From 806abbb6b13f2e3b36b09f9f578cdc0a31743404 Mon Sep 17 00:00:00 2001 From: Rob Waight <43173714+rwaight@users.noreply.github.com> Date: Tue, 17 Mar 2020 17:51:57 -0500 Subject: [PATCH 1/3] Update filebeat/docs/modules/auditd.asciidoc Update `filebeat/docs/modules/auditd.asciidoc` - Add note regarding capabilities of the Filebeat auditd module --- filebeat/docs/modules/auditd.asciidoc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/filebeat/docs/modules/auditd.asciidoc b/filebeat/docs/modules/auditd.asciidoc index f24f087e514..75f1764d1a6 100644 --- a/filebeat/docs/modules/auditd.asciidoc +++ b/filebeat/docs/modules/auditd.asciidoc @@ -11,6 +11,8 @@ This file is generated! See scripts/docs_collector.py The +{modulename}+ module collects and parses logs from the audit daemon (`auditd`). +NOTE: While Filebeat is able to parse logs using the `auditd` module, more advanced features are available in {auditbeat-ref}/auditbeat-module-auditd.html[Auditbeat]. + include::../include/what-happens.asciidoc[] include::../include/gs-link.asciidoc[] From 57bc4c49d5eb6ccc3527e3712a7ff9d87b579158 Mon Sep 17 00:00:00 2001 From: DeDe Morton Date: Tue, 26 May 2020 17:39:20 -0700 Subject: [PATCH 2/3] Edit text and run make update --- filebeat/docs/modules/auditd.asciidoc | 4 +++- filebeat/module/auditd/_meta/docs.asciidoc | 4 ++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/filebeat/docs/modules/auditd.asciidoc b/filebeat/docs/modules/auditd.asciidoc index 75f1764d1a6..f8dba65eb99 100644 --- a/filebeat/docs/modules/auditd.asciidoc +++ b/filebeat/docs/modules/auditd.asciidoc @@ -11,7 +11,9 @@ This file is generated! See scripts/docs_collector.py The +{modulename}+ module collects and parses logs from the audit daemon (`auditd`). -NOTE: While Filebeat is able to parse logs using the `auditd` module, more advanced features are available in {auditbeat-ref}/auditbeat-module-auditd.html[Auditbeat]. +NOTE: Although {beatname_uc} is able to parse logs by using the `auditd` module, +{auditbeat-ref}/auditbeat-module-auditd.html[Auditbeat] offers more advanced +features for ingesting audit logs. include::../include/what-happens.asciidoc[] diff --git a/filebeat/module/auditd/_meta/docs.asciidoc b/filebeat/module/auditd/_meta/docs.asciidoc index 0d62f16715f..a24e892b764 100644 --- a/filebeat/module/auditd/_meta/docs.asciidoc +++ b/filebeat/module/auditd/_meta/docs.asciidoc @@ -6,6 +6,10 @@ The +{modulename}+ module collects and parses logs from the audit daemon (`auditd`). +NOTE: Although {beatname_uc} is able to parse logs by using the `auditd` module, +{auditbeat-ref}/auditbeat-module-auditd.html[{auditbeat}] offers more advanced +features for monitoring audit logs. + include::../include/what-happens.asciidoc[] include::../include/gs-link.asciidoc[] From c2a24d0d2d5c6ceee1196039382e7a4a368081bb Mon Sep 17 00:00:00 2001 From: DeDe Morton Date: Tue, 26 May 2020 18:06:34 -0700 Subject: [PATCH 3/3] Run make update again --- filebeat/docs/modules/auditd.asciidoc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/filebeat/docs/modules/auditd.asciidoc b/filebeat/docs/modules/auditd.asciidoc index f8dba65eb99..670269248f1 100644 --- a/filebeat/docs/modules/auditd.asciidoc +++ b/filebeat/docs/modules/auditd.asciidoc @@ -12,8 +12,8 @@ The +{modulename}+ module collects and parses logs from the audit daemon (`auditd`). NOTE: Although {beatname_uc} is able to parse logs by using the `auditd` module, -{auditbeat-ref}/auditbeat-module-auditd.html[Auditbeat] offers more advanced -features for ingesting audit logs. +{auditbeat-ref}/auditbeat-module-auditd.html[{auditbeat}] offers more advanced +features for monitoring audit logs. include::../include/what-happens.asciidoc[]