Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Auditbeat]: Cleanup a couple of log messages formatters #40358

Merged
merged 1 commit into from
Jul 25, 2024
Merged

[Auditbeat]: Cleanup a couple of log messages formatters #40358

merged 1 commit into from
Jul 25, 2024

Conversation

aleksmaus
Copy link
Member

Proposed commit message

Cleanup a couple of log messages formatters.

Noticed a couple of wrong formatters in the log messages resulting in the messages like this:

{"log.level":"warn","@timestamp":"2024-07-25T16:15:25.261-0400","log.logger":"processor.add_session_metadata","log.origin":{"function":"github.com/elastic/beats/v7/x-pack/auditbeat/processors/sessionmd/provider/ebpf_provider.prvdr.SyncDB","file.name":"ebpf_provider/ebpf_provider.go","file.line":220},
"message":"%!w(*errors.errorString=&{process 59414 was not seen after 281.383636ms})","service.name":"auditbeat","ecs.version":"1.6.0"}

{"log.level":"warn","@timestamp":"2024-07-25T16:45:05.690-0400","log.logger":"processor.add_session_metadata","log.origin":{"function":"github.com/elastic/beats/v7/x-pack/auditbeat/processors/sessionmd/provider/procfs_provider.prvdr.SyncDB","file.name":"procfs_provider/procfs_provider.go","file.line":63},
"message":"couldn't get process info from proc for pid 119514: %!w(*fs.PathError=&{stat /proc/119514 2})","service.name":"auditbeat","ecs.version":"1.6.0"}

After the cleanup they look like this:

{"log.level":"warn","@timestamp":"2024-07-25T17:06:31.449-0400","log.logger":"processor.add_session_metadata","log.origin":{"function":"github.com/elastic/beats/v7/x-pack/auditbeat/processors/sessionmd/provider/ebpf_provider.prvdr.SyncDB","file.name":"ebpf_provider/ebpf_provider.go","file.line":220},
"message":"process 163540 was not seen after 281.147615ms","service.name":"auditbeat","ecs.version":"1.6.0"}

{"log.level":"warn","@timestamp":"2024-07-25T17:00:26.122-0400","log.logger":"processor.add_session_metadata","log.origin":{"function":"github.com/elastic/beats/v7/x-pack/auditbeat/processors/sessionmd/provider/procfs_provider.prvdr.SyncDB","file.name":"procfs_provider/procfs_provider.go","file.line":63},
"message":"couldn't get process info from proc for pid 151115: stat /proc/151115: no such file or directory","service.name":"auditbeat","ecs.version":"1.6.0"}

Checklist

  • My code follows the style guidelines of this project

@aleksmaus aleksmaus added cleanup release-note:skip The PR should be ignored when processing the changelog backport-skip Skip notification from the automated backport with mergify labels Jul 25, 2024
@aleksmaus aleksmaus requested review from mjwolf and a team July 25, 2024 21:09
@aleksmaus aleksmaus requested a review from a team as a code owner July 25, 2024 21:09
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label Jul 25, 2024
@aleksmaus aleksmaus self-assigned this Jul 25, 2024
@aleksmaus aleksmaus added the Team:Security-Deployment and Devices Deployment and Devices Team in Security Solution label Jul 25, 2024
@elasticmachine
Copy link
Collaborator

Pinging @elastic/sec-deployment-and-devices (Team:Security-Deployment and Devices)

@botelastic botelastic bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Jul 25, 2024
@aleksmaus aleksmaus merged commit f1df291 into elastic:main Jul 25, 2024
17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pkoutsovasilis pkoutsovasilis pkoutsovasilis approved these changes

@mjwolf mjwolf Awaiting requested review from mjwolf

Assignees

@aleksmaus aleksmaus

Labels
backport-skip Skip notification from the automated backport with mergify cleanup release-note:skip The PR should be ignored when processing the changelog Team:Security-Deployment and Devices Deployment and Devices Team in Security Solution
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aleksmaus @elasticmachine @pkoutsovasilis