Skip to content

Commit

Permalink
Align elastic-agent-standalone manifest with the kubernetes package c…
Browse files Browse the repository at this point in the history 
…hanges (#29595)

* align elastic-agent-standalone manifest with the managed version

Signed-off-by: Tetiana Kravchenko <[email protected]>

* revetn docker image version

Signed-off-by: Tetiana Kravchenko <[email protected]>

* remove ES_HOST used to run test locally

Signed-off-by: Tetiana Kravchenko <[email protected]>

* set default values for container parser implicitly

Signed-off-by: Tetiana Kravchenko <[email protected]>

* remove skip_older as it is a default value anyway

Signed-off-by: Tetiana Kravchenko <[email protected]>
  • Loading branch information
@tetianakravchenko
tetianakravchenko authored Dec 23, 2021
1 parent 0bfa0a1 commit 9b19aae
Show file tree
Hide file tree
Showing 2 changed files with 138 additions and 14 deletions.
76 changes: 69 additions & 7 deletions deploy/kubernetes/elastic-agent-standalone-kubernetes.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ data:
meta:
package:
name: kubernetes
version: 0.2.8
version: 1.9.0
data_stream:
namespace: default
streams:
Expand Down Expand Up @@ -72,6 +72,15 @@ data:
hosts:
- 'kube-state-metrics:8080'
period: 10s
- data_stream:
dataset: kubernetes.state_daemonset
type: metrics
metricsets:
- state_daemonset
add_metadata: true
hosts:
- 'kube-state-metrics:8080'
period: 10s
- data_stream:
dataset: kubernetes.state_deployment
type: metrics
Expand Down Expand Up @@ -214,20 +223,73 @@ data:
fields:
ecs.version: 1.12.0
- name: container-log
type: logfile
type: filestream
use_output: default
meta:
package:
name: log
version: 0.4.6
name: kubernetes
version: 1.9.0
data_stream:
namespace: default
streams:
- data_stream:
dataset: generic
symlinks: true
dataset: kubernetes.container_logs
type: logs
prospector.scanner.symlinks: true
parsers:
- container: ~
# - ndjson:
# target: json
# - multiline:
# type: pattern
# pattern: '^\['
# negate: true
# match: after
paths:
- /var/log/containers/*${kubernetes.container.id}.log
- name: audit-log
type: filestream
use_output: default
meta:
package:
name: kubernetes
version: 1.9.0
data_stream:
namespace: default
streams:
- data_stream:
dataset: kubernetes.audit_logs
type: logs
exclude_files:
- .gz$
parsers:
- ndjson:
add_error_key: true
target: kubernetes_audit
paths:
- /var/log/kubernetes/kube-apiserver-audit.log
processors:
- rename:
fields:
- from: kubernetes_audit
to: kubernetes.audit
- script:
id: dedot_annotations
lang: javascript
source: |
function process(event) {
var audit = event.Get("kubernetes.audit");
for (var annotation in audit["annotations"]) {
var annotation_dedoted = annotation.replace(/\./g,'_')
event.Rename("kubernetes.audit.annotations."+annotation, "kubernetes.audit.annotations."+annotation_dedoted)
}
return event;
} function test() {
var event = process(new Event({ "kubernetes": { "audit": { "annotations": { "authorization.k8s.io/decision": "allow", "authorization.k8s.io/reason": "RBAC: allowed by ClusterRoleBinding \"system:kube-scheduler\" of ClusterRole \"system:kube-scheduler\" to User \"system:kube-scheduler\"" } } } }));
if (event.Get("kubernetes.audit.annotations.authorization_k8s_io/decision") !== "allow") {
throw "expected kubernetes.audit.annotations.authorization_k8s_io/decision === allow";
}
}
- name: system-metrics
type: system/metrics
use_output: default
Expand Down Expand Up @@ -332,7 +394,7 @@ data:
meta:
package:
name: kubernetes
version: 0.2.8
version: 1.9.0
data_stream:
namespace: default
streams:
Expand Down
76 changes: 69 additions & 7 deletions deploy/kubernetes/elastic-agent-standalone/elastic-agent-standalone-daemonset-configmap.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ data:
meta:
package:
name: kubernetes
version: 0.2.8
version: 1.9.0
data_stream:
namespace: default
streams:
Expand Down Expand Up @@ -72,6 +72,15 @@ data:
hosts:
- 'kube-state-metrics:8080'
period: 10s
- data_stream:
dataset: kubernetes.state_daemonset
type: metrics
metricsets:
- state_daemonset
add_metadata: true
hosts:
- 'kube-state-metrics:8080'
period: 10s
- data_stream:
dataset: kubernetes.state_deployment
type: metrics
Expand Down Expand Up @@ -214,20 +223,73 @@ data:
fields:
ecs.version: 1.12.0
- name: container-log
type: logfile
type: filestream
use_output: default
meta:
package:
name: log
version: 0.4.6
name: kubernetes
version: 1.9.0
data_stream:
namespace: default
streams:
- data_stream:
dataset: generic
symlinks: true
dataset: kubernetes.container_logs
type: logs
prospector.scanner.symlinks: true
parsers:
- container: ~
# - ndjson:
# target: json
# - multiline:
# type: pattern
# pattern: '^\['
# negate: true
# match: after
paths:
- /var/log/containers/*${kubernetes.container.id}.log
- name: audit-log
type: filestream
use_output: default
meta:
package:
name: kubernetes
version: 1.9.0
data_stream:
namespace: default
streams:
- data_stream:
dataset: kubernetes.audit_logs
type: logs
exclude_files:
- .gz$
parsers:
- ndjson:
add_error_key: true
target: kubernetes_audit
paths:
- /var/log/kubernetes/kube-apiserver-audit.log
processors:
- rename:
fields:
- from: kubernetes_audit
to: kubernetes.audit
- script:
id: dedot_annotations
lang: javascript
source: |
function process(event) {
var audit = event.Get("kubernetes.audit");
for (var annotation in audit["annotations"]) {
var annotation_dedoted = annotation.replace(/\./g,'_')
event.Rename("kubernetes.audit.annotations."+annotation, "kubernetes.audit.annotations."+annotation_dedoted)
}
return event;
} function test() {
var event = process(new Event({ "kubernetes": { "audit": { "annotations": { "authorization.k8s.io/decision": "allow", "authorization.k8s.io/reason": "RBAC: allowed by ClusterRoleBinding \"system:kube-scheduler\" of ClusterRole \"system:kube-scheduler\" to User \"system:kube-scheduler\"" } } } }));
if (event.Get("kubernetes.audit.annotations.authorization_k8s_io/decision") !== "allow") {
throw "expected kubernetes.audit.annotations.authorization_k8s_io/decision === allow";
}
}
- name: system-metrics
type: system/metrics
use_output: default
Expand Down Expand Up @@ -332,7 +394,7 @@ data:
meta:
package:
name: kubernetes
version: 0.2.8
version: 1.9.0
data_stream:
namespace: default
streams:
Expand Down

0 comments on commit 9b19aae

Please sign in to comment.