From 037a1fb9a9543ec489dbe9c3f39046c67a037edc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?No=C3=A9mi=20V=C3=A1nyi?= <sitbackandwait@gmail.com>
Date: Wed, 21 Nov 2018 16:21:16 +0100
Subject: [PATCH 1/4] add journalbeat docker image

---
 beats.txt                                |  1 +
 build/journalbeat/config/journalbeat.yml | 11 +++++++++++
 templates/docker-compose.yml.j2          |  6 ++++++
 3 files changed, 18 insertions(+)
 create mode 100644 build/journalbeat/config/journalbeat.yml

diff --git a/beats.txt b/beats.txt
index 89238e0..dd754b6 100644
--- a/beats.txt
+++ b/beats.txt
@@ -1,5 +1,6 @@
 auditbeat
 filebeat
 heartbeat
+journalbeat
 metricbeat
 packetbeat
diff --git a/build/journalbeat/config/journalbeat.yml b/build/journalbeat/config/journalbeat.yml
new file mode 100644
index 0000000..08d7985
--- /dev/null
+++ b/build/journalbeat/config/journalbeat.yml
@@ -0,0 +1,11 @@
+journalbeat.inputs:
+- paths: [/mnt/journal]
+
+processors:
+  - add_host_metadata: ~
+  - add_cloud_metadata: ~
+
+output.elasticsearch:
+  hosts: ['elasticsearch:9200']
+  username: elastic
+  password: changeme
diff --git a/templates/docker-compose.yml.j2 b/templates/docker-compose.yml.j2
index 4f03f89..1a11f6d 100644
--- a/templates/docker-compose.yml.j2
+++ b/templates/docker-compose.yml.j2
@@ -24,4 +24,10 @@ services:
       - NET_RAW
       - NET_ADMIN
     {%- endif %}
+
+    {% if beat == 'journalbeat' %}
+    volumes:
+      - /etc/machine-id:/etc/machine-id
+      - /etc/hostname:/etc/hostname:ro
+    {%- endif %}
 {% endfor %}

From 0999f919a16cb5841689b3c2eb2c83d8d72d390e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?No=C3=A9mi=20V=C3=A1nyi?= <sitbackandwait@gmail.com>
Date: Thu, 22 Nov 2018 16:46:47 +0100
Subject: [PATCH 2/4] add journalbeat to readme

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 43d6104..181639e 100644
--- a/README.md
+++ b/README.md
@@ -8,6 +8,7 @@ Documentation can be found on the [Elastic website][elastic]:
 * [auditbeat][auditbeat]
 * [filebeat][filebeat]
 * [heartbeat][heartbeat]
+* [journalbeat][journalbeat]
 * [metricbeat][metricbeat]
 * [packetbeat][packetbeat]
 
@@ -16,6 +17,7 @@ Documentation can be found on the [Elastic website][elastic]:
 [auditbeat]: https://www.elastic.co/guide/en/beats/auditbeat/current/running-on-docker.html
 [filebeat]: https://www.elastic.co/guide/en/beats/filebeat/current/running-on-docker.html
 [heartbeat]: https://www.elastic.co/guide/en/beats/heartbeat/current/running-on-docker.html
+[journalbeat]: https://www.elastic.co/guide/en/beats/journalbeat/current/running-on-docker.html
 [metricbeat]: https://www.elastic.co/guide/en/beats/metricbeat/current/running-on-docker.html
 [packetbeat]: https://www.elastic.co/guide/en/beats/packetbeat/current/running-on-docker.html
 

From 74547d3d8bd85638dd57b4e5d9e102b7c46a7f1f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?No=C3=A9mi=20V=C3=A1nyi?= <sitbackandwait@gmail.com>
Date: Tue, 27 Nov 2018 11:28:24 +0100
Subject: [PATCH 3/4] always connect to local journal

---
 build/journalbeat/config/journalbeat.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build/journalbeat/config/journalbeat.yml b/build/journalbeat/config/journalbeat.yml
index 08d7985..e2b7930 100644
--- a/build/journalbeat/config/journalbeat.yml
+++ b/build/journalbeat/config/journalbeat.yml
@@ -1,5 +1,5 @@
 journalbeat.inputs:
-- paths: [/mnt/journal]
+- paths: []
 
 processors:
   - add_host_metadata: ~

From 154e4c698e737f2357c81cceb194a46dc1645ef4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?No=C3=A9mi=20V=C3=A1nyi?= <sitbackandwait@gmail.com>
Date: Tue, 27 Nov 2018 12:13:02 +0100
Subject: [PATCH 4/4] remove `~` to stay consistent with repo

---
 build/journalbeat/config/journalbeat.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/build/journalbeat/config/journalbeat.yml b/build/journalbeat/config/journalbeat.yml
index e2b7930..5e1b534 100644
--- a/build/journalbeat/config/journalbeat.yml
+++ b/build/journalbeat/config/journalbeat.yml
@@ -2,8 +2,8 @@ journalbeat.inputs:
 - paths: []
 
 processors:
-  - add_host_metadata: ~
-  - add_cloud_metadata: ~
+- add_host_metadata:
+- add_cloud_metadata:
 
 output.elasticsearch:
   hosts: ['elasticsearch:9200']