mirror of
https://github.com/Icinga/icingabeat.git
synced 2025-04-08 17:15:05 +02:00
177 lines
2.7 KiB
Plaintext
177 lines
2.7 KiB
Plaintext
|
|
////
|
|
This file is generated! See _meta/fields.yml and scripts/generate_field_docs.py
|
|
////
|
|
|
|
[[exported-fields]]
|
|
= Exported Fields
|
|
|
|
[partintro]
|
|
|
|
--
|
|
This document describes the fields that are exported by Filebeat. They are
|
|
grouped in the following categories:
|
|
|
|
* <<exported-fields-beat>>
|
|
* <<exported-fields-cloud>>
|
|
* <<exported-fields-log>>
|
|
|
|
--
|
|
[[exported-fields-beat]]
|
|
== Beat Fields
|
|
|
|
Contains common beat fields available in all event types.
|
|
|
|
|
|
|
|
[float]
|
|
=== beat.name
|
|
|
|
The name of the Beat sending the log messages. If the Beat name is set in the configuration file, then that value is used. If it is not set, the hostname is used. To set the Beat name, use the `name` option in the configuration file.
|
|
|
|
|
|
[float]
|
|
=== beat.hostname
|
|
|
|
The hostname as returned by the operating system on which the Beat is running.
|
|
|
|
|
|
[float]
|
|
=== beat.version
|
|
|
|
The version of the beat that generated this event.
|
|
|
|
|
|
[float]
|
|
=== @timestamp
|
|
|
|
type: date
|
|
|
|
example: August 26th 2016, 12:35:53.332
|
|
|
|
format: date
|
|
|
|
required: True
|
|
|
|
The timestamp when the event log record was generated.
|
|
|
|
|
|
[float]
|
|
=== tags
|
|
|
|
Arbitrary tags that can be set per Beat and per transaction type.
|
|
|
|
|
|
[float]
|
|
=== fields
|
|
|
|
type: dict
|
|
|
|
Contains user configurable fields.
|
|
|
|
|
|
[[exported-fields-cloud]]
|
|
== Cloud Provider Metadata Fields
|
|
|
|
Metadata from cloud providers added by the add_cloud_metadata processor.
|
|
|
|
|
|
|
|
[float]
|
|
=== meta.cloud.provider
|
|
|
|
example: ec2
|
|
|
|
Name of the cloud provider. Possible values are ec2, gce, or digitalocean.
|
|
|
|
|
|
[float]
|
|
=== meta.cloud.instance_id
|
|
|
|
Instance ID of the host machine.
|
|
|
|
|
|
[float]
|
|
=== meta.cloud.machine_type
|
|
|
|
example: t2.medium
|
|
|
|
Machine type of the host machine.
|
|
|
|
|
|
[float]
|
|
=== meta.cloud.availability_zone
|
|
|
|
example: us-east-1c
|
|
|
|
Availability zone in which this host is running.
|
|
|
|
|
|
[float]
|
|
=== meta.cloud.project_id
|
|
|
|
example: project-x
|
|
|
|
Name of the project in Google Cloud.
|
|
|
|
|
|
[float]
|
|
=== meta.cloud.region
|
|
|
|
Region in which this host is running.
|
|
|
|
|
|
[[exported-fields-log]]
|
|
== Log File Content Fields
|
|
|
|
Contains log file lines.
|
|
|
|
|
|
|
|
[float]
|
|
=== source
|
|
|
|
type: keyword
|
|
|
|
required: True
|
|
|
|
The file from which the line was read. This field contains the full path to the file. For example: `/var/log/system.log`.
|
|
|
|
|
|
[float]
|
|
=== offset
|
|
|
|
type: long
|
|
|
|
required: False
|
|
|
|
The file offset the reported line starts at.
|
|
|
|
|
|
[float]
|
|
=== message
|
|
|
|
type: text
|
|
|
|
required: True
|
|
|
|
The content of the line read from the log file.
|
|
|
|
|
|
[float]
|
|
=== type
|
|
|
|
required: True
|
|
|
|
The name of the log event. This field is set to the value specified for the `document_type` option in the prospector section of the Filebeat config file.
|
|
|
|
|
|
[float]
|
|
=== input_type
|
|
|
|
required: True
|
|
|
|
The input type from which the event was generated. This field is set to the value specified for the `input_type` option in the prospector section of the Filebeat config file.
|
|
|
|
|