Andrew Kroh
Andrew Kroh
There needs to be a way to pass in the host filesystem location as an option to allow collection from the host machine when operating inside of Docker. This is...
Getting the FQDN of the local host has always been a pain point in Go. It would be nice if this library could provide that functionality and return the FQDN...
Suppose you want allow `clone` with specific arguments such as `CLONE_NEWUSER`. To accomplish this we need to add the ability to generate a BPF filter that can check the arguments....
There is some built-in auditing support in macOS. I don't know much about it yet, but it sounds like we can get execve info at a minimum. This needs more...
The metricbeat golang module is emitting mapping exceptions: `mapper [golang.filebeat.memstats.BySize.Frees] cannot be changed from type [float] to [long]` For confirmed bugs, please report: - Version: master (2020-06-25) - Operating System:...
This is a proposal for some improvements to how fields.yml related data is handled. ### Create 'export fields' sub-command This command would export the field.yml data that is embedded in...
The documents below both cause `parser.ParseBytes` to return an ast.File` that contains two documents. In each case it should only return a single document. I have included a test case...
Fixes: #127 #71
I propose we deprecate the Filebeat syslog input by adding a notice to the documentation that recommends switching inputs and applying the syslog processor. And we would also add a...