Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/master' into add_k8s_system_le…
Browse files Browse the repository at this point in the history
…vel_logs
  • Loading branch information
ChrsMark committed Feb 23, 2021
2 parents 1bc03d3 + 05b523a commit f22b407
Show file tree
Hide file tree
Showing 9 changed files with 140 additions and 11 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -281,6 +281,7 @@ https://github.com/elastic/beats/compare/v7.0.0-alpha2...master[Check the HEAD d
- Change the `event.created` in Netflow events to be the time the event was created by Filebeat
to be consistent with ECS. {pull}23094[23094]
- Update `filestream` reader offset when a line is skipped. {pull}23417[23417]
- Add check for empty values in azure module. {pull}24156[24156]

*Filebeat*

Expand Down
25 changes: 25 additions & 0 deletions deploy/kubernetes/elastic-agent-standalone-kubernetes.yml
Original file line number Diff line number Diff line change
Expand Up @@ -355,6 +355,31 @@ data:
- 'https://${env.NODE_NAME}:10250'
period: 10s
ssl.verification_mode: none
# Add extra input blocks here, based on conditions
# so as to automatically identify targeted Pods and start monitoring them
# using a predefined integration. For instance:
#- name: redis
# type: redis/metrics
# use_output: default
# meta:
# package:
# name: redis
# version: 0.3.6
# data_stream:
# namespace: default
# streams:
# - data_stream:
# dataset: redis.info
# type: metrics
# metricsets:
# - info
# hosts:
# - '${kubernetes.pod.ip}:6379'
# idle_timeout: 20s
# maxconn: 10
# network: tcp
# period: 10s
# condition: ${kubernetes.pod.labels.app} == 'redis'
---
apiVersion: apps/v1
kind: Deployment
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -271,3 +271,28 @@ data:
- 'https://${env.NODE_NAME}:10250'
period: 10s
ssl.verification_mode: none
# Add extra input blocks here, based on conditions
# so as to automatically identify targeted Pods and start monitoring them
# using a predefined integration. For instance:
#- name: redis
# type: redis/metrics
# use_output: default
# meta:
# package:
# name: redis
# version: 0.3.6
# data_stream:
# namespace: default
# streams:
# - data_stream:
# dataset: redis.info
# type: metrics
# metricsets:
# - info
# hosts:
# - '${kubernetes.pod.ip}:6379'
# idle_timeout: 20s
# maxconn: 10
# network: tcp
# period: 10s
# condition: ${kubernetes.pod.labels.app} == 'redis'
10 changes: 8 additions & 2 deletions testing/environments/snapshot-oss.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
version: '2.3'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch-oss:8.0.0-SNAPSHOT
image: docker.elastic.co/elasticsearch/elasticsearch:8.0.0-SNAPSHOT
healthcheck:
test: ["CMD-SHELL", "curl -s http://localhost:9200/_cat/health?h=status | grep -q green"]
retries: 300
Expand All @@ -13,6 +13,12 @@ services:
- "network.host="
- "transport.host=127.0.0.1"
- "http.host=0.0.0.0"
- "xpack.security.enabled=false"
- "indices.id_field_data.enabled=true"
- "script.context.template.max_compilations_rate=unlimited"
- "script.context.ingest.cache_max_size=2000"
- "script.context.processor_conditional.cache_max_size=2000"
- "script.context.template.cache_max_size=2000"

logstash:
image: docker.elastic.co/logstash/logstash-oss:8.0.0-SNAPSHOT
Expand All @@ -25,7 +31,7 @@ services:
- ./docker/logstash/pki:/etc/pki:ro

kibana:
image: docker.elastic.co/kibana/kibana-oss:8.0.0-SNAPSHOT
image: docker.elastic.co/kibana/kibana:8.0.0-SNAPSHOT
healthcheck:
test: ["CMD-SHELL", "curl -s http://localhost:5601/api/status | grep -q 'Looking good'"]
retries: 600
Expand Down
2 changes: 1 addition & 1 deletion x-pack/filebeat/input/azureeventhub/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ func (conf *azureInputConfig) Validate() error {
return errors.New("no event hub name configured")
}
if conf.SAName == "" || conf.SAKey == "" {
return errors.New("missing storage account information")
return errors.New("no storage account or storage account key configured")
}
if conf.SAContainer == "" {
conf.SAContainer = fmt.Sprintf("%s-%s", ephContainerName, conf.EventHubName)
Expand Down
Original file line number Diff line number Diff line change
@@ -1,11 +1,29 @@
type: azure-eventhub
connection_string: {{ .connection_string }}
{{ if .eventhub }}
eventhub: {{ .eventhub }}
storage_account_container: filebeat-activitylogs-{{ .eventhub }}
{{ end }}

{{ if .connection_string }}
connection_string: {{ .connection_string }}
{{ end }}

{{ if .consumer_group }}
consumer_group: {{ .consumer_group }}
{{ end }}

{{ if .storage_account }}
storage_account: {{ .storage_account }}
{{ end }}

{{ if .storage_account_key }}
storage_account_key: {{ .storage_account_key }}
{{ end }}

{{ if .resource_manager_endpoint }}
resource_manager_endpoint: {{ .resource_manager_endpoint }}
storage_account_container: filebeat-activitylogs-{{ .eventhub }}
{{ end }}

tags: {{.tags | tojson}}
publisher_pipeline.disable_host: {{ inList .tags "forwarded" }}

Expand Down
22 changes: 20 additions & 2 deletions x-pack/filebeat/module/azure/auditlogs/config/azure-eventhub.yml
Original file line number Diff line number Diff line change
@@ -1,11 +1,29 @@
type: azure-eventhub
connection_string: {{ .connection_string }}
{{ if .eventhub }}
eventhub: {{ .eventhub }}
storage_account_container: filebeat-auditlogs-{{ .eventhub }}
{{ end }}

{{ if .connection_string }}
connection_string: {{ .connection_string }}
{{ end }}

{{ if .consumer_group }}
consumer_group: {{ .consumer_group }}
{{ end }}

{{ if .storage_account }}
storage_account: {{ .storage_account }}
{{ end }}

{{ if .storage_account_key }}
storage_account_key: {{ .storage_account_key }}
{{ end }}

{{ if .resource_manager_endpoint }}
resource_manager_endpoint: {{ .resource_manager_endpoint }}
storage_account_container: filebeat-auditlogs-{{ .eventhub }}
{{ end }}

tags: {{.tags | tojson}}
publisher_pipeline.disable_host: {{ inList .tags "forwarded" }}
processors:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,11 +1,29 @@
type: azure-eventhub
connection_string: {{ .connection_string }}
{{ if .eventhub }}
eventhub: {{ .eventhub }}
storage_account_container: filebeat-platformlogs-{{ .eventhub }}
{{ end }}

{{ if .connection_string }}
connection_string: {{ .connection_string }}
{{ end }}

{{ if .consumer_group }}
consumer_group: {{ .consumer_group }}
{{ end }}

{{ if .storage_account }}
storage_account: {{ .storage_account }}
{{ end }}

{{ if .storage_account_key }}
storage_account_key: {{ .storage_account_key }}
{{ end }}

{{ if .resource_manager_endpoint }}
resource_manager_endpoint: {{ .resource_manager_endpoint }}
storage_account_container: filebeat-platformlogs-{{ .eventhub }}
{{ end }}

tags: {{.tags | tojson}}
publisher_pipeline.disable_host: {{ inList .tags "forwarded" }}

Expand Down
22 changes: 20 additions & 2 deletions x-pack/filebeat/module/azure/signinlogs/config/azure-eventhub.yml
Original file line number Diff line number Diff line change
@@ -1,11 +1,29 @@
type: azure-eventhub
connection_string: {{ .connection_string }}
{{ if .eventhub }}
eventhub: {{ .eventhub }}
storage_account_container: filebeat-signinlogs-{{ .eventhub }}
{{ end }}

{{ if .connection_string }}
connection_string: {{ .connection_string }}
{{ end }}

{{ if .consumer_group }}
consumer_group: {{ .consumer_group }}
{{ end }}

{{ if .storage_account }}
storage_account: {{ .storage_account }}
{{ end }}

{{ if .storage_account_key }}
storage_account_key: {{ .storage_account_key }}
{{ end }}

{{ if .resource_manager_endpoint }}
resource_manager_endpoint: {{ .resource_manager_endpoint }}
storage_account_container: filebeat-signinlogs-{{ .eventhub }}
{{ end }}

tags: {{.tags | tojson}}
publisher_pipeline.disable_host: {{ inList .tags "forwarded" }}
processors:
Expand Down

0 comments on commit f22b407

Please sign in to comment.