Skip to content

Commit

Permalink
prefix field names with "journald."
Browse files Browse the repository at this point in the history
  • Loading branch information
@kvch
kvch committed Oct 2, 2018
1 parent 4401d9b commit 80aa2e4
Show file tree
Hide file tree
Showing 4 changed files with 147 additions and 433 deletions.
223 changes: 114 additions & 109 deletions journalbeat/_meta/fields.common.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,117 +19,145 @@
type: keyword
description: >
Annotations of messages containing coredumps from user units.
- name: object
- name: journald
type: group
description: >
Fields to log on behalf of a different program.
Fields provided by journald.
fields:
- name: audit
- name: object
type: group
description: >
Audit fields of event.
Fields to log on behalf of a different program.
fields:
- name: loginuid
- name: audit
type: group
description: >
Audit fields of event.
fields:
- name: loginuid
type: long
required: false
example: 1000
description: >
The login UID of the object process.
- name: session
type: long
required: false
example: 3
description: >
The audit session of the object process.
- name: cmd
type: keyword
required: false
example: "/lib/systemd/systemd --user"
description: >
The command line of the process.
- name: name
type: keyword
required: false
example: "/lib/systemd/systemd"
description: >
Name of the executable.
- name: executable
type: keyword
required: false
description: >
Path to the the executable.
example: "/lib/systemd/systemd"
- name: uid
type: long
required: false
example: 1000
description: >
The login UID of the object process.
- name: session
UID of the object process.
- name: gid
type: long
required: false
example: 3
description: >
The audit session of the object process.
- name: cmd
type: keyword
required: false
example: "/lib/systemd/systemd --user"
description: >
The command line of the process.
- name: name
type: keyword
required: false
example: "/lib/systemd/systemd"
description: >
Name of the executable.
- name: executable
type: keyword
required: false
description: >
Path to the the executable.
example: "/lib/systemd/systemd"
- name: uid
type: long
required: false
description: >
UID of the object process.
- name: gid
type: long
required: false
description: >
GID of the object process.
- name: pid
type: long
required: false
description: >
PID of the object process.
- name: systemd
GID of the object process.
- name: pid
type: long
required: false
description: >
PID of the object process.
- name: systemd
type: group
description: >
Systemd fields of event.
fields:
- name: owner_uid
type: long
required: false
description: >
The UID of the owner.
- name: session
type: keyword
required: false
description: >
The ID of the systemd session.
- name: unit
type: keyword
required: false
description: >
The name of the systemd unit.
- name: user_unit
type: keyword
required: false
description: >
The name of the systemd user unit.
- name: kernel
type: group
description: >
Systemd fields of event.
Fields to log on behalf of a different program.
fields:
- name: owner_uid
type: long
- name: device
type: keyword
required: false
description: >
The UID of the owner.
- name: session
The kernel device name.
- name: subsystem
type: keyword
required: false
description: >
The ID of the systemd session.
- name: unit
type: keyword
The kernel subsystem name.
- name: device_symlinks
type: text
required: false
description: >
The name of the systemd unit.
- name: user_unit
type: keyword
Additional symlink names pointing to the device node in /dev.
- name: device_node_path
type: text
required: false
description: >
The name of the systemd user unit.
- name: kernel
type: group
description: >
Fields to log on behalf of a different program.
fields:
- name: device
type: keyword
required: false
description: >
The kernel device name.
- name: subsystem
type: keyword
required: false
description: >
The kernel subsystem name.
- name: device_symlinks
type: text
required: false
description: >
Additional symlink names pointing to the device node in /dev.
- name: device_node_path
type: text
required: false
description: >
The device node path of this device in /dev.
- name: device_name
type: text
required: false
The device node path of this device in /dev.
- name: device_name
type: text
required: false
description: >
The kernel device name as it shows up in the device tree below /sys.
- name: code
type: group
description: >
The kernel device name as it shows up in the device tree below /sys.
- name: process
Fields of the code generating the event.
fields:
- name: file
type: text
required: false
example: "../src/core/manager.c"
description: >
The name of the source file where the log is generated.
- name: function
type: text
required: false
example: "job_log_status_message"
description: >
The name of the function which generated the log message.
- name: line
type: long
required: false
example: 123
description: >
The line number of the code which generated the log message.
- name: process
type: group
description: >
Fields to log on behalf of a different program.
Expand Down Expand Up @@ -258,29 +286,6 @@
example: "dd8c974asdf01dbe2ef26d7fasdf264c9"
description: >
The boot ID for the boot the log was generated in.
- name: code
type: group
description: >
Fields of the code generating the event.
fields:
- name: file
type: text
required: false
example: "../src/core/manager.c"
description: >
The name of the source file where the log is generated.
- name: function
type: text
required: false
example: "job_log_status_message"
description: >
The name of the function which generated the log message.
- name: line
type: long
required: false
example: 123
description: >
The line number of the code which generated the log message.
- name: syslog
type: group
description: >
Expand Down
Loading

0 comments on commit 80aa2e4

Please sign in to comment.