-
Notifications
You must be signed in to change notification settings - Fork 122
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix drop processor for monitoring events #2982
Merged
pierrehilbert
merged 5 commits into
elastic:main
from
belimawr:fix-monitoring-drop-processor
Jul 10, 2023
Merged
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit
Hold shift + click to select a range
ad4b12d
integration:local can run a single test
belimawr 85f208a
Fix drop processor for monitoring components
belimawr 244552d
Merge branch 'main' into fix-monitoring-drop-processor
pierrehilbert 140e81e
Update enroll_test.go
pierrehilbert e14a8ab
Update enroll_test.go
pierrehilbert File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
There are no files selected for viewing
13 changes: 13 additions & 0 deletions
13
changelog/fragments/1688401847-Fix-drop-processor-for-monitoring-components.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
kind: bug-fix | ||
|
||
summary: Fix drop processor for monitoring components | ||
description: >- | ||
It fixes the drop processor for monitoring component logs, instead | ||
of using the dataset that does not include any information about | ||
whether the component is a monitoring component it now uses the | ||
`component.id`. | ||
component: elastic-agent | ||
|
||
pr: https://github.com/elastic/elastic-agent/pull/2982 | ||
|
||
issue: https://github.com/elastic/elastic-agent/issues/2388 |
13 changes: 13 additions & 0 deletions
13
changelog/fragments/1688549045-integrationlocal-accepts-test-name.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
kind: enhancement | ||
|
||
summary: mage `integration:local` now accepts test name to run | ||
|
||
description: >- | ||
The `mage integration:local` command now supports as an optional | ||
argument the name of a test to run. This test name will be passed to | ||
`go test` as `--run=<test name>`. If no argument is passed, `mage | ||
integration:local` will run all local tests. | ||
|
||
component: elastic-agent | ||
|
||
pr: https://github.com/elastic/elastic-agent/pull/2993 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -7,15 +7,20 @@ | |
package integration | ||
|
||
import ( | ||
"encoding/json" | ||
"fmt" | ||
"os" | ||
"regexp" | ||
"testing" | ||
"time" | ||
|
||
"github.com/stretchr/testify/require" | ||
"github.com/stretchr/testify/suite" | ||
|
||
"github.com/elastic/elastic-agent-libs/kibana" | ||
atesting "github.com/elastic/elastic-agent/pkg/testing" | ||
"github.com/elastic/elastic-agent/pkg/testing/define" | ||
"github.com/elastic/elastic-agent/pkg/testing/tools" | ||
|
||
"github.com/stretchr/testify/require" | ||
) | ||
|
||
func TestEnrollAndLog(t *testing.T) { | ||
|
@@ -28,17 +33,110 @@ func TestEnrollAndLog(t *testing.T) { | |
Sudo: true, | ||
}) | ||
t.Logf("got namespace: %s", info.Namespace) | ||
suite.Run(t, &EnrollRunner{requirementsInfo: info}) | ||
} | ||
|
||
type EnrollRunner struct { | ||
suite.Suite | ||
requirementsInfo *define.Info | ||
agentFixture *atesting.Fixture | ||
} | ||
|
||
func (runner *EnrollRunner) SetupSuite() { | ||
runner.T().Logf("In SetupSuite") | ||
agentFixture, err := define.NewFixture(runner.T(), define.Version()) | ||
runner.agentFixture = agentFixture | ||
require.NoError(runner.T(), err) | ||
} | ||
|
||
t.Logf("In SetupSuite") | ||
agentFixture, err := define.NewFixture(t, define.Version()) | ||
require.NoError(t, err) | ||
func (runner *EnrollRunner) SetupTest() {} | ||
|
||
// TestDropMonitoringLogs ensures logs from the monitoring components are not | ||
// sent to the output | ||
func (runner *EnrollRunner) TestDropMonitoringLogs() { | ||
t := runner.T() | ||
t.Logf("In TestDropMonitoringLogs") | ||
|
||
defineInfo := runner.requirementsInfo | ||
kibClient := runner.requirementsInfo.KibanaClient | ||
|
||
t.Logf("In TestEnroll") | ||
kibClient := info.KibanaClient | ||
// Enroll agent in Fleet with a test policy | ||
createPolicyReq := kibana.AgentPolicy{ | ||
Name: fmt.Sprintf("test-monitoring-logs-%d", time.Now().Unix()), | ||
Namespace: "testdropmonitoringlogs", | ||
Description: "test policy for drop processors", | ||
MonitoringEnabled: []kibana.MonitoringEnabledOption{ | ||
kibana.MonitoringEnabledLogs, | ||
kibana.MonitoringEnabledMetrics, | ||
}, | ||
AgentFeatures: []map[string]interface{}{ | ||
{ | ||
"name": t.Name(), | ||
"enabled": true, | ||
}, | ||
}, | ||
} | ||
|
||
// As part of the cleanup process, we'll uninstall the agent | ||
policy, err := tools.InstallAgentWithPolicy(t, runner.agentFixture, kibClient, createPolicyReq) | ||
require.NoError(t, err, "could not install Elastic Agent with Policy") | ||
t.Logf("created policy: %s", policy.ID) | ||
|
||
t.Cleanup(func() { | ||
require.NoError(t, tools.UnEnrollAgent(kibClient), "could not un-enroll Elastic-Agent") | ||
}) | ||
|
||
t.Log("waiting 20s so the components can generate some logs and" + | ||
"Filebeat can collect them") | ||
time.Sleep(20 * time.Second) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Not blocking but do we have an option besides Sleep? Any chance we could generate and read some kind of pre and post sentinel logs where we know a monitoring event would have been sent between the 2 of them? |
||
t.Log("Done sleeping") | ||
|
||
hostname, err := os.Hostname() | ||
if err != nil { | ||
t.Fatalf("could not get hostname to filter Agent: %s", err) | ||
} | ||
|
||
agentID, err := tools.GetAgentIDByHostname(defineInfo.KibanaClient, hostname) | ||
require.NoError(t, err, "could not get Agent ID by hostname") | ||
t.Logf("Agent ID: %q", agentID) | ||
|
||
// We cannot search for `component.id` because at the moment of writing | ||
// this field is not mapped. There is an issue for that: | ||
// https://github.com/elastic/integrations/issues/6545 | ||
docs, err := tools.GetLogsForAgentID(defineInfo.ESClient, agentID) | ||
require.NoError(t, err, "could not get logs from Agent ID: %q, err: %s", | ||
agentID, err) | ||
|
||
monRegExp := regexp.MustCompile(".*-monitoring$") | ||
for i, d := range docs.Hits.Hits { | ||
// Lazy way to navigate a map[string]any: convert to JSON then | ||
// decode into a struct. | ||
jsonData, err := json.Marshal(d.Source) | ||
if err != nil { | ||
t.Fatalf("could not encode document source as JSON: %s", err) | ||
} | ||
|
||
doc := ESDocument{} | ||
if err := json.Unmarshal(jsonData, &doc); err != nil { | ||
t.Fatalf("could not unmarshal document source: %s", err) | ||
} | ||
|
||
if monRegExp.MatchString(doc.Component.ID) { | ||
t.Errorf("[%d] Document on index %q with 'component.id': %q "+ | ||
"and 'elastic_agent.id': %q. 'elastic_agent.id' must not "+ | ||
"end in '-monitoring'\n", | ||
i, d.Index, doc.Component.ID, doc.ElasticAgent.ID) | ||
} | ||
} | ||
} | ||
|
||
func (runner *EnrollRunner) TestEnroll() { | ||
runner.T().Logf("In TestEnroll") | ||
kibClient := runner.requirementsInfo.KibanaClient | ||
// Enroll agent in Fleet with a test policy | ||
createPolicyReq := kibana.AgentPolicy{ | ||
Name: fmt.Sprintf("test-policy-enroll-%d", time.Now().Unix()), | ||
Namespace: info.Namespace, | ||
Namespace: "enrolltest", | ||
Description: "test policy for agent enrollment", | ||
MonitoringEnabled: []kibana.MonitoringEnabledOption{ | ||
kibana.MonitoringEnabledLogs, | ||
|
@@ -53,59 +151,78 @@ func TestEnrollAndLog(t *testing.T) { | |
} | ||
// Stage 1: Install | ||
// As part of the cleanup process, we'll uninstall the agent | ||
policy, err := tools.InstallAgentWithPolicy(t, agentFixture, kibClient, createPolicyReq) | ||
require.NoError(t, err) | ||
t.Logf("created policy: %s", policy.ID) | ||
|
||
t.Cleanup(func() { | ||
// After: unenroll | ||
err = tools.UnEnrollAgent(info.KibanaClient) | ||
require.NoError(t, err) | ||
policy, err := tools.InstallAgentWithPolicy(runner.T(), runner.agentFixture, kibClient, createPolicyReq) | ||
require.NoError(runner.T(), err) | ||
runner.T().Logf("created policy: %s", policy.ID) | ||
|
||
runner.T().Cleanup(func() { | ||
//After: unenroll | ||
err = tools.UnEnrollAgent(runner.requirementsInfo.KibanaClient) | ||
require.NoError(runner.T(), err) | ||
}) | ||
|
||
t.Logf("sleeping for one minute...") | ||
runner.T().Logf("sleeping for one minute...") | ||
time.Sleep(time.Second * 60) | ||
|
||
// Stage 2: check indicies | ||
// This is mostly for debugging | ||
resp, err := tools.GetAllindicies(info.ESClient) | ||
require.NoError(t, err) | ||
resp, err := tools.GetAllindicies(runner.requirementsInfo.ESClient) | ||
require.NoError(runner.T(), err) | ||
for _, run := range resp { | ||
t.Logf("%s: %d/%d deleted: %d\n", run.Index, run.DocsCount, run.StoreSizeBytes, run.DocsDeleted) | ||
runner.T().Logf("%s: %d/%d deleted: %d\n", run.Index, run.DocsCount, run.StoreSizeBytes, run.DocsDeleted) | ||
} | ||
|
||
// Stage 3: Make sure metricbeat logs are populated | ||
docs, err := tools.GetLogsForDatastream(info.ESClient, "elastic_agent.metricbeat") | ||
require.NoError(t, err) | ||
require.NotZero(t, len(docs.Hits.Hits)) | ||
t.Logf("metricbeat: Got %d documents", len(docs.Hits.Hits)) | ||
docs, err := tools.GetLogsForDatastream(runner.requirementsInfo.ESClient, "elastic_agent.metricbeat") | ||
require.NoError(runner.T(), err) | ||
require.NotZero(runner.T(), len(docs.Hits.Hits)) | ||
runner.T().Logf("metricbeat: Got %d documents", len(docs.Hits.Hits)) | ||
|
||
// Stage 4: Make sure filebeat logs are populated | ||
docs, err = tools.GetLogsForDatastream(info.ESClient, "elastic_agent.filebeat") | ||
require.NoError(t, err) | ||
require.NotZero(t, len(docs.Hits.Hits)) | ||
t.Logf("Filebeat: Got %d documents", len(docs.Hits.Hits)) | ||
docs, err = tools.GetLogsForDatastream(runner.requirementsInfo.ESClient, "elastic_agent.filebeat") | ||
require.NoError(runner.T(), err) | ||
require.NotZero(runner.T(), len(docs.Hits.Hits)) | ||
runner.T().Logf("Filebeat: Got %d documents", len(docs.Hits.Hits)) | ||
|
||
// Stage 5: make sure we have no errors | ||
docs, err = tools.CheckForErrorsInLogs(info.ESClient, []string{}) | ||
require.NoError(t, err) | ||
t.Logf("errors: Got %d documents", len(docs.Hits.Hits)) | ||
docs, err = tools.CheckForErrorsInLogs(runner.requirementsInfo.ESClient, []string{}) | ||
require.NoError(runner.T(), err) | ||
runner.T().Logf("errors: Got %d documents", len(docs.Hits.Hits)) | ||
for _, doc := range docs.Hits.Hits { | ||
t.Logf("%#v", doc.Source) | ||
runner.T().Logf("%#v", doc.Source) | ||
} | ||
require.Empty(t, docs.Hits.Hits) | ||
require.Empty(runner.T(), docs.Hits.Hits) | ||
|
||
// Stage 6: Make sure we have message confirming central management is running | ||
docs, err = tools.FindMatchingLogLines(info.ESClient, "Parsed configuration and determined agent is managed by Fleet") | ||
require.NoError(t, err) | ||
require.NotZero(t, len(docs.Hits.Hits)) | ||
docs, err = tools.FindMatchingLogLines(runner.requirementsInfo.ESClient, "Parsed configuration and determined agent is managed by Fleet") | ||
require.NoError(runner.T(), err) | ||
require.NotZero(runner.T(), len(docs.Hits.Hits)) | ||
|
||
// Stage 7: check for starting messages | ||
docs, err = tools.FindMatchingLogLines(info.ESClient, "metricbeat start running") | ||
require.NoError(t, err) | ||
require.NotZero(t, len(docs.Hits.Hits)) | ||
docs, err = tools.FindMatchingLogLines(runner.requirementsInfo.ESClient, "metricbeat start running") | ||
require.NoError(runner.T(), err) | ||
require.NotZero(runner.T(), len(docs.Hits.Hits)) | ||
|
||
docs, err = tools.FindMatchingLogLines(runner.requirementsInfo.ESClient, "filebeat start running") | ||
require.NoError(runner.T(), err) | ||
require.NotZero(runner.T(), len(docs.Hits.Hits)) | ||
|
||
docs, err = tools.FindMatchingLogLines(info.ESClient, "filebeat start running") | ||
require.NoError(t, err) | ||
require.NotZero(t, len(docs.Hits.Hits)) | ||
} | ||
|
||
type ESDocument struct { | ||
ElasticAgent ElasticAgent `json:"elastic_agent"` | ||
Component Component `json:"component"` | ||
Host Host `json:"host"` | ||
} | ||
type ElasticAgent struct { | ||
ID string `json:"id"` | ||
Version string `json:"version"` | ||
Snapshot bool `json:"snapshot"` | ||
} | ||
type Component struct { | ||
Binary string `json:"binary"` | ||
ID string `json:"id"` | ||
} | ||
type Host struct { | ||
Hostname string `json:"hostname"` | ||
} |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is an extra changelog fragment... I don't see the related change and I think it's already been merged, right ?