forked from elastic/kibana
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Logs onboarding] Generate elastic-agent.yml file for system logs (el…
…astic#162972) Closes elastic#154929. This PR along with elastic#162654, elastic#162706 and elastic#162600 completes the work required for collect system logs. ### Changes - `ObservabilityOnboardingType` now could be `logFiles | systemLogs`. This help us to identify (without changing the script) whether we need to retrieve the yaml configuration for customLogs or for systemLogs. - Added `generateSystemLogsYml` which generates a specific configuration for system logs. - `get_has_logs.ts` was modified so we are querying the proper index depending on the type of logs. #### Demo https://github.com/elastic/kibana/assets/1313018/47eca890-37b2-401e-9e41-67c978ab50ad
- Loading branch information
Showing
19 changed files
with
416 additions
and
127 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
8 changes: 4 additions & 4 deletions
8
...t/__snapshots__/generate_yml.test.ts.snap → ...s__/generate_custom_logs_yml.test.ts.snap
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
48 changes: 48 additions & 0 deletions
48
...rver/routes/elastic_agent/system_logs/__snapshots__/generate_system_logs_yml.test.ts.snap
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
22 changes: 22 additions & 0 deletions
22
...ility_onboarding/server/routes/elastic_agent/system_logs/generate_system_logs_yml.test.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { generateSystemLogsYml } from './generate_system_logs_yml'; | ||
|
||
const baseMockConfig = { | ||
namespace: 'default', | ||
apiKey: 'elastic:changeme', | ||
esHost: ['http://localhost:9200'], | ||
uuid: '8df0ff52-6f3b-4b5a-a2da-f06c55d111d1', | ||
}; | ||
|
||
describe('generateSystemLogsYml', () => { | ||
it('should return system logs oriented yml configuration', () => { | ||
const result = generateSystemLogsYml(baseMockConfig); | ||
expect(result).toMatchSnapshot(); | ||
}); | ||
}); |
82 changes: 82 additions & 0 deletions
82
...ervability_onboarding/server/routes/elastic_agent/system_logs/generate_system_logs_yml.ts
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,82 @@ | ||
/* | ||
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one | ||
* or more contributor license agreements. Licensed under the Elastic License | ||
* 2.0; you may not use this file except in compliance with the Elastic License | ||
* 2.0. | ||
*/ | ||
|
||
import { dump } from 'js-yaml'; | ||
|
||
export const generateSystemLogsYml = ({ | ||
namespace = 'default', | ||
apiKey, | ||
esHost, | ||
uuid, | ||
}: { | ||
namespace?: string; | ||
apiKey: string; | ||
esHost: string[]; | ||
uuid: string; | ||
}) => { | ||
return dump({ | ||
outputs: { | ||
default: { | ||
type: 'elasticsearch', | ||
hosts: esHost, | ||
api_key: apiKey, | ||
}, | ||
}, | ||
inputs: [ | ||
{ | ||
id: `system-logs-${uuid}`, | ||
type: 'logfile', | ||
data_stream: { | ||
namespace, | ||
}, | ||
streams: [ | ||
{ | ||
id: `logfile-system.auth-${uuid}`, | ||
data_stream: { | ||
dataset: 'system.auth', | ||
type: 'logs', | ||
}, | ||
paths: ['/var/log/auth.log*', '/var/log/secure*'], | ||
exclude_files: ['.gz$'], | ||
multiline: { | ||
pattern: '^s', | ||
match: 'after', | ||
}, | ||
tags: ['system-auth'], | ||
processors: [ | ||
{ | ||
add_locale: null, | ||
}, | ||
], | ||
}, | ||
{ | ||
id: `logfile-system.syslog-${uuid}`, | ||
data_stream: { | ||
dataset: 'system.syslog', | ||
type: 'logs', | ||
}, | ||
paths: [ | ||
'/var/log/messages*', | ||
'/var/log/syslog*', | ||
'/var/log/system*', | ||
], | ||
exclude_files: ['.gz$'], | ||
multiline: { | ||
pattern: '^s', | ||
match: 'after', | ||
}, | ||
processors: [ | ||
{ | ||
add_locale: null, | ||
}, | ||
], | ||
}, | ||
], | ||
}, | ||
], | ||
}); | ||
}; |
Oops, something went wrong.