Tiago Queiroz
Tiago Queiroz
1. Branch off `main` and merge onto it: i. https://github.com/elastic/beats/pull/41244 ii. https://github.com/elastic/beats/pull/41296 iii. https://github.com/elastic/beats/pull/41354 2. Package Filebeat 3. Run the setup command ``` ./filebeat setup --modules system ``` 5. Run...
## Proposed commit message This PR adds the missing `process.name` field to System module, Syslog fileset ## Checklist - [x] My code follows the style guidelines of this project -...
## Proposed commit message This commit reworks the `eslegclient.Connection` to accept a context in its `Connect` method, this allows the caller to cancel any in flight requests made by the...
Some fields are missing, from the system integration events when using journald input. `process.name` seems to be one of them. We also need to ensure we have test cases for...
When using the journald input to read from a file, there is a race condition that happens when `journalctl` exits. Whenever the journald input starts and there is a chance...
We started seeing cases where the `filestream-monitoring` will log an entry stating the Elastic-Agent log file was truncated: ```json { "log.level": "info", "@timestamp": "2024-07-05T15:42:27.135Z", "message": "File was truncated. Reading file...
The [`system-logs`](https://github.com/elastic/beats/tree/main/filebeat/input/systemlogs) input is a "proxy input" that decides whether `journald` or `log` should be used as input for Filebeat's system module. At the moment of writing it is intended...
When setting the `pipeline` on a Beat input or output, its name is always lower-cased, this was introduced about 4 years ago (see https://github.com/elastic/beats/commit/28f7aca29d91b86fb4159dae168b9051cac65593) to be compatible with pipeline names...
## Flaky Test * **Test Name:** TestFileWatcher/does_not_emit_events_for_empty_files/emits_a_create_event_once_something_is_written_to_the_empty_file * **Link:** https://buildkite.com/elastic/filebeat/builds/10071#01927d37-f10c-420b-9c98-f05d31df75a1/207-425 * **PR:** https://github.com/elastic/beats/pull/41061 * **Notes:** I tired on my machine (Windows) and it passes. Even when running with `-count=10` ###...
The Journald input supports the same parsers as the Filestream input, here is an example: ```yaml filebeat.inputs: - type: journald id: PR-testing parsers: - multiline: type: count count_lines: 3 ```...