Apache2 Filebeat module (#3256)

Contains:
 * access logs fileset, with with_plugins and no_plugins versions
 * error logs fileset
 * Kibana dashboards

filebeat/docs/fields.asciidoc

@@ -12,6 +12,7 @@ This file is generated! See _meta/fields.yml and scripts/generate_field_docs.py
 This document describes the fields that are exported by Filebeat. They are
 grouped in the following categories:
 
+* <<exported-fields-apache2>>
 * <<exported-fields-beat>>
 * <<exported-fields-cloud>>
 * <<exported-fields-log>>
@@ -20,6 +21,270 @@ grouped in the following categories:
 * <<exported-fields-syslog>>
 
 --
+[[exported-fields-apache2]]
+== Apache2 Fields
+
+Apache2 Module
+
+
+
+[float]
+== apache2 Fields
+
+Apache2 fields.
+
+
+
+[float]
+== access Fields
+
+Contains fields for the Apache2 HTTPD access logs.
+
+
+
+[float]
+=== apache2.access.remote_ip
+
+type: keyword
+
+Client IP address.
+
+
+[float]
+=== apache2.access.user_name
+
+type: keyword
+
+The user name used when basic authentication is used.
+
+
+[float]
+=== apache2.access.method
+
+type: keyword
+
+example: GET
+
+The request HTTP method.
+
+
+[float]
+=== apache2.access.url
+
+type: keyword
+
+The request HTTP URL.
+
+
+[float]
+=== apache2.access.http_version
+
+type: keyword
+
+The HTTP version.
+
+
+[float]
+=== apache2.access.response_code
+
+type: long
+
+The HTTP response code.
+
+
+[float]
+=== apache2.access.body_sent.bytes
+
+type: long
+
+format: bytes
+
+The number of bytes of the server response body.
+
+
+[float]
+=== apache2.access.referrer
+
+type: keyword
+
+The HTTP referrer.
+
+
+[float]
+=== apache2.access.agent
+
+type: text
+
+Contains the un-parsed user agent string. Only present if the user agent Elasticsearch plugin is not available or not used.
+
+
+[float]
+== user_agent Fields
+
+Contains the parsed User agent field. Only present if the user agent Elasticsearch plugin is available and used.
+
+
+
+[float]
+=== apache2.access.user_agent.device
+
+type: keyword
+
+The name of the physical device.
+
+
+[float]
+=== apache2.access.user_agent.major
+
+type: long
+
+The major version of the user agent.
+
+
+[float]
+=== apache2.access.user_agent.minor
+
+type: long
+
+The minor version of the user agent.
+
+
+[float]
+=== apache2.access.user_agent.patch
+
+type: long
+
+The patch version of the user agent.
+
+
+[float]
+=== apache2.access.user_agent.name
+
+type: keyword
+
+example: Chrome
+
+The name of the user agent.
+
+
+[float]
+=== apache2.access.user_agent.os
+
+type: keyword
+
+The name of the operating system.
+
+
+[float]
+=== apache2.access.user_agent.os_major
+
+type: long
+
+The major version of the operating system.
+
+
+[float]
+=== apache2.access.user_agent.os_minor
+
+type: long
+
+The minor version of the operating system.
+
+
+[float]
+=== apache2.access.user_agent.os_name
+
+type: keyword
+
+The name of the operating system.
+
+
+[float]
+== geoip Fields
+
+Contains GeoIP information gathered based on the remote_ip field. Only present if the GeoIP Elasticsearch plugin is available and used.
+
+
+
+[float]
+=== apache2.access.geoip.continent_name
+
+type: keyword
+
+The name of the continent.
+
+
+[float]
+=== apache2.access.geoip.country_iso_code
+
+type: keyword
+
+Country ISO code.
+
+
+[float]
+=== apache2.access.geoip.location
+
+type: geo_point
+
+The longitude and latitude.
+
+
+[float]
+== error Fields
+
+Fields from the Apache error logs.
+
+
+
+[float]
+=== apache2.error.level
+
+type: keyword
+
+The severity level of the message.
+
+
+[float]
+=== apache2.error.client
+
+type: keyword
+
+The IP address of the client that generated the error.
+
+
+[float]
+=== apache2.error.message
+
+type: text
+
+The logged message.
+
+
+[float]
+=== apache2.error.pid
+
+type: long
+
+The process ID.
+
+
+[float]
+=== apache2.error.tid
+
+type: long
+
+The thread ID.
+
+
+[float]
+=== apache2.error.module
+
+type: keyword
+
+The module producing the logged message.
+
+
 [[exported-fields-beat]]
 == Beat Fields