diff --git a/packages/kibana/_dev/build/docs/README.md b/packages/kibana/_dev/build/docs/README.md index 804e1bc75fc5..9a488764d160 100644 --- a/packages/kibana/_dev/build/docs/README.md +++ b/packages/kibana/_dev/build/docs/README.md @@ -31,45 +31,7 @@ UI in Kibana. To enable this usage, set `xpack.enabled: true` on the package con Stats data stream uses the stats endpoint of Kibana, which is available in 6.4 by default. -**Exported fields** - -| Field | Description | Type | -|---|---|---| -| @timestamp | Date/time when the event originated. This is the date/time extracted from the event, typically representing when the event was generated by the source. If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. Required field for all events. | date | -| data_stream.dataset | Data stream dataset. | constant_keyword | -| data_stream.namespace | Data stream namespace. | constant_keyword | -| data_stream.type | Data stream type. | constant_keyword | -| kibana.stats.concurrent_connections | Number of client connections made to the server. Note that browsers can send multiple simultaneous connections to request multiple server assets at once, and they can re-use established connections. | long | -| kibana.stats.host.name | Kibana instance hostname | keyword | -| kibana.stats.index | Name of Kibana's internal index | keyword | -| kibana.stats.kibana.status | | keyword | -| kibana.stats.name | Kibana instance name | keyword | -| kibana.stats.os.distro | | keyword | -| kibana.stats.os.distroRelease | | keyword | -| kibana.stats.os.load.15m | | half_float | -| kibana.stats.os.load.1m | | half_float | -| kibana.stats.os.load.5m | | half_float | -| kibana.stats.os.memory.free_in_bytes | | long | -| kibana.stats.os.memory.total_in_bytes | | long | -| kibana.stats.os.memory.used_in_bytes | | long | -| kibana.stats.os.platform | | keyword | -| kibana.stats.os.platformRelease | | keyword | -| kibana.stats.process.event_loop_delay.ms | Event loop delay in milliseconds | scaled_float | -| kibana.stats.process.memory.heap.size_limit.bytes | Max. old space size allocated to Node.js process, in bytes | long | -| kibana.stats.process.memory.heap.total.bytes | Total heap allocated to process in bytes | long | -| kibana.stats.process.memory.heap.uptime.ms | Uptime of process in milliseconds | long | -| kibana.stats.process.memory.heap.used.bytes | Heap used by process in bytes | long | -| kibana.stats.process.memory.resident_set_size.bytes | | long | -| kibana.stats.process.uptime.ms | | long | -| kibana.stats.request.disconnects | Number of requests that were disconnected | long | -| kibana.stats.request.total | Total number of requests | long | -| kibana.stats.response_time.avg.ms | Average response time in milliseconds | long | -| kibana.stats.response_time.max.ms | Maximum response time in milliseconds | long | -| kibana.stats.snapshot | Whether the Kibana build is a snapshot build | boolean | -| kibana.stats.status | Kibana instance's health status | keyword | -| kibana.stats.usage.index | | keyword | -| service.id | Unique identifier of the running service. If the service is comprised of many nodes, the `service.id` should be the same for all nodes. This id should uniquely identify the service. This makes it possible to correlate logs and metrics for one specific service, no matter which particular node emitted the event. Note that if you need to see the events from one specific host of the service, you should filter on that `host.name` or `host.id` instead. | keyword | -| service.version | Version of the service the data was collected from. This allows to look at a data set only for a specific version of a service. | keyword | +{{fields "stats"}} {{event "stats"}} @@ -77,21 +39,7 @@ Stats data stream uses the stats endpoint of Kibana, which is available in 6.4 b This status endpoint is available in 6.0 by default and can be enabled in Kibana >= 5.4 with the config option `status.v6ApiFormat: true`. -**Exported fields** - -| Field | Description | Type | -|---|---|---| -| @timestamp | Date/time when the event originated. This is the date/time extracted from the event, typically representing when the event was generated by the source. If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. Required field for all events. | date | -| data_stream.dataset | Data stream dataset. | constant_keyword | -| data_stream.namespace | Data stream namespace. | constant_keyword | -| data_stream.type | Data stream type. | constant_keyword | -| kibana.status.metrics.concurrent_connections | Current concurrent connections. | long | -| kibana.status.metrics.requests.disconnects | Total number of disconnected connections. | long | -| kibana.status.metrics.requests.total | Total number of connections. | long | -| kibana.status.name | Kibana instance name. | keyword | -| kibana.status.status.overall.state | Kibana overall state. | keyword | -| service.id | Unique identifier of the running service. If the service is comprised of many nodes, the `service.id` should be the same for all nodes. This id should uniquely identify the service. This makes it possible to correlate logs and metrics for one specific service, no matter which particular node emitted the event. Note that if you need to see the events from one specific host of the service, you should filter on that `host.name` or `host.id` instead. | keyword | -| service.version | Version of the service the data was collected from. This allows to look at a data set only for a specific version of a service. | keyword | +{{fields "status"}} {{event "status"}} diff --git a/packages/kibana/data_stream/stats/_dev/test/system/test-default-config.yml b/packages/kibana/data_stream/stats/_dev/test/system/test-default-config.yml index 4f8c0744b24d..108c7cb06764 100644 --- a/packages/kibana/data_stream/stats/_dev/test/system/test-default-config.yml +++ b/packages/kibana/data_stream/stats/_dev/test/system/test-default-config.yml @@ -2,7 +2,7 @@ type: kibana/metrics dataset: kibana.stack_monitoring.stats vars: hosts: - - "https://kibana:5601" + - "http://elastic-package-service-kibana-1:5601" username: elastic password: changeme data_stream: ~ diff --git a/packages/kibana/data_stream/stats/sample_event.json b/packages/kibana/data_stream/stats/sample_event.json index 731b3d7b428c..c889853e926c 100644 --- a/packages/kibana/data_stream/stats/sample_event.json +++ b/packages/kibana/data_stream/stats/sample_event.json @@ -1,8 +1,8 @@ { - "@timestamp": "2022-10-11T13:24:57.757Z", + "@timestamp": "2022-10-11T19:06:28.320Z", "agent": { - "ephemeral_id": "4e2e71ae-5cc0-4f0b-aad9-212bfcdd57d3", - "id": "79e48fe3-2ecd-4021-aed5-6e7e69d47606", + "ephemeral_id": "f796f6ed-21e4-48d5-bb4f-4cc69b3fb3f2", + "id": "b3e85606-c252-4a5e-af71-7b138302dbd9", "name": "docker-fleet-agent", "type": "metricbeat", "version": "8.5.0" @@ -16,15 +16,15 @@ "version": "8.0.0" }, "elastic_agent": { - "id": "79e48fe3-2ecd-4021-aed5-6e7e69d47606", + "id": "b3e85606-c252-4a5e-af71-7b138302dbd9", "snapshot": true, "version": "8.5.0" }, "event": { "agent_id_status": "verified", "dataset": "kibana.stack_monitoring.stats", - "duration": 82140000, - "ingested": "2022-10-11T13:24:58Z", + "duration": 57404375, + "ingested": "2022-10-11T19:06:29Z", "module": "kibana" }, "host": { @@ -33,10 +33,10 @@ "hostname": "docker-fleet-agent", "id": "b6bc6723e51b43959ce07f0c3105c72d", "ip": [ - "192.168.0.7" + "172.31.0.7" ], "mac": [ - "02-42-C0-A8-00-07" + "02-42-AC-1F-00-07" ], "name": "docker-fleet-agent", "os": { @@ -52,11 +52,11 @@ "kibana": { "elasticsearch": { "cluster": { - "id": "U8DCOXCFQHWlaKczNT4LNQ" + "id": "II5HA1VCQPGB4bQLCi5yZw" } }, "stats": { - "concurrent_connections": 32, + "concurrent_connections": 0, "host": { "name": "0.0.0.0" }, @@ -66,21 +66,21 @@ "distro": "Ubuntu", "distroRelease": "Ubuntu-20.04", "load": { - "15m": 3.24, - "1m": 4.92, - "5m": 4.23 + "15m": 3.1, + "1m": 4.29, + "5m": 3.7 }, "memory": { - "free_in_bytes": 5639352320, + "free_in_bytes": 5613236224, "total_in_bytes": 12544004096, - "used_in_bytes": 6904651776 + "used_in_bytes": 6930767872 }, "platform": "linux", "platformRelease": "linux-5.10.124-linuxkit" }, "process": { "event_loop_delay": { - "ms": 10.643508512820512 + "ms": 10.846537460869566 }, "memory": { "heap": { @@ -88,18 +88,18 @@ "bytes": 2197815296 }, "total": { - "bytes": 338423808 + "bytes": 608399360 }, "used": { - "bytes": 261625064 + "bytes": 295489000 } }, "resident_set_size": { - "bytes": 478478336 + "bytes": 716869632 } }, "uptime": { - "ms": 8929086 + "ms": 25686 } }, "request": { @@ -108,10 +108,10 @@ }, "response_time": { "avg": { - "ms": 7 + "ms": 13 }, "max": { - "ms": 14 + "ms": 48 } }, "snapshot": true, @@ -127,8 +127,8 @@ "pid": 7 }, "service": { - "address": "https://kibana:5601/api/stats?extended=true", - "id": "3e424458-6cef-4a42-9812-bbd591083316", + "address": "http://elastic-package-service-kibana-1:5601/api/stats?extended=true", + "id": "d67ef18d-cefc-4ca5-b844-123adf3a0eb7", "type": "kibana", "version": "8.5.0" } diff --git a/packages/kibana/data_stream/status/_dev/test/system/test-default-config.yml b/packages/kibana/data_stream/status/_dev/test/system/test-default-config.yml index 16332570e928..2a5e2a86df6f 100644 --- a/packages/kibana/data_stream/status/_dev/test/system/test-default-config.yml +++ b/packages/kibana/data_stream/status/_dev/test/system/test-default-config.yml @@ -2,7 +2,7 @@ type: kibana/metrics dataset: kibana.stack_monitoring.status vars: hosts: - - "https://kibana:5601" + - "http://elastic-package-service-kibana-1:5601" username: elastic password: changeme data_stream: ~ diff --git a/packages/kibana/data_stream/status/sample_event.json b/packages/kibana/data_stream/status/sample_event.json index 3e6752f32461..a95899a7a900 100644 --- a/packages/kibana/data_stream/status/sample_event.json +++ b/packages/kibana/data_stream/status/sample_event.json @@ -1,8 +1,8 @@ { - "@timestamp": "2022-10-11T13:26:28.295Z", + "@timestamp": "2022-10-11T19:07:58.348Z", "agent": { - "ephemeral_id": "4e2e71ae-5cc0-4f0b-aad9-212bfcdd57d3", - "id": "79e48fe3-2ecd-4021-aed5-6e7e69d47606", + "ephemeral_id": "f796f6ed-21e4-48d5-bb4f-4cc69b3fb3f2", + "id": "b3e85606-c252-4a5e-af71-7b138302dbd9", "name": "docker-fleet-agent", "type": "metricbeat", "version": "8.5.0" @@ -16,15 +16,15 @@ "version": "8.0.0" }, "elastic_agent": { - "id": "79e48fe3-2ecd-4021-aed5-6e7e69d47606", + "id": "b3e85606-c252-4a5e-af71-7b138302dbd9", "snapshot": true, "version": "8.5.0" }, "event": { "agent_id_status": "verified", "dataset": "kibana.stack_monitoring.status", - "duration": 34376125, - "ingested": "2022-10-11T13:26:29Z", + "duration": 21930208, + "ingested": "2022-10-11T19:07:59Z", "module": "kibana" }, "host": { @@ -33,10 +33,10 @@ "hostname": "docker-fleet-agent", "id": "b6bc6723e51b43959ce07f0c3105c72d", "ip": [ - "192.168.0.7" + "172.31.0.7" ], "mac": [ - "02-42-C0-A8-00-07" + "02-42-AC-1F-00-07" ], "name": "docker-fleet-agent", "os": { @@ -52,7 +52,7 @@ "kibana": { "status": { "metrics": { - "concurrent_connections": 30, + "concurrent_connections": 0, "requests": { "disconnects": 0, "total": 6 @@ -69,8 +69,8 @@ "period": 10000 }, "service": { - "address": "https://kibana:5601/api/status", - "id": "3e424458-6cef-4a42-9812-bbd591083316", + "address": "http://elastic-package-service-kibana-1:5601/api/status", + "id": "40f3cc0f-ff7c-4e7e-a470-bbdb124a32ca", "name": "kibana", "type": "kibana", "version": "8.5.0" diff --git a/packages/kibana/docs/README.md b/packages/kibana/docs/README.md index 1cd777d07eac..317690826f9f 100644 --- a/packages/kibana/docs/README.md +++ b/packages/kibana/docs/README.md @@ -128,9 +128,17 @@ Stats data stream uses the stats endpoint of Kibana, which is available in 6.4 b | Field | Description | Type | |---|---|---| | @timestamp | Date/time when the event originated. This is the date/time extracted from the event, typically representing when the event was generated by the source. If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. Required field for all events. | date | +| cluster_uuid | | alias | | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | +| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | +| error.message | Error message. | match_only_text | +| event.dataset | Name of the dataset. If an event source publishes more than one type of log or events (e.g. access log, error log), the dataset is used to specify which one the event comes from. It's recommended but not required to start the dataset name with the module name, followed by a dot, then the dataset name. | keyword | +| event.duration | Duration of the event in nanoseconds. If event.start and event.end are known this value should be the difference between the end and start time. | long | +| event.module | Name of the module this data is coming from. If your monitoring agent supports the concept of modules or plugins to process events of a given source (e.g. Apache logs), `event.module` should contain the name of this module. | keyword | +| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword | +| kibana.elasticsearch.cluster.id | | keyword | | kibana.stats.concurrent_connections | Number of client connections made to the server. Note that browsers can send multiple simultaneous connections to request multiple server assets at once, and they can re-use established connections. | long | | kibana.stats.host.name | Kibana instance hostname | keyword | | kibana.stats.index | Name of Kibana's internal index | keyword | @@ -159,18 +167,42 @@ Stats data stream uses the stats endpoint of Kibana, which is available in 6.4 b | kibana.stats.response_time.max.ms | Maximum response time in milliseconds | long | | kibana.stats.snapshot | Whether the Kibana build is a snapshot build | boolean | | kibana.stats.status | Kibana instance's health status | keyword | +| kibana.stats.transport_address | Address where data about this service was collected from. | keyword | | kibana.stats.usage.index | | keyword | +| kibana_stats.concurrent_connections | | alias | +| kibana_stats.kibana.response_time.max | | alias | +| kibana_stats.kibana.status | | alias | +| kibana_stats.kibana.uuid | | alias | +| kibana_stats.kibana.version | | alias | +| kibana_stats.os.load.15m | | alias | +| kibana_stats.os.load.1m | | alias | +| kibana_stats.os.load.5m | | alias | +| kibana_stats.os.memory.free_in_bytes | | alias | +| kibana_stats.process.event_loop_delay | | alias | +| kibana_stats.process.memory.heap.size_limit | | alias | +| kibana_stats.process.memory.resident_set_size_in_bytes | | alias | +| kibana_stats.process.uptime_in_millis | | alias | +| kibana_stats.requests.disconnects | | alias | +| kibana_stats.requests.total | | alias | +| kibana_stats.response_times.average | | alias | +| kibana_stats.response_times.max | | alias | +| kibana_stats.timestamp | | alias | +| process.pid | Process id. | long | +| service.address | Address where data about this service was collected from. This should be a URI, network address (ipv4:port or [ipv6]:port) or a resource path (sockets). | keyword | | service.id | Unique identifier of the running service. If the service is comprised of many nodes, the `service.id` should be the same for all nodes. This id should uniquely identify the service. This makes it possible to correlate logs and metrics for one specific service, no matter which particular node emitted the event. Note that if you need to see the events from one specific host of the service, you should filter on that `host.name` or `host.id` instead. | keyword | +| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | service.version | Version of the service the data was collected from. This allows to look at a data set only for a specific version of a service. | keyword | +| timestamp | | alias | + An example event for `stats` looks as following: ```json { - "@timestamp": "2022-10-11T13:24:57.757Z", + "@timestamp": "2022-10-11T19:06:28.320Z", "agent": { - "ephemeral_id": "4e2e71ae-5cc0-4f0b-aad9-212bfcdd57d3", - "id": "79e48fe3-2ecd-4021-aed5-6e7e69d47606", + "ephemeral_id": "f796f6ed-21e4-48d5-bb4f-4cc69b3fb3f2", + "id": "b3e85606-c252-4a5e-af71-7b138302dbd9", "name": "docker-fleet-agent", "type": "metricbeat", "version": "8.5.0" @@ -184,15 +216,15 @@ An example event for `stats` looks as following: "version": "8.0.0" }, "elastic_agent": { - "id": "79e48fe3-2ecd-4021-aed5-6e7e69d47606", + "id": "b3e85606-c252-4a5e-af71-7b138302dbd9", "snapshot": true, "version": "8.5.0" }, "event": { "agent_id_status": "verified", "dataset": "kibana.stack_monitoring.stats", - "duration": 82140000, - "ingested": "2022-10-11T13:24:58Z", + "duration": 57404375, + "ingested": "2022-10-11T19:06:29Z", "module": "kibana" }, "host": { @@ -201,10 +233,10 @@ An example event for `stats` looks as following: "hostname": "docker-fleet-agent", "id": "b6bc6723e51b43959ce07f0c3105c72d", "ip": [ - "192.168.0.7" + "172.31.0.7" ], "mac": [ - "02-42-C0-A8-00-07" + "02-42-AC-1F-00-07" ], "name": "docker-fleet-agent", "os": { @@ -220,11 +252,11 @@ An example event for `stats` looks as following: "kibana": { "elasticsearch": { "cluster": { - "id": "U8DCOXCFQHWlaKczNT4LNQ" + "id": "II5HA1VCQPGB4bQLCi5yZw" } }, "stats": { - "concurrent_connections": 32, + "concurrent_connections": 0, "host": { "name": "0.0.0.0" }, @@ -234,21 +266,21 @@ An example event for `stats` looks as following: "distro": "Ubuntu", "distroRelease": "Ubuntu-20.04", "load": { - "15m": 3.24, - "1m": 4.92, - "5m": 4.23 + "15m": 3.1, + "1m": 4.29, + "5m": 3.7 }, "memory": { - "free_in_bytes": 5639352320, + "free_in_bytes": 5613236224, "total_in_bytes": 12544004096, - "used_in_bytes": 6904651776 + "used_in_bytes": 6930767872 }, "platform": "linux", "platformRelease": "linux-5.10.124-linuxkit" }, "process": { "event_loop_delay": { - "ms": 10.643508512820512 + "ms": 10.846537460869566 }, "memory": { "heap": { @@ -256,18 +288,18 @@ An example event for `stats` looks as following: "bytes": 2197815296 }, "total": { - "bytes": 338423808 + "bytes": 608399360 }, "used": { - "bytes": 261625064 + "bytes": 295489000 } }, "resident_set_size": { - "bytes": 478478336 + "bytes": 716869632 } }, "uptime": { - "ms": 8929086 + "ms": 25686 } }, "request": { @@ -276,10 +308,10 @@ An example event for `stats` looks as following: }, "response_time": { "avg": { - "ms": 7 + "ms": 13 }, "max": { - "ms": 14 + "ms": 48 } }, "snapshot": true, @@ -295,8 +327,8 @@ An example event for `stats` looks as following: "pid": 7 }, "service": { - "address": "https://kibana:5601/api/stats?extended=true", - "id": "3e424458-6cef-4a42-9812-bbd591083316", + "address": "http://elastic-package-service-kibana-1:5601/api/stats?extended=true", + "id": "d67ef18d-cefc-4ca5-b844-123adf3a0eb7", "type": "kibana", "version": "8.5.0" } @@ -315,22 +347,28 @@ This status endpoint is available in 6.0 by default and can be enabled in Kibana | data_stream.dataset | Data stream dataset. | constant_keyword | | data_stream.namespace | Data stream namespace. | constant_keyword | | data_stream.type | Data stream type. | constant_keyword | +| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword | +| error.message | Error message. | match_only_text | | kibana.status.metrics.concurrent_connections | Current concurrent connections. | long | | kibana.status.metrics.requests.disconnects | Total number of disconnected connections. | long | | kibana.status.metrics.requests.total | Total number of connections. | long | | kibana.status.name | Kibana instance name. | keyword | | kibana.status.status.overall.state | Kibana overall state. | keyword | +| service.address | Address where data about this service was collected from. | keyword | | service.id | Unique identifier of the running service. If the service is comprised of many nodes, the `service.id` should be the same for all nodes. This id should uniquely identify the service. This makes it possible to correlate logs and metrics for one specific service, no matter which particular node emitted the event. Note that if you need to see the events from one specific host of the service, you should filter on that `host.name` or `host.id` instead. | keyword | +| service.name | Name of the service data is collected from. The name of the service is normally user given. This allows for distributed services that run on multiple hosts to correlate the related instances based on the name. In the case of Elasticsearch the `service.name` could contain the cluster name. For Beats the `service.name` is by default a copy of the `service.type` field if no name is specified. | keyword | +| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword | | service.version | Version of the service the data was collected from. This allows to look at a data set only for a specific version of a service. | keyword | + An example event for `status` looks as following: ```json { - "@timestamp": "2022-10-11T13:26:28.295Z", + "@timestamp": "2022-10-11T19:07:58.348Z", "agent": { - "ephemeral_id": "4e2e71ae-5cc0-4f0b-aad9-212bfcdd57d3", - "id": "79e48fe3-2ecd-4021-aed5-6e7e69d47606", + "ephemeral_id": "f796f6ed-21e4-48d5-bb4f-4cc69b3fb3f2", + "id": "b3e85606-c252-4a5e-af71-7b138302dbd9", "name": "docker-fleet-agent", "type": "metricbeat", "version": "8.5.0" @@ -344,15 +382,15 @@ An example event for `status` looks as following: "version": "8.0.0" }, "elastic_agent": { - "id": "79e48fe3-2ecd-4021-aed5-6e7e69d47606", + "id": "b3e85606-c252-4a5e-af71-7b138302dbd9", "snapshot": true, "version": "8.5.0" }, "event": { "agent_id_status": "verified", "dataset": "kibana.stack_monitoring.status", - "duration": 34376125, - "ingested": "2022-10-11T13:26:29Z", + "duration": 21930208, + "ingested": "2022-10-11T19:07:59Z", "module": "kibana" }, "host": { @@ -361,10 +399,10 @@ An example event for `status` looks as following: "hostname": "docker-fleet-agent", "id": "b6bc6723e51b43959ce07f0c3105c72d", "ip": [ - "192.168.0.7" + "172.31.0.7" ], "mac": [ - "02-42-C0-A8-00-07" + "02-42-AC-1F-00-07" ], "name": "docker-fleet-agent", "os": { @@ -380,7 +418,7 @@ An example event for `status` looks as following: "kibana": { "status": { "metrics": { - "concurrent_connections": 30, + "concurrent_connections": 0, "requests": { "disconnects": 0, "total": 6 @@ -397,8 +435,8 @@ An example event for `status` looks as following: "period": 10000 }, "service": { - "address": "https://kibana:5601/api/status", - "id": "3e424458-6cef-4a42-9812-bbd591083316", + "address": "http://elastic-package-service-kibana-1:5601/api/status", + "id": "40f3cc0f-ff7c-4e7e-a470-bbdb124a32ca", "name": "kibana", "type": "kibana", "version": "8.5.0"