From 1a48236cede4a9a34adfd447f3994debb3c68acf Mon Sep 17 00:00:00 2001 From: Jonathan Rosser Date: Tue, 25 Sep 2018 13:32:01 +0100 Subject: [PATCH] Add host metadata to core beats output This change adds fields such as host OS, version and platform to the core beats output, giving extra query/filter capabilities. Change-Id: Iff61bb4402eaa45b8f1c134a6a39cebe6613cbf3 --- .../roles/elastic_auditbeat/templates/auditbeat.yml.j2 | 3 ++- .../roles/elastic_filebeat/templates/filebeat.yml.j2 | 2 ++ .../roles/elastic_heartbeat/templates/heartbeat.yml.j2 | 2 ++ .../roles/elastic_metricbeat/templates/metricbeat.yml.j2 | 3 +++ .../roles/elastic_packetbeat/templates/packetbeat.yml.j2 | 2 ++ 5 files changed, 11 insertions(+), 1 deletion(-) diff --git a/elk_metrics_6x/roles/elastic_auditbeat/templates/auditbeat.yml.j2 b/elk_metrics_6x/roles/elastic_auditbeat/templates/auditbeat.yml.j2 index e8cef944..55621948 100644 --- a/elk_metrics_6x/roles/elastic_auditbeat/templates/auditbeat.yml.j2 +++ b/elk_metrics_6x/roles/elastic_auditbeat/templates/auditbeat.yml.j2 @@ -244,7 +244,8 @@ auditbeat.modules: # #processors: #- add_docker_metadata: ~ -#- add_host_metadata: ~ +processors: +- add_host_metadata: ~ #============================= Elastic Cloud ================================== diff --git a/elk_metrics_6x/roles/elastic_filebeat/templates/filebeat.yml.j2 b/elk_metrics_6x/roles/elastic_filebeat/templates/filebeat.yml.j2 index 5c50c138..b1071607 100644 --- a/elk_metrics_6x/roles/elastic_filebeat/templates/filebeat.yml.j2 +++ b/elk_metrics_6x/roles/elastic_filebeat/templates/filebeat.yml.j2 @@ -1420,6 +1420,8 @@ tags: # #processors: #- add_docker_metadata: ~ +processors: +- add_host_metadata: ~ #============================= Elastic Cloud ================================== diff --git a/elk_metrics_6x/roles/elastic_heartbeat/templates/heartbeat.yml.j2 b/elk_metrics_6x/roles/elastic_heartbeat/templates/heartbeat.yml.j2 index 5d8fd170..732acae4 100644 --- a/elk_metrics_6x/roles/elastic_heartbeat/templates/heartbeat.yml.j2 +++ b/elk_metrics_6x/roles/elastic_heartbeat/templates/heartbeat.yml.j2 @@ -356,6 +356,8 @@ heartbeat.scheduler: # #processors: #- add_docker_metadata: ~ +processors: +- add_host_metadata: ~ #============================= Elastic Cloud ================================== diff --git a/elk_metrics_6x/roles/elastic_metricbeat/templates/metricbeat.yml.j2 b/elk_metrics_6x/roles/elastic_metricbeat/templates/metricbeat.yml.j2 index b490d249..152a1bcd 100644 --- a/elk_metrics_6x/roles/elastic_metricbeat/templates/metricbeat.yml.j2 +++ b/elk_metrics_6x/roles/elastic_metricbeat/templates/metricbeat.yml.j2 @@ -665,6 +665,9 @@ metricbeat.modules: ##processors: ##- add_docker_metadata: ~ # +processors: +- add_host_metadata: ~ + ##============================= Elastic Cloud ================================== # ## These settings simplify using metricbeat with the Elastic Cloud (https://cloud.elastic.co/). diff --git a/elk_metrics_6x/roles/elastic_packetbeat/templates/packetbeat.yml.j2 b/elk_metrics_6x/roles/elastic_packetbeat/templates/packetbeat.yml.j2 index 17796b68..3f779a8d 100644 --- a/elk_metrics_6x/roles/elastic_packetbeat/templates/packetbeat.yml.j2 +++ b/elk_metrics_6x/roles/elastic_packetbeat/templates/packetbeat.yml.j2 @@ -634,6 +634,8 @@ packetbeat.protocols: # #processors: #- add_docker_metadata: ~ +processors: +- add_host_metadata: ~ #============================= Elastic Cloud ==================================