Skip to content

Commit

Permalink
Do not stop collecting events when journal entries change (elastic#9994)
Browse files Browse the repository at this point in the history 
Previously sd_journal_wait was not used. From now on all changes to journals are detected.

I also added custom seccomp policy to Journalbeat.

Closes elastic#9533
  • Loading branch information
@kvch
kvch authored Jan 28, 2019
1 parent 5a682a9 commit 49c75cd
Show file tree
Hide file tree
Showing 4 changed files with 328 additions and 20 deletions.
1 change: 1 addition & 0 deletions beater/journalbeat.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ import (
"github.com/elastic/beats/libbeat/logp"

"github.com/elastic/beats/journalbeat/config"
_ "github.com/elastic/beats/journalbeat/include"
)

// Journalbeat instance
Expand Down
122 changes: 122 additions & 0 deletions include/seccomp_linux_386.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

135 changes: 135 additions & 0 deletions include/seccomp_linux_amd64.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 49c75cd

Please sign in to comment.