diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index 146c9534cac..ad59347f35e 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -274,6 +274,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d - Improve ECS categorization field mappings for nginx module. {issue}16174[16174] {pull}17844[17844] - Improve ECS categorization field mappings in postgresql module. {issue}16177[16177] {pull}17914[17914] - Improve ECS categorization field mappings in rabbitmq module. {issue}16178[16178] {pull}17916[17916] +- Improve ECS categorization field mappings in redis module. {issue}16179[16179] {pull}17918[17918] *Heartbeat* diff --git a/filebeat/module/redis/log/ingest/pipeline.json b/filebeat/module/redis/log/ingest/pipeline.json deleted file mode 100644 index c9ec2d3371b..00000000000 --- a/filebeat/module/redis/log/ingest/pipeline.json +++ /dev/null @@ -1,85 +0,0 @@ -{ - "description": "Pipeline for parsing redis logs", - "processors": [ - { - "grok": { - "field": "message", - "patterns": [ - "(%{POSINT:process.pid:long}:%{CHAR:redis.log.role} )?(%{REDISTIMESTAMP1:redis.log.timestamp}||%{REDISTIMESTAMP2:redis.log.timestamp}) %{REDISLEVEL:log.level} %{GREEDYDATA:message}", - "%{POSINT:process.pid:long}:signal-handler \\(%{POSINT:redis.log.timestamp}\\) %{GREEDYDATA:message}" - ], - "pattern_definitions": { - "CHAR": "[a-zA-Z]", - "REDISLEVEL": "[.\\-*#]", - "REDISTIMESTAMP1": "%{MONTHDAY} %{MONTH} %{TIME}", - "REDISTIMESTAMP2": "%{MONTHDAY} %{MONTH} %{YEAR} %{TIME}" - } - } - }, - { - "script": { - "lang": "painless", - "source": "if (ctx.log.level == params.dot) {\n ctx.log.level = params.debug;\n } else if (ctx.log.level == params.dash) {\n ctx.log.level = params.verbose;\n } else if (ctx.log.level == params.asterisk) {\n ctx.log.level = params.notice;\n } else if (ctx.log.level == params.hash) {\n ctx.log.level = params.warning;\n }", - "params": { - "dot": ".", - "debug": "debug", - "dash": "-", - "verbose": "verbose", - "asterisk": "*", - "notice": "notice", - "hash": "#", - "warning": "warning" - } - } - }, - { - "script": { - "lang": "painless", - "source": "if (ctx.redis.log.role == params.master_abbrev) {\n ctx.redis.log.role = params.master;\n } else if (ctx.redis.log.role == params.slave_abbrev) {\n ctx.redis.log.role = params.slave;\n } else if (ctx.redis.log.role == params.child_abbrev) {\n ctx.redis.log.role = params.child;\n } else if (ctx.redis.log.role == params.sentinel_abbrev) {\n ctx.redis.log.role = params.sentinel;\n }\n ", - "params": { - "master_abbrev": "M", - "master": "master", - "slave_abbrev": "S", - "slave": "slave", - "child_abbrev": "C", - "child": "child", - "sentinel_abbrev": "X", - "sentinel": "sentinel" - } - } - }, - { - "rename": { - "field": "@timestamp", - "target_field": "event.created" - } - }, - { - "date": { - "field": "redis.log.timestamp", - "target_field": "@timestamp", - "formats": [ - "dd MMM yyyy H:m:s.SSS", - "dd MMM H:m:s.SSS", - "dd MMM H:m:s", - "UNIX" - ], - "ignore_failure": true - } - }, - { - "remove": { - "field": "redis.log.timestamp", - "ignore_failure": true - } - } - ], - "on_failure": [ - { - "set": { - "field": "error.message", - "value": "{{ _ingest.on_failure_message }}" - } - } - ] -} diff --git a/filebeat/module/redis/log/ingest/pipeline.yml b/filebeat/module/redis/log/ingest/pipeline.yml new file mode 100644 index 00000000000..d1c08cab378 --- /dev/null +++ b/filebeat/module/redis/log/ingest/pipeline.yml @@ -0,0 +1,84 @@ +description: Pipeline for parsing redis logs +processors: +- grok: + field: message + patterns: + - (%{POSINT:process.pid:long}:%{CHAR:redis.log.role} )?(%{REDISTIMESTAMP1:redis.log.timestamp}||%{REDISTIMESTAMP2:redis.log.timestamp}) + %{REDISLEVEL:log.level} %{GREEDYDATA:message} + - '%{POSINT:process.pid:long}:signal-handler \(%{POSINT:redis.log.timestamp}\) + %{GREEDYDATA:message}' + pattern_definitions: + CHAR: '[a-zA-Z]' + REDISLEVEL: '[.\-*#]' + REDISTIMESTAMP1: '%{MONTHDAY} %{MONTH} %{TIME}' + REDISTIMESTAMP2: '%{MONTHDAY} %{MONTH} %{YEAR} %{TIME}' +- script: + lang: painless + source: >- + if (ctx.log.level == params.dot) { + ctx.log.level = params.debug; + } else if (ctx.log.level == params.dash) { + ctx.log.level = params.verbose; + } else if (ctx.log.level == params.asterisk) { + ctx.log.level = params.notice; + } else if (ctx.log.level == params.hash) { + ctx.log.level = params.warning; + } + params: + dot: . + debug: debug + dash: '-' + verbose: verbose + asterisk: '*' + notice: notice + hash: '#' + warning: warning +- script: + lang: painless + source: >- + if (ctx.redis.log.role == params.master_abbrev) { + ctx.redis.log.role = params.master; + } else if (ctx.redis.log.role == params.slave_abbrev) { + ctx.redis.log.role = params.slave; + } else if (ctx.redis.log.role == params.child_abbrev) { + ctx.redis.log.role = params.child; + } else if (ctx.redis.log.role == params.sentinel_abbrev) { + ctx.redis.log.role = params.sentinel; + } + params: + master_abbrev: M + master: master + slave_abbrev: S + slave: slave + child_abbrev: C + child: child + sentinel_abbrev: X + sentinel: sentinel +- rename: + field: '@timestamp' + target_field: event.created +- date: + field: redis.log.timestamp + target_field: '@timestamp' + formats: + - dd MMM yyyy H:m:s.SSS + - dd MMM H:m:s.SSS + - dd MMM H:m:s + - UNIX + ignore_failure: true +- remove: + field: redis.log.timestamp + ignore_failure: true +- set: + field: event.kind + value: event +- append: + field: event.category + value: database +- append: + field: event.type + value: info +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/filebeat/module/redis/log/manifest.yml b/filebeat/module/redis/log/manifest.yml index 3c63a894c28..728e098d4c2 100644 --- a/filebeat/module/redis/log/manifest.yml +++ b/filebeat/module/redis/log/manifest.yml @@ -10,5 +10,5 @@ var: os.windows: - "c:/program files/Redis/logs/redis.log*" -ingest_pipeline: ingest/pipeline.json +ingest_pipeline: ingest/pipeline.yml input: config/log.yml diff --git a/filebeat/module/redis/log/test/redis-5.0.3.log-expected.json b/filebeat/module/redis/log/test/redis-5.0.3.log-expected.json index 71d76c30a96..d3efc715fe3 100644 --- a/filebeat/module/redis/log/test/redis-5.0.3.log-expected.json +++ b/filebeat/module/redis/log/test/redis-5.0.3.log-expected.json @@ -1,7 +1,14 @@ [ { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", diff --git a/filebeat/module/redis/log/test/redis-darwin-3.0.2.log-expected.json b/filebeat/module/redis/log/test/redis-darwin-3.0.2.log-expected.json index ff533b577ac..365ced2400b 100644 --- a/filebeat/module/redis/log/test/redis-darwin-3.0.2.log-expected.json +++ b/filebeat/module/redis/log/test/redis-darwin-3.0.2.log-expected.json @@ -1,7 +1,14 @@ [ { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -12,8 +19,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "warning", @@ -24,8 +38,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -36,8 +57,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -48,8 +76,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.offset": 1478, @@ -58,8 +93,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "warning", @@ -70,8 +112,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -82,8 +131,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -94,8 +150,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "warning", @@ -106,8 +169,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -118,8 +188,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "warning", @@ -130,8 +207,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -142,8 +226,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -154,8 +245,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.offset": 3273, @@ -164,8 +262,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "warning", @@ -176,8 +281,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -188,8 +300,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -200,8 +319,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "warning", diff --git a/filebeat/module/redis/log/test/redis-debian-1.2.6.log-expected.json b/filebeat/module/redis/log/test/redis-debian-1.2.6.log-expected.json index ff13e461ef4..a8f9d71736e 100644 --- a/filebeat/module/redis/log/test/redis-debian-1.2.6.log-expected.json +++ b/filebeat/module/redis/log/test/redis-debian-1.2.6.log-expected.json @@ -1,7 +1,14 @@ [ { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -10,8 +17,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -20,8 +34,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -30,8 +51,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -40,8 +68,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -50,8 +85,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -60,8 +102,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -70,8 +119,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -80,8 +136,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -90,8 +153,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -100,8 +170,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -110,8 +187,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -120,8 +204,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -130,8 +221,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -140,8 +238,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -150,8 +255,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -160,8 +272,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -170,8 +289,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -180,8 +306,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -190,8 +323,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -200,8 +340,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -210,8 +357,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -220,8 +374,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -230,8 +391,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -240,8 +408,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -250,8 +425,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -260,8 +442,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -270,8 +459,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -280,8 +476,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -290,8 +493,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -300,8 +510,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -310,8 +527,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -320,8 +544,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -330,8 +561,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -340,8 +578,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -350,8 +595,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -360,8 +612,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -370,8 +629,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -380,8 +646,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -390,8 +663,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -400,8 +680,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -410,8 +697,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -420,8 +714,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -430,8 +731,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -440,8 +748,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -450,8 +765,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -460,8 +782,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -470,8 +799,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -480,8 +816,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -490,8 +833,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -500,8 +850,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -510,8 +867,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -520,8 +884,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -530,8 +901,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -540,8 +918,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -550,8 +935,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -560,8 +952,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -570,8 +969,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -580,8 +986,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -590,8 +1003,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -600,8 +1020,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -610,8 +1037,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -620,8 +1054,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -630,8 +1071,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -640,8 +1088,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -650,8 +1105,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -660,8 +1122,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -670,8 +1139,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -680,8 +1156,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -690,8 +1173,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -700,8 +1190,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -710,8 +1207,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -720,8 +1224,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -730,8 +1241,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -740,8 +1258,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -750,8 +1275,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -760,8 +1292,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -770,8 +1309,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -780,8 +1326,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -790,8 +1343,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -800,8 +1360,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -810,8 +1377,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -820,8 +1394,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -830,8 +1411,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -840,8 +1428,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -850,8 +1445,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -860,8 +1462,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -870,8 +1479,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -880,8 +1496,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -890,8 +1513,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -900,8 +1530,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -910,8 +1547,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -920,8 +1564,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -930,8 +1581,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -940,8 +1598,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -950,8 +1615,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -960,8 +1632,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -970,8 +1649,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -980,8 +1666,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -990,8 +1683,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", diff --git a/filebeat/module/redis/log/test/redis-windows-2.4.6.log-expected.json b/filebeat/module/redis/log/test/redis-windows-2.4.6.log-expected.json index 4fb3b4e92b0..dbafda2b3df 100644 --- a/filebeat/module/redis/log/test/redis-windows-2.4.6.log-expected.json +++ b/filebeat/module/redis/log/test/redis-windows-2.4.6.log-expected.json @@ -1,7 +1,14 @@ [ { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -10,8 +17,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "warning", @@ -20,8 +34,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -30,8 +51,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -40,8 +68,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -50,8 +85,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -60,8 +102,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -70,8 +119,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -80,8 +136,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -90,8 +153,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -100,8 +170,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -110,8 +187,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -120,8 +204,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -130,8 +221,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -140,8 +238,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -150,8 +255,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -160,8 +272,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -170,8 +289,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -180,8 +306,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -190,8 +323,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -200,8 +340,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -210,8 +357,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -220,8 +374,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -230,8 +391,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -240,8 +408,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -250,8 +425,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -260,8 +442,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -270,8 +459,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -280,8 +476,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -290,8 +493,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -300,8 +510,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -310,8 +527,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -320,8 +544,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", @@ -330,8 +561,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "verbose", diff --git a/filebeat/module/redis/log/test/test.log-expected.json b/filebeat/module/redis/log/test/test.log-expected.json index b74b64a93ed..cee22b55c3b 100644 --- a/filebeat/module/redis/log/test/test.log-expected.json +++ b/filebeat/module/redis/log/test/test.log-expected.json @@ -1,7 +1,14 @@ [ { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -12,8 +19,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "debug", @@ -22,8 +36,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.level": "notice", @@ -32,8 +53,15 @@ "service.type": "redis" }, { + "event.category": [ + "database" + ], "event.dataset": "redis.log", + "event.kind": "event", "event.module": "redis", + "event.type": [ + "info" + ], "fileset.name": "log", "input.type": "log", "log.offset": 250,