Add autodiscover for aws_ec2 #14823

kaiyan-sheng · 2019-11-27T14:56:18Z

This PR is to add aws_ec2 as a new provider for autodiscover. It allows autodiscover to react to EC2 instances status, information currently included in autodiscover events, to be used in autodiscover conditions are:

cloud.availability_zone
cloud.instance.id
cloud.machine.type
cloud.provider
cloud.region

and

aws.ec2.architecture
aws.ec2.image.id
aws.ec2.kernel.id
aws.ec2.monitoring.state
aws.ec2.private.dns_name
aws.ec2.private.ip
aws.ec2.public.dns_name
aws.ec2.public.ip
aws.ec2.root_device_name
aws.ec2.state.code
aws.ec2.state.name
aws.ec2.subnet.id
aws.ec2.tags
aws.ec2.vpc.id

Autodiscover config looks like:

logging.level: debug
metricbeat.autodiscover:
  # List of enabled autodiscover providers
  providers:
    - type: aws_ec2
      period: 1m
      credential_profile_name: elastic-beats
      templates:
        - condition:
            equals:
              aws.ec2.tags.created-by: "ks"
          config:
            - module: mysql
              metricsets: ["status", "galera_status"]
              period: 10s
              hosts: ["tcp(${data.aws.ec2.public.ip}:3306)/"]
              username: kaiyan
              password: kaiyan

TODO List

Documentation
Unit tests
Test with mysql module in Metricbeat

Event generated by autodiscovered mysql:

{
  "_index": "metricbeat-8.0.0-2020.02.05-000001",
  "_type": "_doc",
  "_id": "y5crGHABZy5rQOjN9Rqq",
  "_version": 1,
  "_score": null,
  "_source": {
    "@timestamp": "2020-02-06T01:44:48.040Z",
    "metricset": {
      "period": 10000,
      "name": "status"
    },
    "error": {
      "message": "dial tcp 3.86.223.141:3306: i/o timeout"
    },
    "aws": {
      "ec2": {
        "subnet": {
          "id": "subnet-76404958"
        },
        "public": {
          "dns_name": "ec2-3-86-223-141.compute-1.amazonaws.com",
          "ip": "3.86.223.141"
        },
        "state": {
          "name": "running",
          "code": 16
        },
        "vpc": {
          "id": "vpc-e8722d92"
        },
        "private": {
          "ip": "172.31.81.156",
          "dns_name": "ip-172-31-81-156.ec2.internal"
        },
        "tags": {
          "service": "mysql",
          "Name": "mysql-test",
          "created-by": "ks"
        },
        "root_device_name": "/dev/xvda",
        "monitoring": {
          "state": "disabled"
        },
        "kernel": {
          "id": ""
        },
        "architecture": "x86_64",
        "image": {
          "id": "ami-00068cd7555f543d5"
        }
      }
    },
    "cloud": {
      "region": "us-east-1",
      "instance": {
        "id": "i-05381e495aa0f95ef"
      },
      "machine": {
        "type": "t2.micro"
      },
      "availability_zone": "us-east-1b",
      "provider": "aws"
    },
    "host": {
      "architecture": "x86_64",
      "name": "KaiyanMacBookPro",
      "os": {
        "kernel": "17.7.0",
        "build": "17G10021",
        "platform": "darwin",
        "version": "10.13.6",
        "family": "darwin",
        "name": "Mac OS X"
      },
      "id": "9C7FAB7B-29D1-5926-8E84-158A9CA3E25D",
      "hostname": "KaiyanMacBookPro"
    },
    "agent": {
      "hostname": "KaiyanMacBookPro",
      "id": "23fd6ee9-2255-43f3-9565-78a051337c04",
      "version": "8.0.0",
      "type": "metricbeat",
      "ephemeral_id": "5d697e16-910b-4363-a375-f36e8e362ffc"
    },
    "ecs": {
      "version": "1.4.0"
    },
    "event": {
      "dataset": "mysql.status",
      "module": "mysql",
      "duration": 10004769210
    },
    "service": {
      "address": "3.86.223.141:3306",
      "type": "mysql"
    }
  },
  "fields": {
    "@timestamp": [
      "2020-02-06T01:44:48.040Z"
    ]
  },
  "sort": [
    1580953488040
  ]
}

How to test it

Start an EC2 instance in AWS
Add created-by: ks as tag for this EC2 instance
Install and start mysql service in the EC2 instance
Change default password of mysql
Now you can try autodiscover with provider aws_ec2 by attach config below to metricbeat.yml under x-pack/metricbeat:

logging.level: debug
metricbeat.autodiscover:
  # List of enabled autodiscover providers
  providers:
    - type: aws_ec2
      period: 1m
      credential_profile_name: elastic-beats
      templates:
        - condition:
            equals:
              aws.ec2.tags.created-by: "ks"
          config:
            - module: mysql
              metricsets: ["status", "galera_status"]
              period: 10s
              hosts: ["tcp(${data.aws.ec2.public.ip}:3306)/"]
              username: kaiyan
              password: kaiyan

closes #12518

x-pack/libbeat/autodiscover/providers/aws/config.go

x-pack/libbeat/autodiscover/providers/aws/ec2/watch.go

exekias

This is looking great! left a few comments but they are mostly about data format

x-pack/libbeat/autodiscover/providers/aws/aws.go

x-pack/libbeat/autodiscover/providers/aws/config.go

x-pack/libbeat/autodiscover/providers/aws/ec2/ec2.go

x-pack/libbeat/autodiscover/providers/aws/ec2/fetch.go

x-pack/libbeat/autodiscover/providers/aws/ec2/provider.go

x-pack/libbeat/autodiscover/providers/aws/ec2/ec2.go

x-pack/libbeat/autodiscover/providers/aws/ec2/provider.go

metricbeat/docs/autodiscover-aws-ec2-config.asciidoc

libbeat/docs/shared-autodiscover.asciidoc

kaiyan-sheng · 2020-02-06T23:58:16Z

Also tested with both mysql and mongodb by using metricbeat.yml:

logging.level: debug
metricbeat.autodiscover:
  # List of enabled autodiscover providers
  providers:
    - type: aws_ec2
      period: 1m
      credential_profile_name: elastic-beats
      templates:
        - condition:
            equals:
              aws.ec2.tags.created-by: "ks"
          config:
            - module: mysql
              metricsets: ["status", "galera_status"]
              period: 30s
              hosts: ["tcp(${data.aws.ec2.public.ip}:3306)/"]
              username: root
              password: root
            - module: mongodb
              metricsets:
                - dbstats
                - status
                - collstats
                - metrics
              period: 30s
              hosts: ["${data.aws.ec2.public.ip}:27017"]

* Add autodiscover for aws_ec2 * Add aws.ec2.* to autodiscover template (cherry picked from commit adcd962)

* [Filebeat] move create-[module,fileset,fields] to mage (#15836) - move create-[module,fileset,fields] to mage - make mage create commands available in x-pack/filebeat - change Makefile to use mage for create commands * Elasticsearch index must be lowercase (#16081) * Index names must be lowercase When indexing into Elasticsearch index names must always be lowercase. If the index or indices setting are configured to produce non-lowercase strings (e.g. by extracting part of the index name from the event contents), we need to normalize them to be lowercase. This change ensure that index names are always converted to lowercase. Static strings are converted to lowercase upfront, while dynamic strings will be post-processed. * update kafka/redis/LS output to guarantee lowercase index * add godoc * Regenerate expected files after changes in date parsing (#16139) Elasticsearch has modified the behaviour on date parsing when the date doesn't include timezone data. Regenerate a couple of golden files that are affected by this change. * Add autodiscover for aws_ec2 (#14823) * Add autodiscover for aws_ec2 * Add aws.ec2.* to autodiscover template * Fix a connection error in httpjson input (#16123) * Fix a connection error in httpjson input * Include document_id in decode_json_fields allowed fields (#16156) * ci: run test on Windows (#15570) * feat: run test on Windows * chore: parameter to enable/disable windows test * deleteDir before of the checkout * Update Jenkinsfile * Update Jenkinsfile * Update Jenkinsfile * Update Jenkinsfile * Update Jenkinsfile * Apply suggestions from code review * feat: apply dependency hierarchies * fit: use isChanged for all matches, and add the libbeat match where it is needed * feat: add x-pack/winlogbeat windows unit tests * fix: duplicate when condition * Update Jenkinsfile Co-Authored-By: Andrew Kroh <andrew.kroh@elastic.co> Co-authored-by: Andrew Kroh <andrew.kroh@elastic.co> * improve kubernetes.pod.cpu.usage.limit.pct field description (#16128) * upgrade github.com/gogo/protobuf/... to v1.3.1 (#16138) * [Filebeat] Add ECS tls & categorization fields to apache module (#16121) * Add ECS tls & categorization fields to apache module - tls.cipher (access) - tls.protocol (access) - tls.protocol_version (access) - event.kind (access) - event.category (access) - event.outcome (access) - lowercase http.request.method for ECS compliance (access) - event.kind (error) - event.category (error) - event.type (error) Closes #16032 * [Metricbeat] Add Overview dashboard to Tomcat module * [Metricbeat] Fix PostgreSQL Dashboard (#16132) * [Metricbeat] Fix PostgreSQL Dashboard * Update version * Fix: imports order (#16207) * [Metricbeat]kube-state-metrics: add storage class support (#16145) * add ksm storage class support * [Journalbeat] Improve parsing of syslog.pid in journalbeat to strip the username when present (#16116) * Improve parsing of syslog.pid in journalbeat to strip the username in pid when present. * Add entry to changelog with pull ID. * Improve the comment on the username strip. * [Agent] Allow CA cert pinning on the Elasticsearch output or any code that user tlscommon.TLSConfig builder. (#16019) * Add a sha256 pin for the CA Certificate When multiples CA are presents on the system we cannot ensure that a specific one was used to validates the chains exposer by the server. This PRs adds a `ca_sha256` option to the `tlscommon.TLSConfig` that is used by all the code that has to create a TCP client with TLS support. When the option is set, it will hook a new callback in the validation chains that will inspect the verified and validated chains by Go to ensure that a lets a certificate in the chains match the provided sha256. Usage example for the Elasticsearch output. ``` output.elasticsearch: hosts: [127.0.0.1:9200] ssl.ca_sha256: <base64_encoded_sha1> ``` You can generate the pin using the **openssl** binary with the following command: ``` openssl x509 -in ca.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64 ``` OpenSSL's [documentation](https://www.openssl.org/docs/manmaster/man1/dgst.html) You will need to start Elasticsearch with the following options ```yaml xpack.security.enabled: true indices.id_field_data.enabled: true xpack.license.self_generated.type: trial xpack.security.http.ssl.enabled: true xpack.security.http.ssl.key: /etc/pki/localhost/localhost.key" xpack.security.http.ssl.certificate: /etc/pki/localhost/localhost.crt" xpack.security.http.ssl.certificate_authorities: /etc/pki/ca/ca.crt" ``` This pull request also include a new service in the docker-compose.yml that will start a new Elasticsearch server with TLS and security configured. * [docs] Add 7.6 breaking changes and release highlights (#16202) * [docs] Add early draft of Elastic Log Driver docs (#15799) * Index template will only be loaded if the configured output is Elasticsearch or Elastic Cloud (#16124) (#16225) Minor update to be more explicit on the index template loading requirement. Co-authored-by: romain-chanu <51113389+romain-chanu@users.noreply.github.com> * Remove spaces in prometheus commented out option (#16233) * Fix: don't miss address scheme (#16205) * Fix: don't miss address scheme * Add unit test * Adjust source after code review * Add comment to method * Freeze virtualenv version until issue with CI is resolved (#16235) * [docs] Fix install command to match instructions on docker hub (#16249) * [docs] Add link to observability release blog (#16246) * ci(jenkins): enable fix-permissions to be executed without running make too (#16130) * ci(jenkins): enable fix-permissions to be executed without running make too * ci(jenkins): go modules are stored in the HOME path * ci(jenkins): fix permissions should run only if docker is enabled * Upgrade go-ucfg to version 0.8.2 (#16199) * Upgrade go-ucfg to master, for testing before 0.8.2 release. * Update notice. * Fix tests. * Update to the v0.8.2 release tag and remake NOTICE.txt. * Improve test name. * Add ingress nginx controller fileset (#16197) * update notice Co-authored-by: Lee Hinman <57081003+leehinman@users.noreply.github.com> Co-authored-by: Steffen Siering <steffen.siering@elastic.co> Co-authored-by: Jaime Soriano Pastor <jaime.soriano@elastic.co> Co-authored-by: kaiyan-sheng <kaiyan.sheng@elastic.co> Co-authored-by: Lei Qiu <lei.qiu@elastic.co> Co-authored-by: Fae Charlton <fae.charlton@elastic.co> Co-authored-by: Ivan Fernandez Calvo <kuisathaverat@users.noreply.github.com> Co-authored-by: Andrew Kroh <andrew.kroh@elastic.co> Co-authored-by: Chris Mark <chrismarkou92@gmail.com> Co-authored-by: Gil Raphaelli <g@raphaelli.com> Co-authored-by: Mario Castro <mariocaster@gmail.com> Co-authored-by: Dimitri Mazmanov <sorantis@gmail.com> Co-authored-by: Marcin Tojek <mtojek@users.noreply.github.com> Co-authored-by: Pablo Mercado <pablo.mercado@elastic.co> Co-authored-by: Blake Rouse <blake.rouse@elastic.co> Co-authored-by: Pier-Hugues Pellerin <phpellerin@gmail.com> Co-authored-by: DeDe Morton <dede.morton@elastic.co> Co-authored-by: romain-chanu <51113389+romain-chanu@users.noreply.github.com> Co-authored-by: Michal Pristas <michal.pristas@gmail.com> Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com>

* Add autodiscover for aws_ec2 * Add aws.ec2.* to autodiscover template

* [Filebeat] move create-[module,fileset,fields] to mage (#15836) - move create-[module,fileset,fields] to mage - make mage create commands available in x-pack/filebeat - change Makefile to use mage for create commands * Elasticsearch index must be lowercase (#16081) * Index names must be lowercase When indexing into Elasticsearch index names must always be lowercase. If the index or indices setting are configured to produce non-lowercase strings (e.g. by extracting part of the index name from the event contents), we need to normalize them to be lowercase. This change ensure that index names are always converted to lowercase. Static strings are converted to lowercase upfront, while dynamic strings will be post-processed. * update kafka/redis/LS output to guarantee lowercase index * add godoc * Regenerate expected files after changes in date parsing (#16139) Elasticsearch has modified the behaviour on date parsing when the date doesn't include timezone data. Regenerate a couple of golden files that are affected by this change. * Add autodiscover for aws_ec2 (#14823) * Add autodiscover for aws_ec2 * Add aws.ec2.* to autodiscover template * Fix a connection error in httpjson input (#16123) * Fix a connection error in httpjson input * Include document_id in decode_json_fields allowed fields (#16156) * ci: run test on Windows (#15570) * feat: run test on Windows * chore: parameter to enable/disable windows test * deleteDir before of the checkout * Update Jenkinsfile * Update Jenkinsfile * Update Jenkinsfile * Update Jenkinsfile * Update Jenkinsfile * Apply suggestions from code review * feat: apply dependency hierarchies * fit: use isChanged for all matches, and add the libbeat match where it is needed * feat: add x-pack/winlogbeat windows unit tests * fix: duplicate when condition * Update Jenkinsfile Co-Authored-By: Andrew Kroh <andrew.kroh@elastic.co> Co-authored-by: Andrew Kroh <andrew.kroh@elastic.co> * improve kubernetes.pod.cpu.usage.limit.pct field description (#16128) * upgrade github.com/gogo/protobuf/... to v1.3.1 (#16138) * [Filebeat] Add ECS tls & categorization fields to apache module (#16121) * Add ECS tls & categorization fields to apache module - tls.cipher (access) - tls.protocol (access) - tls.protocol_version (access) - event.kind (access) - event.category (access) - event.outcome (access) - lowercase http.request.method for ECS compliance (access) - event.kind (error) - event.category (error) - event.type (error) Closes #16032 * [Metricbeat] Add Overview dashboard to Tomcat module * [Metricbeat] Fix PostgreSQL Dashboard (#16132) * [Metricbeat] Fix PostgreSQL Dashboard * Update version * Fix: imports order (#16207) * [Metricbeat]kube-state-metrics: add storage class support (#16145) * add ksm storage class support * [Journalbeat] Improve parsing of syslog.pid in journalbeat to strip the username when present (#16116) * Improve parsing of syslog.pid in journalbeat to strip the username in pid when present. * Add entry to changelog with pull ID. * Improve the comment on the username strip. * [Agent] Allow CA cert pinning on the Elasticsearch output or any code that user tlscommon.TLSConfig builder. (#16019) * Add a sha256 pin for the CA Certificate When multiples CA are presents on the system we cannot ensure that a specific one was used to validates the chains exposer by the server. This PRs adds a `ca_sha256` option to the `tlscommon.TLSConfig` that is used by all the code that has to create a TCP client with TLS support. When the option is set, it will hook a new callback in the validation chains that will inspect the verified and validated chains by Go to ensure that a lets a certificate in the chains match the provided sha256. Usage example for the Elasticsearch output. ``` output.elasticsearch: hosts: [127.0.0.1:9200] ssl.ca_sha256: <base64_encoded_sha1> ``` You can generate the pin using the **openssl** binary with the following command: ``` openssl x509 -in ca.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64 ``` OpenSSL's [documentation](https://www.openssl.org/docs/manmaster/man1/dgst.html) You will need to start Elasticsearch with the following options ```yaml xpack.security.enabled: true indices.id_field_data.enabled: true xpack.license.self_generated.type: trial xpack.security.http.ssl.enabled: true xpack.security.http.ssl.key: /etc/pki/localhost/localhost.key" xpack.security.http.ssl.certificate: /etc/pki/localhost/localhost.crt" xpack.security.http.ssl.certificate_authorities: /etc/pki/ca/ca.crt" ``` This pull request also include a new service in the docker-compose.yml that will start a new Elasticsearch server with TLS and security configured. * [docs] Add 7.6 breaking changes and release highlights (#16202) * [docs] Add early draft of Elastic Log Driver docs (#15799) * Index template will only be loaded if the configured output is Elasticsearch or Elastic Cloud (#16124) (#16225) Minor update to be more explicit on the index template loading requirement. Co-authored-by: romain-chanu <51113389+romain-chanu@users.noreply.github.com> * Remove spaces in prometheus commented out option (#16233) * Fix: don't miss address scheme (#16205) * Fix: don't miss address scheme * Add unit test * Adjust source after code review * Add comment to method * Freeze virtualenv version until issue with CI is resolved (#16235) * [docs] Fix install command to match instructions on docker hub (#16249) * [docs] Add link to observability release blog (#16246) * ci(jenkins): enable fix-permissions to be executed without running make too (#16130) * ci(jenkins): enable fix-permissions to be executed without running make too * ci(jenkins): go modules are stored in the HOME path * ci(jenkins): fix permissions should run only if docker is enabled * Upgrade go-ucfg to version 0.8.2 (#16199) * Upgrade go-ucfg to master, for testing before 0.8.2 release. * Update notice. * Fix tests. * Update to the v0.8.2 release tag and remake NOTICE.txt. * Improve test name. * Add ingress nginx controller fileset (#16197) * update notice Co-authored-by: Lee Hinman <57081003+leehinman@users.noreply.github.com> Co-authored-by: Steffen Siering <steffen.siering@elastic.co> Co-authored-by: Jaime Soriano Pastor <jaime.soriano@elastic.co> Co-authored-by: kaiyan-sheng <kaiyan.sheng@elastic.co> Co-authored-by: Lei Qiu <lei.qiu@elastic.co> Co-authored-by: Fae Charlton <fae.charlton@elastic.co> Co-authored-by: Ivan Fernandez Calvo <kuisathaverat@users.noreply.github.com> Co-authored-by: Andrew Kroh <andrew.kroh@elastic.co> Co-authored-by: Chris Mark <chrismarkou92@gmail.com> Co-authored-by: Gil Raphaelli <g@raphaelli.com> Co-authored-by: Mario Castro <mariocaster@gmail.com> Co-authored-by: Dimitri Mazmanov <sorantis@gmail.com> Co-authored-by: Marcin Tojek <mtojek@users.noreply.github.com> Co-authored-by: Pablo Mercado <pablo.mercado@elastic.co> Co-authored-by: Blake Rouse <blake.rouse@elastic.co> Co-authored-by: Pier-Hugues Pellerin <phpellerin@gmail.com> Co-authored-by: DeDe Morton <dede.morton@elastic.co> Co-authored-by: romain-chanu <51113389+romain-chanu@users.noreply.github.com> Co-authored-by: Michal Pristas <michal.pristas@gmail.com> Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com>

* [Filebeat] move create-[module,fileset,fields] to mage (elastic#15836) - move create-[module,fileset,fields] to mage - make mage create commands available in x-pack/filebeat - change Makefile to use mage for create commands * Elasticsearch index must be lowercase (elastic#16081) * Index names must be lowercase When indexing into Elasticsearch index names must always be lowercase. If the index or indices setting are configured to produce non-lowercase strings (e.g. by extracting part of the index name from the event contents), we need to normalize them to be lowercase. This change ensure that index names are always converted to lowercase. Static strings are converted to lowercase upfront, while dynamic strings will be post-processed. * update kafka/redis/LS output to guarantee lowercase index * add godoc * Regenerate expected files after changes in date parsing (elastic#16139) Elasticsearch has modified the behaviour on date parsing when the date doesn't include timezone data. Regenerate a couple of golden files that are affected by this change. * Add autodiscover for aws_ec2 (elastic#14823) * Add autodiscover for aws_ec2 * Add aws.ec2.* to autodiscover template * Fix a connection error in httpjson input (elastic#16123) * Fix a connection error in httpjson input * Include document_id in decode_json_fields allowed fields (elastic#16156) * ci: run test on Windows (elastic#15570) * feat: run test on Windows * chore: parameter to enable/disable windows test * deleteDir before of the checkout * Update Jenkinsfile * Update Jenkinsfile * Update Jenkinsfile * Update Jenkinsfile * Update Jenkinsfile * Apply suggestions from code review * feat: apply dependency hierarchies * fit: use isChanged for all matches, and add the libbeat match where it is needed * feat: add x-pack/winlogbeat windows unit tests * fix: duplicate when condition * Update Jenkinsfile Co-Authored-By: Andrew Kroh <andrew.kroh@elastic.co> Co-authored-by: Andrew Kroh <andrew.kroh@elastic.co> * improve kubernetes.pod.cpu.usage.limit.pct field description (elastic#16128) * upgrade github.com/gogo/protobuf/... to v1.3.1 (elastic#16138) * [Filebeat] Add ECS tls & categorization fields to apache module (elastic#16121) * Add ECS tls & categorization fields to apache module - tls.cipher (access) - tls.protocol (access) - tls.protocol_version (access) - event.kind (access) - event.category (access) - event.outcome (access) - lowercase http.request.method for ECS compliance (access) - event.kind (error) - event.category (error) - event.type (error) Closes elastic#16032 * [Metricbeat] Add Overview dashboard to Tomcat module * [Metricbeat] Fix PostgreSQL Dashboard (elastic#16132) * [Metricbeat] Fix PostgreSQL Dashboard * Update version * Fix: imports order (elastic#16207) * [Metricbeat]kube-state-metrics: add storage class support (elastic#16145) * add ksm storage class support * [Journalbeat] Improve parsing of syslog.pid in journalbeat to strip the username when present (elastic#16116) * Improve parsing of syslog.pid in journalbeat to strip the username in pid when present. * Add entry to changelog with pull ID. * Improve the comment on the username strip. * [Agent] Allow CA cert pinning on the Elasticsearch output or any code that user tlscommon.TLSConfig builder. (elastic#16019) * Add a sha256 pin for the CA Certificate When multiples CA are presents on the system we cannot ensure that a specific one was used to validates the chains exposer by the server. This PRs adds a `ca_sha256` option to the `tlscommon.TLSConfig` that is used by all the code that has to create a TCP client with TLS support. When the option is set, it will hook a new callback in the validation chains that will inspect the verified and validated chains by Go to ensure that a lets a certificate in the chains match the provided sha256. Usage example for the Elasticsearch output. ``` output.elasticsearch: hosts: [127.0.0.1:9200] ssl.ca_sha256: <base64_encoded_sha1> ``` You can generate the pin using the **openssl** binary with the following command: ``` openssl x509 -in ca.crt -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64 ``` OpenSSL's [documentation](https://www.openssl.org/docs/manmaster/man1/dgst.html) You will need to start Elasticsearch with the following options ```yaml xpack.security.enabled: true indices.id_field_data.enabled: true xpack.license.self_generated.type: trial xpack.security.http.ssl.enabled: true xpack.security.http.ssl.key: /etc/pki/localhost/localhost.key" xpack.security.http.ssl.certificate: /etc/pki/localhost/localhost.crt" xpack.security.http.ssl.certificate_authorities: /etc/pki/ca/ca.crt" ``` This pull request also include a new service in the docker-compose.yml that will start a new Elasticsearch server with TLS and security configured. * [docs] Add 7.6 breaking changes and release highlights (elastic#16202) * [docs] Add early draft of Elastic Log Driver docs (elastic#15799) * Index template will only be loaded if the configured output is Elasticsearch or Elastic Cloud (elastic#16124) (elastic#16225) Minor update to be more explicit on the index template loading requirement. Co-authored-by: romain-chanu <51113389+romain-chanu@users.noreply.github.com> * Remove spaces in prometheus commented out option (elastic#16233) * Fix: don't miss address scheme (elastic#16205) * Fix: don't miss address scheme * Add unit test * Adjust source after code review * Add comment to method * Freeze virtualenv version until issue with CI is resolved (elastic#16235) * [docs] Fix install command to match instructions on docker hub (elastic#16249) * [docs] Add link to observability release blog (elastic#16246) * ci(jenkins): enable fix-permissions to be executed without running make too (elastic#16130) * ci(jenkins): enable fix-permissions to be executed without running make too * ci(jenkins): go modules are stored in the HOME path * ci(jenkins): fix permissions should run only if docker is enabled * Upgrade go-ucfg to version 0.8.2 (elastic#16199) * Upgrade go-ucfg to master, for testing before 0.8.2 release. * Update notice. * Fix tests. * Update to the v0.8.2 release tag and remake NOTICE.txt. * Improve test name. * Add ingress nginx controller fileset (elastic#16197) * update notice Co-authored-by: Lee Hinman <57081003+leehinman@users.noreply.github.com> Co-authored-by: Steffen Siering <steffen.siering@elastic.co> Co-authored-by: Jaime Soriano Pastor <jaime.soriano@elastic.co> Co-authored-by: kaiyan-sheng <kaiyan.sheng@elastic.co> Co-authored-by: Lei Qiu <lei.qiu@elastic.co> Co-authored-by: Fae Charlton <fae.charlton@elastic.co> Co-authored-by: Ivan Fernandez Calvo <kuisathaverat@users.noreply.github.com> Co-authored-by: Andrew Kroh <andrew.kroh@elastic.co> Co-authored-by: Chris Mark <chrismarkou92@gmail.com> Co-authored-by: Gil Raphaelli <g@raphaelli.com> Co-authored-by: Mario Castro <mariocaster@gmail.com> Co-authored-by: Dimitri Mazmanov <sorantis@gmail.com> Co-authored-by: Marcin Tojek <mtojek@users.noreply.github.com> Co-authored-by: Pablo Mercado <pablo.mercado@elastic.co> Co-authored-by: Blake Rouse <blake.rouse@elastic.co> Co-authored-by: Pier-Hugues Pellerin <phpellerin@gmail.com> Co-authored-by: DeDe Morton <dede.morton@elastic.co> Co-authored-by: romain-chanu <51113389+romain-chanu@users.noreply.github.com> Co-authored-by: Michal Pristas <michal.pristas@gmail.com> Co-authored-by: Victor Martinez <victormartinezrubio@gmail.com>

kaiyan-sheng added 2 commits November 27, 2019 07:54

Add autodiscover for aws_ec2

3506757

Add aws_ec2 autodiscover

07469cd

houndci-bot reviewed Nov 27, 2019

View reviewed changes

x-pack/libbeat/autodiscover/providers/aws/config.go Show resolved Hide resolved

houndci-bot reviewed Nov 27, 2019

View reviewed changes

x-pack/libbeat/autodiscover/providers/aws/config.go Show resolved Hide resolved

houndci-bot reviewed Nov 27, 2019

View reviewed changes

x-pack/libbeat/autodiscover/providers/aws/config.go Show resolved Hide resolved

houndci-bot reviewed Nov 27, 2019

View reviewed changes

x-pack/libbeat/autodiscover/providers/aws/config.go Show resolved Hide resolved

test with logp.Debug

dfc6269

kaiyan-sheng self-assigned this Nov 27, 2019

kaiyan-sheng added 4 commits December 6, 2019 14:14

Merge remote-tracking branch 'upstream/master' into autodiscover_aws_ec2

4d350ea

Add comment to DefaultConfig function

e5899f8

Merge remote-tracking branch 'upstream/master' into autodiscover_aws_ec2

fcdba2f

Change ec2 metadata mapping

c042a08

houndci-bot reviewed Dec 17, 2019

View reviewed changes

x-pack/libbeat/autodiscover/providers/aws/ec2/watch.go Outdated Show resolved Hide resolved

kaiyan-sheng added 2 commits December 17, 2019 16:00

Update changelog

5662544

Update changelog

a4e7f4f

kaiyan-sheng marked this pull request as ready for review December 17, 2019 23:03

kaiyan-sheng added libbeat needs_backport PR is waiting to be backported to other branches. review Team:Integrations Label for the Integrations team test-plan Add this PR to be manual test plan labels Dec 17, 2019

change instanceId to instanceID

580c13a

kaiyan-sheng added the in progress Pull request is currently in progress. label Dec 17, 2019

exekias suggested changes Dec 18, 2019

View reviewed changes

kaiyan-sheng added 4 commits December 18, 2019 15:30

Collect from all regions if regions is not specified

f06521d

Add GetRegions into aws_elb provider

3a5fa25

Add aws_ec2 provider into autodiscover doc

fef6fde

update autodiscover doc

543e18a

sayden reviewed Dec 19, 2019

View reviewed changes

x-pack/libbeat/autodiscover/providers/aws/ec2/ec2.go Show resolved Hide resolved

sayden reviewed Dec 19, 2019

View reviewed changes

x-pack/libbeat/autodiscover/providers/aws/ec2/ec2.go Show resolved Hide resolved

kaiyan-sheng added the in progress Pull request is currently in progress. label Feb 6, 2020

exekias reviewed Feb 6, 2020

View reviewed changes

x-pack/libbeat/autodiscover/providers/aws/ec2/provider.go Outdated Show resolved Hide resolved

exekias reviewed Feb 6, 2020

View reviewed changes

metricbeat/docs/autodiscover-aws-ec2-config.asciidoc Outdated Show resolved Hide resolved

exekias reviewed Feb 6, 2020

View reviewed changes

libbeat/docs/shared-autodiscover.asciidoc Outdated Show resolved Hide resolved

kaiyan-sheng added 2 commits February 6, 2020 06:24

update field names from ec2 to aws.ec2

656379e

Add aws.ec2.* to autodiscover template

286d2ad

exekias approved these changes Feb 6, 2020

View reviewed changes

kaiyan-sheng merged commit adcd962 into elastic:master Feb 6, 2020

kaiyan-sheng deleted the autodiscover_aws_ec2 branch February 6, 2020 22:20

zube bot added [zube]: Done and removed [zube]: In Progress labels Feb 6, 2020

kaiyan-sheng mentioned this pull request Feb 6, 2020

Cherry-pick #14823 to 7.x: Add autodiscover for aws_ec2 #16184

Merged

3 tasks

kaiyan-sheng added v7.7.0 and removed needs_backport PR is waiting to be backported to other branches. labels Feb 6, 2020

kaiyan-sheng added a commit that referenced this pull request Feb 7, 2020

Add autodiscover for aws_ec2 (#14823) (#16184)

3e3b260

* Add autodiscover for aws_ec2 * Add aws.ec2.* to autodiscover template (cherry picked from commit adcd962)

kaiyan-sheng mentioned this pull request Feb 10, 2020

Change aws_elb autodiscover provider meta field prefix to aws.elb #16219

Closed

andresrc removed the [zube]: Done label Feb 12, 2020

kaiyan-sheng mentioned this pull request Feb 19, 2020

[libbeat] Change aws_elb autodiscover provider field name to aws.elb.* #16402

Merged

5 tasks

kvch pushed a commit to kvch/beats that referenced this pull request Feb 20, 2020

Add autodiscover for aws_ec2 (elastic#14823)

982e73d

* Add autodiscover for aws_ec2 * Add aws.ec2.* to autodiscover template

kaiyan-sheng mentioned this pull request Feb 21, 2020

Cherry-pick #16402 to 7.x: [libbeat] Change aws_elb autodiscover provider field name to aws.elb.* #16477

Merged

5 tasks

andresrc added the test-plan-added This PR has been added to the test plan label Mar 21, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add autodiscover for aws_ec2 #14823

Add autodiscover for aws_ec2 #14823

kaiyan-sheng commented Nov 27, 2019 •

edited

Loading

exekias left a comment

kaiyan-sheng commented Feb 6, 2020

Add autodiscover for aws_ec2 #14823

Add autodiscover for aws_ec2 #14823

Conversation

kaiyan-sheng commented Nov 27, 2019 • edited Loading

TODO List

Event generated by autodiscovered mysql:

How to test it

exekias left a comment

Choose a reason for hiding this comment

kaiyan-sheng commented Feb 6, 2020

kaiyan-sheng commented Nov 27, 2019 •

edited

Loading