856 lines
19 KiB
YAML
856 lines
19 KiB
YAML
|
|
- key: beat
|
|
title: Beat
|
|
description: >
|
|
Contains common beat fields available in all event types.
|
|
fields:
|
|
|
|
- name: beat.name
|
|
description: >
|
|
The name of the Beat sending the log messages. If the Beat name is
|
|
set in the configuration file, then that value is used. If it is not
|
|
set, the hostname is used. To set the Beat name, use the `name`
|
|
option in the configuration file.
|
|
- name: beat.hostname
|
|
description: >
|
|
The hostname as returned by the operating system on which the Beat is
|
|
running.
|
|
- name: beat.timezone
|
|
description: >
|
|
The timezone as returned by the operating system on which the Beat is
|
|
running.
|
|
- name: beat.version
|
|
description: >
|
|
The version of the beat that generated this event.
|
|
|
|
- name: "@timestamp"
|
|
type: date
|
|
required: true
|
|
format: date
|
|
example: August 26th 2016, 12:35:53.332
|
|
description: >
|
|
The timestamp when the event log record was generated.
|
|
|
|
- name: tags
|
|
description: >
|
|
Arbitrary tags that can be set per Beat and per transaction
|
|
type.
|
|
|
|
- name: fields
|
|
type: object
|
|
object_type: keyword
|
|
description: >
|
|
Contains user configurable fields.
|
|
|
|
- name: error
|
|
type: group
|
|
description: >
|
|
Error fields containing additional info in case of errors.
|
|
fields:
|
|
- name: message
|
|
type: text
|
|
description: >
|
|
Error message.
|
|
- name: code
|
|
type: long
|
|
description: >
|
|
Error code.
|
|
- name: type
|
|
type: keyword
|
|
description: >
|
|
Error type.
|
|
- key: cloud
|
|
title: Cloud provider metadata
|
|
description: >
|
|
Metadata from cloud providers added by the add_cloud_metadata processor.
|
|
fields:
|
|
|
|
- name: meta.cloud.provider
|
|
example: ec2
|
|
description: >
|
|
Name of the cloud provider. Possible values are ec2, gce, or digitalocean.
|
|
|
|
- name: meta.cloud.instance_id
|
|
description: >
|
|
Instance ID of the host machine.
|
|
|
|
- name: meta.cloud.instance_name
|
|
description: >
|
|
Instance name of the host machine.
|
|
|
|
- name: meta.cloud.machine_type
|
|
example: t2.medium
|
|
description: >
|
|
Machine type of the host machine.
|
|
|
|
- name: meta.cloud.availability_zone
|
|
example: us-east-1c
|
|
description: >
|
|
Availability zone in which this host is running.
|
|
|
|
- name: meta.cloud.project_id
|
|
example: project-x
|
|
description: >
|
|
Name of the project in Google Cloud.
|
|
|
|
- name: meta.cloud.region
|
|
description: >
|
|
Region in which this host is running.
|
|
- key: docker
|
|
title: Docker
|
|
description: >
|
|
beta[]
|
|
|
|
Docker stats collected from Docker.
|
|
short_config: false
|
|
anchor: docker-processor
|
|
fields:
|
|
- name: docker
|
|
type: group
|
|
fields:
|
|
- name: container.id
|
|
type: keyword
|
|
description: >
|
|
Unique container id.
|
|
- name: container.image
|
|
type: keyword
|
|
description: >
|
|
Name of the image the container was built on.
|
|
- name: container.name
|
|
type: keyword
|
|
description: >
|
|
Container name.
|
|
- name: container.labels
|
|
type: object
|
|
object_type: keyword
|
|
description: >
|
|
Image labels.
|
|
- key: kubernetes
|
|
title: Kubernetes
|
|
description: >
|
|
beta[]
|
|
|
|
Kubernetes metadata added by the kubernetes processor
|
|
short_config: false
|
|
anchor: kubernetes-processor
|
|
fields:
|
|
- name: kubernetes
|
|
type: group
|
|
fields:
|
|
- name: pod.name
|
|
type: keyword
|
|
description: >
|
|
Kubernetes pod name
|
|
|
|
- name: namespace
|
|
type: keyword
|
|
description: >
|
|
Kubernetes namespace
|
|
|
|
- name: labels
|
|
type: object
|
|
description: >
|
|
Kubernetes labels map
|
|
|
|
- name: annotations
|
|
type: object
|
|
description: >
|
|
Kubernetes annotations map
|
|
|
|
- name: container.name
|
|
type: keyword
|
|
description: >
|
|
Kubernetes container name
|
|
|
|
- name: container.image
|
|
type: keyword
|
|
description: >
|
|
Kubernetes container image
|
|
- key: icingabeat
|
|
title: icingabeat
|
|
description: Data received from the Icinga 2 API
|
|
fields:
|
|
- name: timestamp
|
|
type: date
|
|
description: >
|
|
Timestamp of event occurrence
|
|
|
|
- name: type
|
|
type: keyword
|
|
description: >
|
|
Type of the document
|
|
|
|
- name: host
|
|
type: keyword
|
|
description: >
|
|
Host that triggered the event
|
|
|
|
- name: service
|
|
type: keyword
|
|
description: >
|
|
Service that triggered the event
|
|
|
|
- name: state
|
|
type: integer
|
|
description: >
|
|
State of the check
|
|
|
|
- name: state_type
|
|
type: integer
|
|
description: >
|
|
State type of the check
|
|
|
|
- name: author
|
|
type: keyword
|
|
description: >
|
|
Author of a message
|
|
|
|
- name: notification_type
|
|
type: keyword
|
|
description: >
|
|
Type of notification
|
|
|
|
- name: text
|
|
type: text
|
|
description: >
|
|
Text of a message
|
|
|
|
- name: users
|
|
type: keyword
|
|
description: >
|
|
Affected users of a notification
|
|
|
|
- name: acknowledgement_type
|
|
type: integer
|
|
description: >
|
|
Type of an acknowledgement
|
|
|
|
- name: expiry
|
|
type: date
|
|
description: >
|
|
Expiry of an acknowledgement
|
|
|
|
- name: notify
|
|
type: keyword
|
|
description: >
|
|
If has been sent out
|
|
|
|
- name: check_result.active
|
|
type: boolean
|
|
description: >
|
|
If check was active or passive
|
|
|
|
- name: check_result.check_source
|
|
type: keyword
|
|
description: >
|
|
Icinga instance that scheduled the check
|
|
|
|
- name: check_result.command
|
|
type: text
|
|
description: >
|
|
Command that was executed
|
|
|
|
- name: check_result.execution_end
|
|
type: date
|
|
description: >
|
|
Time when execution of check ended
|
|
|
|
- name: check_result.execution_start
|
|
type: date
|
|
description: >
|
|
Time when execution of check started
|
|
|
|
- name: check_result.exit_status
|
|
type: integer
|
|
description: >
|
|
Exit status
|
|
|
|
- name: check_result.output
|
|
type: text
|
|
description: >
|
|
Output of check
|
|
|
|
- name: check_result.performance_data
|
|
type: text
|
|
description: >
|
|
Performance data in text format
|
|
|
|
- name: check_result.schedule_end
|
|
type: date
|
|
description: >
|
|
Time when scheduling of the check ended
|
|
|
|
- name: check_result.schedule_start
|
|
type: date
|
|
description: >
|
|
Time when check was scheduled
|
|
|
|
- name: check_result.state
|
|
type: integer
|
|
description: >
|
|
State of the check
|
|
|
|
- name: check_result.type
|
|
type: keyword
|
|
description: >
|
|
Type of this event
|
|
|
|
- name: check_result.vars_after.attempt
|
|
type: integer
|
|
description: >
|
|
Check attempt after check execution
|
|
|
|
- name: check_result.vars_after.reachable
|
|
type: boolean
|
|
description: >
|
|
Reachable state after check execution
|
|
|
|
- name: check_result.vars_after.state
|
|
type: integer
|
|
description: >
|
|
State of the check after execution
|
|
|
|
- name: check_result.vars_after.state_type
|
|
type: integer
|
|
description: >
|
|
State type after execution
|
|
|
|
- name: check_result.vars_before.attempt
|
|
type: integer
|
|
description: >
|
|
Check attempt before check execution
|
|
|
|
- name: check_result.vars_before.reachable
|
|
type: boolean
|
|
description: >
|
|
Reachable state before check execution
|
|
|
|
- name: check_result.vars_before.state
|
|
type: integer
|
|
description: >
|
|
Check state before check execution
|
|
|
|
- name: check_result.vars_before.state_type
|
|
type: integer
|
|
description: >
|
|
State type before check execution
|
|
|
|
- name: comment.__name
|
|
type: text
|
|
description: >
|
|
Unique identifier of a comment
|
|
|
|
- name: comment.author
|
|
type: keyword
|
|
description: >
|
|
Author of a comment
|
|
|
|
- name: comment.entry_time
|
|
type: date
|
|
description: >
|
|
Entry time of a comment
|
|
|
|
- name: comment.entry_type
|
|
type: integer
|
|
description: >
|
|
Entry type of a comment
|
|
|
|
- name: comment.expire_time
|
|
type: date
|
|
description: >
|
|
Expire time of a comment
|
|
|
|
- name: comment.host_name
|
|
type: keyword
|
|
description: >
|
|
Host name of a comment
|
|
|
|
- name: comment.legacy_id
|
|
type: integer
|
|
description: >
|
|
Legacy ID of a comment
|
|
|
|
- name: comment.name
|
|
type: keyword
|
|
description: >
|
|
Identifier of a comment
|
|
|
|
- name: comment.package
|
|
type: keyword
|
|
description: >
|
|
Config package of a comment
|
|
|
|
- name: comment.service_name
|
|
type: keyword
|
|
description: >
|
|
Service name of a comment
|
|
|
|
- name: comment.templates
|
|
type: text
|
|
description: >
|
|
Templates used by a comment
|
|
|
|
- name: comment.text
|
|
type: text
|
|
description: >
|
|
Text of a comment
|
|
|
|
- name: comment.type
|
|
type: keyword
|
|
description: >
|
|
Comment type
|
|
|
|
- name: comment.version
|
|
type: keyword
|
|
description: >
|
|
Config version of comment object
|
|
|
|
- name: comment.zone
|
|
type: keyword
|
|
description: >
|
|
Zone where comment was generated
|
|
|
|
- name: downtime.__name
|
|
type: text
|
|
description: >
|
|
Unique identifier of a downtime
|
|
|
|
- name: downtime.author
|
|
type: keyword
|
|
description: >
|
|
Author of a downtime
|
|
|
|
- name: downtime.comment
|
|
type: text
|
|
description: >
|
|
Text of a downtime
|
|
|
|
- name: downtime.config_owner
|
|
type: text
|
|
description: >
|
|
Config owner
|
|
|
|
- name: downtime.duration
|
|
type: integer
|
|
description: >
|
|
Duration of a downtime
|
|
|
|
- name: downtime.end_time
|
|
type: date
|
|
description: >
|
|
Timestamp of downtime end
|
|
|
|
- name: downtime.entry_time
|
|
type: date
|
|
description: >
|
|
Timestamp when downtime was created
|
|
|
|
- name: downtime.fixed
|
|
type: boolean
|
|
description: >
|
|
If downtime is fixed or flexible
|
|
|
|
- name: downtime.host_name
|
|
type: keyword
|
|
description: >
|
|
Hostname of a downtime
|
|
|
|
- name: downtime.legacy_id
|
|
type: integer
|
|
description: >
|
|
The integer ID of a downtime
|
|
|
|
- name: downtime.name
|
|
type: keyword
|
|
description: >
|
|
Downtime config identifier
|
|
|
|
- name: downtime.package
|
|
type: keyword
|
|
description: >
|
|
Configuration package of downtime
|
|
|
|
- name: downtime.scheduled_by
|
|
type: text
|
|
description: >
|
|
By whom downtime was scheduled
|
|
|
|
- name: downtime.service_name
|
|
type: keyword
|
|
description: >
|
|
Service name of a downtime
|
|
|
|
- name: downtime.start_time
|
|
type: date
|
|
description: >
|
|
Timestamp when downtime starts
|
|
|
|
- name: downtime.templates
|
|
type: text
|
|
description: >
|
|
Templates used by this downtime
|
|
|
|
- name: downtime.trigger_time
|
|
type: date
|
|
description: >
|
|
Timestamp when downtime was triggered
|
|
|
|
- name: downtime.triggered_by
|
|
type: text
|
|
description: >
|
|
By whom downtime was triggered
|
|
|
|
- name: downtime.triggers
|
|
type: text
|
|
description: >
|
|
Downtime triggers
|
|
|
|
- name: downtime.type
|
|
type: keyword
|
|
description: >
|
|
Downtime type
|
|
|
|
- name: downtime.version
|
|
type: keyword
|
|
description: >
|
|
Config version of downtime
|
|
|
|
- name: downtime.was_cancelled
|
|
type: boolean
|
|
description: >
|
|
If downtime was cancelled
|
|
|
|
- name: downtime.zone
|
|
type: keyword
|
|
description: >
|
|
Zone of downtime
|
|
|
|
- name: status.active_host_checks
|
|
type: integer
|
|
description: >
|
|
Active host checks
|
|
|
|
|
|
- name: status.active_host_checks_15min
|
|
type: integer
|
|
description: >
|
|
Active host checks in the last 15 minutes
|
|
|
|
|
|
- name: status.active_host_checks_1min
|
|
type: integer
|
|
description: >
|
|
Acitve host checks in the last minute
|
|
|
|
|
|
- name: status.active_host_checks_5min
|
|
type: integer
|
|
description: >
|
|
Active host checks in the last 5 minutes
|
|
|
|
|
|
- name: status.active_service_checks
|
|
type: integer
|
|
description: >
|
|
Active service checks
|
|
|
|
- name: status.active_service_checks_15min
|
|
type: integer
|
|
description: >
|
|
Active service checks in the last 15 minutes
|
|
|
|
- name: status.active_service_checks_1min
|
|
type: integer
|
|
description: >
|
|
Active service checks in the last minute
|
|
|
|
- name: status.active_service_checks_5min
|
|
type: integer
|
|
description: >
|
|
Active service checks in the last 5 minutes
|
|
|
|
- name: status.api.identity
|
|
type: keyword
|
|
description: >
|
|
API identity
|
|
|
|
- name: status.api.num_conn_endpoints
|
|
type: integer
|
|
description: >
|
|
Number of connected endpoints
|
|
|
|
- name: status.api.num_endpoints
|
|
type: integer
|
|
description: >
|
|
Total number of endpoints
|
|
|
|
- name: status.api.num_not_conn_endpoints
|
|
type: integer
|
|
description: >
|
|
Number of not connected endpoints
|
|
|
|
- name: status.api.zones.demo.client_log_lag
|
|
type: integer
|
|
description: >
|
|
Lag of the replaylog
|
|
|
|
- name: status.api.zones.demo.connected
|
|
type: boolean
|
|
description: >
|
|
Zone connected
|
|
|
|
- name: status.api.zones.demo.endpoints
|
|
type: text
|
|
description: >
|
|
Endpoint names
|
|
|
|
- name: status.api.zones.demo.parent_zone
|
|
type: keyword
|
|
description: >
|
|
Parent zone
|
|
|
|
- name: status.avg_execution_time
|
|
type: integer
|
|
description: >
|
|
Average execution time of checks
|
|
|
|
- name: status.avg_latency
|
|
type: integer
|
|
description: >
|
|
Average latency time
|
|
|
|
- name: status.checkercomponent.checker.idle
|
|
type: integer
|
|
description: >
|
|
Idle checks
|
|
|
|
- name: status.checkercomponent.checker.pending
|
|
type: integer
|
|
description: >
|
|
Pending checks
|
|
|
|
- name: status.filelogger.main-log
|
|
type: integer
|
|
description: >
|
|
Mainlog enabled
|
|
|
|
- name: status.icingaapplication.app.enable_event_handlers
|
|
type: boolean
|
|
description: >
|
|
Event handlers enabled
|
|
|
|
- name: status.icingaapplication.app.enable_flapping
|
|
type: boolean
|
|
description: >
|
|
Flapping detection enabled
|
|
|
|
- name: status.icingaapplication.app.enable_host_checks
|
|
type: boolean
|
|
description: >
|
|
Host checks enabled
|
|
|
|
- name: status.icingaapplication.app.enable_notifications
|
|
type: boolean
|
|
description: >
|
|
Notifications enabled
|
|
|
|
- name: status.icingaapplication.app.enable_perfdata
|
|
type: boolean
|
|
description: >
|
|
Perfdata enabled
|
|
|
|
- name: status.icingaapplication.app.enable_service_checks
|
|
type: boolean
|
|
description: >
|
|
Service checks enabled
|
|
|
|
- name: status.icingaapplication.app.node_name
|
|
type: keyword
|
|
description: >
|
|
Node name
|
|
|
|
- name: status.icingaapplication.app.pid
|
|
type: integer
|
|
description: >
|
|
PID
|
|
|
|
- name: status.icingaapplication.app.program_start
|
|
type: integer
|
|
description: >
|
|
Time when Icinga started
|
|
|
|
- name: status.icingaapplication.app.version
|
|
type: keyword
|
|
description: >
|
|
Version
|
|
|
|
- name: status.idomysqlconnection.ido-mysql.connected
|
|
type: boolean
|
|
description: >
|
|
IDO connected
|
|
|
|
- name: status.idomysqlconnection.ido-mysql.instance_name
|
|
type: keyword
|
|
description: >
|
|
IDO Instance name
|
|
|
|
- name: status.idomysqlconnection.ido-mysql.query_queue_items
|
|
type: integer
|
|
description: >
|
|
IDO query items in the queue
|
|
|
|
- name: status.idomysqlconnection.ido-mysql.version
|
|
type: keyword
|
|
description: >
|
|
IDO schema version
|
|
|
|
- name: status.max_execution_time
|
|
type: integer
|
|
description: >
|
|
Max execution time
|
|
|
|
- name: status.max_latency
|
|
type: integer
|
|
description: >
|
|
Max latency
|
|
|
|
- name: status.min_execution_time
|
|
type: integer
|
|
description: >
|
|
Min execution time
|
|
|
|
- name: status.min_latency
|
|
type: integer
|
|
description: >
|
|
Min latency
|
|
|
|
- name: status.notificationcomponent.notification
|
|
type: integer
|
|
description: >
|
|
Notification
|
|
|
|
- name: status.num_hosts_acknowledged
|
|
type: integer
|
|
description: >
|
|
Amount of acknowledged hosts
|
|
|
|
- name: status.num_hosts_down
|
|
type: integer
|
|
description: >
|
|
Amount of down hosts
|
|
|
|
- name: status.num_hosts_flapping
|
|
type: integer
|
|
description: >
|
|
Amount of flapping hosts
|
|
|
|
- name: status.num_hosts_in_downtime
|
|
type: integer
|
|
description: >
|
|
Amount of hosts in downtime
|
|
|
|
- name: status.num_hosts_pending
|
|
type: integer
|
|
description: >
|
|
Amount of pending hosts
|
|
|
|
- name: status.num_hosts_unreachable
|
|
type: integer
|
|
description: >
|
|
Amount of unreachable hosts
|
|
|
|
- name: status.num_hosts_up
|
|
type: integer
|
|
description: >
|
|
Amount of hosts in up state
|
|
|
|
- name: status.num_services_acknowledged
|
|
type: integer
|
|
description: >
|
|
Amount of acknowledged services
|
|
|
|
- name: status.num_services_critical
|
|
type: integer
|
|
description: >
|
|
Amount of critical services
|
|
|
|
- name: status.num_services_flapping
|
|
type: integer
|
|
description: >
|
|
Amount of flapping services
|
|
|
|
- name: status.num_services_in_downtime
|
|
type: integer
|
|
description: >
|
|
Amount of services in downtime
|
|
|
|
- name: status.num_services_ok
|
|
type: integer
|
|
description: >
|
|
Amount of services in ok state
|
|
|
|
- name: status.num_services_pending
|
|
type: integer
|
|
description: >
|
|
Amount of pending services
|
|
|
|
- name: status.num_services_unknown
|
|
type: integer
|
|
description: >
|
|
Amount of unknown services
|
|
|
|
- name: status.num_services_unreachable
|
|
type: integer
|
|
description: >
|
|
Amount of unreachable services
|
|
|
|
- name: status.num_services_warning
|
|
type: integer
|
|
description: >
|
|
Amount of services in warning state
|
|
|
|
- name: status.passive_host_checks
|
|
type: integer
|
|
description: >
|
|
Amount of passive host checks
|
|
|
|
- name: status.passive_host_checks_15min
|
|
type: integer
|
|
description: >
|
|
Amount of passive host checks in the last 15 minutes
|
|
|
|
- name: status.passive_host_checks_1min
|
|
type: integer
|
|
description: >
|
|
Amount of passive host checks in the last minute
|
|
|
|
- name: status.passive_host_checks_5min
|
|
type: integer
|
|
description: >
|
|
Amount of passive host checks in the last 5 minutes
|
|
|
|
- name: status.passive_service_checks
|
|
type: integer
|
|
description: >
|
|
Amount of passive service checks
|
|
|
|
- name: status.passive_service_checks_15min
|
|
type: integer
|
|
description: >
|
|
Amount of passive service checks in the last 15 minutes
|
|
|
|
- name: status.passive_service_checks_1min
|
|
type: integer
|
|
description: >
|
|
Amount of passive service checks in the last minute
|
|
|
|
- name: status.passive_service_checks_5min
|
|
type: integer
|
|
description: >
|
|
Amount of passive service checks in the last 5 minutes
|
|
|
|
- name: status.uptime
|
|
type: integer
|
|
description: >
|
|
Uptime
|