Skip to content

Commit

Permalink
[automation] Publish kubernetes templates for elastic-agent
Browse files Browse the repository at this point in the history
  • Loading branch information
apmmachine authored and ChrsMark committed Jul 19, 2023
1 parent 50de0fd commit 623f862
Show file tree
Hide file tree
Showing 57 changed files with 510 additions and 385 deletions.
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-activemq
id: filestream-activemq-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down Expand Up @@ -45,6 +46,7 @@ inputs:
- activemq-log
data_stream.namespace: default
- name: activemq/metrics-activemq
id: activemq/metrics-activemq-${kubernetes.hints.container_id}
type: activemq/metrics
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-apache
id: filestream-apache-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down Expand Up @@ -41,6 +42,7 @@ inputs:
- apache-error
data_stream.namespace: default
- name: httpjson-apache
id: httpjson-apache-${kubernetes.hints.container_id}
type: httpjson
use_output: default
streams:
Expand Down Expand Up @@ -122,6 +124,7 @@ inputs:
- apache-error
data_stream.namespace: default
- name: apache/metrics-apache
id: apache/metrics-apache-${kubernetes.hints.container_id}
type: apache/metrics
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-cassandra
id: filestream-cassandra-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down Expand Up @@ -27,6 +28,7 @@ inputs:
- cassandra-systemlogs
data_stream.namespace: default
- name: jolokia/metrics-cassandra
id: jolokia/metrics-cassandra-${kubernetes.hints.container_id}
type: jolokia/metrics
use_output: default
streams:
Expand Down
41 changes: 22 additions & 19 deletions deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml
Original file line number Diff line number Diff line change
@@ -1,43 +1,35 @@
inputs:
- name: filestream-cef
type: filestream
- name: udp-cef
id: udp-cef-${kubernetes.hints.container_id}
type: udp
use_output: default
streams:
- condition: ${kubernetes.hints.cef.log.enabled} == true or ${kubernetes.hints.cef.enabled} == true
data_stream:
dataset: cef.log
type: logs
exclude_files:
- .gz$
parsers:
- container:
format: auto
stream: ${kubernetes.hints.cef.log.stream|'all'}
paths:
- /var/log/containers/*${kubernetes.hints.container_id}.log
host: localhost:9003
processors:
- rename:
fields:
- from: message
to: event.original
- decode_cef:
field: event.original
prospector:
scanner:
symlinks: true
tags:
- cef
- forwarded
data_stream.namespace: default
- name: udp-cef
type: udp
- name: tcp-cef
id: tcp-cef-${kubernetes.hints.container_id}
type: tcp
use_output: default
streams:
- condition: ${kubernetes.hints.cef.log.enabled} == true or ${kubernetes.hints.cef.enabled} == true
data_stream:
dataset: cef.log
type: logs
host: localhost:9003
host: localhost:9004
processors:
- rename:
fields:
Expand All @@ -49,22 +41,33 @@ inputs:
- cef
- forwarded
data_stream.namespace: default
- name: tcp-cef
type: tcp
- name: filestream-cef
id: filestream-cef-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
- condition: ${kubernetes.hints.cef.log.enabled} == true or ${kubernetes.hints.cef.enabled} == true
data_stream:
dataset: cef.log
type: logs
host: localhost:9004
exclude_files:
- .gz$
parsers:
- container:
format: auto
stream: ${kubernetes.hints.cef.log.stream|'all'}
paths:
- /var/log/containers/*${kubernetes.hints.container_id}.log
processors:
- rename:
fields:
- from: message
to: event.original
- decode_cef:
field: event.original
prospector:
scanner:
symlinks: true
tags:
- cef
- forwarded
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-checkpoint
id: filestream-checkpoint-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down Expand Up @@ -34,6 +35,7 @@ inputs:
- forwarded
data_stream.namespace: default
- name: tcp-checkpoint
id: tcp-checkpoint-${kubernetes.hints.container_id}
type: tcp
use_output: default
streams:
Expand All @@ -48,6 +50,7 @@ inputs:
- forwarded
data_stream.namespace: default
- name: udp-checkpoint
id: udp-checkpoint-${kubernetes.hints.container_id}
type: udp
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: prometheus/metrics-cockroachdb
id: prometheus/metrics-cockroachdb-${kubernetes.hints.container_id}
type: prometheus/metrics
use_output: default
streams:
Expand All @@ -22,6 +23,7 @@ inputs:
username: ${kubernetes.hints.cockroachdb.status.username|kubernetes.hints.cockroachdb.username|''}
data_stream.namespace: default
- name: filestream-cockroachdb
id: filestream-cockroachdb-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,35 +1,6 @@
inputs:
- name: aws-s3-crowdstrike
type: aws-s3
use_output: default
streams:
- condition: ${kubernetes.hints.crowdstrike.fdr.enabled} == true or ${kubernetes.hints.crowdstrike.enabled} == true
data_stream:
dataset: crowdstrike.fdr
type: logs
queue_url: null
sqs.notification_parsing_script.source: |
function parse(n) {
var m = JSON.parse(n);
var evts = [];
var files = m.files;
var bucket = m.bucket;
if (!Array.isArray(files) || (files.length == 0) || bucket == null || bucket == "") {
return evts;
}
files.forEach(function(f){
var evt = new S3EventV2();
evt.SetS3BucketName(bucket);
evt.SetS3ObjectKey(f.path);
evts.push(evt);
});
return evts;
}
tags:
- forwarded
- crowdstrike-fdr
data_stream.namespace: default
- name: filestream-crowdstrike
id: filestream-crowdstrike-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down Expand Up @@ -77,3 +48,34 @@ inputs:
- forwarded
- crowdstrike-fdr
data_stream.namespace: default
- name: aws-s3-crowdstrike
id: aws-s3-crowdstrike-${kubernetes.hints.container_id}
type: aws-s3
use_output: default
streams:
- condition: ${kubernetes.hints.crowdstrike.fdr.enabled} == true or ${kubernetes.hints.crowdstrike.enabled} == true
data_stream:
dataset: crowdstrike.fdr
type: logs
queue_url: null
sqs.notification_parsing_script.source: |
function parse(n) {
var m = JSON.parse(n);
var evts = [];
var files = m.files;
var bucket = m.bucket;
if (!Array.isArray(files) || (files.length == 0) || bucket == null || bucket == "") {
return evts;
}
files.forEach(function(f){
var evt = new S3EventV2();
evt.SetS3BucketName(bucket);
evt.SetS3ObjectKey(f.path);
evts.push(evt);
});
return evts;
}
tags:
- forwarded
- crowdstrike-fdr
data_stream.namespace: default
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: tcp-cyberarkpas
id: tcp-cyberarkpas-${kubernetes.hints.container_id}
type: tcp
use_output: default
streams:
Expand All @@ -16,6 +17,7 @@ inputs:
tcp: null
data_stream.namespace: default
- name: udp-cyberarkpas
id: udp-cyberarkpas-${kubernetes.hints.container_id}
type: udp
use_output: default
streams:
Expand All @@ -32,6 +34,7 @@ inputs:
udp: null
data_stream.namespace: default
- name: filestream-cyberarkpas
id: filestream-cyberarkpas-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-elasticsearch
id: filestream-elasticsearch-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down Expand Up @@ -124,6 +125,7 @@ inputs:
symlinks: true
data_stream.namespace: default
- name: elasticsearch/metrics-elasticsearch
id: elasticsearch/metrics-elasticsearch-${kubernetes.hints.container_id}
type: elasticsearch/metrics
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-endpoint
id: filestream-endpoint-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-fireeye
id: filestream-fireeye-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand All @@ -24,6 +25,7 @@ inputs:
- fireeye-nx
data_stream.namespace: default
- name: udp-fireeye
id: udp-fireeye-${kubernetes.hints.container_id}
type: udp
use_output: default
streams:
Expand All @@ -41,6 +43,7 @@ inputs:
udp: null
data_stream.namespace: default
- name: tcp-fireeye
id: tcp-fireeye-${kubernetes.hints.container_id}
type: tcp
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-haproxy
id: filestream-haproxy-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand All @@ -24,6 +25,7 @@ inputs:
- haproxy-log
data_stream.namespace: default
- name: syslog-haproxy
id: syslog-haproxy-${kubernetes.hints.container_id}
type: syslog
use_output: default
streams:
Expand All @@ -40,6 +42,7 @@ inputs:
- haproxy-log
data_stream.namespace: default
- name: haproxy/metrics-haproxy
id: haproxy/metrics-haproxy-${kubernetes.hints.container_id}
type: haproxy/metrics
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-hashicorp_vault
id: filestream-hashicorp_vault-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down Expand Up @@ -39,6 +40,7 @@ inputs:
- hashicorp-vault-log
data_stream.namespace: default
- name: tcp-hashicorp_vault
id: tcp-hashicorp_vault-${kubernetes.hints.container_id}
type: tcp
use_output: default
streams:
Expand All @@ -53,6 +55,7 @@ inputs:
- forwarded
data_stream.namespace: default
- name: prometheus/metrics-hashicorp_vault
id: prometheus/metrics-hashicorp_vault-${kubernetes.hints.container_id}
type: prometheus/metrics
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-hid_bravura_monitor
id: filestream-hid_bravura_monitor-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down Expand Up @@ -30,6 +31,7 @@ inputs:
tags: null
data_stream.namespace: default
- name: winlog-hid_bravura_monitor
id: winlog-hid_bravura_monitor-${kubernetes.hints.container_id}
type: winlog
use_output: default
streams:
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
inputs:
- name: filestream-iis
id: filestream-iis-${kubernetes.hints.container_id}
type: filestream
use_output: default
streams:
Expand Down Expand Up @@ -45,6 +46,7 @@ inputs:
- iis-error
data_stream.namespace: default
- name: iis/metrics-iis
id: iis/metrics-iis-${kubernetes.hints.container_id}
type: iis/metrics
use_output: default
streams:
Expand Down
Loading

0 comments on commit 623f862

Please sign in to comment.