[Auditbeat] Default distribution fails to start on aarch64 #23349
Comments
botelastic
bot
added
the
needs_team
|
Pinging @elastic/integrations (Team:Integrations) |
botelastic
bot
removed
the
needs_team
|
You need to disable the |
|
Thanks let me try, is it documented or do we need to document this? |
|
This is the document I found: https://www.elastic.co/guide/en/beats/auditbeat/7.11/auditbeat-module-system.html - does it make sense to add something about it there? |
|
We should update the config template to only include the modules that work for arm64. Then the config file will work out of the box. beats/x-pack/auditbeat/module/system/_meta/config.yml.tmpl Lines 23 to 24 in 518e8b3 |
|
Sounds good @andrewkroh |
|
This should be an easy fix, I'll see if I can knock it out |
|
Thank you @fearful-symmetry - it would be nice if we can get it into 7.11.0 and 7.10.2 upcoming releases. I already tested removing the system module and auditbeat comes up, having it do so out of the box would be best. |
|
@adriansr do we know what parts of the system module do work on aarch64? |
|
It may make sense to also update the documentation to say something about Linux aarch64 system module. Thoughts? |
|
Yah, with the coming age of M1 macs, we might want to be more explicit with ARM support |
|
Fix here: #23381 Apologies for the delay, my country is struggling with democracy and the news is a tad distracting. |
andresrc
added
Team:Elastic-Agent
|
Pinging @elastic/security-external-integrations (Team:Security-External Integrations) |
|
Pinging @elastic/agent (Team:Agent) |
|
I think we're good to close this. |
For confirmed bugs, please report:
Install auditbeat and try to start, observe error
Same thing happens on 7.10.1 so not a regression. The oss distribution works.
The text was updated successfully, but these errors were encountered: