix for "The array bounds are invalid" error when reading large events. {issue}3076[3076]

==== Added

*Affecting all Beats*
- Add add_cloud_metadata processor for collecting cloud provider metadata. {pull}2728[2728]
- Added decode_json_fields processor for decoding fields containing JSON strings. {pull}2605[2605]
- Add support for passing list and dictionary settings via -E flag.
- Support for parsing list and dictionary setting from environment variables.
- Added new flags to import_dashboards (-cacert, -cert, -key, -insecure). {pull}3139[3139] {pull}3163[3163]

*Metricbeat*
- Kafka module broker matching enhancements. {pull}3129[3129]
- Add a couchbase module with metricsets for node, cluster and bucker. {pull}3081[3081]
- Export number of cores for cpu module. {pull}3192[3192]

- Add experimental filebeat metricset in the beats module. {pull}2297[2297]
- Add experimental libbeat metricset in the beats module. {pull}2339[2339]
- Add experimental docker module. Provided by Ingensi and @douaejeouit based on dockbeat.
- Add username and password config options to the MongoDB module. {pull}2889[2889]
- Add username and password config options to the PostgreSQL module. {pull}2889[2890]
- Add system core metricset for Windows. {pull}2883[2883]
- Add a sample Redis Kibana dashboard. {pull}2916[2916]
- Add support for MongoDB 3.4 and WiredTiger metrics. {pull}2999[2999]
- Add experimental kafka module with partition metricset. {pull}2969[2969]
- Add raw config option for mysql/status metricset. {pull}3001[3001]

*Packetbeat*

*Topbeat*

*Filebeat*
- Add command line option -once to run filebeat only once and then close. {pull}2456[2456]
- Only load matching states into prospector to improve state handling {pull}2840[2840]
- Reset all states ttl on startup to make sure it is overwritten by new config {pull}2840[2840]
- Persist all states for files which fall under ignore_older to have consistent behaviour {pull}2859[2859]
- Improve shutdown behaviour with large number of files. {pull}3035[3035]
- Add enabled config option to prospectors. {pull}3157[3157]

*Winlogbeat*

- Add `event_logs.batch_read_size` configuration option. {pull}2641[2641]
- Reduced amount of memory allocated while reading event log records. {pull}3113[3113] {pull}3118[3113]

==== Deprecated

Expand All @@ -91,13 +77,87 @@ https://github.com/elastic/beats/compare/v5.0.1...master[Check the HEAD diff]
*Packetbeat*

*Topbeat*
- Fix error on importing dashboards due to colons in the Caassandra dashboard. {issue}3140[3140]

*Filebeat*

*Winlogbeat*

////////////////////////////////////////////////////////////
[[release-notes-5.1.1]]
=== Beats version 5.1.1
https://github.com/elastic/beats/compare/v5.0.2...v5.1.1[View commits]
==== Breaking changes
*Metricbeat*
- Change data structure of experimental haproxy module. {pull}3003[3003]
*Filebeat*
- If a file is falling under `ignore_older` during startup, offset is now set to end of file instead of 0.
With the previous logic the whole file was sent in case a line was added and it was inconsistent with
files which were harvested previously. {pull}2907[2907]
- `tail_files` is now only applied on the first scan and not for all new files. {pull}2932[2932]
==== Bugfixes
*Affecting all Beats*
- Fix empty benign errors logged by processor actions. {pull}3046[3046]
*Metricbeat*
- Calculate the fsstat values per mounting point, and not filesystem. {pull}2777[2777]
==== Added
*Affecting all Beats*
- Add add_cloud_metadata processor for collecting cloud provider metadata. {pull}2728[2728]
- Added decode_json_fields processor for decoding fields containing JSON strings. {pull}2605[2605]
*Metricbeat*
- Add experimental Docker module. Provided by Ingensi and @douaejeouit based on dockbeat.
- Add a sample Redis Kibana dashboard. {pull}2916[2916]
- Add support for MongoDB 3.4 and WiredTiger metrics. {pull}2999[2999]
- Add experimental kafka module with partition metricset. {pull}2969[2969]
- Add raw config option for mysql/status metricset. {pull}3001[3001]
*Filebeat*
- Add command line option `-once` to run Filebeat only once and then close. {pull}2456[2456]
- Only load matching states into prospector to improve state handling {pull}2840[2840]
- Reset all states ttl on startup to make sure it is overwritten by new config {pull}2840[2840]
- Persist all states for files which fall under `ignore_older` to have consistent behaviour {pull}2859[2859]
- Improve shutdown behaviour with large number of files. {pull}3035[3035]
*Winlogbeat*
- Add `event_logs.batch_read_size` configuration option. {pull}2641[2641]
[[release-notes-5.1.0]]
=== Beats version 5.1.0 (skipped)
Version 5.1.0 doesn't exist because, for a short period of time, the Elastic
Yum and Apt repositories included unreleased binaries labeled 5.1.0. To avoid
confusion and upgrade issues for the people that have installed these without
realizing, we decided to skip the 5.1.0 version and release 5.1.1 instead.
[[release-notes-5.0.2]]
=== Beats version 5.0.2
https://github.com/elastic/beats/compare/v5.0.1...v5.0.2[View commits]
==== Bugfixes
*Metricbeat*
- Fix the `password` option in the MongoDB module. {pull}2995[2995]
[[release-notes-5.0.1]]
=== Beats version 5.0.1
https://github.com/elastic/beats/compare/v5.0.0...v5.0.1[View commits]
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -11,5 +11,5 @@ COPY libbeat/scripts/docker-entrypoint.sh /entrypoint.sh
RUN mkdir -p /etc/pki/tls/certs
COPY testing/environments/docker/logstash/pki/tls/certs/logstash.crt /etc/pki/tls/certs/logstash.crt

# Create a copy of the respository inside the container.
# Create a copy of the repository inside the container.
COPY . /go/src/github.com/elastic/beats/
4 changes: 4 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ BUILD_DIR=build
COVERAGE_DIR=${BUILD_DIR}/coverage
BEATS=packetbeat filebeat winlogbeat metricbeat heartbeat
PROJECTS=libbeat ${BEATS}
PROJECTS_ENV=libbeat metricbeat
SNAPSHOT?=yes

# Runs complete testsuites (unit, system, integration) for all beats with coverage and race detection.
Expand All @@ -12,6 +13,9 @@ testsuite:
$(foreach var,$(PROJECTS),$(MAKE) -C $(var) testsuite || exit 1;)
#$(MAKE) -C generate test

stop-environments:
$(foreach var,$(PROJECTS_ENV),$(MAKE) -C $(var) stop-environment || exit 0;)

# Runs unit and system tests without coverage and race detection.
.PHONY: test
test:
Expand Down
4 changes: 2 additions & 2 deletions dev-tools/packer/platforms/centos/run.sh.j2
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,8 @@ RPM_VERSION=`echo ${VERSION} | sed 's/-/_/g'`
fpm --force -s dir -t rpm \
-n {{.beat_name}} -v ${RPM_VERSION} \
--architecture {{.rpm_arch}} \
--vendor "Elastic" \
--license "ASL 2.0" \
--vendor "{{.beat_vendor}}" \
--license "{{.beat_license}}" \
--description "{{.beat_description}}" \
--url {{.beat_url}} \
--rpm-init /tmp/{{.beat_name}}.init \
Expand Down
2 changes: 1 addition & 1 deletion dev-tools/packer/platforms/centos/systemd.j2
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[Unit]
Description={{.beat_name}}
Documentation=https://www.elastic.co/guide/en/beats/{{.beat_name}}/current/index.html
Documentation={{.beat_doc_url}}
Wants=network-online.target
After=network-online.target

Expand Down
4 changes: 2 additions & 2 deletions dev-tools/packer/platforms/debian/run.sh.j2
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,8 @@ fi
# create deb
fpm --force -s dir -t deb \
-n {{.beat_name}} -v ${VERSION} \
--vendor "Elastic" \
--license "ASL 2.0" \
--vendor "{{.beat_vendor}}" \
--license "{{.beat_license}}" \
--architecture {{.deb_arch}} \
--description "{{.beat_description}}" \
--url {{.beat_url}} \
Expand Down
2 changes: 1 addition & 1 deletion dev-tools/packer/platforms/debian/systemd.j2
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[Unit]
Description={{.beat_name}}
Documentation=https://www.elastic.co/guide/en/beats/{{.beat_name}}/current/index.html
Documentation={{.beat_doc_url}}
Wants=network-online.target
After=network-online.target

Expand Down
5 changes: 3 additions & 2 deletions dev-tools/packer/xgo-scripts/before_build.sh
Original file line number Diff line number Diff line change
Expand Up @@ -46,14 +46,15 @@ fi
# with git 1.7
git clone https://github.com/tsg/gotpl.git /go/src/github.com/tsg/gotpl
mkdir -p /go/src/gopkg.in/yaml.v2
cp -r /go/src/github.com/elastic/beats/vendor/gopkg.in/yaml.v2 /go/src/gopkg.in/

cp -r $LIBBEAT_PATH/../vendor/gopkg.in/yaml.v2 /go/src/gopkg.in/
go install github.com/tsg/gotpl

# Append doc versions to package.yml
cat ${LIBBEAT_PATH}/docs/version.asciidoc >> ${PREFIX}/package.yml
# Make variable naming of doc-branch compatible with gotpl. Generate and copy README.md into homedir
sed -i -e 's/:doc-branch/doc_branch/g' ${PREFIX}/package.yml
/go/bin/gotpl ${LIBBEAT_PATH}/../dev-tools/packer/readme.md.j2 < ${PREFIX}/package.yml > ${PREFIX}/homedir/README.md
/go/bin/gotpl /templates/readme.md.j2 < ${PREFIX}/package.yml > ${PREFIX}/homedir/README.md

# Copy template
cp $BEATNAME.template.json $PREFIX/$BEATNAME.template.json
Expand Down
12 changes: 10 additions & 2 deletions filebeat/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,14 @@ include ../libbeat/scripts/Makefile
.PHONY: before-build
before-build:

# Collects all dependencies and then calls update
# Collects all module and dataset fields
.PHONY: fields
fields:
mkdir -p _meta/
cat ${ES_BEATS}/filebeat/_meta/fields.common.yml > _meta/fields.generated.yml
. ${PYTHON_ENV}/bin/activate; python ${ES_BEATS}/metricbeat/scripts/fields_collector.py >> _meta/fields.generated.yml


# Runs all collection steps and updates afterwards
.PHONY: collect
collect:
collect: fields update
3 changes: 3 additions & 0 deletions filebeat/_meta/beat.full.yml
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,9 @@ filebeat.prospectors:
# Note: Potential data loss. Make sure to read and understand the docs for this option.
#close_timeout: 0

# Defines if prospectors is enabled
#enabled: true

#----------------------------- Stdin prospector -------------------------------
# Configuration to use stdin input
#- input_type: stdin
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,3 +33,8 @@
description: >
The input type from which the event was generated. This field is set to the value specified for the `input_type` option in the prospector section of the Filebeat config file.
- name: error
description: >
Ingestion pipeline error message, added in case there are errors reported by
the Ingest Node in Elasticsearch.
13 changes: 13 additions & 0 deletions filebeat/_meta/kibana/dashboard/Filebeat-MySQL-Dashboard.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{
"hits": 0,
"timeRestore": false,
"description": "",
"title": "Filebeat MySQL Dashboard",
"uiStateJSON": "{\"P-1\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}}",
"panelsJSON": "[{\"col\":1,\"id\":\"MySQL-slowest-queries\",\"panelIndex\":1,\"row\":8,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"MySQL-Slow-queries-over-time\",\"panelIndex\":2,\"row\":1,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\"},{\"col\":7,\"id\":\"MySQL-error-logs\",\"panelIndex\":3,\"row\":1,\"size_x\":6,\"size_y\":3,\"type\":\"visualization\"},{\"col\":7,\"columns\":[\"mysql.error.level\",\"mysql.error.message\"],\"id\":\"Filebeat-MySQL-error-log\",\"panelIndex\":4,\"row\":8,\"size_x\":6,\"size_y\":5,\"sort\":[\"@timestamp\",\"desc\"],\"type\":\"search\"},{\"col\":7,\"id\":\"MySQL-Error-logs-levels\",\"panelIndex\":5,\"row\":4,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"MySQL-Slow-logs-by-count\",\"panelIndex\":6,\"row\":4,\"size_x\":6,\"size_y\":4,\"type\":\"visualization\"}]",
"optionsJSON": "{\"darkTheme\":false}",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}"
}
}
13 changes: 13 additions & 0 deletions filebeat/_meta/kibana/dashboard/Filebeat-Nginx-Dashboard.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{
"hits": 0,
"timeRestore": false,
"description": "",
"title": "Filebeat Nginx Dashboard",
"uiStateJSON": "{\"P-4\":{\"vis\":{\"legendOpen\":true}},\"P-8\":{\"mapCenter\":[50.51342652633956,-0.17578125]}}",
"panelsJSON": "[{\"col\":9,\"id\":\"Errors-over-time\",\"panelIndex\":2,\"row\":4,\"size_x\":4,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Nginx-Access-Browsers\",\"panelIndex\":3,\"row\":10,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\"},{\"col\":5,\"id\":\"Nginx-Access-OSes\",\"panelIndex\":4,\"row\":10,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\"},{\"col\":1,\"id\":\"New-Visualization\",\"panelIndex\":5,\"row\":4,\"size_x\":8,\"size_y\":3,\"type\":\"visualization\"},{\"col\":1,\"id\":\"Nginx-Access-Response-codes-by-top-URLs\",\"panelIndex\":6,\"row\":7,\"size_x\":12,\"size_y\":3,\"type\":\"visualization\"},{\"col\":9,\"id\":\"Sent-sizes\",\"panelIndex\":7,\"row\":10,\"size_x\":4,\"size_y\":4,\"type\":\"visualization\"},{\"id\":\"Nginx-Access-Map\",\"type\":\"visualization\",\"panelIndex\":8,\"size_x\":12,\"size_y\":3,\"col\":1,\"row\":1}]",
"optionsJSON": "{\"darkTheme\":false}",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"*\"}}}]}"
}
}
13 changes: 13 additions & 0 deletions filebeat/_meta/kibana/dashboard/Filebeat-syslog-dashboard.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
{
"hits": 0,
"timeRestore": false,
"description": "",
"title": "Filebeat syslog dashboard",
"uiStateJSON": "{}",
"panelsJSON": "[{\"id\":\"Syslog-events-by-hostname\",\"type\":\"visualization\",\"panelIndex\":1,\"size_x\":8,\"size_y\":4,\"col\":1,\"row\":1},{\"id\":\"Syslog-hostnames-and-processes\",\"type\":\"visualization\",\"panelIndex\":2,\"size_x\":4,\"size_y\":4,\"col\":9,\"row\":1},{\"id\":\"Syslog-system-logs\",\"type\":\"search\",\"panelIndex\":3,\"size_x\":12,\"size_y\":7,\"col\":1,\"row\":5,\"columns\":[\"syslog.system.hostname\",\"syslog.system.program\",\"syslog.system.message\"],\"sort\":[\"@timestamp\",\"desc\"]}]",
"optionsJSON": "{\"darkTheme\":false}",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"filter\":[{\"query\":{\"query_string\":{\"query\":\"*\",\"analyze_wildcard\":true}}}]}"
}
}
16 changes: 16 additions & 0 deletions filebeat/_meta/kibana/search/Filebeat-MySQL-Slow-log.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"sort": [
"@timestamp",
"desc"
],
"hits": 0,
"description": "",
"title": "Filebeat MySQL Slow log",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"filebeat-*\",\"query\":{\"query_string\":{\"analyze_wildcard\":true,\"query\":\"_exists_:mysql.slowlog\"}},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}"
},
"columns": [
"_source"
]
}
17 changes: 17 additions & 0 deletions filebeat/_meta/kibana/search/Filebeat-MySQL-error-log.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{
"sort": [
"@timestamp",
"desc"
],
"hits": 0,
"description": "",
"title": "Filebeat MySQL error log",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"filebeat-*\",\"query\":{\"query_string\":{\"query\":\"_exists_:mysql.error\",\"analyze_wildcard\":true}},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}"
},
"columns": [
"mysql.error.level",
"mysql.error.message"
]
}
16 changes: 16 additions & 0 deletions filebeat/_meta/kibana/search/Filebeat-Nginx-module.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"sort": [
"@timestamp",
"desc"
],
"hits": 0,
"description": "",
"title": "Filebeat Nginx module",
"version": 1,
"kibanaSavedObjectMeta": {
"searchSourceJSON": "{\"index\":\"filebeat-*\",\"query\":{\"query_string\":{\"query\":\"_exists_:nginx\",\"analyze_wildcard\":true}},\"filter\":[],\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fields\":{\"*\":{}},\"require_field_match\":false,\"fragment_size\":2147483647}}"
},
"columns": [
"_source"
]
}
Loading

0 comments on commit 01b945b

Please sign in to comment.