From 8d3b8a5e7a7ff7ed87fbd2dc91d3f7ff0e998428 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Mon, 3 Mar 2025 11:40:05 -0600 Subject: [PATCH 01/14] Fix Logs formatting issues --- solutions/observability/logs/add-service-name-to-logs.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/solutions/observability/logs/add-service-name-to-logs.md b/solutions/observability/logs/add-service-name-to-logs.md index 3e78fdf6b3..b5c56b3c04 100644 --- a/solutions/observability/logs/add-service-name-to-logs.md +++ b/solutions/observability/logs/add-service-name-to-logs.md @@ -2,6 +2,9 @@ mapped_urls: - https://www.elastic.co/guide/en/observability/current/add-logs-service-name.html - https://www.elastic.co/guide/en/serverless/current/observability-add-logs-service-name.html +applies_to: + stack: all + serverless: all --- # Add a service name to logs [observability-add-logs-service-name] From a373aa0bcf07e9bb3934faac61643cb97beff410 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Mon, 3 Mar 2025 11:54:09 -0600 Subject: [PATCH 02/14] fix service name formatting --- .../observability/logs/add-service-name-to-logs.md | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/solutions/observability/logs/add-service-name-to-logs.md b/solutions/observability/logs/add-service-name-to-logs.md index b5c56b3c04..7281157a03 100644 --- a/solutions/observability/logs/add-service-name-to-logs.md +++ b/solutions/observability/logs/add-service-name-to-logs.md @@ -45,7 +45,7 @@ For more on defining processors, refer to [define processors](asciidocalypse://d For logs that with an existing field being used to represent the service name, map that field to the `service.name` field using the [alias field type](asciidocalypse://docs/elasticsearch/docs/reference/elasticsearch/mapping-reference/field-alias.md). Follow these steps to update your mapping: -1. find **Stack Management** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). +1. Find **Stack Management** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). 2. Select **Index Templates**. 3. Search for the index template you want to update. 4. From the **Actions** menu for that template, select **edit**. @@ -61,13 +61,5 @@ For more ways to add a field to your mapping, refer to [add a field to an existi The {{stack}} provides additional ways to process your data: -* **https://www.elastic.co/guide/en/elasticsearch/reference/current/ingest.html[Ingest pipelines]:** convert data to ECS, normalize field data, or enrich incoming data. -* **https://www.elastic.co/guide/en/logstash/current/introduction.html[Logstash]:** enrich your data using input, output, and filter plugins. - - -% What needs to be done: Align serverless/stateful - -% Use migrated content from existing pages that map to this page: - -% - [ ] ./raw-migrated-files/observability-docs/observability/add-logs-service-name.md -% - [ ] ./raw-migrated-files/docs-content/serverless/observability-add-logs-service-name.md \ No newline at end of file +* **[Ingest pipeline](../../manage-data/ingest/transform-enrich/ingest-pipelines.md):** convert data to ECS, normalize field data, or enrich incoming data. +* **[Logstash]{{logstash-ref}}:** enrich your data using input, output, and filter plugins. \ No newline at end of file From 1ef2b6e048be1d25e2f0a8d0d0828a86396b5db9 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Mon, 3 Mar 2025 13:25:28 -0600 Subject: [PATCH 03/14] fix links --- solutions/observability/logs/add-service-name-to-logs.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/solutions/observability/logs/add-service-name-to-logs.md b/solutions/observability/logs/add-service-name-to-logs.md index 7281157a03..a7df584c9a 100644 --- a/solutions/observability/logs/add-service-name-to-logs.md +++ b/solutions/observability/logs/add-service-name-to-logs.md @@ -61,5 +61,5 @@ For more ways to add a field to your mapping, refer to [add a field to an existi The {{stack}} provides additional ways to process your data: -* **[Ingest pipeline](../../manage-data/ingest/transform-enrich/ingest-pipelines.md):** convert data to ECS, normalize field data, or enrich incoming data. -* **[Logstash]{{logstash-ref}}:** enrich your data using input, output, and filter plugins. \ No newline at end of file +* **[Ingest pipeline](../../../manage-data/ingest/transform-enrich/ingest-pipelines.md):** convert data to ECS, normalize field data, or enrich incoming data. +* **[Logstash]({{logstash-ref}}):** enrich your data using input, output, and filter plugins. \ No newline at end of file From 79d020a6c9070c703fa3bf096b467083012a5da5 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Mon, 3 Mar 2025 13:29:54 -0600 Subject: [PATCH 04/14] fix links --- solutions/observability/logs/add-service-name-to-logs.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/solutions/observability/logs/add-service-name-to-logs.md b/solutions/observability/logs/add-service-name-to-logs.md index a7df584c9a..81791ed5d6 100644 --- a/solutions/observability/logs/add-service-name-to-logs.md +++ b/solutions/observability/logs/add-service-name-to-logs.md @@ -61,5 +61,5 @@ For more ways to add a field to your mapping, refer to [add a field to an existi The {{stack}} provides additional ways to process your data: -* **[Ingest pipeline](../../../manage-data/ingest/transform-enrich/ingest-pipelines.md):** convert data to ECS, normalize field data, or enrich incoming data. -* **[Logstash]({{logstash-ref}}):** enrich your data using input, output, and filter plugins. \ No newline at end of file +* **[Ingest pipelines](../../../manage-data/ingest/transform-enrich/ingest-pipelines.md):** convert data to ECS, normalize field data, or enrich incoming data. +* **[Logstash](https://www.elastic.co/guide/en/logstash/current):** enrich your data using input, output, and filter plugins. \ No newline at end of file From 474af65afe855d52dcd6f6e1ed5a67d1ada33b53 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Mon, 3 Mar 2025 16:12:36 -0600 Subject: [PATCH 05/14] fix dropdown title --- solutions/observability/apps/api-keys.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solutions/observability/apps/api-keys.md b/solutions/observability/apps/api-keys.md index b0b18da13f..83951bfdca 100644 --- a/solutions/observability/apps/api-keys.md +++ b/solutions/observability/apps/api-keys.md @@ -146,7 +146,7 @@ APM Server provides a command line interface for creating, retrieving, invalidat The user requesting to create an API Key needs to have APM privileges used by the APM Server. A superuser, by default, has these privileges. - ::::{dropdown} **Expand for more information on assigning these privileges to other users** + ::::{dropdown} Expand for more information on assigning these privileges to other users To create an APM Server user with the required privileges for creating and managing API keys: 1. Create an **API key role**, called something like `apm_api_key`, that has the following `cluster` level privileges: From 578ff7f48ee21abc8e6094def9ef15ba8f38cc65 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Tue, 4 Mar 2025 11:34:19 -0600 Subject: [PATCH 06/14] update sys logs --- .../observability/logs/get-started-with-system-logs.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/solutions/observability/logs/get-started-with-system-logs.md b/solutions/observability/logs/get-started-with-system-logs.md index 8257f39436..13475cf5f8 100644 --- a/solutions/observability/logs/get-started-with-system-logs.md +++ b/solutions/observability/logs/get-started-with-system-logs.md @@ -5,10 +5,9 @@ mapped_pages: # Get started with system logs [observability-get-started-with-logs] -::::{admonition} Required role -:class: note +::::{note} -The **Admin** role or higher is required to onboard log data. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/manage-users.md#general-assign-user-roles). +**For Observability Serverless projects**, the **Admin** role or higher is required to onboard log data. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/manage-users.md#general-assign-user-roles). :::: @@ -17,8 +16,8 @@ In this guide you’ll learn how to onboard system log data from a machine or se To onboard system log data: -1. [Create a new {{obs-serverless}} project](../get-started/create-an-observability-project.md), or open an existing one. -2. In your {{obs-serverless}} project, go to **Add data**. +1. Open an [{{obs-serverless}} project](../get-started/create-an-observability-project.md) or Elastic Stack deployment. +2. From the Observability UI, go to **Add data**. 3. Under **What do you want to monitor?**, select **Host** → **Elastic Agent: Logs & Metrics**. 4. Follow the in-product steps to auto-detect your logs and install and configure the {{agent}}. From 1e0cd6dbb0d13cc1d0f5bd4fd96f9ad20c604183 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Tue, 4 Mar 2025 11:36:22 -0600 Subject: [PATCH 07/14] remove tail logs --- solutions/observability/logs/logs-stream.md | 66 --------------------- solutions/toc.yml | 1 - 2 files changed, 67 deletions(-) delete mode 100644 solutions/observability/logs/logs-stream.md diff --git a/solutions/observability/logs/logs-stream.md b/solutions/observability/logs/logs-stream.md deleted file mode 100644 index 8e88982b41..0000000000 --- a/solutions/observability/logs/logs-stream.md +++ /dev/null @@ -1,66 +0,0 @@ ---- -mapped_pages: - - https://www.elastic.co/guide/en/observability/current/tail-logs.html ---- - -# Logs Stream [tail-logs] - -::::{admonition} There’s a new, better way to explore your logs! -The Logs Stream app and dashboard panel are deactivated by default. We recommend viewing and inspecting your logs with [Logs Explorer](logs-explorer.md) as it provides more features, better performance, and more intuitive navigation. - -To activate the Logs Stream app, refer to [Activate Logs Stream](#activate-logs-stream). - -:::: - - -Within the {{logs-app}}, the **Stream** page enables you to monitor all of the log events flowing in from your servers, virtual machines, and containers in a centralized view. You can consider this as a `tail -f` in your browser, along with the power of search. - -Click **Stream Live** to view a continuous flow of log messages in real time, or click **Stop streaming** to view historical logs from a specified time range. - - -## Activate Logs Stream [activate-logs-stream] - -Because [Logs Explorer](logs-explorer.md) is replacing Logs Stream, Logs Stream and the Logs Stream dashboard panel are disabled by default. To activate Logs Stream and the Logs Stream dashboard panel complete the following steps: - -1. To open **Advanced Settings**, find **Stack Management** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). -2. In **Advanced Settings**, enter *Logs Stream* in the search bar. -3. Turn on **Logs Stream**. - -After saving your settings, you’ll see Logs Stream in the Observability navigation, and the Logs Stream dashboard panel will be available. - - -## Filter logs [filter-logs] - -To help you get started with your analysis faster and extract fields from your logs, use the search bar to create structured queries using [{{kib}} Query Language](../../../explore-analyze/query-filter/languages/kql.md). For example, enter `host.hostname : "host1"` to see only the information for `host1`. - -Additionally, click **Highlights** and enter a term you would like to locate within the log events. The Logs histogram, located to the right, highlights the number of discovered terms and when the log event was ingested. This helps you quickly jump between potential areas of interest in large amounts of logs, or from a high level, view when a large number of events occurred. - - -## Inspect log event details [inspect-log-event] - -When you have searched and filtered your logs for a specific log event, you may want to examine the metadata and the structured fields associated with that event. To view the **Log event document details** fly-out, hover over the log event, click **View actions for line**, and then select **View details**. To further enhance the workflow of monitoring logs, the icons next to each field value enable you to filter the logs per that value. - -:::{image} ../../../images/observability-log-event-details.png -:alt: Log event details -:class: screenshot -::: - - -## View contextual logs [view-contextual-logs] - -Once your logs are filtered, and you find an interesting log line, the real context you are looking for is what happened before and after that log line within that data source. For example, you are running containerized applications on a Kubernetes cluster, you filter the logs for the term `error`, and you find an interesting error log line. The context you want is what happened before and after the error line within the logs of this container and application. - -Hover over the log event, click **View actions for line**, and then select **View in context**. The context is preserved and helps you find the root cause as soon as possible. - -:::{image} ../../../images/observability-contextual-logs.png -:alt: Contextual log event -:class: screenshot -::: - - -## Integrate with Uptime and APM [uptime-apm-integration] - -To see other actions related to a log event, click **Actions** in the **Log event document details** fly-out. Depending on the event and the features you have configured, you can: - -* Select **View status in Uptime** to [view related uptime information](../apps/view-monitor-status.md) in the {{uptime-app}}. -* Select **View in APM** to [view corresponding APM traces](../apps/traces-2.md) in the Applications UI. diff --git a/solutions/toc.yml b/solutions/toc.yml index e76f5be4c3..a05d779327 100644 --- a/solutions/toc.yml +++ b/solutions/toc.yml @@ -320,7 +320,6 @@ toc: - file: observability/logs/categorize-log-entries.md - file: observability/logs/inspect-log-anomalies.md - file: observability/logs/configure-data-sources.md - - file: observability/logs/logs-stream.md - file: observability/logs/run-pattern-analysis-on-log-data.md - file: observability/logs/add-service-name-to-logs.md - file: observability/logs/logs-index-template-reference.md From 9d1e57428d28390f28462cc05789a9014c310535 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Tue, 4 Mar 2025 12:35:50 -0600 Subject: [PATCH 08/14] fix link --- solutions/observability/logs/logs-stream.md | 66 +++++++++++++++++++++ solutions/toc.yml | 1 + 2 files changed, 67 insertions(+) create mode 100644 solutions/observability/logs/logs-stream.md diff --git a/solutions/observability/logs/logs-stream.md b/solutions/observability/logs/logs-stream.md new file mode 100644 index 0000000000..8e88982b41 --- /dev/null +++ b/solutions/observability/logs/logs-stream.md @@ -0,0 +1,66 @@ +--- +mapped_pages: + - https://www.elastic.co/guide/en/observability/current/tail-logs.html +--- + +# Logs Stream [tail-logs] + +::::{admonition} There’s a new, better way to explore your logs! +The Logs Stream app and dashboard panel are deactivated by default. We recommend viewing and inspecting your logs with [Logs Explorer](logs-explorer.md) as it provides more features, better performance, and more intuitive navigation. + +To activate the Logs Stream app, refer to [Activate Logs Stream](#activate-logs-stream). + +:::: + + +Within the {{logs-app}}, the **Stream** page enables you to monitor all of the log events flowing in from your servers, virtual machines, and containers in a centralized view. You can consider this as a `tail -f` in your browser, along with the power of search. + +Click **Stream Live** to view a continuous flow of log messages in real time, or click **Stop streaming** to view historical logs from a specified time range. + + +## Activate Logs Stream [activate-logs-stream] + +Because [Logs Explorer](logs-explorer.md) is replacing Logs Stream, Logs Stream and the Logs Stream dashboard panel are disabled by default. To activate Logs Stream and the Logs Stream dashboard panel complete the following steps: + +1. To open **Advanced Settings**, find **Stack Management** in the main menu or use the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md). +2. In **Advanced Settings**, enter *Logs Stream* in the search bar. +3. Turn on **Logs Stream**. + +After saving your settings, you’ll see Logs Stream in the Observability navigation, and the Logs Stream dashboard panel will be available. + + +## Filter logs [filter-logs] + +To help you get started with your analysis faster and extract fields from your logs, use the search bar to create structured queries using [{{kib}} Query Language](../../../explore-analyze/query-filter/languages/kql.md). For example, enter `host.hostname : "host1"` to see only the information for `host1`. + +Additionally, click **Highlights** and enter a term you would like to locate within the log events. The Logs histogram, located to the right, highlights the number of discovered terms and when the log event was ingested. This helps you quickly jump between potential areas of interest in large amounts of logs, or from a high level, view when a large number of events occurred. + + +## Inspect log event details [inspect-log-event] + +When you have searched and filtered your logs for a specific log event, you may want to examine the metadata and the structured fields associated with that event. To view the **Log event document details** fly-out, hover over the log event, click **View actions for line**, and then select **View details**. To further enhance the workflow of monitoring logs, the icons next to each field value enable you to filter the logs per that value. + +:::{image} ../../../images/observability-log-event-details.png +:alt: Log event details +:class: screenshot +::: + + +## View contextual logs [view-contextual-logs] + +Once your logs are filtered, and you find an interesting log line, the real context you are looking for is what happened before and after that log line within that data source. For example, you are running containerized applications on a Kubernetes cluster, you filter the logs for the term `error`, and you find an interesting error log line. The context you want is what happened before and after the error line within the logs of this container and application. + +Hover over the log event, click **View actions for line**, and then select **View in context**. The context is preserved and helps you find the root cause as soon as possible. + +:::{image} ../../../images/observability-contextual-logs.png +:alt: Contextual log event +:class: screenshot +::: + + +## Integrate with Uptime and APM [uptime-apm-integration] + +To see other actions related to a log event, click **Actions** in the **Log event document details** fly-out. Depending on the event and the features you have configured, you can: + +* Select **View status in Uptime** to [view related uptime information](../apps/view-monitor-status.md) in the {{uptime-app}}. +* Select **View in APM** to [view corresponding APM traces](../apps/traces-2.md) in the Applications UI. diff --git a/solutions/toc.yml b/solutions/toc.yml index a05d779327..e76f5be4c3 100644 --- a/solutions/toc.yml +++ b/solutions/toc.yml @@ -320,6 +320,7 @@ toc: - file: observability/logs/categorize-log-entries.md - file: observability/logs/inspect-log-anomalies.md - file: observability/logs/configure-data-sources.md + - file: observability/logs/logs-stream.md - file: observability/logs/run-pattern-analysis-on-log-data.md - file: observability/logs/add-service-name-to-logs.md - file: observability/logs/logs-index-template-reference.md From 63549fced07c6a01664a3a0158a28b4fafaf9238 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Tue, 4 Mar 2025 15:01:36 -0600 Subject: [PATCH 09/14] add applies tags --- solutions/observability/logs/apm-agent-log-sending.md | 3 +++ solutions/observability/logs/categorize-log-entries.md | 2 ++ solutions/observability/logs/configure-data-sources.md | 5 ++++- .../observability/logs/ecs-formatted-application-logs.md | 3 +++ solutions/observability/logs/explore-logs.md | 2 +- solutions/observability/logs/filter-aggregate-logs.md | 6 ++++-- .../observability/logs/get-started-with-system-logs.md | 3 +++ solutions/observability/logs/inspect-log-anomalies.md | 2 ++ solutions/observability/logs/logs-explorer.md | 3 +++ .../observability/logs/logs-index-template-reference.md | 3 +++ solutions/observability/logs/logs-stream.md | 4 +++- solutions/observability/logs/parse-route-logs.md | 6 ++++-- solutions/observability/logs/plaintext-application-logs.md | 3 +++ .../observability/logs/run-pattern-analysis-on-log-data.md | 2 ++ solutions/observability/logs/stream-any-log-file.md | 3 +++ solutions/observability/logs/stream-application-logs.md | 3 +++ 16 files changed, 46 insertions(+), 7 deletions(-) diff --git a/solutions/observability/logs/apm-agent-log-sending.md b/solutions/observability/logs/apm-agent-log-sending.md index cdf1af4862..21c0e80910 100644 --- a/solutions/observability/logs/apm-agent-log-sending.md +++ b/solutions/observability/logs/apm-agent-log-sending.md @@ -2,6 +2,9 @@ mapped_urls: - https://www.elastic.co/guide/en/observability/current/logs-send-application.html - https://www.elastic.co/guide/en/serverless/current/observability-send-application-logs.html +applies_to: + stack: all + serverless: all --- # APM agent log sending [observability-send-application-logs] diff --git a/solutions/observability/logs/categorize-log-entries.md b/solutions/observability/logs/categorize-log-entries.md index 343cd2539f..1c706421a8 100644 --- a/solutions/observability/logs/categorize-log-entries.md +++ b/solutions/observability/logs/categorize-log-entries.md @@ -1,6 +1,8 @@ --- mapped_pages: - https://www.elastic.co/guide/en/observability/current/categorize-logs.html +applies_to: + stack: all --- # Categorize log entries [categorize-logs] diff --git a/solutions/observability/logs/configure-data-sources.md b/solutions/observability/logs/configure-data-sources.md index f56f6c20ce..c7d3a609c3 100644 --- a/solutions/observability/logs/configure-data-sources.md +++ b/solutions/observability/logs/configure-data-sources.md @@ -5,7 +5,10 @@ mapped_pages: # Configure data sources [configure-data-sources] -::::{admonition} There’s a new, better way to explore your logs! +::::{Note} + +**There’s a new, better way to explore your logs!** + These settings only apply to the Logs Stream app. The Logs Stream app and dashboard panel are deactivated by default. We recommend viewing and inspecting your logs with [Logs Explorer](logs-explorer.md) as it provides more features, better performance, and more intuitive navigation. To activate the Logs Stream app, refer to [Activate Logs Stream](logs-stream.md#activate-logs-stream). diff --git a/solutions/observability/logs/ecs-formatted-application-logs.md b/solutions/observability/logs/ecs-formatted-application-logs.md index 1c641fc046..314b73dfd1 100644 --- a/solutions/observability/logs/ecs-formatted-application-logs.md +++ b/solutions/observability/logs/ecs-formatted-application-logs.md @@ -2,6 +2,9 @@ mapped_urls: - https://www.elastic.co/guide/en/observability/current/logs-ecs-application.html - https://www.elastic.co/guide/en/serverless/current/observability-ecs-application-logs.html +applies_to: + stack: all + serverless: all --- # ECS formatted application logs [logs-ecs-application] diff --git a/solutions/observability/logs/explore-logs.md b/solutions/observability/logs/explore-logs.md index 0cc069b6b0..1bd1833852 100644 --- a/solutions/observability/logs/explore-logs.md +++ b/solutions/observability/logs/explore-logs.md @@ -11,7 +11,7 @@ Logs Explorer allows you to quickly search and filter your log data, get informa Logs Explorer also provides {{ml}} to detect specific [log anomalies](inspect-log-anomalies.md) automatically and [categorize log messages](categorize-log-entries.md) to quickly identify patterns in your log events. -To view Logs Explorer, find `Logs Explorer` in the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md)) +To view Logs Explorer, find **Logs Explorer** in the [global search field](/explore-analyze/find-and-organize/find-apps-and-objects.md)) diff --git a/solutions/observability/logs/filter-aggregate-logs.md b/solutions/observability/logs/filter-aggregate-logs.md index 86b3eb4fd4..efd72947ac 100644 --- a/solutions/observability/logs/filter-aggregate-logs.md +++ b/solutions/observability/logs/filter-aggregate-logs.md @@ -2,6 +2,9 @@ mapped_urls: - https://www.elastic.co/guide/en/observability/current/logs-filter-and-aggregate.html - https://www.elastic.co/guide/en/serverless/current/observability-filter-and-aggregate-logs.html +applies_to: + stack: all + serverless: all --- # Filter and aggregate logs [observability-filter-and-aggregate-logs] @@ -16,8 +19,7 @@ This guide shows you how to: ## Before you get started [logs-filter-and-aggregate-prereq] -::::{admonition} Required role -:class: note +::::{note} **For Observability serverless projects**, the **Admin** role or higher is required to create ingest pipelines and set the index template. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/logs/get-started-with-system-logs.md b/solutions/observability/logs/get-started-with-system-logs.md index 13475cf5f8..4589fa30ec 100644 --- a/solutions/observability/logs/get-started-with-system-logs.md +++ b/solutions/observability/logs/get-started-with-system-logs.md @@ -1,6 +1,9 @@ --- mapped_pages: - https://www.elastic.co/guide/en/serverless/current/observability-get-started-with-logs.html +applies_to: + stack: all + serverless: all --- # Get started with system logs [observability-get-started-with-logs] diff --git a/solutions/observability/logs/inspect-log-anomalies.md b/solutions/observability/logs/inspect-log-anomalies.md index ff6eccf8c5..d04ca76b49 100644 --- a/solutions/observability/logs/inspect-log-anomalies.md +++ b/solutions/observability/logs/inspect-log-anomalies.md @@ -1,6 +1,8 @@ --- mapped_pages: - https://www.elastic.co/guide/en/observability/current/inspect-log-anomalies.html +applies_to: + stack: all --- # Inspect log anomalies [inspect-log-anomalies] diff --git a/solutions/observability/logs/logs-explorer.md b/solutions/observability/logs/logs-explorer.md index c0b4a74068..196a8c3550 100644 --- a/solutions/observability/logs/logs-explorer.md +++ b/solutions/observability/logs/logs-explorer.md @@ -2,6 +2,9 @@ mapped_urls: - https://www.elastic.co/guide/en/observability/current/explore-logs.html - https://www.elastic.co/guide/en/serverless/current/observability-discover-and-explore-logs.html +applies_to: + stack: all + serverless: all --- # Logs Explorer [explore-logs] diff --git a/solutions/observability/logs/logs-index-template-reference.md b/solutions/observability/logs/logs-index-template-reference.md index c61bd555f9..607964cb12 100644 --- a/solutions/observability/logs/logs-index-template-reference.md +++ b/solutions/observability/logs/logs-index-template-reference.md @@ -1,6 +1,9 @@ --- mapped_pages: - https://www.elastic.co/guide/en/observability/current/logs-index-template.html +applies_to: + stack: all + serverless: all --- # Logs index template reference [logs-index-template] diff --git a/solutions/observability/logs/logs-stream.md b/solutions/observability/logs/logs-stream.md index 8e88982b41..79ab250bab 100644 --- a/solutions/observability/logs/logs-stream.md +++ b/solutions/observability/logs/logs-stream.md @@ -5,7 +5,9 @@ mapped_pages: # Logs Stream [tail-logs] -::::{admonition} There’s a new, better way to explore your logs! +::::{note} +**There’s a new, better way to explore your logs!** + The Logs Stream app and dashboard panel are deactivated by default. We recommend viewing and inspecting your logs with [Logs Explorer](logs-explorer.md) as it provides more features, better performance, and more intuitive navigation. To activate the Logs Stream app, refer to [Activate Logs Stream](#activate-logs-stream). diff --git a/solutions/observability/logs/parse-route-logs.md b/solutions/observability/logs/parse-route-logs.md index 9aa248b8e3..d3e3236784 100644 --- a/solutions/observability/logs/parse-route-logs.md +++ b/solutions/observability/logs/parse-route-logs.md @@ -2,12 +2,14 @@ mapped_urls: - https://www.elastic.co/guide/en/observability/current/logs-parse.html - https://www.elastic.co/guide/en/serverless/current/observability-parse-log-data.html +applies_to: + stack: all + serverless: all --- # Parse and route logs [observability-parse-log-data] -::::{admonition} Required role -:class: note +::::{note} **For Observability serverless projects**, the **Admin** role or higher is required to create ingest pipelines that parse and route logs. To learn more, refer to [Assign user roles and privileges](../../../deploy-manage/users-roles/cloud-organization/user-roles.md#general-assign-user-roles). diff --git a/solutions/observability/logs/plaintext-application-logs.md b/solutions/observability/logs/plaintext-application-logs.md index 1a1e1321ea..7a41205593 100644 --- a/solutions/observability/logs/plaintext-application-logs.md +++ b/solutions/observability/logs/plaintext-application-logs.md @@ -2,6 +2,9 @@ mapped_urls: - https://www.elastic.co/guide/en/observability/current/logs-plaintext.html - https://www.elastic.co/guide/en/serverless/current/observability-plaintext-application-logs.html +applies_to: + stack: all + serverless: all --- # Plaintext application logs [logs-plaintext] diff --git a/solutions/observability/logs/run-pattern-analysis-on-log-data.md b/solutions/observability/logs/run-pattern-analysis-on-log-data.md index b375b1f3a7..e9ec125c35 100644 --- a/solutions/observability/logs/run-pattern-analysis-on-log-data.md +++ b/solutions/observability/logs/run-pattern-analysis-on-log-data.md @@ -1,6 +1,8 @@ --- mapped_pages: - https://www.elastic.co/guide/en/serverless/current/observability-run-log-pattern-analysis.html +applies_to: + stack: all --- # Run a pattern analysis on log data [observability-run-log-pattern-analysis] diff --git a/solutions/observability/logs/stream-any-log-file.md b/solutions/observability/logs/stream-any-log-file.md index 0e59890c02..e3fa9dc05b 100644 --- a/solutions/observability/logs/stream-any-log-file.md +++ b/solutions/observability/logs/stream-any-log-file.md @@ -2,6 +2,9 @@ mapped_urls: - https://www.elastic.co/guide/en/observability/current/logs-stream.html - https://www.elastic.co/guide/en/serverless/current/observability-stream-log-files.html +applies_to: + stack: all + serverless: all --- # Stream any log file [logs-stream] diff --git a/solutions/observability/logs/stream-application-logs.md b/solutions/observability/logs/stream-application-logs.md index 0a5e3c7a15..d8fa39055c 100644 --- a/solutions/observability/logs/stream-application-logs.md +++ b/solutions/observability/logs/stream-application-logs.md @@ -2,6 +2,9 @@ mapped_urls: - https://www.elastic.co/guide/en/observability/current/application-logs.html - https://www.elastic.co/guide/en/serverless/current/observability-correlate-application-logs.html +applies_to: + stack: all + serverless: all --- # Stream application logs [observability-correlate-application-logs] From 33832ee4c9b9edbf57f5df642b2c25cc8ed2e644 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Tue, 4 Mar 2025 15:46:22 -0600 Subject: [PATCH 10/14] fix download tabs --- .../observability/logs/stream-any-log-file.md | 56 +++++++++++++++++-- 1 file changed, 50 insertions(+), 6 deletions(-) diff --git a/solutions/observability/logs/stream-any-log-file.md b/solutions/observability/logs/stream-any-log-file.md index e3fa9dc05b..5d25fa1622 100644 --- a/solutions/observability/logs/stream-any-log-file.md +++ b/solutions/observability/logs/stream-any-log-file.md @@ -63,23 +63,67 @@ On your host, download and extract the installation package that corresponds wit :::::::{tab-set} ::::::{tab-item} macOS -Version 9.0.0-beta1 of {{agent}} has not yet been released. + +```shell + +curl -L -O https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-{{version}}-darwin-x86_64.tar.gz +tar xzvf elastic-agent-{{version}}-darwin-x86_64.tar.gz + +``` :::::: ::::::{tab-item} Linux -Version 9.0.0-beta1 of {{agent}} has not yet been released. + +```shell + +curl -L -O https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-{{version}}-linux-x86_64.tar.gz +tar xzvf elastic-agent-{{version}}-linux-x86_64.tar.gz + +``` + :::::: ::::::{tab-item} Windows -Version 9.0.0-beta1 of {{agent}} has not yet been released. + +```powershell + +# PowerShell 5.0+ +wget https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-{{version}}-windows-x86_64.zip -OutFile elastic-agent-{{version}}-windows-x86_64.zip +Expand-Archive .\elastic-agent-{version}-windows-x86_64.zip + +``` + + :::::: ::::::{tab-item} DEB -Version 9.0.0-beta1 of {{agent}} has not yet been released. + +:::tip +To simplify upgrading to future versions of Elastic Agent, we recommended that you use the tarball distribution instead of the RPM distribution. +You can install Elastic Agent in an unprivileged mode that does not require root privileges. +::: + +```shell + +curl -L -O https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-{{version}}-amd64.deb +sudo dpkg -i elastic-agent-{{version}}-amd64.deb + +``` :::::: ::::::{tab-item} RPM -Version 9.0.0-beta1 of {{agent}} has not yet been released. + +:::tip +To simplify upgrading to future versions of Elastic Agent, we recommended that you use the tarball distribution instead of the RPM distribution. +You can install Elastic Agent in an unprivileged mode that does not require root privileges. +::: + +```shell + +curl -L -O https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-{{version}}-x86_64.rpm +sudo rpm -vi elastic-agent-{{version}}-x86_64.rpm + +``` :::::: ::::::: @@ -89,7 +133,7 @@ Version 9.0.0-beta1 of {{agent}} has not yet been released. After downloading and extracting the installation package, you’re ready to install the {{agent}}. From the agent directory, run the install command that corresponds with your system: ::::{note} -On macOS, Linux (tar package), and Windows, run the `install` command to install and start {{agent}} as a managed service and start the service. The DEB and RPM packages include a service unit for Linux systems with systemd, For these systems, you must enable and start the service. +On macOS, Linux (tar package), and Windows, run the `install` command to install and start {{agent}} as a managed service and start the service. The DEB and RPM packages include a service unit for Linux systems with systemd. For these systems, you must enable and start the service. :::: From ce57b3e31591f985c1f1c537d44dac825ad5c9d8 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Tue, 4 Mar 2025 16:24:36 -0600 Subject: [PATCH 11/14] fix version --- .../logs/ecs-formatted-application-logs.md | 18 +++++++++--------- .../logs/plaintext-application-logs.md | 18 +++++++++--------- 2 files changed, 18 insertions(+), 18 deletions(-) diff --git a/solutions/observability/logs/ecs-formatted-application-logs.md b/solutions/observability/logs/ecs-formatted-application-logs.md index 314b73dfd1..8efbf28445 100644 --- a/solutions/observability/logs/ecs-formatted-application-logs.md +++ b/solutions/observability/logs/ecs-formatted-application-logs.md @@ -76,20 +76,20 @@ Install {{filebeat}} on the server you want to monitor by running the commands t ::::::{tab-item} DEB ```sh -curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-darwin-x86_64.tar.gz -tar xzvf filebeat-9.0.0-beta1-darwin-x86_64.tar.gz +curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-darwin-x86_64.tar.gz +tar xzvf filebeat-{{version}}-beta1-darwin-x86_64.tar.gz ``` :::::: ::::::{tab-item} RPM ```sh -curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-linux-x86_64.tar.gz -tar xzvf filebeat-9.0.0-beta1-linux-x86_64.tar.gz +curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-linux-x86_64.tar.gz +tar xzvf filebeat-{{version}}-beta1-linux-x86_64.tar.gz ``` :::::: ::::::{tab-item} macOS -1. Download the {{filebeat}} Windows zip file: https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-windows-x86_64.zip[https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-windows-x86_64.zip] +1. Download the {{filebeat}} Windows zip file: https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip[https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip] 2. Extract the contents of the zip file into `C:\Program Files`. 3. Rename the `filebeat-{{version}}-windows-x86_64` directory to `{{filebeat}}`. 4. Open a PowerShell prompt as an Administrator (right-click the PowerShell icon and select **Run As Administrator**). @@ -106,15 +106,15 @@ If script execution is disabled on your system, you need to set the execution po ::::::{tab-item} Linux ```sh -curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-amd64.deb -sudo dpkg -i filebeat-9.0.0-beta1-amd64.deb +curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-amd64.deb +sudo dpkg -i filebeat-{{version}}-beta1-amd64.deb ``` :::::: ::::::{tab-item} Windows ```sh -curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-x86_64.rpm -sudo rpm -vi filebeat-9.0.0-beta1-x86_64.rpm +curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-x86_64.rpm +sudo rpm -vi filebeat-{{version}}-beta1-x86_64.rpm ``` :::::: diff --git a/solutions/observability/logs/plaintext-application-logs.md b/solutions/observability/logs/plaintext-application-logs.md index 7a41205593..d75cb7e705 100644 --- a/solutions/observability/logs/plaintext-application-logs.md +++ b/solutions/observability/logs/plaintext-application-logs.md @@ -44,20 +44,20 @@ Install {{filebeat}} on the server you want to monitor by running the commands t ::::::{tab-item} DEB ```sh -curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-darwin-x86_64.tar.gz -tar xzvf filebeat-9.0.0-beta1-darwin-x86_64.tar.gz +curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-darwin-x86_64.tar.gz +tar xzvf filebeat-{{version}}-beta1-darwin-x86_64.tar.gz ``` :::::: ::::::{tab-item} RPM ```sh -curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-linux-x86_64.tar.gz -tar xzvf filebeat-9.0.0-beta1-linux-x86_64.tar.gz +curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-linux-x86_64.tar.gz +tar xzvf filebeat-{{version}}-beta1-linux-x86_64.tar.gz ``` :::::: ::::::{tab-item} macOS -1. Download the {{filebeat}} Windows zip file: https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-windows-x86_64.zip[https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-windows-x86_64.zip] +1. Download the {{filebeat}} Windows zip file: https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip[https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip] 2. Extract the contents of the zip file into `C:\Program Files`. 3. Rename the `filebeat-{{version}}-windows-x86_64` directory to `{{filebeat}}`. 4. Open a PowerShell prompt as an Administrator (right-click the PowerShell icon and select **Run As Administrator**). @@ -74,15 +74,15 @@ If script execution is disabled on your system, you need to set the execution po ::::::{tab-item} Linux ```sh -curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-amd64.deb -sudo dpkg -i filebeat-9.0.0-beta1-amd64.deb +curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-amd64.deb +sudo dpkg -i filebeat-{{version}}-beta1-amd64.deb ``` :::::: ::::::{tab-item} Windows ```sh -curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-9.0.0-beta1-x86_64.rpm -sudo rpm -vi filebeat-9.0.0-beta1-x86_64.rpm +curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-x86_64.rpm +sudo rpm -vi filebeat-{{version}}-beta1-x86_64.rpm ``` :::::: From 905275b6e335554beaf9aee51ee85d3f78e4c1bf Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Tue, 4 Mar 2025 16:33:14 -0600 Subject: [PATCH 12/14] fix links --- solutions/observability/logs/configure-data-sources.md | 2 ++ solutions/observability/logs/ecs-formatted-application-logs.md | 2 +- solutions/observability/logs/plaintext-application-logs.md | 2 +- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/solutions/observability/logs/configure-data-sources.md b/solutions/observability/logs/configure-data-sources.md index c7d3a609c3..35ddaf8863 100644 --- a/solutions/observability/logs/configure-data-sources.md +++ b/solutions/observability/logs/configure-data-sources.md @@ -1,6 +1,8 @@ --- mapped_pages: - https://www.elastic.co/guide/en/observability/current/configure-data-sources.html +applies_to: + stack: all --- # Configure data sources [configure-data-sources] diff --git a/solutions/observability/logs/ecs-formatted-application-logs.md b/solutions/observability/logs/ecs-formatted-application-logs.md index 8efbf28445..897a2fc2c3 100644 --- a/solutions/observability/logs/ecs-formatted-application-logs.md +++ b/solutions/observability/logs/ecs-formatted-application-logs.md @@ -89,7 +89,7 @@ tar xzvf filebeat-{{version}}-beta1-linux-x86_64.tar.gz :::::: ::::::{tab-item} macOS -1. Download the {{filebeat}} Windows zip file: https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip[https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip] +1. Download the {{filebeat}} Windows zip file: [https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip](https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip) 2. Extract the contents of the zip file into `C:\Program Files`. 3. Rename the `filebeat-{{version}}-windows-x86_64` directory to `{{filebeat}}`. 4. Open a PowerShell prompt as an Administrator (right-click the PowerShell icon and select **Run As Administrator**). diff --git a/solutions/observability/logs/plaintext-application-logs.md b/solutions/observability/logs/plaintext-application-logs.md index d75cb7e705..acf6992c0c 100644 --- a/solutions/observability/logs/plaintext-application-logs.md +++ b/solutions/observability/logs/plaintext-application-logs.md @@ -57,7 +57,7 @@ tar xzvf filebeat-{{version}}-beta1-linux-x86_64.tar.gz :::::: ::::::{tab-item} macOS -1. Download the {{filebeat}} Windows zip file: https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip[https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip] +1. Download the {{filebeat}} Windows zip file: [https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip](https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip) 2. Extract the contents of the zip file into `C:\Program Files`. 3. Rename the `filebeat-{{version}}-windows-x86_64` directory to `{{filebeat}}`. 4. Open a PowerShell prompt as an Administrator (right-click the PowerShell icon and select **Run As Administrator**). From b7df372af5a5e529c5b66c32329d776eab4c1fee Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Tue, 4 Mar 2025 16:40:36 -0600 Subject: [PATCH 13/14] fix links again --- solutions/observability/logs/ecs-formatted-application-logs.md | 2 +- solutions/observability/logs/plaintext-application-logs.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/solutions/observability/logs/ecs-formatted-application-logs.md b/solutions/observability/logs/ecs-formatted-application-logs.md index 897a2fc2c3..9c87c28688 100644 --- a/solutions/observability/logs/ecs-formatted-application-logs.md +++ b/solutions/observability/logs/ecs-formatted-application-logs.md @@ -89,7 +89,7 @@ tar xzvf filebeat-{{version}}-beta1-linux-x86_64.tar.gz :::::: ::::::{tab-item} macOS -1. Download the {{filebeat}} Windows zip file: [https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip](https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip) +1. Download the {{filebeat}} Windows zip file: https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip 2. Extract the contents of the zip file into `C:\Program Files`. 3. Rename the `filebeat-{{version}}-windows-x86_64` directory to `{{filebeat}}`. 4. Open a PowerShell prompt as an Administrator (right-click the PowerShell icon and select **Run As Administrator**). diff --git a/solutions/observability/logs/plaintext-application-logs.md b/solutions/observability/logs/plaintext-application-logs.md index acf6992c0c..a7ed822367 100644 --- a/solutions/observability/logs/plaintext-application-logs.md +++ b/solutions/observability/logs/plaintext-application-logs.md @@ -57,7 +57,7 @@ tar xzvf filebeat-{{version}}-beta1-linux-x86_64.tar.gz :::::: ::::::{tab-item} macOS -1. Download the {{filebeat}} Windows zip file: [https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip](https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip) +1. Download the {{filebeat}} Windows zip file: https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip 2. Extract the contents of the zip file into `C:\Program Files`. 3. Rename the `filebeat-{{version}}-windows-x86_64` directory to `{{filebeat}}`. 4. Open a PowerShell prompt as an Administrator (right-click the PowerShell icon and select **Run As Administrator**). From df63e95d9906d112479b2d299d76625300e406a1 Mon Sep 17 00:00:00 2001 From: Mike Birnstiehl Date: Tue, 4 Mar 2025 16:50:10 -0600 Subject: [PATCH 14/14] fix download tabs --- .../logs/ecs-formatted-application-logs.md | 18 ++++++++--------- .../logs/plaintext-application-logs.md | 20 +++++++++---------- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/solutions/observability/logs/ecs-formatted-application-logs.md b/solutions/observability/logs/ecs-formatted-application-logs.md index 9c87c28688..294736f7b7 100644 --- a/solutions/observability/logs/ecs-formatted-application-logs.md +++ b/solutions/observability/logs/ecs-formatted-application-logs.md @@ -76,20 +76,20 @@ Install {{filebeat}} on the server you want to monitor by running the commands t ::::::{tab-item} DEB ```sh -curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-darwin-x86_64.tar.gz -tar xzvf filebeat-{{version}}-beta1-darwin-x86_64.tar.gz +curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-darwin-x86_64.tar.gz +tar xzvf filebeat-{{version}}-darwin-x86_64.tar.gz ``` :::::: ::::::{tab-item} RPM ```sh -curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-linux-x86_64.tar.gz -tar xzvf filebeat-{{version}}-beta1-linux-x86_64.tar.gz +curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-linux-x86_64.tar.gz +tar xzvf filebeat-{{version}}-linux-x86_64.tar.gz ``` :::::: ::::::{tab-item} macOS -1. Download the {{filebeat}} Windows zip file: https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip +1. Download the {{filebeat}} Windows zip file: `https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-windows-x86_64.zip` 2. Extract the contents of the zip file into `C:\Program Files`. 3. Rename the `filebeat-{{version}}-windows-x86_64` directory to `{{filebeat}}`. 4. Open a PowerShell prompt as an Administrator (right-click the PowerShell icon and select **Run As Administrator**). @@ -106,15 +106,15 @@ If script execution is disabled on your system, you need to set the execution po ::::::{tab-item} Linux ```sh -curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-amd64.deb -sudo dpkg -i filebeat-{{version}}-beta1-amd64.deb +curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-amd64.deb +sudo dpkg -i filebeat-{{version}}-amd64.deb ``` :::::: ::::::{tab-item} Windows ```sh -curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-x86_64.rpm -sudo rpm -vi filebeat-{{version}}-beta1-x86_64.rpm +curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-x86_64.rpm +sudo rpm -vi filebeat-{{version}}-x86_64.rpm ``` :::::: diff --git a/solutions/observability/logs/plaintext-application-logs.md b/solutions/observability/logs/plaintext-application-logs.md index a7ed822367..0770e1fd66 100644 --- a/solutions/observability/logs/plaintext-application-logs.md +++ b/solutions/observability/logs/plaintext-application-logs.md @@ -44,27 +44,27 @@ Install {{filebeat}} on the server you want to monitor by running the commands t ::::::{tab-item} DEB ```sh -curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-darwin-x86_64.tar.gz -tar xzvf filebeat-{{version}}-beta1-darwin-x86_64.tar.gz +curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-darwin-x86_64.tar.gz +tar xzvf filebeat-{{version}}-darwin-x86_64.tar.gz ``` :::::: ::::::{tab-item} RPM ```sh -curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-linux-x86_64.tar.gz -tar xzvf filebeat-{{version}}-beta1-linux-x86_64.tar.gz +curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-linux-x86_64.tar.gz +tar xzvf filebeat-{{version}}-linux-x86_64.tar.gz ``` :::::: ::::::{tab-item} macOS -1. Download the {{filebeat}} Windows zip file: https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-windows-x86_64.zip +1. Download the {{filebeat}} Windows zip file: `https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-windows-x86_64.zip` 2. Extract the contents of the zip file into `C:\Program Files`. 3. Rename the `filebeat-{{version}}-windows-x86_64` directory to `{{filebeat}}`. 4. Open a PowerShell prompt as an Administrator (right-click the PowerShell icon and select **Run As Administrator**). 5. From the PowerShell prompt, run the following commands to install {{filebeat}} as a Windows service: ```powershell - PS > cd 'C:\Program Files\{filebeat}' + PS > cd 'C:\Program Files\{{filebeat}}' PS C:\Program Files\{filebeat}> .\install-service-filebeat.ps1 ``` @@ -74,15 +74,15 @@ If script execution is disabled on your system, you need to set the execution po ::::::{tab-item} Linux ```sh -curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-amd64.deb -sudo dpkg -i filebeat-{{version}}-beta1-amd64.deb +curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-amd64.deb +sudo dpkg -i filebeat-{{version}}-amd64.deb ``` :::::: ::::::{tab-item} Windows ```sh -curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-beta1-x86_64.rpm -sudo rpm -vi filebeat-{{version}}-beta1-x86_64.rpm +curl -L -O https\://artifacts.elastic.co/downloads/beats/filebeat/filebeat-{{version}}-x86_64.rpm +sudo rpm -vi filebeat-{{version}}-x86_64.rpm ``` ::::::