Add http.request.mehod to Kibana log filset (#7607)

Take `http.request.method` from ECS and apply it to the Kibana fileset. Additional logs are added to the example log files.
elastic · Jul 18, 2018 · 5eaf0b6 · 5eaf0b6
1 parent c0a8e17
commit 5eaf0b6
Show file tree

Hide file tree

Showing 6 changed files with 63 additions and 2 deletions.
diff --git a/filebeat/_meta/fields.common.yml b/filebeat/_meta/fields.common.yml
@@ -131,3 +131,7 @@
       description: >
         Content length of the HTTP response body.
 
+    - name: http.request.method
+      type: keyword
+      description: >
+        Request method.
diff --git a/filebeat/docs/fields.asciidoc b/filebeat/docs/fields.asciidoc
@@ -2651,6 +2651,16 @@ type: long
 Content length of the HTTP response body.
 
 
+--
+
+*`http.request.method`*::
++
+--
+type: keyword
+
+Request method.
+
+
 --
 
 [[exported-fields-logstash]]

diff --git a/filebeat/include/fields.go b/filebeat/include/fields.go
diff --git a/filebeat/module/kibana/log/ingest/pipeline.json b/filebeat/module/kibana/log/ingest/pipeline.json
@@ -67,6 +67,13 @@
                 "ignore_missing": true
             }
         },
+        {
+            "rename": {
+                "field": "kibana.log.meta.req.method",
+                "target_field": "http.request.method",
+                "ignore_missing": true
+            }
+        },
         {
             "date": {
                 "field": "read_timestamp",

diff --git a/filebeat/module/kibana/log/test/test.log b/filebeat/module/kibana/log/test/test.log
@@ -1 +1,3 @@
 {"type":"response","@timestamp":"2018-05-09T10:57:55Z","tags":[],"pid":69410,"method":"get","statusCode":304,"req":{"url":"/ui/fonts/open_sans/open_sans_v15_latin_600.woff2","method":"get","headers":{"host":"localhost:5601","connection":"keep-alive","origin":"http://localhost:5601","user-agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36","accept":"*/*","referer":"http://localhost:5601/app/kibana","accept-encoding":"gzip, deflate, br","accept-language":"en-US,en;q=0.9,de;q=0.8","if-none-match":"\"24234c1c81b3948758c1a0be8e5a65386ca94c52\"","if-modified-since":"Thu, 03 May 2018 09:45:28 GMT"},"remoteAddress":"127.0.0.1","userAgent":"127.0.0.1","referer":"http://localhost:5601/app/kibana"},"res":{"statusCode":304,"responseTime":26,"contentLength":9},"message":"GET /ui/fonts/open_sans/open_sans_v15_latin_600.woff2 304 26ms - 9.0B"}
+{"type":"log","@timestamp":"2018-05-09T10:59:12Z","tags":["debug","monitoring-ui","kibana-monitoring"],"pid":69776,"message":"Fetching data from kibana_stats collector"}
+{"type":"log","@timestamp":"2018-05-09T10:59:12Z","tags":["reporting","debug","exportTypes"],"pid":69776,"message":"Found exportType at /Users/ruflin/Downloads/6.3/kibana-6.3.0-darwin-x86_64/node_modules/x-pack/plugins/reporting/export_types/csv/server/index.js"}
diff --git a/filebeat/module/kibana/log/test/test.log-expected.json b/filebeat/module/kibana/log/test/test.log-expected.json
@@ -3,6 +3,7 @@
         "@timestamp": "2018-05-09T10:57:55.000Z", 
         "fileset.module": "kibana", 
         "fileset.name": "log", 
+        "http.request.method": "get", 
         "http.response.content_length": 9, 
         "http.response.elapsed_time": 26, 
         "http.response.status_code": 304, 
@@ -18,7 +19,6 @@
         "kibana.log.meta.req.headers.origin": "http://localhost:5601", 
         "kibana.log.meta.req.headers.referer": "http://localhost:5601/app/kibana", 
         "kibana.log.meta.req.headers.user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36", 
-        "kibana.log.meta.req.method": "get", 
         "kibana.log.meta.req.referer": "http://localhost:5601/app/kibana", 
         "kibana.log.meta.req.remoteAddress": "127.0.0.1", 
         "kibana.log.meta.req.url": "/ui/fonts/open_sans/open_sans_v15_latin_600.woff2", 
@@ -33,5 +33,43 @@
         "service.name": [
             "kibana"
         ]
+    }, 
+    {
+        "@timestamp": "2018-05-09T10:59:12.000Z", 
+        "fileset.module": "kibana", 
+        "fileset.name": "log", 
+        "input.type": "log", 
+        "kibana.log.meta.type": "log", 
+        "kibana.log.tags": [
+            "debug", 
+            "monitoring-ui", 
+            "kibana-monitoring"
+        ], 
+        "message": "Fetching data from kibana_stats collector", 
+        "offset": 920, 
+        "process.pid": 69776, 
+        "prospector.type": "log", 
+        "service.name": [
+            "kibana"
+        ]
+    }, 
+    {
+        "@timestamp": "2018-05-09T10:59:12.000Z", 
+        "fileset.module": "kibana", 
+        "fileset.name": "log", 
+        "input.type": "log", 
+        "kibana.log.meta.type": "log", 
+        "kibana.log.tags": [
+            "reporting", 
+            "debug", 
+            "exportTypes"
+        ], 
+        "message": "Found exportType at /Users/ruflin/Downloads/6.3/kibana-6.3.0-darwin-x86_64/node_modules/x-pack/plugins/reporting/export_types/csv/server/index.js", 
+        "offset": 1090, 
+        "process.pid": 69776, 
+        "prospector.type": "log", 
+        "service.name": [
+            "kibana"
+        ]
     }
 ]