From 77bede28efa2f7d9c6fa53b9f1a6770d9a3d7540 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Mon, 17 Jun 2024 18:30:53 +0530 Subject: [PATCH 01/21] [stan] - change to ECS version git@v8.11.0 --- packages/stan/_dev/build/build.yml | 2 +- .../stan/data_stream/channels/fields/ecs.yml | 6 +- .../data_stream/channels/sample_event.json | 4 +- .../test-log-sample.log-expected.json | 2680 ++++++++--------- .../elasticsearch/ingest_pipeline/default.yml | 2 +- .../data_stream/log/fields/base-fields.yml | 5 - packages/stan/data_stream/log/fields/ecs.yml | 26 - .../stan/data_stream/log/sample_event.json | 4 +- .../stan/data_stream/stats/fields/ecs.yml | 6 +- .../stan/data_stream/stats/sample_event.json | 4 +- .../data_stream/subscriptions/fields/ecs.yml | 6 +- .../subscriptions/sample_event.json | 4 +- packages/stan/manifest.yml | 3 +- 13 files changed, 1355 insertions(+), 1397 deletions(-) delete mode 100644 packages/stan/data_stream/log/fields/ecs.yml diff --git a/packages/stan/_dev/build/build.yml b/packages/stan/_dev/build/build.yml index 47cbed9fed86..2bfcfc223b04 100644 --- a/packages/stan/_dev/build/build.yml +++ b/packages/stan/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.0.0 + reference: "git@v8.11.0" diff --git a/packages/stan/data_stream/channels/fields/ecs.yml b/packages/stan/data_stream/channels/fields/ecs.yml index d3c8fbe2618e..37cf21eb8269 100644 --- a/packages/stan/data_stream/channels/fields/ecs.yml +++ b/packages/stan/data_stream/channels/fields/ecs.yml @@ -1,10 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true @@ -28,4 +24,4 @@ dimension: true - external: ecs name: host.name - dimension: true \ No newline at end of file + dimension: true diff --git a/packages/stan/data_stream/channels/sample_event.json b/packages/stan/data_stream/channels/sample_event.json index 6ac84237f7b0..5cb0518261ae 100644 --- a/packages/stan/data_stream/channels/sample_event.json +++ b/packages/stan/data_stream/channels/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -73,4 +73,4 @@ "id": "dEvzTKomxEioLU6oP1VuXM" } } -} \ No newline at end of file +} diff --git a/packages/stan/data_stream/log/_dev/test/pipeline/test-log-sample.log-expected.json b/packages/stan/data_stream/log/_dev/test/pipeline/test-log-sample.log-expected.json index 576a810efc5e..4e924b6949f8 100644 --- a/packages/stan/data_stream/log/_dev/test/pipeline/test-log-sample.log-expected.json +++ b/packages/stan/data_stream/log/_dev/test/pipeline/test-log-sample.log-expected.json @@ -1,2710 +1,2710 @@ { "expected": [ { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.981Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830523006Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.981022 [INF] STREAM: Starting nats-streaming-server[test-cluster] version 0.15.1", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Starting nats-streaming-server[test-cluster] version 0.15.1", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469595465Z", - "original": "[7] 2021/01/13 14:20:06.981022 [INF] STREAM: Starting nats-streaming-server[test-cluster] version 0.15.1", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Starting nats-streaming-server[test-cluster] version 0.15.1", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.981Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830536798Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.981055 [INF] STREAM: ServerID: tnudw5OA2pv04Sn0JpebGy", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: ServerID: tnudw5OA2pv04Sn0JpebGy", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469599121Z", - "original": "[7] 2021/01/13 14:20:06.981055 [INF] STREAM: ServerID: tnudw5OA2pv04Sn0JpebGy", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: ServerID: tnudw5OA2pv04Sn0JpebGy", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.981Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830538407Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.981069 [INF] STREAM: Go version: go1.11.10", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Go version: go1.11.10", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469600231Z", - "original": "[7] 2021/01/13 14:20:06.981069 [INF] STREAM: Go version: go1.11.10", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Go version: go1.11.10", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.981Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830539469Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.981082 [INF] STREAM: Git commit: [8e6aa7c]", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Git commit: [8e6aa7c]", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469601202Z", - "original": "[7] 2021/01/13 14:20:06.981082 [INF] STREAM: Git commit: [8e6aa7c]", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Git commit: [8e6aa7c]", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.981Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830540456Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.981951 [INF] Starting nats-server version 2.0.0", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "Starting nats-server version 2.0.0", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469602121Z", - "original": "[7] 2021/01/13 14:20:06.981951 [INF] Starting nats-server version 2.0.0", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "Starting nats-server version 2.0.0", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.981Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830541447Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.981983 [DBG] Go build version go1.11.10", + "type": [ + "info" + ] }, "log": { "level": "debug" }, + "message": "Go build version go1.11.10", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469603041Z", - "original": "[7] 2021/01/13 14:20:06.981983 [DBG] Go build version go1.11.10", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "Go build version go1.11.10", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.981Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830542442Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.981996 [INF] Git commit [not set]", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "Git commit [not set]", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469603961Z", - "original": "[7] 2021/01/13 14:20:06.981996 [INF] Git commit [not set]", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "Git commit [not set]", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.982Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830543444Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.982082 [INF] Starting http monitor on 0.0.0.0:8222", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "Starting http monitor on 0.0.0.0:8222", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469604882Z", - "original": "[7] 2021/01/13 14:20:06.982082 [INF] Starting http monitor on 0.0.0.0:8222", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "Starting http monitor on 0.0.0.0:8222", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.982Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830544523Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.982116 [INF] Listening for client connections on 0.0.0.0:4222", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "Listening for client connections on 0.0.0.0:4222", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469605817Z", - "original": "[7] 2021/01/13 14:20:06.982116 [INF] Listening for client connections on 0.0.0.0:4222", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "Listening for client connections on 0.0.0.0:4222", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.982Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830545504Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.982127 [INF] Server id is NCE3NFAMOIJHIR6KK53KBPN6C44LXZ6G4ULGLIWIBLYOLG5Z5LVCQSOB", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "Server id is NCE3NFAMOIJHIR6KK53KBPN6C44LXZ6G4ULGLIWIBLYOLG5Z5LVCQSOB", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469606743Z", - "original": "[7] 2021/01/13 14:20:06.982127 [INF] Server id is NCE3NFAMOIJHIR6KK53KBPN6C44LXZ6G4ULGLIWIBLYOLG5Z5LVCQSOB", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "Server id is NCE3NFAMOIJHIR6KK53KBPN6C44LXZ6G4ULGLIWIBLYOLG5Z5LVCQSOB", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.982Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830546489Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.982136 [INF] Server is ready", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "Server is ready", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469607672Z", - "original": "[7] 2021/01/13 14:20:06.982136 [INF] Server is ready", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "Server is ready", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.982Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830547647Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.982149 [DBG] Get non local IPs for \"0.0.0.0\"", + "type": [ + "info" + ] }, "log": { "level": "debug" }, + "message": "Get non local IPs for \"0.0.0.0\"", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469608724Z", - "original": "[7] 2021/01/13 14:20:06.982149 [DBG] Get non local IPs for \"0.0.0.0\"", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "Get non local IPs for \"0.0.0.0\"", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:06.982Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" }, - "log": { + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830548638Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:06.982402 [DBG] ip=192.168.240.2", + "type": [ + "info" + ] + }, + "log": { "level": "debug" }, + "message": " ip=192.168.240.2", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469609676Z", - "original": "[7] 2021/01/13 14:20:06.982402 [DBG] ip=192.168.240.2", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": " ip=192.168.240.2", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.008Z", + "client": { + "ip": "127.0.0.1", + "port": 33150 + }, "ecs": { - "version": "8.0.0" + "version": "8.11.0" }, - "related": { - "ip": [ - "127.0.0.1" + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830549626Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.008167 [DBG] 127.0.0.1:33150 - cid:1 - Client connection created", + "type": [ + "info" ] }, "log": { "level": "debug" }, + "message": "Client connection created", + "process": { + "pid": 7 + }, + "related": { + "ip": [ + "127.0.0.1" + ] + }, "stan": { "log": { - "msg": {}, "client": { "id": "1" - } + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:20:07.009Z", "client": { - "port": 33150, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 33152 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469610602Z", - "original": "[7] 2021/01/13 14:20:07.008167 [DBG] 127.0.0.1:33150 - cid:1 - Client connection created", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830551044Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.009385 [DBG] 127.0.0.1:33152 - cid:2 - Client connection created", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection created", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:20:07.009Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { "id": "2" - } + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:20:07.010Z", "client": { - "port": 33152, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 33154 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469611533Z", - "original": "[7] 2021/01/13 14:20:07.009385 [DBG] 127.0.0.1:33152 - cid:2 - Client connection created", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830552029Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.010819 [DBG] 127.0.0.1:33154 - cid:3 - Client connection created", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection created", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:20:07.010Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { "id": "3" - } + }, + "msg": {} } }, - "client": { - "port": 33154, - "ip": "127.0.0.1" - }, - "event": { - "ingested": "2022-01-12T04:09:27.469612478Z", - "original": "[7] 2021/01/13 14:20:07.010819 [DBG] 127.0.0.1:33154 - cid:3 - Client connection created", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "Client connection created", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.011Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830553137Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.011557 [INF] STREAM: Recovering the state...", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Recovering the state...", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469613532Z", - "original": "[7] 2021/01/13 14:20:07.011557 [INF] STREAM: Recovering the state...", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Recovering the state...", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.011Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830554130Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.011583 [INF] STREAM: No recovered state", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: No recovered state", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469614478Z", - "original": "[7] 2021/01/13 14:20:07.011583 [INF] STREAM: No recovered state", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: No recovered state", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.263Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830555200Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.263504 [INF] STREAM: Message store is MEMORY", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Message store is MEMORY", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469615407Z", - "original": "[7] 2021/01/13 14:20:07.263504 [INF] STREAM: Message store is MEMORY", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Message store is MEMORY", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.263Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830556190Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.263623 [INF] STREAM: ---------- Store Limits ----------", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: ---------- Store Limits ----------", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469616367Z", - "original": "[7] 2021/01/13 14:20:07.263623 [INF] STREAM: ---------- Store Limits ----------", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: ---------- Store Limits ----------", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.263Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830557257Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.263653 [INF] STREAM: Channels: 100 *", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Channels: 100 *", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469617312Z", - "original": "[7] 2021/01/13 14:20:07.263653 [INF] STREAM: Channels: 100 *", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Channels: 100 *", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.263Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830558315Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.263671 [INF] STREAM: --------- Channels Limits --------", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: --------- Channels Limits --------", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469618235Z", - "original": "[7] 2021/01/13 14:20:07.263671 [INF] STREAM: --------- Channels Limits --------", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: --------- Channels Limits --------", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.263Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830559302Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.263690 [INF] STREAM: Subscriptions: 1000 *", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Subscriptions: 1000 *", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469619165Z", - "original": "[7] 2021/01/13 14:20:07.263690 [INF] STREAM: Subscriptions: 1000 *", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Subscriptions: 1000 *", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.263Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830560865Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.263710 [INF] STREAM: Messages : 1000000 *", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Messages : 1000000 *", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469620213Z", - "original": "[7] 2021/01/13 14:20:07.263710 [INF] STREAM: Messages : 1000000 *", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Messages : 1000000 *", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.263Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830561847Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.263728 [INF] STREAM: Bytes : 976.56 MB *", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Bytes : 976.56 MB *", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469621137Z", - "original": "[7] 2021/01/13 14:20:07.263728 [INF] STREAM: Bytes : 976.56 MB *", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Bytes : 976.56 MB *", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.263Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830562838Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.263749 [INF] STREAM: Age : unlimited *", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Age : unlimited *", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469622088Z", - "original": "[7] 2021/01/13 14:20:07.263749 [INF] STREAM: Age : unlimited *", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Age : unlimited *", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.263Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830563876Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.263767 [INF] STREAM: Inactivity : unlimited *", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Inactivity : unlimited *", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469623050Z", - "original": "[7] 2021/01/13 14:20:07.263767 [INF] STREAM: Inactivity : unlimited *", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Inactivity : unlimited *", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:07.263Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830564864Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:07.263788 [INF] STREAM: ----------------------------------", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: ----------------------------------", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469623983Z", - "original": "[7] 2021/01/13 14:20:07.263788 [INF] STREAM: ----------------------------------", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: ----------------------------------", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:08.988Z", + "client": { + "ip": "127.0.0.1", + "port": 33160 + }, "ecs": { - "version": "8.0.0" + "version": "8.11.0" }, - "related": { - "ip": [ - "127.0.0.1" + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830565850Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:08.988091 [DBG] 127.0.0.1:33160 - cid:4 - Client connection created", + "type": [ + "info" ] }, "log": { "level": "debug" }, + "message": "Client connection created", + "process": { + "pid": 7 + }, + "related": { + "ip": [ + "127.0.0.1" + ] + }, "stan": { "log": { - "msg": {}, "client": { "id": "4" - } + }, + "msg": {} } }, - "client": { - "port": 33160, - "ip": "127.0.0.1" - }, - "event": { - "ingested": "2022-01-12T04:09:27.469624952Z", - "original": "[7] 2021/01/13 14:20:08.988091 [DBG] 127.0.0.1:33160 - cid:4 - Client connection created", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "Client connection created", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:20:09.010Z", "ecs": { - "version": "8.0.0" + "version": "8.11.0" + }, + "event": { + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830566831Z", + "kind": "event", + "original": "[7] 2021/01/13 14:20:09.010952 [INF] STREAM: Channel \"bar\" has been created", + "type": [ + "info" + ] }, "log": { "level": "info" }, + "message": "STREAM: Channel \"bar\" has been created", + "process": { + "pid": 7 + }, "stan": { "log": { "msg": {} } }, - "event": { - "ingested": "2022-01-12T04:09:27.469625901Z", - "original": "[7] 2021/01/13 14:20:09.010952 [INF] STREAM: Channel \"bar\" has been created", - "type": [ - "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - }, - "message": "STREAM: Channel \"bar\" has been created", "tags": [ "preserve_original_event" ] }, { - "process": { - "pid": 7 - }, "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, - "related": { - "ip": [ - "127.0.0.1" - ] - }, - "log": { - "level": "trace" - }, - "stan": { - "log": { - "msg": { - "type": "subscribe", - "subject": "_INBOX.mUz7h6B3wGNf7P7bhyQldF", - "sid": "43" - }, - "client": { - "id": "3" - } - } - }, "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469626854Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830567821Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499525 [TRC] 127.0.0.1:60748 - cid:3 - \u003c\u003c- [SUB _INBOX.mUz7h6B3wGNf7P7bhyQldF 43]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.497Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "27" + "id": "3" + }, + "msg": { + "sid": "43", + "subject": "_INBOX.mUz7h6B3wGNf7P7bhyQldF", + "type": "subscribe" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.497Z", "client": { - "port": 60800, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60800 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469627784Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830568810Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.497650 [DBG] 127.0.0.1:60800 - cid:27 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "34" - } + "id": "27" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60812, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60812 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469628709Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830569798Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499560 [DBG] 127.0.0.1:60812 - cid:34 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "36" - } + "id": "34" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60818, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60818 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469629638Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830570857Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499565 [DBG] 127.0.0.1:60818 - cid:36 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "35" - } + "id": "36" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60816, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60816 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469630661Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830573713Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499560 [DBG] 127.0.0.1:60816 - cid:35 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "ping" - }, "client": { - "id": "3" - } + "id": "35" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469631593Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830574737Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499586 [TRC] 127.0.0.1:60748 - cid:3 - \u003c\u003c- [PING]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "38" + "id": "3" + }, + "msg": { + "type": "ping" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60820, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60820 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469632514Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830575716Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499599 [DBG] 127.0.0.1:60820 - cid:38 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "pong" - }, "client": { - "id": "3" - } + "id": "38" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469633452Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830576707Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499607 [TRC] 127.0.0.1:60748 - cid:3 - -\u003e\u003e [PONG]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "outbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "30" + "id": "3" + }, + "msg": { + "type": "pong" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60804, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60804 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469634375Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830577692Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499634 [DBG] 127.0.0.1:60804 - cid:30 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "32" - } + "id": "30" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60806, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60806 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469635304Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830578677Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499651 [DBG] 127.0.0.1:60806 - cid:32 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "42" - } + "id": "32" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60814, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60814 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469636233Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830579685Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499656 [DBG] 127.0.0.1:60814 - cid:42 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "33" - } + "id": "42" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60808, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60808 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469637159Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830580667Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499694 [DBG] 127.0.0.1:60808 - cid:33 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "31" - } + "id": "33" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60802, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60802 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469638095Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830581659Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499717 [DBG] 127.0.0.1:60802 - cid:31 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "subscribe", - "subject": "_INBOX.mUz7h6B3wGNf7P7bhyQlf6", - "sid": "44" - }, "client": { - "id": "3" - } + "id": "31" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469639011Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830582647Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499727 [TRC] 127.0.0.1:60748 - cid:3 - \u003c\u003c- [SUB _INBOX.mUz7h6B3wGNf7P7bhyQlf6 44]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "ping" - }, "client": { "id": "3" + }, + "msg": { + "sid": "44", + "subject": "_INBOX.mUz7h6B3wGNf7P7bhyQlf6", + "type": "subscribe" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469639930Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830583637Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499769 [TRC] 127.0.0.1:60748 - cid:3 - \u003c\u003c- [PING]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.488Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "message", - "bytes": 31, - "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsWfp.RdKmEViH", - "sid": "3" - }, "client": { - "id": "83" + "id": "3" + }, + "msg": { + "type": "ping" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.488Z", "client": { - "port": 60910, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60910 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469640851Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830584623Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.488515 [TRC] 127.0.0.1:60910 - cid:83 - -\u003e\u003e [MSG _INBOX.ZXYA2FSF5VwytqOUdLsWfp.RdKmEViH 3 31]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "outbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "pong" - }, "client": { - "id": "3" + "id": "83" + }, + "msg": { + "bytes": 31, + "sid": "3", + "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsWfp.RdKmEViH", + "type": "message" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469641775Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830585616Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499782 [TRC] 127.0.0.1:60748 - cid:3 - -\u003e\u003e [PONG]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "outbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "publish", - "bytes": 31, - "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsXOL.kiHXi6ux" - }, "client": { - "id": "1" + "id": "3" + }, + "msg": { + "type": "pong" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60744, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60744 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469642698Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830586610Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499811 [TRC] 127.0.0.1:60744 - cid:1 - \u003c\u003c- [PUB _INBOX.ZXYA2FSF5VwytqOUdLsXOL.kiHXi6ux 31]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "payload" - }, "client": { "id": "1" + }, + "msg": { + "bytes": 31, + "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsXOL.kiHXi6ux", + "type": "publish" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60744, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60744 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469643623Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830587598Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499850 [TRC] 127.0.0.1:60744 - cid:1 - \u003c\u003c- MSG_PAYLOAD: [\"\\x12\\x1d_INBOX.mUz7h6B3wGNf7P7bhyQlS7\"]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "83" + "id": "1" + }, + "msg": { + "type": "payload" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60910, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60910 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469644560Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830588585Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499850 [DBG] 127.0.0.1:60910 - cid:83 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.499Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "publish", - "bytes": 31, - "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsUbq.CeeDx8Zh" - }, "client": { - "id": "1" - } + "id": "83" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.499Z", "client": { - "port": 60744, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60744 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469645583Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830589709Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.499961 [TRC] 127.0.0.1:60744 - cid:1 - \u003c\u003c- [PUB _INBOX.ZXYA2FSF5VwytqOUdLsUbq.CeeDx8Zh 31]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.500Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "payload" - }, "client": { "id": "1" + }, + "msg": { + "bytes": 31, + "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsUbq.CeeDx8Zh", + "type": "publish" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.500Z", "client": { - "port": 60744, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60744 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469646506Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830590726Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.500004 [TRC] 127.0.0.1:60744 - cid:1 - \u003c\u003c- MSG_PAYLOAD: [\"\\x12\\x1d_INBOX.mUz7h6B3wGNf7P7bhyQlTy\"]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.500Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "debug" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "29" + "id": "1" + }, + "msg": { + "type": "payload" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.500Z", "client": { - "port": 60810, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60810 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469647430Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830591851Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.500142 [DBG] 127.0.0.1:60810 - cid:29 - Client connection closed", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection closed", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.508Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "publish", - "bytes": 31, - "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsUsX.7vrrWV3v" - }, "client": { - "id": "1" - } + "id": "29" + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.508Z", "client": { - "port": 60744, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60744 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469648364Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830592848Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.508653 [TRC] 127.0.0.1:60744 - cid:1 - \u003c\u003c- [PUB _INBOX.ZXYA2FSF5VwytqOUdLsUsX.7vrrWV3v 31]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.508Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "payload" - }, "client": { "id": "1" + }, + "msg": { + "bytes": 31, + "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsUsX.7vrrWV3v", + "type": "publish" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.508Z", "client": { - "port": 60744, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60744 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469649287Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830593833Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.508725 [TRC] 127.0.0.1:60744 - cid:1 - \u003c\u003c- MSG_PAYLOAD: [\"\\x12\\x1d_INBOX.mUz7h6B3wGNf7P7bhyQm1M\"]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.508Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "subscribe", - "subject": "_INBOX.mUz7h6B3wGNf7P7bhyQm3D", - "sid": "57" - }, "client": { - "id": "3" + "id": "1" + }, + "msg": { + "type": "payload" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.508Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469650240Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830594845Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.508872 [TRC] 127.0.0.1:60748 - cid:3 - \u003c\u003c- [SUB _INBOX.mUz7h6B3wGNf7P7bhyQm3D 57]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.509Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "ping" - }, "client": { "id": "3" + }, + "msg": { + "sid": "57", + "subject": "_INBOX.mUz7h6B3wGNf7P7bhyQm3D", + "type": "subscribe" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.509Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469651163Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830595844Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.509016 [TRC] 127.0.0.1:60748 - cid:3 - \u003c\u003c- [PING]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.509Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "pong" - }, "client": { "id": "3" + }, + "msg": { + "type": "ping" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.509Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469652091Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830596833Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.509046 [TRC] 127.0.0.1:60748 - cid:3 - -\u003e\u003e [PONG]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "outbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.509Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "publish", - "bytes": 31, - "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsYyH.3U691ECJ" - }, "client": { - "id": "1" + "id": "3" + }, + "msg": { + "type": "pong" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.509Z", "client": { - "port": 60744, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60744 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469653014Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830597825Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.509787 [TRC] 127.0.0.1:60744 - cid:1 - \u003c\u003c- [PUB _INBOX.ZXYA2FSF5VwytqOUdLsYyH.3U691ECJ 31]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.509Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "payload" - }, "client": { "id": "1" + }, + "msg": { + "bytes": 31, + "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsYyH.3U691ECJ", + "type": "publish" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.509Z", "client": { - "port": 60744, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60744 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469653938Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830599184Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.509825 [TRC] 127.0.0.1:60744 - cid:1 - \u003c\u003c- MSG_PAYLOAD: [\"\\x12\\x1d_INBOX.mUz7h6B3wGNf7P7bhyQm3D\"]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.509Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "subscribe", - "subject": "_INBOX.mUz7h6B3wGNf7P7bhyQm54", - "sid": "58" - }, "client": { - "id": "3" + "id": "1" + }, + "msg": { + "type": "payload" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.509Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469654862Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830600173Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.509825 [TRC] 127.0.0.1:60748 - cid:3 - \u003c\u003c- [SUB _INBOX.mUz7h6B3wGNf7P7bhyQm54 58]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.509Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "ping" - }, "client": { "id": "3" + }, + "msg": { + "sid": "58", + "subject": "_INBOX.mUz7h6B3wGNf7P7bhyQm54", + "type": "subscribe" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.509Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469655795Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830601169Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.509899 [TRC] 127.0.0.1:60748 - cid:3 - \u003c\u003c- [PING]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.509Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "pong" - }, "client": { "id": "3" + }, + "msg": { + "type": "ping" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.509Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469656714Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830602171Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.509912 [TRC] 127.0.0.1:60748 - cid:3 - -\u003e\u003e [PONG]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "outbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.510Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "publish", - "bytes": 31, - "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsYpN.R6hUgpF6" - }, "client": { - "id": "1" + "id": "3" + }, + "msg": { + "type": "pong" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.510Z", "client": { - "port": 60744, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60744 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469657654Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830603161Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.510036 [TRC] 127.0.0.1:60744 - cid:1 - \u003c\u003c- [PUB _INBOX.ZXYA2FSF5VwytqOUdLsYpN.R6hUgpF6 31]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.510Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "payload" - }, "client": { "id": "1" + }, + "msg": { + "bytes": 31, + "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsYpN.R6hUgpF6", + "type": "publish" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.510Z", "client": { - "port": 60744, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60744 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469658584Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830604150Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.510073 [TRC] 127.0.0.1:60744 - cid:1 - \u003c\u003c- MSG_PAYLOAD: [\"\\x12\\x1d_INBOX.mUz7h6B3wGNf7P7bhyQm54\"]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.949Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "publish", - "bytes": 220, - "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsWF7.IqlBSvhV" - }, "client": { - "id": "2" + "id": "1" + }, + "msg": { + "type": "payload" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.949Z", "client": { - "port": 60746, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60746 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469659566Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830605146Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.949500 [TRC] 127.0.0.1:60746 - cid:2 - \u003c\u003c- [PUB _INBOX.ZXYA2FSF5VwytqOUdLsWF7.IqlBSvhV 220]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.949Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": { - "type": "payload" - }, "client": { "id": "2" + }, + "msg": { + "bytes": 220, + "subject": "_INBOX.ZXYA2FSF5VwytqOUdLsWF7.IqlBSvhV", + "type": "publish" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.949Z", "client": { - "port": 60746, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60746 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469660486Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830606132Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.949675 [TRC] 127.0.0.1:60746 - cid:2 - \u003c\u003c- MSG_PAYLOAD: [\"\\n _STAN.pub.mUz7h6B3wGNf7P7bhyQkHm\\x12 _STAN.sub.mUz7h6B3wGNf7P7bhyQkHm\\x1a\\\"_STAN.unsub.mUz7h6B3wGNf7P7bhyQkHm\\\"\\\"_STAN.close.mUz7h6B3wGNf7P7bhyQkHm2%_STAN.subclose.mUz7h6B3wGNf7P7bhyQkHm:!_STAN.discover.test-cluster.pings@\\x05H\\x03P\\x01\"]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } - }, - { + }, "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.949Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": {}, "client": { - "id": "3" + "id": "2" + }, + "msg": { + "type": "payload" } } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.949Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469661417Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830607123Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.949848 [TRC] 127.0.0.1:60748 - cid:3 - \u003c\u003c- [UNSUB 21 ]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, "message": "\u003c\u003c- [UNSUB 21 ]", - "tags": [ - "preserve_original_event" - ] - }, - { "process": { "pid": 7 }, - "@timestamp": "2021-01-13T14:22:50.949Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "127.0.0.1" ] }, - "log": { - "level": "trace" - }, "stan": { "log": { - "msg": {}, "client": { "id": "3" - } + }, + "msg": {} } }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2021-01-13T14:22:50.949Z", "client": { - "port": 60748, - "ip": "127.0.0.1" + "ip": "127.0.0.1", + "port": 60748 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T04:09:27.469662339Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:59:33.830614124Z", + "kind": "event", "original": "[7] 2021/01/13 14:22:50.949912 [TRC] 127.0.0.1:60748 - cid:3 - \u003c-\u003e [DELSUB 21]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, "message": "\u003c-\u003e [DELSUB 21]", + "process": { + "pid": 7 + }, + "related": { + "ip": [ + "127.0.0.1" + ] + }, + "stan": { + "log": { + "client": { + "id": "3" + }, + "msg": {} + } + }, "tags": [ "preserve_original_event" ] diff --git a/packages/stan/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/stan/data_stream/log/elasticsearch/ingest_pipeline/default.yml index ab9c90479a01..3c237741c26b 100644 --- a/packages/stan/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/stan/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -6,7 +6,7 @@ processors: value: '{{_ingest.timestamp}}' - set: field: ecs.version - value: '8.0.0' + value: '8.11.0' - rename: field: message target_field: event.original diff --git a/packages/stan/data_stream/log/fields/base-fields.yml b/packages/stan/data_stream/log/fields/base-fields.yml index 6489afea6946..f21661913542 100644 --- a/packages/stan/data_stream/log/fields/base-fields.yml +++ b/packages/stan/data_stream/log/fields/base-fields.yml @@ -13,11 +13,6 @@ - name: input.type description: Type of Filebeat input. type: keyword -- name: log.file.path - description: Full path to the log file this event came from. - example: /var/log/fun-times.log - ignore_above: 1024 - type: keyword - name: log.offset type: long description: Offset of the entry in the log file. diff --git a/packages/stan/data_stream/log/fields/ecs.yml b/packages/stan/data_stream/log/fields/ecs.yml deleted file mode 100644 index 5bdf95442339..000000000000 --- a/packages/stan/data_stream/log/fields/ecs.yml +++ /dev/null @@ -1,26 +0,0 @@ -- external: ecs - name: client.ip -- external: ecs - name: client.port -- external: ecs - name: ecs.version -- external: ecs - name: error.message -- external: ecs - name: event.created -- external: ecs - name: event.kind -- external: ecs - name: event.type -- external: ecs - name: log.level -- external: ecs - name: message -- external: ecs - name: network.direction -- external: ecs - name: process.pid -- external: ecs - name: related.ip -- external: ecs - name: tags diff --git a/packages/stan/data_stream/log/sample_event.json b/packages/stan/data_stream/log/sample_event.json index c3d8bca20c16..263f2bace7a0 100644 --- a/packages/stan/data_stream/log/sample_event.json +++ b/packages/stan/data_stream/log/sample_event.json @@ -13,7 +13,7 @@ "type": "logs" }, "ecs": { - "version": "8.0.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -53,4 +53,4 @@ "forwarded", "stan-log" ] -} \ No newline at end of file +} diff --git a/packages/stan/data_stream/stats/fields/ecs.yml b/packages/stan/data_stream/stats/fields/ecs.yml index d3c8fbe2618e..37cf21eb8269 100644 --- a/packages/stan/data_stream/stats/fields/ecs.yml +++ b/packages/stan/data_stream/stats/fields/ecs.yml @@ -1,10 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true @@ -28,4 +24,4 @@ dimension: true - external: ecs name: host.name - dimension: true \ No newline at end of file + dimension: true diff --git a/packages/stan/data_stream/stats/sample_event.json b/packages/stan/data_stream/stats/sample_event.json index e9644c64ec3c..09f4bb5fb062 100644 --- a/packages/stan/data_stream/stats/sample_event.json +++ b/packages/stan/data_stream/stats/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -73,4 +73,4 @@ "subscriptions": 100 } } -} \ No newline at end of file +} diff --git a/packages/stan/data_stream/subscriptions/fields/ecs.yml b/packages/stan/data_stream/subscriptions/fields/ecs.yml index d3c8fbe2618e..37cf21eb8269 100644 --- a/packages/stan/data_stream/subscriptions/fields/ecs.yml +++ b/packages/stan/data_stream/subscriptions/fields/ecs.yml @@ -1,10 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true @@ -28,4 +24,4 @@ dimension: true - external: ecs name: host.name - dimension: true \ No newline at end of file + dimension: true diff --git a/packages/stan/data_stream/subscriptions/sample_event.json b/packages/stan/data_stream/subscriptions/sample_event.json index e5f953c7b5c2..460a127cecef 100644 --- a/packages/stan/data_stream/subscriptions/sample_event.json +++ b/packages/stan/data_stream/subscriptions/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -74,4 +74,4 @@ "stalled": false } } -} \ No newline at end of file +} diff --git a/packages/stan/manifest.yml b/packages/stan/manifest.yml index 96575c6d7ac3..b4f3295a8e31 100644 --- a/packages/stan/manifest.yml +++ b/packages/stan/manifest.yml @@ -14,7 +14,8 @@ license: basic categories: - observability conditions: - kibana.version: "^8.10.2" + kibana: + version: "^8.13.0" screenshots: - src: /img/metrics-stan-overview.png title: Metrics STAN Dashboard From 2179327bff60785e6fcfb6ea5c7d4b1e1024b2bb Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Mon, 17 Jun 2024 18:27:48 +0530 Subject: [PATCH 02/21] [spring_boot] - change to ECS version git@v8.11.0 --- packages/spring_boot/_dev/build/build.yml | 2 +- .../test-auditevent-metrics.log-expected.json | 6 +- .../elasticsearch/ingest_pipeline/default.yml | 4 +- .../data_stream/audit_events/fields/ecs.yml | 14 - .../audit_events/sample_event.json | 8 +- ...ency-generation-metrics.json-expected.json | 2 +- ...oung-generation-metrics.json-expected.json | 2 +- ...gc-ps-marksweep-metrics.json-expected.json | 2 +- .../elasticsearch/ingest_pipeline/default.yml | 2 +- .../spring_boot/data_stream/gc/fields/ecs.yml | 26 - .../data_stream/gc/sample_event.json | 4 +- .../test-httptrace-metrics.log-expected.json | 6 +- .../elasticsearch/ingest_pipeline/default.yml | 4 +- .../data_stream/http_trace/fields/ecs.yml | 22 - .../data_stream/http_trace/sample_event.json | 8 +- .../elasticsearch/ingest_pipeline/default.yml | 4 +- .../data_stream/memory/fields/ecs.yml | 20 - .../data_stream/memory/sample_event.json | 8 +- .../elasticsearch/ingest_pipeline/default.yml | 4 +- .../data_stream/threading/fields/ecs.yml | 20 - .../data_stream/threading/sample_event.json | 8 +- packages/spring_boot/docs/README.md | 82 +- ...-6fe11330-c7f1-11ec-986a-f1e84447fd00.json | 840 ++--- ...-6fe782d0-ca15-11ec-b4b1-b57f75afa7dd.json | 728 ++-- ...-c89e1510-ca15-11ec-b4b1-b57f75afa7dd.json | 2512 +++++++------- ...-e8507040-c7b0-11ec-9c82-4b3dfe36a746.json | 2950 ++++++++--------- packages/spring_boot/manifest.yml | 2 +- 27 files changed, 3581 insertions(+), 3709 deletions(-) delete mode 100644 packages/spring_boot/data_stream/audit_events/fields/ecs.yml delete mode 100644 packages/spring_boot/data_stream/gc/fields/ecs.yml delete mode 100644 packages/spring_boot/data_stream/http_trace/fields/ecs.yml delete mode 100644 packages/spring_boot/data_stream/memory/fields/ecs.yml delete mode 100644 packages/spring_boot/data_stream/threading/fields/ecs.yml diff --git a/packages/spring_boot/_dev/build/build.yml b/packages/spring_boot/_dev/build/build.yml index aaafc5d833b6..2bfcfc223b04 100644 --- a/packages/spring_boot/_dev/build/build.yml +++ b/packages/spring_boot/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.5.1 + reference: "git@v8.11.0" diff --git a/packages/spring_boot/data_stream/audit_events/_dev/test/pipeline/test-auditevent-metrics.log-expected.json b/packages/spring_boot/data_stream/audit_events/_dev/test/pipeline/test-auditevent-metrics.log-expected.json index bc293d4df6ae..85957a13d285 100644 --- a/packages/spring_boot/data_stream/audit_events/_dev/test/pipeline/test-auditevent-metrics.log-expected.json +++ b/packages/spring_boot/data_stream/audit_events/_dev/test/pipeline/test-auditevent-metrics.log-expected.json @@ -2,10 +2,12 @@ "expected": [ { "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "category": "web", + "category": [ + "web" + ], "dataset": "spring_boot.audit_events", "kind": "event", "module": "spring_boot", diff --git a/packages/spring_boot/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml b/packages/spring_boot/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml index 31169afd173c..98a1ebda5f51 100644 --- a/packages/spring_boot/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spring_boot/data_stream/audit_events/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for processing Audit Events logs processors: - set: field: ecs.version - value: "8.5.1" + value: "8.11.0" - rename: field: message target_field: event.original @@ -33,7 +33,7 @@ processors: value: event - set: field: event.category - value: web + value: [web] - rename: field: json.principal target_field: spring_boot.audit_events.principal diff --git a/packages/spring_boot/data_stream/audit_events/fields/ecs.yml b/packages/spring_boot/data_stream/audit_events/fields/ecs.yml deleted file mode 100644 index 79f5820df09c..000000000000 --- a/packages/spring_boot/data_stream/audit_events/fields/ecs.yml +++ /dev/null @@ -1,14 +0,0 @@ -- external: ecs - name: event.dataset -- external: ecs - name: event.kind -- external: ecs - name: event.module -- external: ecs - name: event.type -- external: ecs - name: host.ip -- external: ecs - name: tags -- external: ecs - name: ecs.version diff --git a/packages/spring_boot/data_stream/audit_events/sample_event.json b/packages/spring_boot/data_stream/audit_events/sample_event.json index 7b11b2fbc021..5218a2381e3a 100644 --- a/packages/spring_boot/data_stream/audit_events/sample_event.json +++ b/packages/spring_boot/data_stream/audit_events/sample_event.json @@ -13,7 +13,7 @@ "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", @@ -22,7 +22,9 @@ }, "event": { "agent_id_status": "verified", - "category": "web", + "category": [ + "web" + ], "created": "2022-08-05T09:30:10.644Z", "dataset": "spring_boot.audit_events", "ingested": "2022-08-05T09:30:14Z", @@ -66,4 +68,4 @@ "tags": [ "spring_boot.audit_events.metrics" ] -} \ No newline at end of file +} diff --git a/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-g1-concurrency-generation-metrics.json-expected.json b/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-g1-concurrency-generation-metrics.json-expected.json index 4a6ce439f239..5ac5ee916427 100644 --- a/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-g1-concurrency-generation-metrics.json-expected.json +++ b/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-g1-concurrency-generation-metrics.json-expected.json @@ -2,7 +2,7 @@ "expected": [ { "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ diff --git a/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-g1-young-generation-metrics.json-expected.json b/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-g1-young-generation-metrics.json-expected.json index b1e54205114a..d48751ab17fe 100644 --- a/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-g1-young-generation-metrics.json-expected.json +++ b/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-g1-young-generation-metrics.json-expected.json @@ -2,7 +2,7 @@ "expected": [ { "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ diff --git a/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-ps-marksweep-metrics.json-expected.json b/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-ps-marksweep-metrics.json-expected.json index bfe0a6871707..ef8dd4e74072 100644 --- a/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-ps-marksweep-metrics.json-expected.json +++ b/packages/spring_boot/data_stream/gc/_dev/test/pipeline/test-gc-ps-marksweep-metrics.json-expected.json @@ -2,7 +2,7 @@ "expected": [ { "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ diff --git a/packages/spring_boot/data_stream/gc/elasticsearch/ingest_pipeline/default.yml b/packages/spring_boot/data_stream/gc/elasticsearch/ingest_pipeline/default.yml index 3100ff8637f0..2ce2ebd827d0 100644 --- a/packages/spring_boot/data_stream/gc/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spring_boot/data_stream/gc/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for parsing Spring Boot Garbage Collector (GC) metrics. processors: - set: field: ecs.version - value: "8.5.1" + value: "8.11.0" - set: field: event.type value: [info] diff --git a/packages/spring_boot/data_stream/gc/fields/ecs.yml b/packages/spring_boot/data_stream/gc/fields/ecs.yml deleted file mode 100644 index 6e6770100a46..000000000000 --- a/packages/spring_boot/data_stream/gc/fields/ecs.yml +++ /dev/null @@ -1,26 +0,0 @@ -- external: ecs - name: ecs.version -- external: ecs - name: error.message -- external: ecs - name: event.category -- external: ecs - name: event.dataset -- external: ecs - name: event.duration -- external: ecs - name: event.ingested -- external: ecs - name: event.kind -- external: ecs - name: event.module -- external: ecs - name: event.type -- external: ecs - name: host.ip -- external: ecs - name: service.address -- external: ecs - name: service.type -- external: ecs - name: tags diff --git a/packages/spring_boot/data_stream/gc/sample_event.json b/packages/spring_boot/data_stream/gc/sample_event.json index 53b3975fb961..1436ef14a4ef 100644 --- a/packages/spring_boot/data_stream/gc/sample_event.json +++ b/packages/spring_boot/data_stream/gc/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "9a3f2233-d554-4847-9b74-1465e769563d", @@ -159,4 +159,4 @@ "tags": [ "spring_boot.gc.metrics" ] -} \ No newline at end of file +} diff --git a/packages/spring_boot/data_stream/http_trace/_dev/test/pipeline/test-httptrace-metrics.log-expected.json b/packages/spring_boot/data_stream/http_trace/_dev/test/pipeline/test-httptrace-metrics.log-expected.json index 4bcf31174f3e..e57796af3617 100644 --- a/packages/spring_boot/data_stream/http_trace/_dev/test/pipeline/test-httptrace-metrics.log-expected.json +++ b/packages/spring_boot/data_stream/http_trace/_dev/test/pipeline/test-httptrace-metrics.log-expected.json @@ -2,10 +2,12 @@ "expected": [ { "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "category": "web", + "category": [ + "web" + ], "dataset": "spring_boot.http_trace", "duration": 1, "kind": "event", diff --git a/packages/spring_boot/data_stream/http_trace/elasticsearch/ingest_pipeline/default.yml b/packages/spring_boot/data_stream/http_trace/elasticsearch/ingest_pipeline/default.yml index 492101e8a4ff..45acd444640a 100644 --- a/packages/spring_boot/data_stream/http_trace/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spring_boot/data_stream/http_trace/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for processing http_trace logs processors: - set: field: ecs.version - value: "8.5.1" + value: "8.11.0" - rename: field: message target_field: event.original @@ -27,7 +27,7 @@ processors: value: event - set: field: event.category - value: web + value: [web] - set: field: event.dataset value: spring_boot.http_trace diff --git a/packages/spring_boot/data_stream/http_trace/fields/ecs.yml b/packages/spring_boot/data_stream/http_trace/fields/ecs.yml deleted file mode 100644 index f54a59e79aa1..000000000000 --- a/packages/spring_boot/data_stream/http_trace/fields/ecs.yml +++ /dev/null @@ -1,22 +0,0 @@ -- external: ecs - name: event.dataset -- external: ecs - name: event.duration -- external: ecs - name: event.kind -- external: ecs - name: event.module -- external: ecs - name: event.type -- external: ecs - name: ecs.version -- external: ecs - name: host.ip -- external: ecs - name: http.request.method -- external: ecs - name: http.request.referrer -- external: ecs - name: http.response.status_code -- external: ecs - name: tags diff --git a/packages/spring_boot/data_stream/http_trace/sample_event.json b/packages/spring_boot/data_stream/http_trace/sample_event.json index 7161e8ef7008..acb33fa56ba6 100644 --- a/packages/spring_boot/data_stream/http_trace/sample_event.json +++ b/packages/spring_boot/data_stream/http_trace/sample_event.json @@ -13,7 +13,7 @@ "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", @@ -22,7 +22,9 @@ }, "event": { "agent_id_status": "verified", - "category": "web", + "category": [ + "web" + ], "created": "2022-08-05T09:31:44.895Z", "dataset": "spring_boot.http_trace", "duration": 2, @@ -66,4 +68,4 @@ "tags": [ "spring_boot.http_trace.metrics" ] -} \ No newline at end of file +} diff --git a/packages/spring_boot/data_stream/memory/elasticsearch/ingest_pipeline/default.yml b/packages/spring_boot/data_stream/memory/elasticsearch/ingest_pipeline/default.yml index ca5e833f1a7b..e5d44286000f 100644 --- a/packages/spring_boot/data_stream/memory/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spring_boot/data_stream/memory/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for parsing Spring Boot Memory metrics. processors: - set: field: ecs.version - value: "8.5.1" + value: "8.11.0" - rename: field: jolokia.metrics target_field: spring_boot.memory @@ -11,7 +11,7 @@ processors: ignore_failure: true - set: field: event.type - value: info + value: [info] - set: field: event.kind value: metric diff --git a/packages/spring_boot/data_stream/memory/fields/ecs.yml b/packages/spring_boot/data_stream/memory/fields/ecs.yml deleted file mode 100644 index 49d913a6a3cd..000000000000 --- a/packages/spring_boot/data_stream/memory/fields/ecs.yml +++ /dev/null @@ -1,20 +0,0 @@ -- external: ecs - name: ecs.version -- external: ecs - name: error.message -- external: ecs - name: event.category -- external: ecs - name: event.dataset -- external: ecs - name: event.kind -- external: ecs - name: event.module -- external: ecs - name: host.ip -- external: ecs - name: service.address -- external: ecs - name: service.type -- external: ecs - name: tags diff --git a/packages/spring_boot/data_stream/memory/sample_event.json b/packages/spring_boot/data_stream/memory/sample_event.json index e84579d2bc1a..92d28e7a9144 100644 --- a/packages/spring_boot/data_stream/memory/sample_event.json +++ b/packages/spring_boot/data_stream/memory/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "9a3f2233-d554-4847-9b74-1465e769563d", @@ -30,7 +30,9 @@ "ingested": "2023-09-28T13:08:48Z", "kind": "metric", "module": "spring_boot", - "type": "info" + "type": [ + "info" + ] }, "host": { "architecture": "x86_64", @@ -81,4 +83,4 @@ "tags": [ "spring_boot.memory.metrics" ] -} \ No newline at end of file +} diff --git a/packages/spring_boot/data_stream/threading/elasticsearch/ingest_pipeline/default.yml b/packages/spring_boot/data_stream/threading/elasticsearch/ingest_pipeline/default.yml index e7ba984be88e..408b10580dc9 100644 --- a/packages/spring_boot/data_stream/threading/elasticsearch/ingest_pipeline/default.yml +++ b/packages/spring_boot/data_stream/threading/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for parsing Spring Boot Threading metrics. processors: - set: field: ecs.version - value: "8.5.1" + value: "8.11.0" - rename: field: jolokia.metrics target_field: spring_boot.threading @@ -11,7 +11,7 @@ processors: ignore_failure: true - set: field: event.type - value: info + value: [info] - set: field: event.kind value: metric diff --git a/packages/spring_boot/data_stream/threading/fields/ecs.yml b/packages/spring_boot/data_stream/threading/fields/ecs.yml deleted file mode 100644 index 49d913a6a3cd..000000000000 --- a/packages/spring_boot/data_stream/threading/fields/ecs.yml +++ /dev/null @@ -1,20 +0,0 @@ -- external: ecs - name: ecs.version -- external: ecs - name: error.message -- external: ecs - name: event.category -- external: ecs - name: event.dataset -- external: ecs - name: event.kind -- external: ecs - name: event.module -- external: ecs - name: host.ip -- external: ecs - name: service.address -- external: ecs - name: service.type -- external: ecs - name: tags diff --git a/packages/spring_boot/data_stream/threading/sample_event.json b/packages/spring_boot/data_stream/threading/sample_event.json index a13b36a5b369..0d75519cd984 100644 --- a/packages/spring_boot/data_stream/threading/sample_event.json +++ b/packages/spring_boot/data_stream/threading/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "9a3f2233-d554-4847-9b74-1465e769563d", @@ -30,7 +30,9 @@ "ingested": "2023-09-28T13:09:38Z", "kind": "metric", "module": "spring_boot", - "type": "info" + "type": [ + "info" + ] }, "host": { "architecture": "x86_64", @@ -81,4 +83,4 @@ "tags": [ "spring_boot.threading.metrics" ] -} \ No newline at end of file +} diff --git a/packages/spring_boot/docs/README.md b/packages/spring_boot/docs/README.md index 0bd32cf577f7..bc21dce2619d 100644 --- a/packages/spring_boot/docs/README.md +++ b/packages/spring_boot/docs/README.md @@ -96,7 +96,7 @@ An example event for `audit_events` looks as following: "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", @@ -105,7 +105,9 @@ An example event for `audit_events` looks as following: }, "event": { "agent_id_status": "verified", - "category": "web", + "category": [ + "web" + ], "created": "2022-08-05T09:30:10.644Z", "dataset": "spring_boot.audit_events", "ingested": "2022-08-05T09:30:14Z", @@ -150,6 +152,7 @@ An example event for `audit_events` looks as following: "spring_boot.audit_events.metrics" ] } + ``` **Exported fields** @@ -160,18 +163,11 @@ An example event for `audit_events` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | -| event.module | Name of the module this data is coming from. If your monitoring agent supports the concept of modules or plugins to process events of a given source (e.g. Apache logs), `event.module` should contain the name of this module. | keyword | -| event.type | This is one of four ECS Categorization Fields, and indicates the third level in the ECS category hierarchy. `event.type` represents a categorization "sub-bucket" that, when used along with the `event.category` field values, enables filtering events down to a level appropriate for single visualization. This field is an array. This will allow proper categorization of some events that fall in multiple event types. | keyword | -| host.ip | Host ip addresses. | ip | | spring_boot.audit_events.data.remote_address | Remote Address of the Spring Boot application user. | keyword | | spring_boot.audit_events.data.session_id | Session ID of the Spring Boot application user. | keyword | | spring_boot.audit_events.document_id | Unique document id generated by Elasticsearch. | keyword | | spring_boot.audit_events.principal | Restricts the events to those with the given principal. | keyword | | spring_boot.audit_events.type | Authentication type. | keyword | -| tags | List of keywords used to tag each event. | keyword | ### HTTP Trace logs @@ -198,7 +194,7 @@ An example event for `http_trace` looks as following: "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", @@ -207,7 +203,9 @@ An example event for `http_trace` looks as following: }, "event": { "agent_id_status": "verified", - "category": "web", + "category": [ + "web" + ], "created": "2022-08-05T09:31:44.895Z", "dataset": "spring_boot.http_trace", "duration": 2, @@ -252,6 +250,7 @@ An example event for `http_trace` looks as following: "spring_boot.http_trace.metrics" ] } + ``` **Exported fields** @@ -262,19 +261,8 @@ An example event for `http_trace` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | -| event.duration | Duration of the event in nanoseconds. If event.start and event.end are known this value should be the difference between the end and start time. | long | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | -| event.module | Name of the module this data is coming from. If your monitoring agent supports the concept of modules or plugins to process events of a given source (e.g. Apache logs), `event.module` should contain the name of this module. | keyword | -| event.type | This is one of four ECS Categorization Fields, and indicates the third level in the ECS category hierarchy. `event.type` represents a categorization "sub-bucket" that, when used along with the `event.category` field values, enables filtering events down to a level appropriate for single visualization. This field is an array. This will allow proper categorization of some events that fall in multiple event types. | keyword | -| host.ip | Host ip addresses. | ip | -| http.request.method | HTTP request method. The value should retain its casing from the original event. For example, `GET`, `get`, and `GeT` are all considered valid values for this field. | keyword | -| http.request.referrer | Referrer for this HTTP request. | keyword | -| http.response.status_code | HTTP response status code. | long | | spring_boot.http_trace.principal | Principal of the exchange. | keyword | | spring_boot.http_trace.session | Session associated with the exchange. | keyword | -| tags | List of keywords used to tag each event. | keyword | ## Metrics @@ -303,7 +291,7 @@ An example event for `memory` looks as following: "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "9a3f2233-d554-4847-9b74-1465e769563d", @@ -320,7 +308,9 @@ An example event for `memory` looks as following: "ingested": "2023-09-28T13:08:48Z", "kind": "metric", "module": "spring_boot", - "type": "info" + "type": [ + "info" + ] }, "host": { "architecture": "x86_64", @@ -372,6 +362,7 @@ An example event for `memory` looks as following: "spring_boot.memory.metrics" ] } + ``` **Exported fields** @@ -382,15 +373,6 @@ An example event for `memory` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| error.message | Error message. | match_only_text | -| event.category | This is one of four ECS Categorization Fields, and indicates the second level in the ECS category hierarchy. `event.category` represents the "big buckets" of ECS categories. For example, filtering on `event.category:process` yields all events relating to process activity. This field is closely related to `event.type`, which is used as a subcategory. This field is an array. This will allow proper categorization of some events that fall in multiple categories. | keyword | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | -| event.module | Name of the module this data is coming from. If your monitoring agent supports the concept of modules or plugins to process events of a given source (e.g. Apache logs), `event.module` should contain the name of this module. | keyword | -| host.ip | Host ip addresses. | ip | -| service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | spring_boot.memory.buffer_pool.direct.count | Count of direct buffer pool memory. | long | | spring_boot.memory.buffer_pool.direct.total_capacity | Total capacity of direct buffer pool memory. | long | | spring_boot.memory.buffer_pool.direct.used | Used memory of direct buffer pool. | long | @@ -409,7 +391,6 @@ An example event for `memory` looks as following: | spring_boot.memory.non_heap.init | Init non-heap memory usage of JVM. | long | | spring_boot.memory.non_heap.max | Max non-heap memory usage of JVM. | long | | spring_boot.memory.non_heap.used | Used non-heap memory usage of JVM. | long | -| tags | List of keywords used to tag each event. | keyword | ### Threading Metrics @@ -436,7 +417,7 @@ An example event for `threading` looks as following: "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "9a3f2233-d554-4847-9b74-1465e769563d", @@ -453,7 +434,9 @@ An example event for `threading` looks as following: "ingested": "2023-09-28T13:09:38Z", "kind": "metric", "module": "spring_boot", - "type": "info" + "type": [ + "info" + ] }, "host": { "architecture": "x86_64", @@ -505,6 +488,7 @@ An example event for `threading` looks as following: "spring_boot.threading.metrics" ] } + ``` **Exported fields** @@ -515,22 +499,12 @@ An example event for `threading` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| error.message | Error message. | match_only_text | -| event.category | This is one of four ECS Categorization Fields, and indicates the second level in the ECS category hierarchy. `event.category` represents the "big buckets" of ECS categories. For example, filtering on `event.category:process` yields all events relating to process activity. This field is closely related to `event.type`, which is used as a subcategory. This field is an array. This will allow proper categorization of some events that fall in multiple categories. | keyword | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | -| event.module | Name of the module this data is coming from. If your monitoring agent supports the concept of modules or plugins to process events of a given source (e.g. Apache logs), `event.module` should contain the name of this module. | keyword | -| host.ip | Host ip addresses. | ip | -| service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | spring_boot.threading.threads.count | Current number of live threads including both daemon and non-daemon threads. | long | | spring_boot.threading.threads.current.allocated_bytes | Allocated bytes for the current thread. | double | | spring_boot.threading.threads.current.time.cpu | CPU time for the current thread in nanoseconds. | long | | spring_boot.threading.threads.current.time.user | User time for the current thread. | long | | spring_boot.threading.threads.daemon | Current number of live daemon threads. | long | | spring_boot.threading.threads.started | Total number of threads created and also started since the Java virtual machine started. | long | -| tags | List of keywords used to tag each event. | keyword | ### GC Metrics @@ -557,7 +531,7 @@ An example event for `gc` looks as following: "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "9a3f2233-d554-4847-9b74-1465e769563d", @@ -704,6 +678,7 @@ An example event for `gc` looks as following: "spring_boot.gc.metrics" ] } + ``` **Exported fields** @@ -714,18 +689,6 @@ An example event for `gc` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | -| error.message | Error message. | match_only_text | | -| event.category | This is one of four ECS Categorization Fields, and indicates the second level in the ECS category hierarchy. `event.category` represents the "big buckets" of ECS categories. For example, filtering on `event.category:process` yields all events relating to process activity. This field is closely related to `event.type`, which is used as a subcategory. This field is an array. This will allow proper categorization of some events that fall in multiple categories. | keyword | | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | | -| event.duration | Duration of the event in nanoseconds. If event.start and event.end are known this value should be the difference between the end and start time. | long | | -| event.ingested | Timestamp when an event arrived in the central data store. This is different from `@timestamp`, which is when the event originally occurred. It's also different from `event.created`, which is meant to capture the first time an agent saw the event. In normal conditions, assuming no tampering, the timestamps should chronologically look like this: `@timestamp` \< `event.created` \< `event.ingested`. | date | | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | | -| event.module | Name of the module this data is coming from. If your monitoring agent supports the concept of modules or plugins to process events of a given source (e.g. Apache logs), `event.module` should contain the name of this module. | keyword | | -| event.type | This is one of four ECS Categorization Fields, and indicates the third level in the ECS category hierarchy. `event.type` represents a categorization "sub-bucket" that, when used along with the `event.category` field values, enables filtering events down to a level appropriate for single visualization. This field is an array. This will allow proper categorization of some events that fall in multiple event types. | keyword | | -| host.ip | Host ip addresses. | ip | | -| service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | | spring_boot.gc.last_info.id | ID of the GC. | long | | | spring_boot.gc.last_info.memory_usage.after.code_cache.committed | Committed memory of the code cache memory pool after GC started. | long | byte | | spring_boot.gc.last_info.memory_usage.after.code_cache.init | Init memory of the code cache memory pool after GC started. | long | byte | @@ -804,5 +767,4 @@ An example event for `gc` looks as following: | spring_boot.gc.last_info.time.end | End time of the GC. | long | ms | | spring_boot.gc.last_info.time.start | Start time of the GC. | long | ms | | spring_boot.gc.name | Name of the GC. | keyword | | -| tags | List of keywords used to tag each event. | keyword | | diff --git a/packages/spring_boot/kibana/dashboard/spring_boot-6fe11330-c7f1-11ec-986a-f1e84447fd00.json b/packages/spring_boot/kibana/dashboard/spring_boot-6fe11330-c7f1-11ec-986a-f1e84447fd00.json index 80518abebe06..186eb8772cec 100644 --- a/packages/spring_boot/kibana/dashboard/spring_boot-6fe11330-c7f1-11ec-986a-f1e84447fd00.json +++ b/packages/spring_boot/kibana/dashboard/spring_boot-6fe11330-c7f1-11ec-986a-f1e84447fd00.json @@ -1,437 +1,437 @@ { - "id": "spring_boot-6fe11330-c7f1-11ec-986a-f1e84447fd00", - "type": "dashboard", - "namespaces": [ - "default" - ], - "migrationVersion": { - "dashboard": "8.7.0" - }, - "coreMigrationVersion": "8.8.0", - "typeMigrationVersion": "8.7.0", - "updated_at": "2024-01-03T20:12:28.833Z", - "created_at": "2024-01-03T20:12:28.833Z", - "version": "Wzk5LDFd", - "attributes": { - "description": "Audit events of the Spring Boot system.", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [], - "query": { - "language": "kuery", - "query": "" - } - } - }, - "optionsJSON": { - "hidePanelTitles": false, - "syncColors": false, - "useMargins": true + "id": "spring_boot-6fe11330-c7f1-11ec-986a-f1e84447fd00", + "type": "dashboard", + "namespaces": [ + "default" + ], + "migrationVersion": { + "dashboard": "8.7.0" }, - "panelsJSON": [ - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "description": "", - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "41dbf555-e40a-45dc-83d7-18b18263e8de": { - "columnOrder": [ - "3624c7a7-411d-4138-9fdf-8b8a0694d285", - "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", - "a84b9b2d-8712-4975-a242-7996161a71da", - "5209c821-5ae2-40d6-b2c5-321b76c96ebc", - "52932019-4385-469b-9f4d-6becd3a912f6", - "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081" - ], - "columns": { - "3624c7a7-411d-4138-9fdf-8b8a0694d285": { - "dataType": "string", - "isBucketed": true, - "label": "Top 100 values of spring_boot.audit_events.document_id", - "operationType": "terms", - "params": { - "missingBucket": false, - "orderBy": { - "fallback": true, - "type": "alphabetical" + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "8.7.0", + "updated_at": "2024-01-03T20:12:28.833Z", + "created_at": "2024-01-03T20:12:28.833Z", + "version": "Wzk5LDFd", + "attributes": { + "description": "Audit events of the Spring Boot system.", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "query": { + "language": "kuery", + "query": "" + } + } + }, + "optionsJSON": { + "hidePanelTitles": false, + "syncColors": false, + "useMargins": true + }, + "panelsJSON": [ + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "description": "", + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "41dbf555-e40a-45dc-83d7-18b18263e8de": { + "columnOrder": [ + "3624c7a7-411d-4138-9fdf-8b8a0694d285", + "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", + "a84b9b2d-8712-4975-a242-7996161a71da", + "5209c821-5ae2-40d6-b2c5-321b76c96ebc", + "52932019-4385-469b-9f4d-6becd3a912f6", + "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081" + ], + "columns": { + "3624c7a7-411d-4138-9fdf-8b8a0694d285": { + "dataType": "string", + "isBucketed": true, + "label": "Top 100 values of spring_boot.audit_events.document_id", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "fallback": true, + "type": "alphabetical" + }, + "orderDirection": "asc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 100 + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.document_id" + }, + "5209c821-5ae2-40d6-b2c5-321b76c96ebc": { + "customLabel": true, + "dataType": "string", + "isBucketed": false, + "label": "Host", + "operationType": "last_value", + "params": { + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.data.remote_address" + }, + "52932019-4385-469b-9f4d-6becd3a912f6": { + "customLabel": true, + "dataType": "string", + "isBucketed": false, + "label": "Session ID", + "operationType": "last_value", + "params": { + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.data.session_id" + }, + "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081": { + "customLabel": true, + "dataType": "string", + "isBucketed": false, + "label": "Authentication type", + "operationType": "last_value", + "params": { + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.type" + }, + "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "includeEmptyRows": false, + "interval": "1s" + }, + "scale": "interval", + "sourceField": "@timestamp" + }, + "a84b9b2d-8712-4975-a242-7996161a71da": { + "customLabel": true, + "dataType": "string", + "isBucketed": false, + "label": "Principal", + "operationType": "last_value", + "params": { + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.principal" + } + }, + "incompleteColumns": {} + } + } + } }, - "orderDirection": "asc", - "otherBucket": false, - "parentFormat": { - "id": "terms" + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "96d564d4-65af-4ed2-a3f6-0af7787d4b01", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.audit_events" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.audit_events" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" }, - "size": 100 - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.document_id" - }, - "5209c821-5ae2-40d6-b2c5-321b76c96ebc": { - "customLabel": true, - "dataType": "string", - "isBucketed": false, - "label": "Host", - "operationType": "last_value", - "params": { - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.data.remote_address" - }, - "52932019-4385-469b-9f4d-6becd3a912f6": { - "customLabel": true, - "dataType": "string", - "isBucketed": false, - "label": "Session ID", - "operationType": "last_value", - "params": { - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.data.session_id" - }, - "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081": { - "customLabel": true, - "dataType": "string", - "isBucketed": false, - "label": "Authentication type", - "operationType": "last_value", - "params": { - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.type" - }, - "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "includeEmptyRows": false, - "interval": "1s" - }, - "scale": "interval", - "sourceField": "@timestamp" + "visualization": { + "columns": [ + { + "alignment": "center", + "columnId": "a84b9b2d-8712-4975-a242-7996161a71da", + "hidden": false, + "isTransposed": false, + "width": 166 + }, + { + "alignment": "center", + "columnId": "5209c821-5ae2-40d6-b2c5-321b76c96ebc", + "isTransposed": false, + "width": 183.41666666666669 + }, + { + "alignment": "center", + "columnId": "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081", + "isTransposed": false, + "width": 296.41666666666674 + }, + { + "alignment": "center", + "columnId": "3624c7a7-411d-4138-9fdf-8b8a0694d285", + "hidden": true, + "isTransposed": false + }, + { + "alignment": "center", + "columnId": "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", + "isTransposed": false, + "width": 128.16666666666652 + }, + { + "alignment": "center", + "columnId": "52932019-4385-469b-9f4d-6becd3a912f6", + "isTransposed": false + } + ], + "fitRowToContent": true, + "layerId": "41dbf555-e40a-45dc-83d7-18b18263e8de", + "layerType": "data", + "paging": { + "enabled": true, + "size": 10 + }, + "rowHeight": "auto", + "rowHeightLines": 2, + "sorting": { + "columnId": "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", + "direction": "desc" + } + } }, - "a84b9b2d-8712-4975-a242-7996161a71da": { - "customLabel": true, - "dataType": "string", - "isBucketed": false, - "label": "Principal", - "operationType": "last_value", - "params": { - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.principal" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "96d564d4-65af-4ed2-a3f6-0af7787d4b01", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.audit_events" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.audit_events" + "title": "Audit Events [Logs Spring Boot]", + "visualizationType": "lnsDatatable", + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-41dbf555-e40a-45dc-83d7-18b18263e8de", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "96d564d4-65af-4ed2-a3f6-0af7787d4b01", + "type": "index-pattern" + } + ] } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "columns": [ - { - "alignment": "center", - "columnId": "a84b9b2d-8712-4975-a242-7996161a71da", - "hidden": false, - "isTransposed": false, - "width": 166 - }, - { - "alignment": "center", - "columnId": "5209c821-5ae2-40d6-b2c5-321b76c96ebc", - "isTransposed": false, - "width": 183.41666666666669 - }, - { - "alignment": "center", - "columnId": "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081", - "isTransposed": false, - "width": 296.41666666666674 - }, - { - "alignment": "center", - "columnId": "3624c7a7-411d-4138-9fdf-8b8a0694d285", - "hidden": true, - "isTransposed": false - }, - { - "alignment": "center", - "columnId": "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", - "isTransposed": false, - "width": 128.16666666666652 - }, - { - "alignment": "center", - "columnId": "52932019-4385-469b-9f4d-6becd3a912f6", - "isTransposed": false - } - ], - "fitRowToContent": true, - "layerId": "41dbf555-e40a-45dc-83d7-18b18263e8de", - "layerType": "data", - "paging": { - "enabled": true, - "size": 10 }, - "rowHeight": "auto", - "rowHeightLines": 2, - "sorting": { - "columnId": "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", - "direction": "desc" - } - } + "gridData": { + "h": 16, + "i": "e3c09d50-2585-4fdf-90bd-1b1a837edf6a", + "w": 32, + "x": 0, + "y": 0 + }, + "panelIndex": "e3c09d50-2585-4fdf-90bd-1b1a837edf6a", + "type": "lens", + "version": "8.6.0" }, - "title": "Audit Events [Logs Spring Boot]", - "visualizationType": "lnsDatatable", - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-41dbf555-e40a-45dc-83d7-18b18263e8de", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "96d564d4-65af-4ed2-a3f6-0af7787d4b01", - "type": "index-pattern" - } - ] - } - }, - "gridData": { - "h": 16, - "i": "e3c09d50-2585-4fdf-90bd-1b1a837edf6a", - "w": 32, - "x": 0, - "y": 0 - }, - "panelIndex": "e3c09d50-2585-4fdf-90bd-1b1a837edf6a", - "type": "lens", - "version": "8.6.0" - }, - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "73272b0b-e1d4-4a44-9904-adaad0d24159": { - "columnOrder": [ - "2fe1f301-207a-48ff-aa1c-13aaed31b9db", - "1b8c4683-1d76-49cc-95c8-691612657847" - ], - "columns": { - "1b8c4683-1d76-49cc-95c8-691612657847": { - "dataType": "number", - "isBucketed": false, - "label": "Count of records", - "operationType": "count", - "params": { - "format": { - "id": "number", - "params": { - "decimals": 2 - } + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "73272b0b-e1d4-4a44-9904-adaad0d24159": { + "columnOrder": [ + "2fe1f301-207a-48ff-aa1c-13aaed31b9db", + "1b8c4683-1d76-49cc-95c8-691612657847" + ], + "columns": { + "1b8c4683-1d76-49cc-95c8-691612657847": { + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "params": { + "format": { + "id": "number", + "params": { + "decimals": 2 + } + } + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "2fe1f301-207a-48ff-aa1c-13aaed31b9db": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "Authentication Type", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "1b8c4683-1d76-49cc-95c8-691612657847", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 5 + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.type" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.audit_events" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.audit_events" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "categoryDisplay": "default", + "layerId": "73272b0b-e1d4-4a44-9904-adaad0d24159", + "layerType": "data", + "legendDisplay": "show", + "legendMaxLines": 1, + "legendPosition": "bottom", + "nestedLegend": true, + "numberDisplay": "percent", + "truncateLegend": true, + "legendSize": "auto", + "primaryGroups": [ + "2fe1f301-207a-48ff-aa1c-13aaed31b9db" + ], + "metrics": [ + "1b8c4683-1d76-49cc-95c8-691612657847" + ] + } + ], + "shape": "pie" } - }, - "scale": "ratio", - "sourceField": "___records___" }, - "2fe1f301-207a-48ff-aa1c-13aaed31b9db": { - "customLabel": true, - "dataType": "string", - "isBucketed": true, - "label": "Authentication Type", - "operationType": "terms", - "params": { - "missingBucket": false, - "orderBy": { - "columnId": "1b8c4683-1d76-49cc-95c8-691612657847", - "type": "column" + "title": "Authentication type [Logs Spring Boot]", + "visualizationType": "lnsPie", + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" }, - "orderDirection": "desc", - "otherBucket": false, - "parentFormat": { - "id": "terms" + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-73272b0b-e1d4-4a44-9904-adaad0d24159", + "type": "index-pattern" }, - "size": 5 - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.type" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.audit_events" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.audit_events" + { + "id": "logs-*", + "name": "b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", + "type": "index-pattern" + } + ] } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "layers": [ - { - "categoryDisplay": "default", - "layerId": "73272b0b-e1d4-4a44-9904-adaad0d24159", - "layerType": "data", - "legendDisplay": "show", - "legendMaxLines": 1, - "legendPosition": "bottom", - "nestedLegend": true, - "numberDisplay": "percent", - "truncateLegend": true, - "legendSize": "auto", - "primaryGroups": [ - "2fe1f301-207a-48ff-aa1c-13aaed31b9db" - ], - "metrics": [ - "1b8c4683-1d76-49cc-95c8-691612657847" - ] - } - ], - "shape": "pie" - } - }, - "title": "Authentication type [Logs Spring Boot]", - "visualizationType": "lnsPie", - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-73272b0b-e1d4-4a44-9904-adaad0d24159", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", - "type": "index-pattern" - } - ] - } + }, + "gridData": { + "h": 16, + "i": "33cab98f-7c8f-4d79-ad28-f2a0e7113b46", + "w": 16, + "x": 32, + "y": 0 + }, + "panelIndex": "33cab98f-7c8f-4d79-ad28-f2a0e7113b46", + "type": "lens", + "version": "8.6.0" + } + ], + "timeRestore": false, + "title": "[Spring Boot] Audit Events", + "version": 1 + }, + "references": [ + { + "type": "index-pattern", + "name": "e3c09d50-2585-4fdf-90bd-1b1a837edf6a:indexpattern-datasource-current-indexpattern", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "e3c09d50-2585-4fdf-90bd-1b1a837edf6a:indexpattern-datasource-layer-41dbf555-e40a-45dc-83d7-18b18263e8de", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "e3c09d50-2585-4fdf-90bd-1b1a837edf6a:96d564d4-65af-4ed2-a3f6-0af7787d4b01", + "id": "logs-*" }, - "gridData": { - "h": 16, - "i": "33cab98f-7c8f-4d79-ad28-f2a0e7113b46", - "w": 16, - "x": 32, - "y": 0 + { + "type": "index-pattern", + "name": "33cab98f-7c8f-4d79-ad28-f2a0e7113b46:indexpattern-datasource-current-indexpattern", + "id": "logs-*" }, - "panelIndex": "33cab98f-7c8f-4d79-ad28-f2a0e7113b46", - "type": "lens", - "version": "8.6.0" - } + { + "type": "index-pattern", + "name": "33cab98f-7c8f-4d79-ad28-f2a0e7113b46:indexpattern-datasource-layer-73272b0b-e1d4-4a44-9904-adaad0d24159", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "33cab98f-7c8f-4d79-ad28-f2a0e7113b46:b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", + "id": "logs-*" + } ], - "timeRestore": false, - "title": "[Spring Boot] Audit Events", - "version": 1 - }, - "references": [ - { - "type": "index-pattern", - "name": "e3c09d50-2585-4fdf-90bd-1b1a837edf6a:indexpattern-datasource-current-indexpattern", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "e3c09d50-2585-4fdf-90bd-1b1a837edf6a:indexpattern-datasource-layer-41dbf555-e40a-45dc-83d7-18b18263e8de", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "e3c09d50-2585-4fdf-90bd-1b1a837edf6a:96d564d4-65af-4ed2-a3f6-0af7787d4b01", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "33cab98f-7c8f-4d79-ad28-f2a0e7113b46:indexpattern-datasource-current-indexpattern", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "33cab98f-7c8f-4d79-ad28-f2a0e7113b46:indexpattern-datasource-layer-73272b0b-e1d4-4a44-9904-adaad0d24159", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "33cab98f-7c8f-4d79-ad28-f2a0e7113b46:b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", - "id": "logs-*" - } - ], - "managed": false + "managed": false } \ No newline at end of file diff --git a/packages/spring_boot/kibana/dashboard/spring_boot-6fe782d0-ca15-11ec-b4b1-b57f75afa7dd.json b/packages/spring_boot/kibana/dashboard/spring_boot-6fe782d0-ca15-11ec-b4b1-b57f75afa7dd.json index 8011aaad8577..246a2ad512cc 100644 --- a/packages/spring_boot/kibana/dashboard/spring_boot-6fe782d0-ca15-11ec-b4b1-b57f75afa7dd.json +++ b/packages/spring_boot/kibana/dashboard/spring_boot-6fe782d0-ca15-11ec-b4b1-b57f75afa7dd.json @@ -1,380 +1,380 @@ { - "id": "spring_boot-6fe782d0-ca15-11ec-b4b1-b57f75afa7dd", - "type": "dashboard", - "namespaces": [ - "default" - ], - "migrationVersion": { - "dashboard": "8.7.0" - }, - "coreMigrationVersion": "8.8.0", - "typeMigrationVersion": "8.7.0", - "updated_at": "2024-01-03T20:12:28.833Z", - "created_at": "2024-01-03T20:12:28.833Z", - "version": "WzEwMCwxXQ==", - "attributes": { - "description": "Access logs dashboard of Spring Boot application.", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [], - "query": { - "language": "kuery", - "query": "" - } - } - }, - "optionsJSON": { - "hidePanelTitles": false, - "syncColors": false, - "useMargins": true + "id": "spring_boot-6fe782d0-ca15-11ec-b4b1-b57f75afa7dd", + "type": "dashboard", + "namespaces": [ + "default" + ], + "migrationVersion": { + "dashboard": "8.7.0" }, - "panelsJSON": [ - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "12461a5e-412f-4380-9b8a-d4dfe0fa20bc": { - "columnOrder": [ - "59a904ae-9fcd-4d06-b201-09117b1981d6", - "9a043bf0-329d-4632-a095-86760550bd75" - ], - "columns": { - "59a904ae-9fcd-4d06-b201-09117b1981d6": { - "dataType": "string", - "isBucketed": true, - "label": "Top values of http.request.method", - "operationType": "terms", - "params": { - "missingBucket": false, - "orderBy": { - "columnId": "9a043bf0-329d-4632-a095-86760550bd75", - "type": "column" - }, - "orderDirection": "desc", - "otherBucket": false, - "parentFormat": { - "id": "terms" - }, - "size": 5 - }, - "scale": "ordinal", - "sourceField": "http.request.method" - }, - "9a043bf0-329d-4632-a095-86760550bd75": { - "dataType": "number", - "isBucketed": false, - "label": "Count of records", - "operationType": "count", - "scale": "ratio", - "sourceField": "___records___" - } - }, - "incompleteColumns": {} - } - } + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "8.7.0", + "updated_at": "2024-01-03T20:12:28.833Z", + "created_at": "2024-01-03T20:12:28.833Z", + "version": "WzEwMCwxXQ==", + "attributes": { + "description": "Access logs dashboard of Spring Boot application.", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "query": { + "language": "kuery", + "query": "" } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "76ee3705-3872-45f3-8cbf-f0595d97905d", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.http_trace" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.http_trace" - } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "layers": [ - { - "categoryDisplay": "default", - "layerId": "12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "layerType": "data", - "legendDisplay": "show", - "nestedLegend": true, - "numberDisplay": "percent", - "legendSize": "auto", - "primaryGroups": [ - "59a904ae-9fcd-4d06-b201-09117b1981d6" - ], - "metrics": [ - "9a043bf0-329d-4632-a095-86760550bd75" - ] - } - ], - "shape": "pie" - } - }, - "title": "HTTP Request method types [Metrics Spring Boot]", - "visualizationType": "lnsPie", - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "76ee3705-3872-45f3-8cbf-f0595d97905d", - "type": "index-pattern" - } - ] - } + } }, - "gridData": { - "h": 13, - "i": "d008cb2e-26ec-4035-a79e-fd58d8b99b6c", - "w": 16, - "x": 0, - "y": 0 + "optionsJSON": { + "hidePanelTitles": false, + "syncColors": false, + "useMargins": true }, - "panelIndex": "d008cb2e-26ec-4035-a79e-fd58d8b99b6c", - "title": "HTTP Request method types [Logs Spring Boot]", - "type": "lens", - "version": "8.6.0" - }, - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "12461a5e-412f-4380-9b8a-d4dfe0fa20bc": { - "columnOrder": [ - "2dbf54bf-2147-4302-902b-a176ae9df338", - "21757728-2591-42a8-bed5-10cc5c097d85", - "9a043bf0-329d-4632-a095-86760550bd75" - ], - "columns": { - "21757728-2591-42a8-bed5-10cc5c097d85": { - "dataType": "number", - "isBucketed": true, - "label": "http.response.status_code", - "operationType": "range", - "params": { - "maxBars": "auto", - "ranges": [ - { - "from": 0, - "label": "", - "to": 1000 - } + "panelsJSON": [ + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "12461a5e-412f-4380-9b8a-d4dfe0fa20bc": { + "columnOrder": [ + "59a904ae-9fcd-4d06-b201-09117b1981d6", + "9a043bf0-329d-4632-a095-86760550bd75" + ], + "columns": { + "59a904ae-9fcd-4d06-b201-09117b1981d6": { + "dataType": "string", + "isBucketed": true, + "label": "Top values of http.request.method", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "9a043bf0-329d-4632-a095-86760550bd75", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 5 + }, + "scale": "ordinal", + "sourceField": "http.request.method" + }, + "9a043bf0-329d-4632-a095-86760550bd75": { + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "76ee3705-3872-45f3-8cbf-f0595d97905d", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.http_trace" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.http_trace" + } + } + } ], - "type": "histogram" - }, - "scale": "interval", - "sourceField": "http.response.status_code" - }, - "2dbf54bf-2147-4302-902b-a176ae9df338": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "includeEmptyRows": true, - "interval": "1m" - }, - "scale": "interval", - "sourceField": "@timestamp" + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "categoryDisplay": "default", + "layerId": "12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "layerType": "data", + "legendDisplay": "show", + "nestedLegend": true, + "numberDisplay": "percent", + "legendSize": "auto", + "primaryGroups": [ + "59a904ae-9fcd-4d06-b201-09117b1981d6" + ], + "metrics": [ + "9a043bf0-329d-4632-a095-86760550bd75" + ] + } + ], + "shape": "pie" + } }, - "9a043bf0-329d-4632-a095-86760550bd75": { - "dataType": "number", - "isBucketed": false, - "label": "Count of records", - "operationType": "count", - "scale": "ratio", - "sourceField": "___records___" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "ba5b5f52-398a-48c9-8021-520aa78ccdba", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.http_trace" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.http_trace" + "title": "HTTP Request method types [Metrics Spring Boot]", + "visualizationType": "lnsPie", + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "76ee3705-3872-45f3-8cbf-f0595d97905d", + "type": "index-pattern" + } + ] } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "axisTitlesVisibilitySettings": { - "x": true, - "yLeft": true, - "yRight": true - }, - "fittingFunction": "None", - "gridlinesVisibilitySettings": { - "x": true, - "yLeft": true, - "yRight": true - }, - "labelsOrientation": { - "x": 0, - "yLeft": 0, - "yRight": 0 }, - "layers": [ - { - "accessors": [ - "9a043bf0-329d-4632-a095-86760550bd75" - ], - "layerId": "12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "layerType": "data", - "position": "top", - "seriesType": "bar", - "showGridlines": false, - "splitAccessor": "21757728-2591-42a8-bed5-10cc5c097d85", - "xAccessor": "2dbf54bf-2147-4302-902b-a176ae9df338" - } - ], - "legend": { - "horizontalAlignment": "right", - "isInside": false, - "isVisible": true, - "maxLines": 1, - "position": "right", - "shouldTruncate": false, - "showSingleSeries": false, - "verticalAlignment": "top", - "legendSize": "auto" + "gridData": { + "h": 13, + "i": "d008cb2e-26ec-4035-a79e-fd58d8b99b6c", + "w": 16, + "x": 0, + "y": 0 }, - "preferredSeriesType": "bar", - "tickLabelsVisibilitySettings": { - "x": true, - "yLeft": true, - "yRight": true + "panelIndex": "d008cb2e-26ec-4035-a79e-fd58d8b99b6c", + "title": "HTTP Request method types [Logs Spring Boot]", + "type": "lens", + "version": "8.6.0" + }, + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "12461a5e-412f-4380-9b8a-d4dfe0fa20bc": { + "columnOrder": [ + "2dbf54bf-2147-4302-902b-a176ae9df338", + "21757728-2591-42a8-bed5-10cc5c097d85", + "9a043bf0-329d-4632-a095-86760550bd75" + ], + "columns": { + "21757728-2591-42a8-bed5-10cc5c097d85": { + "dataType": "number", + "isBucketed": true, + "label": "http.response.status_code", + "operationType": "range", + "params": { + "maxBars": "auto", + "ranges": [ + { + "from": 0, + "label": "", + "to": 1000 + } + ], + "type": "histogram" + }, + "scale": "interval", + "sourceField": "http.response.status_code" + }, + "2dbf54bf-2147-4302-902b-a176ae9df338": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "includeEmptyRows": true, + "interval": "1m" + }, + "scale": "interval", + "sourceField": "@timestamp" + }, + "9a043bf0-329d-4632-a095-86760550bd75": { + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "ba5b5f52-398a-48c9-8021-520aa78ccdba", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.http_trace" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.http_trace" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "fittingFunction": "None", + "gridlinesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "labelsOrientation": { + "x": 0, + "yLeft": 0, + "yRight": 0 + }, + "layers": [ + { + "accessors": [ + "9a043bf0-329d-4632-a095-86760550bd75" + ], + "layerId": "12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "layerType": "data", + "position": "top", + "seriesType": "bar", + "showGridlines": false, + "splitAccessor": "21757728-2591-42a8-bed5-10cc5c097d85", + "xAccessor": "2dbf54bf-2147-4302-902b-a176ae9df338" + } + ], + "legend": { + "horizontalAlignment": "right", + "isInside": false, + "isVisible": true, + "maxLines": 1, + "position": "right", + "shouldTruncate": false, + "showSingleSeries": false, + "verticalAlignment": "top", + "legendSize": "auto" + }, + "preferredSeriesType": "bar", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + } + } + }, + "title": "HTTP Request status code [Logs Spring Boot]", + "visualizationType": "lnsXY", + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "ba5b5f52-398a-48c9-8021-520aa78ccdba", + "type": "index-pattern" + } + ] + } }, - "valueLabels": "hide", - "valuesInLegend": true, - "yLeftExtent": { - "mode": "full" + "gridData": { + "h": 13, + "i": "86f18b62-ecd7-48fa-8459-896739b71ce6", + "w": 32, + "x": 16, + "y": 0 }, - "yRightExtent": { - "mode": "full" - } - } - }, - "title": "HTTP Request status code [Logs Spring Boot]", - "visualizationType": "lnsXY", - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "ba5b5f52-398a-48c9-8021-520aa78ccdba", - "type": "index-pattern" - } - ] - } + "panelIndex": "86f18b62-ecd7-48fa-8459-896739b71ce6", + "type": "lens", + "version": "8.6.0" + } + ], + "timeRestore": false, + "title": "[Spring Boot] Access logs", + "version": 1 + }, + "references": [ + { + "type": "index-pattern", + "name": "d008cb2e-26ec-4035-a79e-fd58d8b99b6c:indexpattern-datasource-current-indexpattern", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "d008cb2e-26ec-4035-a79e-fd58d8b99b6c:indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "d008cb2e-26ec-4035-a79e-fd58d8b99b6c:76ee3705-3872-45f3-8cbf-f0595d97905d", + "id": "logs-*" }, - "gridData": { - "h": 13, - "i": "86f18b62-ecd7-48fa-8459-896739b71ce6", - "w": 32, - "x": 16, - "y": 0 + { + "type": "index-pattern", + "name": "86f18b62-ecd7-48fa-8459-896739b71ce6:indexpattern-datasource-current-indexpattern", + "id": "logs-*" }, - "panelIndex": "86f18b62-ecd7-48fa-8459-896739b71ce6", - "type": "lens", - "version": "8.6.0" - } + { + "type": "index-pattern", + "name": "86f18b62-ecd7-48fa-8459-896739b71ce6:indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "86f18b62-ecd7-48fa-8459-896739b71ce6:ba5b5f52-398a-48c9-8021-520aa78ccdba", + "id": "logs-*" + } ], - "timeRestore": false, - "title": "[Spring Boot] Access logs", - "version": 1 - }, - "references": [ - { - "type": "index-pattern", - "name": "d008cb2e-26ec-4035-a79e-fd58d8b99b6c:indexpattern-datasource-current-indexpattern", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "d008cb2e-26ec-4035-a79e-fd58d8b99b6c:indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "d008cb2e-26ec-4035-a79e-fd58d8b99b6c:76ee3705-3872-45f3-8cbf-f0595d97905d", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "86f18b62-ecd7-48fa-8459-896739b71ce6:indexpattern-datasource-current-indexpattern", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "86f18b62-ecd7-48fa-8459-896739b71ce6:indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "86f18b62-ecd7-48fa-8459-896739b71ce6:ba5b5f52-398a-48c9-8021-520aa78ccdba", - "id": "logs-*" - } - ], - "managed": false + "managed": false } \ No newline at end of file diff --git a/packages/spring_boot/kibana/dashboard/spring_boot-c89e1510-ca15-11ec-b4b1-b57f75afa7dd.json b/packages/spring_boot/kibana/dashboard/spring_boot-c89e1510-ca15-11ec-b4b1-b57f75afa7dd.json index 909a74c5620c..42cf6c32cce6 100644 --- a/packages/spring_boot/kibana/dashboard/spring_boot-c89e1510-ca15-11ec-b4b1-b57f75afa7dd.json +++ b/packages/spring_boot/kibana/dashboard/spring_boot-c89e1510-ca15-11ec-b4b1-b57f75afa7dd.json @@ -1,1304 +1,1304 @@ { - "id": "spring_boot-c89e1510-ca15-11ec-b4b1-b57f75afa7dd", - "type": "dashboard", - "namespaces": [ - "default" - ], - "migrationVersion": { - "dashboard": "8.7.0" - }, - "coreMigrationVersion": "8.8.0", - "typeMigrationVersion": "8.7.0", - "updated_at": "2024-01-03T20:12:28.833Z", - "created_at": "2024-01-03T20:12:28.833Z", - "version": "WzEwMSwxXQ==", - "attributes": { - "description": "Metrics related to threads, heap and non heap memory.", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [], - "query": { - "language": "kuery", - "query": "" - } - } - }, - "optionsJSON": { - "hidePanelTitles": false, - "syncColors": false, - "useMargins": true + "id": "spring_boot-c89e1510-ca15-11ec-b4b1-b57f75afa7dd", + "type": "dashboard", + "namespaces": [ + "default" + ], + "migrationVersion": { + "dashboard": "8.7.0" }, - "panelsJSON": [ - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "state": { - "adHocDataViews": {}, - "datasourceStates": { - "formBased": { - "layers": { - "31ad067d-6820-43dc-a6fd-7a32a6a121f5": { - "columnOrder": [ - "ce51dd8d-7fd5-4ebf-a835-9ffe83125746", - "07747e2a-9e75-47d8-b1d4-87c0340cf60d", - "9b2297d6-8625-44a3-a7ba-633da40efcfb" - ], - "columns": { - "07747e2a-9e75-47d8-b1d4-87c0340cf60d": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Heap Used", - "operationType": "last_value", - "params": { - "format": { - "id": "bytes", - "params": { - "decimals": 0 - } - }, - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ratio", - "sourceField": "spring_boot.memory.heap.used" - }, - "9b2297d6-8625-44a3-a7ba-633da40efcfb": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Non Heap Used", - "operationType": "last_value", - "params": { - "format": { - "id": "bytes", - "params": { - "decimals": 0 - } - }, - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ratio", - "sourceField": "spring_boot.memory.non_heap.used" - }, - "ce51dd8d-7fd5-4ebf-a835-9ffe83125746": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "dropPartials": true, - "includeEmptyRows": false, - "interval": "auto" - }, - "scale": "interval", - "sourceField": "@timestamp" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "8a86b358-6960-40ef-91ed-05c2c2e7c40f", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.memory" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.memory" - } - } + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "8.7.0", + "updated_at": "2024-01-03T20:12:28.833Z", + "created_at": "2024-01-03T20:12:28.833Z", + "version": "WzEwMSwxXQ==", + "attributes": { + "description": "Metrics related to threads, heap and non heap memory.", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "query": { + "language": "kuery", + "query": "" } - ], - "internalReferences": [], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "layers": [ - { - "accessors": [ - "07747e2a-9e75-47d8-b1d4-87c0340cf60d", - "9b2297d6-8625-44a3-a7ba-633da40efcfb" - ], - "layerId": "31ad067d-6820-43dc-a6fd-7a32a6a121f5", - "layerType": "data", - "position": "top", - "seriesType": "line", - "showGridlines": false, - "xAccessor": "ce51dd8d-7fd5-4ebf-a835-9ffe83125746" - } - ], - "legend": { - "isVisible": true, - "legendSize": "auto", - "position": "right", - "showSingleSeries": true - }, - "preferredSeriesType": "line", - "title": "Empty XY chart", - "valueLabels": "hide", - "valuesInLegend": true, - "yLeftExtent": { - "mode": "full" - }, - "yRightExtent": { - "mode": "full" - }, - "yTitle": "Memory" - } - }, - "title": "Heap and non-heap memory [Metrics Spring Boot]", - "visualizationType": "lnsXY", - "references": [ - { - "id": "metrics-*", - "name": "indexpattern-datasource-layer-31ad067d-6820-43dc-a6fd-7a32a6a121f5", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "8a86b358-6960-40ef-91ed-05c2c2e7c40f", - "type": "index-pattern" - } - ] - } + } }, - "gridData": { - "h": 15, - "i": "12e70c57-6059-400c-974f-b69423d435e9", - "w": 24, - "x": 0, - "y": 0 + "optionsJSON": { + "hidePanelTitles": false, + "syncColors": false, + "useMargins": true }, - "panelIndex": "12e70c57-6059-400c-974f-b69423d435e9", - "type": "lens", - "version": "8.6.0" - }, - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "state": { - "adHocDataViews": {}, - "datasourceStates": { - "formBased": { - "layers": { - "760bf001-a3ae-46e6-a366-ab2c9c777cfc": { - "columnOrder": [ - "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39", - "bd774bf7-35bf-4dd7-a647-897d8b5945df" - ], - "columns": { - "bd774bf7-35bf-4dd7-a647-897d8b5945df": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Total Threads", - "operationType": "last_value", - "params": { - "format": { - "id": "number", - "params": { - "decimals": 0 - } + "panelsJSON": [ + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "31ad067d-6820-43dc-a6fd-7a32a6a121f5": { + "columnOrder": [ + "ce51dd8d-7fd5-4ebf-a835-9ffe83125746", + "07747e2a-9e75-47d8-b1d4-87c0340cf60d", + "9b2297d6-8625-44a3-a7ba-633da40efcfb" + ], + "columns": { + "07747e2a-9e75-47d8-b1d4-87c0340cf60d": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Heap Used", + "operationType": "last_value", + "params": { + "format": { + "id": "bytes", + "params": { + "decimals": 0 + } + }, + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ratio", + "sourceField": "spring_boot.memory.heap.used" + }, + "9b2297d6-8625-44a3-a7ba-633da40efcfb": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Non Heap Used", + "operationType": "last_value", + "params": { + "format": { + "id": "bytes", + "params": { + "decimals": 0 + } + }, + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ratio", + "sourceField": "spring_boot.memory.non_heap.used" + }, + "ce51dd8d-7fd5-4ebf-a835-9ffe83125746": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": true, + "includeEmptyRows": false, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + } + }, + "incompleteColumns": {} + } + } + } }, - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ratio", - "sourceField": "spring_boot.threading.threads.started" + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "8a86b358-6960-40ef-91ed-05c2c2e7c40f", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.memory" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.memory" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "accessors": [ + "07747e2a-9e75-47d8-b1d4-87c0340cf60d", + "9b2297d6-8625-44a3-a7ba-633da40efcfb" + ], + "layerId": "31ad067d-6820-43dc-a6fd-7a32a6a121f5", + "layerType": "data", + "position": "top", + "seriesType": "line", + "showGridlines": false, + "xAccessor": "ce51dd8d-7fd5-4ebf-a835-9ffe83125746" + } + ], + "legend": { + "isVisible": true, + "legendSize": "auto", + "position": "right", + "showSingleSeries": true + }, + "preferredSeriesType": "line", + "title": "Empty XY chart", + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + }, + "yTitle": "Memory" + } }, - "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "dropPartials": true, - "includeEmptyRows": false, - "interval": "auto" - }, - "scale": "interval", - "sourceField": "@timestamp" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "61418bc6-4106-4f91-81ea-1e1071b7c9bb", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.threading" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.threading" + "title": "Heap and non-heap memory [Metrics Spring Boot]", + "visualizationType": "lnsXY", + "references": [ + { + "id": "metrics-*", + "name": "indexpattern-datasource-layer-31ad067d-6820-43dc-a6fd-7a32a6a121f5", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "8a86b358-6960-40ef-91ed-05c2c2e7c40f", + "type": "index-pattern" + } + ] } - } - } - ], - "internalReferences": [], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "layers": [ - { - "accessors": [ - "bd774bf7-35bf-4dd7-a647-897d8b5945df" - ], - "layerId": "760bf001-a3ae-46e6-a366-ab2c9c777cfc", - "layerType": "data", - "position": "top", - "seriesType": "line", - "showGridlines": false, - "xAccessor": "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39" - } - ], - "legend": { - "isInside": false, - "isVisible": true, - "legendSize": "auto", - "maxLines": 1, - "position": "right", - "showSingleSeries": true - }, - "preferredSeriesType": "line", - "tickLabelsVisibilitySettings": { - "x": true, - "yLeft": true, - "yRight": true - }, - "title": "Empty XY chart", - "valueLabels": "hide", - "valuesInLegend": true, - "yLeftExtent": { - "mode": "full" }, - "yRightExtent": { - "mode": "full" + "gridData": { + "h": 15, + "i": "12e70c57-6059-400c-974f-b69423d435e9", + "w": 24, + "x": 0, + "y": 0 }, - "yTitle": "Total Threads" - } + "panelIndex": "12e70c57-6059-400c-974f-b69423d435e9", + "type": "lens", + "version": "8.6.0" }, - "title": "Threads [Metrics Spring Boot]", - "visualizationType": "lnsXY", - "references": [ - { - "id": "metrics-*", - "name": "indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "61418bc6-4106-4f91-81ea-1e1071b7c9bb", - "type": "index-pattern" - } - ] - } - }, - "gridData": { - "h": 10, - "i": "eb0fc5f9-1c7d-48bc-8098-ba58f9962dee", - "w": 24, - "x": 24, - "y": 0 - }, - "panelIndex": "eb0fc5f9-1c7d-48bc-8098-ba58f9962dee", - "title": "Total threads [Metrics Spring Boot]", - "type": "lens", - "version": "8.6.0" - }, - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "state": { - "adHocDataViews": {}, - "datasourceStates": { - "formBased": { - "layers": { - "e937f0c4-f880-4837-9315-69d043a3f6b1": { - "columnOrder": [ - "94f7e582-69e9-4fe4-9111-75aaa6a3d470", - "01e713a3-bda9-4e10-b460-988900367abf", - "df8aa04a-8859-48a8-8624-e204eb09ad23", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X0", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X1", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X2", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X3", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X4", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X5", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X6", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X7", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X8", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X9", - "df8aa04a-8859-48a8-8624-e204eb09ad23X0", - "df8aa04a-8859-48a8-8624-e204eb09ad23X1", - "df8aa04a-8859-48a8-8624-e204eb09ad23X2", - "df8aa04a-8859-48a8-8624-e204eb09ad23X3", - "df8aa04a-8859-48a8-8624-e204eb09ad23X4", - "df8aa04a-8859-48a8-8624-e204eb09ad23X5", - "df8aa04a-8859-48a8-8624-e204eb09ad23X6", - "df8aa04a-8859-48a8-8624-e204eb09ad23X7", - "df8aa04a-8859-48a8-8624-e204eb09ad23X8", - "df8aa04a-8859-48a8-8624-e204eb09ad23X9" - ], - "columns": { - "01e713a3-bda9-4e10-b460-988900367abf": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "dropPartials": true, - "includeEmptyRows": false, - "interval": "auto" - }, - "scale": "interval", - "sourceField": "@timestamp" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Before", - "operationType": "formula", - "params": { - "format": { - "id": "bytes", - "params": { - "decimals": 0 - } - }, - "formula": "sum(spring_boot.gc.last_info.memory_usage.before.code_cache.used)+sum(spring_boot.gc.last_info.memory_usage.before.compressed_class_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.metaspace.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_survivor_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_survivor_space.used)", - "isFormulaBroken": false - }, - "references": [ - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X9" - ], - "scale": "ratio" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X0": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of Before", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.before.code_cache.used" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X1": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of Before", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.before.compressed_class_space.used" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X2": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of Before", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.before.metaspace.used" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X3": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of Before", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.before.ps_eden_space.used" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X4": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of Before", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.before.ps_old_gen.used" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X5": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of Before", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.before.ps_survivor_space.used" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X6": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of Before", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.before.g1_eden_space.used" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X7": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of Before", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.before.g1_old_gen.used" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X8": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of Before", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.before.g1_survivor_space.used" - }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X9": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of Before", - "operationType": "math", - "params": { - "tinymathAst": { - "args": [ - { - "args": [ - { - "args": [ - { - "args": [ - { - "args": [ - { - "args": [ - { - "args": [ - { - "args": [ - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X0", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X1" - ], - "name": "add", - "type": "function" + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "760bf001-a3ae-46e6-a366-ab2c9c777cfc": { + "columnOrder": [ + "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39", + "bd774bf7-35bf-4dd7-a647-897d8b5945df" + ], + "columns": { + "bd774bf7-35bf-4dd7-a647-897d8b5945df": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Total Threads", + "operationType": "last_value", + "params": { + "format": { + "id": "number", + "params": { + "decimals": 0 + } }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X2" - ], - "name": "add", - "type": "function" + "showArrayValues": true, + "sortField": "@timestamp" }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X3" - ], - "name": "add", - "type": "function" + "scale": "ratio", + "sourceField": "spring_boot.threading.threads.started" }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X4" - ], - "name": "add", - "type": "function" + "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": true, + "includeEmptyRows": false, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + } }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X5" - ], - "name": "add", - "type": "function" + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "61418bc6-4106-4f91-81ea-1e1071b7c9bb", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.threading" }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X6" - ], - "name": "add", - "type": "function" + "type": "phrase" }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X7" - ], - "name": "add", - "type": "function" + "query": { + "match_phrase": { + "event.dataset": "spring_boot.threading" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "accessors": [ + "bd774bf7-35bf-4dd7-a647-897d8b5945df" + ], + "layerId": "760bf001-a3ae-46e6-a366-ab2c9c777cfc", + "layerType": "data", + "position": "top", + "seriesType": "line", + "showGridlines": false, + "xAccessor": "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39" + } + ], + "legend": { + "isInside": false, + "isVisible": true, + "legendSize": "auto", + "maxLines": 1, + "position": "right", + "showSingleSeries": true + }, + "preferredSeriesType": "line", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true }, - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X8" - ], - "location": { - "max": 624, - "min": 0 - }, - "name": "add", - "text": "sum(spring_boot.gc.last_info.memory_usage.before.code_cache.used)+sum(spring_boot.gc.last_info.memory_usage.before.compressed_class_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.metaspace.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_survivor_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_survivor_space.used)", - "type": "function" + "title": "Empty XY chart", + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + }, + "yTitle": "Total Threads" } - }, - "references": [ - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X0", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X1", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X2", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X3", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X4", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X5", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X6", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X7", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7X8" - ], - "scale": "ratio" }, - "94f7e582-69e9-4fe4-9111-75aaa6a3d470": { - "dataType": "string", - "isBucketed": true, - "label": "Top 5 values of spring_boot.gc.name", - "operationType": "terms", - "params": { - "exclude": [], - "excludeIsRegex": false, - "include": [], - "includeIsRegex": false, - "missingBucket": false, - "orderBy": { - "fallback": true, - "type": "alphabetical" + "title": "Threads [Metrics Spring Boot]", + "visualizationType": "lnsXY", + "references": [ + { + "id": "metrics-*", + "name": "indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", + "type": "index-pattern" }, - "orderDirection": "asc", - "otherBucket": false, - "parentFormat": { - "id": "terms" - }, - "size": 5 - }, - "scale": "ordinal", - "sourceField": "spring_boot.gc.name" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "After", - "operationType": "formula", - "params": { - "format": { - "id": "bytes", - "params": { - "decimals": 0 - } - }, - "formula": "sum(spring_boot.gc.last_info.memory_usage.after.code_cache.used)+sum(spring_boot.gc.last_info.memory_usage.after.compressed_class_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.metaspace.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_survivor_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_survivor_space.used)", - "isFormulaBroken": false - }, - "references": [ - "df8aa04a-8859-48a8-8624-e204eb09ad23X9" - ], - "scale": "ratio" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X0": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of After", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.after.code_cache.used" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X1": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of After", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.after.compressed_class_space.used" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X2": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of After", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.after.metaspace.used" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X3": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of After", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.after.ps_eden_space.used" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X4": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of After", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.after.ps_old_gen.used" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X5": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of After", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.after.ps_survivor_space.used" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X6": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of After", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.after.g1_eden_space.used" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X7": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of After", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.after.g1_old_gen.used" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X8": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of After", - "operationType": "sum", - "params": { - "emptyAsNull": false - }, - "scale": "ratio", - "sourceField": "spring_boot.gc.last_info.memory_usage.after.g1_survivor_space.used" - }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X9": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Part of After", - "operationType": "math", - "params": { - "tinymathAst": { - "args": [ - { - "args": [ - { - "args": [ - { - "args": [ - { - "args": [ - { - "args": [ - { - "args": [ - { - "args": [ - "df8aa04a-8859-48a8-8624-e204eb09ad23X0", - "df8aa04a-8859-48a8-8624-e204eb09ad23X1" - ], - "name": "add", - "type": "function" + { + "id": "metrics-*", + "name": "61418bc6-4106-4f91-81ea-1e1071b7c9bb", + "type": "index-pattern" + } + ] + } + }, + "gridData": { + "h": 10, + "i": "eb0fc5f9-1c7d-48bc-8098-ba58f9962dee", + "w": 24, + "x": 24, + "y": 0 + }, + "panelIndex": "eb0fc5f9-1c7d-48bc-8098-ba58f9962dee", + "title": "Total threads [Metrics Spring Boot]", + "type": "lens", + "version": "8.6.0" + }, + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "e937f0c4-f880-4837-9315-69d043a3f6b1": { + "columnOrder": [ + "94f7e582-69e9-4fe4-9111-75aaa6a3d470", + "01e713a3-bda9-4e10-b460-988900367abf", + "df8aa04a-8859-48a8-8624-e204eb09ad23", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X0", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X1", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X2", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X3", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X4", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X5", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X6", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X7", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X8", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X9", + "df8aa04a-8859-48a8-8624-e204eb09ad23X0", + "df8aa04a-8859-48a8-8624-e204eb09ad23X1", + "df8aa04a-8859-48a8-8624-e204eb09ad23X2", + "df8aa04a-8859-48a8-8624-e204eb09ad23X3", + "df8aa04a-8859-48a8-8624-e204eb09ad23X4", + "df8aa04a-8859-48a8-8624-e204eb09ad23X5", + "df8aa04a-8859-48a8-8624-e204eb09ad23X6", + "df8aa04a-8859-48a8-8624-e204eb09ad23X7", + "df8aa04a-8859-48a8-8624-e204eb09ad23X8", + "df8aa04a-8859-48a8-8624-e204eb09ad23X9" + ], + "columns": { + "01e713a3-bda9-4e10-b460-988900367abf": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": true, + "includeEmptyRows": false, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Before", + "operationType": "formula", + "params": { + "format": { + "id": "bytes", + "params": { + "decimals": 0 + } + }, + "formula": "sum(spring_boot.gc.last_info.memory_usage.before.code_cache.used)+sum(spring_boot.gc.last_info.memory_usage.before.compressed_class_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.metaspace.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_survivor_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_survivor_space.used)", + "isFormulaBroken": false + }, + "references": [ + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X9" + ], + "scale": "ratio" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X0": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Before", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.before.code_cache.used" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X1": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Before", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.before.compressed_class_space.used" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X2": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Before", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.before.metaspace.used" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X3": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Before", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.before.ps_eden_space.used" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X4": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Before", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.before.ps_old_gen.used" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X5": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Before", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.before.ps_survivor_space.used" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X6": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Before", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.before.g1_eden_space.used" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X7": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Before", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.before.g1_old_gen.used" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X8": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Before", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.before.g1_survivor_space.used" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X9": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of Before", + "operationType": "math", + "params": { + "tinymathAst": { + "args": [ + { + "args": [ + { + "args": [ + { + "args": [ + { + "args": [ + { + "args": [ + { + "args": [ + { + "args": [ + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X0", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X1" + ], + "name": "add", + "type": "function" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X2" + ], + "name": "add", + "type": "function" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X3" + ], + "name": "add", + "type": "function" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X4" + ], + "name": "add", + "type": "function" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X5" + ], + "name": "add", + "type": "function" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X6" + ], + "name": "add", + "type": "function" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X7" + ], + "name": "add", + "type": "function" + }, + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X8" + ], + "location": { + "max": 624, + "min": 0 + }, + "name": "add", + "text": "sum(spring_boot.gc.last_info.memory_usage.before.code_cache.used)+sum(spring_boot.gc.last_info.memory_usage.before.compressed_class_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.metaspace.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.before.ps_survivor_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.before.g1_survivor_space.used)", + "type": "function" + } + }, + "references": [ + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X0", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X1", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X2", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X3", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X4", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X5", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X6", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X7", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7X8" + ], + "scale": "ratio" + }, + "94f7e582-69e9-4fe4-9111-75aaa6a3d470": { + "dataType": "string", + "isBucketed": true, + "label": "Top 5 values of spring_boot.gc.name", + "operationType": "terms", + "params": { + "exclude": [], + "excludeIsRegex": false, + "include": [], + "includeIsRegex": false, + "missingBucket": false, + "orderBy": { + "fallback": true, + "type": "alphabetical" + }, + "orderDirection": "asc", + "otherBucket": false, + "parentFormat": { + "id": "terms" }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X2" - ], - "name": "add", - "type": "function" + "size": 5 }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X3" - ], - "name": "add", - "type": "function" + "scale": "ordinal", + "sourceField": "spring_boot.gc.name" }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X4" - ], - "name": "add", - "type": "function" + "df8aa04a-8859-48a8-8624-e204eb09ad23": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "After", + "operationType": "formula", + "params": { + "format": { + "id": "bytes", + "params": { + "decimals": 0 + } + }, + "formula": "sum(spring_boot.gc.last_info.memory_usage.after.code_cache.used)+sum(spring_boot.gc.last_info.memory_usage.after.compressed_class_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.metaspace.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_survivor_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_survivor_space.used)", + "isFormulaBroken": false + }, + "references": [ + "df8aa04a-8859-48a8-8624-e204eb09ad23X9" + ], + "scale": "ratio" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X0": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of After", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.after.code_cache.used" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X1": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of After", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.after.compressed_class_space.used" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X2": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of After", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.after.metaspace.used" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X3": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of After", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.after.ps_eden_space.used" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X4": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of After", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.after.ps_old_gen.used" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X5": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of After", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.after.ps_survivor_space.used" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X6": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of After", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.after.g1_eden_space.used" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X7": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of After", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.after.g1_old_gen.used" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X8": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of After", + "operationType": "sum", + "params": { + "emptyAsNull": false + }, + "scale": "ratio", + "sourceField": "spring_boot.gc.last_info.memory_usage.after.g1_survivor_space.used" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X9": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Part of After", + "operationType": "math", + "params": { + "tinymathAst": { + "args": [ + { + "args": [ + { + "args": [ + { + "args": [ + { + "args": [ + { + "args": [ + { + "args": [ + { + "args": [ + "df8aa04a-8859-48a8-8624-e204eb09ad23X0", + "df8aa04a-8859-48a8-8624-e204eb09ad23X1" + ], + "name": "add", + "type": "function" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X2" + ], + "name": "add", + "type": "function" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X3" + ], + "name": "add", + "type": "function" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X4" + ], + "name": "add", + "type": "function" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X5" + ], + "name": "add", + "type": "function" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X6" + ], + "name": "add", + "type": "function" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X7" + ], + "name": "add", + "type": "function" + }, + "df8aa04a-8859-48a8-8624-e204eb09ad23X8" + ], + "location": { + "max": 615, + "min": 0 + }, + "name": "add", + "text": "sum(spring_boot.gc.last_info.memory_usage.after.code_cache.used)+sum(spring_boot.gc.last_info.memory_usage.after.compressed_class_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.metaspace.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_survivor_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_survivor_space.used)", + "type": "function" + } + }, + "references": [ + "df8aa04a-8859-48a8-8624-e204eb09ad23X0", + "df8aa04a-8859-48a8-8624-e204eb09ad23X1", + "df8aa04a-8859-48a8-8624-e204eb09ad23X2", + "df8aa04a-8859-48a8-8624-e204eb09ad23X3", + "df8aa04a-8859-48a8-8624-e204eb09ad23X4", + "df8aa04a-8859-48a8-8624-e204eb09ad23X5", + "df8aa04a-8859-48a8-8624-e204eb09ad23X6", + "df8aa04a-8859-48a8-8624-e204eb09ad23X7", + "df8aa04a-8859-48a8-8624-e204eb09ad23X8" + ], + "scale": "ratio" + } }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X5" - ], - "name": "add", - "type": "function" + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "8aabc9bc-b40b-4f3c-b077-c4d19cd6b477", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.gc" }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X6" - ], - "name": "add", - "type": "function" + "type": "phrase" }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X7" - ], - "name": "add", - "type": "function" + "query": { + "match_phrase": { + "event.dataset": "spring_boot.gc" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "fittingFunction": "None", + "gridlinesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "labelsOrientation": { + "x": 0, + "yLeft": 0, + "yRight": 0 }, - "df8aa04a-8859-48a8-8624-e204eb09ad23X8" - ], - "location": { - "max": 615, - "min": 0 - }, - "name": "add", - "text": "sum(spring_boot.gc.last_info.memory_usage.after.code_cache.used)+sum(spring_boot.gc.last_info.memory_usage.after.compressed_class_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.metaspace.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.after.ps_survivor_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_eden_space.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_old_gen.used)+sum(spring_boot.gc.last_info.memory_usage.after.g1_survivor_space.used)", - "type": "function" + "layers": [ + { + "accessors": [ + "df8aa04a-8859-48a8-8624-e204eb09ad23", + "79ffbc3e-e907-45d9-b727-6710ca8b19c7" + ], + "layerId": "e937f0c4-f880-4837-9315-69d043a3f6b1", + "layerType": "data", + "position": "top", + "seriesType": "line", + "showGridlines": false, + "splitAccessor": "94f7e582-69e9-4fe4-9111-75aaa6a3d470", + "xAccessor": "01e713a3-bda9-4e10-b460-988900367abf" + } + ], + "legend": { + "isVisible": true, + "legendSize": "xlarge", + "position": "right", + "showSingleSeries": true + }, + "preferredSeriesType": "line", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + }, + "yTitle": "GC Memory Usage" } - }, - "references": [ - "df8aa04a-8859-48a8-8624-e204eb09ad23X0", - "df8aa04a-8859-48a8-8624-e204eb09ad23X1", - "df8aa04a-8859-48a8-8624-e204eb09ad23X2", - "df8aa04a-8859-48a8-8624-e204eb09ad23X3", - "df8aa04a-8859-48a8-8624-e204eb09ad23X4", - "df8aa04a-8859-48a8-8624-e204eb09ad23X5", - "df8aa04a-8859-48a8-8624-e204eb09ad23X6", - "df8aa04a-8859-48a8-8624-e204eb09ad23X7", - "df8aa04a-8859-48a8-8624-e204eb09ad23X8" - ], - "scale": "ratio" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "8aabc9bc-b40b-4f3c-b077-c4d19cd6b477", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.gc" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.gc" + }, + "title": "Memory usage after and before GC [Metrics Spring Boot]", + "visualizationType": "lnsXY", + "references": [ + { + "id": "metrics-*", + "name": "indexpattern-datasource-layer-e937f0c4-f880-4837-9315-69d043a3f6b1", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "8aabc9bc-b40b-4f3c-b077-c4d19cd6b477", + "type": "index-pattern" + } + ] } - } - } - ], - "internalReferences": [], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "axisTitlesVisibilitySettings": { - "x": true, - "yLeft": true, - "yRight": true - }, - "fittingFunction": "None", - "gridlinesVisibilitySettings": { - "x": true, - "yLeft": true, - "yRight": true - }, - "labelsOrientation": { - "x": 0, - "yLeft": 0, - "yRight": 0 - }, - "layers": [ - { - "accessors": [ - "df8aa04a-8859-48a8-8624-e204eb09ad23", - "79ffbc3e-e907-45d9-b727-6710ca8b19c7" - ], - "layerId": "e937f0c4-f880-4837-9315-69d043a3f6b1", - "layerType": "data", - "position": "top", - "seriesType": "line", - "showGridlines": false, - "splitAccessor": "94f7e582-69e9-4fe4-9111-75aaa6a3d470", - "xAccessor": "01e713a3-bda9-4e10-b460-988900367abf" - } - ], - "legend": { - "isVisible": true, - "legendSize": "xlarge", - "position": "right", - "showSingleSeries": true }, - "preferredSeriesType": "line", - "tickLabelsVisibilitySettings": { - "x": true, - "yLeft": true, - "yRight": true + "gridData": { + "h": 15, + "i": "f3782cac-5b20-413c-a88d-cb01ebee5772", + "w": 24, + "x": 0, + "y": 15 }, - "valueLabels": "hide", - "valuesInLegend": true, - "yLeftExtent": { - "mode": "full" - }, - "yRightExtent": { - "mode": "full" - }, - "yTitle": "GC Memory Usage" - } + "panelIndex": "f3782cac-5b20-413c-a88d-cb01ebee5772", + "type": "lens", + "version": "8.6.0" }, - "title": "Memory usage after and before GC [Metrics Spring Boot]", - "visualizationType": "lnsXY", - "references": [ - { - "id": "metrics-*", - "name": "indexpattern-datasource-layer-e937f0c4-f880-4837-9315-69d043a3f6b1", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "8aabc9bc-b40b-4f3c-b077-c4d19cd6b477", - "type": "index-pattern" - } - ] - } - }, - "gridData": { - "h": 15, - "i": "f3782cac-5b20-413c-a88d-cb01ebee5772", - "w": 24, - "x": 0, - "y": 15 - }, - "panelIndex": "f3782cac-5b20-413c-a88d-cb01ebee5772", - "type": "lens", - "version": "8.6.0" - }, - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "state": { - "adHocDataViews": {}, - "datasourceStates": { - "formBased": { - "layers": { - "760bf001-a3ae-46e6-a366-ab2c9c777cfc": { - "columnOrder": [ - "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39", - "522f8dd4-2bc7-4665-9b33-83609e4f3125" - ], - "columns": { - "522f8dd4-2bc7-4665-9b33-83609e4f3125": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Current Threads", - "operationType": "last_value", - "params": { - "format": { - "id": "number", - "params": { - "decimals": 0 - } + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "760bf001-a3ae-46e6-a366-ab2c9c777cfc": { + "columnOrder": [ + "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39", + "522f8dd4-2bc7-4665-9b33-83609e4f3125" + ], + "columns": { + "522f8dd4-2bc7-4665-9b33-83609e4f3125": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Current Threads", + "operationType": "last_value", + "params": { + "format": { + "id": "number", + "params": { + "decimals": 0 + } + }, + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ratio", + "sourceField": "spring_boot.threading.threads.count" + }, + "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": true, + "includeEmptyRows": false, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + } + }, + "incompleteColumns": {} + } + } + } }, - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ratio", - "sourceField": "spring_boot.threading.threads.count" + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "6502fda4-d554-4b5d-8e8b-e6d3c873901b", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.threading" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.threading" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "accessors": [ + "522f8dd4-2bc7-4665-9b33-83609e4f3125" + ], + "layerId": "760bf001-a3ae-46e6-a366-ab2c9c777cfc", + "layerType": "data", + "position": "top", + "seriesType": "line", + "showGridlines": false, + "xAccessor": "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39" + } + ], + "legend": { + "isVisible": true, + "legendSize": "auto", + "position": "right", + "showSingleSeries": true + }, + "preferredSeriesType": "line", + "title": "Empty XY chart", + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + }, + "yTitle": "Current Threads" + } }, - "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "dropPartials": true, - "includeEmptyRows": false, - "interval": "auto" - }, - "scale": "interval", - "sourceField": "@timestamp" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "6502fda4-d554-4b5d-8e8b-e6d3c873901b", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.threading" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.threading" + "title": "Current threads [Metrics Spring Boot]", + "visualizationType": "lnsXY", + "references": [ + { + "id": "metrics-*", + "name": "indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "6502fda4-d554-4b5d-8e8b-e6d3c873901b", + "type": "index-pattern" + } + ] } - } - } - ], - "internalReferences": [], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "layers": [ - { - "accessors": [ - "522f8dd4-2bc7-4665-9b33-83609e4f3125" - ], - "layerId": "760bf001-a3ae-46e6-a366-ab2c9c777cfc", - "layerType": "data", - "position": "top", - "seriesType": "line", - "showGridlines": false, - "xAccessor": "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39" - } - ], - "legend": { - "isVisible": true, - "legendSize": "auto", - "position": "right", - "showSingleSeries": true }, - "preferredSeriesType": "line", - "title": "Empty XY chart", - "valueLabels": "hide", - "valuesInLegend": true, - "yLeftExtent": { - "mode": "full" + "gridData": { + "h": 10, + "i": "b55b6992-8179-4bf9-8e79-8354509a956e", + "w": 24, + "x": 24, + "y": 10 }, - "yRightExtent": { - "mode": "full" - }, - "yTitle": "Current Threads" - } + "panelIndex": "b55b6992-8179-4bf9-8e79-8354509a956e", + "type": "lens", + "version": "8.6.0" }, - "title": "Current threads [Metrics Spring Boot]", - "visualizationType": "lnsXY", - "references": [ - { - "id": "metrics-*", - "name": "indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "6502fda4-d554-4b5d-8e8b-e6d3c873901b", - "type": "index-pattern" - } - ] - } - }, - "gridData": { - "h": 10, - "i": "b55b6992-8179-4bf9-8e79-8354509a956e", - "w": 24, - "x": 24, - "y": 10 - }, - "panelIndex": "b55b6992-8179-4bf9-8e79-8354509a956e", - "type": "lens", - "version": "8.6.0" - }, - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "state": { - "adHocDataViews": {}, - "datasourceStates": { - "formBased": { - "layers": { - "760bf001-a3ae-46e6-a366-ab2c9c777cfc": { - "columnOrder": [ - "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39", - "c5fd0b8a-f8ac-4e5d-95ed-5ca552417e5c" - ], - "columns": { - "c5fd0b8a-f8ac-4e5d-95ed-5ca552417e5c": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Daemon Threads", - "operationType": "last_value", - "params": { - "format": { - "id": "number", - "params": { - "decimals": 0 - } + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "760bf001-a3ae-46e6-a366-ab2c9c777cfc": { + "columnOrder": [ + "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39", + "c5fd0b8a-f8ac-4e5d-95ed-5ca552417e5c" + ], + "columns": { + "c5fd0b8a-f8ac-4e5d-95ed-5ca552417e5c": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Daemon Threads", + "operationType": "last_value", + "params": { + "format": { + "id": "number", + "params": { + "decimals": 0 + } + }, + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ratio", + "sourceField": "spring_boot.threading.threads.daemon" + }, + "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": true, + "includeEmptyRows": false, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + } + }, + "incompleteColumns": {} + } + } + } }, - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ratio", - "sourceField": "spring_boot.threading.threads.daemon" + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "702499ca-434e-41d4-b9a1-1d0bb27b244a", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.threading" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.threading" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "accessors": [ + "c5fd0b8a-f8ac-4e5d-95ed-5ca552417e5c" + ], + "layerId": "760bf001-a3ae-46e6-a366-ab2c9c777cfc", + "layerType": "data", + "position": "top", + "seriesType": "line", + "showGridlines": false, + "xAccessor": "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39" + } + ], + "legend": { + "isVisible": true, + "legendSize": "auto", + "position": "right", + "showSingleSeries": true + }, + "preferredSeriesType": "line", + "title": "Empty XY chart", + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + }, + "yTitle": "Daemon Threads" + } }, - "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "dropPartials": true, - "includeEmptyRows": false, - "interval": "auto" - }, - "scale": "interval", - "sourceField": "@timestamp" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "702499ca-434e-41d4-b9a1-1d0bb27b244a", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.threading" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.threading" + "title": "Daemon threads [Metrics Spring Boot]", + "visualizationType": "lnsXY", + "references": [ + { + "id": "metrics-*", + "name": "indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "702499ca-434e-41d4-b9a1-1d0bb27b244a", + "type": "index-pattern" + } + ] } - } - } - ], - "internalReferences": [], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "layers": [ - { - "accessors": [ - "c5fd0b8a-f8ac-4e5d-95ed-5ca552417e5c" - ], - "layerId": "760bf001-a3ae-46e6-a366-ab2c9c777cfc", - "layerType": "data", - "position": "top", - "seriesType": "line", - "showGridlines": false, - "xAccessor": "e89bff02-e4b8-48aa-96e1-ae2ae6c28e39" - } - ], - "legend": { - "isVisible": true, - "legendSize": "auto", - "position": "right", - "showSingleSeries": true }, - "preferredSeriesType": "line", - "title": "Empty XY chart", - "valueLabels": "hide", - "valuesInLegend": true, - "yLeftExtent": { - "mode": "full" + "gridData": { + "h": 10, + "i": "e7826ce5-e7f7-4f33-87c6-2f74fc9fa508", + "w": 24, + "x": 24, + "y": 20 }, - "yRightExtent": { - "mode": "full" - }, - "yTitle": "Daemon Threads" - } - }, - "title": "Daemon threads [Metrics Spring Boot]", - "visualizationType": "lnsXY", - "references": [ - { - "id": "metrics-*", - "name": "indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "702499ca-434e-41d4-b9a1-1d0bb27b244a", - "type": "index-pattern" - } - ] - } + "panelIndex": "e7826ce5-e7f7-4f33-87c6-2f74fc9fa508", + "type": "lens", + "version": "8.6.0" + } + ], + "timeRestore": false, + "title": "[Spring Boot] Memory and Threads", + "version": 1 + }, + "references": [ + { + "type": "index-pattern", + "name": "12e70c57-6059-400c-974f-b69423d435e9:indexpattern-datasource-layer-31ad067d-6820-43dc-a6fd-7a32a6a121f5", + "id": "metrics-*" + }, + { + "type": "index-pattern", + "name": "12e70c57-6059-400c-974f-b69423d435e9:8a86b358-6960-40ef-91ed-05c2c2e7c40f", + "id": "metrics-*" + }, + { + "type": "index-pattern", + "name": "eb0fc5f9-1c7d-48bc-8098-ba58f9962dee:indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", + "id": "metrics-*" + }, + { + "type": "index-pattern", + "name": "eb0fc5f9-1c7d-48bc-8098-ba58f9962dee:61418bc6-4106-4f91-81ea-1e1071b7c9bb", + "id": "metrics-*" + }, + { + "type": "index-pattern", + "name": "f3782cac-5b20-413c-a88d-cb01ebee5772:indexpattern-datasource-layer-e937f0c4-f880-4837-9315-69d043a3f6b1", + "id": "metrics-*" }, - "gridData": { - "h": 10, - "i": "e7826ce5-e7f7-4f33-87c6-2f74fc9fa508", - "w": 24, - "x": 24, - "y": 20 + { + "type": "index-pattern", + "name": "f3782cac-5b20-413c-a88d-cb01ebee5772:8aabc9bc-b40b-4f3c-b077-c4d19cd6b477", + "id": "metrics-*" }, - "panelIndex": "e7826ce5-e7f7-4f33-87c6-2f74fc9fa508", - "type": "lens", - "version": "8.6.0" - } + { + "type": "index-pattern", + "name": "b55b6992-8179-4bf9-8e79-8354509a956e:indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", + "id": "metrics-*" + }, + { + "type": "index-pattern", + "name": "b55b6992-8179-4bf9-8e79-8354509a956e:6502fda4-d554-4b5d-8e8b-e6d3c873901b", + "id": "metrics-*" + }, + { + "type": "index-pattern", + "name": "e7826ce5-e7f7-4f33-87c6-2f74fc9fa508:indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", + "id": "metrics-*" + }, + { + "type": "index-pattern", + "name": "e7826ce5-e7f7-4f33-87c6-2f74fc9fa508:702499ca-434e-41d4-b9a1-1d0bb27b244a", + "id": "metrics-*" + } ], - "timeRestore": false, - "title": "[Spring Boot] Memory and Threads", - "version": 1 - }, - "references": [ - { - "type": "index-pattern", - "name": "12e70c57-6059-400c-974f-b69423d435e9:indexpattern-datasource-layer-31ad067d-6820-43dc-a6fd-7a32a6a121f5", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "12e70c57-6059-400c-974f-b69423d435e9:8a86b358-6960-40ef-91ed-05c2c2e7c40f", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "eb0fc5f9-1c7d-48bc-8098-ba58f9962dee:indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "eb0fc5f9-1c7d-48bc-8098-ba58f9962dee:61418bc6-4106-4f91-81ea-1e1071b7c9bb", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "f3782cac-5b20-413c-a88d-cb01ebee5772:indexpattern-datasource-layer-e937f0c4-f880-4837-9315-69d043a3f6b1", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "f3782cac-5b20-413c-a88d-cb01ebee5772:8aabc9bc-b40b-4f3c-b077-c4d19cd6b477", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "b55b6992-8179-4bf9-8e79-8354509a956e:indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "b55b6992-8179-4bf9-8e79-8354509a956e:6502fda4-d554-4b5d-8e8b-e6d3c873901b", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "e7826ce5-e7f7-4f33-87c6-2f74fc9fa508:indexpattern-datasource-layer-760bf001-a3ae-46e6-a366-ab2c9c777cfc", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "e7826ce5-e7f7-4f33-87c6-2f74fc9fa508:702499ca-434e-41d4-b9a1-1d0bb27b244a", - "id": "metrics-*" - } - ], - "managed": false + "managed": false } \ No newline at end of file diff --git a/packages/spring_boot/kibana/dashboard/spring_boot-e8507040-c7b0-11ec-9c82-4b3dfe36a746.json b/packages/spring_boot/kibana/dashboard/spring_boot-e8507040-c7b0-11ec-9c82-4b3dfe36a746.json index 9db88464d5bb..eb90f754e5c3 100644 --- a/packages/spring_boot/kibana/dashboard/spring_boot-e8507040-c7b0-11ec-9c82-4b3dfe36a746.json +++ b/packages/spring_boot/kibana/dashboard/spring_boot-e8507040-c7b0-11ec-9c82-4b3dfe36a746.json @@ -1,1526 +1,1526 @@ { - "id": "spring_boot-e8507040-c7b0-11ec-9c82-4b3dfe36a746", - "type": "dashboard", - "namespaces": [ - "default" - ], - "migrationVersion": { - "dashboard": "8.7.0" - }, - "coreMigrationVersion": "8.8.0", - "typeMigrationVersion": "8.7.0", - "updated_at": "2024-01-03T20:12:28.833Z", - "created_at": "2024-01-03T20:12:28.833Z", - "version": "WzEwMiwxXQ==", - "attributes": { - "description": "Overview of Spring Boot Application.", - "hits": 0, - "kibanaSavedObjectMeta": { - "searchSourceJSON": { - "filter": [], - "query": { - "language": "kuery", - "query": "" - } - } - }, - "optionsJSON": { - "hidePanelTitles": false, - "syncColors": false, - "useMargins": true + "id": "spring_boot-e8507040-c7b0-11ec-9c82-4b3dfe36a746", + "type": "dashboard", + "namespaces": [ + "default" + ], + "migrationVersion": { + "dashboard": "8.7.0" }, - "panelsJSON": [ - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "786d6832-6c69-42e4-916f-df6df259fad1": { - "columnOrder": [ - "575bdfd0-6d2b-4c15-98f1-760a7c18a50a", - "19721a51-8e2d-4e20-993c-b8d31c721d0f" - ], - "columns": { - "19721a51-8e2d-4e20-993c-b8d31c721d0f": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Avg time", - "operationType": "average", - "params": { - "format": { - "id": "number", - "params": { - "decimals": 1 - } + "coreMigrationVersion": "8.8.0", + "typeMigrationVersion": "8.7.0", + "updated_at": "2024-01-03T20:12:28.833Z", + "created_at": "2024-01-03T20:12:28.833Z", + "version": "WzEwMiwxXQ==", + "attributes": { + "description": "Overview of Spring Boot Application.", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": { + "filter": [], + "query": { + "language": "kuery", + "query": "" + } + } + }, + "optionsJSON": { + "hidePanelTitles": false, + "syncColors": false, + "useMargins": true + }, + "panelsJSON": [ + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "786d6832-6c69-42e4-916f-df6df259fad1": { + "columnOrder": [ + "575bdfd0-6d2b-4c15-98f1-760a7c18a50a", + "19721a51-8e2d-4e20-993c-b8d31c721d0f" + ], + "columns": { + "19721a51-8e2d-4e20-993c-b8d31c721d0f": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Avg time", + "operationType": "average", + "params": { + "format": { + "id": "number", + "params": { + "decimals": 1 + } + } + }, + "scale": "ratio", + "sourceField": "event.duration" + }, + "575bdfd0-6d2b-4c15-98f1-760a7c18a50a": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "includeEmptyRows": true, + "interval": "1m" + }, + "scale": "interval", + "sourceField": "@timestamp" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "accessors": [ + "19721a51-8e2d-4e20-993c-b8d31c721d0f" + ], + "layerId": "786d6832-6c69-42e4-916f-df6df259fad1", + "layerType": "data", + "position": "top", + "seriesType": "line", + "showGridlines": false, + "xAccessor": "575bdfd0-6d2b-4c15-98f1-760a7c18a50a", + "yConfig": [ + { + "axisMode": "left", + "forAccessor": "19721a51-8e2d-4e20-993c-b8d31c721d0f" + } + ] + } + ], + "legend": { + "isVisible": true, + "position": "right", + "showSingleSeries": true, + "legendSize": "auto" + }, + "preferredSeriesType": "line", + "title": "Empty XY chart", + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + } } - }, - "scale": "ratio", - "sourceField": "event.duration" }, - "575bdfd0-6d2b-4c15-98f1-760a7c18a50a": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "includeEmptyRows": true, - "interval": "1m" - }, - "scale": "interval", - "sourceField": "@timestamp" - } - }, - "incompleteColumns": {} + "title": "Average time taken to handle the HTTP request-response exchange [Logs Spring Boot]", + "visualizationType": "lnsXY", + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-786d6832-6c69-42e4-916f-df6df259fad1", + "type": "index-pattern" + } + ] } - } - } - }, - "filters": [], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "layers": [ - { - "accessors": [ - "19721a51-8e2d-4e20-993c-b8d31c721d0f" - ], - "layerId": "786d6832-6c69-42e4-916f-df6df259fad1", - "layerType": "data", - "position": "top", - "seriesType": "line", - "showGridlines": false, - "xAccessor": "575bdfd0-6d2b-4c15-98f1-760a7c18a50a", - "yConfig": [ - { - "axisMode": "left", - "forAccessor": "19721a51-8e2d-4e20-993c-b8d31c721d0f" - } - ] - } - ], - "legend": { - "isVisible": true, - "position": "right", - "showSingleSeries": true, - "legendSize": "auto" }, - "preferredSeriesType": "line", - "title": "Empty XY chart", - "valueLabels": "hide", - "valuesInLegend": true, - "yLeftExtent": { - "mode": "full" + "gridData": { + "h": 12, + "i": "b55e357e-4c45-430c-ae63-2c6facaabc2e", + "w": 20, + "x": 0, + "y": 0 }, - "yRightExtent": { - "mode": "full" - } - } + "panelIndex": "b55e357e-4c45-430c-ae63-2c6facaabc2e", + "type": "lens", + "version": "8.6.0" }, - "title": "Average time taken to handle the HTTP request-response exchange [Logs Spring Boot]", - "visualizationType": "lnsXY", - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-786d6832-6c69-42e4-916f-df6df259fad1", - "type": "index-pattern" - } - ] - } - }, - "gridData": { - "h": 12, - "i": "b55e357e-4c45-430c-ae63-2c6facaabc2e", - "w": 20, - "x": 0, - "y": 0 - }, - "panelIndex": "b55e357e-4c45-430c-ae63-2c6facaabc2e", - "type": "lens", - "version": "8.6.0" - }, - { - "version": "8.7.0", - "type": "lens", - "gridData": { - "h": 6, - "i": "8da90917-936b-49b2-a845-24db7da4681e", - "w": 9, - "x": 20, - "y": 0 - }, - "panelIndex": "8da90917-936b-49b2-a845-24db7da4681e", - "embeddableConfig": { - "attributes": { - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-25d74ab0-7fd1-47c2-aaa5-bd9d13d5772c", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "197542f3-0a77-4046-a21d-9e87d097f9d9", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "5fab4c2b-f8e3-499d-946f-f7a8bdcbbbd9", - "type": "index-pattern" - } - ], - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "25d74ab0-7fd1-47c2-aaa5-bd9d13d5772c": { - "columnOrder": [ - "e65b0651-a054-45ff-9e39-c835bc2e45ee" - ], - "columns": { - "e65b0651-a054-45ff-9e39-c835bc2e45ee": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": " ", - "operationType": "count", - "scale": "ratio", - "sourceField": "___records___" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "197542f3-0a77-4046-a21d-9e87d097f9d9", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.http_trace" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.http_trace" - } - } + { + "version": "8.7.0", + "type": "lens", + "gridData": { + "h": 6, + "i": "8da90917-936b-49b2-a845-24db7da4681e", + "w": 9, + "x": 20, + "y": 0 }, - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "5fab4c2b-f8e3-499d-946f-f7a8bdcbbbd9", - "key": "http.response.status_code", - "negate": false, - "params": { - "query": 200 + "panelIndex": "8da90917-936b-49b2-a845-24db7da4681e", + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-25d74ab0-7fd1-47c2-aaa5-bd9d13d5772c", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "197542f3-0a77-4046-a21d-9e87d097f9d9", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "5fab4c2b-f8e3-499d-946f-f7a8bdcbbbd9", + "type": "index-pattern" + } + ], + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "25d74ab0-7fd1-47c2-aaa5-bd9d13d5772c": { + "columnOrder": [ + "e65b0651-a054-45ff-9e39-c835bc2e45ee" + ], + "columns": { + "e65b0651-a054-45ff-9e39-c835bc2e45ee": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": " ", + "operationType": "count", + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "197542f3-0a77-4046-a21d-9e87d097f9d9", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.http_trace" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.http_trace" + } + } + }, + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "5fab4c2b-f8e3-499d-946f-f7a8bdcbbbd9", + "key": "http.response.status_code", + "negate": false, + "params": { + "query": 200 + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "http.response.status_code": 200 + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "accessor": "e65b0651-a054-45ff-9e39-c835bc2e45ee", + "layerId": "25d74ab0-7fd1-47c2-aaa5-bd9d13d5772c", + "layerType": "data", + "textAlign": "center", + "titlePosition": "bottom", + "size": "xl" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsLegacyMetric" }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "http.response.status_code": 200 - } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "accessor": "e65b0651-a054-45ff-9e39-c835bc2e45ee", - "layerId": "25d74ab0-7fd1-47c2-aaa5-bd9d13d5772c", - "layerType": "data", - "textAlign": "center", - "titlePosition": "bottom", - "size": "xl" - } + "enhancements": {}, + "hidePanelTitles": false, + "type": "lens" + }, + "title": "Total successful requests [Logs Spring Boot]" }, - "title": "", - "type": "lens", - "visualizationType": "lnsLegacyMetric" - }, - "enhancements": {}, - "hidePanelTitles": false, - "type": "lens" - }, - "title": "Total successful requests [Logs Spring Boot]" - }, - { - "embeddableConfig": { - "enhancements": {}, - "attributes": { - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "73272b0b-e1d4-4a44-9904-adaad0d24159": { - "columnOrder": [ - "2fe1f301-207a-48ff-aa1c-13aaed31b9db", - "1b8c4683-1d76-49cc-95c8-691612657847" - ], - "columns": { - "1b8c4683-1d76-49cc-95c8-691612657847": { - "dataType": "number", - "isBucketed": false, - "label": "Count of records", - "operationType": "count", - "params": { - "format": { - "id": "number", - "params": { - "decimals": 2 - } + { + "embeddableConfig": { + "enhancements": {}, + "attributes": { + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "73272b0b-e1d4-4a44-9904-adaad0d24159": { + "columnOrder": [ + "2fe1f301-207a-48ff-aa1c-13aaed31b9db", + "1b8c4683-1d76-49cc-95c8-691612657847" + ], + "columns": { + "1b8c4683-1d76-49cc-95c8-691612657847": { + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "params": { + "format": { + "id": "number", + "params": { + "decimals": 2 + } + } + }, + "scale": "ratio", + "sourceField": "___records___" + }, + "2fe1f301-207a-48ff-aa1c-13aaed31b9db": { + "customLabel": true, + "dataType": "string", + "isBucketed": true, + "label": "Authentication Type", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "1b8c4683-1d76-49cc-95c8-691612657847", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 5 + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.type" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.audit_events" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.audit_events" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "layers": [ + { + "categoryDisplay": "default", + "layerId": "73272b0b-e1d4-4a44-9904-adaad0d24159", + "layerType": "data", + "legendDisplay": "show", + "legendMaxLines": 1, + "legendPosition": "bottom", + "nestedLegend": true, + "numberDisplay": "percent", + "truncateLegend": true, + "legendSize": "auto", + "primaryGroups": [ + "2fe1f301-207a-48ff-aa1c-13aaed31b9db" + ], + "metrics": [ + "1b8c4683-1d76-49cc-95c8-691612657847" + ] + } + ], + "shape": "pie" } - }, - "scale": "ratio", - "sourceField": "___records___" }, - "2fe1f301-207a-48ff-aa1c-13aaed31b9db": { - "customLabel": true, - "dataType": "string", - "isBucketed": true, - "label": "Authentication Type", - "operationType": "terms", - "params": { - "missingBucket": false, - "orderBy": { - "columnId": "1b8c4683-1d76-49cc-95c8-691612657847", - "type": "column" + "title": "Authentication type [Logs Spring Boot]", + "visualizationType": "lnsPie", + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" }, - "orderDirection": "desc", - "otherBucket": false, - "parentFormat": { - "id": "terms" + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-73272b0b-e1d4-4a44-9904-adaad0d24159", + "type": "index-pattern" }, - "size": 5 - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.type" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.audit_events" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.audit_events" + { + "id": "logs-*", + "name": "b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", + "type": "index-pattern" + } + ] } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "layers": [ - { - "categoryDisplay": "default", - "layerId": "73272b0b-e1d4-4a44-9904-adaad0d24159", - "layerType": "data", - "legendDisplay": "show", - "legendMaxLines": 1, - "legendPosition": "bottom", - "nestedLegend": true, - "numberDisplay": "percent", - "truncateLegend": true, - "legendSize": "auto", - "primaryGroups": [ - "2fe1f301-207a-48ff-aa1c-13aaed31b9db" - ], - "metrics": [ - "1b8c4683-1d76-49cc-95c8-691612657847" - ] - } - ], - "shape": "pie" - } + }, + "gridData": { + "h": 18, + "i": "3a6a263d-dec2-4f86-9b9d-8bdb6cea9ecb", + "w": 19, + "x": 29, + "y": 0 + }, + "panelIndex": "3a6a263d-dec2-4f86-9b9d-8bdb6cea9ecb", + "type": "lens", + "version": "8.6.0" }, - "title": "Authentication type [Logs Spring Boot]", - "visualizationType": "lnsPie", - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-73272b0b-e1d4-4a44-9904-adaad0d24159", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", - "type": "index-pattern" - } - ] - } - }, - "gridData": { - "h": 18, - "i": "3a6a263d-dec2-4f86-9b9d-8bdb6cea9ecb", - "w": 19, - "x": 29, - "y": 0 - }, - "panelIndex": "3a6a263d-dec2-4f86-9b9d-8bdb6cea9ecb", - "type": "lens", - "version": "8.6.0" - }, - { - "version": "8.7.0", - "type": "lens", - "gridData": { - "h": 6, - "i": "44a2b9a5-626c-426b-8bbb-921b56040444", - "w": 9, - "x": 20, - "y": 6 - }, - "panelIndex": "44a2b9a5-626c-426b-8bbb-921b56040444", - "embeddableConfig": { - "attributes": { - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-a41a8eed-69fe-4838-b8f5-b322f7661832", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "fa18f56b-ae06-4e5e-96e4-b1f68ce9a35f", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "0e57fdc9-82ca-45c5-bdfa-57704436ea9a", - "type": "index-pattern" - } - ], - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "a41a8eed-69fe-4838-b8f5-b322f7661832": { - "columnOrder": [ - "58748aeb-032e-407b-9c76-7e41c419b1a8" - ], - "columns": { - "58748aeb-032e-407b-9c76-7e41c419b1a8": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": " ", - "operationType": "count", - "scale": "ratio", - "sourceField": "___records___" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "fa18f56b-ae06-4e5e-96e4-b1f68ce9a35f", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.http_trace" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.http_trace" - } - } + { + "version": "8.7.0", + "type": "lens", + "gridData": { + "h": 6, + "i": "44a2b9a5-626c-426b-8bbb-921b56040444", + "w": 9, + "x": 20, + "y": 6 }, - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "0e57fdc9-82ca-45c5-bdfa-57704436ea9a", - "key": "http.response.status_code", - "negate": true, - "params": { - "query": 200 + "panelIndex": "44a2b9a5-626c-426b-8bbb-921b56040444", + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-a41a8eed-69fe-4838-b8f5-b322f7661832", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "fa18f56b-ae06-4e5e-96e4-b1f68ce9a35f", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "0e57fdc9-82ca-45c5-bdfa-57704436ea9a", + "type": "index-pattern" + } + ], + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "a41a8eed-69fe-4838-b8f5-b322f7661832": { + "columnOrder": [ + "58748aeb-032e-407b-9c76-7e41c419b1a8" + ], + "columns": { + "58748aeb-032e-407b-9c76-7e41c419b1a8": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": " ", + "operationType": "count", + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "fa18f56b-ae06-4e5e-96e4-b1f68ce9a35f", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.http_trace" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.http_trace" + } + } + }, + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "0e57fdc9-82ca-45c5-bdfa-57704436ea9a", + "key": "http.response.status_code", + "negate": true, + "params": { + "query": 200 + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "http.response.status_code": 200 + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "accessor": "58748aeb-032e-407b-9c76-7e41c419b1a8", + "layerId": "a41a8eed-69fe-4838-b8f5-b322f7661832", + "layerType": "data", + "textAlign": "center", + "titlePosition": "bottom", + "size": "xl" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsLegacyMetric" }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "http.response.status_code": 200 - } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "accessor": "58748aeb-032e-407b-9c76-7e41c419b1a8", - "layerId": "a41a8eed-69fe-4838-b8f5-b322f7661832", - "layerType": "data", - "textAlign": "center", - "titlePosition": "bottom", - "size": "xl" - } + "enhancements": {}, + "hidePanelTitles": false, + "type": "lens" + }, + "title": "Total failed requests [Logs Spring Boot]" }, - "title": "", - "type": "lens", - "visualizationType": "lnsLegacyMetric" - }, - "enhancements": {}, - "hidePanelTitles": false, - "type": "lens" - }, - "title": "Total failed requests [Logs Spring Boot]" - }, - { - "version": "8.7.0", - "type": "lens", - "gridData": { - "h": 6, - "i": "d227dc3c-7902-44e7-b367-36bee05b96ab", - "w": 9, - "x": 20, - "y": 12 - }, - "panelIndex": "d227dc3c-7902-44e7-b367-36bee05b96ab", - "embeddableConfig": { - "attributes": { - "references": [ - { - "id": "metrics-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "indexpattern-datasource-layer-3e8e41c2-e9bd-4bf7-9e82-d478063ca973", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "e3a2a6e7-f5c1-484a-bbe7-6dd3df9e258b", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "0a93fba6-6f3f-4f2c-a19e-ead075b97111", - "type": "index-pattern" - } - ], - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "3e8e41c2-e9bd-4bf7-9e82-d478063ca973": { - "columnOrder": [ - "523fb967-5b16-44a7-b663-0f5aa6452db8" - ], - "columns": { - "523fb967-5b16-44a7-b663-0f5aa6452db8": { - "customLabel": true, - "dataType": "number", - "filter": { - "language": "kuery", - "query": "spring_boot.threading.threads.current.allocated_bytes : *" - }, - "isBucketed": false, - "label": " ", - "operationType": "last_value", - "params": { - "format": { - "id": "bytes", - "params": { - "decimals": 1 - } + { + "version": "8.7.0", + "type": "lens", + "gridData": { + "h": 6, + "i": "d227dc3c-7902-44e7-b367-36bee05b96ab", + "w": 9, + "x": 20, + "y": 12 + }, + "panelIndex": "d227dc3c-7902-44e7-b367-36bee05b96ab", + "embeddableConfig": { + "attributes": { + "references": [ + { + "id": "metrics-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" }, - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ratio", - "sourceField": "spring_boot.threading.threads.current.allocated_bytes" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "e3a2a6e7-f5c1-484a-bbe7-6dd3df9e258b", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.threading" + { + "id": "metrics-*", + "name": "indexpattern-datasource-layer-3e8e41c2-e9bd-4bf7-9e82-d478063ca973", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "e3a2a6e7-f5c1-484a-bbe7-6dd3df9e258b", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "0a93fba6-6f3f-4f2c-a19e-ead075b97111", + "type": "index-pattern" + } + ], + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "3e8e41c2-e9bd-4bf7-9e82-d478063ca973": { + "columnOrder": [ + "523fb967-5b16-44a7-b663-0f5aa6452db8" + ], + "columns": { + "523fb967-5b16-44a7-b663-0f5aa6452db8": { + "customLabel": true, + "dataType": "number", + "filter": { + "language": "kuery", + "query": "spring_boot.threading.threads.current.allocated_bytes : *" + }, + "isBucketed": false, + "label": " ", + "operationType": "last_value", + "params": { + "format": { + "id": "bytes", + "params": { + "decimals": 1 + } + }, + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ratio", + "sourceField": "spring_boot.threading.threads.current.allocated_bytes" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "e3a2a6e7-f5c1-484a-bbe7-6dd3df9e258b", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.threading" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.threading" + } + } + }, + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "0a93fba6-6f3f-4f2c-a19e-ead075b97111", + "key": "spring_boot.threading.threads.current.allocated_bytes", + "negate": false, + "type": "exists", + "value": "exists" + }, + "query": { + "exists": { + "field": "spring_boot.threading.threads.current.allocated_bytes" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "accessor": "523fb967-5b16-44a7-b663-0f5aa6452db8", + "colorMode": "None", + "layerId": "3e8e41c2-e9bd-4bf7-9e82-d478063ca973", + "layerType": "data", + "textAlign": "center", + "titlePosition": "bottom", + "size": "xl" + } + }, + "title": "", + "type": "lens", + "visualizationType": "lnsLegacyMetric" }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.threading" - } - } + "enhancements": {}, + "hidePanelTitles": false, + "type": "lens" }, - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "0a93fba6-6f3f-4f2c-a19e-ead075b97111", - "key": "spring_boot.threading.threads.current.allocated_bytes", - "negate": false, - "type": "exists", - "value": "exists" - }, - "query": { - "exists": { - "field": "spring_boot.threading.threads.current.allocated_bytes" - } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "accessor": "523fb967-5b16-44a7-b663-0f5aa6452db8", - "colorMode": "None", - "layerId": "3e8e41c2-e9bd-4bf7-9e82-d478063ca973", - "layerType": "data", - "textAlign": "center", - "titlePosition": "bottom", - "size": "xl" - } + "title": "Total memory of current thread in system [Metrics Spring Boot]" }, - "title": "", - "type": "lens", - "visualizationType": "lnsLegacyMetric" - }, - "enhancements": {}, - "hidePanelTitles": false, - "type": "lens" - }, - "title": "Total memory of current thread in system [Metrics Spring Boot]" - }, - { - "embeddableConfig": { - "enhancements": {}, - "attributes": { - "state": { - "adHocDataViews": {}, - "datasourceStates": { - "formBased": { - "layers": { - "31ad067d-6820-43dc-a6fd-7a32a6a121f5": { - "columnOrder": [ - "ce51dd8d-7fd5-4ebf-a835-9ffe83125746", - "07747e2a-9e75-47d8-b1d4-87c0340cf60d", - "9b2297d6-8625-44a3-a7ba-633da40efcfb" - ], - "columns": { - "07747e2a-9e75-47d8-b1d4-87c0340cf60d": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Heap Used", - "operationType": "last_value", - "params": { - "format": { - "id": "bytes", - "params": { - "decimals": 0 - } + { + "embeddableConfig": { + "enhancements": {}, + "attributes": { + "state": { + "adHocDataViews": {}, + "datasourceStates": { + "formBased": { + "layers": { + "31ad067d-6820-43dc-a6fd-7a32a6a121f5": { + "columnOrder": [ + "ce51dd8d-7fd5-4ebf-a835-9ffe83125746", + "07747e2a-9e75-47d8-b1d4-87c0340cf60d", + "9b2297d6-8625-44a3-a7ba-633da40efcfb" + ], + "columns": { + "07747e2a-9e75-47d8-b1d4-87c0340cf60d": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Heap Used", + "operationType": "last_value", + "params": { + "format": { + "id": "bytes", + "params": { + "decimals": 0 + } + }, + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ratio", + "sourceField": "spring_boot.memory.heap.used" + }, + "9b2297d6-8625-44a3-a7ba-633da40efcfb": { + "customLabel": true, + "dataType": "number", + "isBucketed": false, + "label": "Non Heap Used", + "operationType": "last_value", + "params": { + "format": { + "id": "bytes", + "params": { + "decimals": 0 + } + }, + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ratio", + "sourceField": "spring_boot.memory.non_heap.used" + }, + "ce51dd8d-7fd5-4ebf-a835-9ffe83125746": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "dropPartials": true, + "includeEmptyRows": false, + "interval": "auto" + }, + "scale": "interval", + "sourceField": "@timestamp" + } + }, + "incompleteColumns": {} + } + } + } }, - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ratio", - "sourceField": "spring_boot.memory.heap.used" - }, - "9b2297d6-8625-44a3-a7ba-633da40efcfb": { - "customLabel": true, - "dataType": "number", - "isBucketed": false, - "label": "Non Heap Used", - "operationType": "last_value", - "params": { - "format": { - "id": "bytes", - "params": { - "decimals": 0 - } + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "8a86b358-6960-40ef-91ed-05c2c2e7c40f", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.memory" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.memory" + } + } + } + ], + "internalReferences": [], + "query": { + "language": "kuery", + "query": "" }, - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ratio", - "sourceField": "spring_boot.memory.non_heap.used" + "visualization": { + "layers": [ + { + "accessors": [ + "07747e2a-9e75-47d8-b1d4-87c0340cf60d", + "9b2297d6-8625-44a3-a7ba-633da40efcfb" + ], + "layerId": "31ad067d-6820-43dc-a6fd-7a32a6a121f5", + "layerType": "data", + "position": "top", + "seriesType": "line", + "showGridlines": false, + "xAccessor": "ce51dd8d-7fd5-4ebf-a835-9ffe83125746" + } + ], + "legend": { + "isVisible": true, + "legendSize": "auto", + "position": "right", + "showSingleSeries": true + }, + "preferredSeriesType": "line", + "title": "Empty XY chart", + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + }, + "yTitle": "Memory" + } }, - "ce51dd8d-7fd5-4ebf-a835-9ffe83125746": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "dropPartials": true, - "includeEmptyRows": false, - "interval": "auto" - }, - "scale": "interval", - "sourceField": "@timestamp" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "8a86b358-6960-40ef-91ed-05c2c2e7c40f", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.memory" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.memory" + "title": "Heap and non-heap memory [Metrics Spring Boot]", + "visualizationType": "lnsXY", + "references": [ + { + "id": "metrics-*", + "name": "indexpattern-datasource-layer-31ad067d-6820-43dc-a6fd-7a32a6a121f5", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "8a86b358-6960-40ef-91ed-05c2c2e7c40f", + "type": "index-pattern" + } + ] } - } - } - ], - "internalReferences": [], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "layers": [ - { - "accessors": [ - "07747e2a-9e75-47d8-b1d4-87c0340cf60d", - "9b2297d6-8625-44a3-a7ba-633da40efcfb" - ], - "layerId": "31ad067d-6820-43dc-a6fd-7a32a6a121f5", - "layerType": "data", - "position": "top", - "seriesType": "line", - "showGridlines": false, - "xAccessor": "ce51dd8d-7fd5-4ebf-a835-9ffe83125746" - } - ], - "legend": { - "isVisible": true, - "legendSize": "auto", - "position": "right", - "showSingleSeries": true }, - "preferredSeriesType": "line", - "title": "Empty XY chart", - "valueLabels": "hide", - "valuesInLegend": true, - "yLeftExtent": { - "mode": "full" + "gridData": { + "h": 17, + "i": "47822937-f8de-43cd-8000-b0c08d933804", + "w": 20, + "x": 0, + "y": 12 }, - "yRightExtent": { - "mode": "full" - }, - "yTitle": "Memory" - } + "panelIndex": "47822937-f8de-43cd-8000-b0c08d933804", + "type": "lens", + "version": "8.6.0" }, - "title": "Heap and non-heap memory [Metrics Spring Boot]", - "visualizationType": "lnsXY", - "references": [ - { - "id": "metrics-*", - "name": "indexpattern-datasource-layer-31ad067d-6820-43dc-a6fd-7a32a6a121f5", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "8a86b358-6960-40ef-91ed-05c2c2e7c40f", - "type": "index-pattern" - } - ] - } - }, - "gridData": { - "h": 17, - "i": "47822937-f8de-43cd-8000-b0c08d933804", - "w": 20, - "x": 0, - "y": 12 - }, - "panelIndex": "47822937-f8de-43cd-8000-b0c08d933804", - "type": "lens", - "version": "8.6.0" - }, - { - "embeddableConfig": { - "enhancements": {}, - "attributes": { - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "12461a5e-412f-4380-9b8a-d4dfe0fa20bc": { - "columnOrder": [ - "2dbf54bf-2147-4302-902b-a176ae9df338", - "21757728-2591-42a8-bed5-10cc5c097d85", - "9a043bf0-329d-4632-a095-86760550bd75" - ], - "columns": { - "21757728-2591-42a8-bed5-10cc5c097d85": { - "dataType": "number", - "isBucketed": true, - "label": "http.response.status_code", - "operationType": "range", - "params": { - "maxBars": "auto", - "ranges": [ - { - "from": 0, - "label": "", - "to": 1000 - } + { + "embeddableConfig": { + "enhancements": {}, + "attributes": { + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "12461a5e-412f-4380-9b8a-d4dfe0fa20bc": { + "columnOrder": [ + "2dbf54bf-2147-4302-902b-a176ae9df338", + "21757728-2591-42a8-bed5-10cc5c097d85", + "9a043bf0-329d-4632-a095-86760550bd75" + ], + "columns": { + "21757728-2591-42a8-bed5-10cc5c097d85": { + "dataType": "number", + "isBucketed": true, + "label": "http.response.status_code", + "operationType": "range", + "params": { + "maxBars": "auto", + "ranges": [ + { + "from": 0, + "label": "", + "to": 1000 + } + ], + "type": "histogram" + }, + "scale": "interval", + "sourceField": "http.response.status_code" + }, + "2dbf54bf-2147-4302-902b-a176ae9df338": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "includeEmptyRows": true, + "interval": "1m" + }, + "scale": "interval", + "sourceField": "@timestamp" + }, + "9a043bf0-329d-4632-a095-86760550bd75": { + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } + }, + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "ba5b5f52-398a-48c9-8021-520aa78ccdba", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.http_trace" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.http_trace" + } + } + } ], - "type": "histogram" - }, - "scale": "interval", - "sourceField": "http.response.status_code" - }, - "2dbf54bf-2147-4302-902b-a176ae9df338": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "includeEmptyRows": true, - "interval": "1m" - }, - "scale": "interval", - "sourceField": "@timestamp" + "query": { + "language": "kuery", + "query": "" + }, + "visualization": { + "axisTitlesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "fittingFunction": "None", + "gridlinesVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "labelsOrientation": { + "x": 0, + "yLeft": 0, + "yRight": 0 + }, + "layers": [ + { + "accessors": [ + "9a043bf0-329d-4632-a095-86760550bd75" + ], + "layerId": "12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "layerType": "data", + "position": "top", + "seriesType": "bar", + "showGridlines": false, + "splitAccessor": "21757728-2591-42a8-bed5-10cc5c097d85", + "xAccessor": "2dbf54bf-2147-4302-902b-a176ae9df338" + } + ], + "legend": { + "horizontalAlignment": "right", + "isInside": false, + "isVisible": true, + "maxLines": 1, + "position": "right", + "shouldTruncate": false, + "showSingleSeries": false, + "verticalAlignment": "top", + "legendSize": "auto" + }, + "preferredSeriesType": "bar", + "tickLabelsVisibilitySettings": { + "x": true, + "yLeft": true, + "yRight": true + }, + "valueLabels": "hide", + "valuesInLegend": true, + "yLeftExtent": { + "mode": "full" + }, + "yRightExtent": { + "mode": "full" + } + } }, - "9a043bf0-329d-4632-a095-86760550bd75": { - "dataType": "number", - "isBucketed": false, - "label": "Count of records", - "operationType": "count", - "scale": "ratio", - "sourceField": "___records___" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "ba5b5f52-398a-48c9-8021-520aa78ccdba", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.http_trace" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.http_trace" + "title": "HTTP Request status code [Logs Spring Boot]", + "visualizationType": "lnsXY", + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "ba5b5f52-398a-48c9-8021-520aa78ccdba", + "type": "index-pattern" + } + ] } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "axisTitlesVisibilitySettings": { - "x": true, - "yLeft": true, - "yRight": true - }, - "fittingFunction": "None", - "gridlinesVisibilitySettings": { - "x": true, - "yLeft": true, - "yRight": true }, - "labelsOrientation": { - "x": 0, - "yLeft": 0, - "yRight": 0 + "gridData": { + "h": 11, + "i": "16610775-6aaa-4759-a3eb-a67c55f5d780", + "w": 28, + "x": 20, + "y": 18 }, - "layers": [ - { - "accessors": [ - "9a043bf0-329d-4632-a095-86760550bd75" - ], - "layerId": "12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "layerType": "data", - "position": "top", - "seriesType": "bar", - "showGridlines": false, - "splitAccessor": "21757728-2591-42a8-bed5-10cc5c097d85", - "xAccessor": "2dbf54bf-2147-4302-902b-a176ae9df338" - } - ], - "legend": { - "horizontalAlignment": "right", - "isInside": false, - "isVisible": true, - "maxLines": 1, - "position": "right", - "shouldTruncate": false, - "showSingleSeries": false, - "verticalAlignment": "top", - "legendSize": "auto" - }, - "preferredSeriesType": "bar", - "tickLabelsVisibilitySettings": { - "x": true, - "yLeft": true, - "yRight": true - }, - "valueLabels": "hide", - "valuesInLegend": true, - "yLeftExtent": { - "mode": "full" - }, - "yRightExtent": { - "mode": "full" - } - } + "panelIndex": "16610775-6aaa-4759-a3eb-a67c55f5d780", + "type": "lens", + "version": "8.6.0" }, - "title": "HTTP Request status code [Logs Spring Boot]", - "visualizationType": "lnsXY", - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "ba5b5f52-398a-48c9-8021-520aa78ccdba", - "type": "index-pattern" - } - ] - } - }, - "gridData": { - "h": 11, - "i": "16610775-6aaa-4759-a3eb-a67c55f5d780", - "w": 28, - "x": 20, - "y": 18 - }, - "panelIndex": "16610775-6aaa-4759-a3eb-a67c55f5d780", - "type": "lens", - "version": "8.6.0" - }, - { - "embeddableConfig": { - "enhancements": {}, - "attributes": { - "description": "", - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "41dbf555-e40a-45dc-83d7-18b18263e8de": { - "columnOrder": [ - "3624c7a7-411d-4138-9fdf-8b8a0694d285", - "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", - "a84b9b2d-8712-4975-a242-7996161a71da", - "5209c821-5ae2-40d6-b2c5-321b76c96ebc", - "52932019-4385-469b-9f4d-6becd3a912f6", - "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081" - ], - "columns": { - "3624c7a7-411d-4138-9fdf-8b8a0694d285": { - "dataType": "string", - "isBucketed": true, - "label": "Top 100 values of spring_boot.audit_events.document_id", - "operationType": "terms", - "params": { - "missingBucket": false, - "orderBy": { - "fallback": true, - "type": "alphabetical" + { + "embeddableConfig": { + "enhancements": {}, + "attributes": { + "description": "", + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "41dbf555-e40a-45dc-83d7-18b18263e8de": { + "columnOrder": [ + "3624c7a7-411d-4138-9fdf-8b8a0694d285", + "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", + "a84b9b2d-8712-4975-a242-7996161a71da", + "5209c821-5ae2-40d6-b2c5-321b76c96ebc", + "52932019-4385-469b-9f4d-6becd3a912f6", + "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081" + ], + "columns": { + "3624c7a7-411d-4138-9fdf-8b8a0694d285": { + "dataType": "string", + "isBucketed": true, + "label": "Top 100 values of spring_boot.audit_events.document_id", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "fallback": true, + "type": "alphabetical" + }, + "orderDirection": "asc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 100 + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.document_id" + }, + "5209c821-5ae2-40d6-b2c5-321b76c96ebc": { + "customLabel": true, + "dataType": "string", + "isBucketed": false, + "label": "Host", + "operationType": "last_value", + "params": { + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.data.remote_address" + }, + "52932019-4385-469b-9f4d-6becd3a912f6": { + "customLabel": true, + "dataType": "string", + "isBucketed": false, + "label": "Session ID", + "operationType": "last_value", + "params": { + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.data.session_id" + }, + "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081": { + "customLabel": true, + "dataType": "string", + "isBucketed": false, + "label": "Authentication type", + "operationType": "last_value", + "params": { + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.type" + }, + "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8": { + "dataType": "date", + "isBucketed": true, + "label": "@timestamp", + "operationType": "date_histogram", + "params": { + "includeEmptyRows": false, + "interval": "1s" + }, + "scale": "interval", + "sourceField": "@timestamp" + }, + "a84b9b2d-8712-4975-a242-7996161a71da": { + "customLabel": true, + "dataType": "string", + "isBucketed": false, + "label": "Principal", + "operationType": "last_value", + "params": { + "showArrayValues": true, + "sortField": "@timestamp" + }, + "scale": "ordinal", + "sourceField": "spring_boot.audit_events.principal" + } + }, + "incompleteColumns": {} + } + } + } }, - "orderDirection": "asc", - "otherBucket": false, - "parentFormat": { - "id": "terms" + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "96d564d4-65af-4ed2-a3f6-0af7787d4b01", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.audit_events" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.audit_events" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" }, - "size": 100 - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.document_id" - }, - "5209c821-5ae2-40d6-b2c5-321b76c96ebc": { - "customLabel": true, - "dataType": "string", - "isBucketed": false, - "label": "Host", - "operationType": "last_value", - "params": { - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.data.remote_address" - }, - "52932019-4385-469b-9f4d-6becd3a912f6": { - "customLabel": true, - "dataType": "string", - "isBucketed": false, - "label": "Session ID", - "operationType": "last_value", - "params": { - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.data.session_id" - }, - "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081": { - "customLabel": true, - "dataType": "string", - "isBucketed": false, - "label": "Authentication type", - "operationType": "last_value", - "params": { - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.type" - }, - "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8": { - "dataType": "date", - "isBucketed": true, - "label": "@timestamp", - "operationType": "date_histogram", - "params": { - "includeEmptyRows": false, - "interval": "1s" - }, - "scale": "interval", - "sourceField": "@timestamp" + "visualization": { + "columns": [ + { + "alignment": "center", + "columnId": "a84b9b2d-8712-4975-a242-7996161a71da", + "hidden": false, + "isTransposed": false, + "width": 166 + }, + { + "alignment": "center", + "columnId": "5209c821-5ae2-40d6-b2c5-321b76c96ebc", + "isTransposed": false, + "width": 183.41666666666669 + }, + { + "alignment": "center", + "columnId": "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081", + "isTransposed": false, + "width": 296.41666666666674 + }, + { + "alignment": "center", + "columnId": "3624c7a7-411d-4138-9fdf-8b8a0694d285", + "hidden": true, + "isTransposed": false + }, + { + "alignment": "center", + "columnId": "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", + "isTransposed": false, + "width": 128.16666666666652 + }, + { + "alignment": "center", + "columnId": "52932019-4385-469b-9f4d-6becd3a912f6", + "isTransposed": false + } + ], + "fitRowToContent": true, + "layerId": "41dbf555-e40a-45dc-83d7-18b18263e8de", + "layerType": "data", + "paging": { + "enabled": true, + "size": 10 + }, + "rowHeight": "auto", + "rowHeightLines": 2, + "sorting": { + "columnId": "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", + "direction": "desc" + } + } }, - "a84b9b2d-8712-4975-a242-7996161a71da": { - "customLabel": true, - "dataType": "string", - "isBucketed": false, - "label": "Principal", - "operationType": "last_value", - "params": { - "showArrayValues": true, - "sortField": "@timestamp" - }, - "scale": "ordinal", - "sourceField": "spring_boot.audit_events.principal" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "96d564d4-65af-4ed2-a3f6-0af7787d4b01", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.audit_events" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.audit_events" + "title": "Audit Events [Logs Spring Boot]", + "visualizationType": "lnsDatatable", + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-41dbf555-e40a-45dc-83d7-18b18263e8de", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "96d564d4-65af-4ed2-a3f6-0af7787d4b01", + "type": "index-pattern" + } + ] } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "columns": [ - { - "alignment": "center", - "columnId": "a84b9b2d-8712-4975-a242-7996161a71da", - "hidden": false, - "isTransposed": false, - "width": 166 - }, - { - "alignment": "center", - "columnId": "5209c821-5ae2-40d6-b2c5-321b76c96ebc", - "isTransposed": false, - "width": 183.41666666666669 - }, - { - "alignment": "center", - "columnId": "5c3ff6ac-16ca-4b9b-912d-a47e7c7d7081", - "isTransposed": false, - "width": 296.41666666666674 - }, - { - "alignment": "center", - "columnId": "3624c7a7-411d-4138-9fdf-8b8a0694d285", - "hidden": true, - "isTransposed": false - }, - { - "alignment": "center", - "columnId": "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", - "isTransposed": false, - "width": 128.16666666666652 - }, - { - "alignment": "center", - "columnId": "52932019-4385-469b-9f4d-6becd3a912f6", - "isTransposed": false - } - ], - "fitRowToContent": true, - "layerId": "41dbf555-e40a-45dc-83d7-18b18263e8de", - "layerType": "data", - "paging": { - "enabled": true, - "size": 10 }, - "rowHeight": "auto", - "rowHeightLines": 2, - "sorting": { - "columnId": "769bee1d-5cdf-49f1-9fa3-53ce8f2388c8", - "direction": "desc" - } - } + "gridData": { + "h": 14, + "i": "1f75e59b-5626-4dce-ac6d-f7ee2b71bb29", + "w": 31, + "x": 0, + "y": 29 + }, + "panelIndex": "1f75e59b-5626-4dce-ac6d-f7ee2b71bb29", + "type": "lens", + "version": "8.6.0" }, - "title": "Audit Events [Logs Spring Boot]", - "visualizationType": "lnsDatatable", - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-41dbf555-e40a-45dc-83d7-18b18263e8de", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "96d564d4-65af-4ed2-a3f6-0af7787d4b01", - "type": "index-pattern" - } - ] - } - }, - "gridData": { - "h": 14, - "i": "1f75e59b-5626-4dce-ac6d-f7ee2b71bb29", - "w": 31, - "x": 0, - "y": 29 - }, - "panelIndex": "1f75e59b-5626-4dce-ac6d-f7ee2b71bb29", - "type": "lens", - "version": "8.6.0" - }, - { - "embeddableConfig": { - "enhancements": {}, - "hidePanelTitles": false, - "attributes": { - "state": { - "datasourceStates": { - "formBased": { - "layers": { - "12461a5e-412f-4380-9b8a-d4dfe0fa20bc": { - "columnOrder": [ - "59a904ae-9fcd-4d06-b201-09117b1981d6", - "9a043bf0-329d-4632-a095-86760550bd75" - ], - "columns": { - "59a904ae-9fcd-4d06-b201-09117b1981d6": { - "dataType": "string", - "isBucketed": true, - "label": "Top values of http.request.method", - "operationType": "terms", - "params": { - "missingBucket": false, - "orderBy": { - "columnId": "9a043bf0-329d-4632-a095-86760550bd75", - "type": "column" + { + "embeddableConfig": { + "enhancements": {}, + "hidePanelTitles": false, + "attributes": { + "state": { + "datasourceStates": { + "formBased": { + "layers": { + "12461a5e-412f-4380-9b8a-d4dfe0fa20bc": { + "columnOrder": [ + "59a904ae-9fcd-4d06-b201-09117b1981d6", + "9a043bf0-329d-4632-a095-86760550bd75" + ], + "columns": { + "59a904ae-9fcd-4d06-b201-09117b1981d6": { + "dataType": "string", + "isBucketed": true, + "label": "Top values of http.request.method", + "operationType": "terms", + "params": { + "missingBucket": false, + "orderBy": { + "columnId": "9a043bf0-329d-4632-a095-86760550bd75", + "type": "column" + }, + "orderDirection": "desc", + "otherBucket": false, + "parentFormat": { + "id": "terms" + }, + "size": 5 + }, + "scale": "ordinal", + "sourceField": "http.request.method" + }, + "9a043bf0-329d-4632-a095-86760550bd75": { + "dataType": "number", + "isBucketed": false, + "label": "Count of records", + "operationType": "count", + "scale": "ratio", + "sourceField": "___records___" + } + }, + "incompleteColumns": {} + } + } + } }, - "orderDirection": "desc", - "otherBucket": false, - "parentFormat": { - "id": "terms" + "filters": [ + { + "$state": { + "store": "appState" + }, + "meta": { + "alias": null, + "disabled": false, + "index": "76ee3705-3872-45f3-8cbf-f0595d97905d", + "key": "event.dataset", + "negate": false, + "params": { + "query": "spring_boot.http_trace" + }, + "type": "phrase" + }, + "query": { + "match_phrase": { + "event.dataset": "spring_boot.http_trace" + } + } + } + ], + "query": { + "language": "kuery", + "query": "" }, - "size": 5 - }, - "scale": "ordinal", - "sourceField": "http.request.method" + "visualization": { + "layers": [ + { + "categoryDisplay": "default", + "layerId": "12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "layerType": "data", + "legendDisplay": "show", + "nestedLegend": true, + "numberDisplay": "percent", + "legendSize": "auto", + "primaryGroups": [ + "59a904ae-9fcd-4d06-b201-09117b1981d6" + ], + "metrics": [ + "9a043bf0-329d-4632-a095-86760550bd75" + ] + } + ], + "shape": "pie" + } }, - "9a043bf0-329d-4632-a095-86760550bd75": { - "dataType": "number", - "isBucketed": false, - "label": "Count of records", - "operationType": "count", - "scale": "ratio", - "sourceField": "___records___" - } - }, - "incompleteColumns": {} - } - } - } - }, - "filters": [ - { - "$state": { - "store": "appState" - }, - "meta": { - "alias": null, - "disabled": false, - "index": "76ee3705-3872-45f3-8cbf-f0595d97905d", - "key": "event.dataset", - "negate": false, - "params": { - "query": "spring_boot.http_trace" - }, - "type": "phrase" - }, - "query": { - "match_phrase": { - "event.dataset": "spring_boot.http_trace" + "title": "HTTP Request method types [Metrics Spring Boot]", + "visualizationType": "lnsPie", + "references": [ + { + "id": "logs-*", + "name": "indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "76ee3705-3872-45f3-8cbf-f0595d97905d", + "type": "index-pattern" + } + ] } - } - } - ], - "query": { - "language": "kuery", - "query": "" - }, - "visualization": { - "layers": [ - { - "categoryDisplay": "default", - "layerId": "12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "layerType": "data", - "legendDisplay": "show", - "nestedLegend": true, - "numberDisplay": "percent", - "legendSize": "auto", - "primaryGroups": [ - "59a904ae-9fcd-4d06-b201-09117b1981d6" - ], - "metrics": [ - "9a043bf0-329d-4632-a095-86760550bd75" - ] - } - ], - "shape": "pie" - } - }, - "title": "HTTP Request method types [Metrics Spring Boot]", - "visualizationType": "lnsPie", - "references": [ - { - "id": "logs-*", - "name": "indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "76ee3705-3872-45f3-8cbf-f0595d97905d", - "type": "index-pattern" - } - ] - } + }, + "gridData": { + "h": 14, + "i": "7549bdf0-d5de-4851-9e9f-867a65684052", + "w": 17, + "x": 31, + "y": 29 + }, + "panelIndex": "7549bdf0-d5de-4851-9e9f-867a65684052", + "title": "HTTP Request method types [Logs Spring Boot]", + "type": "lens", + "version": "8.6.0" + } + ], + "timeRestore": false, + "title": "[Spring Boot] Overview Dashboard", + "version": 1 + }, + "references": [ + { + "id": "logs-*", + "name": "8da90917-936b-49b2-a845-24db7da4681e:indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "8da90917-936b-49b2-a845-24db7da4681e:indexpattern-datasource-layer-25d74ab0-7fd1-47c2-aaa5-bd9d13d5772c", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "8da90917-936b-49b2-a845-24db7da4681e:197542f3-0a77-4046-a21d-9e87d097f9d9", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "8da90917-936b-49b2-a845-24db7da4681e:5fab4c2b-f8e3-499d-946f-f7a8bdcbbbd9", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "44a2b9a5-626c-426b-8bbb-921b56040444:indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "44a2b9a5-626c-426b-8bbb-921b56040444:indexpattern-datasource-layer-a41a8eed-69fe-4838-b8f5-b322f7661832", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "44a2b9a5-626c-426b-8bbb-921b56040444:fa18f56b-ae06-4e5e-96e4-b1f68ce9a35f", + "type": "index-pattern" }, - "gridData": { - "h": 14, - "i": "7549bdf0-d5de-4851-9e9f-867a65684052", - "w": 17, - "x": 31, - "y": 29 + { + "id": "logs-*", + "name": "44a2b9a5-626c-426b-8bbb-921b56040444:0e57fdc9-82ca-45c5-bdfa-57704436ea9a", + "type": "index-pattern" }, - "panelIndex": "7549bdf0-d5de-4851-9e9f-867a65684052", - "title": "HTTP Request method types [Logs Spring Boot]", - "type": "lens", - "version": "8.6.0" - } + { + "id": "metrics-*", + "name": "d227dc3c-7902-44e7-b367-36bee05b96ab:indexpattern-datasource-current-indexpattern", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "d227dc3c-7902-44e7-b367-36bee05b96ab:indexpattern-datasource-layer-3e8e41c2-e9bd-4bf7-9e82-d478063ca973", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "d227dc3c-7902-44e7-b367-36bee05b96ab:e3a2a6e7-f5c1-484a-bbe7-6dd3df9e258b", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "d227dc3c-7902-44e7-b367-36bee05b96ab:0a93fba6-6f3f-4f2c-a19e-ead075b97111", + "type": "index-pattern" + }, + { + "type": "index-pattern", + "name": "b55e357e-4c45-430c-ae63-2c6facaabc2e:indexpattern-datasource-current-indexpattern", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "b55e357e-4c45-430c-ae63-2c6facaabc2e:indexpattern-datasource-layer-786d6832-6c69-42e4-916f-df6df259fad1", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "3a6a263d-dec2-4f86-9b9d-8bdb6cea9ecb:indexpattern-datasource-current-indexpattern", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "3a6a263d-dec2-4f86-9b9d-8bdb6cea9ecb:indexpattern-datasource-layer-73272b0b-e1d4-4a44-9904-adaad0d24159", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "3a6a263d-dec2-4f86-9b9d-8bdb6cea9ecb:b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "47822937-f8de-43cd-8000-b0c08d933804:indexpattern-datasource-layer-31ad067d-6820-43dc-a6fd-7a32a6a121f5", + "id": "metrics-*" + }, + { + "type": "index-pattern", + "name": "47822937-f8de-43cd-8000-b0c08d933804:8a86b358-6960-40ef-91ed-05c2c2e7c40f", + "id": "metrics-*" + }, + { + "type": "index-pattern", + "name": "16610775-6aaa-4759-a3eb-a67c55f5d780:indexpattern-datasource-current-indexpattern", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "16610775-6aaa-4759-a3eb-a67c55f5d780:indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "16610775-6aaa-4759-a3eb-a67c55f5d780:ba5b5f52-398a-48c9-8021-520aa78ccdba", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "1f75e59b-5626-4dce-ac6d-f7ee2b71bb29:indexpattern-datasource-current-indexpattern", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "1f75e59b-5626-4dce-ac6d-f7ee2b71bb29:indexpattern-datasource-layer-41dbf555-e40a-45dc-83d7-18b18263e8de", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "1f75e59b-5626-4dce-ac6d-f7ee2b71bb29:96d564d4-65af-4ed2-a3f6-0af7787d4b01", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "7549bdf0-d5de-4851-9e9f-867a65684052:indexpattern-datasource-current-indexpattern", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "7549bdf0-d5de-4851-9e9f-867a65684052:indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", + "id": "logs-*" + }, + { + "type": "index-pattern", + "name": "7549bdf0-d5de-4851-9e9f-867a65684052:76ee3705-3872-45f3-8cbf-f0595d97905d", + "id": "logs-*" + } ], - "timeRestore": false, - "title": "[Spring Boot] Overview Dashboard", - "version": 1 - }, - "references": [ - { - "id": "logs-*", - "name": "8da90917-936b-49b2-a845-24db7da4681e:indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "8da90917-936b-49b2-a845-24db7da4681e:indexpattern-datasource-layer-25d74ab0-7fd1-47c2-aaa5-bd9d13d5772c", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "8da90917-936b-49b2-a845-24db7da4681e:197542f3-0a77-4046-a21d-9e87d097f9d9", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "8da90917-936b-49b2-a845-24db7da4681e:5fab4c2b-f8e3-499d-946f-f7a8bdcbbbd9", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "44a2b9a5-626c-426b-8bbb-921b56040444:indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "44a2b9a5-626c-426b-8bbb-921b56040444:indexpattern-datasource-layer-a41a8eed-69fe-4838-b8f5-b322f7661832", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "44a2b9a5-626c-426b-8bbb-921b56040444:fa18f56b-ae06-4e5e-96e4-b1f68ce9a35f", - "type": "index-pattern" - }, - { - "id": "logs-*", - "name": "44a2b9a5-626c-426b-8bbb-921b56040444:0e57fdc9-82ca-45c5-bdfa-57704436ea9a", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "d227dc3c-7902-44e7-b367-36bee05b96ab:indexpattern-datasource-current-indexpattern", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "d227dc3c-7902-44e7-b367-36bee05b96ab:indexpattern-datasource-layer-3e8e41c2-e9bd-4bf7-9e82-d478063ca973", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "d227dc3c-7902-44e7-b367-36bee05b96ab:e3a2a6e7-f5c1-484a-bbe7-6dd3df9e258b", - "type": "index-pattern" - }, - { - "id": "metrics-*", - "name": "d227dc3c-7902-44e7-b367-36bee05b96ab:0a93fba6-6f3f-4f2c-a19e-ead075b97111", - "type": "index-pattern" - }, - { - "type": "index-pattern", - "name": "b55e357e-4c45-430c-ae63-2c6facaabc2e:indexpattern-datasource-current-indexpattern", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "b55e357e-4c45-430c-ae63-2c6facaabc2e:indexpattern-datasource-layer-786d6832-6c69-42e4-916f-df6df259fad1", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "3a6a263d-dec2-4f86-9b9d-8bdb6cea9ecb:indexpattern-datasource-current-indexpattern", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "3a6a263d-dec2-4f86-9b9d-8bdb6cea9ecb:indexpattern-datasource-layer-73272b0b-e1d4-4a44-9904-adaad0d24159", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "3a6a263d-dec2-4f86-9b9d-8bdb6cea9ecb:b7a7b7d1-61be-48a9-9158-7f778b4ddaf2", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "47822937-f8de-43cd-8000-b0c08d933804:indexpattern-datasource-layer-31ad067d-6820-43dc-a6fd-7a32a6a121f5", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "47822937-f8de-43cd-8000-b0c08d933804:8a86b358-6960-40ef-91ed-05c2c2e7c40f", - "id": "metrics-*" - }, - { - "type": "index-pattern", - "name": "16610775-6aaa-4759-a3eb-a67c55f5d780:indexpattern-datasource-current-indexpattern", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "16610775-6aaa-4759-a3eb-a67c55f5d780:indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "16610775-6aaa-4759-a3eb-a67c55f5d780:ba5b5f52-398a-48c9-8021-520aa78ccdba", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "1f75e59b-5626-4dce-ac6d-f7ee2b71bb29:indexpattern-datasource-current-indexpattern", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "1f75e59b-5626-4dce-ac6d-f7ee2b71bb29:indexpattern-datasource-layer-41dbf555-e40a-45dc-83d7-18b18263e8de", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "1f75e59b-5626-4dce-ac6d-f7ee2b71bb29:96d564d4-65af-4ed2-a3f6-0af7787d4b01", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "7549bdf0-d5de-4851-9e9f-867a65684052:indexpattern-datasource-current-indexpattern", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "7549bdf0-d5de-4851-9e9f-867a65684052:indexpattern-datasource-layer-12461a5e-412f-4380-9b8a-d4dfe0fa20bc", - "id": "logs-*" - }, - { - "type": "index-pattern", - "name": "7549bdf0-d5de-4851-9e9f-867a65684052:76ee3705-3872-45f3-8cbf-f0595d97905d", - "id": "logs-*" - } - ], - "managed": false + "managed": false } \ No newline at end of file diff --git a/packages/spring_boot/manifest.yml b/packages/spring_boot/manifest.yml index c0641f41ec6c..5fb534d31d67 100644 --- a/packages/spring_boot/manifest.yml +++ b/packages/spring_boot/manifest.yml @@ -9,7 +9,7 @@ categories: - java_observability conditions: kibana: - version: ^8.12.0 + version: "^8.13.0" elastic: subscription: basic screenshots: From aced6797e363eaf052958c86b485d732b81c244b Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Mon, 17 Jun 2024 18:21:19 +0530 Subject: [PATCH 03/21] [prometheus] - change to ECS version git@v8.11.0 --- packages/prometheus/_dev/build/build.yml | 2 +- .../data_stream/collector/fields/agent.yml | 127 +-------- .../data_stream/collector/fields/ecs.yml | 6 - .../data_stream/collector/sample_event.json | 48 ++-- .../data_stream/query/fields/agent.yml | 127 +-------- .../data_stream/query/fields/ecs.yml | 6 - .../data_stream/query/sample_event.json | 48 ++-- .../data_stream/remote_write/fields/agent.yml | 127 +-------- .../data_stream/remote_write/fields/ecs.yml | 8 - .../remote_write/sample_event.json | 66 ++--- packages/prometheus/docs/README.md | 241 +++++++----------- packages/prometheus/manifest.yml | 3 +- 12 files changed, 183 insertions(+), 626 deletions(-) diff --git a/packages/prometheus/_dev/build/build.yml b/packages/prometheus/_dev/build/build.yml index 08d85edcf9a4..2bfcfc223b04 100755 --- a/packages/prometheus/_dev/build/build.yml +++ b/packages/prometheus/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@1.12 + reference: "git@v8.11.0" diff --git a/packages/prometheus/data_stream/collector/fields/agent.yml b/packages/prometheus/data_stream/collector/fields/agent.yml index 48add32f2ae7..e3021e2bae80 100644 --- a/packages/prometheus/data_stream/collector/fields/agent.yml +++ b/packages/prometheus/data_stream/collector/fields/agent.yml @@ -10,9 +10,7 @@ type: keyword dimension: true ignore_above: 1024 - description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. - - Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' + description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' example: 666777888999 - name: availability_zone level: extended @@ -28,17 +26,6 @@ ignore_above: 1024 description: Instance ID of the host machine. example: i-1234567890abcdef0 - - name: instance.name - level: extended - type: keyword - ignore_above: 1024 - description: Instance name of the host machine. - - name: machine.type - level: extended - type: keyword - ignore_above: 1024 - description: Machine type of the host machine. - example: t2.medium - name: provider level: extended type: keyword @@ -53,18 +40,13 @@ ignore_above: 1024 description: Region in which this host is running. example: us-east-1 - - name: project.id - type: keyword - description: Name of the project in Google Cloud. - name: image.id type: keyword description: Image ID for the cloud instance. - name: container title: Container group: 2 - description: 'Container fields are used for meta information about the specific container that is the source of information. - - These fields help correlate data based containers from any runtime.' + description: 'Container fields are used for meta information about the specific container that is the source of information. These fields help correlate data based containers from any runtime.' type: group fields: - name: id @@ -73,119 +55,18 @@ dimension: true ignore_above: 1024 description: Unique container id. - - name: image.name - level: extended - type: keyword - ignore_above: 1024 - description: Name of the image the container was built on. - - name: labels - level: extended - type: object - object_type: keyword - description: Image labels. - - name: name - level: extended - type: keyword - ignore_above: 1024 - description: Container name. - name: host title: Host group: 2 - description: 'A host is defined as a general computing instance. - - ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' + description: 'A host is defined as a general computing instance. ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' type: group fields: - - name: architecture - level: core - type: keyword - ignore_above: 1024 - description: Operating system architecture. - example: x86_64 - - name: domain - level: extended - type: keyword - ignore_above: 1024 - description: 'Name of the domain of which the host is a member. - - For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.' - example: CONTOSO - default_field: false - - name: hostname - level: core - type: keyword - ignore_above: 1024 - description: 'Hostname of the host. - - It normally contains what the `hostname` command returns on the host machine.' - - name: id - level: core - type: keyword - ignore_above: 1024 - description: 'Unique host id. - - As hostname is not always unique, use values that are meaningful in your environment. - - Example: The current usage of `beat.name`.' - - name: ip - level: core - type: ip - description: Host ip addresses. - - name: mac - level: core - type: keyword - ignore_above: 1024 - description: Host mac addresses. - name: name level: core type: keyword dimension: true ignore_above: 1024 - description: 'Name of the host. - - It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - - name: os.family - level: extended - type: keyword - ignore_above: 1024 - description: OS family (such as redhat, debian, freebsd, windows). - example: debian - - name: os.kernel - level: extended - type: keyword - ignore_above: 1024 - description: Operating system kernel version as a raw string. - example: 4.4.0-112-generic - - name: os.name - level: extended - type: keyword - ignore_above: 1024 - multi_fields: - - name: text - type: text - norms: false - default_field: false - description: Operating system name, without the version. - example: Mac OS X - - name: os.platform - level: extended - type: keyword - ignore_above: 1024 - description: Operating system platform (such centos, ubuntu, windows). - example: darwin - - name: os.version - level: extended - type: keyword - ignore_above: 1024 - description: Operating system version as a raw string. - example: 10.14.1 - - name: type - level: core - type: keyword - ignore_above: 1024 - description: 'Type of host. - - For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.' + description: 'Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - name: containerized type: boolean description: > diff --git a/packages/prometheus/data_stream/collector/fields/ecs.yml b/packages/prometheus/data_stream/collector/fields/ecs.yml index 00a5f46cd71f..17e169722544 100644 --- a/packages/prometheus/data_stream/collector/fields/ecs.yml +++ b/packages/prometheus/data_stream/collector/fields/ecs.yml @@ -1,12 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true -- external: ecs - name: event.dataset diff --git a/packages/prometheus/data_stream/collector/sample_event.json b/packages/prometheus/data_stream/collector/sample_event.json index d462f01c0990..c0517b600eaf 100644 --- a/packages/prometheus/data_stream/collector/sample_event.json +++ b/packages/prometheus/data_stream/collector/sample_event.json @@ -1,43 +1,43 @@ { "@timestamp": "2022-09-21T13:53:53.737Z", - "ecs": { - "version": "8.0.0" - }, - "service": { - "address": "http://prometheus-server-server:80/metrics", - "type": "prometheus" - }, "data_stream": { + "dataset": "prometheus.collector", "namespace": "default", - "type": "metrics", - "dataset": "prometheus.collector" + "type": "metrics" + }, + "ecs": { + "version": "8.11.0" }, "elastic_agent": { "id": "68e3d23a-08cd-4477-924b-25f491194aba", - "version": "8.4.0", - "snapshot": true + "snapshot": true, + "version": "8.4.0" + }, + "event": { + "agent_id_status": "verified", + "dataset": "prometheus.collector", + "duration": 10509824, + "ingested": "2022-09-21T13:53:54Z", + "module": "prometheus" }, "host": {}, "metricset": { - "period": 10000, - "name": "collector" + "name": "collector", + "period": 10000 }, "prometheus": { - "prometheus_target_sync_length_seconds": { - "value": 0.000103602 - }, "labels": { - "scrape_job": "kubernetes-services", "instance": "prometheus-server-server:80", + "job": "prometheus", "quantile": "0.5", - "job": "prometheus" + "scrape_job": "kubernetes-services" + }, + "prometheus_target_sync_length_seconds": { + "value": 0.000103602 } }, - "event": { - "duration": 10509824, - "agent_id_status": "verified", - "ingested": "2022-09-21T13:53:54Z", - "module": "prometheus", - "dataset": "prometheus.collector" + "service": { + "address": "http://prometheus-server-server:80/metrics", + "type": "prometheus" } } \ No newline at end of file diff --git a/packages/prometheus/data_stream/query/fields/agent.yml b/packages/prometheus/data_stream/query/fields/agent.yml index 48add32f2ae7..e3021e2bae80 100644 --- a/packages/prometheus/data_stream/query/fields/agent.yml +++ b/packages/prometheus/data_stream/query/fields/agent.yml @@ -10,9 +10,7 @@ type: keyword dimension: true ignore_above: 1024 - description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. - - Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' + description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' example: 666777888999 - name: availability_zone level: extended @@ -28,17 +26,6 @@ ignore_above: 1024 description: Instance ID of the host machine. example: i-1234567890abcdef0 - - name: instance.name - level: extended - type: keyword - ignore_above: 1024 - description: Instance name of the host machine. - - name: machine.type - level: extended - type: keyword - ignore_above: 1024 - description: Machine type of the host machine. - example: t2.medium - name: provider level: extended type: keyword @@ -53,18 +40,13 @@ ignore_above: 1024 description: Region in which this host is running. example: us-east-1 - - name: project.id - type: keyword - description: Name of the project in Google Cloud. - name: image.id type: keyword description: Image ID for the cloud instance. - name: container title: Container group: 2 - description: 'Container fields are used for meta information about the specific container that is the source of information. - - These fields help correlate data based containers from any runtime.' + description: 'Container fields are used for meta information about the specific container that is the source of information. These fields help correlate data based containers from any runtime.' type: group fields: - name: id @@ -73,119 +55,18 @@ dimension: true ignore_above: 1024 description: Unique container id. - - name: image.name - level: extended - type: keyword - ignore_above: 1024 - description: Name of the image the container was built on. - - name: labels - level: extended - type: object - object_type: keyword - description: Image labels. - - name: name - level: extended - type: keyword - ignore_above: 1024 - description: Container name. - name: host title: Host group: 2 - description: 'A host is defined as a general computing instance. - - ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' + description: 'A host is defined as a general computing instance. ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' type: group fields: - - name: architecture - level: core - type: keyword - ignore_above: 1024 - description: Operating system architecture. - example: x86_64 - - name: domain - level: extended - type: keyword - ignore_above: 1024 - description: 'Name of the domain of which the host is a member. - - For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.' - example: CONTOSO - default_field: false - - name: hostname - level: core - type: keyword - ignore_above: 1024 - description: 'Hostname of the host. - - It normally contains what the `hostname` command returns on the host machine.' - - name: id - level: core - type: keyword - ignore_above: 1024 - description: 'Unique host id. - - As hostname is not always unique, use values that are meaningful in your environment. - - Example: The current usage of `beat.name`.' - - name: ip - level: core - type: ip - description: Host ip addresses. - - name: mac - level: core - type: keyword - ignore_above: 1024 - description: Host mac addresses. - name: name level: core type: keyword dimension: true ignore_above: 1024 - description: 'Name of the host. - - It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - - name: os.family - level: extended - type: keyword - ignore_above: 1024 - description: OS family (such as redhat, debian, freebsd, windows). - example: debian - - name: os.kernel - level: extended - type: keyword - ignore_above: 1024 - description: Operating system kernel version as a raw string. - example: 4.4.0-112-generic - - name: os.name - level: extended - type: keyword - ignore_above: 1024 - multi_fields: - - name: text - type: text - norms: false - default_field: false - description: Operating system name, without the version. - example: Mac OS X - - name: os.platform - level: extended - type: keyword - ignore_above: 1024 - description: Operating system platform (such centos, ubuntu, windows). - example: darwin - - name: os.version - level: extended - type: keyword - ignore_above: 1024 - description: Operating system version as a raw string. - example: 10.14.1 - - name: type - level: core - type: keyword - ignore_above: 1024 - description: 'Type of host. - - For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.' + description: 'Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - name: containerized type: boolean description: > diff --git a/packages/prometheus/data_stream/query/fields/ecs.yml b/packages/prometheus/data_stream/query/fields/ecs.yml index 00a5f46cd71f..17e169722544 100644 --- a/packages/prometheus/data_stream/query/fields/ecs.yml +++ b/packages/prometheus/data_stream/query/fields/ecs.yml @@ -1,12 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true -- external: ecs - name: event.dataset diff --git a/packages/prometheus/data_stream/query/sample_event.json b/packages/prometheus/data_stream/query/sample_event.json index b45f682c5285..0c95e1dd1078 100644 --- a/packages/prometheus/data_stream/query/sample_event.json +++ b/packages/prometheus/data_stream/query/sample_event.json @@ -1,45 +1,45 @@ { + "@timestamp": "2022-09-21T14:06:49.000Z", "agent": { - "name": "kind-control-plane", + "ephemeral_id": "63ab98c3-c4ae-4a30-84f9-9a2d7f459728", "id": "68e3d23a-08cd-4477-924b-25f491194aba", + "name": "kind-control-plane", "type": "metricbeat", - "ephemeral_id": "63ab98c3-c4ae-4a30-84f9-9a2d7f459728", "version": "8.4.0" }, - "@timestamp": "2022-09-21T14:06:49.000Z", - "ecs": { - "version": "8.0.0" - }, - "service": { - "address": "http://prometheus-server-server:80", - "type": "prometheus" - }, "data_stream": { + "dataset": "prometheus.query", "namespace": "default", - "type": "metrics", - "dataset": "prometheus.query" + "type": "metrics" + }, + "ecs": { + "version": "8.11.0" }, "elastic_agent": { "id": "68e3d23a-08cd-4477-924b-25f491194aba", - "version": "8.4.0", - "snapshot": true + "snapshot": true, + "version": "8.4.0" + }, + "event": { + "agent_id_status": "verified", + "dataset": "prometheus.query", + "duration": 1153570, + "ingested": "2022-09-21T14:06:50Z", + "module": "prometheus" }, "host": {}, "metricset": { - "period": 10000, - "name": "query" + "name": "query", + "period": 10000 }, "prometheus": { + "labels": {}, "query": { "instant_vector": 0.7838951248394681 - }, - "labels": {} + } }, - "event": { - "duration": 1153570, - "agent_id_status": "verified", - "ingested": "2022-09-21T14:06:50Z", - "module": "prometheus", - "dataset": "prometheus.query" + "service": { + "address": "http://prometheus-server-server:80", + "type": "prometheus" } } \ No newline at end of file diff --git a/packages/prometheus/data_stream/remote_write/fields/agent.yml b/packages/prometheus/data_stream/remote_write/fields/agent.yml index 48add32f2ae7..e3021e2bae80 100644 --- a/packages/prometheus/data_stream/remote_write/fields/agent.yml +++ b/packages/prometheus/data_stream/remote_write/fields/agent.yml @@ -10,9 +10,7 @@ type: keyword dimension: true ignore_above: 1024 - description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. - - Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' + description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' example: 666777888999 - name: availability_zone level: extended @@ -28,17 +26,6 @@ ignore_above: 1024 description: Instance ID of the host machine. example: i-1234567890abcdef0 - - name: instance.name - level: extended - type: keyword - ignore_above: 1024 - description: Instance name of the host machine. - - name: machine.type - level: extended - type: keyword - ignore_above: 1024 - description: Machine type of the host machine. - example: t2.medium - name: provider level: extended type: keyword @@ -53,18 +40,13 @@ ignore_above: 1024 description: Region in which this host is running. example: us-east-1 - - name: project.id - type: keyword - description: Name of the project in Google Cloud. - name: image.id type: keyword description: Image ID for the cloud instance. - name: container title: Container group: 2 - description: 'Container fields are used for meta information about the specific container that is the source of information. - - These fields help correlate data based containers from any runtime.' + description: 'Container fields are used for meta information about the specific container that is the source of information. These fields help correlate data based containers from any runtime.' type: group fields: - name: id @@ -73,119 +55,18 @@ dimension: true ignore_above: 1024 description: Unique container id. - - name: image.name - level: extended - type: keyword - ignore_above: 1024 - description: Name of the image the container was built on. - - name: labels - level: extended - type: object - object_type: keyword - description: Image labels. - - name: name - level: extended - type: keyword - ignore_above: 1024 - description: Container name. - name: host title: Host group: 2 - description: 'A host is defined as a general computing instance. - - ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' + description: 'A host is defined as a general computing instance. ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' type: group fields: - - name: architecture - level: core - type: keyword - ignore_above: 1024 - description: Operating system architecture. - example: x86_64 - - name: domain - level: extended - type: keyword - ignore_above: 1024 - description: 'Name of the domain of which the host is a member. - - For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.' - example: CONTOSO - default_field: false - - name: hostname - level: core - type: keyword - ignore_above: 1024 - description: 'Hostname of the host. - - It normally contains what the `hostname` command returns on the host machine.' - - name: id - level: core - type: keyword - ignore_above: 1024 - description: 'Unique host id. - - As hostname is not always unique, use values that are meaningful in your environment. - - Example: The current usage of `beat.name`.' - - name: ip - level: core - type: ip - description: Host ip addresses. - - name: mac - level: core - type: keyword - ignore_above: 1024 - description: Host mac addresses. - name: name level: core type: keyword dimension: true ignore_above: 1024 - description: 'Name of the host. - - It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - - name: os.family - level: extended - type: keyword - ignore_above: 1024 - description: OS family (such as redhat, debian, freebsd, windows). - example: debian - - name: os.kernel - level: extended - type: keyword - ignore_above: 1024 - description: Operating system kernel version as a raw string. - example: 4.4.0-112-generic - - name: os.name - level: extended - type: keyword - ignore_above: 1024 - multi_fields: - - name: text - type: text - norms: false - default_field: false - description: Operating system name, without the version. - example: Mac OS X - - name: os.platform - level: extended - type: keyword - ignore_above: 1024 - description: Operating system platform (such centos, ubuntu, windows). - example: darwin - - name: os.version - level: extended - type: keyword - ignore_above: 1024 - description: Operating system version as a raw string. - example: 10.14.1 - - name: type - level: core - type: keyword - ignore_above: 1024 - description: 'Type of host. - - For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.' + description: 'Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - name: containerized type: boolean description: > diff --git a/packages/prometheus/data_stream/remote_write/fields/ecs.yml b/packages/prometheus/data_stream/remote_write/fields/ecs.yml index 869623a49da4..3014c8de4b6f 100644 --- a/packages/prometheus/data_stream/remote_write/fields/ecs.yml +++ b/packages/prometheus/data_stream/remote_write/fields/ecs.yml @@ -1,11 +1,3 @@ -- external: ecs - name: ecs.version -- external: ecs - name: service.address -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true -- external: ecs - name: event.dataset diff --git a/packages/prometheus/data_stream/remote_write/sample_event.json b/packages/prometheus/data_stream/remote_write/sample_event.json index 83b4f9535adf..936c218ea5c1 100644 --- a/packages/prometheus/data_stream/remote_write/sample_event.json +++ b/packages/prometheus/data_stream/remote_write/sample_event.json @@ -1,61 +1,61 @@ { + "@timestamp": "2022-09-22T12:23:35.757Z", "agent": { - "name": "kind-control-plane", - "id": "af0df4c2-33b7-41fd-8eb5-573376996db2", "ephemeral_id": "5c3d912b-9bf3-4747-b784-1f7c275a5979", + "id": "af0df4c2-33b7-41fd-8eb5-573376996db2", + "name": "kind-control-plane", "type": "metricbeat", "version": "8.4.0" }, - "@timestamp": "2022-09-22T12:23:35.757Z", - "ecs": { - "version": "8.0.0" - }, - "service": { - "type": "prometheus" - }, "data_stream": { + "dataset": "prometheus.remote_write", "namespace": "default", - "type": "metrics", - "dataset": "prometheus.remote_write" + "type": "metrics" + }, + "ecs": { + "version": "8.11.0" }, "elastic_agent": { "id": "af0df4c2-33b7-41fd-8eb5-573376996db2", - "version": "8.4.0", - "snapshot": true + "snapshot": true, + "version": "8.4.0" + }, + "event": { + "agent_id_status": "verified", + "dataset": "prometheus.remote_write", + "ingested": "2022-09-22T12:24:16Z", + "module": "prometheus" }, "host": {}, "metricset": { "name": "remote_write" }, "prometheus": { - "node_cpu_guest_seconds_total": { - "rate": 0, - "counter": 0 - }, - "node_cpu_seconds_total": { - "rate": 0, - "counter": 2284.68 - }, "labels": { "app": "prometheus", "app_kubernetes_io_managed_by": "Helm", - "instance": "172.19.0.2:9100", - "release": "prometheus-server", + "chart": "prometheus-15.10.1", + "component": "node-exporter", "cpu": "5", "heritage": "Helm", + "instance": "172.19.0.2:9100", + "job": "kubernetes-service-endpoints", "mode": "user", - "node": "kind-control-plane", - "component": "node-exporter", - "service": "prometheus-server-node-exporter", "namespace": "kube-system", - "job": "kubernetes-service-endpoints", - "chart": "prometheus-15.10.1" + "node": "kind-control-plane", + "release": "prometheus-server", + "service": "prometheus-server-node-exporter" + }, + "node_cpu_guest_seconds_total": { + "counter": 0, + "rate": 0 + }, + "node_cpu_seconds_total": { + "counter": 2284.68, + "rate": 0 } }, - "event": { - "agent_id_status": "verified", - "ingested": "2022-09-22T12:24:16Z", - "module": "prometheus", - "dataset": "prometheus.remote_write" + "service": { + "type": "prometheus" } } \ No newline at end of file diff --git a/packages/prometheus/docs/README.md b/packages/prometheus/docs/README.md index be88e61dc196..7bb914304ba3 100644 --- a/packages/prometheus/docs/README.md +++ b/packages/prometheus/docs/README.md @@ -132,45 +132,45 @@ An example event for `collector` looks as following: ```json { "@timestamp": "2022-09-21T13:53:53.737Z", - "ecs": { - "version": "8.0.0" - }, - "service": { - "address": "http://prometheus-server-server:80/metrics", - "type": "prometheus" - }, "data_stream": { + "dataset": "prometheus.collector", "namespace": "default", - "type": "metrics", - "dataset": "prometheus.collector" + "type": "metrics" + }, + "ecs": { + "version": "8.11.0" }, "elastic_agent": { "id": "68e3d23a-08cd-4477-924b-25f491194aba", - "version": "8.4.0", - "snapshot": true + "snapshot": true, + "version": "8.4.0" + }, + "event": { + "agent_id_status": "verified", + "dataset": "prometheus.collector", + "duration": 10509824, + "ingested": "2022-09-21T13:53:54Z", + "module": "prometheus" }, "host": {}, "metricset": { - "period": 10000, - "name": "collector" + "name": "collector", + "period": 10000 }, "prometheus": { - "prometheus_target_sync_length_seconds": { - "value": 0.000103602 - }, "labels": { - "scrape_job": "kubernetes-services", "instance": "prometheus-server-server:80", + "job": "prometheus", "quantile": "0.5", - "job": "prometheus" + "scrape_job": "kubernetes-services" + }, + "prometheus_target_sync_length_seconds": { + "value": 0.000103602 } }, - "event": { - "duration": 10509824, - "agent_id_status": "verified", - "ingested": "2022-09-21T13:53:54Z", - "module": "prometheus", - "dataset": "prometheus.collector" + "service": { + "address": "http://prometheus-server-server:80/metrics", + "type": "prometheus" } } ``` @@ -183,42 +183,21 @@ The fields reported are: |---|---|---|---| | @timestamp | Event timestamp. | date | | | agent.id | Unique identifier of this agent (if one exists). Example: For Beats this would be beat.id. | keyword | | -| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | +| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | | cloud.availability_zone | Availability zone in which this host is running. | keyword | | | cloud.image.id | Image ID for the cloud instance. | keyword | | | cloud.instance.id | Instance ID of the host machine. | keyword | | -| cloud.instance.name | Instance name of the host machine. | keyword | | -| cloud.machine.type | Machine type of the host machine. | keyword | | -| cloud.project.id | Name of the project in Google Cloud. | keyword | | | cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | | | cloud.region | Region in which this host is running. | keyword | | | container.id | Unique container id. | keyword | | -| container.image.name | Name of the image the container was built on. | keyword | | -| container.labels | Image labels. | object | | -| container.name | Container name. | keyword | | | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | | | event.module | Event module. | constant_keyword | | -| host.architecture | Operating system architecture. | keyword | | | host.containerized | If the host is a container. | boolean | | -| host.domain | Name of the domain of which the host is a member. For example, on Windows this could be the host's Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host's LDAP provider. | keyword | | -| host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | | -| host.id | Unique host id. As hostname is not always unique, use values that are meaningful in your environment. Example: The current usage of `beat.name`. | keyword | | -| host.ip | Host ip addresses. | ip | | -| host.mac | Host mac addresses. | keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | | host.os.build | OS build information. | keyword | | | host.os.codename | OS codename, if any. | keyword | | -| host.os.family | OS family (such as redhat, debian, freebsd, windows). | keyword | | -| host.os.kernel | Operating system kernel version as a raw string. | keyword | | -| host.os.name | Operating system name, without the version. | keyword | | -| host.os.name.text | Multi-field of `host.os.name`. | text | | -| host.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | | -| host.os.version | Operating system version as a raw string. | keyword | | -| host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword | | | prometheus.\*.counter | Prometheus counter metric | object | counter | | prometheus.\*.histogram | Prometheus histogram metric | object | | | prometheus.\*.rate | Prometheus rated counter metric | object | gauge | @@ -227,7 +206,6 @@ The fields reported are: | prometheus.labels_fingerprint | Autogenerated ID representing the fingerprint of labels object | keyword | | | prometheus.metrics.\* | Prometheus metric | object | gauge | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | @@ -327,64 +305,64 @@ An example event for `remote_write` looks as following: ```json { + "@timestamp": "2022-09-22T12:23:35.757Z", "agent": { - "name": "kind-control-plane", - "id": "af0df4c2-33b7-41fd-8eb5-573376996db2", "ephemeral_id": "5c3d912b-9bf3-4747-b784-1f7c275a5979", + "id": "af0df4c2-33b7-41fd-8eb5-573376996db2", + "name": "kind-control-plane", "type": "metricbeat", "version": "8.4.0" }, - "@timestamp": "2022-09-22T12:23:35.757Z", - "ecs": { - "version": "8.0.0" - }, - "service": { - "type": "prometheus" - }, "data_stream": { + "dataset": "prometheus.remote_write", "namespace": "default", - "type": "metrics", - "dataset": "prometheus.remote_write" + "type": "metrics" + }, + "ecs": { + "version": "8.11.0" }, "elastic_agent": { "id": "af0df4c2-33b7-41fd-8eb5-573376996db2", - "version": "8.4.0", - "snapshot": true + "snapshot": true, + "version": "8.4.0" + }, + "event": { + "agent_id_status": "verified", + "dataset": "prometheus.remote_write", + "ingested": "2022-09-22T12:24:16Z", + "module": "prometheus" }, "host": {}, "metricset": { "name": "remote_write" }, "prometheus": { - "node_cpu_guest_seconds_total": { - "rate": 0, - "counter": 0 - }, - "node_cpu_seconds_total": { - "rate": 0, - "counter": 2284.68 - }, "labels": { "app": "prometheus", "app_kubernetes_io_managed_by": "Helm", - "instance": "172.19.0.2:9100", - "release": "prometheus-server", + "chart": "prometheus-15.10.1", + "component": "node-exporter", "cpu": "5", "heritage": "Helm", + "instance": "172.19.0.2:9100", + "job": "kubernetes-service-endpoints", "mode": "user", - "node": "kind-control-plane", - "component": "node-exporter", - "service": "prometheus-server-node-exporter", "namespace": "kube-system", - "job": "kubernetes-service-endpoints", - "chart": "prometheus-15.10.1" + "node": "kind-control-plane", + "release": "prometheus-server", + "service": "prometheus-server-node-exporter" + }, + "node_cpu_guest_seconds_total": { + "counter": 0, + "rate": 0 + }, + "node_cpu_seconds_total": { + "counter": 2284.68, + "rate": 0 } }, - "event": { - "agent_id_status": "verified", - "ingested": "2022-09-22T12:24:16Z", - "module": "prometheus", - "dataset": "prometheus.remote_write" + "service": { + "type": "prometheus" } } ``` @@ -397,42 +375,21 @@ The fields reported are: |---|---|---|---| | @timestamp | Event timestamp. | date | | | agent.id | Unique identifier of this agent (if one exists). Example: For Beats this would be beat.id. | keyword | | -| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | +| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | | cloud.availability_zone | Availability zone in which this host is running. | keyword | | | cloud.image.id | Image ID for the cloud instance. | keyword | | | cloud.instance.id | Instance ID of the host machine. | keyword | | -| cloud.instance.name | Instance name of the host machine. | keyword | | -| cloud.machine.type | Machine type of the host machine. | keyword | | -| cloud.project.id | Name of the project in Google Cloud. | keyword | | | cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | | | cloud.region | Region in which this host is running. | keyword | | | container.id | Unique container id. | keyword | | -| container.image.name | Name of the image the container was built on. | keyword | | -| container.labels | Image labels. | object | | -| container.name | Container name. | keyword | | | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | | | event.module | Event module. | constant_keyword | | -| host.architecture | Operating system architecture. | keyword | | | host.containerized | If the host is a container. | boolean | | -| host.domain | Name of the domain of which the host is a member. For example, on Windows this could be the host's Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host's LDAP provider. | keyword | | -| host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | | -| host.id | Unique host id. As hostname is not always unique, use values that are meaningful in your environment. Example: The current usage of `beat.name`. | keyword | | -| host.ip | Host ip addresses. | ip | | -| host.mac | Host mac addresses. | keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | | host.os.build | OS build information. | keyword | | | host.os.codename | OS codename, if any. | keyword | | -| host.os.family | OS family (such as redhat, debian, freebsd, windows). | keyword | | -| host.os.kernel | Operating system kernel version as a raw string. | keyword | | -| host.os.name | Operating system name, without the version. | keyword | | -| host.os.name.text | Multi-field of `host.os.name`. | text | | -| host.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | | -| host.os.version | Operating system version as a raw string. | keyword | | -| host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword | | | prometheus.\*.counter | Prometheus counter metric | object | counter | | prometheus.\*.histogram | Prometheus histogram metric | object | | | prometheus.\*.rate | Prometheus rated counter metric | object | gauge | @@ -440,8 +397,6 @@ The fields reported are: | prometheus.labels.\* | Prometheus metric labels | object | | | prometheus.labels_fingerprint | Autogenerated ID representing the fingerprint of all labels and the list of metrics names | keyword | | | prometheus.metrics.\* | Prometheus metric | object | gauge | -| service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | #### Histograms and types @@ -570,48 +525,48 @@ An example event for `query` looks as following: ```json { + "@timestamp": "2022-09-21T14:06:49.000Z", "agent": { - "name": "kind-control-plane", + "ephemeral_id": "63ab98c3-c4ae-4a30-84f9-9a2d7f459728", "id": "68e3d23a-08cd-4477-924b-25f491194aba", + "name": "kind-control-plane", "type": "metricbeat", - "ephemeral_id": "63ab98c3-c4ae-4a30-84f9-9a2d7f459728", "version": "8.4.0" }, - "@timestamp": "2022-09-21T14:06:49.000Z", - "ecs": { - "version": "8.0.0" - }, - "service": { - "address": "http://prometheus-server-server:80", - "type": "prometheus" - }, "data_stream": { + "dataset": "prometheus.query", "namespace": "default", - "type": "metrics", - "dataset": "prometheus.query" + "type": "metrics" + }, + "ecs": { + "version": "8.11.0" }, "elastic_agent": { "id": "68e3d23a-08cd-4477-924b-25f491194aba", - "version": "8.4.0", - "snapshot": true + "snapshot": true, + "version": "8.4.0" + }, + "event": { + "agent_id_status": "verified", + "dataset": "prometheus.query", + "duration": 1153570, + "ingested": "2022-09-21T14:06:50Z", + "module": "prometheus" }, "host": {}, "metricset": { - "period": 10000, - "name": "query" + "name": "query", + "period": 10000 }, "prometheus": { + "labels": {}, "query": { "instant_vector": 0.7838951248394681 - }, - "labels": {} + } }, - "event": { - "duration": 1153570, - "agent_id_status": "verified", - "ingested": "2022-09-21T14:06:50Z", - "module": "prometheus", - "dataset": "prometheus.query" + "service": { + "address": "http://prometheus-server-server:80", + "type": "prometheus" } } ``` @@ -624,47 +579,25 @@ The fields reported are: |---|---|---|---| | @timestamp | Event timestamp. | date | | | agent.id | Unique identifier of this agent (if one exists). Example: For Beats this would be beat.id. | keyword | | -| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | +| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | | cloud.availability_zone | Availability zone in which this host is running. | keyword | | | cloud.image.id | Image ID for the cloud instance. | keyword | | | cloud.instance.id | Instance ID of the host machine. | keyword | | -| cloud.instance.name | Instance name of the host machine. | keyword | | -| cloud.machine.type | Machine type of the host machine. | keyword | | -| cloud.project.id | Name of the project in Google Cloud. | keyword | | | cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | | | cloud.region | Region in which this host is running. | keyword | | | container.id | Unique container id. | keyword | | -| container.image.name | Name of the image the container was built on. | keyword | | -| container.labels | Image labels. | object | | -| container.name | Container name. | keyword | | | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | | | event.module | Event module. | constant_keyword | | -| host.architecture | Operating system architecture. | keyword | | | host.containerized | If the host is a container. | boolean | | -| host.domain | Name of the domain of which the host is a member. For example, on Windows this could be the host's Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host's LDAP provider. | keyword | | -| host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | | -| host.id | Unique host id. As hostname is not always unique, use values that are meaningful in your environment. Example: The current usage of `beat.name`. | keyword | | -| host.ip | Host ip addresses. | ip | | -| host.mac | Host mac addresses. | keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | | host.os.build | OS build information. | keyword | | | host.os.codename | OS codename, if any. | keyword | | -| host.os.family | OS family (such as redhat, debian, freebsd, windows). | keyword | | -| host.os.kernel | Operating system kernel version as a raw string. | keyword | | -| host.os.name | Operating system name, without the version. | keyword | | -| host.os.name.text | Multi-field of `host.os.name`. | text | | -| host.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | | -| host.os.version | Operating system version as a raw string. | keyword | | -| host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword | | | prometheus.labels.\* | Prometheus metric labels | object | | | prometheus.labels_fingerprint | Autogenerated ID representing the fingerprint of labels object and includes query name | keyword | | | prometheus.query.\* | Prometheus value resulted from PromQL | object | gauge | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | ## Dashboard diff --git a/packages/prometheus/manifest.yml b/packages/prometheus/manifest.yml index f9c5dd8edefd..93b9ba2edac1 100644 --- a/packages/prometheus/manifest.yml +++ b/packages/prometheus/manifest.yml @@ -9,7 +9,8 @@ categories: - monitoring - containers conditions: - kibana.version: "^8.12.1" + kibana: + version: "^8.13.0" screenshots: - src: /img/prometheus-server-overview.png title: Metricbeat Prometheus Overview From 654bf69653813f27e97926b698ae7ba5ba4ed061 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Mon, 17 Jun 2024 18:23:32 +0530 Subject: [PATCH 04/21] [rabbitmq] - change to ECS version git@v8.11.0 --- packages/rabbitmq/_dev/build/build.yml | 2 +- .../data_stream/connection/fields/agent.yml | 127 +- .../data_stream/connection/fields/ecs.yml | 6 - .../data_stream/connection/sample_event.json | 32 +- .../data_stream/exchange/fields/agent.yml | 127 +- .../data_stream/exchange/fields/ecs.yml | 6 - .../data_stream/exchange/sample_event.json | 30 +- .../pipeline/test-rabbitmq.log-expected.json | 1256 ++++++++++------- .../elasticsearch/ingest_pipeline/default.yml | 4 +- .../rabbitmq/data_stream/log/fields/agent.yml | 167 +-- .../rabbitmq/data_stream/log/fields/ecs.yml | 10 - .../data_stream/node/fields/agent.yml | 127 +- .../rabbitmq/data_stream/node/fields/ecs.yml | 4 - .../data_stream/queue/fields/agent.yml | 127 +- .../rabbitmq/data_stream/queue/fields/ecs.yml | 4 - .../data_stream/queue/sample_event.json | 58 +- packages/rabbitmq/docs/README.md | 252 +--- packages/rabbitmq/manifest.yml | 2 +- 18 files changed, 934 insertions(+), 1407 deletions(-) delete mode 100644 packages/rabbitmq/data_stream/log/fields/ecs.yml diff --git a/packages/rabbitmq/_dev/build/build.yml b/packages/rabbitmq/_dev/build/build.yml index aaafc5d833b6..2bfcfc223b04 100644 --- a/packages/rabbitmq/_dev/build/build.yml +++ b/packages/rabbitmq/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.5.1 + reference: "git@v8.11.0" diff --git a/packages/rabbitmq/data_stream/connection/fields/agent.yml b/packages/rabbitmq/data_stream/connection/fields/agent.yml index 334356372dbc..482fe3e31713 100644 --- a/packages/rabbitmq/data_stream/connection/fields/agent.yml +++ b/packages/rabbitmq/data_stream/connection/fields/agent.yml @@ -10,9 +10,7 @@ type: keyword dimension: true ignore_above: 1024 - description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. - - Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' + description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' example: 666777888999 - name: availability_zone level: extended @@ -28,17 +26,6 @@ description: Instance ID of the host machine. example: i-1234567890abcdef0 dimension: true - - name: instance.name - level: extended - type: keyword - ignore_above: 1024 - description: Instance name of the host machine. - - name: machine.type - level: extended - type: keyword - ignore_above: 1024 - description: Machine type of the host machine. - example: t2.medium - name: provider level: extended type: keyword @@ -53,18 +40,13 @@ ignore_above: 1024 description: Region in which this host is running. example: us-east-1 - - name: project.id - type: keyword - description: Name of the project in Google Cloud. - name: image.id type: keyword description: Image ID for the cloud instance. - name: container title: Container group: 2 - description: 'Container fields are used for meta information about the specific container that is the source of information. - - These fields help correlate data based containers from any runtime.' + description: 'Container fields are used for meta information about the specific container that is the source of information. These fields help correlate data based containers from any runtime.' type: group fields: - name: id @@ -73,119 +55,18 @@ ignore_above: 1024 description: Unique container id. dimension: true - - name: image.name - level: extended - type: keyword - ignore_above: 1024 - description: Name of the image the container was built on. - - name: labels - level: extended - type: object - object_type: keyword - description: Image labels. - - name: name - level: extended - type: keyword - ignore_above: 1024 - description: Container name. - name: host title: Host group: 2 - description: 'A host is defined as a general computing instance. - - ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' + description: 'A host is defined as a general computing instance. ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' type: group fields: - - name: architecture - level: core - type: keyword - ignore_above: 1024 - description: Operating system architecture. - example: x86_64 - - name: domain - level: extended - type: keyword - ignore_above: 1024 - description: 'Name of the domain of which the host is a member. - - For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.' - example: CONTOSO - default_field: false - - name: hostname - level: core - type: keyword - ignore_above: 1024 - description: 'Hostname of the host. - - It normally contains what the `hostname` command returns on the host machine.' - - name: id - level: core - type: keyword - ignore_above: 1024 - description: 'Unique host id. - - As hostname is not always unique, use values that are meaningful in your environment. - - Example: The current usage of `beat.name`.' - - name: ip - level: core - type: ip - description: Host ip addresses. - - name: mac - level: core - type: keyword - ignore_above: 1024 - description: Host mac addresses. - name: name level: core type: keyword ignore_above: 1024 dimension: true - description: 'Name of the host. - - It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - - name: os.family - level: extended - type: keyword - ignore_above: 1024 - description: OS family (such as redhat, debian, freebsd, windows). - example: debian - - name: os.kernel - level: extended - type: keyword - ignore_above: 1024 - description: Operating system kernel version as a raw string. - example: 4.4.0-112-generic - - name: os.name - level: extended - type: keyword - ignore_above: 1024 - multi_fields: - - name: text - type: text - norms: false - default_field: false - description: Operating system name, without the version. - example: Mac OS X - - name: os.platform - level: extended - type: keyword - ignore_above: 1024 - description: Operating system platform (such centos, ubuntu, windows). - example: darwin - - name: os.version - level: extended - type: keyword - ignore_above: 1024 - description: Operating system version as a raw string. - example: 10.14.1 - - name: type - level: core - type: keyword - ignore_above: 1024 - description: 'Type of host. - - For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.' + description: 'Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - name: containerized type: boolean description: > diff --git a/packages/rabbitmq/data_stream/connection/fields/ecs.yml b/packages/rabbitmq/data_stream/connection/fields/ecs.yml index 0b8b5f3f167e..94f478a3c7ad 100644 --- a/packages/rabbitmq/data_stream/connection/fields/ecs.yml +++ b/packages/rabbitmq/data_stream/connection/fields/ecs.yml @@ -1,11 +1,5 @@ - external: ecs name: user -- external: ecs - name: user.name -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type diff --git a/packages/rabbitmq/data_stream/connection/sample_event.json b/packages/rabbitmq/data_stream/connection/sample_event.json index 3c2fbad89555..b496ec3a2fdb 100644 --- a/packages/rabbitmq/data_stream/connection/sample_event.json +++ b/packages/rabbitmq/data_stream/connection/sample_event.json @@ -1,7 +1,18 @@ { "@timestamp": "2020-06-25T10:16:10.138Z", + "ecs": { + "version": "8.11.0" + }, + "event": { + "dataset": "rabbitmq.connection", + "duration": 374411, + "module": "rabbitmq" + }, + "metricset": { + "name": "connection", + "period": 10000 + }, "rabbitmq": { - "vhost": "/", "connection": { "channel_max": 65535, "channels": 2, @@ -10,7 +21,7 @@ }, "frame_max": 131072, "host": "::1", - "name": "[::1]:31153 -\u003e [::1]:5672", + "name": "[::1]:31153 -> [::1]:5672", "octet_count": { "received": 5834, "sent": 5834 @@ -27,22 +38,11 @@ "port": 5672, "state": "running", "type": "network" - } - }, - "event": { - "duration": 374411, - "dataset": "rabbitmq.connection", - "module": "rabbitmq" - }, - "metricset": { - "name": "connection", - "period": 10000 + }, + "vhost": "/" }, "service": { "address": "localhost:15672", "type": "rabbitmq" - }, - "ecs": { - "version": "8.5.1" } -} \ No newline at end of file +} diff --git a/packages/rabbitmq/data_stream/exchange/fields/agent.yml b/packages/rabbitmq/data_stream/exchange/fields/agent.yml index 334356372dbc..482fe3e31713 100644 --- a/packages/rabbitmq/data_stream/exchange/fields/agent.yml +++ b/packages/rabbitmq/data_stream/exchange/fields/agent.yml @@ -10,9 +10,7 @@ type: keyword dimension: true ignore_above: 1024 - description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. - - Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' + description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' example: 666777888999 - name: availability_zone level: extended @@ -28,17 +26,6 @@ description: Instance ID of the host machine. example: i-1234567890abcdef0 dimension: true - - name: instance.name - level: extended - type: keyword - ignore_above: 1024 - description: Instance name of the host machine. - - name: machine.type - level: extended - type: keyword - ignore_above: 1024 - description: Machine type of the host machine. - example: t2.medium - name: provider level: extended type: keyword @@ -53,18 +40,13 @@ ignore_above: 1024 description: Region in which this host is running. example: us-east-1 - - name: project.id - type: keyword - description: Name of the project in Google Cloud. - name: image.id type: keyword description: Image ID for the cloud instance. - name: container title: Container group: 2 - description: 'Container fields are used for meta information about the specific container that is the source of information. - - These fields help correlate data based containers from any runtime.' + description: 'Container fields are used for meta information about the specific container that is the source of information. These fields help correlate data based containers from any runtime.' type: group fields: - name: id @@ -73,119 +55,18 @@ ignore_above: 1024 description: Unique container id. dimension: true - - name: image.name - level: extended - type: keyword - ignore_above: 1024 - description: Name of the image the container was built on. - - name: labels - level: extended - type: object - object_type: keyword - description: Image labels. - - name: name - level: extended - type: keyword - ignore_above: 1024 - description: Container name. - name: host title: Host group: 2 - description: 'A host is defined as a general computing instance. - - ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' + description: 'A host is defined as a general computing instance. ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' type: group fields: - - name: architecture - level: core - type: keyword - ignore_above: 1024 - description: Operating system architecture. - example: x86_64 - - name: domain - level: extended - type: keyword - ignore_above: 1024 - description: 'Name of the domain of which the host is a member. - - For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.' - example: CONTOSO - default_field: false - - name: hostname - level: core - type: keyword - ignore_above: 1024 - description: 'Hostname of the host. - - It normally contains what the `hostname` command returns on the host machine.' - - name: id - level: core - type: keyword - ignore_above: 1024 - description: 'Unique host id. - - As hostname is not always unique, use values that are meaningful in your environment. - - Example: The current usage of `beat.name`.' - - name: ip - level: core - type: ip - description: Host ip addresses. - - name: mac - level: core - type: keyword - ignore_above: 1024 - description: Host mac addresses. - name: name level: core type: keyword ignore_above: 1024 dimension: true - description: 'Name of the host. - - It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - - name: os.family - level: extended - type: keyword - ignore_above: 1024 - description: OS family (such as redhat, debian, freebsd, windows). - example: debian - - name: os.kernel - level: extended - type: keyword - ignore_above: 1024 - description: Operating system kernel version as a raw string. - example: 4.4.0-112-generic - - name: os.name - level: extended - type: keyword - ignore_above: 1024 - multi_fields: - - name: text - type: text - norms: false - default_field: false - description: Operating system name, without the version. - example: Mac OS X - - name: os.platform - level: extended - type: keyword - ignore_above: 1024 - description: Operating system platform (such centos, ubuntu, windows). - example: darwin - - name: os.version - level: extended - type: keyword - ignore_above: 1024 - description: Operating system version as a raw string. - example: 10.14.1 - - name: type - level: core - type: keyword - ignore_above: 1024 - description: 'Type of host. - - For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.' + description: 'Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - name: containerized type: boolean description: > diff --git a/packages/rabbitmq/data_stream/exchange/fields/ecs.yml b/packages/rabbitmq/data_stream/exchange/fields/ecs.yml index 0b8b5f3f167e..94f478a3c7ad 100644 --- a/packages/rabbitmq/data_stream/exchange/fields/ecs.yml +++ b/packages/rabbitmq/data_stream/exchange/fields/ecs.yml @@ -1,11 +1,5 @@ - external: ecs name: user -- external: ecs - name: user.name -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type diff --git a/packages/rabbitmq/data_stream/exchange/sample_event.json b/packages/rabbitmq/data_stream/exchange/sample_event.json index 74fecc3a9a7e..286e39be6179 100644 --- a/packages/rabbitmq/data_stream/exchange/sample_event.json +++ b/packages/rabbitmq/data_stream/exchange/sample_event.json @@ -1,32 +1,32 @@ { "@timestamp": "2020-06-25T10:04:20.944Z", - "rabbitmq": { - "vhost": "/", - "exchange": { - "arguments": {}, - "durable": true, - "auto_delete": false, - "name": "", - "internal": false - } + "ecs": { + "version": "8.11.0" }, "event": { - "duration": 4078507, "dataset": "rabbitmq.exchange", + "duration": 4078507, "module": "rabbitmq" }, "metricset": { "name": "exchange", "period": 10000 }, - "user": { - "name": "rmq-internal" + "rabbitmq": { + "exchange": { + "arguments": {}, + "auto_delete": false, + "durable": true, + "internal": false, + "name": "" + }, + "vhost": "/" }, "service": { "address": "localhost:15672", "type": "rabbitmq" }, - "ecs": { - "version": "8.5.1" + "user": { + "name": "rmq-internal" } -} \ No newline at end of file +} diff --git a/packages/rabbitmq/data_stream/log/_dev/test/pipeline/test-rabbitmq.log-expected.json b/packages/rabbitmq/data_stream/log/_dev/test/pipeline/test-rabbitmq.log-expected.json index e6f5199dfc2c..1c80542300df 100644 --- a/packages/rabbitmq/data_stream/log/_dev/test/pipeline/test-rabbitmq.log-expected.json +++ b/packages/rabbitmq/data_stream/log/_dev/test/pipeline/test-rabbitmq.log-expected.json @@ -3,13 +3,15 @@ { "@timestamp": "2023-01-24T10:38:45.236Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195141801Z", + "ingested": "2024-06-17T12:52:40.927957387Z", "kind": "event", "original": "2023-01-24 10:38:45.236018+00:00 [info] <0.229.0> \nnode : rabbit@af6809c8510d\nhome dir : /var/lib/rabbitmq\nconfig file(s) : /etc/rabbitmq/conf.d/10-defaults.conf\ncookie hash : ibMcme1ZByOOJPIBTHvhzg==\nlog(s) : /var/log/rabbitmq/rabbit@af6809c8510d_upgrade.log\n : \ndatabase dir : /var/lib/rabbitmq/mnesia/rabbit@af6809c8510d", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -27,13 +29,15 @@ { "@timestamp": "2023-01-24T10:38:48.987Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195158343Z", + "ingested": "2024-06-17T12:52:40.927992028Z", "kind": "event", "original": "2023-01-24 10:38:48.987396+00:00 [info] <0.229.0> Running boot step pre_boot defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -51,13 +55,15 @@ { "@timestamp": "2023-01-24T10:38:48.987Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195160010Z", + "ingested": "2024-06-17T12:52:40.927996144Z", "kind": "event", "original": "2023-01-24 10:38:48.987465+00:00 [info] <0.229.0> Running boot step rabbit_global_counters defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -75,13 +81,15 @@ { "@timestamp": "2023-01-24T10:38:48.987Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195161176Z", + "ingested": "2024-06-17T12:52:40.927998836Z", "kind": "event", "original": "2023-01-24 10:38:48.987714+00:00 [info] <0.229.0> Running boot step rabbit_osiris_metrics defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -99,13 +107,15 @@ { "@timestamp": "2023-01-24T10:38:48.987Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195162301Z", + "ingested": "2024-06-17T12:52:40.928001653Z", "kind": "event", "original": "2023-01-24 10:38:48.987809+00:00 [info] <0.229.0> Running boot step rabbit_core_metrics defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -123,13 +133,15 @@ { "@timestamp": "2023-01-24T10:38:48.988Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195163510Z", + "ingested": "2024-06-17T12:52:40.928004330Z", "kind": "event", "original": "2023-01-24 10:38:48.988086+00:00 [info] <0.229.0> Running boot step rabbit_alarm defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -147,13 +159,15 @@ { "@timestamp": "2023-01-24T10:38:48.992Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195164593Z", + "ingested": "2024-06-17T12:52:40.928007050Z", "kind": "event", "original": "2023-01-24 10:38:48.992459+00:00 [info] <0.299.0> Memory high watermark set to 3140 MiB (3293097164 bytes) of 7851 MiB (8232742912 bytes) total", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -171,13 +185,15 @@ { "@timestamp": "2023-01-24T10:38:48.997Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195165676Z", + "ingested": "2024-06-17T12:52:40.928009694Z", "kind": "event", "original": "2023-01-24 10:38:48.997524+00:00 [info] <0.301.0> Enabling free disk space monitoring (disk free space: 45286498304, total memory: 8232742912)", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -195,13 +211,15 @@ { "@timestamp": "2023-01-24T10:38:48.997Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195166801Z", + "ingested": "2024-06-17T12:52:40.928012468Z", "kind": "event", "original": "2023-01-24 10:38:48.997742+00:00 [info] <0.301.0> Disk free limit set to 50MB", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -219,13 +237,15 @@ { "@timestamp": "2023-01-24T10:38:49.001Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195168593Z", + "ingested": "2024-06-17T12:52:40.928015136Z", "kind": "event", "original": "2023-01-24 10:38:49.001012+00:00 [info] <0.229.0> Running boot step code_server_cache defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -243,13 +263,15 @@ { "@timestamp": "2023-01-24T10:38:49.001Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195169760Z", + "ingested": "2024-06-17T12:52:40.928017876Z", "kind": "event", "original": "2023-01-24 10:38:49.001076+00:00 [info] <0.229.0> Running boot step file_handle_cache defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -267,13 +289,15 @@ { "@timestamp": "2023-01-24T10:38:49.001Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195171010Z", + "ingested": "2024-06-17T12:52:40.928020916Z", "kind": "event", "original": "2023-01-24 10:38:49.001201+00:00 [info] <0.304.0> Limiting to approx 1048479 file handles (943629 sockets)", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -291,13 +315,15 @@ { "@timestamp": "2023-01-24T10:38:49.001Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195172093Z", + "ingested": "2024-06-17T12:52:40.928023646Z", "kind": "event", "original": "2023-01-24 10:38:49.001251+00:00 [info] <0.305.0> FHC read buffering: OFF", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -315,13 +341,15 @@ { "@timestamp": "2023-01-24T10:38:49.001Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195173218Z", + "ingested": "2024-06-17T12:52:40.928026300Z", "kind": "event", "original": "2023-01-24 10:38:49.001270+00:00 [info] <0.305.0> FHC write buffering: ON", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -339,13 +367,15 @@ { "@timestamp": "2023-01-24T10:38:49.002Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195174301Z", + "ingested": "2024-06-17T12:52:40.928029028Z", "kind": "event", "original": "2023-01-24 10:38:49.002188+00:00 [info] <0.229.0> Running boot step worker_pool defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -363,13 +393,15 @@ { "@timestamp": "2023-01-24T10:38:49.002Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195175385Z", + "ingested": "2024-06-17T12:52:40.928031710Z", "kind": "event", "original": "2023-01-24 10:38:49.002241+00:00 [info] <0.286.0> Will use 5 processes for default worker pool", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -387,13 +419,15 @@ { "@timestamp": "2023-01-24T10:38:49.002Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195176510Z", + "ingested": "2024-06-17T12:52:40.928034795Z", "kind": "event", "original": "2023-01-24 10:38:49.002287+00:00 [info] <0.286.0> Starting worker pool 'worker_pool' with 5 processes in it", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -411,13 +445,15 @@ { "@timestamp": "2023-01-24T10:38:49.002Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195177676Z", + "ingested": "2024-06-17T12:52:40.928037447Z", "kind": "event", "original": "2023-01-24 10:38:49.002531+00:00 [info] <0.229.0> Running boot step database defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -435,13 +471,15 @@ { "@timestamp": "2023-01-24T10:38:49.003Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195178801Z", + "ingested": "2024-06-17T12:52:40.928040170Z", "kind": "event", "original": "2023-01-24 10:38:49.003858+00:00 [info] <0.229.0> Node database directory at /var/lib/rabbitmq/mnesia/rabbit@af6809c8510d is empty. Assuming we need to join an existing cluster or initialise from scratch...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -459,13 +497,15 @@ { "@timestamp": "2023-01-24T10:38:49.003Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195179926Z", + "ingested": "2024-06-17T12:52:40.928045514Z", "kind": "event", "original": "2023-01-24 10:38:49.003915+00:00 [info] <0.229.0> Configured peer discovery backend: rabbit_peer_discovery_classic_config", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -483,13 +523,15 @@ { "@timestamp": "2023-01-24T10:38:49.003Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195181010Z", + "ingested": "2024-06-17T12:52:40.928048325Z", "kind": "event", "original": "2023-01-24 10:38:49.003932+00:00 [info] <0.229.0> Will try to lock with peer discovery backend rabbit_peer_discovery_classic_config", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -507,13 +549,15 @@ { "@timestamp": "2023-01-24T10:38:49.003Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195182135Z", + "ingested": "2024-06-17T12:52:40.928050970Z", "kind": "event", "original": "2023-01-24 10:38:49.003976+00:00 [info] <0.229.0> All discovered existing cluster peers:", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -531,13 +575,15 @@ { "@timestamp": "2023-01-24T10:38:49.003Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195183218Z", + "ingested": "2024-06-17T12:52:40.928053700Z", "kind": "event", "original": "2023-01-24 10:38:49.003989+00:00 [info] <0.229.0> Discovered no peer nodes to cluster with. Some discovery backends can filter nodes out based on a readiness criteria. Enabling debug logging might help troubleshoot.", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -555,13 +601,15 @@ { "@timestamp": "2023-01-24T10:38:49.005Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195184343Z", + "ingested": "2024-06-17T12:52:40.928056660Z", "kind": "event", "original": "2023-01-24 10:38:49.005308+00:00 [notice] <0.44.0> Application mnesia exited with reason: stopped", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -579,13 +627,15 @@ { "@timestamp": "2023-01-24T10:38:49.119Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195185426Z", + "ingested": "2024-06-17T12:52:40.928059461Z", "kind": "event", "original": "2023-01-24 10:38:49.119439+00:00 [info] <0.229.0> Waiting for Mnesia tables for 30000 ms, 9 retries left", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -603,13 +653,15 @@ { "@timestamp": "2023-01-24T10:38:49.119Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195186510Z", + "ingested": "2024-06-17T12:52:40.928062125Z", "kind": "event", "original": "2023-01-24 10:38:49.119725+00:00 [info] <0.229.0> Successfully synced tables from a peer", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -627,13 +679,15 @@ { "@timestamp": "2023-01-24T10:38:49.126Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195187593Z", + "ingested": "2024-06-17T12:52:40.928064884Z", "kind": "event", "original": "2023-01-24 10:38:49.126213+00:00 [info] <0.229.0> Feature flags: `feature_flags_v2`: supported, attempt to enable...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -651,13 +705,15 @@ { "@timestamp": "2023-01-24T10:38:49.147Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195188718Z", + "ingested": "2024-06-17T12:52:40.928067515Z", "kind": "event", "original": "2023-01-24 10:38:49.147034+00:00 [notice] <0.287.0> Feature flags: attempt to enable `classic_mirrored_queue_version`...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -675,13 +731,15 @@ { "@timestamp": "2023-01-24T10:38:49.165Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195189801Z", + "ingested": "2024-06-17T12:52:40.928070281Z", "kind": "event", "original": "2023-01-24 10:38:49.165936+00:00 [notice] <0.287.0> Feature flags: `classic_mirrored_queue_version` enabled", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -699,13 +757,15 @@ { "@timestamp": "2023-01-24T10:38:49.166Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195190885Z", + "ingested": "2024-06-17T12:52:40.928072934Z", "kind": "event", "original": "2023-01-24 10:38:49.166232+00:00 [notice] <0.287.0> Feature flags: attempt to enable `classic_queue_type_delivery_support`...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -723,13 +783,15 @@ { "@timestamp": "2023-01-24T10:38:49.177Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195191968Z", + "ingested": "2024-06-17T12:52:40.928075757Z", "kind": "event", "original": "2023-01-24 10:38:49.177853+00:00 [notice] <0.287.0> Feature flags: attempt to enable `stream_queue`...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -747,13 +809,15 @@ { "@timestamp": "2023-01-24T10:38:49.198Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195196093Z", + "ingested": "2024-06-17T12:52:40.928078461Z", "kind": "event", "original": "2023-01-24 10:38:49.198546+00:00 [notice] <0.287.0> Feature flags: `stream_queue` enabled", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -771,13 +835,15 @@ { "@timestamp": "2023-01-24T10:38:49.209Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195197176Z", + "ingested": "2024-06-17T12:52:40.928081225Z", "kind": "event", "original": "2023-01-24 10:38:49.209504+00:00 [notice] <0.287.0> Feature flags: `classic_queue_type_delivery_support` enabled", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -795,13 +861,15 @@ { "@timestamp": "2023-01-24T10:38:49.209Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195198260Z", + "ingested": "2024-06-17T12:52:40.928083881Z", "kind": "event", "original": "2023-01-24 10:38:49.209837+00:00 [notice] <0.287.0> Feature flags: attempt to enable `direct_exchange_routing_v2`...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -819,13 +887,15 @@ { "@timestamp": "2023-01-24T10:38:49.220Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195199426Z", + "ingested": "2024-06-17T12:52:40.928087045Z", "kind": "event", "original": "2023-01-24 10:38:49.220869+00:00 [info] <0.499.0> Waiting for Mnesia tables for 30000 ms, 9 retries left", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -843,13 +913,15 @@ { "@timestamp": "2023-01-24T10:38:49.220Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195200510Z", + "ingested": "2024-06-17T12:52:40.928089709Z", "kind": "event", "original": "2023-01-24 10:38:49.220981+00:00 [info] <0.499.0> Successfully synced tables from a peer", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -867,13 +939,15 @@ { "@timestamp": "2023-01-24T10:38:49.236Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195201635Z", + "ingested": "2024-06-17T12:52:40.928092465Z", "kind": "event", "original": "2023-01-24 10:38:49.236521+00:00 [notice] <0.287.0> Feature flags: `direct_exchange_routing_v2` enabled", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -891,13 +965,15 @@ { "@timestamp": "2023-01-24T10:38:49.236Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195202760Z", + "ingested": "2024-06-17T12:52:40.928095131Z", "kind": "event", "original": "2023-01-24 10:38:49.236958+00:00 [notice] <0.287.0> Feature flags: attempt to enable `drop_unroutable_metric`...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -915,13 +991,15 @@ { "@timestamp": "2023-01-24T10:38:49.257Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195203843Z", + "ingested": "2024-06-17T12:52:40.928097881Z", "kind": "event", "original": "2023-01-24 10:38:49.257024+00:00 [notice] <0.287.0> Feature flags: `drop_unroutable_metric` enabled", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -939,13 +1017,15 @@ { "@timestamp": "2023-01-24T10:38:49.257Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195204968Z", + "ingested": "2024-06-17T12:52:40.928100509Z", "kind": "event", "original": "2023-01-24 10:38:49.257352+00:00 [notice] <0.287.0> Feature flags: attempt to enable `empty_basic_get_metric`...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -963,13 +1043,15 @@ { "@timestamp": "2023-01-24T10:38:49.278Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195206010Z", + "ingested": "2024-06-17T12:52:40.928103251Z", "kind": "event", "original": "2023-01-24 10:38:49.278835+00:00 [notice] <0.287.0> Feature flags: `empty_basic_get_metric` enabled", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -987,13 +1069,15 @@ { "@timestamp": "2023-01-24T10:38:49.279Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195207093Z", + "ingested": "2024-06-17T12:52:40.928105909Z", "kind": "event", "original": "2023-01-24 10:38:49.279849+00:00 [notice] <0.287.0> Feature flags: attempt to enable `listener_records_in_ets`...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -1011,13 +1095,15 @@ { "@timestamp": "2023-01-24T10:38:49.394Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195208176Z", + "ingested": "2024-06-17T12:52:40.928108651Z", "kind": "event", "original": "2023-01-24 10:38:49.394930+00:00 [notice] <0.287.0> Feature flags: `listener_records_in_ets` enabled", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -1035,13 +1121,15 @@ { "@timestamp": "2023-01-24T10:38:49.395Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195209260Z", + "ingested": "2024-06-17T12:52:40.928111288Z", "kind": "event", "original": "2023-01-24 10:38:49.395827+00:00 [notice] <0.287.0> Feature flags: attempt to enable `stream_single_active_consumer`...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -1059,13 +1147,15 @@ { "@timestamp": "2023-01-24T10:38:49.412Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195210343Z", + "ingested": "2024-06-17T12:52:40.928114081Z", "kind": "event", "original": "2023-01-24 10:38:49.412055+00:00 [notice] <0.287.0> Feature flags: `stream_single_active_consumer` enabled", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -1083,13 +1173,15 @@ { "@timestamp": "2023-01-24T10:38:49.412Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195211426Z", + "ingested": "2024-06-17T12:52:40.928116726Z", "kind": "event", "original": "2023-01-24 10:38:49.412372+00:00 [notice] <0.287.0> Feature flags: attempt to enable `tracking_records_in_ets`...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -1107,13 +1199,15 @@ { "@timestamp": "2023-01-24T10:38:49.429Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195212593Z", + "ingested": "2024-06-17T12:52:40.928119446Z", "kind": "event", "original": "2023-01-24 10:38:49.429212+00:00 [notice] <0.287.0> Feature flags: `tracking_records_in_ets` enabled", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "notice" @@ -1131,13 +1225,15 @@ { "@timestamp": "2023-01-24T10:38:49.429Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195213676Z", + "ingested": "2024-06-17T12:52:40.928122096Z", "kind": "event", "original": "2023-01-24 10:38:49.429984+00:00 [info] <0.229.0> Waiting for Mnesia tables for 30000 ms, 9 retries left", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1155,13 +1251,15 @@ { "@timestamp": "2023-01-24T10:38:49.430Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195215801Z", + "ingested": "2024-06-17T12:52:40.928124845Z", "kind": "event", "original": "2023-01-24 10:38:49.430060+00:00 [info] <0.229.0> Successfully synced tables from a peer", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1179,13 +1277,15 @@ { "@timestamp": "2023-01-24T10:38:49.437Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195216968Z", + "ingested": "2024-06-17T12:52:40.928127510Z", "kind": "event", "original": "2023-01-24 10:38:49.437978+00:00 [info] <0.229.0> Waiting for Mnesia tables for 30000 ms, 9 retries left", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1203,13 +1303,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195218135Z", + "ingested": "2024-06-17T12:52:40.928130510Z", "kind": "event", "original": "2023-01-24 10:38:49.438072+00:00 [info] <0.229.0> Successfully synced tables from a peer", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1227,13 +1329,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195219260Z", + "ingested": "2024-06-17T12:52:40.928133165Z", "kind": "event", "original": "2023-01-24 10:38:49.438095+00:00 [info] <0.229.0> Peer discovery backend rabbit_peer_discovery_classic_config does not support registration, skipping registration.", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1251,13 +1355,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195220343Z", + "ingested": "2024-06-17T12:52:40.928135922Z", "kind": "event", "original": "2023-01-24 10:38:49.438118+00:00 [info] <0.229.0> Will try to unlock with peer discovery backend rabbit_peer_discovery_classic_config", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1275,13 +1381,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195221468Z", + "ingested": "2024-06-17T12:52:40.928138602Z", "kind": "event", "original": "2023-01-24 10:38:49.438156+00:00 [info] <0.229.0> Running boot step tracking_metadata_store defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1299,13 +1407,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195222551Z", + "ingested": "2024-06-17T12:52:40.928141356Z", "kind": "event", "original": "2023-01-24 10:38:49.438205+00:00 [info] <0.621.0> Setting up a table for connection tracking on this node: tracked_connection", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1323,13 +1433,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195223593Z", + "ingested": "2024-06-17T12:52:40.928144006Z", "kind": "event", "original": "2023-01-24 10:38:49.438234+00:00 [info] <0.621.0> Setting up a table for per-vhost connection counting on this node: tracked_connection_per_vhost", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1347,13 +1459,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195224676Z", + "ingested": "2024-06-17T12:52:40.928146776Z", "kind": "event", "original": "2023-01-24 10:38:49.438258+00:00 [info] <0.621.0> Setting up a table for per-user connection counting on this node: tracked_connection_per_user", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1371,13 +1485,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195225760Z", + "ingested": "2024-06-17T12:52:40.928149452Z", "kind": "event", "original": "2023-01-24 10:38:49.438277+00:00 [info] <0.621.0> Setting up a table for channel tracking on this node: tracked_channel", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1395,13 +1511,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195226843Z", + "ingested": "2024-06-17T12:52:40.928152192Z", "kind": "event", "original": "2023-01-24 10:38:49.438295+00:00 [info] <0.621.0> Setting up a table for channel tracking on this node: tracked_channel_per_user", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1419,13 +1537,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195227926Z", + "ingested": "2024-06-17T12:52:40.928154872Z", "kind": "event", "original": "2023-01-24 10:38:49.438329+00:00 [info] <0.229.0> Running boot step networking_metadata_store defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1443,13 +1563,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195228968Z", + "ingested": "2024-06-17T12:52:40.928157607Z", "kind": "event", "original": "2023-01-24 10:38:49.438388+00:00 [info] <0.229.0> Running boot step database_sync defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1467,13 +1589,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195230051Z", + "ingested": "2024-06-17T12:52:40.928160302Z", "kind": "event", "original": "2023-01-24 10:38:49.438478+00:00 [info] <0.229.0> Running boot step feature_flags defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1491,13 +1615,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195231176Z", + "ingested": "2024-06-17T12:52:40.928163067Z", "kind": "event", "original": "2023-01-24 10:38:49.438605+00:00 [info] <0.229.0> Running boot step codec_correctness_check defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1515,13 +1641,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195232468Z", + "ingested": "2024-06-17T12:52:40.928174586Z", "kind": "event", "original": "2023-01-24 10:38:49.438629+00:00 [info] <0.229.0> Running boot step external_infrastructure defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1539,13 +1667,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195233593Z", + "ingested": "2024-06-17T12:52:40.928177392Z", "kind": "event", "original": "2023-01-24 10:38:49.438647+00:00 [info] <0.229.0> Running boot step rabbit_event defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1563,13 +1693,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195234676Z", + "ingested": "2024-06-17T12:52:40.928180156Z", "kind": "event", "original": "2023-01-24 10:38:49.438692+00:00 [info] <0.229.0> Running boot step rabbit_registry defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1587,13 +1719,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195235760Z", + "ingested": "2024-06-17T12:52:40.928182933Z", "kind": "event", "original": "2023-01-24 10:38:49.438720+00:00 [info] <0.229.0> Running boot step rabbit_auth_mechanism_amqplain defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1611,13 +1745,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195236843Z", + "ingested": "2024-06-17T12:52:40.928185711Z", "kind": "event", "original": "2023-01-24 10:38:49.438745+00:00 [info] <0.229.0> Running boot step rabbit_auth_mechanism_cr_demo defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1635,13 +1771,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195237926Z", + "ingested": "2024-06-17T12:52:40.928192103Z", "kind": "event", "original": "2023-01-24 10:38:49.438772+00:00 [info] <0.229.0> Running boot step rabbit_auth_mechanism_plain defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1659,13 +1797,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195238968Z", + "ingested": "2024-06-17T12:52:40.928195111Z", "kind": "event", "original": "2023-01-24 10:38:49.438862+00:00 [info] <0.229.0> Running boot step rabbit_exchange_type_direct defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1683,13 +1823,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195240051Z", + "ingested": "2024-06-17T12:52:40.928197876Z", "kind": "event", "original": "2023-01-24 10:38:49.438903+00:00 [info] <0.229.0> Running boot step rabbit_exchange_type_fanout defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1707,13 +1849,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195241135Z", + "ingested": "2024-06-17T12:52:40.928200649Z", "kind": "event", "original": "2023-01-24 10:38:49.438931+00:00 [info] <0.229.0> Running boot step rabbit_exchange_type_headers defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1731,13 +1875,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195242218Z", + "ingested": "2024-06-17T12:52:40.928203457Z", "kind": "event", "original": "2023-01-24 10:38:49.438951+00:00 [info] <0.229.0> Running boot step rabbit_exchange_type_topic defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1755,13 +1901,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195243301Z", + "ingested": "2024-06-17T12:52:40.928206239Z", "kind": "event", "original": "2023-01-24 10:38:49.438968+00:00 [info] <0.229.0> Running boot step rabbit_mirror_queue_mode_all defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1779,13 +1927,15 @@ { "@timestamp": "2023-01-24T10:38:49.438Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195244426Z", + "ingested": "2024-06-17T12:52:40.928209399Z", "kind": "event", "original": "2023-01-24 10:38:49.438988+00:00 [info] <0.229.0> Running boot step rabbit_mirror_queue_mode_exactly defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1803,13 +1953,15 @@ { "@timestamp": "2023-01-24T10:38:49.439Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195245510Z", + "ingested": "2024-06-17T12:52:40.928212167Z", "kind": "event", "original": "2023-01-24 10:38:49.439063+00:00 [info] <0.229.0> Running boot step rabbit_mirror_queue_mode_nodes defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1827,13 +1979,15 @@ { "@timestamp": "2023-01-24T10:38:49.439Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195246635Z", + "ingested": "2024-06-17T12:52:40.928214951Z", "kind": "event", "original": "2023-01-24 10:38:49.439206+00:00 [info] <0.229.0> Running boot step rabbit_priority_queue defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1851,13 +2005,15 @@ { "@timestamp": "2023-01-24T10:38:49.439Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195247718Z", + "ingested": "2024-06-17T12:52:40.928217727Z", "kind": "event", "original": "2023-01-24 10:38:49.439229+00:00 [info] <0.229.0> Priority queues enabled, real BQ is rabbit_variable_queue", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1875,13 +2031,15 @@ { "@timestamp": "2023-01-24T10:38:49.439Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195248801Z", + "ingested": "2024-06-17T12:52:40.928220523Z", "kind": "event", "original": "2023-01-24 10:38:49.439270+00:00 [info] <0.229.0> Running boot step rabbit_queue_location_client_local defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1899,13 +2057,15 @@ { "@timestamp": "2023-01-24T10:38:49.439Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195249926Z", + "ingested": "2024-06-17T12:52:40.928223477Z", "kind": "event", "original": "2023-01-24 10:38:49.439317+00:00 [info] <0.229.0> Running boot step rabbit_queue_location_min_masters defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1923,13 +2083,15 @@ { "@timestamp": "2023-01-24T10:38:49.439Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195251010Z", + "ingested": "2024-06-17T12:52:40.928226260Z", "kind": "event", "original": "2023-01-24 10:38:49.439371+00:00 [info] <0.229.0> Running boot step rabbit_queue_location_random defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1947,13 +2109,15 @@ { "@timestamp": "2023-01-24T10:38:49.439Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195252093Z", + "ingested": "2024-06-17T12:52:40.928229031Z", "kind": "event", "original": "2023-01-24 10:38:49.439396+00:00 [info] <0.229.0> Running boot step kernel_ready defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1971,13 +2135,15 @@ { "@timestamp": "2023-01-24T10:38:49.439Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195254176Z", + "ingested": "2024-06-17T12:52:40.928231800Z", "kind": "event", "original": "2023-01-24 10:38:49.439409+00:00 [info] <0.229.0> Running boot step rabbit_sysmon_minder defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -1995,13 +2161,15 @@ { "@timestamp": "2023-01-24T10:38:49.439Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195255301Z", + "ingested": "2024-06-17T12:52:40.928234598Z", "kind": "event", "original": "2023-01-24 10:38:49.439472+00:00 [info] <0.229.0> Running boot step rabbit_epmd_monitor defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2019,13 +2187,15 @@ { "@timestamp": "2023-01-24T10:38:49.440Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195256385Z", + "ingested": "2024-06-17T12:52:40.928237408Z", "kind": "event", "original": "2023-01-24 10:38:49.440338+00:00 [info] <0.630.0> epmd monitor knows us, inter-node communication (distribution) port: 25672", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2043,13 +2213,15 @@ { "@timestamp": "2023-01-24T10:38:49.440Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195257468Z", + "ingested": "2024-06-17T12:52:40.928240177Z", "kind": "event", "original": "2023-01-24 10:38:49.440435+00:00 [info] <0.229.0> Running boot step guid_generator defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2067,13 +2239,15 @@ { "@timestamp": "2023-01-24T10:38:49.442Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195258551Z", + "ingested": "2024-06-17T12:52:40.928242940Z", "kind": "event", "original": "2023-01-24 10:38:49.442470+00:00 [info] <0.229.0> Running boot step rabbit_node_monitor defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2091,13 +2265,15 @@ { "@timestamp": "2023-01-24T10:38:49.442Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195259635Z", + "ingested": "2024-06-17T12:52:40.928245712Z", "kind": "event", "original": "2023-01-24 10:38:49.442662+00:00 [info] <0.634.0> Starting rabbit_node_monitor", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2115,13 +2291,15 @@ { "@timestamp": "2023-01-24T10:38:49.442Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195260676Z", + "ingested": "2024-06-17T12:52:40.928248497Z", "kind": "event", "original": "2023-01-24 10:38:49.442771+00:00 [info] <0.229.0> Running boot step delegate_sup defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2139,13 +2317,15 @@ { "@timestamp": "2023-01-24T10:38:49.443Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195261760Z", + "ingested": "2024-06-17T12:52:40.928251264Z", "kind": "event", "original": "2023-01-24 10:38:49.443132+00:00 [info] <0.229.0> Running boot step rabbit_memory_monitor defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2163,13 +2343,15 @@ { "@timestamp": "2023-01-24T10:38:49.443Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195262843Z", + "ingested": "2024-06-17T12:52:40.928254087Z", "kind": "event", "original": "2023-01-24 10:38:49.443294+00:00 [info] <0.229.0> Running boot step rabbit_fifo_dlx_sup defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2187,13 +2369,15 @@ { "@timestamp": "2023-01-24T10:38:49.443Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195263926Z", + "ingested": "2024-06-17T12:52:40.928256874Z", "kind": "event", "original": "2023-01-24 10:38:49.443391+00:00 [info] <0.229.0> Running boot step core_initialized defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2211,13 +2395,15 @@ { "@timestamp": "2023-01-24T10:38:49.443Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195265010Z", + "ingested": "2024-06-17T12:52:40.928259654Z", "kind": "event", "original": "2023-01-24 10:38:49.443408+00:00 [info] <0.229.0> Running boot step upgrade_queues defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2235,13 +2421,15 @@ { "@timestamp": "2023-01-24T10:38:49.449Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195266093Z", + "ingested": "2024-06-17T12:52:40.928262424Z", "kind": "event", "original": "2023-01-24 10:38:49.449150+00:00 [info] <0.229.0> message_store upgrades: 1 to apply", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2259,13 +2447,15 @@ { "@timestamp": "2023-01-24T10:38:49.449Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195267176Z", + "ingested": "2024-06-17T12:52:40.928265192Z", "kind": "event", "original": "2023-01-24 10:38:49.449264+00:00 [info] <0.229.0> message_store upgrades: Applying rabbit_variable_queue:move_messages_to_vhost_store", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2283,13 +2473,15 @@ { "@timestamp": "2023-01-24T10:38:49.449Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195268218Z", + "ingested": "2024-06-17T12:52:40.928267958Z", "kind": "event", "original": "2023-01-24 10:38:49.449357+00:00 [info] <0.229.0> message_store upgrades: No durable queues found. Skipping message store migration", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2307,13 +2499,15 @@ { "@timestamp": "2023-01-24T10:38:49.449Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195269301Z", + "ingested": "2024-06-17T12:52:40.928270720Z", "kind": "event", "original": "2023-01-24 10:38:49.449397+00:00 [info] <0.229.0> message_store upgrades: Removing the old message store data", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2331,13 +2525,15 @@ { "@timestamp": "2023-01-24T10:38:49.450Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195270385Z", + "ingested": "2024-06-17T12:52:40.928273512Z", "kind": "event", "original": "2023-01-24 10:38:49.450369+00:00 [info] <0.229.0> message_store upgrades: All upgrades applied successfully", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2355,13 +2551,15 @@ { "@timestamp": "2023-01-24T10:38:49.455Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195271468Z", + "ingested": "2024-06-17T12:52:40.928276290Z", "kind": "event", "original": "2023-01-24 10:38:49.455431+00:00 [info] <0.229.0> Running boot step channel_tracking defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2379,13 +2577,15 @@ { "@timestamp": "2023-01-24T10:38:49.455Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195272551Z", + "ingested": "2024-06-17T12:52:40.928279080Z", "kind": "event", "original": "2023-01-24 10:38:49.455483+00:00 [info] <0.229.0> Running boot step rabbit_channel_tracking_handler defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2403,13 +2603,15 @@ { "@timestamp": "2023-01-24T10:38:49.455Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195273635Z", + "ingested": "2024-06-17T12:52:40.928281864Z", "kind": "event", "original": "2023-01-24 10:38:49.455582+00:00 [info] <0.229.0> Running boot step connection_tracking defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2427,13 +2629,15 @@ { "@timestamp": "2023-01-24T10:38:49.455Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195274676Z", + "ingested": "2024-06-17T12:52:40.928284634Z", "kind": "event", "original": "2023-01-24 10:38:49.455613+00:00 [info] <0.229.0> Running boot step rabbit_connection_tracking_handler defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2451,13 +2655,15 @@ { "@timestamp": "2023-01-24T10:38:49.455Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195275760Z", + "ingested": "2024-06-17T12:52:40.928287398Z", "kind": "event", "original": "2023-01-24 10:38:49.455630+00:00 [info] <0.229.0> Running boot step rabbit_definitions_hashing defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2475,13 +2681,15 @@ { "@timestamp": "2023-01-24T10:38:49.455Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195276843Z", + "ingested": "2024-06-17T12:52:40.928290178Z", "kind": "event", "original": "2023-01-24 10:38:49.455879+00:00 [info] <0.229.0> Running boot step rabbit_exchange_parameters defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2499,13 +2707,15 @@ { "@timestamp": "2023-01-24T10:38:49.456Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195277926Z", + "ingested": "2024-06-17T12:52:40.928293019Z", "kind": "event", "original": "2023-01-24 10:38:49.456053+00:00 [info] <0.229.0> Running boot step rabbit_mirror_queue_misc defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2523,13 +2733,15 @@ { "@timestamp": "2023-01-24T10:38:49.456Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195279010Z", + "ingested": "2024-06-17T12:52:40.928295809Z", "kind": "event", "original": "2023-01-24 10:38:49.456174+00:00 [info] <0.229.0> Running boot step rabbit_policies defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2547,13 +2759,15 @@ { "@timestamp": "2023-01-24T10:38:49.456Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195280093Z", + "ingested": "2024-06-17T12:52:40.928298581Z", "kind": "event", "original": "2023-01-24 10:38:49.456355+00:00 [info] <0.229.0> Running boot step rabbit_policy defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2571,13 +2785,15 @@ { "@timestamp": "2023-01-24T10:38:49.456Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195281176Z", + "ingested": "2024-06-17T12:52:40.928301359Z", "kind": "event", "original": "2023-01-24 10:38:49.456400+00:00 [info] <0.229.0> Running boot step rabbit_queue_location_validator defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2595,13 +2811,15 @@ { "@timestamp": "2023-01-24T10:38:49.456Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195282260Z", + "ingested": "2024-06-17T12:52:40.928304148Z", "kind": "event", "original": "2023-01-24 10:38:49.456427+00:00 [info] <0.229.0> Running boot step rabbit_quorum_memory_manager defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2619,13 +2837,15 @@ { "@timestamp": "2023-01-24T10:38:49.456Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195283343Z", + "ingested": "2024-06-17T12:52:40.928306941Z", "kind": "event", "original": "2023-01-24 10:38:49.456451+00:00 [info] <0.229.0> Running boot step rabbit_stream_coordinator defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2643,13 +2863,15 @@ { "@timestamp": "2023-01-24T10:38:49.456Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195284510Z", + "ingested": "2024-06-17T12:52:40.928310085Z", "kind": "event", "original": "2023-01-24 10:38:49.456914+00:00 [info] <0.229.0> Running boot step rabbit_vhost_limit defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2667,13 +2889,15 @@ { "@timestamp": "2023-01-24T10:38:49.457Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195285593Z", + "ingested": "2024-06-17T12:52:40.928312841Z", "kind": "event", "original": "2023-01-24 10:38:49.457013+00:00 [info] <0.229.0> Running boot step rabbit_mgmt_reset_handler defined by app rabbitmq_management", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2691,13 +2915,15 @@ { "@timestamp": "2023-01-24T10:38:49.457Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195286635Z", + "ingested": "2024-06-17T12:52:40.928315619Z", "kind": "event", "original": "2023-01-24 10:38:49.457042+00:00 [info] <0.229.0> Running boot step rabbit_mgmt_db_handler defined by app rabbitmq_management_agent", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2715,13 +2941,15 @@ { "@timestamp": "2023-01-24T10:38:49.457Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195287718Z", + "ingested": "2024-06-17T12:52:40.928318393Z", "kind": "event", "original": "2023-01-24 10:38:49.457064+00:00 [info] <0.229.0> Management plugin: using rates mode 'basic'", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2739,13 +2967,15 @@ { "@timestamp": "2023-01-24T10:38:49.457Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195288801Z", + "ingested": "2024-06-17T12:52:40.928321165Z", "kind": "event", "original": "2023-01-24 10:38:49.457315+00:00 [info] <0.229.0> Running boot step recovery defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2763,13 +2993,15 @@ { "@timestamp": "2023-01-24T10:38:49.459Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195290260Z", + "ingested": "2024-06-17T12:52:40.928323953Z", "kind": "event", "original": "2023-01-24 10:38:49.459760+00:00 [info] <0.229.0> Running boot step empty_db_check defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2787,13 +3019,15 @@ { "@timestamp": "2023-01-24T10:38:49.459Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195291343Z", + "ingested": "2024-06-17T12:52:40.928326709Z", "kind": "event", "original": "2023-01-24 10:38:49.459815+00:00 [info] <0.229.0> Will seed default virtual host and user...", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2811,13 +3045,15 @@ { "@timestamp": "2023-01-24T10:38:49.459Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195292426Z", + "ingested": "2024-06-17T12:52:40.928329489Z", "kind": "event", "original": "2023-01-24 10:38:49.459877+00:00 [info] <0.229.0> Adding vhost '/' (description: 'Default virtual host', tags: [])", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2835,13 +3071,15 @@ { "@timestamp": "2023-01-24T10:38:49.462Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195293510Z", + "ingested": "2024-06-17T12:52:40.928333371Z", "kind": "event", "original": "2023-01-24 10:38:49.462284+00:00 [info] <0.229.0> Applying default limits to vhost '<<\"/\">>': []", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2859,13 +3097,15 @@ { "@timestamp": "2023-01-24T10:38:49.475Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195294593Z", + "ingested": "2024-06-17T12:52:40.928336219Z", "kind": "event", "original": "2023-01-24 10:38:49.475207+00:00 [info] <0.676.0> Making sure data directory '/var/lib/rabbitmq/mnesia/rabbit@af6809c8510d/msg_stores/vhosts/628WB79CIFDYO9LJI6DKMI09L' for vhost '/' exists", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2883,13 +3123,15 @@ { "@timestamp": "2023-01-24T10:38:49.477Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195295676Z", + "ingested": "2024-06-17T12:52:40.928338985Z", "kind": "event", "original": "2023-01-24 10:38:49.477540+00:00 [info] <0.676.0> Setting segment_entry_count for vhost '/' with 0 queues to '2048'", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2907,13 +3149,15 @@ { "@timestamp": "2023-01-24T10:38:49.480Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195296760Z", + "ingested": "2024-06-17T12:52:40.928341760Z", "kind": "event", "original": "2023-01-24 10:38:49.480811+00:00 [info] <0.676.0> Starting message stores for vhost '/'", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2931,13 +3175,15 @@ { "@timestamp": "2023-01-24T10:38:49.481Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195297843Z", + "ingested": "2024-06-17T12:52:40.928344513Z", "kind": "event", "original": "2023-01-24 10:38:49.481068+00:00 [info] <0.681.0> Message store \"628WB79CIFDYO9LJI6DKMI09L/msg_store_transient\": using rabbit_msg_store_ets_index to provide index", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2955,13 +3201,15 @@ { "@timestamp": "2023-01-24T10:38:49.482Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195299135Z", + "ingested": "2024-06-17T12:52:40.928347269Z", "kind": "event", "original": "2023-01-24 10:38:49.482916+00:00 [info] <0.676.0> Started message store of type transient for vhost '/'", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -2979,13 +3227,15 @@ { "@timestamp": "2023-01-24T10:38:49.483Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195300260Z", + "ingested": "2024-06-17T12:52:40.928350050Z", "kind": "event", "original": "2023-01-24 10:38:49.483023+00:00 [info] <0.685.0> Message store \"628WB79CIFDYO9LJI6DKMI09L/msg_store_persistent\": using rabbit_msg_store_ets_index to provide index", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3003,13 +3253,15 @@ { "@timestamp": "2023-01-24T10:38:49.484Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195301343Z", + "ingested": "2024-06-17T12:52:40.928352840Z", "kind": "event", "original": "2023-01-24 10:38:49.484168+00:00 [warning] <0.685.0> Message store \"628WB79CIFDYO9LJI6DKMI09L/msg_store_persistent\": rebuilding indices from scratch", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "warning" @@ -3027,13 +3279,15 @@ { "@timestamp": "2023-01-24T10:38:49.485Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195302426Z", + "ingested": "2024-06-17T12:52:40.928355619Z", "kind": "event", "original": "2023-01-24 10:38:49.485324+00:00 [info] <0.676.0> Started message store of type persistent for vhost '/'", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3051,13 +3305,15 @@ { "@timestamp": "2023-01-24T10:38:49.485Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195324218Z", + "ingested": "2024-06-17T12:52:40.928358382Z", "kind": "event", "original": "2023-01-24 10:38:49.485389+00:00 [info] <0.676.0> Recovering 0 queues of type rabbit_classic_queue took 7ms", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3075,13 +3331,15 @@ { "@timestamp": "2023-01-24T10:38:49.485Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195325926Z", + "ingested": "2024-06-17T12:52:40.928361150Z", "kind": "event", "original": "2023-01-24 10:38:49.485419+00:00 [info] <0.676.0> Recovering 0 queues of type rabbit_quorum_queue took 0ms", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3099,13 +3357,15 @@ { "@timestamp": "2023-01-24T10:38:49.485Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195327051Z", + "ingested": "2024-06-17T12:52:40.928363914Z", "kind": "event", "original": "2023-01-24 10:38:49.485436+00:00 [info] <0.676.0> Recovering 0 queues of type rabbit_stream_queue took 0ms", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3123,13 +3383,15 @@ { "@timestamp": "2023-01-24T10:38:49.487Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195328135Z", + "ingested": "2024-06-17T12:52:40.928366706Z", "kind": "event", "original": "2023-01-24 10:38:49.487133+00:00 [info] <0.229.0> Created user 'guest'", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3147,13 +3409,15 @@ { "@timestamp": "2023-01-24T10:38:49.488Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195329218Z", + "ingested": "2024-06-17T12:52:40.928369526Z", "kind": "event", "original": "2023-01-24 10:38:49.488641+00:00 [info] <0.229.0> Successfully set user tags for user 'guest' to [administrator]", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3171,13 +3435,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195330301Z", + "ingested": "2024-06-17T12:52:40.928372289Z", "kind": "event", "original": "2023-01-24 10:38:49.490051+00:00 [info] <0.229.0> Successfully set permissions for 'guest' in virtual host '/' to '.*', '.*', '.*'", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3195,13 +3461,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195331468Z", + "ingested": "2024-06-17T12:52:40.928375076Z", "kind": "event", "original": "2023-01-24 10:38:49.490128+00:00 [info] <0.229.0> Running boot step rabbit_observer_cli defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3219,13 +3487,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195332551Z", + "ingested": "2024-06-17T12:52:40.928377879Z", "kind": "event", "original": "2023-01-24 10:38:49.490236+00:00 [info] <0.229.0> Running boot step rabbit_looking_glass defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3243,13 +3513,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195333635Z", + "ingested": "2024-06-17T12:52:40.928380646Z", "kind": "event", "original": "2023-01-24 10:38:49.490291+00:00 [info] <0.229.0> Running boot step rabbit_core_metrics_gc defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3267,13 +3539,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195334718Z", + "ingested": "2024-06-17T12:52:40.928383456Z", "kind": "event", "original": "2023-01-24 10:38:49.490360+00:00 [info] <0.229.0> Running boot step background_gc defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3291,13 +3565,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195369260Z", + "ingested": "2024-06-17T12:52:40.928386249Z", "kind": "event", "original": "2023-01-24 10:38:49.490413+00:00 [info] <0.229.0> Running boot step routing_ready defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3315,13 +3591,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195374343Z", + "ingested": "2024-06-17T12:52:40.928388994Z", "kind": "event", "original": "2023-01-24 10:38:49.490435+00:00 [info] <0.229.0> Running boot step pre_flight defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3339,13 +3617,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195375635Z", + "ingested": "2024-06-17T12:52:40.928391750Z", "kind": "event", "original": "2023-01-24 10:38:49.490446+00:00 [info] <0.229.0> Running boot step notify_cluster defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3363,13 +3643,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195377010Z", + "ingested": "2024-06-17T12:52:40.928394542Z", "kind": "event", "original": "2023-01-24 10:38:49.490460+00:00 [info] <0.229.0> Running boot step networking defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3387,13 +3669,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195378135Z", + "ingested": "2024-06-17T12:52:40.928397302Z", "kind": "event", "original": "2023-01-24 10:38:49.490477+00:00 [info] <0.229.0> Running boot step definition_import_worker_pool defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3411,13 +3695,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195379218Z", + "ingested": "2024-06-17T12:52:40.928400066Z", "kind": "event", "original": "2023-01-24 10:38:49.490500+00:00 [info] <0.286.0> Starting worker pool 'definition_import_pool' with 5 processes in it", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3435,13 +3721,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195380301Z", + "ingested": "2024-06-17T12:52:40.928402812Z", "kind": "event", "original": "2023-01-24 10:38:49.490717+00:00 [info] <0.229.0> Running boot step cluster_name defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3459,13 +3747,15 @@ { "@timestamp": "2023-01-24T10:38:49.490Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195381385Z", + "ingested": "2024-06-17T12:52:40.928405586Z", "kind": "event", "original": "2023-01-24 10:38:49.490758+00:00 [info] <0.229.0> Initialising internal cluster ID to 'rabbitmq-cluster-id-nZJPoEIR_-4jZYWewYYOZQ'", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3483,13 +3773,15 @@ { "@timestamp": "2023-01-24T10:38:49.492Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195382468Z", + "ingested": "2024-06-17T12:52:40.928408350Z", "kind": "event", "original": "2023-01-24 10:38:49.492308+00:00 [info] <0.229.0> Running boot step direct_client defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3507,13 +3799,15 @@ { "@timestamp": "2023-01-24T10:38:49.492Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195383551Z", + "ingested": "2024-06-17T12:52:40.928411234Z", "kind": "event", "original": "2023-01-24 10:38:49.492420+00:00 [info] <0.229.0> Running boot step rabbit_maintenance_mode_state defined by app rabbit", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3531,13 +3825,15 @@ { "@timestamp": "2023-01-24T10:38:49.492Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195384635Z", + "ingested": "2024-06-17T12:52:40.928414050Z", "kind": "event", "original": "2023-01-24 10:38:49.492454+00:00 [info] <0.229.0> Creating table rabbit_node_maintenance_states for maintenance mode status", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3555,13 +3851,15 @@ { "@timestamp": "2023-01-24T10:38:49.499Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195385760Z", + "ingested": "2024-06-17T12:52:40.928416836Z", "kind": "event", "original": "2023-01-24 10:38:49.499616+00:00 [info] <0.229.0> Running boot step rabbit_management_load_definitions defined by app rabbitmq_management", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3579,13 +3877,15 @@ { "@timestamp": "2023-01-24T10:38:49.499Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195386843Z", + "ingested": "2024-06-17T12:52:40.928419616Z", "kind": "event", "original": "2023-01-24 10:38:49.499816+00:00 [info] <0.723.0> Resetting node maintenance status", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3603,13 +3903,15 @@ { "@timestamp": "2023-01-24T10:38:49.519Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195388010Z", + "ingested": "2024-06-17T12:52:40.928422403Z", "kind": "event", "original": "2023-01-24 10:38:49.519074+00:00 [info] <0.782.0> Management plugin: HTTP (non-TLS) listener started on port 15672", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3627,13 +3929,15 @@ { "@timestamp": "2023-01-24T10:38:49.519Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195389093Z", + "ingested": "2024-06-17T12:52:40.928425195Z", "kind": "event", "original": "2023-01-24 10:38:49.519174+00:00 [info] <0.810.0> Statistics database started.", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3651,13 +3955,15 @@ { "@timestamp": "2023-01-24T10:38:49.519Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195390218Z", + "ingested": "2024-06-17T12:52:40.928427967Z", "kind": "event", "original": "2023-01-24 10:38:49.519212+00:00 [info] <0.809.0> Starting worker pool 'management_worker_pool' with 3 processes in it", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3675,13 +3981,15 @@ { "@timestamp": "2023-01-24T10:38:49.524Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195391301Z", + "ingested": "2024-06-17T12:52:40.928430737Z", "kind": "event", "original": "2023-01-24 10:38:49.524893+00:00 [info] <0.824.0> Prometheus metrics: HTTP (non-TLS) listener started on port 15692", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3699,13 +4007,15 @@ { "@timestamp": "2023-01-24T10:38:49.525Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195392760Z", + "ingested": "2024-06-17T12:52:40.928433503Z", "kind": "event", "original": "2023-01-24 10:38:49.525012+00:00 [info] <0.723.0> Ready to start client connection listeners", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3723,13 +4033,15 @@ { "@timestamp": "2023-01-24T10:38:49.525Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195393926Z", + "ingested": "2024-06-17T12:52:40.928436267Z", "kind": "event", "original": "2023-01-24 10:38:49.525875+00:00 [info] <0.868.0> started TCP listener on [::]:5672\n completed with 4 plugins.", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" @@ -3747,13 +4059,15 @@ { "@timestamp": "2023-01-24T10:38:49.664Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { - "ingested": "2023-10-15T19:55:31.195395135Z", + "ingested": "2024-06-17T12:52:40.928439087Z", "kind": "event", "original": "2023-01-24 10:38:49.664998+00:00 [info] <0.723.0> Server startup complete; 4 plugins started.\n* rabbitmq_prometheus\n* rabbitmq_management\n* rabbitmq_web_dispatch\n* rabbitmq_management_agent", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "info" diff --git a/packages/rabbitmq/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/rabbitmq/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 0921a5423943..c66db51b7176 100644 --- a/packages/rabbitmq/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/rabbitmq/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -6,13 +6,13 @@ processors: value: '{{_ingest.timestamp}}' - set: field: ecs.version - value: '8.5.1' + value: '8.11.0' - set: field: event.kind value: event - set: field: event.type - value: info + value: ["info"] - rename: field: message target_field: event.original diff --git a/packages/rabbitmq/data_stream/log/fields/agent.yml b/packages/rabbitmq/data_stream/log/fields/agent.yml index da4e652c53b8..2bc58530bac7 100644 --- a/packages/rabbitmq/data_stream/log/fields/agent.yml +++ b/packages/rabbitmq/data_stream/log/fields/agent.yml @@ -5,180 +5,15 @@ footnote: 'Examples: If Metricbeat is running on an EC2 host and fetches data from its host, the cloud info contains the data about this machine. If Metricbeat runs on a remote machine outside the cloud and fetches data from a service running in the cloud, the field contains cloud data from the machine the service is running on.' type: group fields: - - name: account.id - level: extended - type: keyword - ignore_above: 1024 - description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. - - Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' - example: 666777888999 - - name: availability_zone - level: extended - type: keyword - ignore_above: 1024 - description: Availability zone in which this host is running. - example: us-east-1c - - name: instance.id - level: extended - type: keyword - ignore_above: 1024 - description: Instance ID of the host machine. - example: i-1234567890abcdef0 - - name: instance.name - level: extended - type: keyword - ignore_above: 1024 - description: Instance name of the host machine. - - name: machine.type - level: extended - type: keyword - ignore_above: 1024 - description: Machine type of the host machine. - example: t2.medium - - name: provider - level: extended - type: keyword - ignore_above: 1024 - description: Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. - example: aws - - name: region - level: extended - type: keyword - ignore_above: 1024 - description: Region in which this host is running. - example: us-east-1 - - name: project.id - type: keyword - description: Name of the project in Google Cloud. - name: image.id type: keyword description: Image ID for the cloud instance. -- name: container - title: Container - group: 2 - description: 'Container fields are used for meta information about the specific container that is the source of information. - - These fields help correlate data based containers from any runtime.' - type: group - fields: - - name: id - level: core - type: keyword - ignore_above: 1024 - description: Unique container id. - - name: image.name - level: extended - type: keyword - ignore_above: 1024 - description: Name of the image the container was built on. - - name: labels - level: extended - type: object - object_type: keyword - description: Image labels. - - name: name - level: extended - type: keyword - ignore_above: 1024 - description: Container name. - name: host title: Host group: 2 - description: 'A host is defined as a general computing instance. - - ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' + description: 'A host is defined as a general computing instance. ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' type: group fields: - - name: architecture - level: core - type: keyword - ignore_above: 1024 - description: Operating system architecture. - example: x86_64 - - name: domain - level: extended - type: keyword - ignore_above: 1024 - description: 'Name of the domain of which the host is a member. - - For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.' - example: CONTOSO - default_field: false - - name: hostname - level: core - type: keyword - ignore_above: 1024 - description: 'Hostname of the host. - - It normally contains what the `hostname` command returns on the host machine.' - - name: id - level: core - type: keyword - ignore_above: 1024 - description: 'Unique host id. - - As hostname is not always unique, use values that are meaningful in your environment. - - Example: The current usage of `beat.name`.' - - name: ip - level: core - type: ip - description: Host ip addresses. - - name: mac - level: core - type: keyword - ignore_above: 1024 - description: Host mac addresses. - - name: name - level: core - type: keyword - ignore_above: 1024 - description: 'Name of the host. - - It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - - name: os.family - level: extended - type: keyword - ignore_above: 1024 - description: OS family (such as redhat, debian, freebsd, windows). - example: debian - - name: os.kernel - level: extended - type: keyword - ignore_above: 1024 - description: Operating system kernel version as a raw string. - example: 4.4.0-112-generic - - name: os.name - level: extended - type: keyword - ignore_above: 1024 - multi_fields: - - name: text - type: text - norms: false - default_field: false - description: Operating system name, without the version. - example: Mac OS X - - name: os.platform - level: extended - type: keyword - ignore_above: 1024 - description: Operating system platform (such centos, ubuntu, windows). - example: darwin - - name: os.version - level: extended - type: keyword - ignore_above: 1024 - description: Operating system version as a raw string. - example: 10.14.1 - - name: type - level: core - type: keyword - ignore_above: 1024 - description: 'Type of host. - - For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.' - name: containerized type: boolean description: > diff --git a/packages/rabbitmq/data_stream/log/fields/ecs.yml b/packages/rabbitmq/data_stream/log/fields/ecs.yml deleted file mode 100644 index a7e8a561a6f5..000000000000 --- a/packages/rabbitmq/data_stream/log/fields/ecs.yml +++ /dev/null @@ -1,10 +0,0 @@ -- external: ecs - name: ecs.version -- external: ecs - name: error.message -- external: ecs - name: log.level -- external: ecs - name: message -- external: ecs - name: tags diff --git a/packages/rabbitmq/data_stream/node/fields/agent.yml b/packages/rabbitmq/data_stream/node/fields/agent.yml index 334356372dbc..482fe3e31713 100644 --- a/packages/rabbitmq/data_stream/node/fields/agent.yml +++ b/packages/rabbitmq/data_stream/node/fields/agent.yml @@ -10,9 +10,7 @@ type: keyword dimension: true ignore_above: 1024 - description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. - - Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' + description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' example: 666777888999 - name: availability_zone level: extended @@ -28,17 +26,6 @@ description: Instance ID of the host machine. example: i-1234567890abcdef0 dimension: true - - name: instance.name - level: extended - type: keyword - ignore_above: 1024 - description: Instance name of the host machine. - - name: machine.type - level: extended - type: keyword - ignore_above: 1024 - description: Machine type of the host machine. - example: t2.medium - name: provider level: extended type: keyword @@ -53,18 +40,13 @@ ignore_above: 1024 description: Region in which this host is running. example: us-east-1 - - name: project.id - type: keyword - description: Name of the project in Google Cloud. - name: image.id type: keyword description: Image ID for the cloud instance. - name: container title: Container group: 2 - description: 'Container fields are used for meta information about the specific container that is the source of information. - - These fields help correlate data based containers from any runtime.' + description: 'Container fields are used for meta information about the specific container that is the source of information. These fields help correlate data based containers from any runtime.' type: group fields: - name: id @@ -73,119 +55,18 @@ ignore_above: 1024 description: Unique container id. dimension: true - - name: image.name - level: extended - type: keyword - ignore_above: 1024 - description: Name of the image the container was built on. - - name: labels - level: extended - type: object - object_type: keyword - description: Image labels. - - name: name - level: extended - type: keyword - ignore_above: 1024 - description: Container name. - name: host title: Host group: 2 - description: 'A host is defined as a general computing instance. - - ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' + description: 'A host is defined as a general computing instance. ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' type: group fields: - - name: architecture - level: core - type: keyword - ignore_above: 1024 - description: Operating system architecture. - example: x86_64 - - name: domain - level: extended - type: keyword - ignore_above: 1024 - description: 'Name of the domain of which the host is a member. - - For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.' - example: CONTOSO - default_field: false - - name: hostname - level: core - type: keyword - ignore_above: 1024 - description: 'Hostname of the host. - - It normally contains what the `hostname` command returns on the host machine.' - - name: id - level: core - type: keyword - ignore_above: 1024 - description: 'Unique host id. - - As hostname is not always unique, use values that are meaningful in your environment. - - Example: The current usage of `beat.name`.' - - name: ip - level: core - type: ip - description: Host ip addresses. - - name: mac - level: core - type: keyword - ignore_above: 1024 - description: Host mac addresses. - name: name level: core type: keyword ignore_above: 1024 dimension: true - description: 'Name of the host. - - It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - - name: os.family - level: extended - type: keyword - ignore_above: 1024 - description: OS family (such as redhat, debian, freebsd, windows). - example: debian - - name: os.kernel - level: extended - type: keyword - ignore_above: 1024 - description: Operating system kernel version as a raw string. - example: 4.4.0-112-generic - - name: os.name - level: extended - type: keyword - ignore_above: 1024 - multi_fields: - - name: text - type: text - norms: false - default_field: false - description: Operating system name, without the version. - example: Mac OS X - - name: os.platform - level: extended - type: keyword - ignore_above: 1024 - description: Operating system platform (such centos, ubuntu, windows). - example: darwin - - name: os.version - level: extended - type: keyword - ignore_above: 1024 - description: Operating system version as a raw string. - example: 10.14.1 - - name: type - level: core - type: keyword - ignore_above: 1024 - description: 'Type of host. - - For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.' + description: 'Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - name: containerized type: boolean description: > diff --git a/packages/rabbitmq/data_stream/node/fields/ecs.yml b/packages/rabbitmq/data_stream/node/fields/ecs.yml index 87da1aa62d82..4b73f809437d 100644 --- a/packages/rabbitmq/data_stream/node/fields/ecs.yml +++ b/packages/rabbitmq/data_stream/node/fields/ecs.yml @@ -1,7 +1,3 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type diff --git a/packages/rabbitmq/data_stream/queue/fields/agent.yml b/packages/rabbitmq/data_stream/queue/fields/agent.yml index 334356372dbc..482fe3e31713 100644 --- a/packages/rabbitmq/data_stream/queue/fields/agent.yml +++ b/packages/rabbitmq/data_stream/queue/fields/agent.yml @@ -10,9 +10,7 @@ type: keyword dimension: true ignore_above: 1024 - description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. - - Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' + description: 'The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier.' example: 666777888999 - name: availability_zone level: extended @@ -28,17 +26,6 @@ description: Instance ID of the host machine. example: i-1234567890abcdef0 dimension: true - - name: instance.name - level: extended - type: keyword - ignore_above: 1024 - description: Instance name of the host machine. - - name: machine.type - level: extended - type: keyword - ignore_above: 1024 - description: Machine type of the host machine. - example: t2.medium - name: provider level: extended type: keyword @@ -53,18 +40,13 @@ ignore_above: 1024 description: Region in which this host is running. example: us-east-1 - - name: project.id - type: keyword - description: Name of the project in Google Cloud. - name: image.id type: keyword description: Image ID for the cloud instance. - name: container title: Container group: 2 - description: 'Container fields are used for meta information about the specific container that is the source of information. - - These fields help correlate data based containers from any runtime.' + description: 'Container fields are used for meta information about the specific container that is the source of information. These fields help correlate data based containers from any runtime.' type: group fields: - name: id @@ -73,119 +55,18 @@ ignore_above: 1024 description: Unique container id. dimension: true - - name: image.name - level: extended - type: keyword - ignore_above: 1024 - description: Name of the image the container was built on. - - name: labels - level: extended - type: object - object_type: keyword - description: Image labels. - - name: name - level: extended - type: keyword - ignore_above: 1024 - description: Container name. - name: host title: Host group: 2 - description: 'A host is defined as a general computing instance. - - ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' + description: 'A host is defined as a general computing instance. ECS host.* fields should be populated with details about the host on which the event happened, or from which the measurement was taken. Host types include hardware, virtual machines, Docker containers, and Kubernetes nodes.' type: group fields: - - name: architecture - level: core - type: keyword - ignore_above: 1024 - description: Operating system architecture. - example: x86_64 - - name: domain - level: extended - type: keyword - ignore_above: 1024 - description: 'Name of the domain of which the host is a member. - - For example, on Windows this could be the host''s Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host''s LDAP provider.' - example: CONTOSO - default_field: false - - name: hostname - level: core - type: keyword - ignore_above: 1024 - description: 'Hostname of the host. - - It normally contains what the `hostname` command returns on the host machine.' - - name: id - level: core - type: keyword - ignore_above: 1024 - description: 'Unique host id. - - As hostname is not always unique, use values that are meaningful in your environment. - - Example: The current usage of `beat.name`.' - - name: ip - level: core - type: ip - description: Host ip addresses. - - name: mac - level: core - type: keyword - ignore_above: 1024 - description: Host mac addresses. - name: name level: core type: keyword ignore_above: 1024 dimension: true - description: 'Name of the host. - - It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - - name: os.family - level: extended - type: keyword - ignore_above: 1024 - description: OS family (such as redhat, debian, freebsd, windows). - example: debian - - name: os.kernel - level: extended - type: keyword - ignore_above: 1024 - description: Operating system kernel version as a raw string. - example: 4.4.0-112-generic - - name: os.name - level: extended - type: keyword - ignore_above: 1024 - multi_fields: - - name: text - type: text - norms: false - default_field: false - description: Operating system name, without the version. - example: Mac OS X - - name: os.platform - level: extended - type: keyword - ignore_above: 1024 - description: Operating system platform (such centos, ubuntu, windows). - example: darwin - - name: os.version - level: extended - type: keyword - ignore_above: 1024 - description: Operating system version as a raw string. - example: 10.14.1 - - name: type - level: core - type: keyword - ignore_above: 1024 - description: 'Type of host. - - For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment.' + description: 'Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use.' - name: containerized type: boolean description: > diff --git a/packages/rabbitmq/data_stream/queue/fields/ecs.yml b/packages/rabbitmq/data_stream/queue/fields/ecs.yml index 87da1aa62d82..4b73f809437d 100644 --- a/packages/rabbitmq/data_stream/queue/fields/ecs.yml +++ b/packages/rabbitmq/data_stream/queue/fields/ecs.yml @@ -1,7 +1,3 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type diff --git a/packages/rabbitmq/data_stream/queue/sample_event.json b/packages/rabbitmq/data_stream/queue/sample_event.json index 2afe7824f75e..460b80e8c7c0 100644 --- a/packages/rabbitmq/data_stream/queue/sample_event.json +++ b/packages/rabbitmq/data_stream/queue/sample_event.json @@ -1,13 +1,31 @@ { "@timestamp": "2020-06-25T10:15:10.955Z", + "ecs": { + "version": "8.11.0" + }, + "event": { + "dataset": "rabbitmq.queue", + "duration": 5860529, + "module": "rabbitmq" + }, + "metricset": { + "name": "queue", + "period": 10000 + }, "rabbitmq": { "queue": { + "arguments": {}, "auto_delete": false, - "state": "running", + "consumers": { + "count": 0, + "utilisation": {} + }, "disk": { "reads": {}, "writes": {} }, + "durable": true, + "exclusive": false, "memory": { "bytes": 14000 }, @@ -15,17 +33,17 @@ "persistent": { "count": 0 }, - "total": { + "ready": { + "count": 0, "details": { "rate": 0 - }, - "count": 0 + } }, - "ready": { + "total": { + "count": 0, "details": { "rate": 0 - }, - "count": 0 + } }, "unacknowledged": { "count": 0, @@ -34,31 +52,13 @@ } } }, - "durable": true, - "arguments": {}, - "consumers": { - "utilisation": {}, - "count": 0 - }, "name": "NameofQueue1", - "exclusive": false + "state": "running" }, "vhost": "/" }, - "event": { - "dataset": "rabbitmq.queue", - "module": "rabbitmq", - "duration": 5860529 - }, - "metricset": { - "name": "queue", - "period": 10000 - }, "service": { - "type": "rabbitmq", - "address": "localhost:15672" - }, - "ecs": { - "version": "8.5.1" + "address": "localhost:15672", + "type": "rabbitmq" } -} \ No newline at end of file +} diff --git a/packages/rabbitmq/docs/README.md b/packages/rabbitmq/docs/README.md index 58a17d3999ac..c16ff989ba48 100644 --- a/packages/rabbitmq/docs/README.md +++ b/packages/rabbitmq/docs/README.md @@ -26,47 +26,16 @@ It will only support RabbitMQ default i.e RFC 3339 timestamp format. | Field | Description | Type | |---|---|---| | @timestamp | Event timestamp. | date | -| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | -| cloud.availability_zone | Availability zone in which this host is running. | keyword | | cloud.image.id | Image ID for the cloud instance. | keyword | -| cloud.instance.id | Instance ID of the host machine. | keyword | -| cloud.instance.name | Instance name of the host machine. | keyword | -| cloud.machine.type | Machine type of the host machine. | keyword | -| cloud.project.id | Name of the project in Google Cloud. | keyword | -| cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | -| cloud.region | Region in which this host is running. | keyword | -| container.id | Unique container id. | keyword | -| container.image.name | Name of the image the container was built on. | keyword | -| container.labels | Image labels. | object | -| container.name | Container name. | keyword | | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| error.message | Error message. | match_only_text | | event.dataset | Event dataset | constant_keyword | | event.module | Event module | constant_keyword | -| host.architecture | Operating system architecture. | keyword | | host.containerized | If the host is a container. | boolean | -| host.domain | Name of the domain of which the host is a member. For example, on Windows this could be the host's Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host's LDAP provider. | keyword | -| host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | -| host.id | Unique host id. As hostname is not always unique, use values that are meaningful in your environment. Example: The current usage of `beat.name`. | keyword | -| host.ip | Host ip addresses. | ip | -| host.mac | Host mac addresses. | keyword | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | host.os.build | OS build information. | keyword | | host.os.codename | OS codename, if any. | keyword | -| host.os.family | OS family (such as redhat, debian, freebsd, windows). | keyword | -| host.os.kernel | Operating system kernel version as a raw string. | keyword | -| host.os.name | Operating system name, without the version. | keyword | -| host.os.name.text | Multi-field of `host.os.name`. | text | -| host.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | -| host.os.version | Operating system version as a raw string. | keyword | -| host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword | -| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | -| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | match_only_text | | rabbitmq.log.pid | The Erlang process id | keyword | -| tags | List of keywords used to tag each event. | keyword | ## Metrics @@ -78,8 +47,19 @@ An example event for `connection` looks as following: ```json { "@timestamp": "2020-06-25T10:16:10.138Z", + "ecs": { + "version": "8.11.0" + }, + "event": { + "dataset": "rabbitmq.connection", + "duration": 374411, + "module": "rabbitmq" + }, + "metricset": { + "name": "connection", + "period": 10000 + }, "rabbitmq": { - "vhost": "/", "connection": { "channel_max": 65535, "channels": 2, @@ -88,7 +68,7 @@ An example event for `connection` looks as following: }, "frame_max": 131072, "host": "::1", - "name": "[::1]:31153 -\u003e [::1]:5672", + "name": "[::1]:31153 -> [::1]:5672", "octet_count": { "received": 5834, "sent": 5834 @@ -105,25 +85,15 @@ An example event for `connection` looks as following: "port": 5672, "state": "running", "type": "network" - } - }, - "event": { - "duration": 374411, - "dataset": "rabbitmq.connection", - "module": "rabbitmq" - }, - "metricset": { - "name": "connection", - "period": 10000 + }, + "vhost": "/" }, "service": { "address": "localhost:15672", "type": "rabbitmq" - }, - "ecs": { - "version": "8.5.1" } } + ``` **Exported fields** @@ -132,42 +102,22 @@ An example event for `connection` looks as following: |---|---|---|---| | @timestamp | Event timestamp. | date | | | agent.id | | keyword | | -| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | +| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | | cloud.availability_zone | Availability zone in which this host is running. | keyword | | | cloud.image.id | Image ID for the cloud instance. | keyword | | | cloud.instance.id | Instance ID of the host machine. | keyword | | -| cloud.instance.name | Instance name of the host machine. | keyword | | -| cloud.machine.type | Machine type of the host machine. | keyword | | -| cloud.project.id | Name of the project in Google Cloud. | keyword | | | cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | | | cloud.region | Region in which this host is running. | keyword | | | container.id | Unique container id. | keyword | | -| container.image.name | Name of the image the container was built on. | keyword | | -| container.labels | Image labels. | object | | -| container.name | Container name. | keyword | | | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.architecture | Operating system architecture. | keyword | | | host.containerized | If the host is a container. | boolean | | -| host.domain | Name of the domain of which the host is a member. For example, on Windows this could be the host's Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host's LDAP provider. | keyword | | -| host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | | -| host.id | Unique host id. As hostname is not always unique, use values that are meaningful in your environment. Example: The current usage of `beat.name`. | keyword | | -| host.ip | Host ip addresses. | ip | | -| host.mac | Host mac addresses. | keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | | host.os.build | OS build information. | keyword | | | host.os.codename | OS codename, if any. | keyword | | -| host.os.family | OS family (such as redhat, debian, freebsd, windows). | keyword | | -| host.os.kernel | Operating system kernel version as a raw string. | keyword | | -| host.os.name | Operating system name, without the version. | keyword | | -| host.os.name.text | Multi-field of `host.os.name`. | text | | -| host.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | | -| host.os.version | Operating system version as a raw string. | keyword | | -| host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword | | | rabbitmq.connection.channel_max | The maximum number of channels allowed on the connection. | long | counter | | rabbitmq.connection.channels | The number of channels on the connection. | long | gauge | | rabbitmq.connection.client_provided.name | User specified connection name. | keyword | | @@ -186,10 +136,7 @@ An example event for `connection` looks as following: | rabbitmq.connection.type | Type of the connection. | keyword | | | rabbitmq.vhost | Virtual host name with non-ASCII characters escaped as in C. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | | user | The user fields describe information about the user that is relevant to the event. Fields can have one entry or multiple entries. If a user has more than one id, provide an array that includes all of them. | group | | -| user.name | Short name or login of the user. | keyword | | -| user.name.text | Multi-field of `user.name`. | match_only_text | | ### Exchange Metrics @@ -199,36 +146,37 @@ An example event for `exchange` looks as following: ```json { "@timestamp": "2020-06-25T10:04:20.944Z", - "rabbitmq": { - "vhost": "/", - "exchange": { - "arguments": {}, - "durable": true, - "auto_delete": false, - "name": "", - "internal": false - } + "ecs": { + "version": "8.11.0" }, "event": { - "duration": 4078507, "dataset": "rabbitmq.exchange", + "duration": 4078507, "module": "rabbitmq" }, "metricset": { "name": "exchange", "period": 10000 }, - "user": { - "name": "rmq-internal" + "rabbitmq": { + "exchange": { + "arguments": {}, + "auto_delete": false, + "durable": true, + "internal": false, + "name": "" + }, + "vhost": "/" }, "service": { "address": "localhost:15672", "type": "rabbitmq" }, - "ecs": { - "version": "8.5.1" + "user": { + "name": "rmq-internal" } } + ``` **Exported fields** @@ -237,42 +185,22 @@ An example event for `exchange` looks as following: |---|---|---|---| | @timestamp | Event timestamp. | date | | | agent.id | | keyword | | -| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | +| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | | cloud.availability_zone | Availability zone in which this host is running. | keyword | | | cloud.image.id | Image ID for the cloud instance. | keyword | | | cloud.instance.id | Instance ID of the host machine. | keyword | | -| cloud.instance.name | Instance name of the host machine. | keyword | | -| cloud.machine.type | Machine type of the host machine. | keyword | | -| cloud.project.id | Name of the project in Google Cloud. | keyword | | | cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | | | cloud.region | Region in which this host is running. | keyword | | | container.id | Unique container id. | keyword | | -| container.image.name | Name of the image the container was built on. | keyword | | -| container.labels | Image labels. | object | | -| container.name | Container name. | keyword | | | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.architecture | Operating system architecture. | keyword | | | host.containerized | If the host is a container. | boolean | | -| host.domain | Name of the domain of which the host is a member. For example, on Windows this could be the host's Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host's LDAP provider. | keyword | | -| host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | | -| host.id | Unique host id. As hostname is not always unique, use values that are meaningful in your environment. Example: The current usage of `beat.name`. | keyword | | -| host.ip | Host ip addresses. | ip | | -| host.mac | Host mac addresses. | keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | | host.os.build | OS build information. | keyword | | | host.os.codename | OS codename, if any. | keyword | | -| host.os.family | OS family (such as redhat, debian, freebsd, windows). | keyword | | -| host.os.kernel | Operating system kernel version as a raw string. | keyword | | -| host.os.name | Operating system name, without the version. | keyword | | -| host.os.name.text | Multi-field of `host.os.name`. | text | | -| host.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | | -| host.os.version | Operating system version as a raw string. | keyword | | -| host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword | | | rabbitmq.exchange.auto_delete | Whether the queue will be deleted automatically when no longer used. | boolean | | | rabbitmq.exchange.durable | Whether or not the queue survives server restarts. | boolean | | | rabbitmq.exchange.internal | Whether the exchange is internal, i.e. cannot be directly published to by a client. | boolean | | @@ -283,10 +211,7 @@ An example event for `exchange` looks as following: | rabbitmq.exchange.name | The name of the queue with non-ASCII characters escaped as in C. | keyword | | | rabbitmq.vhost | Virtual host name with non-ASCII characters escaped as in C. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | | user | The user fields describe information about the user that is relevant to the event. Fields can have one entry or multiple entries. If a user has more than one id, provide an array that includes all of them. | group | | -| user.name | Short name or login of the user. | keyword | | -| user.name.text | Multi-field of `user.name`. | match_only_text | | ### Node Metrics @@ -440,42 +365,22 @@ An example event for `node` looks as following: |---|---|---|---| | @timestamp | Event timestamp. | date | | | agent.id | | keyword | | -| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | +| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | | cloud.availability_zone | Availability zone in which this host is running. | keyword | | | cloud.image.id | Image ID for the cloud instance. | keyword | | | cloud.instance.id | Instance ID of the host machine. | keyword | | -| cloud.instance.name | Instance name of the host machine. | keyword | | -| cloud.machine.type | Machine type of the host machine. | keyword | | -| cloud.project.id | Name of the project in Google Cloud. | keyword | | | cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | | | cloud.region | Region in which this host is running. | keyword | | | container.id | Unique container id. | keyword | | -| container.image.name | Name of the image the container was built on. | keyword | | -| container.labels | Image labels. | object | | -| container.name | Container name. | keyword | | | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.architecture | Operating system architecture. | keyword | | | host.containerized | If the host is a container. | boolean | | -| host.domain | Name of the domain of which the host is a member. For example, on Windows this could be the host's Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host's LDAP provider. | keyword | | -| host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | | -| host.id | Unique host id. As hostname is not always unique, use values that are meaningful in your environment. Example: The current usage of `beat.name`. | keyword | | -| host.ip | Host ip addresses. | ip | | -| host.mac | Host mac addresses. | keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | | host.os.build | OS build information. | keyword | | | host.os.codename | OS codename, if any. | keyword | | -| host.os.family | OS family (such as redhat, debian, freebsd, windows). | keyword | | -| host.os.kernel | Operating system kernel version as a raw string. | keyword | | -| host.os.name | Operating system name, without the version. | keyword | | -| host.os.name.text | Multi-field of `host.os.name`. | text | | -| host.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | | -| host.os.version | Operating system version as a raw string. | keyword | | -| host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword | | | rabbitmq.node.disk.free.bytes | Disk free space in bytes. | long | gauge | | rabbitmq.node.disk.free.limit.bytes | Point at which the disk alarm will go off. | long | gauge | | rabbitmq.node.fd.total | File descriptors available. | long | gauge | @@ -515,7 +420,6 @@ An example event for `node` looks as following: | rabbitmq.node.uptime | Node uptime. | long | gauge | | rabbitmq.vhost | Virtual host name with non-ASCII characters escaped as in C. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | ### Queue Metrics @@ -525,14 +429,32 @@ An example event for `queue` looks as following: ```json { "@timestamp": "2020-06-25T10:15:10.955Z", + "ecs": { + "version": "8.11.0" + }, + "event": { + "dataset": "rabbitmq.queue", + "duration": 5860529, + "module": "rabbitmq" + }, + "metricset": { + "name": "queue", + "period": 10000 + }, "rabbitmq": { "queue": { + "arguments": {}, "auto_delete": false, - "state": "running", + "consumers": { + "count": 0, + "utilisation": {} + }, "disk": { "reads": {}, "writes": {} }, + "durable": true, + "exclusive": false, "memory": { "bytes": 14000 }, @@ -540,17 +462,17 @@ An example event for `queue` looks as following: "persistent": { "count": 0 }, - "total": { + "ready": { + "count": 0, "details": { "rate": 0 - }, - "count": 0 + } }, - "ready": { + "total": { + "count": 0, "details": { "rate": 0 - }, - "count": 0 + } }, "unacknowledged": { "count": 0, @@ -559,34 +481,17 @@ An example event for `queue` looks as following: } } }, - "durable": true, - "arguments": {}, - "consumers": { - "utilisation": {}, - "count": 0 - }, "name": "NameofQueue1", - "exclusive": false + "state": "running" }, "vhost": "/" }, - "event": { - "dataset": "rabbitmq.queue", - "module": "rabbitmq", - "duration": 5860529 - }, - "metricset": { - "name": "queue", - "period": 10000 - }, "service": { - "type": "rabbitmq", - "address": "localhost:15672" - }, - "ecs": { - "version": "8.5.1" + "address": "localhost:15672", + "type": "rabbitmq" } } + ``` **Exported fields** @@ -595,42 +500,22 @@ An example event for `queue` looks as following: |---|---|---|---| | @timestamp | Event timestamp. | date | | | agent.id | | keyword | | -| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | +| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | | cloud.availability_zone | Availability zone in which this host is running. | keyword | | | cloud.image.id | Image ID for the cloud instance. | keyword | | | cloud.instance.id | Instance ID of the host machine. | keyword | | -| cloud.instance.name | Instance name of the host machine. | keyword | | -| cloud.machine.type | Machine type of the host machine. | keyword | | -| cloud.project.id | Name of the project in Google Cloud. | keyword | | | cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | | | cloud.region | Region in which this host is running. | keyword | | | container.id | Unique container id. | keyword | | -| container.image.name | Name of the image the container was built on. | keyword | | -| container.labels | Image labels. | object | | -| container.name | Container name. | keyword | | | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.architecture | Operating system architecture. | keyword | | | host.containerized | If the host is a container. | boolean | | -| host.domain | Name of the domain of which the host is a member. For example, on Windows this could be the host's Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host's LDAP provider. | keyword | | -| host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword | | -| host.id | Unique host id. As hostname is not always unique, use values that are meaningful in your environment. Example: The current usage of `beat.name`. | keyword | | -| host.ip | Host ip addresses. | ip | | -| host.mac | Host mac addresses. | keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | | host.os.build | OS build information. | keyword | | | host.os.codename | OS codename, if any. | keyword | | -| host.os.family | OS family (such as redhat, debian, freebsd, windows). | keyword | | -| host.os.kernel | Operating system kernel version as a raw string. | keyword | | -| host.os.name | Operating system name, without the version. | keyword | | -| host.os.name.text | Multi-field of `host.os.name`. | text | | -| host.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | | -| host.os.version | Operating system version as a raw string. | keyword | | -| host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword | | | rabbitmq.queue.arguments.max_priority | Maximum number of priority levels for the queue to support. | long | gauge | | rabbitmq.queue.auto_delete | Whether the queue will be deleted automatically when no longer used. | boolean | | | rabbitmq.queue.consumers.count | Number of consumers. | long | gauge | @@ -651,4 +536,3 @@ An example event for `queue` looks as following: | rabbitmq.queue.state | The state of the queue. Normally 'running', but may be `"\{syncing, MsgCount\}"` if the queue is synchronising. Queues which are located on cluster nodes that are currently down will be shown with a status of 'down'. | keyword | | | rabbitmq.vhost | Virtual host name with non-ASCII characters escaped as in C. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | diff --git a/packages/rabbitmq/manifest.yml b/packages/rabbitmq/manifest.yml index cdce65aa8598..b5e5f3d6af4b 100644 --- a/packages/rabbitmq/manifest.yml +++ b/packages/rabbitmq/manifest.yml @@ -9,7 +9,7 @@ categories: - observability conditions: kibana: - version: "^8.12.0" + version: "^8.13.0" elastic: subscription: basic screenshots: From 5d6e52cb17a9bb976bf35cdbb8e828ec72494a16 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Mon, 17 Jun 2024 17:50:24 +0530 Subject: [PATCH 05/21] [nats] - change to ECS version git@v8.11.0 --- packages/nats/_dev/build/build.yml | 2 +- .../data_stream/connection/fields/ecs.yml | 4 - .../nats/data_stream/connection/manifest.yml | 2 +- .../data_stream/connection/sample_event.json | 2 +- .../data_stream/connections/fields/ecs.yml | 6 +- .../nats/data_stream/connections/manifest.yml | 2 +- .../data_stream/connections/sample_event.json | 2 +- .../test-log-sample.log-expected.json | 898 +++++++++--------- .../elasticsearch/ingest_pipeline/default.yml | 2 +- .../data_stream/log/fields/base-fields.yml | 5 - packages/nats/data_stream/log/fields/ecs.yml | 26 - .../nats/data_stream/log/sample_event.json | 126 +-- .../nats/data_stream/route/fields/ecs.yml | 6 +- packages/nats/data_stream/route/manifest.yml | 2 +- .../nats/data_stream/route/sample_event.json | 2 +- .../nats/data_stream/routes/fields/ecs.yml | 6 +- packages/nats/data_stream/routes/manifest.yml | 2 +- .../nats/data_stream/routes/sample_event.json | 2 +- .../nats/data_stream/stats/fields/ecs.yml | 6 +- packages/nats/data_stream/stats/manifest.yml | 2 +- .../nats/data_stream/stats/sample_event.json | 2 +- .../data_stream/subscriptions/fields/ecs.yml | 6 +- .../data_stream/subscriptions/manifest.yml | 2 +- .../subscriptions/sample_event.json | 2 +- packages/nats/docs/README.md | 176 ++-- packages/nats/manifest.yml | 3 +- 26 files changed, 608 insertions(+), 688 deletions(-) delete mode 100644 packages/nats/data_stream/log/fields/ecs.yml diff --git a/packages/nats/_dev/build/build.yml b/packages/nats/_dev/build/build.yml index 47cbed9fed86..2bfcfc223b04 100644 --- a/packages/nats/_dev/build/build.yml +++ b/packages/nats/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.0.0 + reference: "git@v8.11.0" diff --git a/packages/nats/data_stream/connection/fields/ecs.yml b/packages/nats/data_stream/connection/fields/ecs.yml index ee085159b8c3..37cf21eb8269 100644 --- a/packages/nats/data_stream/connection/fields/ecs.yml +++ b/packages/nats/data_stream/connection/fields/ecs.yml @@ -1,10 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true diff --git a/packages/nats/data_stream/connection/manifest.yml b/packages/nats/data_stream/connection/manifest.yml index 7576e4498a30..456054bdd2ec 100644 --- a/packages/nats/data_stream/connection/manifest.yml +++ b/packages/nats/data_stream/connection/manifest.yml @@ -14,4 +14,4 @@ streams: enabled: false description: Collect metrics for all NATS connections elasticsearch: - index_mode: "time_series" \ No newline at end of file + index_mode: "time_series" diff --git a/packages/nats/data_stream/connection/sample_event.json b/packages/nats/data_stream/connection/sample_event.json index 256d10b2c767..7c890ac14640 100644 --- a/packages/nats/data_stream/connection/sample_event.json +++ b/packages/nats/data_stream/connection/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", diff --git a/packages/nats/data_stream/connections/fields/ecs.yml b/packages/nats/data_stream/connections/fields/ecs.yml index d3c8fbe2618e..37cf21eb8269 100644 --- a/packages/nats/data_stream/connections/fields/ecs.yml +++ b/packages/nats/data_stream/connections/fields/ecs.yml @@ -1,10 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true @@ -28,4 +24,4 @@ dimension: true - external: ecs name: host.name - dimension: true \ No newline at end of file + dimension: true diff --git a/packages/nats/data_stream/connections/manifest.yml b/packages/nats/data_stream/connections/manifest.yml index 8c1dd270cd8f..37a98d97c4c9 100644 --- a/packages/nats/data_stream/connections/manifest.yml +++ b/packages/nats/data_stream/connections/manifest.yml @@ -13,4 +13,4 @@ streams: title: NATS connections generic metrics description: Collect NATS generic connections metrics elasticsearch: - index_mode: "time_series" \ No newline at end of file + index_mode: "time_series" diff --git a/packages/nats/data_stream/connections/sample_event.json b/packages/nats/data_stream/connections/sample_event.json index 046bf8da2432..9a6bc082473b 100644 --- a/packages/nats/data_stream/connections/sample_event.json +++ b/packages/nats/data_stream/connections/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", diff --git a/packages/nats/data_stream/log/_dev/test/pipeline/test-log-sample.log-expected.json b/packages/nats/data_stream/log/_dev/test/pipeline/test-log-sample.log-expected.json index 4d2eb5ff17ac..f8e2563c2ef0 100644 --- a/packages/nats/data_stream/log/_dev/test/pipeline/test-log-sample.log-expected.json +++ b/packages/nats/data_stream/log/_dev/test/pipeline/test-log-sample.log-expected.json @@ -1,36 +1,23 @@ { "expected": [ { - "nats": { - "log": { - "msg": {} - } - }, - "process": { - "pid": 1 - }, "@timestamp": "2019-02-06T07:19:40.624Z", "ecs": { - "version": "8.0.0" - }, - "log": { - "level": "info" + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677249628Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064945369Z", + "kind": "event", "original": "[1] 2019/02/06 07:19:40.624334 [INF] Starting nats-server version 1.3.0", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "info" }, "message": "Starting nats-server version 1.3.0", - "tags": [ - "preserve_original_event" - ] - }, - { "nats": { "log": { "msg": {} @@ -39,28 +26,28 @@ "process": { "pid": 1 }, + "tags": [ + "preserve_original_event" + ] + }, + { "@timestamp": "2019-02-06T07:19:40.624Z", "ecs": { - "version": "8.0.0" - }, - "log": { - "level": "info" + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677258175Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064955666Z", + "kind": "event", "original": "[1] 2019/02/06 07:19:40.624547 [INF] Git commit [eed4fbc]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "info" }, "message": "Git commit [eed4fbc]", - "tags": [ - "preserve_original_event" - ] - }, - { "nats": { "log": { "msg": {} @@ -69,28 +56,28 @@ "process": { "pid": 1 }, + "tags": [ + "preserve_original_event" + ] + }, + { "@timestamp": "2019-02-06T07:19:40.624Z", "ecs": { - "version": "8.0.0" - }, - "log": { - "level": "info" + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677259946Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064957158Z", + "kind": "event", "original": "[1] 2019/02/06 07:19:40.624674 [INF] Listening for client connections on 0.0.0.0:4222", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "info" }, "message": "Listening for client connections on 0.0.0.0:4222", - "tags": [ - "preserve_original_event" - ] - }, - { "nats": { "log": { "msg": {} @@ -99,732 +86,745 @@ "process": { "pid": 1 }, + "tags": [ + "preserve_original_event" + ] + }, + { "@timestamp": "2019-02-06T07:19:40.624Z", "ecs": { - "version": "8.0.0" - }, - "log": { - "level": "info" + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677261399Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064958521Z", + "kind": "event", "original": "[1] 2019/02/06 07:19:40.624690 [INF] Server is ready", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "info" }, "message": "Server is ready", - "tags": [ - "preserve_original_event" - ] - }, - { "nats": { "log": { - "msg": {}, - "client": { - "id": "1" - } + "msg": {} } }, "process": { "pid": 1 }, + "tags": [ + "preserve_original_event" + ] + }, + { "@timestamp": "2019-02-06T07:20:08.508Z", - "ecs": { - "version": "8.0.0" - }, - "related": { - "ip": [ - "172.18.0.1" - ] - }, - "log": { - "level": "debug" - }, "client": { - "port": 38630, - "ip": "172.18.0.1" + "ip": "172.18.0.1", + "port": 38630 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677262707Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064959591Z", + "kind": "event", "original": "[1] 2019/02/06 07:20:08.508891 [DBG] 172.18.0.1:38630 - cid:1 - Client connection created", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "debug" }, "message": "Client connection created", - "tags": [ - "preserve_original_event" - ] - }, - { "nats": { "log": { - "msg": { - "type": "connection" - }, "client": { "id": "1" - } + }, + "msg": {} } }, "process": { "pid": 1 }, - "log": { - "level": "trace" - }, - "message": "{\"verbose\":false,\"pedantic\":false,\"tls_required\":false,\"name\":\"NATS Benchmark\",\"lang\":\"go\",\"version\":\"1.7.0\",\"protocol\":1,\"echo\":true}", - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "outbound" - }, - "@timestamp": "2019-02-06T07:20:08.510Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "172.18.0.1" ] }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-06T07:20:08.510Z", "client": { - "port": 38630, - "ip": "172.18.0.1" + "ip": "172.18.0.1", + "port": 38630 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677264020Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064960672Z", + "kind": "event", "original": "[1] 2019/02/06 07:20:08.510296 [TRC] 172.18.0.1:38630 - cid:1 - -\u003e\u003e [CONNECT {\"verbose\":false,\"pedantic\":false,\"tls_required\":false,\"name\":\"NATS Benchmark\",\"lang\":\"go\",\"version\":\"1.7.0\",\"protocol\":1,\"echo\":true}]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" - } - }, - { + ] + }, + "log": { + "level": "trace" + }, + "message": "{\"verbose\":false,\"pedantic\":false,\"tls_required\":false,\"name\":\"NATS Benchmark\",\"lang\":\"go\",\"version\":\"1.7.0\",\"protocol\":1,\"echo\":true}", "nats": { "log": { - "msg": { - "type": "subscribe", - "subject": "foo", - "sid": "1" - }, "client": { "id": "1" + }, + "msg": { + "type": "connection" } } }, + "network": { + "direction": "outbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-06T07:20:08.512Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "172.18.0.1" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-06T07:20:08.512Z", "client": { - "port": 38630, - "ip": "172.18.0.1" + "ip": "172.18.0.1", + "port": 38630 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677265346Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064961756Z", + "kind": "event", "original": "[1] 2019/02/06 07:20:08.512052 [TRC] 172.18.0.1:38630 - cid:1 - -\u003e\u003e [SUB foo 1]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "outbound" - } - }, - { "nats": { "log": { - "msg": { - "type": "ping" - }, "client": { "id": "1" + }, + "msg": { + "sid": "1", + "subject": "foo", + "type": "subscribe" } } }, + "network": { + "direction": "outbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-06T07:20:08.512Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "172.18.0.1" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-06T07:20:08.512Z", "client": { - "port": 38630, - "ip": "172.18.0.1" + "ip": "172.18.0.1", + "port": 38630 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677266644Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064962833Z", + "kind": "event", "original": "[1] 2019/02/06 07:20:08.512128 [TRC] 172.18.0.1:38630 - cid:1 - -\u003e\u003e [PING]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "outbound" - } - }, - { "nats": { "log": { - "msg": { - "type": "pong" - }, "client": { "id": "1" + }, + "msg": { + "type": "ping" } } }, + "network": { + "direction": "outbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-06T07:20:08.512Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "172.18.0.1" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-06T07:20:08.512Z", "client": { - "port": 38630, - "ip": "172.18.0.1" + "ip": "172.18.0.1", + "port": 38630 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677267936Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064963920Z", + "kind": "event", "original": "[1] 2019/02/06 07:20:08.512153 [TRC] 172.18.0.1:38630 - cid:1 - \u003c\u003c- [PONG]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "inbound" - } - }, - { "nats": { "log": { - "msg": { - "reply_to": "_INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn", - "type": "publish", - "subject": "aiuser.platinum1.pingpeer", - "bytes": 20 - }, "client": { - "id": "3" + "id": "1" + }, + "msg": { + "type": "pong" } } }, + "network": { + "direction": "inbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-04T15:40:02.717Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ - "67.43.156.14" + "172.18.0.1" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-04T15:40:02.717Z", "client": { - "port": 62388, - "ip": "67.43.156.14" + "ip": "67.43.156.14", + "port": 62388 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677269258Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064965510Z", + "kind": "event", "original": "[1] 2019/02/04 15:40:02.717819 [TRC] 67.43.156.14:62388 - cid:3 - -\u003e\u003e [PUB aiuser.platinum1.pingpeer _INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn 20]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "outbound" - } - }, - { "nats": { "log": { - "msg": { - "type": "payload" - }, "client": { "id": "3" + }, + "msg": { + "bytes": 20, + "reply_to": "_INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn", + "subject": "aiuser.platinum1.pingpeer", + "type": "publish" } } }, + "network": { + "direction": "outbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-04T15:40:02.717Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "67.43.156.14" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-04T15:40:02.717Z", "client": { - "port": 62388, - "ip": "67.43.156.14" + "ip": "67.43.156.14", + "port": 62388 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677270638Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064966633Z", + "kind": "event", "original": "[1] 2019/02/04 15:40:02.717825 [TRC] 67.43.156.14:62388 - cid:3 - -\u003e\u003e MSG_PAYLOAD: [peer, are you alive?]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "outbound" - } - }, - { "nats": { "log": { - "msg": { - "type": "payload" - }, "client": { "id": "3" + }, + "msg": { + "type": "payload" } } }, + "network": { + "direction": "outbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-04T15:40:02.717Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "67.43.156.14" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-04T15:40:02.717Z", "client": { - "port": 62388, - "ip": "67.43.156.14" + "ip": "67.43.156.14", + "port": 62388 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677272093Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064967856Z", + "kind": "event", "original": "[1] 2019/02/04 15:40:02.717825 [TRC] 67.43.156.14:62388 - cid:3 - \u003c\u003c- MSG_PAYLOAD: [\\\"\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\\x00\\\"]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "inbound" - } - }, - { "nats": { "log": { - "msg": { - "reply_to": "_INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn", - "type": "message", - "subject": "aiuser.platinum1.pingpeer", - "bytes": 20, - "sid": "1" - }, "client": { - "id": "4" + "id": "3" + }, + "msg": { + "type": "payload" } } }, + "network": { + "direction": "inbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-04T15:40:02.717Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ - "192.168.176.11" + "67.43.156.14" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-04T15:40:02.717Z", "client": { - "port": 36262, - "ip": "192.168.176.11" + "ip": "192.168.176.11", + "port": 36262 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677273420Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064968950Z", + "kind": "event", "original": "[1] 2019/02/04 15:40:02.717832 [TRC] 192.168.176.11:36262 - cid:4 - \u003c\u003c- [MSG aiuser.platinum1.pingpeer 1 _INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn 20]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "inbound" - } - }, - { "nats": { "log": { - "msg": { - "type": "publish", - "subject": "_INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn", - "bytes": 17 - }, "client": { "id": "4" + }, + "msg": { + "bytes": 20, + "reply_to": "_INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn", + "sid": "1", + "subject": "aiuser.platinum1.pingpeer", + "type": "message" } } }, + "network": { + "direction": "inbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-04T15:40:02.718Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "192.168.176.11" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-04T15:40:02.718Z", "client": { - "port": 36262, - "ip": "192.168.176.11" + "ip": "192.168.176.11", + "port": 36262 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677274697Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064970025Z", + "kind": "event", "original": "[1] 2019/02/04 15:40:02.718007 [TRC] 192.168.176.11:36262 - cid:4 - -\u003e\u003e [PUB _INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn 17]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "outbound" - } - }, - { "nats": { "log": { - "msg": { - "type": "payload" - }, "client": { "id": "4" + }, + "msg": { + "bytes": 17, + "subject": "_INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn", + "type": "publish" } } }, + "network": { + "direction": "outbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-04T15:40:02.718Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "192.168.176.11" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-04T15:40:02.718Z", "client": { - "port": 36262, - "ip": "192.168.176.11" + "ip": "192.168.176.11", + "port": 36262 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677276020Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064971122Z", + "kind": "event", "original": "[1] 2019/02/04 15:40:02.718023 [TRC] 192.168.176.11:36262 - cid:4 - -\u003e\u003e MSG_PAYLOAD: [I am fine, agent!]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "outbound" - } - }, - { "nats": { "log": { - "msg": { - "type": "message", - "subject": "_INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn", - "bytes": 17, - "sid": "11" - }, "client": { - "id": "3" + "id": "4" + }, + "msg": { + "type": "payload" } } }, + "network": { + "direction": "outbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-04T15:40:02.718Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ - "67.43.156.14" + "192.168.176.11" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-04T15:40:02.718Z", "client": { - "port": 62388, - "ip": "67.43.156.14" + "ip": "67.43.156.14", + "port": 62388 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677277316Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064972447Z", + "kind": "event", "original": "[1] 2019/02/04 15:40:02.718044 [TRC] 67.43.156.14:62388 - cid:3 - \u003c\u003c- [MSG _INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn 11 17]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "inbound" - } - }, - { "nats": { "log": { - "msg": { - "type": "publish", - "subject": "aiuser.platinum1.appstats", - "bytes": 1583 - }, "client": { "id": "3" + }, + "msg": { + "bytes": 17, + "sid": "11", + "subject": "_INBOX.e3hAUbP4r5wbjw3Hudw42r.udigGiHn", + "type": "message" } } }, + "network": { + "direction": "inbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-04T15:40:02.717Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ "67.43.156.14" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-04T15:40:02.717Z", "client": { - "port": 62388, - "ip": "67.43.156.14" + "ip": "67.43.156.14", + "port": 62388 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677278699Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064973874Z", + "kind": "event", "original": "[1] 2019/02/04 15:40:02.717600 [TRC] 67.43.156.14:62388 - cid:3 - -\u003e\u003e [PUB aiuser.platinum1.appstats 1583]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "outbound" - } - }, - { "nats": { "log": { + "client": { + "id": "3" + }, "msg": { - "type": "message", - "subject": "aiuser.platinum1.appstats", "bytes": 1583, - "sid": "6" - }, - "client": { - "id": "4" + "subject": "aiuser.platinum1.appstats", + "type": "publish" } } }, + "network": { + "direction": "outbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-04T15:40:02.717Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ - "192.168.176.11" + "67.43.156.14" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-04T15:40:02.717Z", "client": { - "port": 36262, - "ip": "192.168.176.11" + "ip": "192.168.176.11", + "port": 36262 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677279994Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064974970Z", + "kind": "event", "original": "[1] 2019/02/04 15:40:02.717811 [TRC] 192.168.176.11:36262 - cid:4 - \u003c\u003c- [MSG aiuser.platinum1.appstats 6 1583]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" }, - "tags": [ - "preserve_original_event" - ], - "network": { - "direction": "inbound" - } - }, - { "nats": { "log": { - "msg": { - "type": "acknowledge" - }, "client": { - "id": "1" + "id": "4" + }, + "msg": { + "bytes": 1583, + "sid": "6", + "subject": "aiuser.platinum1.appstats", + "type": "message" } } }, + "network": { + "direction": "inbound" + }, "process": { "pid": 1 }, - "@timestamp": "2019-02-16T07:20:08.512Z", - "ecs": { - "version": "8.0.0" - }, "related": { "ip": [ - "172.18.0.1" + "192.168.176.11" ] }, - "log": { - "level": "trace" - }, + "tags": [ + "preserve_original_event" + ] + }, + { + "@timestamp": "2019-02-16T07:20:08.512Z", "client": { - "port": 38630, - "ip": "172.18.0.1" + "ip": "172.18.0.1", + "port": 38630 + }, + "ecs": { + "version": "8.11.0" }, "event": { - "ingested": "2022-01-12T02:38:49.677281270Z", + "created": "2020-04-28T11:07:58.223Z", + "ingested": "2024-06-17T12:17:56.064976055Z", + "kind": "event", "original": "[1] 2019/02/16 07:20:08.512153 [TRC] 172.18.0.1:38630 - cid:1 - \u003c\u003c- [OK]", "type": [ "info" - ], - "created": "2020-04-28T11:07:58.223Z", - "kind": "event" + ] + }, + "log": { + "level": "trace" + }, + "nats": { + "log": { + "client": { + "id": "1" + }, + "msg": { + "type": "acknowledge" + } + } }, - "tags": [ - "preserve_original_event" - ], "network": { "direction": "inbound" - } + }, + "process": { + "pid": 1 + }, + "related": { + "ip": [ + "172.18.0.1" + ] + }, + "tags": [ + "preserve_original_event" + ] } ] } \ No newline at end of file diff --git a/packages/nats/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/nats/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 61f50ea173d7..3e1a42e6f19e 100644 --- a/packages/nats/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/nats/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -6,7 +6,7 @@ processors: value: '{{_ingest.timestamp}}' - set: field: ecs.version - value: '8.0.0' + value: '8.11.0' - rename: field: message target_field: event.original diff --git a/packages/nats/data_stream/log/fields/base-fields.yml b/packages/nats/data_stream/log/fields/base-fields.yml index b60b0c5191ff..ec40410ed9bc 100644 --- a/packages/nats/data_stream/log/fields/base-fields.yml +++ b/packages/nats/data_stream/log/fields/base-fields.yml @@ -13,11 +13,6 @@ - name: input.type description: Type of Filebeat input. type: keyword -- name: log.file.path - description: Full path to the log file this event came from. - example: /var/log/fun-times.log - ignore_above: 1024 - type: keyword - name: log.offset type: long description: Offset of the entry in the log file. diff --git a/packages/nats/data_stream/log/fields/ecs.yml b/packages/nats/data_stream/log/fields/ecs.yml deleted file mode 100644 index 5bdf95442339..000000000000 --- a/packages/nats/data_stream/log/fields/ecs.yml +++ /dev/null @@ -1,26 +0,0 @@ -- external: ecs - name: client.ip -- external: ecs - name: client.port -- external: ecs - name: ecs.version -- external: ecs - name: error.message -- external: ecs - name: event.created -- external: ecs - name: event.kind -- external: ecs - name: event.type -- external: ecs - name: log.level -- external: ecs - name: message -- external: ecs - name: network.direction -- external: ecs - name: process.pid -- external: ecs - name: related.ip -- external: ecs - name: tags diff --git a/packages/nats/data_stream/log/sample_event.json b/packages/nats/data_stream/log/sample_event.json index 194839a89e8e..e01620321864 100644 --- a/packages/nats/data_stream/log/sample_event.json +++ b/packages/nats/data_stream/log/sample_event.json @@ -1,89 +1,89 @@ { - "nats": { - "log": { - "msg": { - "type": "payload" - }, - "client": { - "id": "86" - } - } - }, + "@timestamp": "2020-11-25T11:50:17.759Z", "agent": { + "ephemeral_id": "4f1426bb-db10-4b5d-9e1c-ba6da401dc34", "hostname": "5706c620a165", - "name": "5706c620a165", "id": "25c804ef-d8c8-4a2e-9228-64213daef566", + "name": "5706c620a165", "type": "filebeat", - "ephemeral_id": "4f1426bb-db10-4b5d-9e1c-ba6da401dc34", "version": "7.11.0" }, - "process": { - "pid": 6 + "client": { + "ip": "192.168.192.3", + "port": 53482 }, - "log": { - "file": { - "path": "/var/log/nats/nats.log" - }, - "offset": 36865655, - "level": "trace" + "data_stream": { + "dataset": "nats.log", + "namespace": "default", + "type": "logs" + }, + "ecs": { + "version": "8.11.0" }, "elastic_agent": { "id": "5a7b52c1-66ae-47ce-ad18-70dadf1bedfa", - "version": "7.11.0", - "snapshot": true - }, - "network": { - "direction": "inbound" - }, - "input": { - "type": "log" - }, - "@timestamp": "2020-11-25T11:50:17.759Z", - "ecs": { - "version": "1.6.0" + "snapshot": true, + "version": "7.11.0" }, - "related": { - "ip": [ - "192.168.192.3" + "event": { + "created": "2020-11-25T11:53:04.192Z", + "dataset": "nats.log", + "ingested": "2020-11-25T11:53:10.021181400Z", + "kind": "event", + "type": [ + "info" ] }, - "data_stream": { - "namespace": "default", - "type": "logs", - "dataset": "nats.log" - }, "host": { - "hostname": "5706c620a165", - "os": { - "kernel": "4.9.184-linuxkit", - "codename": "Core", - "name": "CentOS Linux", - "family": "redhat", - "version": "7 (Core)", - "platform": "centos" - }, + "architecture": "x86_64", "containerized": true, + "hostname": "5706c620a165", + "id": "06c26569966fd125c15acac5d7feffb6", "ip": [ "192.168.192.8" ], - "name": "5706c620a165", - "id": "06c26569966fd125c15acac5d7feffb6", "mac": [ "02:42:c0:a8:c0:08" ], - "architecture": "x86_64" + "name": "5706c620a165", + "os": { + "codename": "Core", + "family": "redhat", + "kernel": "4.9.184-linuxkit", + "name": "CentOS Linux", + "platform": "centos", + "version": "7 (Core)" + } }, - "client": { - "port": 53482, - "ip": "192.168.192.3" + "input": { + "type": "log" }, - "event": { - "ingested": "2020-11-25T11:53:10.021181400Z", - "created": "2020-11-25T11:53:04.192Z", - "kind": "event", - "type": [ - "info" - ], - "dataset": "nats.log" + "log": { + "file": { + "path": "/var/log/nats/nats.log" + }, + "level": "trace", + "offset": 36865655 + }, + "nats": { + "log": { + "client": { + "id": "86" + }, + "msg": { + "type": "payload" + } + } + }, + "network": { + "direction": "inbound" + }, + "process": { + "pid": 6 + }, + "related": { + "ip": [ + "192.168.192.3" + ] } } \ No newline at end of file diff --git a/packages/nats/data_stream/route/fields/ecs.yml b/packages/nats/data_stream/route/fields/ecs.yml index d3c8fbe2618e..37cf21eb8269 100644 --- a/packages/nats/data_stream/route/fields/ecs.yml +++ b/packages/nats/data_stream/route/fields/ecs.yml @@ -1,10 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true @@ -28,4 +24,4 @@ dimension: true - external: ecs name: host.name - dimension: true \ No newline at end of file + dimension: true diff --git a/packages/nats/data_stream/route/manifest.yml b/packages/nats/data_stream/route/manifest.yml index 13269e4e0209..e45faf790fd2 100644 --- a/packages/nats/data_stream/route/manifest.yml +++ b/packages/nats/data_stream/route/manifest.yml @@ -14,4 +14,4 @@ streams: enabled: false description: Collect metrics for all NATS routes elasticsearch: - index_mode: "time_series" \ No newline at end of file + index_mode: "time_series" diff --git a/packages/nats/data_stream/route/sample_event.json b/packages/nats/data_stream/route/sample_event.json index 5327ad9c68d0..ecd98b571d01 100644 --- a/packages/nats/data_stream/route/sample_event.json +++ b/packages/nats/data_stream/route/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", diff --git a/packages/nats/data_stream/routes/fields/ecs.yml b/packages/nats/data_stream/routes/fields/ecs.yml index d3c8fbe2618e..37cf21eb8269 100644 --- a/packages/nats/data_stream/routes/fields/ecs.yml +++ b/packages/nats/data_stream/routes/fields/ecs.yml @@ -1,10 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true @@ -28,4 +24,4 @@ dimension: true - external: ecs name: host.name - dimension: true \ No newline at end of file + dimension: true diff --git a/packages/nats/data_stream/routes/manifest.yml b/packages/nats/data_stream/routes/manifest.yml index b86d4a66c933..26e77c256d8b 100644 --- a/packages/nats/data_stream/routes/manifest.yml +++ b/packages/nats/data_stream/routes/manifest.yml @@ -13,4 +13,4 @@ streams: title: NATS routes generic metrics description: Collect NATS generic routes metrics elasticsearch: - index_mode: "time_series" \ No newline at end of file + index_mode: "time_series" diff --git a/packages/nats/data_stream/routes/sample_event.json b/packages/nats/data_stream/routes/sample_event.json index c9d44e7397ed..1c6f1bc4ff40 100644 --- a/packages/nats/data_stream/routes/sample_event.json +++ b/packages/nats/data_stream/routes/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", diff --git a/packages/nats/data_stream/stats/fields/ecs.yml b/packages/nats/data_stream/stats/fields/ecs.yml index d3c8fbe2618e..37cf21eb8269 100644 --- a/packages/nats/data_stream/stats/fields/ecs.yml +++ b/packages/nats/data_stream/stats/fields/ecs.yml @@ -1,10 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true @@ -28,4 +24,4 @@ dimension: true - external: ecs name: host.name - dimension: true \ No newline at end of file + dimension: true diff --git a/packages/nats/data_stream/stats/manifest.yml b/packages/nats/data_stream/stats/manifest.yml index 1d9d76c1759b..436e558027e8 100644 --- a/packages/nats/data_stream/stats/manifest.yml +++ b/packages/nats/data_stream/stats/manifest.yml @@ -13,4 +13,4 @@ streams: title: NATS stats description: Collect NATS stats elasticsearch: - index_mode: "time_series" \ No newline at end of file + index_mode: "time_series" diff --git a/packages/nats/data_stream/stats/sample_event.json b/packages/nats/data_stream/stats/sample_event.json index 9a0068f73197..c6431b3d88fc 100644 --- a/packages/nats/data_stream/stats/sample_event.json +++ b/packages/nats/data_stream/stats/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", diff --git a/packages/nats/data_stream/subscriptions/fields/ecs.yml b/packages/nats/data_stream/subscriptions/fields/ecs.yml index d3c8fbe2618e..37cf21eb8269 100644 --- a/packages/nats/data_stream/subscriptions/fields/ecs.yml +++ b/packages/nats/data_stream/subscriptions/fields/ecs.yml @@ -1,10 +1,6 @@ -- external: ecs - name: ecs.version - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: agent.id dimension: true @@ -28,4 +24,4 @@ dimension: true - external: ecs name: host.name - dimension: true \ No newline at end of file + dimension: true diff --git a/packages/nats/data_stream/subscriptions/manifest.yml b/packages/nats/data_stream/subscriptions/manifest.yml index bfa52ccd008b..f02106dbe692 100644 --- a/packages/nats/data_stream/subscriptions/manifest.yml +++ b/packages/nats/data_stream/subscriptions/manifest.yml @@ -13,4 +13,4 @@ streams: title: NATS subscriptions metrics description: Collect NATS subscriptions metrics elasticsearch: - index_mode: "time_series" \ No newline at end of file + index_mode: "time_series" diff --git a/packages/nats/data_stream/subscriptions/sample_event.json b/packages/nats/data_stream/subscriptions/sample_event.json index 6fa8517e2dab..7aea9274d9df 100644 --- a/packages/nats/data_stream/subscriptions/sample_event.json +++ b/packages/nats/data_stream/subscriptions/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", diff --git a/packages/nats/docs/README.md b/packages/nats/docs/README.md index 4ef8f8701233..fcab8ba9351c 100644 --- a/packages/nats/docs/README.md +++ b/packages/nats/docs/README.md @@ -18,92 +18,92 @@ An example event for `log` looks as following: ```json { - "nats": { - "log": { - "msg": { - "type": "payload" - }, - "client": { - "id": "86" - } - } - }, + "@timestamp": "2020-11-25T11:50:17.759Z", "agent": { + "ephemeral_id": "4f1426bb-db10-4b5d-9e1c-ba6da401dc34", "hostname": "5706c620a165", - "name": "5706c620a165", "id": "25c804ef-d8c8-4a2e-9228-64213daef566", + "name": "5706c620a165", "type": "filebeat", - "ephemeral_id": "4f1426bb-db10-4b5d-9e1c-ba6da401dc34", "version": "7.11.0" }, - "process": { - "pid": 6 + "client": { + "ip": "192.168.192.3", + "port": 53482 }, - "log": { - "file": { - "path": "/var/log/nats/nats.log" - }, - "offset": 36865655, - "level": "trace" + "data_stream": { + "dataset": "nats.log", + "namespace": "default", + "type": "logs" + }, + "ecs": { + "version": "8.11.0" }, "elastic_agent": { "id": "5a7b52c1-66ae-47ce-ad18-70dadf1bedfa", - "version": "7.11.0", - "snapshot": true - }, - "network": { - "direction": "inbound" - }, - "input": { - "type": "log" - }, - "@timestamp": "2020-11-25T11:50:17.759Z", - "ecs": { - "version": "1.6.0" + "snapshot": true, + "version": "7.11.0" }, - "related": { - "ip": [ - "192.168.192.3" + "event": { + "created": "2020-11-25T11:53:04.192Z", + "dataset": "nats.log", + "ingested": "2020-11-25T11:53:10.021181400Z", + "kind": "event", + "type": [ + "info" ] }, - "data_stream": { - "namespace": "default", - "type": "logs", - "dataset": "nats.log" - }, "host": { - "hostname": "5706c620a165", - "os": { - "kernel": "4.9.184-linuxkit", - "codename": "Core", - "name": "CentOS Linux", - "family": "redhat", - "version": "7 (Core)", - "platform": "centos" - }, + "architecture": "x86_64", "containerized": true, + "hostname": "5706c620a165", + "id": "06c26569966fd125c15acac5d7feffb6", "ip": [ "192.168.192.8" ], - "name": "5706c620a165", - "id": "06c26569966fd125c15acac5d7feffb6", "mac": [ "02:42:c0:a8:c0:08" ], - "architecture": "x86_64" + "name": "5706c620a165", + "os": { + "codename": "Core", + "family": "redhat", + "kernel": "4.9.184-linuxkit", + "name": "CentOS Linux", + "platform": "centos", + "version": "7 (Core)" + } }, - "client": { - "port": 53482, - "ip": "192.168.192.3" + "input": { + "type": "log" }, - "event": { - "ingested": "2020-11-25T11:53:10.021181400Z", - "created": "2020-11-25T11:53:04.192Z", - "kind": "event", - "type": [ - "info" - ], - "dataset": "nats.log" + "log": { + "file": { + "path": "/var/log/nats/nats.log" + }, + "level": "trace", + "offset": 36865655 + }, + "nats": { + "log": { + "client": { + "id": "86" + }, + "msg": { + "type": "payload" + } + } + }, + "network": { + "direction": "inbound" + }, + "process": { + "pid": 6 + }, + "related": { + "ip": [ + "192.168.192.3" + ] } } ``` @@ -113,23 +113,13 @@ An example event for `log` looks as following: | Field | Description | Type | |---|---|---| | @timestamp | Event timestamp. | date | -| client.ip | IP address of the client (IPv4 or IPv6). | ip | -| client.port | Port of the client. | long | | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| error.message | Error message. | match_only_text | -| event.created | event.created contains the date/time when the event was first read by an agent, or by your pipeline. This field is distinct from @timestamp in that @timestamp typically contain the time extracted from the original event. In most situations, these two timestamps will be slightly different. The difference can be used to calculate the delay between your source generating an event, and the time when your agent first processed it. This can be used to monitor your agent's or pipeline's ability to keep up with your event source. In case the two timestamps are identical, @timestamp should be used. | date | | event.dataset | Event dataset | constant_keyword | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | | event.module | Event module | constant_keyword | -| event.type | This is one of four ECS Categorization Fields, and indicates the third level in the ECS category hierarchy. `event.type` represents a categorization "sub-bucket" that, when used along with the `event.category` field values, enables filtering events down to a level appropriate for single visualization. This field is an array. This will allow proper categorization of some events that fall in multiple event types. | keyword | | input.type | Type of Filebeat input. | keyword | -| log.file.path | Full path to the log file this event came from. | keyword | -| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | | log.offset | Offset of the entry in the log file. | long | -| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | match_only_text | | nats.log.client.id | The id of the client | integer | | nats.log.msg.bytes | Size of the payload in bytes | long | | nats.log.msg.error.message | Details about the error occurred | text | @@ -139,10 +129,6 @@ An example event for `log` looks as following: | nats.log.msg.sid | The unique alphanumeric subscription ID of the subject | integer | | nats.log.msg.subject | Subject name this message was received on | keyword | | nats.log.msg.type | The protocol message type | keyword | -| network.direction | Direction of the network traffic. Recommended values are: \* ingress \* egress \* inbound \* outbound \* internal \* external \* unknown When mapping events from a host-based monitoring context, populate this field from the host's point of view, using the values "ingress" or "egress". When mapping events from a network or perimeter-based monitoring context, populate this field from the point of view of the network perimeter, using the values "inbound", "outbound", "internal" or "external". Note that "internal" is not crossing perimeter boundaries, and is meant to describe communication between two hosts within the perimeter. Note also that "external" is meant to describe traffic between two hosts that are external to the perimeter. This could for example be useful for ISPs or VPN service providers. | keyword | -| process.pid | Process id. | long | -| related.ip | All of the IPs seen on your event. | ip | -| tags | List of keywords used to tag each event. | keyword | ## Metrics @@ -174,7 +160,7 @@ An example event for `stats` looks as following: "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -272,10 +258,9 @@ An example event for `stats` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | nats.server.id | The server ID | keyword | | | nats.server.time | Server time of metric creation | date | | | nats.stats.cores | The number of logical cores the NATS process runs on | integer | gauge | @@ -295,7 +280,6 @@ An example event for `stats` looks as following: | nats.stats.total_connections | The number of totally created clients | long | counter | | nats.stats.uptime | The period the server is up (sec) | long | counter | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | ### connections @@ -321,7 +305,7 @@ An example event for `connections` looks as following: "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -392,15 +376,13 @@ An example event for `connections` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | nats.connections.total | The number of currently active clients | integer | gauge | | nats.server.id | The server ID | keyword | | | nats.server.time | Server time of metric creation | date | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | ### routes @@ -426,7 +408,7 @@ An example event for `routes` looks as following: "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -497,15 +479,13 @@ An example event for `routes` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | nats.routes.total | The number of registered routes | integer | gauge | | nats.server.id | The server ID | keyword | | | nats.server.time | Server time of metric creation | date | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | ### subscriptions @@ -531,7 +511,7 @@ An example event for `subscriptions` looks as following: "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -609,10 +589,9 @@ An example event for `subscriptions` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | nats.server.id | The server ID | keyword | | | nats.server.time | Server time of metric creation | date | | | nats.subscriptions.cache.fanout.avg | The average fanout served by cache | double | gauge | @@ -624,7 +603,6 @@ An example event for `subscriptions` looks as following: | nats.subscriptions.removes | The number of remove operations in subscriptions list | long | counter | | nats.subscriptions.total | The number of active subscriptions | integer | gauge | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | ### connection @@ -650,7 +628,7 @@ An example event for `connection` looks as following: "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -732,10 +710,9 @@ An example event for `connection` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | nats.connection.idle_time | The period the connection is idle (sec) | long | counter | | nats.connection.in.bytes | The amount of incoming bytes | long | counter | | nats.connection.in.messages | The amount of incoming messages | long | counter | @@ -748,7 +725,6 @@ An example event for `connection` looks as following: | nats.server.id | The server ID | keyword | | | nats.server.time | Server time of metric creation | date | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | ### route @@ -774,7 +750,7 @@ An example event for `route` looks as following: "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -856,10 +832,9 @@ An example event for `route` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | nats.route.in.bytes | The amount of incoming bytes | long | counter | | nats.route.in.messages | The amount of incoming messages | long | counter | | nats.route.ip | The ip of the route | ip | | @@ -872,5 +847,4 @@ An example event for `route` looks as following: | nats.server.id | The server ID | keyword | | | nats.server.time | Server time of metric creation | date | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | diff --git a/packages/nats/manifest.yml b/packages/nats/manifest.yml index e7ed16eb17cf..ef932ea6295b 100644 --- a/packages/nats/manifest.yml +++ b/packages/nats/manifest.yml @@ -15,7 +15,8 @@ categories: - observability - message_queue conditions: - kibana.version: "^8.10.2" + kibana: + version: "^8.13.0" screenshots: - src: /img/filebeat_nats_dashboard.png title: Filebeat NATS Dashboard From 4da71b533bc7ea93cfbdb90ebd6c9d795692037a Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Mon, 17 Jun 2024 17:42:42 +0530 Subject: [PATCH 06/21] [cassandra] - change to ECS version git@v8.11.0 --- packages/cassandra/_dev/build/build.yml | 2 +- .../pipeline/test-cassandra.log-expected.json | 24 ++++++++----- .../elasticsearch/ingest_pipeline/default.yml | 6 ++-- .../cassandra/data_stream/log/fields/ecs.yml | 24 ------------- .../data_stream/log/sample_event.json | 8 +++-- .../elasticsearch/ingest_pipeline/default.yml | 2 +- .../data_stream/metrics/fields/ecs.yml | 20 ----------- .../data_stream/metrics/sample_event.json | 6 ++-- packages/cassandra/docs/README.md | 36 +++++-------------- packages/cassandra/manifest.yml | 2 +- 10 files changed, 38 insertions(+), 92 deletions(-) delete mode 100644 packages/cassandra/data_stream/log/fields/ecs.yml diff --git a/packages/cassandra/_dev/build/build.yml b/packages/cassandra/_dev/build/build.yml index aaafc5d833b6..2bfcfc223b04 100644 --- a/packages/cassandra/_dev/build/build.yml +++ b/packages/cassandra/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.5.1 + reference: "git@v8.11.0" diff --git a/packages/cassandra/data_stream/log/_dev/test/pipeline/test-cassandra.log-expected.json b/packages/cassandra/data_stream/log/_dev/test/pipeline/test-cassandra.log-expected.json index 52e9860ef343..7e78021035bb 100644 --- a/packages/cassandra/data_stream/log/_dev/test/pipeline/test-cassandra.log-expected.json +++ b/packages/cassandra/data_stream/log/_dev/test/pipeline/test-cassandra.log-expected.json @@ -3,17 +3,19 @@ { "@timestamp": "2021-07-21T12:18:15.910Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ "database" ], - "ingested": "2023-10-11T21:02:06.332290589Z", + "ingested": "2024-06-17T12:09:55.250489457Z", "kind": "event", "module": "cassandra", "original": "INFO [main] 2021-07-21 12:18:15,910 YamlConfigurationLoader.java:92 - Configuration location: file:/C:/Users/kush.rana/Desktop/Projects/elasticconnectors/apache-cassandra-3.11.10/conf/cassandra.yaml", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "INFO", @@ -42,17 +44,19 @@ } }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ "database" ], - "ingested": "2023-10-11T21:02:06.332297964Z", + "ingested": "2024-06-17T12:09:55.250550934Z", "kind": "event", "module": "cassandra", "original": "INFO [nioEventLoopGroup-2-1] 2021-07-21 12:23:32,856 Message.java:826 - Unexpected exception during request; channel = [id: 0xa6112238, L:/127.0.0.1:9042 - R:/127.0.0.1:60106]\njava.io.IOException: An existing connection was forcibly closed by the remote host\n\tat sun.nio.ch.SocketDispatcher.read0(Native Method) ~[na:1.8.0_291]\n\tat sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:43) ~[na:1.8.0_291]\n\tat sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:223) ~[na:1.8.0_291]\n\tat sun.nio.ch.IOUtil.read(IOUtil.java:192) ~[na:1.8.0_291]\n\tat sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:378) ~[na:1.8.0_291]\n\tat io.netty.buffer.PooledUnsafeDirectByteBuf.setBytes(PooledUnsafeDirectByteBuf.java:221) ~[netty-all-4.0.44.Final.jar:4.0.44.Final]\n\tat io.netty.buffer.AbstractByteBuf.writeBytes(AbstractByteBuf.java:899) ~[netty-all-4.0.44.Final.jar:4.0.44.Final]\n\tat io.netty.channel.socket.nio.NioSocketChannel.doReadBytes(NioSocketChannel.java:276) ~[netty-all-4.0.44.Final.jar:4.0.44.Final]\n\tat io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:119) ~[netty-all-4.0.44.Final.jar:4.0.44.Final]\n\tat io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:643) [netty-all-4.0.44.Final.jar:4.0.44.Final]\n\tat io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:566) [netty-all-4.0.44.Final.jar:4.0.44.Final]\n\tat io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:480) [netty-all-4.0.44.Final.jar:4.0.44.Final]\n\tat io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:442) [netty-all-4.0.44.Final.jar:4.0.44.Final]\n\tat io.netty.util.concurrent.SingleThreadEventExecutor$2.run(SingleThreadEventExecutor.java:131) [netty-all-4.0.44.Final.jar:4.0.44.Final]\n\tat io.netty.util.concurrent.DefaultThreadFactory$DefaultRunnableDecorator.run(DefaultThreadFactory.java:144) [netty-all-4.0.44.Final.jar:4.0.44.Final]\n\tat java.lang.Thread.run(Thread.java:748) [na:1.8.0_291]", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "INFO", @@ -81,17 +85,19 @@ } }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ "database" ], - "ingested": "2023-10-11T21:02:06.332299172Z", + "ingested": "2024-06-17T12:09:55.250555078Z", "kind": "event", "module": "cassandra", "original": "INFO [main] 2021-07-22 15:16:10,134 StorageService.java:681 - Token metadata: Normal Tokens:\nlocalhost/127.0.0.1:[-9213409579976581007, -9208536521948527928, -9138148778360337250, -9127679418115980016, -8976989747173636951, -8928929930114662189, -8850922876008716693, -8742572573666294013, -8682790054622712291, -8602448569428641857, -8427444260690062087, -8322248594442534434, -8320001287302042084, -8254990830747485697, -8249957862499495790, -8189195602746080394, -8129887952616066480, -8056374640546524116, -8038761382995613210, -8037170110133462140, -7992011367541245422, -7880071995925335357, -7749009042440224717, -7617052974926155684, -7579992376331554614, -7547752740136860669, -7483309149196458963, -7403928085586378365, -7295126747625344073, -7285427200042709300, -7208686794243768519, -7117693125722831897, -6883722024573005241, -6720612224987504455, -6717012773506031630, -6634852508780100068, -6552838126854940220, -6342653427563558228, -6320996911175515573, -5938863381584705682, -5937138028307335156, -5863008324229999355, -5557902421394732795, -5507288642909724159, -5359164966940526093, -5270856020393654677, -5140336908990033565, -5086699786885043460, -5074000871253631366, -5073978841190866944, -5033423903877820246, -4943085258474057592, -4910543332786614489, -4879770268169959108, -4850099303163390815, -4807455567471793547, -4719159438210854274, -4619781027025280965, -4544597174348575652, -4485428936415138994, -4472739122485282685, -4373079504728124492, -4181301628202154089, -4126388626984258138, -4023053100851092991, -3922047779752166298, -3906718855618646650, -3868634824115722238, -3745879358169402556, -3690097830756775997, -3670927950016768037, -3616747246231509319, -3591426209432189634, -3490702446505255801, -3483385134981416558, -3429491430707856745, -3416053347785698066, -3413943292199611161, -3382417634862376426, -3349947830775906953, -3296542850568272055, -3176473778862080919, -3166346545442410180, -3132772882761113905, -3043642279006642678, -2954123492179139102, -2863171390983702241, -2654073953489285272, -2590940177673686644, -2587080257265847771, -2251605852203586301, -2198878564462361531, -2145896005604227928, -2124367674677225113, -2100796974152514459, -2100767007153930839, -2048246436708511951, -1940231583736341613, -1918276191425512270, -1901156852629539284, -1880561834882743663, -1746302695032098428, -1656872679451617615, -1548673391155746482, -1488479865253002047, -1379516031698548835, -1375032214470929604, -1314590380943603420, -1308375119031032813, -1285371162065374453, -1236769884793871491, -1079440989079766338, -869710792032024432, -789236985842188234, -455105751942515560, -444051516445821516, -361900680170942718, -168328735467397181, -134714950793282931, 60826037083339962, 84541622509618720, 144554169302448103, 196774206633592259, 198562324344386301, 238610642455775463, 278056991129882380, 279880939653579207, 282592745265744974, 410971596053594328, 495924051707529203, 526093410792433875, 575034598008591456, 579720708854555015, 589085295330075427, 590435486579344463, 776031051171600786, 781641065494177208, 846457757495601745, 850257452008846361, 900686269816010653, 1051126519181924424, 1203321605454295227, 1203895566636331975, 1211465458560787736, 1225960882717793263, 1241774140877981683, 1292414550010972366, 1334361932455738343, 1337377210995562847, 1419081732672037948, 1419381122950575881, 1490964106631451820, 1639326652578045878, 1705770160551872440, 1832285348848161986, 1847497393690487631, 1879480685217394570, 1891538878205257739, 1989643415414534081, 1994910556424959679, 1998064184769937808, 2155104014043103344, 2220336291482261989, 2283828190095512675, 2306824176141659302, 2451278539468942429, 2598912773538613706, 2762278292210005010, 2773437737237250294, 2832174370654635432, 2934442852597210012, 2945700216164622238, 2952556039929943093, 3107437902315470865, 3123397929954224804, 3186025726071011271, 3188208477416257432, 3200767480243736192, 3215706690514302654, 3276105622621268635, 3365884355288559483, 3401162000846683197, 3490150748579176060, 3504387869819626580, 3724159158070359927, 3885983949513817526, 3928206314063268933, 4115069486609707213, 4242350427466708713, 4386862705409556464, 4404914535424634841, 4486289098334426088, 4615905347775520925, 4650730553761950776, 4664032552573343869, 4741710988150565521, 4824314289830954773, 4855150021956252527, 4979447180744678768, 5010835932690867774, 5135899429065919974, 5230763194691689473, 5318582515931199681, 5558115297723062617, 5588210318754588806, 5615741481489697481, 5681975707573416981, 5826288747232227118, 6135206485758434356, 6163357531758535338, 6192919223175738327, 6193503193865707083, 6251171521552312359, 6370634172051452277, 6440400015024985128, 6444714481840758288, 6619609681089611411, 6698206135058175326, 6723548174665139367, 6744705100400054244, 6777227783060561616, 6840248229536654533, 6903596833014731591, 6939254918732562615, 6986844194665101330, 6999783490815861150, 7081735174733692632, 7088499763485696293, 7164209991011322273, 7180706869985461496, 7369129159637618981, 7375016321335570664, 7518640636490654215, 7584590997557423209, 7665483325181367542, 7751011211020015083, 7808711095476824306, 7905270090323370693, 7930480210183871741, 8027805212938904497, 8086730665555500916, 8156173380772627797, 8455783018781361766, 8522975246241517657, 8525946248784902240, 8547978838832864285, 8580320166686867118, 8587722170086323264, 8726678858413102621, 8732783454936618116, 8734728266269135300, 8789489738850249699, 8799590254811299859, 8825243461020618263, 9047662432134874749, 9087960439561935209]\n", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "INFO", diff --git a/packages/cassandra/data_stream/log/elasticsearch/ingest_pipeline/default.yml b/packages/cassandra/data_stream/log/elasticsearch/ingest_pipeline/default.yml index 9a90b36d4ca3..2641b60fe2a8 100644 --- a/packages/cassandra/data_stream/log/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cassandra/data_stream/log/elasticsearch/ingest_pipeline/default.yml @@ -8,7 +8,7 @@ processors: ignore_failure: true - set: field: ecs.version - value: 8.5.1 + value: 8.11.0 ignore_empty_value: true ignore_failure: true - set: @@ -51,9 +51,9 @@ processors: source: >- def err_levels = ["FATAL", "ERROR", "WARN"]; if (err_levels.contains(ctx.log.level)) { - ctx.event.type = "error"; + ctx.event.type = ["error"]; } else { - ctx.event.type = "info"; + ctx.event.type = ["info"]; } - script: description: Drops null/empty values recursively. diff --git a/packages/cassandra/data_stream/log/fields/ecs.yml b/packages/cassandra/data_stream/log/fields/ecs.yml deleted file mode 100644 index 7eedd8975cc7..000000000000 --- a/packages/cassandra/data_stream/log/fields/ecs.yml +++ /dev/null @@ -1,24 +0,0 @@ -- external: ecs - name: ecs.version -- external: ecs - name: error.message -- external: ecs - name: event.category -- external: ecs - name: event.ingested -- external: ecs - name: event.kind -- external: ecs - name: log.file.path -- external: ecs - name: log.level -- external: ecs - name: log.origin.file.line -- external: ecs - name: log.origin.file.name -- external: ecs - name: message -- external: ecs - name: process.thread.name -- external: ecs - name: tags diff --git a/packages/cassandra/data_stream/log/sample_event.json b/packages/cassandra/data_stream/log/sample_event.json index 4116c93963d8..b2450faed833 100644 --- a/packages/cassandra/data_stream/log/sample_event.json +++ b/packages/cassandra/data_stream/log/sample_event.json @@ -14,7 +14,7 @@ "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "d1a9277c-e5a2-4ee3-a973-18f2b62e3ad8", @@ -31,7 +31,9 @@ "kind": "event", "module": "cassandra", "original": "INFO [main] 2022-08-01 07:33:01,952 YamlConfigurationLoader.java:92 - Configuration location: file:/etc/cassandra/cassandra.yaml", - "type": "info" + "type": [ + "info" + ] }, "input": { "type": "log" @@ -59,4 +61,4 @@ "forwarded", "cassandra-systemlogs" ] -} \ No newline at end of file +} diff --git a/packages/cassandra/data_stream/metrics/elasticsearch/ingest_pipeline/default.yml b/packages/cassandra/data_stream/metrics/elasticsearch/ingest_pipeline/default.yml index 12af7fe3a581..ad007766c9a2 100644 --- a/packages/cassandra/data_stream/metrics/elasticsearch/ingest_pipeline/default.yml +++ b/packages/cassandra/data_stream/metrics/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for parsing Cassandra metrics. processors: - set: field: ecs.version - value: 8.5.1 + value: 8.11.0 ignore_empty_value: true ignore_failure: true - set: diff --git a/packages/cassandra/data_stream/metrics/fields/ecs.yml b/packages/cassandra/data_stream/metrics/fields/ecs.yml index a3869dc710e0..d0a842204dc6 100644 --- a/packages/cassandra/data_stream/metrics/fields/ecs.yml +++ b/packages/cassandra/data_stream/metrics/fields/ecs.yml @@ -1,32 +1,12 @@ -- external: ecs - name: ecs.version -- external: ecs - name: error.message -- external: ecs - name: event.category -- external: ecs - name: event.created -- external: ecs - name: event.dataset -- external: ecs - name: event.kind -- external: ecs - name: event.module -- external: ecs - name: event.type - external: ecs name: service.address dimension: true -- external: ecs - name: service.type - external: ecs name: host.name dimension: true - external: ecs name: agent.id dimension: true -- external: ecs - name: cloud.project.id - external: ecs name: cloud.instance.id dimension: true diff --git a/packages/cassandra/data_stream/metrics/sample_event.json b/packages/cassandra/data_stream/metrics/sample_event.json index 8ab84497048a..d3b55bc1f7d8 100644 --- a/packages/cassandra/data_stream/metrics/sample_event.json +++ b/packages/cassandra/data_stream/metrics/sample_event.json @@ -168,7 +168,7 @@ "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "f8436de1-7850-497f-905d-b6c9ca3116ca", @@ -217,7 +217,7 @@ "period": 10000 }, "service": { - "address": "http://elastic-package-service_cassandra_1:8778/jolokia/%3FignoreErrors=true\u0026canonicalNaming=false", + "address": "http://elastic-package-service_cassandra_1:8778/jolokia/%3FignoreErrors=true&canonicalNaming=false", "type": "jolokia" } -} \ No newline at end of file +} diff --git a/packages/cassandra/docs/README.md b/packages/cassandra/docs/README.md index 6fd49998757a..d4714ace5c7a 100644 --- a/packages/cassandra/docs/README.md +++ b/packages/cassandra/docs/README.md @@ -96,7 +96,7 @@ An example event for `log` looks as following: "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "d1a9277c-e5a2-4ee3-a973-18f2b62e3ad8", @@ -113,7 +113,9 @@ An example event for `log` looks as following: "kind": "event", "module": "cassandra", "original": "INFO [main] 2022-08-01 07:33:01,952 YamlConfigurationLoader.java:92 - Configuration location: file:/etc/cassandra/cassandra.yaml", - "type": "info" + "type": [ + "info" + ] }, "input": { "type": "log" @@ -142,6 +144,7 @@ An example event for `log` looks as following: "cassandra-systemlogs" ] } + ``` **Exported fields** @@ -153,21 +156,9 @@ An example event for `log` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| error.message | Error message. | match_only_text | -| event.category | This is one of four ECS Categorization Fields, and indicates the second level in the ECS category hierarchy. `event.category` represents the "big buckets" of ECS categories. For example, filtering on `event.category:process` yields all events relating to process activity. This field is closely related to `event.type`, which is used as a subcategory. This field is an array. This will allow proper categorization of some events that fall in multiple categories. | keyword | -| event.ingested | Timestamp when an event arrived in the central data store. This is different from `@timestamp`, which is when the event originally occurred. It's also different from `event.created`, which is meant to capture the first time an agent saw the event. In normal conditions, assuming no tampering, the timestamps should chronologically look like this: `@timestamp` \< `event.created` \< `event.ingested`. | date | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | | input.type | Type of Filebeat input. | keyword | -| log.file.path | Full path to the log file this event came from, including the file name. It should include the drive letter, when appropriate. If the event wasn't read from a log file, do not populate this field. | keyword | | log.flags | Flags for the log file. | keyword | -| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | | log.offset | Offset of the entry in the log file. | long | -| log.origin.file.line | The line number of the file containing the source code which originated the log event. | long | -| log.origin.file.name | The name of the file containing the source code which originated the log event. Note that this field is not meant to capture the log file. The correct field to capture the log file is `log.file.path`. | keyword | -| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | match_only_text | -| process.thread.name | Thread name. | keyword | -| tags | List of keywords used to tag each event. | keyword | ## Metrics @@ -347,7 +338,7 @@ An example event for `metrics` looks as following: "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "f8436de1-7850-497f-905d-b6c9ca3116ca", @@ -396,10 +387,11 @@ An example event for `metrics` looks as following: "period": 10000 }, "service": { - "address": "http://elastic-package-service_cassandra_1:8778/jolokia/%3FignoreErrors=true\u0026canonicalNaming=false", + "address": "http://elastic-package-service_cassandra_1:8778/jolokia/%3FignoreErrors=true&canonicalNaming=false", "type": "jolokia" } } + ``` **Exported fields** @@ -492,22 +484,12 @@ An example event for `metrics` looks as following: | cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword | | | cloud.availability_zone | Availability zone in which this host, resource, or service is located. | keyword | | | cloud.instance.id | Instance ID of the host machine. | keyword | | -| cloud.project.id | The cloud project identifier. Examples: Google Cloud Project id, Azure Project id. | keyword | | | cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword | | | cloud.region | Region in which this host, resource, or service is located. | keyword | | | container.id | Unique container id. | keyword | | | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | -| error.message | Error message. | match_only_text | | -| event.category | This is one of four ECS Categorization Fields, and indicates the second level in the ECS category hierarchy. `event.category` represents the "big buckets" of ECS categories. For example, filtering on `event.category:process` yields all events relating to process activity. This field is closely related to `event.type`, which is used as a subcategory. This field is an array. This will allow proper categorization of some events that fall in multiple categories. | keyword | | -| event.created | event.created contains the date/time when the event was first read by an agent, or by your pipeline. This field is distinct from @timestamp in that @timestamp typically contain the time extracted from the original event. In most situations, these two timestamps will be slightly different. The difference can be used to calculate the delay between your source generating an event, and the time when your agent first processed it. This can be used to monitor your agent's or pipeline's ability to keep up with your event source. In case the two timestamps are identical, @timestamp should be used. | date | | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | | -| event.module | Name of the module this data is coming from. If your monitoring agent supports the concept of modules or plugins to process events of a given source (e.g. Apache logs), `event.module` should contain the name of this module. | keyword | | -| event.type | This is one of four ECS Categorization Fields, and indicates the third level in the ECS category hierarchy. `event.type` represents a categorization "sub-bucket" that, when used along with the `event.category` field values, enables filtering events down to a level appropriate for single visualization. This field is an array. This will allow proper categorization of some events that fall in multiple event types. | keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | diff --git a/packages/cassandra/manifest.yml b/packages/cassandra/manifest.yml index 9137ce67c783..0c9161fc4a1b 100644 --- a/packages/cassandra/manifest.yml +++ b/packages/cassandra/manifest.yml @@ -9,7 +9,7 @@ categories: - observability conditions: kibana: - version: "^8.12.0" + version: "^8.13.0" elastic: subscription: basic screenshots: From 8e4b7111df5b00a4c736d4d547af8a66d1eb10a5 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Mon, 17 Jun 2024 18:14:54 +0530 Subject: [PATCH 07/21] [oracle_weblogic] - change to ECS version git@v8.11.0 --- packages/oracle_weblogic/_dev/build/build.yml | 2 +- .../pipeline/test-access.log-expected.json | 70 ++++---- .../elasticsearch/ingest_pipeline/default.yml | 7 +- .../data_stream/access/fields/ecs.yml | 18 --- .../data_stream/access/sample_event.json | 10 +- .../test-admin-server.log-expected.json | 150 +++++++++++------- .../elasticsearch/ingest_pipeline/default.yml | 7 +- .../admin_server/fields/base-fields.yml | 2 - .../data_stream/admin_server/fields/ecs.yml | 14 -- .../admin_server/sample_event.json | 12 +- .../elasticsearch/ingest_pipeline/default.yml | 2 +- .../deployed_application/fields/ecs.yml | 24 --- .../deployed_application/sample_event.json | 4 +- .../pipeline/test-domain.log-expected.json | 150 +++++++++++------- .../elasticsearch/ingest_pipeline/default.yml | 7 +- .../data_stream/domain/fields/base-fields.yml | 2 - .../data_stream/domain/fields/ecs.yml | 14 -- .../data_stream/domain/sample_event.json | 12 +- .../test-managed-server.log-expected.json | 90 ++++++----- .../elasticsearch/ingest_pipeline/default.yml | 7 +- .../managed_server/fields/base-fields.yml | 2 - .../data_stream/managed_server/fields/ecs.yml | 14 -- .../managed_server/sample_event.json | 12 +- .../elasticsearch/ingest_pipeline/default.yml | 2 +- .../data_stream/threadpool/fields/ecs.yml | 24 --- .../data_stream/threadpool/sample_event.json | 4 +- packages/oracle_weblogic/docs/README.md | 109 ++++--------- packages/oracle_weblogic/manifest.yml | 2 +- 28 files changed, 356 insertions(+), 417 deletions(-) delete mode 100644 packages/oracle_weblogic/data_stream/access/fields/ecs.yml delete mode 100644 packages/oracle_weblogic/data_stream/admin_server/fields/ecs.yml delete mode 100644 packages/oracle_weblogic/data_stream/domain/fields/ecs.yml delete mode 100644 packages/oracle_weblogic/data_stream/managed_server/fields/ecs.yml diff --git a/packages/oracle_weblogic/_dev/build/build.yml b/packages/oracle_weblogic/_dev/build/build.yml index aaafc5d833b6..2bfcfc223b04 100755 --- a/packages/oracle_weblogic/_dev/build/build.yml +++ b/packages/oracle_weblogic/_dev/build/build.yml @@ -1,3 +1,3 @@ dependencies: ecs: - reference: git@v8.5.1 + reference: "git@v8.11.0" diff --git a/packages/oracle_weblogic/data_stream/access/_dev/test/pipeline/test-access.log-expected.json b/packages/oracle_weblogic/data_stream/access/_dev/test/pipeline/test-access.log-expected.json index 190ffa109e87..5a1780342d3f 100644 --- a/packages/oracle_weblogic/data_stream/access/_dev/test/pipeline/test-access.log-expected.json +++ b/packages/oracle_weblogic/data_stream/access/_dev/test/pipeline/test-access.log-expected.json @@ -3,17 +3,19 @@ { "@timestamp": "2022-03-26T18:10:05.000Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-13T11:27:51.595108679Z", + "ingested": "2024-06-17T12:35:30.050027447Z", "kind": "event", "module": "oracle_weblogic", "original": "172.17.32.1 - - [26/Mar/2022:23:40:05 +0530] \"GET /medrec/javax.faces.resource/welcome.jpg.xhtml?ln=img&con=bayland HTTP/1.1\" 200 844071 ", - "type": "access" + "type": [ + "access" + ] }, "host": { "ip": [ @@ -44,17 +46,19 @@ { "@timestamp": "2022-03-26T18:10:05.000Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-13T11:27:51.595116845Z", + "ingested": "2024-06-17T12:35:30.050038021Z", "kind": "event", "module": "oracle_weblogic", "original": "172.17.32.1 - - [26/Mar/2022:23:40:05 +0530] \"GET /favicon.ico HTTP/1.1\" 404 1164 ", - "type": "access" + "type": [ + "access" + ] }, "host": { "ip": [ @@ -85,17 +89,19 @@ { "@timestamp": "2022-03-26T18:10:39.000Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-13T11:27:51.595117970Z", + "ingested": "2024-06-17T12:35:30.050039755Z", "kind": "event", "module": "oracle_weblogic", "original": "0:0:0:0:0:0:0:1 - - [26/Mar/2022:23:40:39 +0530] \"GET /favicon.ico HTTP/1.1\" 404 1164 ", - "type": "access" + "type": [ + "access" + ] }, "host": { "ip": [ @@ -126,17 +132,19 @@ { "@timestamp": "2022-03-26T18:13:44.000Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-13T11:27:51.595118887Z", + "ingested": "2024-06-17T12:35:30.050041221Z", "kind": "event", "module": "oracle_weblogic", "original": "172.17.32.1 - - [26/Mar/2022:23:43:44 +0530] \"GET /medrec/index.xhtml HTTP/1.1\" 200 8863 ", - "type": "access" + "type": [ + "access" + ] }, "host": { "ip": [ @@ -167,17 +175,19 @@ { "@timestamp": "2022-03-26T18:13:45.000Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-13T11:27:51.595119762Z", + "ingested": "2024-06-17T12:35:30.050042816Z", "kind": "event", "module": "oracle_weblogic", "original": "172.17.32.1 - - [26/Mar/2022:23:43:45 +0530] \"GET /medrec/javax.faces.resource/admin.jpg.xhtml?ln=img&con=bayland HTTP/1.1\" 200 8116 ", - "type": "access" + "type": [ + "access" + ] }, "host": { "ip": [ @@ -208,17 +218,19 @@ { "@timestamp": "2022-03-26T18:13:45.000Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-13T11:27:51.595120637Z", + "ingested": "2024-06-17T12:35:30.050044388Z", "kind": "event", "module": "oracle_weblogic", "original": "172.17.32.1 - - [26/Mar/2022:23:43:45 +0530] \"GET /medrec/javax.faces.resource/patient.jpg.xhtml?ln=img&con=bayland HTTP/1.1\" 200 10096 ", - "type": "access" + "type": [ + "access" + ] }, "host": { "ip": [ @@ -249,17 +261,19 @@ { "@timestamp": "2022-03-26T18:13:45.000Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-13T11:27:51.595121429Z", + "ingested": "2024-06-17T12:35:30.050045642Z", "kind": "event", "module": "oracle_weblogic", "original": "172.17.32.1 - - [26/Mar/2022:23:43:45 +0530] \"GET /medrec/javax.faces.resource/physician.jpg.xhtml?ln=img&con=bayland HTTP/1.1\" 200 10169 ", - "type": "access" + "type": [ + "access" + ] }, "host": { "ip": [ diff --git a/packages/oracle_weblogic/data_stream/access/elasticsearch/ingest_pipeline/default.yml b/packages/oracle_weblogic/data_stream/access/elasticsearch/ingest_pipeline/default.yml index a0187c735a04..9cec070e9ad4 100644 --- a/packages/oracle_weblogic/data_stream/access/elasticsearch/ingest_pipeline/default.yml +++ b/packages/oracle_weblogic/data_stream/access/elasticsearch/ingest_pipeline/default.yml @@ -8,7 +8,7 @@ processors: ignore_failure: true - set: field: ecs.version - value: 8.5.1 + value: 8.11.0 ignore_empty_value: true ignore_failure: true - set: @@ -23,13 +23,12 @@ processors: ignore_failure: true - set: field: event.type - value: access + value: ["access"] ignore_empty_value: true ignore_failure: true - append: field: event.category - value: - - log + value: ["network"] ignore_failure: true - rename: field: message diff --git a/packages/oracle_weblogic/data_stream/access/fields/ecs.yml b/packages/oracle_weblogic/data_stream/access/fields/ecs.yml deleted file mode 100644 index 4a9639543735..000000000000 --- a/packages/oracle_weblogic/data_stream/access/fields/ecs.yml +++ /dev/null @@ -1,18 +0,0 @@ -- external: ecs - name: ecs.version -- external: ecs - name: host.ip -- external: ecs - name: http.request.method -- external: ecs - name: http.request.referrer -- external: ecs - name: http.response.bytes -- external: ecs - name: http.response.status_code -- external: ecs - name: http.version -- external: ecs - name: log.file.path -- external: ecs - name: tags diff --git a/packages/oracle_weblogic/data_stream/access/sample_event.json b/packages/oracle_weblogic/data_stream/access/sample_event.json index 0a968f24b438..1fd2f9f96344 100644 --- a/packages/oracle_weblogic/data_stream/access/sample_event.json +++ b/packages/oracle_weblogic/data_stream/access/sample_event.json @@ -13,7 +13,7 @@ "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "d17bdd23-2a9d-4013-abe7-0652f306d69d", @@ -23,14 +23,16 @@ "event": { "agent_id_status": "verified", "category": [ - "log" + "network" ], "dataset": "oracle_weblogic.access", "ingested": "2022-04-25T06:53:32Z", "kind": "event", "module": "oracle_weblogic", "original": "172.17.32.1 - - [26/Mar/2022:23:40:04 +0530] \"GET /medrec/start.xhtml HTTP/1.1\" 200 8876 ", - "type": "access" + "type": [ + "access" + ] }, "host": { "architecture": "x86_64", @@ -82,4 +84,4 @@ "tags": [ "oracle_weblogic-access" ] -} \ No newline at end of file +} diff --git a/packages/oracle_weblogic/data_stream/admin_server/_dev/test/pipeline/test-admin-server.log-expected.json b/packages/oracle_weblogic/data_stream/admin_server/_dev/test/pipeline/test-admin-server.log-expected.json index 690ce1d5b8a7..3525144a23e5 100644 --- a/packages/oracle_weblogic/data_stream/admin_server/_dev/test/pipeline/test-admin-server.log-expected.json +++ b/packages/oracle_weblogic/data_stream/admin_server/_dev/test/pipeline/test-admin-server.log-expected.json @@ -3,17 +3,19 @@ { "@timestamp": "2022-03-24T10:29:51.636Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720178512Z", + "ingested": "2024-06-17T12:35:30.701408048Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <[STANDBY] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1648117791636> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -35,17 +37,19 @@ }, { "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720186970Z", + "ingested": "2024-06-17T12:35:30.701419149Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791663> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "tags": [ "preserve_original_event" @@ -72,17 +78,19 @@ { "@timestamp": "2022-03-24T10:29:51.702Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720188929Z", + "ingested": "2024-06-17T12:35:30.701422329Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791702> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -105,17 +113,19 @@ { "@timestamp": "2022-03-24T10:29:51.703Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720189804Z", + "ingested": "2024-06-17T12:35:30.701423674Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791703> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -138,17 +148,19 @@ { "@timestamp": "2022-03-24T10:29:51.703Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720190637Z", + "ingested": "2024-06-17T12:35:30.701425006Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791703> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -171,17 +183,19 @@ { "@timestamp": "2022-03-24T10:29:51.704Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720191512Z", + "ingested": "2024-06-17T12:35:30.701426422Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791704> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -204,17 +218,19 @@ { "@timestamp": "2022-03-24T10:29:51.857Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720192262Z", + "ingested": "2024-06-17T12:35:30.701427891Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791857> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -237,17 +253,19 @@ { "@timestamp": "2022-03-24T10:29:51.857Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720193012Z", + "ingested": "2024-06-17T12:35:30.701429513Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791857> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -270,17 +288,19 @@ { "@timestamp": "2022-03-24T10:29:51.858Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720193804Z", + "ingested": "2024-06-17T12:35:30.701431072Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791858> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -303,17 +323,19 @@ { "@timestamp": "2022-03-24T10:29:51.858Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720194554Z", + "ingested": "2024-06-17T12:35:30.701432611Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791858> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -336,17 +358,19 @@ { "@timestamp": "2022-03-24T10:29:51.860Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720195429Z", + "ingested": "2024-06-17T12:35:30.701434291Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791860> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -369,17 +393,19 @@ { "@timestamp": "2022-03-24T10:29:51.861Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720196220Z", + "ingested": "2024-06-17T12:35:30.701435776Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791861> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -402,17 +428,19 @@ { "@timestamp": "2022-03-24T10:29:51.864Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720200387Z", + "ingested": "2024-06-17T12:35:30.701437732Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791864> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" @@ -435,17 +463,19 @@ { "@timestamp": "2022-03-24T10:29:51.865Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.720201970Z", + "ingested": "2024-06-17T12:35:30.701439176Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <> <> <1648117791865> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "admin" + "type": [ + "admin" + ] }, "log": { "level": "Info" diff --git a/packages/oracle_weblogic/data_stream/admin_server/elasticsearch/ingest_pipeline/default.yml b/packages/oracle_weblogic/data_stream/admin_server/elasticsearch/ingest_pipeline/default.yml index 9b1453818c16..54806cc6a333 100644 --- a/packages/oracle_weblogic/data_stream/admin_server/elasticsearch/ingest_pipeline/default.yml +++ b/packages/oracle_weblogic/data_stream/admin_server/elasticsearch/ingest_pipeline/default.yml @@ -8,7 +8,7 @@ processors: ignore_failure: true - set: field: ecs.version - value: 8.5.1 + value: 8.11.0 ignore_empty_value: true ignore_failure: true - set: @@ -23,13 +23,12 @@ processors: ignore_failure: true - set: field: event.type - value: admin + value: ["admin"] ignore_empty_value: true ignore_failure: true - append: field: event.category - value: - - log + value: ["iam"] ignore_failure: true - rename: field: message diff --git a/packages/oracle_weblogic/data_stream/admin_server/fields/base-fields.yml b/packages/oracle_weblogic/data_stream/admin_server/fields/base-fields.yml index 1521a0239e8a..e36d466bdd13 100644 --- a/packages/oracle_weblogic/data_stream/admin_server/fields/base-fields.yml +++ b/packages/oracle_weblogic/data_stream/admin_server/fields/base-fields.yml @@ -7,8 +7,6 @@ - name: data_stream.type type: constant_keyword description: Data stream type. -- name: message - external: ecs - name: '@timestamp' type: date description: Event timestamp. diff --git a/packages/oracle_weblogic/data_stream/admin_server/fields/ecs.yml b/packages/oracle_weblogic/data_stream/admin_server/fields/ecs.yml deleted file mode 100644 index 40e7af826db4..000000000000 --- a/packages/oracle_weblogic/data_stream/admin_server/fields/ecs.yml +++ /dev/null @@ -1,14 +0,0 @@ -- external: ecs - name: ecs.version -- external: ecs - name: host.ip -- external: ecs - name: log.file.path -- external: ecs - name: log.level -- external: ecs - name: tags -- external: ecs - name: transaction.id -- external: ecs - name: user.id diff --git a/packages/oracle_weblogic/data_stream/admin_server/sample_event.json b/packages/oracle_weblogic/data_stream/admin_server/sample_event.json index 7614303f4da5..24fb390d3e7c 100644 --- a/packages/oracle_weblogic/data_stream/admin_server/sample_event.json +++ b/packages/oracle_weblogic/data_stream/admin_server/sample_event.json @@ -13,7 +13,7 @@ "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "2c65d5b2-0806-4fb1-96c2-b9852c73afd0", @@ -23,14 +23,16 @@ "event": { "agent_id_status": "verified", "category": [ - "log" + "iam" ], "dataset": "oracle_weblogic.admin_server", "ingested": "2022-05-09T11:20:10Z", "kind": "event", "module": "oracle_weblogic", - "original": "####\u003cMar 24, 2022 10:29:51,865 AM GMT\u003e \u003cInfo\u003e \u003cServer\u003e \u003cwlsadmin\u003e \u003c\u003e \u003cThread-11\u003e \u003c\u003e \u003c\u003e \u003c\u003e \u003c1648117791865\u003e \u003c[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] \u003e \u003cBEA-002622\u003e \u003cThe protocol \"admin\" is now configured.\u003e ", - "type": "admin" + "original": "#### <> <> <> <> <1648117791865> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", + "type": [ + "admin" + ] }, "host": { "architecture": "x86_64", @@ -77,4 +79,4 @@ "tags": [ "oracle_weblogic-admin_server" ] -} \ No newline at end of file +} diff --git a/packages/oracle_weblogic/data_stream/deployed_application/elasticsearch/ingest_pipeline/default.yml b/packages/oracle_weblogic/data_stream/deployed_application/elasticsearch/ingest_pipeline/default.yml index 7726aff20650..8b17d3eeb4f8 100644 --- a/packages/oracle_weblogic/data_stream/deployed_application/elasticsearch/ingest_pipeline/default.yml +++ b/packages/oracle_weblogic/data_stream/deployed_application/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for parsing Oracle WebLogic Deployed Application metrics. processors: - set: field: ecs.version - value: "8.5.1" + value: "8.11.0" ignore_failure: true - rename: field: message diff --git a/packages/oracle_weblogic/data_stream/deployed_application/fields/ecs.yml b/packages/oracle_weblogic/data_stream/deployed_application/fields/ecs.yml index ffe6c5710530..4c46290bbed8 100644 --- a/packages/oracle_weblogic/data_stream/deployed_application/fields/ecs.yml +++ b/packages/oracle_weblogic/data_stream/deployed_application/fields/ecs.yml @@ -19,33 +19,9 @@ - external: ecs name: container.id dimension: true -- external: ecs - name: ecs.version -- external: ecs - name: error.message -- external: ecs - name: event.category -- external: ecs - name: event.created -- external: ecs - name: event.dataset -- external: ecs - name: event.kind -- external: ecs - name: event.module -- external: ecs - name: event.outcome -- external: ecs - name: event.type -- external: ecs - name: host.ip - external: ecs name: host.name dimension: true - external: ecs name: service.address dimension: true -- external: ecs - name: service.type -- external: ecs - name: tags diff --git a/packages/oracle_weblogic/data_stream/deployed_application/sample_event.json b/packages/oracle_weblogic/data_stream/deployed_application/sample_event.json index 848b46d83874..d0c6b1c41642 100644 --- a/packages/oracle_weblogic/data_stream/deployed_application/sample_event.json +++ b/packages/oracle_weblogic/data_stream/deployed_application/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "f5ae4eeb-820b-4f24-a94a-df327091d185", @@ -87,4 +87,4 @@ "tags": [ "oracle_weblogic-deployed_application" ] -} \ No newline at end of file +} diff --git a/packages/oracle_weblogic/data_stream/domain/_dev/test/pipeline/test-domain.log-expected.json b/packages/oracle_weblogic/data_stream/domain/_dev/test/pipeline/test-domain.log-expected.json index 5627583dbe43..fcfe897dc797 100644 --- a/packages/oracle_weblogic/data_stream/domain/_dev/test/pipeline/test-domain.log-expected.json +++ b/packages/oracle_weblogic/data_stream/domain/_dev/test/pipeline/test-domain.log-expected.json @@ -3,17 +3,19 @@ { "@timestamp": "2022-03-24T10:30:29.249Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119684885Z", + "ingested": "2024-06-17T12:35:31.355855498Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <[STANDBY] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <1648117829249> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -40,17 +42,19 @@ { "@timestamp": "2022-03-24T10:30:29.296Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119693760Z", + "ingested": "2024-06-17T12:35:31.355869864Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <1648117829296> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -77,17 +81,19 @@ { "@timestamp": "2022-03-24T10:30:29.297Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119694760Z", + "ingested": "2024-06-17T12:35:31.355871711Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <1648117829297> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -114,17 +120,19 @@ { "@timestamp": "2022-03-24T10:30:29.301Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119695718Z", + "ingested": "2024-06-17T12:35:31.355873207Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <1648117829301> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -151,17 +159,19 @@ { "@timestamp": "2022-03-24T10:30:29.301Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119696468Z", + "ingested": "2024-06-17T12:35:31.355874644Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <1648117829301> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -188,17 +198,19 @@ { "@timestamp": "2022-03-24T10:30:29.302Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119697218Z", + "ingested": "2024-06-17T12:35:31.355876536Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <[STANDBY] ExecuteThread: '3' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <1648117829302> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -225,17 +237,19 @@ { "@timestamp": "2022-03-24T10:30:29.395Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119697968Z", + "ingested": "2024-06-17T12:35:31.355877887Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <[STANDBY] ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <1648117829395> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -262,17 +276,19 @@ { "@timestamp": "2022-03-24T10:30:29.465Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119698718Z", + "ingested": "2024-06-17T12:35:31.355879385Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <[STANDBY] ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <1648117829465> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -299,17 +315,19 @@ { "@timestamp": "2022-03-24T10:30:27.263Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119699426Z", + "ingested": "2024-06-17T12:35:31.355880890Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <38f025ff-7924-471b-bac8-a419692aabf9-00000018> <1648117827263> <[severity-value: 16] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Warning" @@ -336,17 +354,19 @@ { "@timestamp": "2022-03-24T10:30:29.193Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119700176Z", + "ingested": "2024-06-17T12:35:31.355882333Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <38f025ff-7924-471b-bac8-a419692aabf9-0000001b> <1648117829193> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -373,17 +393,19 @@ { "@timestamp": "2022-03-24T10:30:29.194Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119700885Z", + "ingested": "2024-06-17T12:35:31.355883828Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <38f025ff-7924-471b-bac8-a419692aabf9-0000001b> <1648117829194> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -410,17 +432,19 @@ { "@timestamp": "2022-03-24T10:30:29.707Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119701926Z", + "ingested": "2024-06-17T12:35:31.355885513Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <38f025ff-7924-471b-bac8-a419692aabf9-0000001b> <1648117829707> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -447,17 +471,19 @@ { "@timestamp": "2022-03-24T10:30:29.707Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119702676Z", + "ingested": "2024-06-17T12:35:31.355886878Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <38f025ff-7924-471b-bac8-a419692aabf9-0000001b> <1648117829707> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -484,17 +510,19 @@ { "@timestamp": "2022-03-24T10:30:29.709Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119703385Z", + "ingested": "2024-06-17T12:35:31.355888214Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <> <> <38f025ff-7924-471b-bac8-a419692aabf9-0000001b> <1648117829709> <[severity-value: 32] [rid: 0:6] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -521,17 +549,19 @@ { "@timestamp": "2022-03-24T10:30:29.710Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "network" ], - "ingested": "2023-10-18T10:26:25.119704135Z", + "ingested": "2024-06-17T12:35:31.355889580Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <[ACTIVE] ExecuteThread: '2' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <38f025ff-7924-471b-bac8-a419692aabf9-0000001b> <1648117829710> <[severity-value: 32] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" diff --git a/packages/oracle_weblogic/data_stream/domain/elasticsearch/ingest_pipeline/default.yml b/packages/oracle_weblogic/data_stream/domain/elasticsearch/ingest_pipeline/default.yml index 006fafafc44a..fb2418cedea0 100644 --- a/packages/oracle_weblogic/data_stream/domain/elasticsearch/ingest_pipeline/default.yml +++ b/packages/oracle_weblogic/data_stream/domain/elasticsearch/ingest_pipeline/default.yml @@ -8,7 +8,7 @@ processors: ignore_failure: true - set: field: ecs.version - value: 8.5.1 + value: 8.11.0 ignore_empty_value: true ignore_failure: true - set: @@ -23,13 +23,12 @@ processors: ignore_failure: true - set: field: event.type - value: info + value: ["info"] ignore_empty_value: true ignore_failure: true - append: field: event.category - value: - - log + value: ["network"] ignore_failure: true - rename: field: message diff --git a/packages/oracle_weblogic/data_stream/domain/fields/base-fields.yml b/packages/oracle_weblogic/data_stream/domain/fields/base-fields.yml index 1521a0239e8a..e36d466bdd13 100644 --- a/packages/oracle_weblogic/data_stream/domain/fields/base-fields.yml +++ b/packages/oracle_weblogic/data_stream/domain/fields/base-fields.yml @@ -7,8 +7,6 @@ - name: data_stream.type type: constant_keyword description: Data stream type. -- name: message - external: ecs - name: '@timestamp' type: date description: Event timestamp. diff --git a/packages/oracle_weblogic/data_stream/domain/fields/ecs.yml b/packages/oracle_weblogic/data_stream/domain/fields/ecs.yml deleted file mode 100644 index 40e7af826db4..000000000000 --- a/packages/oracle_weblogic/data_stream/domain/fields/ecs.yml +++ /dev/null @@ -1,14 +0,0 @@ -- external: ecs - name: ecs.version -- external: ecs - name: host.ip -- external: ecs - name: log.file.path -- external: ecs - name: log.level -- external: ecs - name: tags -- external: ecs - name: transaction.id -- external: ecs - name: user.id diff --git a/packages/oracle_weblogic/data_stream/domain/sample_event.json b/packages/oracle_weblogic/data_stream/domain/sample_event.json index fc090c7e4dd6..f312f15d8c31 100644 --- a/packages/oracle_weblogic/data_stream/domain/sample_event.json +++ b/packages/oracle_weblogic/data_stream/domain/sample_event.json @@ -13,7 +13,7 @@ "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "2f35c5e6-c16d-4b67-a955-b81668aca1aa", @@ -23,14 +23,16 @@ "event": { "agent_id_status": "verified", "category": [ - "log" + "network" ], "dataset": "oracle_weblogic.domain", "ingested": "2022-05-09T12:29:51Z", "kind": "event", "module": "oracle_weblogic", - "original": "####\u003cMar 24, 2022 10:30:27,263 AM GMT\u003e \u003cWarning\u003e \u003cSocket\u003e \u003cwlsadmin\u003e \u003cAdminServer\u003e \u003c[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'\u003e \u003c\u003cWLS Kernel\u003e\u003e \u003c\u003e \u003c38f025ff-7924-471b-bac8-a419692aabf9-00000018\u003e \u003c1648117827263\u003e \u003c[severity-value: 16] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] \u003e \u003cBEA-000449\u003e \u003cClosing the socket, as no data read from it on 172.18.0.1:41,972 during the configured idle timeout of 5 seconds.\u003e ", - "type": "info" + "original": "#### <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <38f025ff-7924-471b-bac8-a419692aabf9-00000018> <1648117827263> <[severity-value: 16] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", + "type": [ + "info" + ] }, "host": { "architecture": "x86_64", @@ -81,4 +83,4 @@ "transaction": { "id": "38f025ff-7924-471b-bac8-a419692aabf9-00000018" } -} \ No newline at end of file +} diff --git a/packages/oracle_weblogic/data_stream/managed_server/_dev/test/pipeline/test-managed-server.log-expected.json b/packages/oracle_weblogic/data_stream/managed_server/_dev/test/pipeline/test-managed-server.log-expected.json index fc52a8bfda72..46ed1586bd7a 100644 --- a/packages/oracle_weblogic/data_stream/managed_server/_dev/test/pipeline/test-managed-server.log-expected.json +++ b/packages/oracle_weblogic/data_stream/managed_server/_dev/test/pipeline/test-managed-server.log-expected.json @@ -3,17 +3,19 @@ { "@timestamp": "2022-03-24T10:29:56.637Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.947553720Z", + "ingested": "2024-06-17T12:35:32.025101260Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <> <> <1648117796637> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Info" @@ -36,17 +38,19 @@ { "@timestamp": "2022-03-24T10:30:01.642Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.947561970Z", + "ingested": "2024-06-17T12:35:32.025111722Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <> <> <1648117801642> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Info" @@ -69,17 +73,19 @@ { "@timestamp": "2022-03-24T10:30:06.843Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.947563179Z", + "ingested": "2024-06-17T12:35:32.025119713Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <> <> <1648117806843> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Info" @@ -102,17 +108,19 @@ { "@timestamp": "2022-03-24T10:30:07.114Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.947564012Z", + "ingested": "2024-06-17T12:35:32.025120829Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <> <> <1648117807114> <[severity-value: 32] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Notice" @@ -135,17 +143,19 @@ { "@timestamp": "2022-03-24T10:30:07.151Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.947564929Z", + "ingested": "2024-06-17T12:35:32.025121822Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <> <> <1648117807151> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Info" @@ -168,17 +178,19 @@ { "@timestamp": "2022-03-24T10:30:07.183Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.947565720Z", + "ingested": "2024-06-17T12:35:32.025122813Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <[STANDBY] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <> <1648117807183> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Info" @@ -201,17 +213,19 @@ { "@timestamp": "2022-03-24T10:30:07.206Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.947566554Z", + "ingested": "2024-06-17T12:35:32.025123795Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <> <> <1648117807206> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Info" @@ -234,17 +248,19 @@ { "@timestamp": "2022-03-24T10:30:07.234Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.947567304Z", + "ingested": "2024-06-17T12:35:32.025124789Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <> <> <1648117807234> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Info" @@ -267,17 +283,19 @@ { "@timestamp": "2022-03-24T10:30:07.237Z", "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "event": { "category": [ - "log" + "iam" ], - "ingested": "2023-10-13T11:27:51.947568137Z", + "ingested": "2024-06-17T12:35:32.025125858Z", "kind": "event", "module": "oracle_weblogic", "original": "#### <5565e043d1b0> <> <> <> <> <1648117807237> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", - "type": "info" + "type": [ + "info" + ] }, "log": { "level": "Info" diff --git a/packages/oracle_weblogic/data_stream/managed_server/elasticsearch/ingest_pipeline/default.yml b/packages/oracle_weblogic/data_stream/managed_server/elasticsearch/ingest_pipeline/default.yml index 1dd9fe83ab6d..b887e866b884 100644 --- a/packages/oracle_weblogic/data_stream/managed_server/elasticsearch/ingest_pipeline/default.yml +++ b/packages/oracle_weblogic/data_stream/managed_server/elasticsearch/ingest_pipeline/default.yml @@ -8,7 +8,7 @@ processors: ignore_failure: true - set: field: ecs.version - value: 8.5.1 + value: 8.11.0 ignore_empty_value: true ignore_failure: true - set: @@ -23,13 +23,12 @@ processors: ignore_failure: true - set: field: event.type - value: info + value: ["info"] ignore_empty_value: true ignore_failure: true - append: field: event.category - value: - - log + value: ["iam"] ignore_failure: true - rename: field: message diff --git a/packages/oracle_weblogic/data_stream/managed_server/fields/base-fields.yml b/packages/oracle_weblogic/data_stream/managed_server/fields/base-fields.yml index 1521a0239e8a..e36d466bdd13 100644 --- a/packages/oracle_weblogic/data_stream/managed_server/fields/base-fields.yml +++ b/packages/oracle_weblogic/data_stream/managed_server/fields/base-fields.yml @@ -7,8 +7,6 @@ - name: data_stream.type type: constant_keyword description: Data stream type. -- name: message - external: ecs - name: '@timestamp' type: date description: Event timestamp. diff --git a/packages/oracle_weblogic/data_stream/managed_server/fields/ecs.yml b/packages/oracle_weblogic/data_stream/managed_server/fields/ecs.yml deleted file mode 100644 index 40e7af826db4..000000000000 --- a/packages/oracle_weblogic/data_stream/managed_server/fields/ecs.yml +++ /dev/null @@ -1,14 +0,0 @@ -- external: ecs - name: ecs.version -- external: ecs - name: host.ip -- external: ecs - name: log.file.path -- external: ecs - name: log.level -- external: ecs - name: tags -- external: ecs - name: transaction.id -- external: ecs - name: user.id diff --git a/packages/oracle_weblogic/data_stream/managed_server/sample_event.json b/packages/oracle_weblogic/data_stream/managed_server/sample_event.json index 58d404ef4b33..efcd7a98baf7 100644 --- a/packages/oracle_weblogic/data_stream/managed_server/sample_event.json +++ b/packages/oracle_weblogic/data_stream/managed_server/sample_event.json @@ -13,7 +13,7 @@ "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "e27eb192-b14d-4af1-8861-fd7cbadb3643", @@ -23,14 +23,16 @@ "event": { "agent_id_status": "verified", "category": [ - "log" + "iam" ], "dataset": "oracle_weblogic.managed_server", "ingested": "2022-05-09T11:59:45Z", "kind": "event", "module": "oracle_weblogic", - "original": "####\u003cMar 24, 2022 10:29:56,637 AM GMT\u003e \u003cInfo\u003e \u003cManagement\u003e \u003c5565e043d1b0\u003e \u003c\u003e \u003cThread-12\u003e \u003c\u003e \u003c\u003e \u003c\u003e \u003c1648117796637\u003e \u003c[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] \u003e \u003cBEA-141307\u003e \u003cUnable to connect to the Administration Server. Waiting 5 second(s) to retry (attempt number 2 of 3).\u003e ", - "type": "info" + "original": "#### <5565e043d1b0> <> <> <> <> <1648117796637> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", + "type": [ + "info" + ] }, "host": { "architecture": "x86_64", @@ -77,4 +79,4 @@ "tags": [ "oracle_weblogic-managed_server" ] -} \ No newline at end of file +} diff --git a/packages/oracle_weblogic/data_stream/threadpool/elasticsearch/ingest_pipeline/default.yml b/packages/oracle_weblogic/data_stream/threadpool/elasticsearch/ingest_pipeline/default.yml index 25724e88665c..7653a2717f88 100644 --- a/packages/oracle_weblogic/data_stream/threadpool/elasticsearch/ingest_pipeline/default.yml +++ b/packages/oracle_weblogic/data_stream/threadpool/elasticsearch/ingest_pipeline/default.yml @@ -3,7 +3,7 @@ description: Pipeline for parsing Oracle WebLogic ThreadPool metrics. processors: - set: field: ecs.version - value: "8.5.1" + value: "8.11.0" ignore_failure: true - rename: field: message diff --git a/packages/oracle_weblogic/data_stream/threadpool/fields/ecs.yml b/packages/oracle_weblogic/data_stream/threadpool/fields/ecs.yml index ffe6c5710530..4c46290bbed8 100644 --- a/packages/oracle_weblogic/data_stream/threadpool/fields/ecs.yml +++ b/packages/oracle_weblogic/data_stream/threadpool/fields/ecs.yml @@ -19,33 +19,9 @@ - external: ecs name: container.id dimension: true -- external: ecs - name: ecs.version -- external: ecs - name: error.message -- external: ecs - name: event.category -- external: ecs - name: event.created -- external: ecs - name: event.dataset -- external: ecs - name: event.kind -- external: ecs - name: event.module -- external: ecs - name: event.outcome -- external: ecs - name: event.type -- external: ecs - name: host.ip - external: ecs name: host.name dimension: true - external: ecs name: service.address dimension: true -- external: ecs - name: service.type -- external: ecs - name: tags diff --git a/packages/oracle_weblogic/data_stream/threadpool/sample_event.json b/packages/oracle_weblogic/data_stream/threadpool/sample_event.json index 78da57aabb36..271d048c471a 100644 --- a/packages/oracle_weblogic/data_stream/threadpool/sample_event.json +++ b/packages/oracle_weblogic/data_stream/threadpool/sample_event.json @@ -13,7 +13,7 @@ "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "89fbf5a1-dedd-4f8f-a1ee-97a7e3ec1ed2", @@ -97,4 +97,4 @@ "tags": [ "oracle_weblogic-threadpool" ] -} \ No newline at end of file +} diff --git a/packages/oracle_weblogic/docs/README.md b/packages/oracle_weblogic/docs/README.md index 014612aa308e..7f1c6e60fbf5 100644 --- a/packages/oracle_weblogic/docs/README.md +++ b/packages/oracle_weblogic/docs/README.md @@ -63,7 +63,7 @@ An example event for `access` looks as following: "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "d17bdd23-2a9d-4013-abe7-0652f306d69d", @@ -73,14 +73,16 @@ An example event for `access` looks as following: "event": { "agent_id_status": "verified", "category": [ - "log" + "network" ], "dataset": "oracle_weblogic.access", "ingested": "2022-04-25T06:53:32Z", "kind": "event", "module": "oracle_weblogic", "original": "172.17.32.1 - - [26/Mar/2022:23:40:04 +0530] \"GET /medrec/start.xhtml HTTP/1.1\" 200 8876 ", - "type": "access" + "type": [ + "access" + ] }, "host": { "architecture": "x86_64", @@ -133,6 +135,7 @@ An example event for `access` looks as following: "oracle_weblogic-access" ] } + ``` **Exported fields** @@ -143,20 +146,11 @@ An example event for `access` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| host.ip | Host ip addresses. | ip | -| http.request.method | HTTP request method. The value should retain its casing from the original event. For example, `GET`, `get`, and `GeT` are all considered valid values for this field. | keyword | -| http.request.referrer | Referrer for this HTTP request. | keyword | -| http.response.bytes | Total size in bytes of the response (body and headers). | long | -| http.response.status_code | HTTP response status code. | long | -| http.version | HTTP version. | keyword | | input.type | Input type. | keyword | -| log.file.path | Full path to the log file this event came from, including the file name. It should include the drive letter, when appropriate. If the event wasn't read from a log file, do not populate this field. | keyword | | log.flags | Flags for the log file. | keyword | | log.offset | Log offset. | long | | oracle_weblogic.access.authuser | The User identity allowing them access to an online service, connected device, or other resource. | keyword | | oracle_weblogic.access.host_address | The physical address of a computer in a network. | keyword | -| tags | List of keywords used to tag each event. | keyword | ### Admin Server logs @@ -181,7 +175,7 @@ An example event for `admin_server` looks as following: "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "2c65d5b2-0806-4fb1-96c2-b9852c73afd0", @@ -191,14 +185,16 @@ An example event for `admin_server` looks as following: "event": { "agent_id_status": "verified", "category": [ - "log" + "iam" ], "dataset": "oracle_weblogic.admin_server", "ingested": "2022-05-09T11:20:10Z", "kind": "event", "module": "oracle_weblogic", - "original": "####\u003cMar 24, 2022 10:29:51,865 AM GMT\u003e \u003cInfo\u003e \u003cServer\u003e \u003cwlsadmin\u003e \u003c\u003e \u003cThread-11\u003e \u003c\u003e \u003c\u003e \u003c\u003e \u003c1648117791865\u003e \u003c[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] \u003e \u003cBEA-002622\u003e \u003cThe protocol \"admin\" is now configured.\u003e ", - "type": "admin" + "original": "#### <> <> <> <> <1648117791865> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", + "type": [ + "admin" + ] }, "host": { "architecture": "x86_64", @@ -246,6 +242,7 @@ An example event for `admin_server` looks as following: "oracle_weblogic-admin_server" ] } + ``` **Exported fields** @@ -256,14 +253,9 @@ An example event for `admin_server` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| host.ip | Host ip addresses. | ip | | input.type | Input type. | keyword | -| log.file.path | Full path to the log file this event came from, including the file name. It should include the drive letter, when appropriate. If the event wasn't read from a log file, do not populate this field. | keyword | | log.flags | Flags for the log file. | keyword | -| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | | log.offset | Log offset. | long | -| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | match_only_text | | oracle_weblogic.admin_server.diagnostic_context_id | Context information to correlate messages coming from a specific request or application. | keyword | | oracle_weblogic.admin_server.machine_name | Machine Name is the DNS name of the computer that hosts the server instance. | keyword | | oracle_weblogic.admin_server.message_id | A unique identifier for the message. | keyword | @@ -271,9 +263,6 @@ An example event for `admin_server` looks as following: | oracle_weblogic.admin_server.server_name | Server Name is the name of the WebLogic Server instance on which the message was generated. | keyword | | oracle_weblogic.admin_server.subsystem | Indicates the subsystem of WebLogic Server that was the source of the message; for example, Enterprise Java Bean (EJB) container or Java Messaging Service (JMS). | keyword | | oracle_weblogic.admin_server.thread_id | Thread ID is the ID that the JVM assigns to the thread in which the message originated. | keyword | -| tags | List of keywords used to tag each event. | keyword | -| transaction.id | Unique identifier of the transaction within the scope of its trace. A transaction is the highest level of work measured within a service, such as a request to a server. | keyword | -| user.id | Unique identifier of the user. | keyword | ### Domain logs @@ -298,7 +287,7 @@ An example event for `domain` looks as following: "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "2f35c5e6-c16d-4b67-a955-b81668aca1aa", @@ -308,14 +297,16 @@ An example event for `domain` looks as following: "event": { "agent_id_status": "verified", "category": [ - "log" + "network" ], "dataset": "oracle_weblogic.domain", "ingested": "2022-05-09T12:29:51Z", "kind": "event", "module": "oracle_weblogic", - "original": "####\u003cMar 24, 2022 10:30:27,263 AM GMT\u003e \u003cWarning\u003e \u003cSocket\u003e \u003cwlsadmin\u003e \u003cAdminServer\u003e \u003c[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'\u003e \u003c\u003cWLS Kernel\u003e\u003e \u003c\u003e \u003c38f025ff-7924-471b-bac8-a419692aabf9-00000018\u003e \u003c1648117827263\u003e \u003c[severity-value: 16] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] \u003e \u003cBEA-000449\u003e \u003cClosing the socket, as no data read from it on 172.18.0.1:41,972 during the configured idle timeout of 5 seconds.\u003e ", - "type": "info" + "original": "#### <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <38f025ff-7924-471b-bac8-a419692aabf9-00000018> <1648117827263> <[severity-value: 16] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", + "type": [ + "info" + ] }, "host": { "architecture": "x86_64", @@ -367,6 +358,7 @@ An example event for `domain` looks as following: "id": "38f025ff-7924-471b-bac8-a419692aabf9-00000018" } } + ``` **Exported fields** @@ -377,14 +369,9 @@ An example event for `domain` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| host.ip | Host ip addresses. | ip | | input.type | Input type. | keyword | -| log.file.path | Full path to the log file this event came from, including the file name. It should include the drive letter, when appropriate. If the event wasn't read from a log file, do not populate this field. | keyword | | log.flags | Flags for the log file. | keyword | -| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | | log.offset | Log offset. | long | -| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | match_only_text | | oracle_weblogic.domain.diagnostic_context_id | Context information to correlate messages coming from a specific request or application. | keyword | | oracle_weblogic.domain.machine_name | Machine Name is the DNS name of the computer that hosts the server instance. | keyword | | oracle_weblogic.domain.message_id | A unique identifier for the message. | keyword | @@ -392,9 +379,6 @@ An example event for `domain` looks as following: | oracle_weblogic.domain.server_name | Server Name is the name of the WebLogic Server instance on which the message was generated. | keyword | | oracle_weblogic.domain.subsystem | Indicates the subsystem of WebLogic Server that was the source of the message; for example, Enterprise Java Bean (EJB) container or Java Messaging Service (JMS). | keyword | | oracle_weblogic.domain.thread_id | Thread ID is the ID that the JVM assigns to the thread in which the message originated. | keyword | -| tags | List of keywords used to tag each event. | keyword | -| transaction.id | Unique identifier of the transaction within the scope of its trace. A transaction is the highest level of work measured within a service, such as a request to a server. | keyword | -| user.id | Unique identifier of the user. | keyword | ### Managed Server Logs @@ -419,7 +403,7 @@ An example event for `managed_server` looks as following: "type": "logs" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "e27eb192-b14d-4af1-8861-fd7cbadb3643", @@ -429,14 +413,16 @@ An example event for `managed_server` looks as following: "event": { "agent_id_status": "verified", "category": [ - "log" + "iam" ], "dataset": "oracle_weblogic.managed_server", "ingested": "2022-05-09T11:59:45Z", "kind": "event", "module": "oracle_weblogic", - "original": "####\u003cMar 24, 2022 10:29:56,637 AM GMT\u003e \u003cInfo\u003e \u003cManagement\u003e \u003c5565e043d1b0\u003e \u003c\u003e \u003cThread-12\u003e \u003c\u003e \u003c\u003e \u003c\u003e \u003c1648117796637\u003e \u003c[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] \u003e \u003cBEA-141307\u003e \u003cUnable to connect to the Administration Server. Waiting 5 second(s) to retry (attempt number 2 of 3).\u003e ", - "type": "info" + "original": "#### <5565e043d1b0> <> <> <> <> <1648117796637> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", + "type": [ + "info" + ] }, "host": { "architecture": "x86_64", @@ -484,6 +470,7 @@ An example event for `managed_server` looks as following: "oracle_weblogic-managed_server" ] } + ``` **Exported fields** @@ -494,14 +481,9 @@ An example event for `managed_server` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| host.ip | Host ip addresses. | ip | | input.type | Input type. | keyword | -| log.file.path | Full path to the log file this event came from, including the file name. It should include the drive letter, when appropriate. If the event wasn't read from a log file, do not populate this field. | keyword | | log.flags | Flags for the log file. | keyword | -| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | | log.offset | Log offset. | long | -| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | match_only_text | | oracle_weblogic.managed_server.diagnostic_context_id | Context information to correlate messages coming from a specific request or application. | keyword | | oracle_weblogic.managed_server.machine_name | Machine Name is the DNS name of the computer that hosts the server instance. | keyword | | oracle_weblogic.managed_server.message_id | A unique identifier for the message. | keyword | @@ -509,9 +491,6 @@ An example event for `managed_server` looks as following: | oracle_weblogic.managed_server.server_name | Server Name is the name of the WebLogic Server instance on which the message was generated. | keyword | | oracle_weblogic.managed_server.subsystem | Indicates the subsystem of WebLogic Server that was the source of the message; for example, Enterprise Java Bean (EJB) container or Java Messaging Service (JMS). | keyword | | oracle_weblogic.managed_server.thread_id | Thread ID is the ID that the JVM assigns to the thread in which the message originated. | keyword | -| tags | List of keywords used to tag each event. | keyword | -| transaction.id | Unique identifier of the transaction within the scope of its trace. A transaction is the highest level of work measured within a service, such as a request to a server. | keyword | -| user.id | Unique identifier of the user. | keyword | ## Metrics @@ -538,7 +517,7 @@ An example event for `deployed_application` looks as following: "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "f5ae4eeb-820b-4f24-a94a-df327091d185", @@ -613,6 +592,7 @@ An example event for `deployed_application` looks as following: "oracle_weblogic-deployed_application" ] } + ``` **Exported fields** @@ -630,17 +610,7 @@ An example event for `deployed_application` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | -| error.message | Error message. | match_only_text | | -| event.category | This is one of four ECS Categorization Fields, and indicates the second level in the ECS category hierarchy. `event.category` represents the "big buckets" of ECS categories. For example, filtering on `event.category:process` yields all events relating to process activity. This field is closely related to `event.type`, which is used as a subcategory. This field is an array. This will allow proper categorization of some events that fall in multiple categories. | keyword | | -| event.created | event.created contains the date/time when the event was first read by an agent, or by your pipeline. This field is distinct from @timestamp in that @timestamp typically contain the time extracted from the original event. In most situations, these two timestamps will be slightly different. The difference can be used to calculate the delay between your source generating an event, and the time when your agent first processed it. This can be used to monitor your agent's or pipeline's ability to keep up with your event source. In case the two timestamps are identical, @timestamp should be used. | date | | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | | -| event.module | Name of the module this data is coming from. If your monitoring agent supports the concept of modules or plugins to process events of a given source (e.g. Apache logs), `event.module` should contain the name of this module. | keyword | | -| event.outcome | This is one of four ECS Categorization Fields, and indicates the lowest level in the ECS category hierarchy. `event.outcome` simply denotes whether the event represents a success or a failure from the perspective of the entity that produced the event. Note that when a single transaction is described in multiple events, each event may populate different values of `event.outcome`, according to their perspective. Also note that in the case of a compound event (a single event that contains multiple logical events), this field should be populated with the value that best captures the overall success or failure from the perspective of the event producer. Further note that not all events will have an associated outcome. For example, this field is generally not populated for metric events, events with `event.type:info`, or any events for which an outcome does not make logical sense. | keyword | | -| event.type | This is one of four ECS Categorization Fields, and indicates the third level in the ECS category hierarchy. `event.type` represents a categorization "sub-bucket" that, when used along with the `event.category` field values, enables filtering events down to a level appropriate for single visualization. This field is an array. This will allow proper categorization of some events that fall in multiple event types. | keyword | | -| host.ip | Host ip addresses. | ip | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | oracle_weblogic.deployed_application.deployment.state.name | Current state of the deployment as an keyword. | keyword | | | oracle_weblogic.deployed_application.deployment.state.value | Current state of the deployment as an integer. | long | gauge | | oracle_weblogic.deployed_application.session_timeout | Session timeout in integer. | long | gauge | @@ -651,8 +621,6 @@ An example event for `deployed_application` looks as following: | oracle_weblogic.deployed_application.source_info | Source info of the deployment as a keyword. | keyword | | | oracle_weblogic.deployed_application.status | Status of the deployment. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | -| tags | List of keywords used to tag each event. | keyword | | ### ThreadPool metrics @@ -677,7 +645,7 @@ An example event for `threadpool` looks as following: "type": "metrics" }, "ecs": { - "version": "8.5.1" + "version": "8.11.0" }, "elastic_agent": { "id": "89fbf5a1-dedd-4f8f-a1ee-97a7e3ec1ed2", @@ -762,6 +730,7 @@ An example event for `threadpool` looks as following: "oracle_weblogic-threadpool" ] } + ``` **Exported fields** @@ -779,17 +748,7 @@ An example event for `threadpool` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | -| error.message | Error message. | match_only_text | | -| event.category | This is one of four ECS Categorization Fields, and indicates the second level in the ECS category hierarchy. `event.category` represents the "big buckets" of ECS categories. For example, filtering on `event.category:process` yields all events relating to process activity. This field is closely related to `event.type`, which is used as a subcategory. This field is an array. This will allow proper categorization of some events that fall in multiple categories. | keyword | | -| event.created | event.created contains the date/time when the event was first read by an agent, or by your pipeline. This field is distinct from @timestamp in that @timestamp typically contain the time extracted from the original event. In most situations, these two timestamps will be slightly different. The difference can be used to calculate the delay between your source generating an event, and the time when your agent first processed it. This can be used to monitor your agent's or pipeline's ability to keep up with your event source. In case the two timestamps are identical, @timestamp should be used. | date | | -| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | | -| event.module | Name of the module this data is coming from. If your monitoring agent supports the concept of modules or plugins to process events of a given source (e.g. Apache logs), `event.module` should contain the name of this module. | keyword | | -| event.outcome | This is one of four ECS Categorization Fields, and indicates the lowest level in the ECS category hierarchy. `event.outcome` simply denotes whether the event represents a success or a failure from the perspective of the entity that produced the event. Note that when a single transaction is described in multiple events, each event may populate different values of `event.outcome`, according to their perspective. Also note that in the case of a compound event (a single event that contains multiple logical events), this field should be populated with the value that best captures the overall success or failure from the perspective of the event producer. Further note that not all events will have an associated outcome. For example, this field is generally not populated for metric events, events with `event.type:info`, or any events for which an outcome does not make logical sense. | keyword | | -| event.type | This is one of four ECS Categorization Fields, and indicates the third level in the ECS category hierarchy. `event.type` represents a categorization "sub-bucket" that, when used along with the `event.category` field values, enables filtering events down to a level appropriate for single visualization. This field is an array. This will allow proper categorization of some events that fall in multiple event types. | keyword | | -| host.ip | Host ip addresses. | ip | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | oracle_weblogic.threadpool.mbean | The name of the jolokia mbean. | keyword | | | oracle_weblogic.threadpool.queue.length | The number of pending requests in the priority queue. This is the total of internal system requests and user requests. | long | gauge | | oracle_weblogic.threadpool.requests.completed | The number of completed requests in the priority queue. | long | counter | @@ -805,6 +764,4 @@ An example event for `threadpool` looks as following: | oracle_weblogic.threadpool.throughput | The mean number of requests completed per second. | double | gauge | | oracle_weblogic.threadpool.work_manager.capacity.shared | Maximum amount of requests that can be accepted in the priority queue. Note that a request with higher priority will be accepted in place of a lower priority request already in the queue even after the threshold is reached. The lower priority request is kept waiting in the queue till all high priority requests are executed. Also note that further enqueues of the low priority requests are rejected right away. | long | gauge | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | -| tags | List of keywords used to tag each event. | keyword | | diff --git a/packages/oracle_weblogic/manifest.yml b/packages/oracle_weblogic/manifest.yml index f41ed675d2b6..8f9556769eba 100644 --- a/packages/oracle_weblogic/manifest.yml +++ b/packages/oracle_weblogic/manifest.yml @@ -9,7 +9,7 @@ categories: - observability conditions: kibana: - version: "^8.12.0" + version: "^8.13.0" elastic: subscription: basic screenshots: From ef31550dc9a725203aff9fd9f5ea680b1ca889f4 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Tue, 18 Jun 2024 10:51:02 +0530 Subject: [PATCH 08/21] add changelog.yml --- packages/cassandra/changelog.yml | 5 +++++ packages/cassandra/manifest.yml | 2 +- packages/nats/changelog.yml | 5 +++++ packages/nats/manifest.yml | 2 +- packages/oracle_weblogic/changelog.yml | 5 +++++ packages/oracle_weblogic/manifest.yml | 2 +- packages/prometheus/changelog.yml | 5 +++++ packages/prometheus/manifest.yml | 2 +- packages/rabbitmq/changelog.yml | 5 +++++ packages/rabbitmq/manifest.yml | 2 +- packages/spring_boot/changelog.yml | 5 +++++ packages/spring_boot/manifest.yml | 2 +- packages/stan/changelog.yml | 5 +++++ packages/stan/manifest.yml | 2 +- 14 files changed, 42 insertions(+), 7 deletions(-) diff --git a/packages/cassandra/changelog.yml b/packages/cassandra/changelog.yml index 04e1ed156e5b..4dd0329d76e5 100644 --- a/packages/cassandra/changelog.yml +++ b/packages/cassandra/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.13.0" + changes: + - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. + type: enhancement + link: https://github.com/elastic/integrations/pull/10162 - version: "1.12.2" changes: - description: Add documentation for setting up Jolokia to monitor Apache Cassandra. diff --git a/packages/cassandra/manifest.yml b/packages/cassandra/manifest.yml index 0c9161fc4a1b..52fec2c3ed40 100644 --- a/packages/cassandra/manifest.yml +++ b/packages/cassandra/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: cassandra title: Cassandra -version: "1.12.2" +version: "1.13.0" description: This Elastic integration collects logs and metrics from cassandra. type: integration categories: diff --git a/packages/nats/changelog.yml b/packages/nats/changelog.yml index db8e9767cc95..145780874fd6 100644 --- a/packages/nats/changelog.yml +++ b/packages/nats/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.7.0" + changes: + - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. + type: enhancement + link: https://github.com/elastic/integrations/pull/10162 - version: "1.6.0" changes: - description: Add global filter on data_stream.dataset to improve performance. diff --git a/packages/nats/manifest.yml b/packages/nats/manifest.yml index ef932ea6295b..6e5b56d93375 100644 --- a/packages/nats/manifest.yml +++ b/packages/nats/manifest.yml @@ -1,6 +1,6 @@ name: nats title: NATS -version: 1.6.0 +version: 1.7.0 release: ga description: Collect logs and metrics from NATS servers with Elastic Agent. type: integration diff --git a/packages/oracle_weblogic/changelog.yml b/packages/oracle_weblogic/changelog.yml index 8b22c4e83e3f..dce39ac235ce 100644 --- a/packages/oracle_weblogic/changelog.yml +++ b/packages/oracle_weblogic/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.6.0" + changes: + - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. + type: enhancement + link: https://github.com/elastic/integrations/pull/10162 - version: "1.5.1" changes: - description: Update README with reindexing steps. diff --git a/packages/oracle_weblogic/manifest.yml b/packages/oracle_weblogic/manifest.yml index 8f9556769eba..3bacdde2c21a 100644 --- a/packages/oracle_weblogic/manifest.yml +++ b/packages/oracle_weblogic/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: oracle_weblogic title: Oracle WebLogic -version: "1.5.1" +version: "1.6.0" description: Collect logs and metrics from Oracle WebLogic with Elastic Agent. type: integration categories: diff --git a/packages/prometheus/changelog.yml b/packages/prometheus/changelog.yml index 830015d15825..049d6d878e1c 100644 --- a/packages/prometheus/changelog.yml +++ b/packages/prometheus/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.16.0" + changes: + - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. + type: enhancement + link: https://github.com/elastic/integrations/pull/10162 - version: "1.15.2" changes: - description: Fix typo - Replace "darastream" with "datastream" diff --git a/packages/prometheus/manifest.yml b/packages/prometheus/manifest.yml index 93b9ba2edac1..6679cb658e1e 100644 --- a/packages/prometheus/manifest.yml +++ b/packages/prometheus/manifest.yml @@ -1,7 +1,7 @@ format_version: 2.10.0 name: prometheus title: Prometheus -version: 1.15.2 +version: 1.16.0 description: Collect metrics from Prometheus servers with Elastic Agent. type: integration categories: diff --git a/packages/rabbitmq/changelog.yml b/packages/rabbitmq/changelog.yml index 691a1388cd46..4f783d227d9b 100644 --- a/packages/rabbitmq/changelog.yml +++ b/packages/rabbitmq/changelog.yml @@ -1,3 +1,8 @@ +- version: "1.14.0" + changes: + - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. + type: enhancement + link: https://github.com/elastic/integrations/pull/10162 - version: 1.13.0 changes: - description: Enable secrets for sensitive fields. For more details, refer https://www.elastic.co/guide/en/fleet/current/agent-policy.html#agent-policy-secret-values diff --git a/packages/rabbitmq/manifest.yml b/packages/rabbitmq/manifest.yml index b5e5f3d6af4b..58c616921d0a 100644 --- a/packages/rabbitmq/manifest.yml +++ b/packages/rabbitmq/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: rabbitmq title: RabbitMQ Logs and Metrics -version: "1.13.0" +version: "1.14.0" description: Collect and parse logs from RabbitMQ servers with Elastic Agent. type: integration categories: diff --git a/packages/spring_boot/changelog.yml b/packages/spring_boot/changelog.yml index abc00c5b4a22..8cb9f5f311ce 100644 --- a/packages/spring_boot/changelog.yml +++ b/packages/spring_boot/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.5.0" + changes: + - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. + type: enhancement + link: https://github.com/elastic/integrations/pull/10162 - version: "1.4.0" changes: - description: Enable secrets for sensitive fields. For more details, refer https://www.elastic.co/guide/en/fleet/current/agent-policy.html#agent-policy-secret-values diff --git a/packages/spring_boot/manifest.yml b/packages/spring_boot/manifest.yml index 5fb534d31d67..d905dea5de51 100644 --- a/packages/spring_boot/manifest.yml +++ b/packages/spring_boot/manifest.yml @@ -1,7 +1,7 @@ format_version: "3.0.2" name: spring_boot title: Spring Boot -version: "1.4.0" +version: "1.5.0" description: This Elastic integration collects logs and metrics from Spring Boot integration. type: integration categories: diff --git a/packages/stan/changelog.yml b/packages/stan/changelog.yml index 29206491da8a..e48fb2014d1e 100644 --- a/packages/stan/changelog.yml +++ b/packages/stan/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "1.7.0" + changes: + - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. + type: enhancement + link: https://github.com/elastic/integrations/pull/10162 - version: "1.6.0" changes: - description: Add global filter on data_stream.dataset to improve performance. diff --git a/packages/stan/manifest.yml b/packages/stan/manifest.yml index b4f3295a8e31..7a168cdec288 100644 --- a/packages/stan/manifest.yml +++ b/packages/stan/manifest.yml @@ -1,6 +1,6 @@ name: stan title: STAN -version: 1.6.0 +version: 1.7.0 release: ga description: Collect logs and metrics from STAN servers with Elastic Agent. type: integration From 3a341f26017ab4dd24c520ec65dd5dae9ea8e9c7 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Tue, 18 Jun 2024 11:03:51 +0530 Subject: [PATCH 09/21] update PR link --- packages/cassandra/changelog.yml | 2 +- packages/nats/changelog.yml | 2 +- packages/oracle_weblogic/changelog.yml | 2 +- packages/prometheus/changelog.yml | 2 +- packages/rabbitmq/changelog.yml | 2 +- packages/spring_boot/changelog.yml | 2 +- packages/stan/changelog.yml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/packages/cassandra/changelog.yml b/packages/cassandra/changelog.yml index 4dd0329d76e5..d5d224ac4dc0 100644 --- a/packages/cassandra/changelog.yml +++ b/packages/cassandra/changelog.yml @@ -3,7 +3,7 @@ changes: - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. type: enhancement - link: https://github.com/elastic/integrations/pull/10162 + link: https://github.com/elastic/integrations/pull/10171 - version: "1.12.2" changes: - description: Add documentation for setting up Jolokia to monitor Apache Cassandra. diff --git a/packages/nats/changelog.yml b/packages/nats/changelog.yml index 145780874fd6..b6eefe539b1f 100644 --- a/packages/nats/changelog.yml +++ b/packages/nats/changelog.yml @@ -3,7 +3,7 @@ changes: - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. type: enhancement - link: https://github.com/elastic/integrations/pull/10162 + link: https://github.com/elastic/integrations/pull/10171 - version: "1.6.0" changes: - description: Add global filter on data_stream.dataset to improve performance. diff --git a/packages/oracle_weblogic/changelog.yml b/packages/oracle_weblogic/changelog.yml index dce39ac235ce..081936f5004c 100644 --- a/packages/oracle_weblogic/changelog.yml +++ b/packages/oracle_weblogic/changelog.yml @@ -3,7 +3,7 @@ changes: - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. type: enhancement - link: https://github.com/elastic/integrations/pull/10162 + link: https://github.com/elastic/integrations/pull/10171 - version: "1.5.1" changes: - description: Update README with reindexing steps. diff --git a/packages/prometheus/changelog.yml b/packages/prometheus/changelog.yml index 049d6d878e1c..27808ae25202 100644 --- a/packages/prometheus/changelog.yml +++ b/packages/prometheus/changelog.yml @@ -3,7 +3,7 @@ changes: - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. type: enhancement - link: https://github.com/elastic/integrations/pull/10162 + link: https://github.com/elastic/integrations/pull/10171 - version: "1.15.2" changes: - description: Fix typo - Replace "darastream" with "datastream" diff --git a/packages/rabbitmq/changelog.yml b/packages/rabbitmq/changelog.yml index 4f783d227d9b..366aa7b1058b 100644 --- a/packages/rabbitmq/changelog.yml +++ b/packages/rabbitmq/changelog.yml @@ -2,7 +2,7 @@ changes: - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. type: enhancement - link: https://github.com/elastic/integrations/pull/10162 + link: https://github.com/elastic/integrations/pull/10171 - version: 1.13.0 changes: - description: Enable secrets for sensitive fields. For more details, refer https://www.elastic.co/guide/en/fleet/current/agent-policy.html#agent-policy-secret-values diff --git a/packages/spring_boot/changelog.yml b/packages/spring_boot/changelog.yml index 8cb9f5f311ce..976cc8010acf 100644 --- a/packages/spring_boot/changelog.yml +++ b/packages/spring_boot/changelog.yml @@ -3,7 +3,7 @@ changes: - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. type: enhancement - link: https://github.com/elastic/integrations/pull/10162 + link: https://github.com/elastic/integrations/pull/10171 - version: "1.4.0" changes: - description: Enable secrets for sensitive fields. For more details, refer https://www.elastic.co/guide/en/fleet/current/agent-policy.html#agent-policy-secret-values diff --git a/packages/stan/changelog.yml b/packages/stan/changelog.yml index e48fb2014d1e..062abcce7086 100644 --- a/packages/stan/changelog.yml +++ b/packages/stan/changelog.yml @@ -3,7 +3,7 @@ changes: - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. type: enhancement - link: https://github.com/elastic/integrations/pull/10162 + link: https://github.com/elastic/integrations/pull/10171 - version: "1.6.0" changes: - description: Add global filter on data_stream.dataset to improve performance. From 20820b4f0578e8fd137a5647030e5ca2c605cd8c Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Tue, 18 Jun 2024 12:07:50 +0530 Subject: [PATCH 10/21] cassandra generate system tests --- .../data_stream/log/sample_event.json | 18 ++-- .../data_stream/metrics/sample_event.json | 69 +++++++-------- packages/cassandra/docs/README.md | 85 +++++++++---------- 3 files changed, 80 insertions(+), 92 deletions(-) diff --git a/packages/cassandra/data_stream/log/sample_event.json b/packages/cassandra/data_stream/log/sample_event.json index b2450faed833..45a6715cff91 100644 --- a/packages/cassandra/data_stream/log/sample_event.json +++ b/packages/cassandra/data_stream/log/sample_event.json @@ -1,12 +1,11 @@ { - "@timestamp": "2022-08-01T07:33:01.952Z", + "@timestamp": "2024-06-18T06:33:32.952Z", "agent": { - "ephemeral_id": "d6102ad8-04fe-46fa-bf67-cc98e3665348", - "hostname": "docker-fleet-agent", - "id": "d1a9277c-e5a2-4ee3-a973-18f2b62e3ad8", + "ephemeral_id": "b1e9fa09-5c73-45d9-b26f-184761635dd9", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "7.15.0" + "version": "8.13.0" }, "data_stream": { "dataset": "cassandra.log", @@ -17,9 +16,9 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "d1a9277c-e5a2-4ee3-a973-18f2b62e3ad8", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "7.15.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -27,10 +26,9 @@ "database" ], "dataset": "cassandra.log", - "ingested": "2022-08-01T07:33:17Z", + "ingested": "2024-06-18T06:34:02Z", "kind": "event", "module": "cassandra", - "original": "INFO [main] 2022-08-01 07:33:01,952 YamlConfigurationLoader.java:92 - Configuration location: file:/etc/cassandra/cassandra.yaml", "type": [ "info" ] @@ -61,4 +59,4 @@ "forwarded", "cassandra-systemlogs" ] -} +} \ No newline at end of file diff --git a/packages/cassandra/data_stream/metrics/sample_event.json b/packages/cassandra/data_stream/metrics/sample_event.json index d3b55bc1f7d8..a8513f018fb8 100644 --- a/packages/cassandra/data_stream/metrics/sample_event.json +++ b/packages/cassandra/data_stream/metrics/sample_event.json @@ -1,21 +1,20 @@ { - "@timestamp": "2022-08-02T07:46:20.906Z", + "@timestamp": "2024-06-18T06:35:01.265Z", "agent": { - "ephemeral_id": "dd01aaac-f888-4fdb-832d-d05840060d78", - "hostname": "docker-fleet-agent", - "id": "f8436de1-7850-497f-905d-b6c9ca3116ca", + "ephemeral_id": "51e65675-8699-4d2e-8c14-ecde813096e9", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "7.15.0" + "version": "8.13.0" }, "cassandra": { "metrics": { "cache": { "key_cache": { "capacity": 104857600, - "one_minute_hit_rate": 0.7055988630359871, + "one_minute_hit_rate": 0, "requests": { - "one_minute_rate": 10.000444146293233 + "one_minute_rate": 12 } }, "row_cache": { @@ -59,10 +58,10 @@ } }, "column_family": { - "total_disk_space_used": 72611 + "total_disk_space_used": 72566 }, "compaction": { - "completed": 45, + "completed": 44, "pending": 0 }, "dropped_message": { @@ -81,11 +80,11 @@ "gc": { "concurrent_mark_sweep": { "collection_count": 1, - "collection_time": 27 + "collection_time": 26 }, "par_new": { "collection_count": 1, - "collection_time": 24 + "collection_time": 29 } }, "memory": { @@ -93,34 +92,32 @@ "committed": 4054777856, "init": 4158652416, "max": 4054777856, - "used": 478032264 + "used": 481894272 }, "other_usage": { - "committed": 62853120, + "committed": 62337024, "init": 2555904, "max": -1, - "used": 61234528 + "used": 60729840 } }, "storage": { "exceptions": 0, - "load": 72611, + "load": 72566, "total_hint_in_progress": 0, "total_hints": 0 }, "system": { "cluster": "Test Cluster", "data_center": "datacenter1", - "live_nodes": [ - "192.168.224.2" - ], + "live_nodes": "192.168.247.2", "rack": "rack1", "version": "3.11.11" }, "table": { - "all_memtables_heap_size": 4569, + "all_memtables_heap_size": 4584, "all_memtables_off_heap_size": 0, - "live_disk_space_used": 72611, + "live_disk_space_used": 72566, "live_ss_table_count": 11 }, "task": { @@ -171,19 +168,19 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "f8436de1-7850-497f-905d-b6c9ca3116ca", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "7.15.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "category": [ "database" ], - "created": "2022-08-02T07:46:20.906Z", + "created": "2024-06-18T06:35:01.265Z", "dataset": "cassandra.metrics", - "duration": 13448617, - "ingested": "2022-08-02T07:46:24Z", + "duration": 110507236, + "ingested": "2024-06-18T06:35:13Z", "kind": "event", "module": "cassandra", "type": [ @@ -194,22 +191,22 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "2cbd07697ac16c7d26f103cb3d40e3aa", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.192.7" + "192.168.245.7" ], "mac": [ - "02:42:c0:a8:c0:07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "3.10.0-1160.71.1.el7.x86_64", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -217,7 +214,7 @@ "period": 10000 }, "service": { - "address": "http://elastic-package-service_cassandra_1:8778/jolokia/%3FignoreErrors=true&canonicalNaming=false", + "address": "http://elastic-package-service-cassandra-1:8778/jolokia/%3FignoreErrors=true&canonicalNaming=false", "type": "jolokia" } -} +} \ No newline at end of file diff --git a/packages/cassandra/docs/README.md b/packages/cassandra/docs/README.md index d4714ace5c7a..672af4af3ef0 100644 --- a/packages/cassandra/docs/README.md +++ b/packages/cassandra/docs/README.md @@ -81,14 +81,13 @@ An example event for `log` looks as following: ```json { - "@timestamp": "2022-08-01T07:33:01.952Z", + "@timestamp": "2024-06-18T06:33:32.952Z", "agent": { - "ephemeral_id": "d6102ad8-04fe-46fa-bf67-cc98e3665348", - "hostname": "docker-fleet-agent", - "id": "d1a9277c-e5a2-4ee3-a973-18f2b62e3ad8", + "ephemeral_id": "b1e9fa09-5c73-45d9-b26f-184761635dd9", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "7.15.0" + "version": "8.13.0" }, "data_stream": { "dataset": "cassandra.log", @@ -99,9 +98,9 @@ An example event for `log` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "d1a9277c-e5a2-4ee3-a973-18f2b62e3ad8", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "7.15.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -109,10 +108,9 @@ An example event for `log` looks as following: "database" ], "dataset": "cassandra.log", - "ingested": "2022-08-01T07:33:17Z", + "ingested": "2024-06-18T06:34:02Z", "kind": "event", "module": "cassandra", - "original": "INFO [main] 2022-08-01 07:33:01,952 YamlConfigurationLoader.java:92 - Configuration location: file:/etc/cassandra/cassandra.yaml", "type": [ "info" ] @@ -144,7 +142,6 @@ An example event for `log` looks as following: "cassandra-systemlogs" ] } - ``` **Exported fields** @@ -169,23 +166,22 @@ An example event for `metrics` looks as following: ```json { - "@timestamp": "2022-08-02T07:46:20.906Z", + "@timestamp": "2024-06-18T06:35:01.265Z", "agent": { - "ephemeral_id": "dd01aaac-f888-4fdb-832d-d05840060d78", - "hostname": "docker-fleet-agent", - "id": "f8436de1-7850-497f-905d-b6c9ca3116ca", + "ephemeral_id": "51e65675-8699-4d2e-8c14-ecde813096e9", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "7.15.0" + "version": "8.13.0" }, "cassandra": { "metrics": { "cache": { "key_cache": { "capacity": 104857600, - "one_minute_hit_rate": 0.7055988630359871, + "one_minute_hit_rate": 0, "requests": { - "one_minute_rate": 10.000444146293233 + "one_minute_rate": 12 } }, "row_cache": { @@ -229,10 +225,10 @@ An example event for `metrics` looks as following: } }, "column_family": { - "total_disk_space_used": 72611 + "total_disk_space_used": 72566 }, "compaction": { - "completed": 45, + "completed": 44, "pending": 0 }, "dropped_message": { @@ -251,11 +247,11 @@ An example event for `metrics` looks as following: "gc": { "concurrent_mark_sweep": { "collection_count": 1, - "collection_time": 27 + "collection_time": 26 }, "par_new": { "collection_count": 1, - "collection_time": 24 + "collection_time": 29 } }, "memory": { @@ -263,34 +259,32 @@ An example event for `metrics` looks as following: "committed": 4054777856, "init": 4158652416, "max": 4054777856, - "used": 478032264 + "used": 481894272 }, "other_usage": { - "committed": 62853120, + "committed": 62337024, "init": 2555904, "max": -1, - "used": 61234528 + "used": 60729840 } }, "storage": { "exceptions": 0, - "load": 72611, + "load": 72566, "total_hint_in_progress": 0, "total_hints": 0 }, "system": { "cluster": "Test Cluster", "data_center": "datacenter1", - "live_nodes": [ - "192.168.224.2" - ], + "live_nodes": "192.168.247.2", "rack": "rack1", "version": "3.11.11" }, "table": { - "all_memtables_heap_size": 4569, + "all_memtables_heap_size": 4584, "all_memtables_off_heap_size": 0, - "live_disk_space_used": 72611, + "live_disk_space_used": 72566, "live_ss_table_count": 11 }, "task": { @@ -341,19 +335,19 @@ An example event for `metrics` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "f8436de1-7850-497f-905d-b6c9ca3116ca", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "7.15.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "category": [ "database" ], - "created": "2022-08-02T07:46:20.906Z", + "created": "2024-06-18T06:35:01.265Z", "dataset": "cassandra.metrics", - "duration": 13448617, - "ingested": "2022-08-02T07:46:24Z", + "duration": 110507236, + "ingested": "2024-06-18T06:35:13Z", "kind": "event", "module": "cassandra", "type": [ @@ -364,22 +358,22 @@ An example event for `metrics` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "2cbd07697ac16c7d26f103cb3d40e3aa", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.192.7" + "192.168.245.7" ], "mac": [ - "02:42:c0:a8:c0:07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "3.10.0-1160.71.1.el7.x86_64", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -387,11 +381,10 @@ An example event for `metrics` looks as following: "period": 10000 }, "service": { - "address": "http://elastic-package-service_cassandra_1:8778/jolokia/%3FignoreErrors=true&canonicalNaming=false", + "address": "http://elastic-package-service-cassandra-1:8778/jolokia/%3FignoreErrors=true&canonicalNaming=false", "type": "jolokia" } } - ``` **Exported fields** From 53365dc1ef2aaeab0176733741159803e46ac519 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Tue, 18 Jun 2024 12:24:05 +0530 Subject: [PATCH 11/21] nats - generate system tests --- .../data_stream/connection/sample_event.json | 48 ++- .../data_stream/connections/sample_event.json | 44 ++- .../nats/data_stream/log/sample_event.json | 2 +- .../nats/data_stream/route/sample_event.json | 48 ++- .../nats/data_stream/routes/sample_event.json | 44 ++- .../nats/data_stream/stats/sample_event.json | 58 ++-- .../subscriptions/sample_event.json | 40 ++- packages/nats/docs/README.md | 284 ++++++++---------- 8 files changed, 260 insertions(+), 308 deletions(-) diff --git a/packages/nats/data_stream/connection/sample_event.json b/packages/nats/data_stream/connection/sample_event.json index 7c890ac14640..0582eb7075d2 100644 --- a/packages/nats/data_stream/connection/sample_event.json +++ b/packages/nats/data_stream/connection/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-01-12T02:43:51.172Z", + "@timestamp": "2024-06-18T06:39:34.665Z", "agent": { - "ephemeral_id": "3cf8068e-3998-4da7-b2f1-de14207c5d44", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "3565b6dd-89b9-4d31-bc0e-52bd652289ee", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.connection", @@ -13,40 +13,36 @@ "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.connection", - "duration": 276175024, - "ingested": "2022-01-12T02:43:52Z", + "duration": 1778759, + "ingested": "2024-06-18T06:39:46Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -57,8 +53,8 @@ "connection": { "idle_time": 0, "in": { - "bytes": 10310992, - "messages": 644437 + "bytes": 31946336, + "messages": 1996646 }, "name": "NATS Benchmark", "out": { @@ -67,10 +63,10 @@ }, "pending_bytes": 0, "subscriptions": 0, - "uptime": 24 + "uptime": 14 }, "server": { - "id": "NAMJNT4IYFE3N7FCYJWAKX3OKMQVIUSL7CN4EPBUXJNKSCTYCRHSVNTB" + "id": "NCKVGU7EX4KDOQDL6CQIEYBWSAVCA37KXRD5UOGRNGIFXOMDAV3VYKFJ" } }, "service": { diff --git a/packages/nats/data_stream/connections/sample_event.json b/packages/nats/data_stream/connections/sample_event.json index 9a6bc082473b..d357184fb9d1 100644 --- a/packages/nats/data_stream/connections/sample_event.json +++ b/packages/nats/data_stream/connections/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-01-12T02:46:48.367Z", + "@timestamp": "2024-06-18T06:42:06.763Z", "agent": { - "ephemeral_id": "3886806d-b880-4842-a4be-79391a8fc2e4", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "dd10a7db-f158-4b9b-aaf2-af4cdc3d6b06", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.connections", @@ -13,40 +13,36 @@ "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.connections", - "duration": 125128016, - "ingested": "2022-01-12T02:46:50Z", + "duration": 1514602, + "ingested": "2024-06-18T06:42:18Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -58,8 +54,8 @@ "total": 1 }, "server": { - "id": "NBBIEC4H2KI3XR4SUAATGL5INXZZS72ZUYMVJBCLKVDDEWCJCFZOXH7W", - "time": "2022-01-12T02:46:48.367495135Z" + "id": "NCNKDXBFQLH5L4U6H3BPZX2CYTOLLFFFKKMAPUCSKE2QYMMS2S7HGYMN", + "time": "2024-06-18T06:42:06.763Z" } }, "service": { diff --git a/packages/nats/data_stream/log/sample_event.json b/packages/nats/data_stream/log/sample_event.json index e01620321864..54f814f2f3b6 100644 --- a/packages/nats/data_stream/log/sample_event.json +++ b/packages/nats/data_stream/log/sample_event.json @@ -43,7 +43,7 @@ "192.168.192.8" ], "mac": [ - "02:42:c0:a8:c0:08" + "02-42-C0-A8-F5-07" ], "name": "5706c620a165", "os": { diff --git a/packages/nats/data_stream/route/sample_event.json b/packages/nats/data_stream/route/sample_event.json index ecd98b571d01..185e58efdd0c 100644 --- a/packages/nats/data_stream/route/sample_event.json +++ b/packages/nats/data_stream/route/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-01-12T02:49:43.071Z", + "@timestamp": "2024-06-18T06:44:35.066Z", "agent": { - "ephemeral_id": "7603b971-4c23-4474-94d7-736540cccfbc", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "6003d8f1-6313-4eb7-8d62-101876d13951", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.route", @@ -13,40 +13,36 @@ "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.route", - "duration": 37120483, - "ingested": "2022-01-12T02:49:47Z", + "duration": 1372502, + "ingested": "2024-06-18T06:44:47Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -59,18 +55,18 @@ "bytes": 0, "messages": 0 }, - "ip": "172.23.0.2", + "ip": "192.168.254.2", "out": { "bytes": 0, "messages": 0 }, "pending_size": 0, - "port": 43132, - "remote_id": "ND6TIOITFXLQL7IOQ6YF4YA76FO5DZKZ7RADTQFJH5Y22554RBAN23HE", + "port": 43212, + "remote_id": "NDLBUBM32KU4PB6T3NDNQOFUCNPVHPGEVLS5K2CYY2RHGOV6M3UBBXCF", "subscriptions": 0 }, "server": { - "id": "NDLSAJ5QGWF5IZJSOSOC7P22NTXGFIQMULUEZR2VC4HT4STJU6L36AIB" + "id": "NADJLTRJXDJIDP4EJTJ2ZLIYQENQKIRX23VYDPNGHPAWEAHLESEEENNM" } }, "service": { diff --git a/packages/nats/data_stream/routes/sample_event.json b/packages/nats/data_stream/routes/sample_event.json index 1c6f1bc4ff40..e887330a4b7f 100644 --- a/packages/nats/data_stream/routes/sample_event.json +++ b/packages/nats/data_stream/routes/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-01-12T02:52:26.015Z", + "@timestamp": "2024-06-18T06:46:57.937Z", "agent": { - "ephemeral_id": "5ca072d2-2eac-4cad-9a39-bdfec64f2640", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "109393c6-0e20-4b2a-b653-3fa5e35b5f7c", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.routes", @@ -13,40 +13,36 @@ "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.routes", - "duration": 29566227, - "ingested": "2022-01-12T02:52:29Z", + "duration": 1390061, + "ingested": "2024-06-18T06:47:09Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -58,8 +54,8 @@ "total": 1 }, "server": { - "id": "NAGYMNF4IADKFHPNJEJMQUWPYUVOWX3KC3V2UINL5QJYDVGIAZB7N3L6", - "time": "2022-01-12T02:52:26.015311657Z" + "id": "NCTCCFMHSIRDQEDRY54BNE6H5D2S476BITJEDHPZMOMCKZOITM6WWA6V", + "time": "2024-06-18T06:46:57.937Z" } }, "service": { diff --git a/packages/nats/data_stream/stats/sample_event.json b/packages/nats/data_stream/stats/sample_event.json index c6431b3d88fc..b6bbdfeedf29 100644 --- a/packages/nats/data_stream/stats/sample_event.json +++ b/packages/nats/data_stream/stats/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-01-12T02:55:11.384Z", + "@timestamp": "2024-06-18T06:49:17.492Z", "agent": { - "ephemeral_id": "259312b7-26e3-4a70-8c3a-720386a6a71e", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "4b9c9086-97a0-4aec-9cc4-b227f25eaf7b", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.stats", @@ -13,40 +13,36 @@ "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.stats", - "duration": 49665904, - "ingested": "2022-01-12T02:55:14Z", + "duration": 1739425, + "ingested": "2024-06-18T06:49:29Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -55,12 +51,12 @@ }, "nats": { "server": { - "id": "NCXFULRLCZMWAWXMVPHIAESOUAOURC2INJOQFODIMJ2IHZ3QE7BH7X74", - "time": "2022-01-12T02:55:11.384194105Z" + "id": "NDCZVPEIJLTFLUSYR6Y4OSKTDJ5QD4LTTBSOKJ6HPX3K3QZPF6CI6VMI", + "time": "2024-06-18T06:49:17.492Z" }, "stats": { - "cores": 1, - "cpu": 0.28, + "cores": 12, + "cpu": 1.03, "http": { "req_stats": { "uri": { @@ -68,16 +64,16 @@ "root": 0, "routez": 0, "subsz": 0, - "varz": 2 + "varz": 1 } } }, "in": { - "bytes": 13072240, - "messages": 817015 + "bytes": 29849184, + "messages": 1865574 }, "mem": { - "bytes": 12103680 + "bytes": 8806400 }, "out": { "bytes": 0, @@ -86,7 +82,7 @@ "remotes": 1, "slow_consumers": 0, "total_connections": 1, - "uptime": 23 + "uptime": 13 } }, "service": { diff --git a/packages/nats/data_stream/subscriptions/sample_event.json b/packages/nats/data_stream/subscriptions/sample_event.json index 7aea9274d9df..7b6d903f6820 100644 --- a/packages/nats/data_stream/subscriptions/sample_event.json +++ b/packages/nats/data_stream/subscriptions/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-01-12T02:57:55.837Z", + "@timestamp": "2024-06-18T06:51:43.719Z", "agent": { - "ephemeral_id": "29d75d7c-e650-4bf4-ba7a-f769e4edd5da", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "20d397d4-1143-4670-8a66-d8b8bceb57ac", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.subscriptions", @@ -13,40 +13,36 @@ "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.subscriptions", - "duration": 11100010, - "ingested": "2022-01-12T02:57:59Z", + "duration": 1163583, + "ingested": "2024-06-18T06:51:55Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { diff --git a/packages/nats/docs/README.md b/packages/nats/docs/README.md index fcab8ba9351c..a8a8d61cd841 100644 --- a/packages/nats/docs/README.md +++ b/packages/nats/docs/README.md @@ -62,7 +62,7 @@ An example event for `log` looks as following: "192.168.192.8" ], "mac": [ - "02:42:c0:a8:c0:08" + "02-42-C0-A8-F5-07" ], "name": "5706c620a165", "os": { @@ -146,13 +146,13 @@ An example event for `stats` looks as following: ```json { - "@timestamp": "2022-01-12T02:55:11.384Z", + "@timestamp": "2024-06-18T06:49:17.492Z", "agent": { - "ephemeral_id": "259312b7-26e3-4a70-8c3a-720386a6a71e", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "4b9c9086-97a0-4aec-9cc4-b227f25eaf7b", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.stats", @@ -160,40 +160,36 @@ An example event for `stats` looks as following: "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.stats", - "duration": 49665904, - "ingested": "2022-01-12T02:55:14Z", + "duration": 1739425, + "ingested": "2024-06-18T06:49:29Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -202,12 +198,12 @@ An example event for `stats` looks as following: }, "nats": { "server": { - "id": "NCXFULRLCZMWAWXMVPHIAESOUAOURC2INJOQFODIMJ2IHZ3QE7BH7X74", - "time": "2022-01-12T02:55:11.384194105Z" + "id": "NDCZVPEIJLTFLUSYR6Y4OSKTDJ5QD4LTTBSOKJ6HPX3K3QZPF6CI6VMI", + "time": "2024-06-18T06:49:17.492Z" }, "stats": { - "cores": 1, - "cpu": 0.28, + "cores": 12, + "cpu": 1.03, "http": { "req_stats": { "uri": { @@ -215,16 +211,16 @@ An example event for `stats` looks as following: "root": 0, "routez": 0, "subsz": 0, - "varz": 2 + "varz": 1 } } }, "in": { - "bytes": 13072240, - "messages": 817015 + "bytes": 29849184, + "messages": 1865574 }, "mem": { - "bytes": 12103680 + "bytes": 8806400 }, "out": { "bytes": 0, @@ -233,7 +229,7 @@ An example event for `stats` looks as following: "remotes": 1, "slow_consumers": 0, "total_connections": 1, - "uptime": 23 + "uptime": 13 } }, "service": { @@ -291,13 +287,13 @@ An example event for `connections` looks as following: ```json { - "@timestamp": "2022-01-12T02:46:48.367Z", + "@timestamp": "2024-06-18T06:42:06.763Z", "agent": { - "ephemeral_id": "3886806d-b880-4842-a4be-79391a8fc2e4", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "dd10a7db-f158-4b9b-aaf2-af4cdc3d6b06", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.connections", @@ -305,40 +301,36 @@ An example event for `connections` looks as following: "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.connections", - "duration": 125128016, - "ingested": "2022-01-12T02:46:50Z", + "duration": 1514602, + "ingested": "2024-06-18T06:42:18Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -350,8 +342,8 @@ An example event for `connections` looks as following: "total": 1 }, "server": { - "id": "NBBIEC4H2KI3XR4SUAATGL5INXZZS72ZUYMVJBCLKVDDEWCJCFZOXH7W", - "time": "2022-01-12T02:46:48.367495135Z" + "id": "NCNKDXBFQLH5L4U6H3BPZX2CYTOLLFFFKKMAPUCSKE2QYMMS2S7HGYMN", + "time": "2024-06-18T06:42:06.763Z" } }, "service": { @@ -394,13 +386,13 @@ An example event for `routes` looks as following: ```json { - "@timestamp": "2022-01-12T02:52:26.015Z", + "@timestamp": "2024-06-18T06:46:57.937Z", "agent": { - "ephemeral_id": "5ca072d2-2eac-4cad-9a39-bdfec64f2640", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "109393c6-0e20-4b2a-b653-3fa5e35b5f7c", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.routes", @@ -408,40 +400,36 @@ An example event for `routes` looks as following: "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.routes", - "duration": 29566227, - "ingested": "2022-01-12T02:52:29Z", + "duration": 1390061, + "ingested": "2024-06-18T06:47:09Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -453,8 +441,8 @@ An example event for `routes` looks as following: "total": 1 }, "server": { - "id": "NAGYMNF4IADKFHPNJEJMQUWPYUVOWX3KC3V2UINL5QJYDVGIAZB7N3L6", - "time": "2022-01-12T02:52:26.015311657Z" + "id": "NCTCCFMHSIRDQEDRY54BNE6H5D2S476BITJEDHPZMOMCKZOITM6WWA6V", + "time": "2024-06-18T06:46:57.937Z" } }, "service": { @@ -497,13 +485,13 @@ An example event for `subscriptions` looks as following: ```json { - "@timestamp": "2022-01-12T02:57:55.837Z", + "@timestamp": "2024-06-18T06:51:43.719Z", "agent": { - "ephemeral_id": "29d75d7c-e650-4bf4-ba7a-f769e4edd5da", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "20d397d4-1143-4670-8a66-d8b8bceb57ac", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.subscriptions", @@ -511,40 +499,36 @@ An example event for `subscriptions` looks as following: "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.subscriptions", - "duration": 11100010, - "ingested": "2022-01-12T02:57:59Z", + "duration": 1163583, + "ingested": "2024-06-18T06:51:55Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -614,13 +598,13 @@ An example event for `connection` looks as following: ```json { - "@timestamp": "2022-01-12T02:43:51.172Z", + "@timestamp": "2024-06-18T06:39:34.665Z", "agent": { - "ephemeral_id": "3cf8068e-3998-4da7-b2f1-de14207c5d44", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "3565b6dd-89b9-4d31-bc0e-52bd652289ee", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.connection", @@ -628,40 +612,36 @@ An example event for `connection` looks as following: "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.connection", - "duration": 276175024, - "ingested": "2022-01-12T02:43:52Z", + "duration": 1778759, + "ingested": "2024-06-18T06:39:46Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -672,8 +652,8 @@ An example event for `connection` looks as following: "connection": { "idle_time": 0, "in": { - "bytes": 10310992, - "messages": 644437 + "bytes": 31946336, + "messages": 1996646 }, "name": "NATS Benchmark", "out": { @@ -682,10 +662,10 @@ An example event for `connection` looks as following: }, "pending_bytes": 0, "subscriptions": 0, - "uptime": 24 + "uptime": 14 }, "server": { - "id": "NAMJNT4IYFE3N7FCYJWAKX3OKMQVIUSL7CN4EPBUXJNKSCTYCRHSVNTB" + "id": "NCKVGU7EX4KDOQDL6CQIEYBWSAVCA37KXRD5UOGRNGIFXOMDAV3VYKFJ" } }, "service": { @@ -736,13 +716,13 @@ An example event for `route` looks as following: ```json { - "@timestamp": "2022-01-12T02:49:43.071Z", + "@timestamp": "2024-06-18T06:44:35.066Z", "agent": { - "ephemeral_id": "7603b971-4c23-4474-94d7-736540cccfbc", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "6003d8f1-6313-4eb7-8d62-101876d13951", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "nats.route", @@ -750,40 +730,36 @@ An example event for `route` looks as following: "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "nats.route", - "duration": 37120483, - "ingested": "2022-01-12T02:49:47Z", + "duration": 1372502, + "ingested": "2024-06-18T06:44:47Z", "module": "nats" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.245.7", + "mac": "02-42-C0-A8-F5-07", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -796,18 +772,18 @@ An example event for `route` looks as following: "bytes": 0, "messages": 0 }, - "ip": "172.23.0.2", + "ip": "192.168.254.2", "out": { "bytes": 0, "messages": 0 }, "pending_size": 0, - "port": 43132, - "remote_id": "ND6TIOITFXLQL7IOQ6YF4YA76FO5DZKZ7RADTQFJH5Y22554RBAN23HE", + "port": 43212, + "remote_id": "NDLBUBM32KU4PB6T3NDNQOFUCNPVHPGEVLS5K2CYY2RHGOV6M3UBBXCF", "subscriptions": 0 }, "server": { - "id": "NDLSAJ5QGWF5IZJSOSOC7P22NTXGFIQMULUEZR2VC4HT4STJU6L36AIB" + "id": "NADJLTRJXDJIDP4EJTJ2ZLIYQENQKIRX23VYDPNGHPAWEAHLESEEENNM" } }, "service": { From 0cfd7ac59d551e7c7ff570f6543fb03cf8bb2624 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Tue, 18 Jun 2024 12:44:10 +0530 Subject: [PATCH 12/21] [oracle_weblogic] - generate system tests --- .../data_stream/access/sample_event.json | 34 +-- .../admin_server/sample_event.json | 38 +-- .../deployed_application/sample_event.json | 31 +-- .../data_stream/domain/sample_event.json | 51 ++-- .../managed_server/sample_event.json | 40 +-- .../data_stream/threadpool/sample_event.json | 55 ++-- packages/oracle_weblogic/docs/README.md | 243 ++++++++---------- 7 files changed, 220 insertions(+), 272 deletions(-) diff --git a/packages/oracle_weblogic/data_stream/access/sample_event.json b/packages/oracle_weblogic/data_stream/access/sample_event.json index 1fd2f9f96344..b9acfaa42f50 100644 --- a/packages/oracle_weblogic/data_stream/access/sample_event.json +++ b/packages/oracle_weblogic/data_stream/access/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-03-26T18:10:04.000Z", + "@timestamp": "2024-06-18T06:57:37.000Z", "agent": { - "ephemeral_id": "803b783e-44fb-41f8-ba17-08c31c34aae8", - "id": "d17bdd23-2a9d-4013-abe7-0652f306d69d", + "ephemeral_id": "98e5ffe5-df03-43bc-bb8e-bfb3de694ee6", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.access", @@ -16,9 +16,9 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "d17bdd23-2a9d-4013-abe7-0652f306d69d", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -26,10 +26,9 @@ "network" ], "dataset": "oracle_weblogic.access", - "ingested": "2022-04-25T06:53:32Z", + "ingested": "2024-06-18T06:58:44Z", "kind": "event", "module": "oracle_weblogic", - "original": "172.17.32.1 - - [26/Mar/2022:23:40:04 +0530] \"GET /medrec/start.xhtml HTTP/1.1\" 200 8876 ", "type": [ "access" ] @@ -38,30 +37,31 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.17.32.1" + "127.0.0.1" ], "mac": [ - "02:42:ac:12:00:07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "5.4.0-107-generic", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.3 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "http": { "request": { "method": "GET", - "referrer": "/medrec/start.xhtml" + "referrer": "/sample/index.jsp" }, "response": { - "bytes": 8876, + "bytes": 750, "status_code": 200 }, "version": "1.1" @@ -71,17 +71,17 @@ }, "log": { "file": { - "path": "/tmp/service_logs/oracle-weblogic-access.log" + "path": "/tmp/service_logs/adminserver/logs/access.log" }, "offset": 0 }, "oracle_weblogic": { "access": { "authuser": "-", - "host_address": "172.17.32.1" + "host_address": "127.0.0.1" } }, "tags": [ "oracle_weblogic-access" ] -} +} \ No newline at end of file diff --git a/packages/oracle_weblogic/data_stream/admin_server/sample_event.json b/packages/oracle_weblogic/data_stream/admin_server/sample_event.json index 24fb390d3e7c..a974304a6375 100644 --- a/packages/oracle_weblogic/data_stream/admin_server/sample_event.json +++ b/packages/oracle_weblogic/data_stream/admin_server/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-03-24T10:29:51.865Z", + "@timestamp": "2024-06-18T06:59:47.388Z", "agent": { - "ephemeral_id": "1e785926-cb16-442e-9599-91e10ef5228d", - "id": "2c65d5b2-0806-4fb1-96c2-b9852c73afd0", + "ephemeral_id": "eb27a024-3ff2-4d79-a4c1-86ffd80db450", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.admin_server", @@ -16,9 +16,9 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "2c65d5b2-0806-4fb1-96c2-b9852c73afd0", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -26,10 +26,9 @@ "iam" ], "dataset": "oracle_weblogic.admin_server", - "ingested": "2022-05-09T11:20:10Z", + "ingested": "2024-06-18T07:01:48Z", "kind": "event", "module": "oracle_weblogic", - "original": "#### <> <> <> <> <1648117791865> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", "type": [ "admin" ] @@ -38,21 +37,22 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.19.0.6" + "192.168.245.7" ], "mac": [ - "02:42:ac:13:00:06" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.59.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.3 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "input": { @@ -60,23 +60,23 @@ }, "log": { "file": { - "path": "/tmp/service_logs/oracle-weblogic-adminserver.log" + "path": "/tmp/service_logs/adminserver/logs/admin-server.log" }, "level": "Info", "offset": 0 }, - "message": "The protocol \"admin\" is now configured.", + "message": "Disabling the CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true.", "oracle_weblogic": { "admin_server": { - "diagnostic_context_id": "1648117791865", + "diagnostic_context_id": "1718693987388", "machine_name": "wlsadmin", - "message_id": "BEA-002622", + "message_id": "BEA-090905", "meta": "[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] ", - "subsystem": "Server", - "thread_id": "Thread-11" + "subsystem": "Security", + "thread_id": "main" } }, "tags": [ "oracle_weblogic-admin_server" ] -} +} \ No newline at end of file diff --git a/packages/oracle_weblogic/data_stream/deployed_application/sample_event.json b/packages/oracle_weblogic/data_stream/deployed_application/sample_event.json index d0c6b1c41642..99579b01fb08 100644 --- a/packages/oracle_weblogic/data_stream/deployed_application/sample_event.json +++ b/packages/oracle_weblogic/data_stream/deployed_application/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-06-01T06:06:16.679Z", + "@timestamp": "2024-06-18T07:03:43.008Z", "agent": { - "ephemeral_id": "9b5302d4-4654-485a-8708-b8c971d7ebd6", - "id": "f5ae4eeb-820b-4f24-a94a-df327091d185", + "ephemeral_id": "dc9d4e03-d8bf-428d-b21a-630a38824bcc", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.deployed_application", @@ -16,9 +16,9 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "f5ae4eeb-820b-4f24-a94a-df327091d185", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -26,8 +26,8 @@ "web" ], "dataset": "oracle_weblogic.deployed_application", - "duration": 27026922, - "ingested": "2022-06-01T06:06:20Z", + "duration": 1954627464, + "ingested": "2024-06-18T07:03:54Z", "kind": "metric", "module": "oracle_weblogic", "type": [ @@ -38,21 +38,22 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.31.0.7" + "192.168.245.7" ], "mac": [ - "02:42:ac:1f:00:07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.59.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.3 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -76,15 +77,15 @@ } }, "single_threaded_servlet_pool_size": 5, - "source_info": "weblogic.war", + "source_info": "bea_wls_deployment_internal.war", "status": "DEPLOYED" } }, "service": { - "address": "http://elastic-package-service_wlsadmin_1:8005/jolokia", + "address": "http://elastic-package-service-wlsadmin-1:8005/jolokia", "type": "jolokia" }, "tags": [ "oracle_weblogic-deployed_application" ] -} +} \ No newline at end of file diff --git a/packages/oracle_weblogic/data_stream/domain/sample_event.json b/packages/oracle_weblogic/data_stream/domain/sample_event.json index f312f15d8c31..550df0591840 100644 --- a/packages/oracle_weblogic/data_stream/domain/sample_event.json +++ b/packages/oracle_weblogic/data_stream/domain/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-03-24T10:30:27.263Z", + "@timestamp": "2024-06-18T07:04:50.877Z", "agent": { - "ephemeral_id": "98841608-fe35-4844-b829-880c24a1cef7", - "id": "2f35c5e6-c16d-4b67-a955-b81668aca1aa", + "ephemeral_id": "8593b7b5-07f0-4ec3-bdc4-06ff40098f2e", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.domain", @@ -16,9 +16,9 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "2f35c5e6-c16d-4b67-a955-b81668aca1aa", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -26,10 +26,9 @@ "network" ], "dataset": "oracle_weblogic.domain", - "ingested": "2022-05-09T12:29:51Z", + "ingested": "2024-06-18T07:07:06Z", "kind": "event", "module": "oracle_weblogic", - "original": "#### <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <38f025ff-7924-471b-bac8-a419692aabf9-00000018> <1648117827263> <[severity-value: 16] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", "type": [ "info" ] @@ -38,21 +37,22 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.25.0.7" + "192.168.245.7" ], "mac": [ - "02:42:ac:19:00:07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.59.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.3 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "input": { @@ -60,27 +60,24 @@ }, "log": { "file": { - "path": "/tmp/service_logs/oracle-weblogic-domain.log" + "path": "/tmp/service_logs/adminserver/domain1.log" }, - "level": "Warning", - "offset": 2823 + "level": "Notice", + "offset": 0 }, - "message": "Closing the socket, as no data read from it on 172.18.0.1:41,972 during the configured idle timeout of 5 seconds.", + "message": "Security pre-initializing using security realm: myrealm", "oracle_weblogic": { "domain": { - "diagnostic_context_id": "1648117827263", + "diagnostic_context_id": "1718694290877", "machine_name": "wlsadmin", - "message_id": "BEA-000449", - "meta": "[severity-value: 16] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] ", - "server_name": "AdminServer", - "subsystem": "Socket", - "thread_id": "[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'" + "message_id": "BEA-090946", + "meta": "[severity-value: 32] [partition-id: 0] [partition-name: DOMAIN] ", + "server_name": "admin-server", + "subsystem": "Security", + "thread_id": "[STANDBY] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'" } }, "tags": [ "oracle_weblogic-domain" - ], - "transaction": { - "id": "38f025ff-7924-471b-bac8-a419692aabf9-00000018" - } -} + ] +} \ No newline at end of file diff --git a/packages/oracle_weblogic/data_stream/managed_server/sample_event.json b/packages/oracle_weblogic/data_stream/managed_server/sample_event.json index efcd7a98baf7..9402209aad27 100644 --- a/packages/oracle_weblogic/data_stream/managed_server/sample_event.json +++ b/packages/oracle_weblogic/data_stream/managed_server/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-03-24T10:29:56.637Z", + "@timestamp": "2024-06-18T07:08:39.933Z", "agent": { - "ephemeral_id": "fc2f1df6-97a1-42bf-9f6b-904a765041e3", - "id": "e27eb192-b14d-4af1-8861-fd7cbadb3643", + "ephemeral_id": "8852cf23-5f53-4fcc-aed6-75d584b4e479", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.managed_server", @@ -16,9 +16,9 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "e27eb192-b14d-4af1-8861-fd7cbadb3643", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -26,10 +26,9 @@ "iam" ], "dataset": "oracle_weblogic.managed_server", - "ingested": "2022-05-09T11:59:45Z", + "ingested": "2024-06-18T07:09:56Z", "kind": "event", "module": "oracle_weblogic", - "original": "#### <5565e043d1b0> <> <> <> <> <1648117796637> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", "type": [ "info" ] @@ -38,21 +37,22 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.21.0.7" + "192.168.245.7" ], "mac": [ - "02:42:ac:15:00:07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.59.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.3 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "input": { @@ -60,23 +60,23 @@ }, "log": { "file": { - "path": "/tmp/service_logs/oracle-weblogic-managedserver.log" + "path": "/tmp/service_logs/managedserver/managed-server1.log" }, "level": "Info", "offset": 0 }, - "message": "Unable to connect to the Administration Server. Waiting 5 second(s) to retry (attempt number 2 of 3).", + "message": "Disabling the CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true.", "oracle_weblogic": { "managed_server": { - "diagnostic_context_id": "1648117796637", - "machine_name": "5565e043d1b0", - "message_id": "BEA-141307", + "diagnostic_context_id": "1718694519933", + "machine_name": "a22d5129529e", + "message_id": "BEA-090905", "meta": "[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] ", - "subsystem": "Management", - "thread_id": "Thread-12" + "subsystem": "Security", + "thread_id": "main" } }, "tags": [ "oracle_weblogic-managed_server" ] -} +} \ No newline at end of file diff --git a/packages/oracle_weblogic/data_stream/threadpool/sample_event.json b/packages/oracle_weblogic/data_stream/threadpool/sample_event.json index 271d048c471a..7d45c4c1b57d 100644 --- a/packages/oracle_weblogic/data_stream/threadpool/sample_event.json +++ b/packages/oracle_weblogic/data_stream/threadpool/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2023-08-23T11:54:38.053Z", + "@timestamp": "2024-06-18T07:12:00.351Z", "agent": { - "ephemeral_id": "4a2754ea-5dba-4b59-8d77-c0f70bfccae3", - "id": "89fbf5a1-dedd-4f8f-a1ee-97a7e3ec1ed2", + "ephemeral_id": "837f7bab-f401-4069-a15b-31ad7f230beb", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.4.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.threadpool", @@ -16,9 +16,9 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "89fbf5a1-dedd-4f8f-a1ee-97a7e3ec1ed2", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.4.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -26,8 +26,8 @@ "web" ], "dataset": "oracle_weblogic.threadpool", - "duration": 55017871, - "ingested": "2023-08-23T11:54:39Z", + "duration": 448877395, + "ingested": "2024-06-18T07:12:12Z", "kind": "metric", "module": "oracle_weblogic", "type": [ @@ -38,18 +38,18 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "e8978f2086c14e13b7a0af9ed0011d19", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.29.0.9" + "192.168.245.7" ], "mac": [ - "02-42-AC-1D-00-09" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.90.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", @@ -62,39 +62,18 @@ }, "oracle_weblogic": { "threadpool": { - "mbean": "com.bea:ServerRuntime=admin-server,Name=ThreadPoolRuntime,Type=ThreadPoolRuntime", - "queue": { - "length": 0 - }, - "requests": { - "completed": 1466, - "overload": { - "rejected": 0 - }, - "pending": 0 - }, + "mbean": "java.lang:type=Threading", "threads": { - "execute": { - "idle": 1, - "total": 15 - }, - "hogging": 0, - "standby": 14, - "stuck": 0 - }, - "throughput": 91.5, - "work_manager": { - "capacity": { - "shared": 65536 - } + "daemon": 39, + "total": 42 } } }, "service": { - "address": "http://elastic-package-service_wlsadmin_1:8005/jolokia", + "address": "http://elastic-package-service-wlsadmin-1:8005/jolokia", "type": "jolokia" }, "tags": [ "oracle_weblogic-threadpool" ] -} +} \ No newline at end of file diff --git a/packages/oracle_weblogic/docs/README.md b/packages/oracle_weblogic/docs/README.md index 7f1c6e60fbf5..96251a830c9b 100644 --- a/packages/oracle_weblogic/docs/README.md +++ b/packages/oracle_weblogic/docs/README.md @@ -49,13 +49,13 @@ An example event for `access` looks as following: ```json { - "@timestamp": "2022-03-26T18:10:04.000Z", + "@timestamp": "2024-06-18T06:57:37.000Z", "agent": { - "ephemeral_id": "803b783e-44fb-41f8-ba17-08c31c34aae8", - "id": "d17bdd23-2a9d-4013-abe7-0652f306d69d", + "ephemeral_id": "98e5ffe5-df03-43bc-bb8e-bfb3de694ee6", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.access", @@ -66,9 +66,9 @@ An example event for `access` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "d17bdd23-2a9d-4013-abe7-0652f306d69d", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -76,10 +76,9 @@ An example event for `access` looks as following: "network" ], "dataset": "oracle_weblogic.access", - "ingested": "2022-04-25T06:53:32Z", + "ingested": "2024-06-18T06:58:44Z", "kind": "event", "module": "oracle_weblogic", - "original": "172.17.32.1 - - [26/Mar/2022:23:40:04 +0530] \"GET /medrec/start.xhtml HTTP/1.1\" 200 8876 ", "type": [ "access" ] @@ -88,30 +87,31 @@ An example event for `access` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.17.32.1" + "127.0.0.1" ], "mac": [ - "02:42:ac:12:00:07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "5.4.0-107-generic", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.3 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "http": { "request": { "method": "GET", - "referrer": "/medrec/start.xhtml" + "referrer": "/sample/index.jsp" }, "response": { - "bytes": 8876, + "bytes": 750, "status_code": 200 }, "version": "1.1" @@ -121,21 +121,20 @@ An example event for `access` looks as following: }, "log": { "file": { - "path": "/tmp/service_logs/oracle-weblogic-access.log" + "path": "/tmp/service_logs/adminserver/logs/access.log" }, "offset": 0 }, "oracle_weblogic": { "access": { "authuser": "-", - "host_address": "172.17.32.1" + "host_address": "127.0.0.1" } }, "tags": [ "oracle_weblogic-access" ] } - ``` **Exported fields** @@ -161,13 +160,13 @@ An example event for `admin_server` looks as following: ```json { - "@timestamp": "2022-03-24T10:29:51.865Z", + "@timestamp": "2024-06-18T06:59:47.388Z", "agent": { - "ephemeral_id": "1e785926-cb16-442e-9599-91e10ef5228d", - "id": "2c65d5b2-0806-4fb1-96c2-b9852c73afd0", + "ephemeral_id": "eb27a024-3ff2-4d79-a4c1-86ffd80db450", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.admin_server", @@ -178,9 +177,9 @@ An example event for `admin_server` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "2c65d5b2-0806-4fb1-96c2-b9852c73afd0", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -188,10 +187,9 @@ An example event for `admin_server` looks as following: "iam" ], "dataset": "oracle_weblogic.admin_server", - "ingested": "2022-05-09T11:20:10Z", + "ingested": "2024-06-18T07:01:48Z", "kind": "event", "module": "oracle_weblogic", - "original": "#### <> <> <> <> <1648117791865> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", "type": [ "admin" ] @@ -200,21 +198,22 @@ An example event for `admin_server` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.19.0.6" + "192.168.245.7" ], "mac": [ - "02:42:ac:13:00:06" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.59.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.3 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "input": { @@ -222,27 +221,26 @@ An example event for `admin_server` looks as following: }, "log": { "file": { - "path": "/tmp/service_logs/oracle-weblogic-adminserver.log" + "path": "/tmp/service_logs/adminserver/logs/admin-server.log" }, "level": "Info", "offset": 0 }, - "message": "The protocol \"admin\" is now configured.", + "message": "Disabling the CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true.", "oracle_weblogic": { "admin_server": { - "diagnostic_context_id": "1648117791865", + "diagnostic_context_id": "1718693987388", "machine_name": "wlsadmin", - "message_id": "BEA-002622", + "message_id": "BEA-090905", "meta": "[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] ", - "subsystem": "Server", - "thread_id": "Thread-11" + "subsystem": "Security", + "thread_id": "main" } }, "tags": [ "oracle_weblogic-admin_server" ] } - ``` **Exported fields** @@ -273,13 +271,13 @@ An example event for `domain` looks as following: ```json { - "@timestamp": "2022-03-24T10:30:27.263Z", + "@timestamp": "2024-06-18T07:04:50.877Z", "agent": { - "ephemeral_id": "98841608-fe35-4844-b829-880c24a1cef7", - "id": "2f35c5e6-c16d-4b67-a955-b81668aca1aa", + "ephemeral_id": "8593b7b5-07f0-4ec3-bdc4-06ff40098f2e", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.domain", @@ -290,9 +288,9 @@ An example event for `domain` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "2f35c5e6-c16d-4b67-a955-b81668aca1aa", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -300,10 +298,9 @@ An example event for `domain` looks as following: "network" ], "dataset": "oracle_weblogic.domain", - "ingested": "2022-05-09T12:29:51Z", + "ingested": "2024-06-18T07:07:06Z", "kind": "event", "module": "oracle_weblogic", - "original": "#### <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <> <> <38f025ff-7924-471b-bac8-a419692aabf9-00000018> <1648117827263> <[severity-value: 16] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] > ", "type": [ "info" ] @@ -312,21 +309,22 @@ An example event for `domain` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.25.0.7" + "192.168.245.7" ], "mac": [ - "02:42:ac:19:00:07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.59.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.3 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "input": { @@ -334,31 +332,27 @@ An example event for `domain` looks as following: }, "log": { "file": { - "path": "/tmp/service_logs/oracle-weblogic-domain.log" + "path": "/tmp/service_logs/adminserver/domain1.log" }, - "level": "Warning", - "offset": 2823 + "level": "Notice", + "offset": 0 }, - "message": "Closing the socket, as no data read from it on 172.18.0.1:41,972 during the configured idle timeout of 5 seconds.", + "message": "Security pre-initializing using security realm: myrealm", "oracle_weblogic": { "domain": { - "diagnostic_context_id": "1648117827263", + "diagnostic_context_id": "1718694290877", "machine_name": "wlsadmin", - "message_id": "BEA-000449", - "meta": "[severity-value: 16] [rid: 0] [partition-id: 0] [partition-name: DOMAIN] ", - "server_name": "AdminServer", - "subsystem": "Socket", - "thread_id": "[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'" + "message_id": "BEA-090946", + "meta": "[severity-value: 32] [partition-id: 0] [partition-name: DOMAIN] ", + "server_name": "admin-server", + "subsystem": "Security", + "thread_id": "[STANDBY] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'" } }, "tags": [ "oracle_weblogic-domain" - ], - "transaction": { - "id": "38f025ff-7924-471b-bac8-a419692aabf9-00000018" - } + ] } - ``` **Exported fields** @@ -389,13 +383,13 @@ An example event for `managed_server` looks as following: ```json { - "@timestamp": "2022-03-24T10:29:56.637Z", + "@timestamp": "2024-06-18T07:08:39.933Z", "agent": { - "ephemeral_id": "fc2f1df6-97a1-42bf-9f6b-904a765041e3", - "id": "e27eb192-b14d-4af1-8861-fd7cbadb3643", + "ephemeral_id": "8852cf23-5f53-4fcc-aed6-75d584b4e479", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.managed_server", @@ -406,9 +400,9 @@ An example event for `managed_server` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "e27eb192-b14d-4af1-8861-fd7cbadb3643", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -416,10 +410,9 @@ An example event for `managed_server` looks as following: "iam" ], "dataset": "oracle_weblogic.managed_server", - "ingested": "2022-05-09T11:59:45Z", + "ingested": "2024-06-18T07:09:56Z", "kind": "event", "module": "oracle_weblogic", - "original": "#### <5565e043d1b0> <> <> <> <> <1648117796637> <[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] > ", "type": [ "info" ] @@ -428,21 +421,22 @@ An example event for `managed_server` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.21.0.7" + "192.168.245.7" ], "mac": [ - "02:42:ac:15:00:07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.59.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.3 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "input": { @@ -450,27 +444,26 @@ An example event for `managed_server` looks as following: }, "log": { "file": { - "path": "/tmp/service_logs/oracle-weblogic-managedserver.log" + "path": "/tmp/service_logs/managedserver/managed-server1.log" }, "level": "Info", "offset": 0 }, - "message": "Unable to connect to the Administration Server. Waiting 5 second(s) to retry (attempt number 2 of 3).", + "message": "Disabling the CryptoJ JCE Provider self-integrity check for better startup performance. To enable this check, specify -Dweblogic.security.allowCryptoJDefaultJCEVerification=true.", "oracle_weblogic": { "managed_server": { - "diagnostic_context_id": "1648117796637", - "machine_name": "5565e043d1b0", - "message_id": "BEA-141307", + "diagnostic_context_id": "1718694519933", + "machine_name": "a22d5129529e", + "message_id": "BEA-090905", "meta": "[severity-value: 64] [partition-id: 0] [partition-name: DOMAIN] ", - "subsystem": "Management", - "thread_id": "Thread-12" + "subsystem": "Security", + "thread_id": "main" } }, "tags": [ "oracle_weblogic-managed_server" ] } - ``` **Exported fields** @@ -503,13 +496,13 @@ An example event for `deployed_application` looks as following: ```json { - "@timestamp": "2022-06-01T06:06:16.679Z", + "@timestamp": "2024-06-18T07:03:43.008Z", "agent": { - "ephemeral_id": "9b5302d4-4654-485a-8708-b8c971d7ebd6", - "id": "f5ae4eeb-820b-4f24-a94a-df327091d185", + "ephemeral_id": "dc9d4e03-d8bf-428d-b21a-630a38824bcc", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.deployed_application", @@ -520,9 +513,9 @@ An example event for `deployed_application` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "f5ae4eeb-820b-4f24-a94a-df327091d185", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -530,8 +523,8 @@ An example event for `deployed_application` looks as following: "web" ], "dataset": "oracle_weblogic.deployed_application", - "duration": 27026922, - "ingested": "2022-06-01T06:06:20Z", + "duration": 1954627464, + "ingested": "2024-06-18T07:03:54Z", "kind": "metric", "module": "oracle_weblogic", "type": [ @@ -542,21 +535,22 @@ An example event for `deployed_application` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.31.0.7" + "192.168.245.7" ], "mac": [ - "02:42:ac:1f:00:07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.59.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.3 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -580,19 +574,18 @@ An example event for `deployed_application` looks as following: } }, "single_threaded_servlet_pool_size": 5, - "source_info": "weblogic.war", + "source_info": "bea_wls_deployment_internal.war", "status": "DEPLOYED" } }, "service": { - "address": "http://elastic-package-service_wlsadmin_1:8005/jolokia", + "address": "http://elastic-package-service-wlsadmin-1:8005/jolokia", "type": "jolokia" }, "tags": [ "oracle_weblogic-deployed_application" ] } - ``` **Exported fields** @@ -631,13 +624,13 @@ An example event for `threadpool` looks as following: ```json { - "@timestamp": "2023-08-23T11:54:38.053Z", + "@timestamp": "2024-06-18T07:12:00.351Z", "agent": { - "ephemeral_id": "4a2754ea-5dba-4b59-8d77-c0f70bfccae3", - "id": "89fbf5a1-dedd-4f8f-a1ee-97a7e3ec1ed2", + "ephemeral_id": "837f7bab-f401-4069-a15b-31ad7f230beb", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.4.0" + "version": "8.13.0" }, "data_stream": { "dataset": "oracle_weblogic.threadpool", @@ -648,9 +641,9 @@ An example event for `threadpool` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "89fbf5a1-dedd-4f8f-a1ee-97a7e3ec1ed2", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.4.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -658,8 +651,8 @@ An example event for `threadpool` looks as following: "web" ], "dataset": "oracle_weblogic.threadpool", - "duration": 55017871, - "ingested": "2023-08-23T11:54:39Z", + "duration": 448877395, + "ingested": "2024-06-18T07:12:12Z", "kind": "metric", "module": "oracle_weblogic", "type": [ @@ -670,18 +663,18 @@ An example event for `threadpool` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "e8978f2086c14e13b7a0af9ed0011d19", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.29.0.9" + "192.168.245.7" ], "mac": [ - "02-42-AC-1D-00-09" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.90.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", @@ -694,43 +687,21 @@ An example event for `threadpool` looks as following: }, "oracle_weblogic": { "threadpool": { - "mbean": "com.bea:ServerRuntime=admin-server,Name=ThreadPoolRuntime,Type=ThreadPoolRuntime", - "queue": { - "length": 0 - }, - "requests": { - "completed": 1466, - "overload": { - "rejected": 0 - }, - "pending": 0 - }, + "mbean": "java.lang:type=Threading", "threads": { - "execute": { - "idle": 1, - "total": 15 - }, - "hogging": 0, - "standby": 14, - "stuck": 0 - }, - "throughput": 91.5, - "work_manager": { - "capacity": { - "shared": 65536 - } + "daemon": 39, + "total": 42 } } }, "service": { - "address": "http://elastic-package-service_wlsadmin_1:8005/jolokia", + "address": "http://elastic-package-service-wlsadmin-1:8005/jolokia", "type": "jolokia" }, "tags": [ "oracle_weblogic-threadpool" ] } - ``` **Exported fields** From dc6585f89177ae09248bb5a665564f434612274f Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Tue, 18 Jun 2024 12:53:07 +0530 Subject: [PATCH 13/21] [spring_boot] - generate system tests --- .../audit_events/sample_event.json | 25 +-- .../data_stream/gc/sample_event.json | 76 +++---- .../data_stream/http_trace/sample_event.json | 31 +-- .../data_stream/memory/sample_event.json | 36 ++-- .../data_stream/threading/sample_event.json | 34 +-- packages/spring_boot/docs/README.md | 197 +++++++++--------- 6 files changed, 199 insertions(+), 200 deletions(-) diff --git a/packages/spring_boot/data_stream/audit_events/sample_event.json b/packages/spring_boot/data_stream/audit_events/sample_event.json index 5218a2381e3a..4afcece9ad2b 100644 --- a/packages/spring_boot/data_stream/audit_events/sample_event.json +++ b/packages/spring_boot/data_stream/audit_events/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-08-05T09:30:10.644Z", + "@timestamp": "2024-06-18T07:15:52.565Z", "agent": { - "ephemeral_id": "575ffec5-bd74-4689-8baa-8486735193f3", - "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", + "ephemeral_id": "5026de47-56bf-4ed7-996b-c574a7c0d140", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "spring_boot.audit_events", @@ -16,18 +16,18 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "category": [ "web" ], - "created": "2022-08-05T09:30:10.644Z", + "created": "2024-06-18T07:15:52.565Z", "dataset": "spring_boot.audit_events", - "ingested": "2022-08-05T09:30:14Z", + "ingested": "2024-06-18T07:16:04Z", "kind": "event", "module": "spring_boot", "type": [ @@ -38,17 +38,18 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.112.5" + "192.168.245.7" ], "mac": [ - "02:42:c0:a8:70:05" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.71.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", @@ -68,4 +69,4 @@ "tags": [ "spring_boot.audit_events.metrics" ] -} +} \ No newline at end of file diff --git a/packages/spring_boot/data_stream/gc/sample_event.json b/packages/spring_boot/data_stream/gc/sample_event.json index 1436ef14a4ef..71c957ba6d5c 100644 --- a/packages/spring_boot/data_stream/gc/sample_event.json +++ b/packages/spring_boot/data_stream/gc/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2023-09-28T13:07:07.602Z", + "@timestamp": "2024-06-18T07:16:52.674Z", "agent": { - "ephemeral_id": "dcb46246-ff32-4d0e-89ce-d72ce374bb33", - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "ephemeral_id": "bfe8ee26-f9e4-4990-8790-7fbc2a8c075e", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.5.1" + "version": "8.13.0" }, "data_stream": { "dataset": "spring_boot.gc", @@ -16,9 +16,9 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.5.1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -26,8 +26,8 @@ "web" ], "dataset": "spring_boot.gc", - "duration": 221408484, - "ingested": "2023-09-28T13:07:08Z", + "duration": 347472291, + "ingested": "2024-06-18T07:17:04Z", "kind": "metric", "module": "spring_boot", "type": [ @@ -38,22 +38,22 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "75e38940166b4dbc90b6f5610e8e9c39", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.246.7" + "192.168.245.7" ], "mac": [ - "02-42-C0-A8-F6-07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.90.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.5 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -67,44 +67,44 @@ "spring_boot": { "gc": { "last_info": { - "id": 2, + "id": 6, "memory_usage": { "after": { "code_cache": { "committed": 14286848, "init": 2555904, "max": 251658240, - "used": 14209088 + "used": 14213056 }, "compressed_class_space": { "committed": 4980736, "init": 0, "max": 1073741824, - "used": 4436328 + "used": 4443120 }, "metaspace": { "committed": 36265984, "init": 0, "max": -1, - "used": 33758840 + "used": 33775552 }, "ps_eden_space": { - "committed": 435683328, + "committed": 457703424, "init": 65536000, - "max": 1354760192, + "max": 1354235904, "used": 0 }, "ps_old_gen": { - "committed": 118489088, + "committed": 90177536, "init": 173539328, "max": 2774007808, - "used": 14683728 + "used": 10597560 }, "ps_survivor_space": { "committed": 16777216, "init": 10485760, "max": 16777216, - "used": 0 + "used": 8605776 } }, "before": { @@ -112,51 +112,51 @@ "committed": 14286848, "init": 2555904, "max": 251658240, - "used": 14209088 + "used": 14213056 }, "compressed_class_space": { "committed": 4980736, "init": 0, "max": 1073741824, - "used": 4436328 + "used": 4443120 }, "metaspace": { "committed": 36265984, "init": 0, "max": -1, - "used": 33758840 + "used": 33775552 }, "ps_eden_space": { - "committed": 435683328, + "committed": 262144000, "init": 65536000, - "max": 1354760192, - "used": 0 + "max": 1359478784, + "used": 10469928 }, "ps_old_gen": { - "committed": 94896128, + "committed": 90177536, "init": 173539328, "max": 2774007808, - "used": 10795056 + "used": 10589368 }, "ps_survivor_space": { - "committed": 16777216, + "committed": 10485760, "init": 10485760, - "max": 16777216, - "used": 8519744 + "max": 10485760, + "used": 10453056 } } }, "thread_count": 10, "time": { - "duration": 40, - "end": 3588, - "start": 3548 + "duration": 8, + "end": 3406, + "start": 3398 } }, - "name": "PS MarkSweep" + "name": "PS Scavenge" } }, "tags": [ "spring_boot.gc.metrics" ] -} +} \ No newline at end of file diff --git a/packages/spring_boot/data_stream/http_trace/sample_event.json b/packages/spring_boot/data_stream/http_trace/sample_event.json index acb33fa56ba6..b65eedc90bad 100644 --- a/packages/spring_boot/data_stream/http_trace/sample_event.json +++ b/packages/spring_boot/data_stream/http_trace/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-08-05T09:31:44.895Z", + "@timestamp": "2024-06-18T07:17:49.933Z", "agent": { - "ephemeral_id": "d55155ad-e1c4-4c29-a809-1d8b7b539e39", - "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", + "ephemeral_id": "f957703f-c55c-49bb-81d4-ec742b088158", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "spring_boot.http_trace", @@ -16,19 +16,19 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "category": [ "web" ], - "created": "2022-08-05T09:31:44.895Z", + "created": "2024-06-18T07:17:49.933Z", "dataset": "spring_boot.http_trace", - "duration": 2, - "ingested": "2022-08-05T09:31:48Z", + "duration": 3, + "ingested": "2024-06-18T07:18:01Z", "kind": "event", "module": "spring_boot", "type": [ @@ -39,27 +39,28 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.112.5" + "{0=192.168.245.7}" ], "mac": [ - "02:42:c0:a8:70:05" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.71.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.4 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "http": { "request": { "method": "GET", - "referrer": "http://springboot:8090/actuator/info" + "referrer": "http://springboot:8090/actuator/health" }, "response": { "status_code": 200 @@ -68,4 +69,4 @@ "tags": [ "spring_boot.http_trace.metrics" ] -} +} \ No newline at end of file diff --git a/packages/spring_boot/data_stream/memory/sample_event.json b/packages/spring_boot/data_stream/memory/sample_event.json index 92d28e7a9144..f908d4216c4d 100644 --- a/packages/spring_boot/data_stream/memory/sample_event.json +++ b/packages/spring_boot/data_stream/memory/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2023-09-28T13:08:46.636Z", + "@timestamp": "2024-06-18T07:18:47.122Z", "agent": { - "ephemeral_id": "f6ab2af3-153b-4970-99c9-a9c564407b18", - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "ephemeral_id": "2972904f-375b-4b83-9de9-e0c36d85d5de", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.5.1" + "version": "8.13.0" }, "data_stream": { "dataset": "spring_boot.memory", @@ -16,9 +16,9 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.5.1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -26,8 +26,8 @@ "web" ], "dataset": "spring_boot.memory", - "duration": 566740708, - "ingested": "2023-09-28T13:08:48Z", + "duration": 672110556, + "ingested": "2024-06-18T07:18:59Z", "kind": "metric", "module": "spring_boot", "type": [ @@ -38,22 +38,22 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "75e38940166b4dbc90b6f5610e8e9c39", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.246.7" + "192.168.245.7" ], "mac": [ - "02-42-C0-A8-F6-07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.90.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.5 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -67,20 +67,20 @@ "spring_boot": { "memory": { "heap": { - "committed": 579338240, + "committed": 587202560, "init": 260046848, "max": 3698851840, - "used": 172880800 + "used": 158654888 }, "non_heap": { - "committed": 62873600, + "committed": 63504384, "init": 2555904, "max": -1, - "used": 56856368 + "used": 58973664 } } }, "tags": [ "spring_boot.memory.metrics" ] -} +} \ No newline at end of file diff --git a/packages/spring_boot/data_stream/threading/sample_event.json b/packages/spring_boot/data_stream/threading/sample_event.json index 0d75519cd984..961b64520fea 100644 --- a/packages/spring_boot/data_stream/threading/sample_event.json +++ b/packages/spring_boot/data_stream/threading/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2023-09-28T13:09:36.850Z", + "@timestamp": "2024-06-18T07:19:44.017Z", "agent": { - "ephemeral_id": "f6ab2af3-153b-4970-99c9-a9c564407b18", - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "ephemeral_id": "9e0f783a-f02b-4fc0-90c9-2d264b73e4bc", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.5.1" + "version": "8.13.0" }, "data_stream": { "dataset": "spring_boot.threading", @@ -16,9 +16,9 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.5.1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -26,8 +26,8 @@ "web" ], "dataset": "spring_boot.threading", - "duration": 197157690, - "ingested": "2023-09-28T13:09:38Z", + "duration": 301437518, + "ingested": "2024-06-18T07:19:55Z", "kind": "metric", "module": "spring_boot", "type": [ @@ -38,22 +38,22 @@ "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "75e38940166b4dbc90b6f5610e8e9c39", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.246.7" + "192.168.245.7" ], "mac": [ - "02-42-C0-A8-F6-07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.90.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.5 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -69,10 +69,10 @@ "threads": { "count": 20, "current": { - "allocated_bytes": 28523936, + "allocated_bytes": 29755720, "time": { - "cpu": 380757629, - "user": 370000000 + "cpu": 293039690, + "user": 280000000 } }, "daemon": 16, @@ -83,4 +83,4 @@ "tags": [ "spring_boot.threading.metrics" ] -} +} \ No newline at end of file diff --git a/packages/spring_boot/docs/README.md b/packages/spring_boot/docs/README.md index bc21dce2619d..6de99f8480dc 100644 --- a/packages/spring_boot/docs/README.md +++ b/packages/spring_boot/docs/README.md @@ -82,13 +82,13 @@ An example event for `audit_events` looks as following: ```json { - "@timestamp": "2022-08-05T09:30:10.644Z", + "@timestamp": "2024-06-18T07:15:52.565Z", "agent": { - "ephemeral_id": "575ffec5-bd74-4689-8baa-8486735193f3", - "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", + "ephemeral_id": "5026de47-56bf-4ed7-996b-c574a7c0d140", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "spring_boot.audit_events", @@ -99,18 +99,18 @@ An example event for `audit_events` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "category": [ "web" ], - "created": "2022-08-05T09:30:10.644Z", + "created": "2024-06-18T07:15:52.565Z", "dataset": "spring_boot.audit_events", - "ingested": "2022-08-05T09:30:14Z", + "ingested": "2024-06-18T07:16:04Z", "kind": "event", "module": "spring_boot", "type": [ @@ -121,17 +121,18 @@ An example event for `audit_events` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.112.5" + "192.168.245.7" ], "mac": [ - "02:42:c0:a8:70:05" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.71.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", @@ -152,7 +153,6 @@ An example event for `audit_events` looks as following: "spring_boot.audit_events.metrics" ] } - ``` **Exported fields** @@ -180,13 +180,13 @@ An example event for `http_trace` looks as following: ```json { - "@timestamp": "2022-08-05T09:31:44.895Z", + "@timestamp": "2024-06-18T07:17:49.933Z", "agent": { - "ephemeral_id": "d55155ad-e1c4-4c29-a809-1d8b7b539e39", - "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", + "ephemeral_id": "f957703f-c55c-49bb-81d4-ec742b088158", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.1.0" + "version": "8.13.0" }, "data_stream": { "dataset": "spring_boot.http_trace", @@ -197,19 +197,19 @@ An example event for `http_trace` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "3ab22ca1-4caf-465f-8789-2a45a81ed9b1", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.1.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "category": [ "web" ], - "created": "2022-08-05T09:31:44.895Z", + "created": "2024-06-18T07:17:49.933Z", "dataset": "spring_boot.http_trace", - "duration": 2, - "ingested": "2022-08-05T09:31:48Z", + "duration": 3, + "ingested": "2024-06-18T07:18:01Z", "kind": "event", "module": "spring_boot", "type": [ @@ -220,27 +220,28 @@ An example event for `http_trace` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.112.5" + "{0=192.168.245.7}" ], "mac": [ - "02:42:c0:a8:70:05" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.71.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.4 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "http": { "request": { "method": "GET", - "referrer": "http://springboot:8090/actuator/info" + "referrer": "http://springboot:8090/actuator/health" }, "response": { "status_code": 200 @@ -250,7 +251,6 @@ An example event for `http_trace` looks as following: "spring_boot.http_trace.metrics" ] } - ``` **Exported fields** @@ -277,13 +277,13 @@ An example event for `memory` looks as following: ```json { - "@timestamp": "2023-09-28T13:08:46.636Z", + "@timestamp": "2024-06-18T07:18:47.122Z", "agent": { - "ephemeral_id": "f6ab2af3-153b-4970-99c9-a9c564407b18", - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "ephemeral_id": "2972904f-375b-4b83-9de9-e0c36d85d5de", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.5.1" + "version": "8.13.0" }, "data_stream": { "dataset": "spring_boot.memory", @@ -294,9 +294,9 @@ An example event for `memory` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.5.1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -304,8 +304,8 @@ An example event for `memory` looks as following: "web" ], "dataset": "spring_boot.memory", - "duration": 566740708, - "ingested": "2023-09-28T13:08:48Z", + "duration": 672110556, + "ingested": "2024-06-18T07:18:59Z", "kind": "metric", "module": "spring_boot", "type": [ @@ -316,22 +316,22 @@ An example event for `memory` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "75e38940166b4dbc90b6f5610e8e9c39", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.246.7" + "192.168.245.7" ], "mac": [ - "02-42-C0-A8-F6-07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.90.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.5 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -345,16 +345,16 @@ An example event for `memory` looks as following: "spring_boot": { "memory": { "heap": { - "committed": 579338240, + "committed": 587202560, "init": 260046848, "max": 3698851840, - "used": 172880800 + "used": 158654888 }, "non_heap": { - "committed": 62873600, + "committed": 63504384, "init": 2555904, "max": -1, - "used": 56856368 + "used": 58973664 } } }, @@ -362,7 +362,6 @@ An example event for `memory` looks as following: "spring_boot.memory.metrics" ] } - ``` **Exported fields** @@ -403,13 +402,13 @@ An example event for `threading` looks as following: ```json { - "@timestamp": "2023-09-28T13:09:36.850Z", + "@timestamp": "2024-06-18T07:19:44.017Z", "agent": { - "ephemeral_id": "f6ab2af3-153b-4970-99c9-a9c564407b18", - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "ephemeral_id": "9e0f783a-f02b-4fc0-90c9-2d264b73e4bc", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.5.1" + "version": "8.13.0" }, "data_stream": { "dataset": "spring_boot.threading", @@ -420,9 +419,9 @@ An example event for `threading` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.5.1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -430,8 +429,8 @@ An example event for `threading` looks as following: "web" ], "dataset": "spring_boot.threading", - "duration": 197157690, - "ingested": "2023-09-28T13:09:38Z", + "duration": 301437518, + "ingested": "2024-06-18T07:19:55Z", "kind": "metric", "module": "spring_boot", "type": [ @@ -442,22 +441,22 @@ An example event for `threading` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "75e38940166b4dbc90b6f5610e8e9c39", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.246.7" + "192.168.245.7" ], "mac": [ - "02-42-C0-A8-F6-07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.90.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.5 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -473,10 +472,10 @@ An example event for `threading` looks as following: "threads": { "count": 20, "current": { - "allocated_bytes": 28523936, + "allocated_bytes": 29755720, "time": { - "cpu": 380757629, - "user": 370000000 + "cpu": 293039690, + "user": 280000000 } }, "daemon": 16, @@ -488,7 +487,6 @@ An example event for `threading` looks as following: "spring_boot.threading.metrics" ] } - ``` **Exported fields** @@ -517,13 +515,13 @@ An example event for `gc` looks as following: ```json { - "@timestamp": "2023-09-28T13:07:07.602Z", + "@timestamp": "2024-06-18T07:16:52.674Z", "agent": { - "ephemeral_id": "dcb46246-ff32-4d0e-89ce-d72ce374bb33", - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "ephemeral_id": "bfe8ee26-f9e4-4990-8790-7fbc2a8c075e", + "id": "97400795-188c-4140-a1ee-0002078c785d", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.5.1" + "version": "8.13.0" }, "data_stream": { "dataset": "spring_boot.gc", @@ -534,9 +532,9 @@ An example event for `gc` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "9a3f2233-d554-4847-9b74-1465e769563d", + "id": "97400795-188c-4140-a1ee-0002078c785d", "snapshot": false, - "version": "8.5.1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", @@ -544,8 +542,8 @@ An example event for `gc` looks as following: "web" ], "dataset": "spring_boot.gc", - "duration": 221408484, - "ingested": "2023-09-28T13:07:08Z", + "duration": 347472291, + "ingested": "2024-06-18T07:17:04Z", "kind": "metric", "module": "spring_boot", "type": [ @@ -556,22 +554,22 @@ An example event for `gc` looks as following: "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "75e38940166b4dbc90b6f5610e8e9c39", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "192.168.246.7" + "192.168.245.7" ], "mac": [ - "02-42-C0-A8-F6-07" + "02-42-C0-A8-F5-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.90.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", - "version": "20.04.5 LTS (Focal Fossa)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -585,44 +583,44 @@ An example event for `gc` looks as following: "spring_boot": { "gc": { "last_info": { - "id": 2, + "id": 6, "memory_usage": { "after": { "code_cache": { "committed": 14286848, "init": 2555904, "max": 251658240, - "used": 14209088 + "used": 14213056 }, "compressed_class_space": { "committed": 4980736, "init": 0, "max": 1073741824, - "used": 4436328 + "used": 4443120 }, "metaspace": { "committed": 36265984, "init": 0, "max": -1, - "used": 33758840 + "used": 33775552 }, "ps_eden_space": { - "committed": 435683328, + "committed": 457703424, "init": 65536000, - "max": 1354760192, + "max": 1354235904, "used": 0 }, "ps_old_gen": { - "committed": 118489088, + "committed": 90177536, "init": 173539328, "max": 2774007808, - "used": 14683728 + "used": 10597560 }, "ps_survivor_space": { "committed": 16777216, "init": 10485760, "max": 16777216, - "used": 0 + "used": 8605776 } }, "before": { @@ -630,55 +628,54 @@ An example event for `gc` looks as following: "committed": 14286848, "init": 2555904, "max": 251658240, - "used": 14209088 + "used": 14213056 }, "compressed_class_space": { "committed": 4980736, "init": 0, "max": 1073741824, - "used": 4436328 + "used": 4443120 }, "metaspace": { "committed": 36265984, "init": 0, "max": -1, - "used": 33758840 + "used": 33775552 }, "ps_eden_space": { - "committed": 435683328, + "committed": 262144000, "init": 65536000, - "max": 1354760192, - "used": 0 + "max": 1359478784, + "used": 10469928 }, "ps_old_gen": { - "committed": 94896128, + "committed": 90177536, "init": 173539328, "max": 2774007808, - "used": 10795056 + "used": 10589368 }, "ps_survivor_space": { - "committed": 16777216, + "committed": 10485760, "init": 10485760, - "max": 16777216, - "used": 8519744 + "max": 10485760, + "used": 10453056 } } }, "thread_count": 10, "time": { - "duration": 40, - "end": 3588, - "start": 3548 + "duration": 8, + "end": 3406, + "start": 3398 } }, - "name": "PS MarkSweep" + "name": "PS Scavenge" } }, "tags": [ "spring_boot.gc.metrics" ] } - ``` **Exported fields** From fc903e7cac090a6af38aed9c829b55bde62179f8 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Tue, 18 Jun 2024 15:41:44 +0530 Subject: [PATCH 14/21] [stan] - elastic-package check --- .../data_stream/channels/sample_event.json | 2 +- .../stan/data_stream/log/sample_event.json | 2 +- packages/stan/data_stream/stats/manifest.yml | 2 +- .../stan/data_stream/stats/sample_event.json | 2 +- .../subscriptions/sample_event.json | 2 +- packages/stan/docs/README.md | 34 ++++--------------- 6 files changed, 12 insertions(+), 32 deletions(-) diff --git a/packages/stan/data_stream/channels/sample_event.json b/packages/stan/data_stream/channels/sample_event.json index 5cb0518261ae..4550c6745d9e 100644 --- a/packages/stan/data_stream/channels/sample_event.json +++ b/packages/stan/data_stream/channels/sample_event.json @@ -73,4 +73,4 @@ "id": "dEvzTKomxEioLU6oP1VuXM" } } -} +} \ No newline at end of file diff --git a/packages/stan/data_stream/log/sample_event.json b/packages/stan/data_stream/log/sample_event.json index 263f2bace7a0..90a169971d8a 100644 --- a/packages/stan/data_stream/log/sample_event.json +++ b/packages/stan/data_stream/log/sample_event.json @@ -53,4 +53,4 @@ "forwarded", "stan-log" ] -} +} \ No newline at end of file diff --git a/packages/stan/data_stream/stats/manifest.yml b/packages/stan/data_stream/stats/manifest.yml index 5003316f526d..ed8adf01a7f5 100644 --- a/packages/stan/data_stream/stats/manifest.yml +++ b/packages/stan/data_stream/stats/manifest.yml @@ -13,4 +13,4 @@ streams: title: Stan stats metrics description: Collect Stan stats metrics elasticsearch: - index_mode: "time_series" \ No newline at end of file + index_mode: "time_series" diff --git a/packages/stan/data_stream/stats/sample_event.json b/packages/stan/data_stream/stats/sample_event.json index 09f4bb5fb062..814d79fe3abb 100644 --- a/packages/stan/data_stream/stats/sample_event.json +++ b/packages/stan/data_stream/stats/sample_event.json @@ -73,4 +73,4 @@ "subscriptions": 100 } } -} +} \ No newline at end of file diff --git a/packages/stan/data_stream/subscriptions/sample_event.json b/packages/stan/data_stream/subscriptions/sample_event.json index 460a127cecef..dbeb21e3c589 100644 --- a/packages/stan/data_stream/subscriptions/sample_event.json +++ b/packages/stan/data_stream/subscriptions/sample_event.json @@ -74,4 +74,4 @@ "stalled": false } } -} +} \ No newline at end of file diff --git a/packages/stan/docs/README.md b/packages/stan/docs/README.md index 5e97be142f8b..aa1bf7c5fc42 100644 --- a/packages/stan/docs/README.md +++ b/packages/stan/docs/README.md @@ -32,7 +32,7 @@ An example event for `log` looks as following: "type": "logs" }, "ecs": { - "version": "8.0.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -80,26 +80,13 @@ An example event for `log` looks as following: | Field | Description | Type | |---|---|---| | @timestamp | Event timestamp. | date | -| client.ip | IP address of the client (IPv4 or IPv6). | ip | -| client.port | Port of the client. | long | | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | -| error.message | Error message. | match_only_text | -| event.created | event.created contains the date/time when the event was first read by an agent, or by your pipeline. This field is distinct from @timestamp in that @timestamp typically contain the time extracted from the original event. In most situations, these two timestamps will be slightly different. The difference can be used to calculate the delay between your source generating an event, and the time when your agent first processed it. This can be used to monitor your agent's or pipeline's ability to keep up with your event source. In case the two timestamps are identical, @timestamp should be used. | date | | event.dataset | Event dataset | constant_keyword | -| event.kind | This is one of four ECS Categorization Fields, and indicates the highest level in the ECS category hierarchy. `event.kind` gives high-level information about what type of information the event contains, without being specific to the contents of the event. For example, values of this field distinguish alert events from metric events. The value of this field can be used to inform how these kinds of events should be handled. They may warrant different retention, different access control, it may also help understand whether the data coming in at a regular interval or not. | keyword | | event.module | Event module | constant_keyword | -| event.type | This is one of four ECS Categorization Fields, and indicates the third level in the ECS category hierarchy. `event.type` represents a categorization "sub-bucket" that, when used along with the `event.category` field values, enables filtering events down to a level appropriate for single visualization. This field is an array. This will allow proper categorization of some events that fall in multiple event types. | keyword | | input.type | Type of Filebeat input. | keyword | -| log.file.path | Full path to the log file this event came from. | keyword | -| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | | log.offset | Offset of the entry in the log file. | long | -| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | match_only_text | -| network.direction | Direction of the network traffic. Recommended values are: \* ingress \* egress \* inbound \* outbound \* internal \* external \* unknown When mapping events from a host-based monitoring context, populate this field from the host's point of view, using the values "ingress" or "egress". When mapping events from a network or perimeter-based monitoring context, populate this field from the point of view of the network perimeter, using the values "inbound", "outbound", "internal" or "external". Note that "internal" is not crossing perimeter boundaries, and is meant to describe communication between two hosts within the perimeter. Note also that "external" is meant to describe traffic between two hosts that are external to the perimeter. This could for example be useful for ISPs or VPN service providers. | keyword | -| process.pid | Process id. | long | -| related.ip | All of the IPs seen on your event. | ip | | stan.log.client.id | The id of the client | integer | | stan.log.msg.bytes | Size of the payload in bytes | long | | stan.log.msg.error.message | Details about the error occurred | text | @@ -109,7 +96,6 @@ An example event for `log` looks as following: | stan.log.msg.sid | The unique alphanumeric subscription ID of the subject | integer | | stan.log.msg.subject | Subject name this message was received on | keyword | | stan.log.msg.type | The protocol message type | keyword | -| tags | List of keywords used to tag each event. | keyword | ## Metrics @@ -139,7 +125,7 @@ An example event for `stats` looks as following: "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -217,12 +203,10 @@ An example event for `stats` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | | stan.cluster.id | The cluster ID | keyword | | | stan.server.id | The server ID | keyword | | | stan.stats.bytes | Number of bytes consumed across all STAN queues | long | counter | @@ -257,7 +241,7 @@ An example event for `channels` looks as following: "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -335,12 +319,10 @@ An example event for `channels` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | | stan.channels.bytes | The number of STAN bytes in the channel | long | counter | | stan.channels.depth | Queue depth based upon current sequence number and highest reported subscriber sequence number | long | gauge | | stan.channels.first_seq | First sequence number stored in the channel. If first_seq \> min([seq in subscriptions]) data loss has possibly occurred | long | | @@ -374,7 +356,7 @@ An example event for `subscriptions` looks as following: "type": "metrics" }, "ecs": { - "version": "1.12.0" + "version": "8.11.0" }, "elastic_agent": { "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", @@ -453,12 +435,10 @@ An example event for `subscriptions` looks as following: | data_stream.dataset | Data stream dataset. | constant_keyword | | | data_stream.namespace | Data stream namespace. | constant_keyword | | | data_stream.type | Data stream type. | constant_keyword | | -| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | | | event.dataset | Event dataset | constant_keyword | | | event.module | Event module | constant_keyword | | -| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | +| host.name | Name of the host. It can contain what hostname returns on Unix systems, the fully qualified domain name (FQDN), or a name specified by the user. The recommended value is the lowercase FQDN of the host. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | | stan.cluster.id | The cluster ID | keyword | | | stan.server.id | The server ID | keyword | | | stan.subscriptions.channel | The name of the STAN channel the subscription is associated with | keyword | | From 2a437daca312b134ecc0f786c64d728f4d9d1720 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Tue, 18 Jun 2024 16:18:13 +0530 Subject: [PATCH 15/21] [stan] - generate system tests --- .../data_stream/channels/sample_event.json | 42 +++-- .../stan/data_stream/log/sample_event.json | 16 +- .../stan/data_stream/stats/sample_event.json | 42 +++-- .../subscriptions/sample_event.json | 44 +++--- packages/stan/docs/README.md | 144 ++++++++---------- 5 files changed, 132 insertions(+), 156 deletions(-) diff --git a/packages/stan/data_stream/channels/sample_event.json b/packages/stan/data_stream/channels/sample_event.json index 4550c6745d9e..9d8410e02792 100644 --- a/packages/stan/data_stream/channels/sample_event.json +++ b/packages/stan/data_stream/channels/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-01-12T04:11:05.571Z", + "@timestamp": "2024-06-18T10:40:33.161Z", "agent": { - "ephemeral_id": "02c989d8-8cf2-4e65-bf07-a8e93785fdaa", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "2f2befc0-8f03-49d7-b5bf-8131709857b6", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "stan.channels", @@ -13,40 +13,36 @@ "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "stan.channels", - "duration": 22264899, - "ingested": "2022-01-12T04:11:06Z", + "duration": 3556501, + "ingested": "2024-06-18T10:40:45Z", "module": "stan" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.252.5", + "mac": "02-42-C0-A8-FC-05", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -70,7 +66,7 @@ "id": "test-cluster" }, "server": { - "id": "dEvzTKomxEioLU6oP1VuXM" + "id": "KJXiShxwxsi2oNAUH1Rlzn" } } } \ No newline at end of file diff --git a/packages/stan/data_stream/log/sample_event.json b/packages/stan/data_stream/log/sample_event.json index 90a169971d8a..433f22d4bdbf 100644 --- a/packages/stan/data_stream/log/sample_event.json +++ b/packages/stan/data_stream/log/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-01-12T04:11:35.529Z", + "@timestamp": "2024-06-18T10:41:22.515Z", "agent": { - "ephemeral_id": "8d87b679-d308-4954-a88f-fdac22706bb7", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "e925a178-f704-43e6-899e-b69b164425d8", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "stan.log", @@ -16,15 +16,15 @@ "version": "8.11.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", - "created": "2022-01-12T04:11:50.063Z", + "created": "2024-06-18T10:41:36.382Z", "dataset": "stan.log", - "ingested": "2022-01-12T04:11:50Z", + "ingested": "2024-06-18T10:41:38Z", "kind": "event", "type": [ "info" diff --git a/packages/stan/data_stream/stats/sample_event.json b/packages/stan/data_stream/stats/sample_event.json index 814d79fe3abb..75325f5ef112 100644 --- a/packages/stan/data_stream/stats/sample_event.json +++ b/packages/stan/data_stream/stats/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-01-12T04:12:59.760Z", + "@timestamp": "2024-06-18T10:42:35.470Z", "agent": { - "ephemeral_id": "6e4beb8a-ccda-438d-b3f4-e89b98e870d8", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "b30d1b07-36f0-4e5f-9f80-56b6015fb855", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "stan.stats", @@ -13,40 +13,36 @@ "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "stan.stats", - "duration": 15794254, - "ingested": "2022-01-12T04:13:00Z", + "duration": 1823495, + "ingested": "2024-06-18T10:42:47Z", "module": "stan" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.252.5", + "mac": "02-42-C0-A8-FC-05", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -62,7 +58,7 @@ "id": "test-cluster" }, "server": { - "id": "JQCbrpPJGBxuQGsQ9Yx4Xs" + "id": "I9vNI3muOuNoem5vuoyo5z" }, "stats": { "bytes": 0, diff --git a/packages/stan/data_stream/subscriptions/sample_event.json b/packages/stan/data_stream/subscriptions/sample_event.json index dbeb21e3c589..2efdcaf7f155 100644 --- a/packages/stan/data_stream/subscriptions/sample_event.json +++ b/packages/stan/data_stream/subscriptions/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2022-01-12T04:13:52.133Z", + "@timestamp": "2024-06-18T10:43:38.692Z", "agent": { - "ephemeral_id": "edb669a5-3b36-43d7-8190-d485d6517f69", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "871b52f0-2644-4638-811c-1b0befe0ee13", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "stan.subscriptions", @@ -13,40 +13,36 @@ "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "stan.subscriptions", - "duration": 6243276, - "ingested": "2022-01-12T04:13:53Z", + "duration": 1947519984, + "ingested": "2024-06-18T10:43:50Z", "module": "stan" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.252.5", + "mac": "02-42-C0-A8-FC-05", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -62,11 +58,11 @@ "id": "test-cluster" }, "server": { - "id": "NevWjtY7nB1yzea8TtJaGb" + "id": "SwiO2nzNV8CW27j45QPnFz" }, "subscriptions": { "channel": "foo", - "id": "benchmark-sub-25", + "id": "benchmark-sub-23", "last_sent": 0, "offline": false, "pending": 0, diff --git a/packages/stan/docs/README.md b/packages/stan/docs/README.md index aa1bf7c5fc42..a3730ca19533 100644 --- a/packages/stan/docs/README.md +++ b/packages/stan/docs/README.md @@ -18,13 +18,13 @@ An example event for `log` looks as following: ```json { - "@timestamp": "2022-01-12T04:11:35.529Z", + "@timestamp": "2024-06-18T10:41:22.515Z", "agent": { - "ephemeral_id": "8d87b679-d308-4954-a88f-fdac22706bb7", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "e925a178-f704-43e6-899e-b69b164425d8", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "name": "docker-fleet-agent", "type": "filebeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "stan.log", @@ -35,15 +35,15 @@ An example event for `log` looks as following: "version": "8.11.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", - "created": "2022-01-12T04:11:50.063Z", + "created": "2024-06-18T10:41:36.382Z", "dataset": "stan.log", - "ingested": "2022-01-12T04:11:50Z", + "ingested": "2024-06-18T10:41:38Z", "kind": "event", "type": [ "info" @@ -111,13 +111,13 @@ An example event for `stats` looks as following: ```json { - "@timestamp": "2022-01-12T04:12:59.760Z", + "@timestamp": "2024-06-18T10:42:35.470Z", "agent": { - "ephemeral_id": "6e4beb8a-ccda-438d-b3f4-e89b98e870d8", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "b30d1b07-36f0-4e5f-9f80-56b6015fb855", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "stan.stats", @@ -125,40 +125,36 @@ An example event for `stats` looks as following: "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "stan.stats", - "duration": 15794254, - "ingested": "2022-01-12T04:13:00Z", + "duration": 1823495, + "ingested": "2024-06-18T10:42:47Z", "module": "stan" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.252.5", + "mac": "02-42-C0-A8-FC-05", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -174,7 +170,7 @@ An example event for `stats` looks as following: "id": "test-cluster" }, "server": { - "id": "JQCbrpPJGBxuQGsQ9Yx4Xs" + "id": "I9vNI3muOuNoem5vuoyo5z" }, "stats": { "bytes": 0, @@ -227,13 +223,13 @@ An example event for `channels` looks as following: ```json { - "@timestamp": "2022-01-12T04:11:05.571Z", + "@timestamp": "2024-06-18T10:40:33.161Z", "agent": { - "ephemeral_id": "02c989d8-8cf2-4e65-bf07-a8e93785fdaa", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "2f2befc0-8f03-49d7-b5bf-8131709857b6", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "stan.channels", @@ -241,40 +237,36 @@ An example event for `channels` looks as following: "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "stan.channels", - "duration": 22264899, - "ingested": "2022-01-12T04:11:06Z", + "duration": 3556501, + "ingested": "2024-06-18T10:40:45Z", "module": "stan" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.252.5", + "mac": "02-42-C0-A8-FC-05", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -298,7 +290,7 @@ An example event for `channels` looks as following: "id": "test-cluster" }, "server": { - "id": "dEvzTKomxEioLU6oP1VuXM" + "id": "KJXiShxwxsi2oNAUH1Rlzn" } } } @@ -342,13 +334,13 @@ An example event for `subscriptions` looks as following: ```json { - "@timestamp": "2022-01-12T04:13:52.133Z", + "@timestamp": "2024-06-18T10:43:38.692Z", "agent": { - "ephemeral_id": "edb669a5-3b36-43d7-8190-d485d6517f69", - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "ephemeral_id": "871b52f0-2644-4638-811c-1b0befe0ee13", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.0.0-beta1" + "version": "8.13.0" }, "data_stream": { "dataset": "stan.subscriptions", @@ -356,40 +348,36 @@ An example event for `subscriptions` looks as following: "type": "metrics" }, "ecs": { - "version": "8.11.0" + "version": "8.0.0" }, "elastic_agent": { - "id": "9878d192-22ad-49b6-a6c2-9959b0815d04", + "id": "21652d23-59b4-4d65-a341-ede15f919642", "snapshot": false, - "version": "8.0.0-beta1" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "stan.subscriptions", - "duration": 6243276, - "ingested": "2022-01-12T04:13:53Z", + "duration": 1947519984, + "ingested": "2024-06-18T10:43:50Z", "module": "stan" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "4ccba669f0df47fa3f57a9e4169ae7f1", - "ip": [ - "172.18.0.4" - ], - "mac": [ - "02:42:ac:12:00:04" - ], + "id": "8259e024976a406e8a54cdbffeb84fec", + "ip": "192.168.252.5", + "mac": "02-42-C0-A8-FC-05", "name": "docker-fleet-agent", "os": { - "codename": "Core", - "family": "redhat", - "kernel": "5.11.0-44-generic", - "name": "CentOS Linux", - "platform": "centos", + "codename": "focal", + "family": "debian", + "kernel": "3.10.0-1160.102.1.el7.x86_64", + "name": "Ubuntu", + "platform": "ubuntu", "type": "linux", - "version": "7 (Core)" + "version": "20.04.6 LTS (Focal Fossa)" } }, "metricset": { @@ -405,11 +393,11 @@ An example event for `subscriptions` looks as following: "id": "test-cluster" }, "server": { - "id": "NevWjtY7nB1yzea8TtJaGb" + "id": "SwiO2nzNV8CW27j45QPnFz" }, "subscriptions": { "channel": "foo", - "id": "benchmark-sub-25", + "id": "benchmark-sub-23", "last_sent": 0, "offline": false, "pending": 0, From 4e9533d19d7d3254c982ae248c2a7e6ea8e5d115 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Wed, 19 Jun 2024 11:58:19 +0530 Subject: [PATCH 16/21] [sql_input] - change to ECS version git@v8.11.0 --- packages/sql_input/_dev/build/build.yml | 3 +- packages/sql_input/changelog.yml | 5 ++ packages/sql_input/fields/base-fields.yml | 4 -- packages/sql_input/fields/ecs.yml | 2 - packages/sql_input/manifest.yml | 5 +- packages/sql_input/sample_event.json | 62 ++++++++++++++--------- 6 files changed, 48 insertions(+), 33 deletions(-) delete mode 100644 packages/sql_input/fields/ecs.yml diff --git a/packages/sql_input/_dev/build/build.yml b/packages/sql_input/_dev/build/build.yml index 2c10980d4b03..2bfcfc223b04 100644 --- a/packages/sql_input/_dev/build/build.yml +++ b/packages/sql_input/_dev/build/build.yml @@ -1,4 +1,3 @@ dependencies: ecs: - reference: git@v8.7.0 - + reference: "git@v8.11.0" diff --git a/packages/sql_input/changelog.yml b/packages/sql_input/changelog.yml index 9658baa95309..ff8efce820fc 100644 --- a/packages/sql_input/changelog.yml +++ b/packages/sql_input/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.5.0" + changes: + - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. + type: enhancement + link: https://github.com/elastic/integrations/pull/10171 - version: "0.4.0" changes: - description: Add `condition` and `processors` settings. diff --git a/packages/sql_input/fields/base-fields.yml b/packages/sql_input/fields/base-fields.yml index e3577347f731..14017be5fb29 100644 --- a/packages/sql_input/fields/base-fields.yml +++ b/packages/sql_input/fields/base-fields.yml @@ -6,7 +6,3 @@ external: ecs - name: '@timestamp' external: ecs -- name: service.address - external: ecs -- name: service.type - external: ecs diff --git a/packages/sql_input/fields/ecs.yml b/packages/sql_input/fields/ecs.yml deleted file mode 100644 index f99c50be49de..000000000000 --- a/packages/sql_input/fields/ecs.yml +++ /dev/null @@ -1,2 +0,0 @@ -- name: ecs.version - external: ecs diff --git a/packages/sql_input/manifest.yml b/packages/sql_input/manifest.yml index 77ab8e3dd109..4bfccb3c7256 100644 --- a/packages/sql_input/manifest.yml +++ b/packages/sql_input/manifest.yml @@ -1,13 +1,14 @@ format_version: 2.0.0 name: sql title: "SQL Input" -version: "0.4.0" +version: "0.5.0" description: "Collects Metrics by Quering on SQL Databases" type: input categories: - custom conditions: - kibana.version: "^8.8.0" + kibana: + version: "^8.13.0" elastic.subscription: "basic" icons: - src: /img/sql-server-icon.svg diff --git a/packages/sql_input/sample_event.json b/packages/sql_input/sample_event.json index 5c3ed80b9773..b5f8d2e5f6a9 100644 --- a/packages/sql_input/sample_event.json +++ b/packages/sql_input/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2023-06-09T08:27:42.884Z", + "@timestamp": "2024-06-19T06:12:25.260Z", "agent": { - "ephemeral_id": "41f4ec9a-4eea-437e-8bdb-136403df2324", - "id": "8080f7a9-0dbb-42ee-9580-790170265fa8", + "ephemeral_id": "44822e54-f658-4e8b-9d6d-781be5601775", + "id": "88cd20f7-39fa-4cc4-9840-becd737943a6", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.8.0" + "version": "8.13.0" }, "data_stream": { "dataset": "sql.sql", @@ -16,33 +16,33 @@ "version": "8.0.0" }, "elastic_agent": { - "id": "8080f7a9-0dbb-42ee-9580-790170265fa8", + "id": "88cd20f7-39fa-4cc4-9840-becd737943a6", "snapshot": false, - "version": "8.8.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "sql.sql", - "duration": 18846913, - "ingested": "2023-06-09T08:27:46Z", + "duration": 14117416, + "ingested": "2024-06-19T06:12:37Z", "module": "sql" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "e8978f2086c14e13b7a0af9ed0011d19", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.18.0.6" + "192.168.253.7" ], "mac": [ - "02-42-AC-12-00-06" + "02-42-C0-A8-FD-07" ], "name": "docker-fleet-agent", "os": { "codename": "focal", "family": "debian", - "kernel": "3.10.0-1160.88.1.el7.x86_64", + "kernel": "3.10.0-1160.102.1.el7.x86_64", "name": "Ubuntu", "platform": "ubuntu", "type": "linux", @@ -54,21 +54,37 @@ "period": 10000 }, "service": { - "address": "elastic-package-service_sql_input_1:3306", + "address": "elastic-package-service-sql_input_postgresql-1:5432", "type": "sql" }, "sql": { - "driver": "mysql", + "driver": "postgres", "metrics": { - "delayed_insert_threads": 0, - "mysqlx_worker_threads": 2, - "mysqlx_worker_threads_active": 0, - "slow_launch_threads": 0, - "threads_cached": 0, - "threads_connected": 1, - "threads_created": 1, - "threads_running": 2 + "active_time": 0, + "blk_read_time": 0, + "blk_write_time": 0, + "blks_hit": 453, + "blks_read": 87, + "conflicts": 0, + "datid": 0, + "deadlocks": 0, + "idle_in_transaction_time": 0, + "numbackends": 0, + "session_time": 0, + "sessions": 0, + "sessions_abandoned": 0, + "sessions_fatal": 0, + "sessions_killed": 0, + "temp_bytes": 0, + "temp_files": 0, + "tup_deleted": 0, + "tup_fetched": 50, + "tup_inserted": 24, + "tup_returned": 127, + "tup_updated": 5, + "xact_commit": 4, + "xact_rollback": 0 }, - "query": "SHOW STATUS LIKE '%Threads%'" + "query": "SELECT * FROM pg_stat_database;" } } \ No newline at end of file From d62e037f36b257d4882a6910aa08ed29f48d1f32 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Wed, 19 Jun 2024 11:58:36 +0530 Subject: [PATCH 17/21] [statsd_input] - change to ECS version git@v8.11.0 --- packages/statsd_input/_dev/build/build.yml | 3 +-- packages/statsd_input/changelog.yml | 5 ++++ packages/statsd_input/fields/base-fields.yml | 2 -- packages/statsd_input/fields/ecs.yml | 2 -- packages/statsd_input/manifest.yml | 5 ++-- packages/statsd_input/sample_event.json | 24 ++++++++++---------- 6 files changed, 21 insertions(+), 20 deletions(-) delete mode 100644 packages/statsd_input/fields/ecs.yml diff --git a/packages/statsd_input/_dev/build/build.yml b/packages/statsd_input/_dev/build/build.yml index 2c10980d4b03..2bfcfc223b04 100644 --- a/packages/statsd_input/_dev/build/build.yml +++ b/packages/statsd_input/_dev/build/build.yml @@ -1,4 +1,3 @@ dependencies: ecs: - reference: git@v8.7.0 - + reference: "git@v8.11.0" diff --git a/packages/statsd_input/changelog.yml b/packages/statsd_input/changelog.yml index d6e297103e14..a83442ae15c5 100644 --- a/packages/statsd_input/changelog.yml +++ b/packages/statsd_input/changelog.yml @@ -1,4 +1,9 @@ # newer versions go on top +- version: "0.4.0" + changes: + - description: ECS version updated to 8.11.0. Update the kibana constraint to ^8.13.0. Modified the field definitions to remove ECS fields made redundant by the ecs@mappings component template. + type: enhancement + link: https://github.com/elastic/integrations/pull/10171 - version: "0.3.0" changes: - description: Update to Kibana 8.11 to support enhanced statsd implementation, and fix system test cases. diff --git a/packages/statsd_input/fields/base-fields.yml b/packages/statsd_input/fields/base-fields.yml index b2f0cf952931..14017be5fb29 100644 --- a/packages/statsd_input/fields/base-fields.yml +++ b/packages/statsd_input/fields/base-fields.yml @@ -6,5 +6,3 @@ external: ecs - name: '@timestamp' external: ecs -- name: service.type - external: ecs diff --git a/packages/statsd_input/fields/ecs.yml b/packages/statsd_input/fields/ecs.yml deleted file mode 100644 index f99c50be49de..000000000000 --- a/packages/statsd_input/fields/ecs.yml +++ /dev/null @@ -1,2 +0,0 @@ -- name: ecs.version - external: ecs diff --git a/packages/statsd_input/manifest.yml b/packages/statsd_input/manifest.yml index 6f0b2257371f..554ede8a6bf7 100644 --- a/packages/statsd_input/manifest.yml +++ b/packages/statsd_input/manifest.yml @@ -1,13 +1,14 @@ format_version: 2.0.0 name: statsd_input title: StatsD Input -version: "0.3.0" +version: "0.4.0" description: StatsD Input Package type: input categories: - observability conditions: - kibana.version: "^8.11.0" + kibana: + version: "^8.13.0" elastic.subscription: "basic" icons: - src: /img/statsd.svg diff --git a/packages/statsd_input/sample_event.json b/packages/statsd_input/sample_event.json index 30c85427a9af..0f3d6eeb459a 100644 --- a/packages/statsd_input/sample_event.json +++ b/packages/statsd_input/sample_event.json @@ -1,11 +1,11 @@ { - "@timestamp": "2024-04-15T14:06:01.418Z", + "@timestamp": "2024-06-19T06:26:36.664Z", "agent": { - "ephemeral_id": "ee629c67-5780-4bfd-83c0-c89a032eba12", - "id": "b2bdd114-8042-4441-bd68-123aee9eca3b", + "ephemeral_id": "f9a3bc3e-14ed-4245-a140-38032ec3e459", + "id": "b138c66d-6261-4eac-a652-7f30ea89bcfc", "name": "docker-fleet-agent", "type": "metricbeat", - "version": "8.11.0" + "version": "8.13.0" }, "data_stream": { "dataset": "statsd_input.statsd", @@ -16,26 +16,26 @@ "version": "8.0.0" }, "elastic_agent": { - "id": "b2bdd114-8042-4441-bd68-123aee9eca3b", + "id": "b138c66d-6261-4eac-a652-7f30ea89bcfc", "snapshot": false, - "version": "8.11.0" + "version": "8.13.0" }, "event": { "agent_id_status": "verified", "dataset": "statsd_input.statsd", - "ingested": "2024-04-15T14:06:02Z", + "ingested": "2024-06-19T06:26:46Z", "module": "statsd" }, "host": { "architecture": "x86_64", "containerized": true, "hostname": "docker-fleet-agent", - "id": "d7fd92f5e61644938d48518adcee73ad", + "id": "8259e024976a406e8a54cdbffeb84fec", "ip": [ - "172.25.0.7" + "192.168.253.7" ], "mac": [ - "02-42-AC-19-00-07" + "02-42-C0-A8-FD-07" ], "name": "docker-fleet-agent", "os": { @@ -56,8 +56,8 @@ "type": "statsd" }, "statsd": { - "python_counter": { - "count": 4 + "python_gauge_foo": { + "value": 10 } } } \ No newline at end of file From 8570eadc421ecce624a98c5e57544b190a153335 Mon Sep 17 00:00:00 2001 From: niraj-elastic Date: Mon, 24 Jun 2024 17:01:11 +0530 Subject: [PATCH 18/21] update readme --- packages/cassandra/_dev/build/docs/README.md | 8 ++++++ packages/cassandra/docs/README.md | 8 ++++++ packages/nats/_dev/build/docs/README.md | 28 +++++++++++++++++++ packages/nats/docs/README.md | 28 +++++++++++++++++++ .../oracle_weblogic/_dev/build/docs/README.md | 24 ++++++++++++++++ packages/oracle_weblogic/docs/README.md | 24 ++++++++++++++++ packages/prometheus/_dev/build/docs/README.md | 12 ++++++++ packages/prometheus/docs/README.md | 12 ++++++++ packages/rabbitmq/_dev/build/docs/README.md | 20 +++++++++++++ packages/rabbitmq/docs/README.md | 20 +++++++++++++ .../spring_boot/_dev/build/docs/README.md | 20 +++++++++++++ packages/spring_boot/docs/README.md | 20 +++++++++++++ packages/stan/_dev/build/docs/README.md | 16 +++++++++++ packages/stan/docs/README.md | 16 +++++++++++ 14 files changed, 256 insertions(+) diff --git a/packages/cassandra/_dev/build/docs/README.md b/packages/cassandra/_dev/build/docs/README.md index a0d9e9a1264f..261d3f463cba 100644 --- a/packages/cassandra/_dev/build/docs/README.md +++ b/packages/cassandra/_dev/build/docs/README.md @@ -79,6 +79,10 @@ Cassandra system logs from cassandra.log files. {{event "log"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "log"}} ## Metrics @@ -87,4 +91,8 @@ Cassandra metrics using jolokia agent installed on cassandra. {{event "metrics"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "metrics"}} diff --git a/packages/cassandra/docs/README.md b/packages/cassandra/docs/README.md index 672af4af3ef0..85fec7f03b4b 100644 --- a/packages/cassandra/docs/README.md +++ b/packages/cassandra/docs/README.md @@ -144,6 +144,10 @@ An example event for `log` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -387,6 +391,10 @@ An example event for `metrics` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | diff --git a/packages/nats/_dev/build/docs/README.md b/packages/nats/_dev/build/docs/README.md index 80decafa0713..410eeebe0a19 100644 --- a/packages/nats/_dev/build/docs/README.md +++ b/packages/nats/_dev/build/docs/README.md @@ -16,6 +16,10 @@ The `log` dataset collects the NATS logs. {{event "log"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "log"}} ## Metrics @@ -31,6 +35,10 @@ metrics from a Nats instance. {{event "stats"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "stats"}} ### connections @@ -40,6 +48,10 @@ metrics about connections from a Nats instance. {{event "connections"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "connections"}} ### routes @@ -49,6 +61,10 @@ metrics about routes from a Nats instance. {{event "routes"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "routes"}} ### subscriptions @@ -58,6 +74,10 @@ metrics about subscriptions from a Nats instance. {{event "subscriptions"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "subscriptions"}} ### connection @@ -67,6 +87,10 @@ metrics per connection from a Nats instance. {{event "connection"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "connection"}} ### route @@ -76,4 +100,8 @@ metric per route from a Nats instance. {{event "route"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "route"}} diff --git a/packages/nats/docs/README.md b/packages/nats/docs/README.md index a8a8d61cd841..a3116487e798 100644 --- a/packages/nats/docs/README.md +++ b/packages/nats/docs/README.md @@ -108,6 +108,10 @@ An example event for `log` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -239,6 +243,10 @@ An example event for `stats` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -353,6 +361,10 @@ An example event for `connections` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -452,6 +464,10 @@ An example event for `routes` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -558,6 +574,10 @@ An example event for `subscriptions` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -675,6 +695,10 @@ An example event for `connection` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -793,6 +817,10 @@ An example event for `route` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | diff --git a/packages/oracle_weblogic/_dev/build/docs/README.md b/packages/oracle_weblogic/_dev/build/docs/README.md index f000dae45f83..c60cc695bec3 100644 --- a/packages/oracle_weblogic/_dev/build/docs/README.md +++ b/packages/oracle_weblogic/_dev/build/docs/README.md @@ -47,6 +47,10 @@ The `access` data stream collects Access logs form `Access.log`. {{event "access"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "access"}} ### Admin Server logs @@ -55,6 +59,10 @@ The `admin_server` data stream collects Admin Server logs from `Adminserver.log` {{event "admin_server"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "admin_server"}} ### Domain logs @@ -63,6 +71,10 @@ The `domain` data stream collects Domain logs from `Domain.log`. {{event "domain"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "domain"}} ### Managed Server Logs @@ -71,6 +83,10 @@ The `managed_server` data stream collects Managed Server logs from `Managedserve {{event "managed_server"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "managed_server"}} ## Metrics @@ -81,6 +97,10 @@ The `deployed_application` data stream collects metrics of Deployed Application. {{event "deployed_application"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "deployed_application"}} ### ThreadPool metrics @@ -89,4 +109,8 @@ This `threadpool` data stream collects metrics of ThreadPool. {{event "threadpool"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "threadpool"}} diff --git a/packages/oracle_weblogic/docs/README.md b/packages/oracle_weblogic/docs/README.md index 96251a830c9b..2461ffd0c0ac 100644 --- a/packages/oracle_weblogic/docs/README.md +++ b/packages/oracle_weblogic/docs/README.md @@ -137,6 +137,10 @@ An example event for `access` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -243,6 +247,10 @@ An example event for `admin_server` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -355,6 +363,10 @@ An example event for `domain` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -466,6 +478,10 @@ An example event for `managed_server` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -588,6 +604,10 @@ An example event for `deployed_application` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -704,6 +724,10 @@ An example event for `threadpool` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | diff --git a/packages/prometheus/_dev/build/docs/README.md b/packages/prometheus/_dev/build/docs/README.md index 456d51e679e6..7bd6e23e3345 100644 --- a/packages/prometheus/_dev/build/docs/README.md +++ b/packages/prometheus/_dev/build/docs/README.md @@ -131,6 +131,10 @@ Metrics Filters Include: ["^node_network_net_dev_group$", "^node_network_up$"] The fields reported are: +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "collector"}} @@ -230,6 +234,10 @@ remote_write: The fields reported are: +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "remote_write"}} #### Histograms and types @@ -358,6 +366,10 @@ queries: The fields reported are: +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "query"}} ## Dashboard diff --git a/packages/prometheus/docs/README.md b/packages/prometheus/docs/README.md index 7bb914304ba3..53683be768be 100644 --- a/packages/prometheus/docs/README.md +++ b/packages/prometheus/docs/README.md @@ -177,6 +177,10 @@ An example event for `collector` looks as following: The fields reported are: +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -369,6 +373,10 @@ An example event for `remote_write` looks as following: The fields reported are: +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -573,6 +581,10 @@ An example event for `query` looks as following: The fields reported are: +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | diff --git a/packages/rabbitmq/_dev/build/docs/README.md b/packages/rabbitmq/_dev/build/docs/README.md index 2aedd0916b81..032b4d846e1e 100644 --- a/packages/rabbitmq/_dev/build/docs/README.md +++ b/packages/rabbitmq/_dev/build/docs/README.md @@ -21,6 +21,10 @@ The application logs dataset parses single file format introduced in 3.7.0. Application logs collects standard RabbitMQ logs. It will only support RabbitMQ default i.e RFC 3339 timestamp format. +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "log"}} ## Metrics @@ -29,12 +33,20 @@ It will only support RabbitMQ default i.e RFC 3339 timestamp format. {{event "connection"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "connection"}} ### Exchange Metrics {{event "exchange"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "exchange"}} ### Node Metrics @@ -48,10 +60,18 @@ It supports two modes to collect data which can be selected with the "Collection {{event "node"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "node"}} ### Queue Metrics {{event "queue"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "queue"}} \ No newline at end of file diff --git a/packages/rabbitmq/docs/README.md b/packages/rabbitmq/docs/README.md index c16ff989ba48..2ed2c04d3f32 100644 --- a/packages/rabbitmq/docs/README.md +++ b/packages/rabbitmq/docs/README.md @@ -21,6 +21,10 @@ The application logs dataset parses single file format introduced in 3.7.0. Application logs collects standard RabbitMQ logs. It will only support RabbitMQ default i.e RFC 3339 timestamp format. +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -96,6 +100,10 @@ An example event for `connection` looks as following: ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -179,6 +187,10 @@ An example event for `exchange` looks as following: ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -359,6 +371,10 @@ An example event for `node` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -494,6 +510,10 @@ An example event for `queue` looks as following: ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | diff --git a/packages/spring_boot/_dev/build/docs/README.md b/packages/spring_boot/_dev/build/docs/README.md index 5e4e26df65ce..f09ac19c7bbd 100644 --- a/packages/spring_boot/_dev/build/docs/README.md +++ b/packages/spring_boot/_dev/build/docs/README.md @@ -80,6 +80,10 @@ This is the `audit_events` data stream. {{event "audit_events"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "audit_events"}} ### HTTP Trace logs @@ -90,6 +94,10 @@ This is the `http_trace` data stream. {{event "http_trace"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "http_trace"}} ## Metrics @@ -102,6 +110,10 @@ This is the `memory` data stream. {{event "memory"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "memory"}} ### Threading Metrics @@ -112,6 +124,10 @@ This is the `threading` data stream. {{event "threading"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "threading"}} ### GC Metrics @@ -122,4 +138,8 @@ This is the `gc` data stream. {{event "gc"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "gc"}} diff --git a/packages/spring_boot/docs/README.md b/packages/spring_boot/docs/README.md index 6de99f8480dc..99d5fe6ec5ea 100644 --- a/packages/spring_boot/docs/README.md +++ b/packages/spring_boot/docs/README.md @@ -155,6 +155,10 @@ An example event for `audit_events` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -253,6 +257,10 @@ An example event for `http_trace` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -364,6 +372,10 @@ An example event for `memory` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -489,6 +501,10 @@ An example event for `threading` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -678,6 +694,10 @@ An example event for `gc` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Unit | diff --git a/packages/stan/_dev/build/docs/README.md b/packages/stan/_dev/build/docs/README.md index 3a0e4afba260..594daed691f9 100644 --- a/packages/stan/_dev/build/docs/README.md +++ b/packages/stan/_dev/build/docs/README.md @@ -16,6 +16,10 @@ The `log` dataset collects the STAN logs. {{event "log"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "log"}} ## Metrics @@ -29,6 +33,10 @@ metrics from a STAN instance. {{event "stats"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "stats"}} ### channels @@ -38,6 +46,10 @@ metrics about channels from a STAN instance. {{event "channels"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "channels"}} ### subscriptions @@ -47,4 +59,8 @@ metrics about subscriptions from a STAN instance. {{event "subscriptions"}} +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + {{fields "subscriptions"}} \ No newline at end of file diff --git a/packages/stan/docs/README.md b/packages/stan/docs/README.md index a3730ca19533..93f4a92e9bf8 100644 --- a/packages/stan/docs/README.md +++ b/packages/stan/docs/README.md @@ -75,6 +75,10 @@ An example event for `log` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | @@ -184,6 +188,10 @@ An example event for `stats` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -296,6 +304,10 @@ An example event for `channels` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | @@ -408,6 +420,10 @@ An example event for `subscriptions` looks as following: } ``` +## ECS Field Reference + +Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. + **Exported fields** | Field | Description | Type | Metric Type | From 7eac098b7f7a1690f546e39c6fce52bc4c830627 Mon Sep 17 00:00:00 2001 From: niraj-elastic Date: Tue, 25 Jun 2024 12:40:14 +0530 Subject: [PATCH 19/21] update readme --- packages/cassandra/_dev/build/docs/README.md | 4 ++-- packages/cassandra/docs/README.md | 4 ++-- packages/nats/_dev/build/docs/README.md | 14 +++++++------- packages/nats/docs/README.md | 14 +++++++------- packages/oracle_weblogic/_dev/build/docs/README.md | 12 ++++++------ packages/oracle_weblogic/docs/README.md | 12 ++++++------ packages/prometheus/_dev/build/docs/README.md | 6 +++--- packages/prometheus/docs/README.md | 6 +++--- packages/rabbitmq/_dev/build/docs/README.md | 10 +++++----- packages/rabbitmq/docs/README.md | 10 +++++----- packages/spring_boot/_dev/build/docs/README.md | 10 +++++----- packages/spring_boot/docs/README.md | 10 +++++----- packages/stan/_dev/build/docs/README.md | 8 ++++---- packages/stan/docs/README.md | 8 ++++---- 14 files changed, 64 insertions(+), 64 deletions(-) diff --git a/packages/cassandra/_dev/build/docs/README.md b/packages/cassandra/_dev/build/docs/README.md index 261d3f463cba..2133b03f80b7 100644 --- a/packages/cassandra/_dev/build/docs/README.md +++ b/packages/cassandra/_dev/build/docs/README.md @@ -79,7 +79,7 @@ Cassandra system logs from cassandra.log files. {{event "log"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -91,7 +91,7 @@ Cassandra metrics using jolokia agent installed on cassandra. {{event "metrics"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/cassandra/docs/README.md b/packages/cassandra/docs/README.md index 85fec7f03b4b..6633888a0066 100644 --- a/packages/cassandra/docs/README.md +++ b/packages/cassandra/docs/README.md @@ -144,7 +144,7 @@ An example event for `log` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -391,7 +391,7 @@ An example event for `metrics` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/nats/_dev/build/docs/README.md b/packages/nats/_dev/build/docs/README.md index 410eeebe0a19..466cb052c7fc 100644 --- a/packages/nats/_dev/build/docs/README.md +++ b/packages/nats/_dev/build/docs/README.md @@ -16,7 +16,7 @@ The `log` dataset collects the NATS logs. {{event "log"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -35,7 +35,7 @@ metrics from a Nats instance. {{event "stats"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -48,7 +48,7 @@ metrics about connections from a Nats instance. {{event "connections"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -61,7 +61,7 @@ metrics about routes from a Nats instance. {{event "routes"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -74,7 +74,7 @@ metrics about subscriptions from a Nats instance. {{event "subscriptions"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -87,7 +87,7 @@ metrics per connection from a Nats instance. {{event "connection"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -100,7 +100,7 @@ metric per route from a Nats instance. {{event "route"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/nats/docs/README.md b/packages/nats/docs/README.md index a3116487e798..e9797a6d6b43 100644 --- a/packages/nats/docs/README.md +++ b/packages/nats/docs/README.md @@ -108,7 +108,7 @@ An example event for `log` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -243,7 +243,7 @@ An example event for `stats` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -361,7 +361,7 @@ An example event for `connections` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -464,7 +464,7 @@ An example event for `routes` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -574,7 +574,7 @@ An example event for `subscriptions` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -695,7 +695,7 @@ An example event for `connection` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -817,7 +817,7 @@ An example event for `route` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/oracle_weblogic/_dev/build/docs/README.md b/packages/oracle_weblogic/_dev/build/docs/README.md index c60cc695bec3..e18bf219626f 100644 --- a/packages/oracle_weblogic/_dev/build/docs/README.md +++ b/packages/oracle_weblogic/_dev/build/docs/README.md @@ -47,7 +47,7 @@ The `access` data stream collects Access logs form `Access.log`. {{event "access"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -59,7 +59,7 @@ The `admin_server` data stream collects Admin Server logs from `Adminserver.log` {{event "admin_server"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -71,7 +71,7 @@ The `domain` data stream collects Domain logs from `Domain.log`. {{event "domain"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -83,7 +83,7 @@ The `managed_server` data stream collects Managed Server logs from `Managedserve {{event "managed_server"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -97,7 +97,7 @@ The `deployed_application` data stream collects metrics of Deployed Application. {{event "deployed_application"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -109,7 +109,7 @@ This `threadpool` data stream collects metrics of ThreadPool. {{event "threadpool"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/oracle_weblogic/docs/README.md b/packages/oracle_weblogic/docs/README.md index 2461ffd0c0ac..b7667891b365 100644 --- a/packages/oracle_weblogic/docs/README.md +++ b/packages/oracle_weblogic/docs/README.md @@ -137,7 +137,7 @@ An example event for `access` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -247,7 +247,7 @@ An example event for `admin_server` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -363,7 +363,7 @@ An example event for `domain` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -478,7 +478,7 @@ An example event for `managed_server` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -604,7 +604,7 @@ An example event for `deployed_application` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -724,7 +724,7 @@ An example event for `threadpool` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/prometheus/_dev/build/docs/README.md b/packages/prometheus/_dev/build/docs/README.md index 7bd6e23e3345..64cfe22fa97e 100644 --- a/packages/prometheus/_dev/build/docs/README.md +++ b/packages/prometheus/_dev/build/docs/README.md @@ -131,7 +131,7 @@ Metrics Filters Include: ["^node_network_net_dev_group$", "^node_network_up$"] The fields reported are: -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -234,7 +234,7 @@ remote_write: The fields reported are: -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -366,7 +366,7 @@ queries: The fields reported are: -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/prometheus/docs/README.md b/packages/prometheus/docs/README.md index 53683be768be..409a1b1aae46 100644 --- a/packages/prometheus/docs/README.md +++ b/packages/prometheus/docs/README.md @@ -177,7 +177,7 @@ An example event for `collector` looks as following: The fields reported are: -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -373,7 +373,7 @@ An example event for `remote_write` looks as following: The fields reported are: -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -581,7 +581,7 @@ An example event for `query` looks as following: The fields reported are: -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/rabbitmq/_dev/build/docs/README.md b/packages/rabbitmq/_dev/build/docs/README.md index 032b4d846e1e..372026eaa38d 100644 --- a/packages/rabbitmq/_dev/build/docs/README.md +++ b/packages/rabbitmq/_dev/build/docs/README.md @@ -21,7 +21,7 @@ The application logs dataset parses single file format introduced in 3.7.0. Application logs collects standard RabbitMQ logs. It will only support RabbitMQ default i.e RFC 3339 timestamp format. -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -33,7 +33,7 @@ Please refer to the following [document](https://www.elastic.co/guide/en/ecs/cur {{event "connection"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -43,7 +43,7 @@ Please refer to the following [document](https://www.elastic.co/guide/en/ecs/cur {{event "exchange"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -60,7 +60,7 @@ It supports two modes to collect data which can be selected with the "Collection {{event "node"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -70,7 +70,7 @@ Please refer to the following [document](https://www.elastic.co/guide/en/ecs/cur {{event "queue"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/rabbitmq/docs/README.md b/packages/rabbitmq/docs/README.md index 2ed2c04d3f32..d1acf9af7906 100644 --- a/packages/rabbitmq/docs/README.md +++ b/packages/rabbitmq/docs/README.md @@ -21,7 +21,7 @@ The application logs dataset parses single file format introduced in 3.7.0. Application logs collects standard RabbitMQ logs. It will only support RabbitMQ default i.e RFC 3339 timestamp format. -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -100,7 +100,7 @@ An example event for `connection` looks as following: ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -187,7 +187,7 @@ An example event for `exchange` looks as following: ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -371,7 +371,7 @@ An example event for `node` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -510,7 +510,7 @@ An example event for `queue` looks as following: ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/spring_boot/_dev/build/docs/README.md b/packages/spring_boot/_dev/build/docs/README.md index f09ac19c7bbd..499636a2d1ef 100644 --- a/packages/spring_boot/_dev/build/docs/README.md +++ b/packages/spring_boot/_dev/build/docs/README.md @@ -80,7 +80,7 @@ This is the `audit_events` data stream. {{event "audit_events"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -94,7 +94,7 @@ This is the `http_trace` data stream. {{event "http_trace"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -110,7 +110,7 @@ This is the `memory` data stream. {{event "memory"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -124,7 +124,7 @@ This is the `threading` data stream. {{event "threading"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -138,7 +138,7 @@ This is the `gc` data stream. {{event "gc"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/spring_boot/docs/README.md b/packages/spring_boot/docs/README.md index 99d5fe6ec5ea..482aead6df40 100644 --- a/packages/spring_boot/docs/README.md +++ b/packages/spring_boot/docs/README.md @@ -155,7 +155,7 @@ An example event for `audit_events` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -257,7 +257,7 @@ An example event for `http_trace` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -372,7 +372,7 @@ An example event for `memory` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -501,7 +501,7 @@ An example event for `threading` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -694,7 +694,7 @@ An example event for `gc` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/stan/_dev/build/docs/README.md b/packages/stan/_dev/build/docs/README.md index 594daed691f9..4db709be1fd4 100644 --- a/packages/stan/_dev/build/docs/README.md +++ b/packages/stan/_dev/build/docs/README.md @@ -16,7 +16,7 @@ The `log` dataset collects the STAN logs. {{event "log"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -33,7 +33,7 @@ metrics from a STAN instance. {{event "stats"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -46,7 +46,7 @@ metrics about channels from a STAN instance. {{event "channels"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -59,7 +59,7 @@ metrics about subscriptions from a STAN instance. {{event "subscriptions"}} -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. diff --git a/packages/stan/docs/README.md b/packages/stan/docs/README.md index 93f4a92e9bf8..a7f97e1afbf0 100644 --- a/packages/stan/docs/README.md +++ b/packages/stan/docs/README.md @@ -75,7 +75,7 @@ An example event for `log` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -188,7 +188,7 @@ An example event for `stats` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -304,7 +304,7 @@ An example event for `channels` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. @@ -420,7 +420,7 @@ An example event for `subscriptions` looks as following: } ``` -## ECS Field Reference +**ECS Field Reference** Please refer to the following [document](https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html) for detailed information on ECS fields. From 21ba3c976d3ddf43cc522ad958f02206eb3c4574 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Fri, 5 Jul 2024 10:52:05 +0530 Subject: [PATCH 20/21] remove invalid field from ecs.yml in rabbitmq --- packages/rabbitmq/data_stream/connection/fields/ecs.yml | 2 -- packages/rabbitmq/data_stream/exchange/fields/ecs.yml | 2 -- packages/rabbitmq/docs/README.md | 2 -- 3 files changed, 6 deletions(-) diff --git a/packages/rabbitmq/data_stream/connection/fields/ecs.yml b/packages/rabbitmq/data_stream/connection/fields/ecs.yml index 94f478a3c7ad..4b73f809437d 100644 --- a/packages/rabbitmq/data_stream/connection/fields/ecs.yml +++ b/packages/rabbitmq/data_stream/connection/fields/ecs.yml @@ -1,5 +1,3 @@ -- external: ecs - name: user - external: ecs name: service.address dimension: true diff --git a/packages/rabbitmq/data_stream/exchange/fields/ecs.yml b/packages/rabbitmq/data_stream/exchange/fields/ecs.yml index 94f478a3c7ad..4b73f809437d 100644 --- a/packages/rabbitmq/data_stream/exchange/fields/ecs.yml +++ b/packages/rabbitmq/data_stream/exchange/fields/ecs.yml @@ -1,5 +1,3 @@ -- external: ecs - name: user - external: ecs name: service.address dimension: true diff --git a/packages/rabbitmq/docs/README.md b/packages/rabbitmq/docs/README.md index d1acf9af7906..91b19d27ed21 100644 --- a/packages/rabbitmq/docs/README.md +++ b/packages/rabbitmq/docs/README.md @@ -144,7 +144,6 @@ Please refer to the following [document](https://www.elastic.co/guide/en/ecs/cur | rabbitmq.connection.type | Type of the connection. | keyword | | | rabbitmq.vhost | Virtual host name with non-ASCII characters escaped as in C. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| user | The user fields describe information about the user that is relevant to the event. Fields can have one entry or multiple entries. If a user has more than one id, provide an array that includes all of them. | group | | ### Exchange Metrics @@ -223,7 +222,6 @@ Please refer to the following [document](https://www.elastic.co/guide/en/ecs/cur | rabbitmq.exchange.name | The name of the queue with non-ASCII characters escaped as in C. | keyword | | | rabbitmq.vhost | Virtual host name with non-ASCII characters escaped as in C. | keyword | | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| user | The user fields describe information about the user that is relevant to the event. Fields can have one entry or multiple entries. If a user has more than one id, provide an array that includes all of them. | group | | ### Node Metrics From 2236426e2a9eee943577610a427bfdecb9882016 Mon Sep 17 00:00:00 2001 From: harnish-elastic Date: Fri, 5 Jul 2024 10:57:45 +0530 Subject: [PATCH 21/21] elastic-package check --- packages/prometheus/docs/README.md | 9 --------- 1 file changed, 9 deletions(-) diff --git a/packages/prometheus/docs/README.md b/packages/prometheus/docs/README.md index 620cdd2b7792..111d50799caf 100644 --- a/packages/prometheus/docs/README.md +++ b/packages/prometheus/docs/README.md @@ -404,8 +404,6 @@ Please refer to the following [document](https://www.elastic.co/guide/en/ecs/cur | prometheus.labels.\* | Prometheus metric labels | keyword | | | prometheus.metrics.\* | Prometheus metric | object | gauge | | prometheus.metrics_names_fingerprint | Autogenerated ID representing the fingerprint of the list of metrics names | keyword | | -| service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | -| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | #### Histograms and types @@ -607,13 +605,6 @@ Please refer to the following [document](https://www.elastic.co/guide/en/ecs/cur | host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | | | host.os.build | OS build information. | keyword | | | host.os.codename | OS codename, if any. | keyword | | -| host.os.family | OS family (such as redhat, debian, freebsd, windows). | keyword | | -| host.os.kernel | Operating system kernel version as a raw string. | keyword | | -| host.os.name | Operating system name, without the version. | keyword | | -| host.os.name.text | Multi-field of `host.os.name`. | text | | -| host.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword | | -| host.os.version | Operating system version as a raw string. | keyword | | -| host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword | | | prometheus.labels.\* | Prometheus metric labels | keyword | | | prometheus.query.\* | Prometheus value resulted from PromQL | object | gauge | | service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | |