From 7ad0456c7c46e679059f279bf8d28be84cc68a0b Mon Sep 17 00:00:00 2001 From: Panos Koutsovasilis Date: Tue, 7 Jan 2025 18:57:02 +0200 Subject: [PATCH] [k8s] fix hints stream missing ids (#6485) * fix: add required ids in hints input streams of type filestream * feat: disable hints default_container_logs when kubernetes integration container logs is enabled --- .../kubernetes-hints-autodiscover/rendered/manifest.yaml | 3 ++- .../examples/multiple-integrations/rendered/manifest.yaml | 3 ++- .../templates/integrations/_kubernetes/_preset_pernode.tpl | 5 +++++ .../elastic-agent-standalone/templates.d/activemq.yml | 2 ++ .../elastic-agent-standalone/templates.d/apache.yml | 2 ++ .../elastic-agent-standalone/templates.d/cassandra.yml | 1 + .../kubernetes/elastic-agent-standalone/templates.d/cef.yml | 1 + .../elastic-agent-standalone/templates.d/checkpoint.yml | 1 + .../elastic-agent-standalone/templates.d/cockroachdb.yml | 1 + .../elastic-agent-standalone/templates.d/container_logs.yml | 3 ++- .../elastic-agent-standalone/templates.d/crowdstrike.yml | 2 ++ .../elastic-agent-standalone/templates.d/cyberarkpas.yml | 1 + .../elastic-agent-standalone/templates.d/elasticsearch.yml | 5 +++++ .../elastic-agent-standalone/templates.d/endpoint.yml | 1 + .../elastic-agent-standalone/templates.d/fireeye.yml | 1 + .../elastic-agent-standalone/templates.d/haproxy.yml | 1 + .../elastic-agent-standalone/templates.d/hashicorp_vault.yml | 2 ++ .../templates.d/hid_bravura_monitor.yml | 1 + .../kubernetes/elastic-agent-standalone/templates.d/iis.yml | 2 ++ .../elastic-agent-standalone/templates.d/infoblox_nios.yml | 1 + .../elastic-agent-standalone/templates.d/iptables.yml | 1 + .../elastic-agent-standalone/templates.d/kafka.yml | 1 + .../elastic-agent-standalone/templates.d/keycloak.yml | 1 + .../elastic-agent-standalone/templates.d/kibana.yml | 2 ++ .../kubernetes/elastic-agent-standalone/templates.d/log.yml | 1 + .../elastic-agent-standalone/templates.d/logstash.yml | 2 ++ .../elastic-agent-standalone/templates.d/mattermost.yml | 1 + .../templates.d/microsoft_sqlserver.yml | 1 + .../elastic-agent-standalone/templates.d/mimecast.yml | 1 + .../elastic-agent-standalone/templates.d/modsecurity.yml | 1 + .../elastic-agent-standalone/templates.d/mongodb.yml | 1 + .../elastic-agent-standalone/templates.d/mysql.yml | 2 ++ .../templates.d/mysql_enterprise.yml | 1 + .../kubernetes/elastic-agent-standalone/templates.d/nats.yml | 1 + .../elastic-agent-standalone/templates.d/netflow.yml | 1 + .../elastic-agent-standalone/templates.d/nginx.yml | 2 ++ .../templates.d/nginx_ingress_controller.yml | 2 ++ .../elastic-agent-standalone/templates.d/oracle.yml | 1 + .../kubernetes/elastic-agent-standalone/templates.d/panw.yml | 1 + .../elastic-agent-standalone/templates.d/panw_cortex_xdr.yml | 1 + .../elastic-agent-standalone/templates.d/pfsense.yml | 1 + .../elastic-agent-standalone/templates.d/postgresql.yml | 1 + .../elastic-agent-standalone/templates.d/prometheus.yml | 1 + .../elastic-agent-standalone/templates.d/qnap_nas.yml | 1 + .../elastic-agent-standalone/templates.d/rabbitmq.yml | 1 + .../elastic-agent-standalone/templates.d/redis.yml | 1 + .../elastic-agent-standalone/templates.d/santa.yml | 1 + .../templates.d/security_detection_engine.yml | 1 + .../elastic-agent-standalone/templates.d/sentinel_one.yml | 1 + .../elastic-agent-standalone/templates.d/snort.yml | 1 + .../kubernetes/elastic-agent-standalone/templates.d/snyk.yml | 1 + .../kubernetes/elastic-agent-standalone/templates.d/stan.yml | 1 + .../elastic-agent-standalone/templates.d/suricata.yml | 1 + .../templates.d/symantec_endpoint.yml | 1 + .../elastic-agent-standalone/templates.d/synthetics.yml | 1 + .../kubernetes/elastic-agent-standalone/templates.d/tcp.yml | 1 + .../elastic-agent-standalone/templates.d/tomcat.yml | 1 + .../elastic-agent-standalone/templates.d/traefik.yml | 1 + .../kubernetes/elastic-agent-standalone/templates.d/udp.yml | 1 + .../kubernetes/elastic-agent-standalone/templates.d/zeek.yml | 1 + .../elastic-agent-standalone/templates.d/zookeeper.yml | 1 + 61 files changed, 82 insertions(+), 3 deletions(-) diff --git a/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml b/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml index e9b272adf20..8424c27549a 100644 --- a/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml +++ b/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml @@ -564,6 +564,7 @@ stringData: providers: kubernetes: hints: + default_container_logs: false enabled: true node: ${NODE_NAME} scope: node @@ -1081,7 +1082,7 @@ spec: labels: name: agent-pernode-example annotations: - checksum/config: 0df24cb5f7362916ba8cb10621b123918f22f52a7ce9f0b0514c5983de6d06f3 + checksum/config: daca0d998edb3afa587d96e69b0833f6919ca6ba72f58f3a1f83b22d7e5ffaf6 spec: automountServiceAccountToken: true containers: diff --git a/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml b/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml index 5529f8f49db..7112acb1caf 100644 --- a/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml +++ b/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml @@ -590,6 +590,7 @@ stringData: providers: kubernetes: hints: + default_container_logs: false enabled: true node: ${NODE_NAME} scope: node @@ -1107,7 +1108,7 @@ spec: labels: name: agent-pernode-example annotations: - checksum/config: 0df24cb5f7362916ba8cb10621b123918f22f52a7ce9f0b0514c5983de6d06f3 + checksum/config: daca0d998edb3afa587d96e69b0833f6919ca6ba72f58f3a1f83b22d7e5ffaf6 spec: automountServiceAccountToken: true containers: diff --git a/deploy/helm/elastic-agent/templates/integrations/_kubernetes/_preset_pernode.tpl b/deploy/helm/elastic-agent/templates/integrations/_kubernetes/_preset_pernode.tpl index 3feb3f9f60d..26a29356f4c 100644 --- a/deploy/helm/elastic-agent/templates/integrations/_kubernetes/_preset_pernode.tpl +++ b/deploy/helm/elastic-agent/templates/integrations/_kubernetes/_preset_pernode.tpl @@ -65,6 +65,11 @@ providers: kubernetes: hints: enabled: true +{{- if (eq $.Values.kubernetes.containers.logs.enabled false) }} + default_container_logs: true +{{- else }} + default_container_logs: false +{{- end }} {{- end -}} {{- define "elasticagent.kubernetes.pernode.preset.tolerations" -}} diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/activemq.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/activemq.yml index 742df26feda..705f3370e7b 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/activemq.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/activemq.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.activemq.audit.enabled} == true or ${kubernetes.hints.activemq.enabled} == true + id: filestream-activemq-audit-${kubernetes.hints.container_id} data_stream: dataset: activemq.audit type: logs @@ -27,6 +28,7 @@ inputs: - forwarded - activemq-audit - condition: ${kubernetes.hints.activemq.log.enabled} == true or ${kubernetes.hints.activemq.enabled} == true + id: filestream-activemq-log-${kubernetes.hints.container_id} data_stream: dataset: activemq.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/apache.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/apache.yml index 3520dca77fc..26de98f64c5 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/apache.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/apache.yml @@ -103,6 +103,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.apache.access.enabled} == true or ${kubernetes.hints.apache.enabled} == true + id: filestream-apache-access-${kubernetes.hints.container_id} data_stream: dataset: apache.access type: logs @@ -124,6 +125,7 @@ inputs: tags: - apache-access - condition: ${kubernetes.hints.apache.error.enabled} == true or ${kubernetes.hints.apache.enabled} == true + id: filestream-apache-error-${kubernetes.hints.container_id} data_stream: dataset: apache.error type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cassandra.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cassandra.yml index 5d15a8122ea..8eef2d1978c 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/cassandra.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/cassandra.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.cassandra.log.enabled} == true or ${kubernetes.hints.cassandra.enabled} == true + id: filestream-cassandra-log-${kubernetes.hints.container_id} data_stream: dataset: cassandra.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml index e4c87ed361e..4f02183a9a3 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml @@ -26,6 +26,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.cef.log.enabled} == true or ${kubernetes.hints.cef.enabled} == true + id: filestream-cef-log-${kubernetes.hints.container_id} data_stream: dataset: cef.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/checkpoint.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/checkpoint.yml index 155b98f8699..3685cdc69e6 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/checkpoint.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/checkpoint.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.checkpoint.firewall.enabled} == true or ${kubernetes.hints.checkpoint.enabled} == true + id: filestream-checkpoint-firewall-${kubernetes.hints.container_id} data_stream: dataset: checkpoint.firewall type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cockroachdb.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cockroachdb.yml index c26e8512a12..e9dfc83eb06 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/cockroachdb.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/cockroachdb.yml @@ -28,6 +28,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.cockroachdb.container_logs.enabled} == true + id: filestream-cockroachdb-logs-${kubernetes.hints.container_id} data_stream: dataset: cockroachdb.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/container_logs.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/container_logs.yml index b5fae6c8f54..568b6e7ec7a 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/container_logs.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/container_logs.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.container_logs.enabled} == true + id: hints-filestream-container-logs-${kubernetes.hints.container_id} data_stream: dataset: kubernetes.container_logs type: logs @@ -17,4 +18,4 @@ inputs: prospector: scanner: symlinks: true - data_stream.namespace: default \ No newline at end of file + data_stream.namespace: default diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/crowdstrike.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/crowdstrike.yml index 1f1319c5ce7..8699b4d6366 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/crowdstrike.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/crowdstrike.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.crowdstrike.falcon.enabled} == true or ${kubernetes.hints.crowdstrike.enabled} == true + id: filestream-crowdstrike-falcon-${kubernetes.hints.container_id} data_stream: dataset: crowdstrike.falcon type: logs @@ -32,6 +33,7 @@ inputs: - forwarded - crowdstrike-falcon - condition: ${kubernetes.hints.crowdstrike.fdr.enabled} == true or ${kubernetes.hints.crowdstrike.enabled} == true + id: filestream-crowdstrike-fdr-${kubernetes.hints.container_id} data_stream: dataset: crowdstrike.fdr type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cyberarkpas.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cyberarkpas.yml index a9adaaf36a1..3363ddf1cd5 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/cyberarkpas.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/cyberarkpas.yml @@ -39,6 +39,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.cyberarkpas.audit.enabled} == true and ${kubernetes.hints.cyberarkpas.enabled} == true + id: filestream-cyberarkpas-audit-${kubernetes.hints.container_id} data_stream: dataset: cyberarkpas.audit type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/elasticsearch.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/elasticsearch.yml index bc00a23cc47..7f4cab7fd21 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/elasticsearch.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/elasticsearch.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.elasticsearch.audit.enabled} == true or ${kubernetes.hints.elasticsearch.enabled} == true + id: filestream-elasticsearch-audit-${kubernetes.hints.container_id} data_stream: dataset: elasticsearch.audit type: logs @@ -49,6 +50,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.elasticsearch.deprecation.enabled} == true or ${kubernetes.hints.elasticsearch.enabled} == true + id: filestream-elasticsearch-deprecation-${kubernetes.hints.container_id} data_stream: dataset: elasticsearch.deprecation type: logs @@ -70,6 +72,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.elasticsearch.gc.enabled} == true or ${kubernetes.hints.elasticsearch.enabled} == true + id: filestream-elasticsearch-gc-${kubernetes.hints.container_id} data_stream: dataset: elasticsearch.gc type: logs @@ -103,6 +106,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.elasticsearch.server.enabled} == true or ${kubernetes.hints.elasticsearch.enabled} == true + id: filestream-elasticsearch-server-${kubernetes.hints.container_id} data_stream: dataset: elasticsearch.server type: logs @@ -125,6 +129,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.elasticsearch.slowlog.enabled} == true or ${kubernetes.hints.elasticsearch.enabled} == true + id: filestream-elasticsearch-slowlog-${kubernetes.hints.container_id} data_stream: dataset: elasticsearch.slowlog type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/endpoint.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/endpoint.yml index ffd93d407fd..23f5ae65dcb 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/endpoint.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/endpoint.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.endpoint.container_logs.enabled} == true + id: filestream-endpoint-logs-${kubernetes.hints.container_id} data_stream: dataset: endpoint.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/fireeye.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/fireeye.yml index 5ce213a2ff1..68084abfc7c 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/fireeye.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/fireeye.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.fireeye.nx.enabled} == true or ${kubernetes.hints.fireeye.enabled} == true + id: filestream-fireeye-nx-${kubernetes.hints.container_id} data_stream: dataset: fireeye.nx type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/haproxy.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/haproxy.yml index be3b22b57ac..07cee4332df 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/haproxy.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/haproxy.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.haproxy.log.enabled} == true or ${kubernetes.hints.haproxy.enabled} == true + id: filestream-haproxy-log-${kubernetes.hints.container_id} data_stream: dataset: haproxy.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/hashicorp_vault.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/hashicorp_vault.yml index cc2249d1b6e..508250817fc 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/hashicorp_vault.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/hashicorp_vault.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.hashicorp_vault.audit.enabled} == true or ${kubernetes.hints.hashicorp_vault.enabled} == true + id: filestream-hashicorp_vault-audit-${kubernetes.hints.container_id} data_stream: dataset: hashicorp_vault.audit type: logs @@ -26,6 +27,7 @@ inputs: tags: - hashicorp-vault-audit - condition: ${kubernetes.hints.hashicorp_vault.log.enabled} == true or ${kubernetes.hints.hashicorp_vault.enabled} == true + id: filestream-hashicorp_vault-log-${kubernetes.hints.container_id} data_stream: dataset: hashicorp_vault.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/hid_bravura_monitor.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/hid_bravura_monitor.yml index 92907934bce..baa241dc5be 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/hid_bravura_monitor.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/hid_bravura_monitor.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.hid_bravura_monitor.log.enabled} == true or ${kubernetes.hints.hid_bravura_monitor.enabled} == true + id: filestream-hid_bravura_monitor-log-${kubernetes.hints.container_id} data_stream: dataset: hid_bravura_monitor.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/iis.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/iis.yml index 7708e49d3e5..7e5998e836e 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/iis.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/iis.yml @@ -32,6 +32,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.iis.access.enabled} == true or ${kubernetes.hints.iis.enabled} == true + id: filestream-iis-access-${kubernetes.hints.container_id} data_stream: dataset: iis.access type: logs @@ -56,6 +57,7 @@ inputs: tags: - iis-access - condition: ${kubernetes.hints.iis.error.enabled} == true or ${kubernetes.hints.iis.enabled} == true + id: filestream-iis-error-${kubernetes.hints.container_id} data_stream: dataset: iis.error type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/infoblox_nios.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/infoblox_nios.yml index 98c63da565a..e1091058ced 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/infoblox_nios.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/infoblox_nios.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.infoblox_nios.log.enabled} == true or ${kubernetes.hints.infoblox_nios.enabled} == true + id: filestream-infoblox_nios-log-${kubernetes.hints.container_id} data_stream: dataset: infoblox_nios.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/iptables.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/iptables.yml index 4455b0bcb22..bbc5d7f6079 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/iptables.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/iptables.yml @@ -21,6 +21,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.iptables.log.enabled} == true and ${kubernetes.hints.iptables.enabled} == true + id: filestream-iptables-log-${kubernetes.hints.container_id} data_stream: dataset: iptables.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/kafka.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/kafka.yml index 3532eba99f9..57ab4d3d522 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/kafka.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/kafka.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.kafka.log.enabled} == true or ${kubernetes.hints.kafka.enabled} == true + id: filestream-kafka-log-${kubernetes.hints.container_id} data_stream: dataset: kafka.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/keycloak.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/keycloak.yml index b9b37780589..b0e434c6a71 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/keycloak.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/keycloak.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.keycloak.log.enabled} == true or ${kubernetes.hints.keycloak.enabled} == true + id: filestream-keycloak-log-${kubernetes.hints.container_id} data_stream: dataset: keycloak.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/kibana.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/kibana.yml index bf5e5e33465..a2c61085f76 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/kibana.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/kibana.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.kibana.audit.enabled} == true or ${kubernetes.hints.kibana.enabled} == true + id: filestream-kibana-audit-${kubernetes.hints.container_id} data_stream: dataset: kibana.audit type: logs @@ -24,6 +25,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.kibana.log.enabled} == true or ${kubernetes.hints.kibana.enabled} == true + id: filestream-kibana-log-${kubernetes.hints.container_id} data_stream: dataset: kibana.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/log.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/log.yml index 2c5f2136097..308a8ef5f66 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/log.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/log.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.log.container_logs.enabled} == true + id: filestream-log-${kubernetes.hints.container_id} data_stream: dataset: log.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/logstash.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/logstash.yml index 7b889c42cf4..71eb8daa365 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/logstash.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/logstash.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.logstash.log.enabled} == true or ${kubernetes.hints.logstash.enabled} == true + id: filestream-logstash-log-${kubernetes.hints.container_id} data_stream: dataset: logstash.log type: logs @@ -34,6 +35,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.logstash.slowlog.enabled} == true or ${kubernetes.hints.logstash.enabled} == true + id: filestream-logstash-slowlog-${kubernetes.hints.container_id} data_stream: dataset: logstash.slowlog type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/mattermost.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/mattermost.yml index 10b05293429..47c9deac4f7 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/mattermost.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/mattermost.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.mattermost.audit.enabled} == true or ${kubernetes.hints.mattermost.enabled} == true + id: filestream-mattermost-audit-${kubernetes.hints.container_id} data_stream: dataset: mattermost.audit type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/microsoft_sqlserver.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/microsoft_sqlserver.yml index 0a5ab1ef6cd..533288fabf2 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/microsoft_sqlserver.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/microsoft_sqlserver.yml @@ -18,6 +18,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.microsoft_sqlserver.log.enabled} == true or ${kubernetes.hints.microsoft_sqlserver.enabled} == true + id: filestream-microsoft_sqlserver-log-${kubernetes.hints.container_id} data_stream: dataset: microsoft_sqlserver.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/mimecast.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/mimecast.yml index 1e029fbba34..cfac8191fcd 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/mimecast.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/mimecast.yml @@ -1073,6 +1073,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.mimecast.container_logs.enabled} == true + id: filestream-mimecast-logs-${kubernetes.hints.container_id} data_stream: dataset: mimecast.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/modsecurity.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/modsecurity.yml index cc55ebbcf73..ea42ac05348 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/modsecurity.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/modsecurity.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.modsecurity.auditlog.enabled} == true or ${kubernetes.hints.modsecurity.enabled} == true + id: filestream-modsecurity-auditlog-${kubernetes.hints.container_id} data_stream: dataset: modsecurity.auditlog type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/mongodb.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/mongodb.yml index b0bd0b07245..81f765e08a5 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/mongodb.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/mongodb.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.mongodb.log.enabled} == true or ${kubernetes.hints.mongodb.enabled} == true + id: filestream-mongodb-log-${kubernetes.hints.container_id} data_stream: dataset: mongodb.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql.yml index b21edd74269..f4694996e70 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.mysql.error.enabled} == true or ${kubernetes.hints.mysql.enabled} == true + id: filestream-mysql-error-${kubernetes.hints.container_id} data_stream: dataset: mysql.error type: logs @@ -30,6 +31,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.mysql.slowlog.enabled} == true or ${kubernetes.hints.mysql.enabled} == true + id: filestream-mysql-slowlog-${kubernetes.hints.container_id} data_stream: dataset: mysql.slowlog type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql_enterprise.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql_enterprise.yml index e3aca3b5b7c..474a22d7551 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql_enterprise.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql_enterprise.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.mysql_enterprise.audit.enabled} == true or ${kubernetes.hints.mysql_enterprise.enabled} == true + id: filestream-mysql_enterprise-audit-${kubernetes.hints.container_id} data_stream: dataset: mysql_enterprise.audit type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/nats.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/nats.yml index c75da289568..fb5ed78e744 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/nats.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/nats.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.nats.log.enabled} == true or ${kubernetes.hints.nats.enabled} == true + id: filestream-nats-log-${kubernetes.hints.container_id} data_stream: dataset: nats.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/netflow.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/netflow.yml index b43760795e5..e3b8d52c520 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/netflow.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/netflow.yml @@ -32,6 +32,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.netflow.container_logs.enabled} == true + id: filestream-netflow-logs-${kubernetes.hints.container_id} data_stream: dataset: netflow.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx.yml index 930171a10de..302b90fe4f2 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.nginx.access.enabled} == true or ${kubernetes.hints.nginx.enabled} == true + id: filestream-nginx-access-${kubernetes.hints.container_id} data_stream: dataset: nginx.access type: logs @@ -29,6 +30,7 @@ inputs: tags: - nginx-access - condition: ${kubernetes.hints.nginx.error.enabled} == true or ${kubernetes.hints.nginx.enabled} == true + id: filestream-nginx-error-${kubernetes.hints.container_id} data_stream: dataset: nginx.error type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx_ingress_controller.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx_ingress_controller.yml index f3f3941190c..d09cb07c4be 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx_ingress_controller.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx_ingress_controller.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.nginx_ingress_controller.access.enabled} == true or ${kubernetes.hints.nginx_ingress_controller.enabled} == true + id: filestream-nginx_ingress_controller-access-${kubernetes.hints.container_id} data_stream: dataset: nginx_ingress_controller.access type: logs @@ -22,6 +23,7 @@ inputs: tags: - nginx-ingress-controller-access - condition: ${kubernetes.hints.nginx_ingress_controller.error.enabled} == true or ${kubernetes.hints.nginx_ingress_controller.enabled} == true + id: filestream-nginx_ingress_controller-error-${kubernetes.hints.container_id} data_stream: dataset: nginx_ingress_controller.error type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/oracle.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/oracle.yml index e5dac21fdf8..f4f78a64c89 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/oracle.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/oracle.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.oracle.database_audit.enabled} == true or ${kubernetes.hints.oracle.enabled} == true + id: filestream-oracle-audit-${kubernetes.hints.container_id} data_stream: dataset: oracle.database_audit type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/panw.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/panw.yml index 76bf6396568..9f7fab75039 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/panw.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/panw.yml @@ -78,6 +78,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.panw.panos.enabled} == true or ${kubernetes.hints.panw.enabled} == true + id: filestream-panw-panos-${kubernetes.hints.container_id} data_stream: dataset: panw.panos type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/panw_cortex_xdr.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/panw_cortex_xdr.yml index b5aa8858c7e..5ef73bbc1c1 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/panw_cortex_xdr.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/panw_cortex_xdr.yml @@ -74,6 +74,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.panw_cortex_xdr.container_logs.enabled} == true + id: filestream-panw_cortex_xdr-logs-${kubernetes.hints.container_id} data_stream: dataset: panw_cortex_xdr.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/pfsense.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/pfsense.yml index f21316d7581..ff46d3658d3 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/pfsense.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/pfsense.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.pfsense.container_logs.enabled} == true + id: filestream-pfsense-logs-${kubernetes.hints.container_id} data_stream: dataset: pfsense.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/postgresql.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/postgresql.yml index 8099386204d..444a71aa78a 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/postgresql.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/postgresql.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.postgresql.log.enabled} == true or ${kubernetes.hints.postgresql.enabled} == true + id: filestream-postgresql-log-${kubernetes.hints.container_id} data_stream: dataset: postgresql.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/prometheus.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/prometheus.yml index 43c1ade916a..8b146c45e88 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/prometheus.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/prometheus.yml @@ -72,6 +72,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.prometheus.container_logs.enabled} == true + id: filestream-prometheus-logs-${kubernetes.hints.container_id} data_stream: dataset: prometheus.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/qnap_nas.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/qnap_nas.yml index 792f25ecc22..26f6815ae98 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/qnap_nas.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/qnap_nas.yml @@ -45,6 +45,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.qnap_nas.container_logs.enabled} == true + id: filestream-qnap_nas-logs-${kubernetes.hints.container_id} data_stream: dataset: qnap_nas.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/rabbitmq.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/rabbitmq.yml index 075f51fdb1f..57781776de2 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/rabbitmq.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/rabbitmq.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.rabbitmq.log.enabled} == true or ${kubernetes.hints.rabbitmq.enabled} == true + id: filestream-rabbitmq-log-${kubernetes.hints.container_id} data_stream: dataset: rabbitmq.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/redis.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/redis.yml index a1321a6880c..be47c78ebd6 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/redis.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/redis.yml @@ -66,6 +66,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.redis.log.enabled} == true or ${kubernetes.hints.redis.enabled} == true + id: filestream-redis-log-${kubernetes.hints.container_id} data_stream: dataset: redis.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/santa.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/santa.yml index ca4282d7036..50073bc9d0b 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/santa.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/santa.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.santa.log.enabled} == true or ${kubernetes.hints.santa.enabled} == true + id: filestream-santa-log-${kubernetes.hints.container_id} data_stream: dataset: santa.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/security_detection_engine.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/security_detection_engine.yml index 73688205194..d7093d67945 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/security_detection_engine.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/security_detection_engine.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.security_detection_engine.container_logs.enabled} == true + id: filestream-security_detection_engine-logs-${kubernetes.hints.container_id} data_stream: dataset: security_detection_engine.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/sentinel_one.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/sentinel_one.yml index 7e7c6e3de88..665f98dfada 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/sentinel_one.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/sentinel_one.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.sentinel_one.container_logs.enabled} == true + id: filestream-sentinel_one-logs-${kubernetes.hints.container_id} data_stream: dataset: sentinel_one.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/snort.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/snort.yml index f08e0fb0c69..a0356ad68a0 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/snort.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/snort.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.snort.log.enabled} == true or ${kubernetes.hints.snort.enabled} == true + id: filestream-snort-log-${kubernetes.hints.container_id} data_stream: dataset: snort.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/snyk.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/snyk.yml index 990c39b9f14..6b177c3f010 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/snyk.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/snyk.yml @@ -123,6 +123,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.snyk.container_logs.enabled} == true + id: filestream-snyk-logs-${kubernetes.hints.container_id} data_stream: dataset: snyk.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/stan.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/stan.yml index 39de591c936..73d7d36a088 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/stan.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/stan.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.stan.log.enabled} == true or ${kubernetes.hints.stan.enabled} == true + id: filestream-stan-log-${kubernetes.hints.container_id} data_stream: dataset: stan.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/suricata.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/suricata.yml index a25c2eb659c..7aa83d832f2 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/suricata.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/suricata.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.suricata.eve.enabled} == true or ${kubernetes.hints.suricata.enabled} == true + id: filestream-suricata-eve-${kubernetes.hints.container_id} data_stream: dataset: suricata.eve type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/symantec_endpoint.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/symantec_endpoint.yml index 83e8671e3b3..e63c9dd5a23 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/symantec_endpoint.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/symantec_endpoint.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.symantec_endpoint.log.enabled} == true and ${kubernetes.hints.symantec_endpoint.enabled} == true + id: filestream-symantec_endpoint-log-${kubernetes.hints.container_id} data_stream: dataset: symantec_endpoint.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/synthetics.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/synthetics.yml index 5127a4ba11d..a55075a4b96 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/synthetics.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/synthetics.yml @@ -117,6 +117,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.synthetics.container_logs.enabled} == true + id: filestream-synthetics-logs-${kubernetes.hints.container_id} data_stream: dataset: synthetics.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/tcp.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/tcp.yml index 80f4f2062c3..17cfec417ae 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/tcp.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/tcp.yml @@ -17,6 +17,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.tcp.container_logs.enabled} == true + id: filestream-tcp-${kubernetes.hints.container_id} data_stream: dataset: tcp.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/tomcat.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/tomcat.yml index 4b9422213e0..bff621cec9c 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/tomcat.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/tomcat.yml @@ -5531,6 +5531,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.tomcat.log.enabled} == true and ${kubernetes.hints.tomcat.enabled} == true + id: filestream-tomcat-log-${kubernetes.hints.container_id} data_stream: dataset: tomcat.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/traefik.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/traefik.yml index b485c4cbed5..9095672680a 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/traefik.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/traefik.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.traefik.access.enabled} == true or ${kubernetes.hints.traefik.enabled} == true + id: filestream-traefik-access-${kubernetes.hints.container_id} data_stream: dataset: traefik.access type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/udp.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/udp.yml index 1204c4e7e9c..453d0c3a48c 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/udp.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/udp.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.udp.container_logs.enabled} == true + id: filestream-udp-logs-${kubernetes.hints.container_id} data_stream: dataset: udp.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/zeek.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/zeek.yml index eac5df1c517..cc75cc08e5e 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/zeek.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/zeek.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.zeek.capture_loss.enabled} == true or ${kubernetes.hints.zeek.enabled} == true + id: filestream-zeek-loss-${kubernetes.hints.container_id} data_stream: dataset: zeek.capture_loss type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/zookeeper.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/zookeeper.yml index fa7f8e54e7a..dfe324275cc 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/zookeeper.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/zookeeper.yml @@ -38,6 +38,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.zookeeper.container_logs.enabled} == true + id: filestream-zookeeper-logs-${kubernetes.hints.container_id} data_stream: dataset: zookeeper.container_logs type: logs