Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding JSON paths to FB ES module docs #12008

Merged
merged 4 commits into from
May 2, 2019
Merged

Adding JSON paths to FB ES module docs #12008

merged 4 commits into from
May 2, 2019

Conversation

ycombinator
Copy link
Contributor

@ycombinator ycombinator commented May 1, 2019
edited
Loading

Resolves #12000.

Clarifies what log file paths to point to for the Filebeat Elasticsearch module.

@ycombinator ycombinator requested a review from dedemorton May 1, 2019 15:13
@ycombinator ycombinator marked this pull request as ready for review May 1, 2019 15:13
@ycombinator ycombinator requested review from a team as code owners May 1, 2019 15:13
@ycombinator ycombinator requested a review from weltenwort May 1, 2019 15:13
@elasticmachine
Copy link
Collaborator

Pinging @elastic/stack-monitoring

@ycombinator ycombinator added needs_backport PR is waiting to be backported to other branches. review labels May 1, 2019
dedemorton
dedemorton suggested changes May 1, 2019
View reviewed changes
Copy link
Contributor

@dedemorton dedemorton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Made some minor suggestions. I made them to all instances (including generated) so that you can accept them all though GitHub, if you want, but I'm not sure this will pass CI. You might need to pull down the changes and run make update again.

filebeat/docs/modules/elasticsearch.asciidoc Outdated Show resolved Hide resolved
filebeat/docs/modules/elasticsearch.asciidoc Outdated Show resolved Hide resolved
filebeat/docs/modules/elasticsearch.asciidoc Outdated Show resolved Hide resolved
filebeat/docs/modules/elasticsearch.asciidoc Outdated Show resolved Hide resolved
filebeat/docs/modules/elasticsearch.asciidoc Outdated Show resolved Hide resolved
filebeat/module/elasticsearch/_meta/docs.asciidoc Outdated Show resolved Hide resolved
filebeat/module/elasticsearch/_meta/docs.asciidoc Outdated Show resolved Hide resolved
filebeat/module/elasticsearch/_meta/docs.asciidoc Outdated Show resolved Hide resolved
filebeat/module/elasticsearch/_meta/docs.asciidoc Outdated Show resolved Hide resolved
filebeat/module/elasticsearch/_meta/docs.asciidoc Outdated Show resolved Hide resolved
dedemorton
dedemorton approved these changes May 1, 2019
View reviewed changes
Copy link
Contributor

@dedemorton dedemorton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wait until docs CI test is green before merging, but the changes LGTM.

weltenwort
weltenwort approved these changes May 2, 2019
View reviewed changes
Copy link
Member

@weltenwort weltenwort left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for this, @ycombinator. LGTM, I left just two questions below.

filebeat/docs/modules/elasticsearch.asciidoc Outdated
@@ -70,8 +75,14 @@ Example config:
----
audit:
var.paths:
- /var/log/elasticsearch/*_audit.json
- /var/log/elasticsearch/*_access.log # Plain text logs
- /var/log/elasticsearch/*_audit.log # JSON logs
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this really in JSON format a the comment suffix suggests?

Copy link
Contributor Author

@ycombinator ycombinator May 2, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, this was the case in 6.7. Starting 7.0 the JSON audit logs were put into *_audit.json. I think, to avoid confusion and complexity, I'll just remove this line altogether.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed in f062d3e.

filebeat/module/elasticsearch/_meta/docs.asciidoc Outdated
@@ -65,8 +70,14 @@ Example config:
----
audit:
var.paths:
- /var/log/elasticsearch/*_audit.json
- /var/log/elasticsearch/*_access.log # Plain text logs
- /var/log/elasticsearch/*_audit.log # JSON logs
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above - does this file contain JSON-formatted logs?

@ycombinator
Copy link
Contributor Author

I addressed your review feedback, @weltenwort. This is ready for re-review, when you get a chance. Thanks!

@ycombinator ycombinator merged commit f27d17f into elastic:master May 2, 2019
This was referenced May 2, 2019
Closed
Merged
Merged
@ycombinator ycombinator deleted the fb-es-docs branch May 2, 2019 15:19
ycombinator added a commit that referenced this pull request May 3, 2019
@ycombinator
[7.1] Adding JSON paths to FB ES module docs (#12008) (#12030)
498fd2b 
* Adding JSON paths to FB ES module docs

* Adding note about ES version

* Apply suggestions from code review

Co-Authored-By: ycombinator <[email protected]>

* Remove mention of *_audit.log to avoid confusion
ycombinator added a commit that referenced this pull request May 3, 2019
@ycombinator
[7.0] Adding JSON paths to FB ES module docs (#12008) (#12031)
42db1e7 
* Adding JSON paths to FB ES module docs

* Adding note about ES version

* Apply suggestions from code review

Co-Authored-By: ycombinator <[email protected]>

* Remove mention of *_audit.log to avoid confusion
@ycombinator ycombinator removed the needs_backport PR is waiting to be backported to other branches. label Jan 15, 2020
leweafan pushed a commit to leweafan/beats that referenced this pull request Apr 28, 2023
@ycombinator
[7.1] Adding JSON paths to FB ES module docs (elastic#12008) (elastic…
caaa414 
…#12030)

* Adding JSON paths to FB ES module docs

* Adding note about ES version

* Apply suggestions from code review

Co-Authored-By: ycombinator <[email protected]>

* Remove mention of *_audit.log to avoid confusion
leweafan pushed a commit to leweafan/beats that referenced this pull request Apr 28, 2023
@ycombinator
[7.0] Adding JSON paths to FB ES module docs (elastic#12008) (elastic…
2beaa6d 
…#12031)

* Adding JSON paths to FB ES module docs

* Adding note about ES version

* Apply suggestions from code review

Co-Authored-By: ycombinator <[email protected]>

* Remove mention of *_audit.log to avoid confusion
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dedemorton dedemorton dedemorton approved these changes

@weltenwort weltenwort weltenwort approved these changes

@cachedout cachedout cachedout approved these changes

Assignees
No one assigned
Labels
docs Feature:Stack Monitoring Filebeat Filebeat module review v7.0.2 v7.1.0 v7.2.0 v8.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update default paths in ES Filebeat module docs
5 participants
@ycombinator @elasticmachine @cachedout @weltenwort @dedemorton