diff --git a/go.mod b/go.mod index f9c20c94e5..0b275c1957 100644 --- a/go.mod +++ b/go.mod @@ -34,6 +34,7 @@ require ( github.com/spf13/cobra v1.8.0 github.com/stretchr/testify v1.8.4 golang.org/x/tools v0.15.0 + gopkg.in/dnaeon/go-vcr.v3 v3.1.2 gopkg.in/yaml.v3 v3.0.1 gotest.tools/gotestsum v1.11.0 helm.sh/helm/v3 v3.13.2 diff --git a/go.sum b/go.sum index c1cb59b545..0e52eaae3a 100644 --- a/go.sum +++ b/go.sum @@ -906,6 +906,8 @@ gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/dnaeon/go-vcr.v3 v3.1.2 h1:F1smfXBqQqwpVifDfUBQG6zzaGjzT+EnVZakrOdr5wA= +gopkg.in/dnaeon/go-vcr.v3 v3.1.2/go.mod h1:2IMOnnlx9I6u9x+YBsM3tAMx6AlOxnJ0pWxQAzZ79Ag= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/hjson/hjson-go.v3 v3.0.1/go.mod h1:X6zrTSVeImfwfZLfgQdInl9mWjqPqgH90jom9nym/lw= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= diff --git a/internal/dump/agentpolicies_test.go b/internal/dump/agentpolicies_test.go index 222df381c3..fb251a71e1 100644 --- a/internal/dump/agentpolicies_test.go +++ b/internal/dump/agentpolicies_test.go @@ -24,19 +24,30 @@ func TestDumpAgentPolicies(t *testing.T) { // - Configure environment variables for this stack (eval "$(elastic-package stack shellinit)"). // - Run tests. // - Check that recorded files make sense and commit them. + // To update the suite: + // - Reproduce the scenario as described in the comments. + // - Remove the files that you want to update. + // - Follow the same steps to create a new suite. + // - Check if the changes are the expected ones and commit them. suites := []*agentPoliciesDumpSuite{ &agentPoliciesDumpSuite{ + // To reproduce this scenario: + // - Start stack with version 7.17.0. + // - Install nginx package. AgentPolicy: "499b5aa7-d214-5b5d-838b-3cd76469844e", PackageName: "nginx", - RecordDir: "./testdata/fleet-7-mock-dump-all", + Record: "./testdata/fleet-7-mock-dump-all", DumpDirAll: "./testdata/fleet-7-dump/all", DumpDirPackage: "./testdata/fleet-7-dump/package", DumpDirAgentPolicy: "./testdata/fleet-7-dump/agentpolicy", }, &agentPoliciesDumpSuite{ + // To reproduce this scenario: + // - Start stack with version 8.0.0. + // - Install nginx package. AgentPolicy: "fleet-server-policy", PackageName: "nginx", - RecordDir: "./testdata/fleet-8-mock-dump-all", + Record: "./testdata/fleet-8-mock-dump-all", DumpDirAll: "./testdata/fleet-8-dump/all", DumpDirPackage: "./testdata/fleet-8-dump/package", DumpDirAgentPolicy: "./testdata/fleet-8-dump/agentpolicy", @@ -57,8 +68,8 @@ type agentPoliciesDumpSuite struct { // AgentPolicy is the name of the agent policy to look for. PackageName string - // RecordDir is where responses from Kibana are recorded. - RecordDir string + // Record is where responses from Kibana are recorded. + Record string // DumpDirAll is where the expected dumped files are stored when looking for all agent policies. DumpDirAll string @@ -111,7 +122,7 @@ func (s *agentPoliciesDumpSuite) SetupTest() { } func (s *agentPoliciesDumpSuite) TestDumpAll() { - client := kibanatest.NewClient(s.T(), s.RecordDir) + client := kibanatest.NewClient(s.T(), s.Record) outputDir := s.T().TempDir() dumper := NewAgentPoliciesDumper(client) @@ -128,7 +139,7 @@ func (s *agentPoliciesDumpSuite) TestDumpAll() { } func (s *agentPoliciesDumpSuite) TestDumpByPackage() { - client := kibanatest.NewClient(s.T(), s.RecordDir) + client := kibanatest.NewClient(s.T(), s.Record) outputDir := s.T().TempDir() dumper := NewAgentPoliciesDumper(client) @@ -145,7 +156,7 @@ func (s *agentPoliciesDumpSuite) TestDumpByPackage() { } func (s *agentPoliciesDumpSuite) TestDumpByName() { - client := kibanatest.NewClient(s.T(), s.RecordDir) + client := kibanatest.NewClient(s.T(), s.Record) outputDir := s.T().TempDir() dumper := NewAgentPoliciesDumper(client) diff --git a/internal/dump/indextemplates.go b/internal/dump/indextemplates.go index d48479d78e..7fc50d3cf2 100644 --- a/internal/dump/indextemplates.go +++ b/internal/dump/indextemplates.go @@ -9,6 +9,7 @@ import ( "encoding/json" "fmt" "io" + "net/http" "slices" "github.com/elastic/elastic-package/internal/elasticsearch" @@ -77,6 +78,10 @@ func getIndexTemplatesForPackage(ctx context.Context, api *elasticsearch.API, pa } defer resp.Body.Close() + if resp.StatusCode == http.StatusNotFound { + // Some packages don't have index templates. + return nil, nil + } if resp.IsError() { return nil, fmt.Errorf("failed to get index templates: %s", resp.String()) } diff --git a/internal/dump/ingestpipelines.go b/internal/dump/ingestpipelines.go index 5e17b1ffa7..77a534b443 100644 --- a/internal/dump/ingestpipelines.go +++ b/internal/dump/ingestpipelines.go @@ -9,6 +9,7 @@ import ( "encoding/json" "fmt" "io" + "net/http" "slices" "github.com/elastic/elastic-package/internal/elasticsearch" @@ -71,6 +72,10 @@ func getIngestPipelineByID(ctx context.Context, api *elasticsearch.API, id strin } defer resp.Body.Close() + // Ingest templates referenced by other templates may not exist. + if resp.StatusCode == http.StatusNotFound { + return nil, nil + } if resp.IsError() { return nil, fmt.Errorf("failed to get ingest pipeline %s: %s", id, resp.String()) } diff --git a/internal/dump/installedobjects.go b/internal/dump/installedobjects.go index f7c57185ac..cdc4d746a1 100644 --- a/internal/dump/installedobjects.go +++ b/internal/dump/installedobjects.go @@ -223,7 +223,7 @@ func (e *InstalledObjectsDumper) getIngestPipelines(ctx context.Context) ([]Inge names := getIngestPipelinesFromTemplates(templates) ingestPipelines, err := getIngestPipelines(ctx, e.client, names...) if err != nil { - return nil, fmt.Errorf("failed to get ingest pipelines: %w", err) + return nil, fmt.Errorf("failed to get ingest pipelines from templates: %w", err) } e.ingestPipelines = ingestPipelines } diff --git a/internal/dump/installedobjects_test.go b/internal/dump/installedobjects_test.go index 98657ac0b8..073c3a78a1 100644 --- a/internal/dump/installedobjects_test.go +++ b/internal/dump/installedobjects_test.go @@ -30,20 +30,35 @@ func TestDumpInstalledObjects(t *testing.T) { // - Configure environment variables for this stack (eval "$(elastic-package stack shellinit)"). // - Run tests. // - Check that recorded files make sense and commit them. + // To update a suite: + // - Reproduce the scenario as described in the comments. + // - Remove the files that you want to update. + // - Follow the same steps to create a new suite. + // - Check if the changes are the expected ones and commit them. suites := []*installedObjectsDumpSuite{ &installedObjectsDumpSuite{ + // To reproduce the scenario: + // - Start the stack with version 7.16.2. + // - Install apache package (1.3.4). PackageName: "apache", - RecordDir: "./testdata/elasticsearch-7-mock-dump-apache", + Record: "./testdata/elasticsearch-7-mock-dump-apache", DumpDir: "./testdata/elasticsearch-7-apache-dump-all", }, &installedObjectsDumpSuite{ + // To reproduce the scenario: + // - Start the stack with version 8.1.0. + // - Install apache package (1.3.6). PackageName: "apache", - RecordDir: "./testdata/elasticsearch-8-mock-dump-apache", + Record: "./testdata/elasticsearch-8-mock-dump-apache", DumpDir: "./testdata/elasticsearch-8-apache-dump-all", }, &installedObjectsDumpSuite{ + // To reproduce the scenario: + // - Start the stack with version 8.9.0. + // - Install dga package (2.1.0). + // - Manually replace the `compressed_definition` fields with "//REDACTED//". PackageName: "dga", - RecordDir: "./testdata/elasticsearch-8-mock-dump-dga", + Record: "./testdata/elasticsearch-8-mock-dump-dga", DumpDir: "./testdata/elasticsearch-8-dga-dump-all", }, } @@ -59,8 +74,8 @@ type installedObjectsDumpSuite struct { // PackageName is the name of the package. PackageName string - // RecordDir is where responses from Elasticsearch are recorded. - RecordDir string + // Record is where responses from Elasticsearch are recorded. + Record string // DumpDir is where the expected dumped files are stored. DumpDir string @@ -82,7 +97,7 @@ func (s *installedObjectsDumpSuite) SetupTest() { } func (s *installedObjectsDumpSuite) TestDumpAll() { - client := estest.NewClient(s.T(), s.RecordDir) + client := estest.NewClient(s.T(), s.Record) outputDir := s.T().TempDir() dumper := NewInstalledObjectsDumper(client.API, s.PackageName) @@ -99,7 +114,7 @@ func (s *installedObjectsDumpSuite) TestDumpAll() { } func (s *installedObjectsDumpSuite) TestDumpSome() { - client := estest.NewClient(s.T(), s.RecordDir) + client := estest.NewClient(s.T(), s.Record) dumper := NewInstalledObjectsDumper(client.API, s.PackageName) // In a map so order of execution is randomized. diff --git a/internal/dump/testdata/elasticsearch-7-apache-dump-all/ilm_policies/logs.json b/internal/dump/testdata/elasticsearch-7-apache-dump-all/ilm_policies/logs.json index 65680aca2c..66ae87ef6a 100644 --- a/internal/dump/testdata/elasticsearch-7-apache-dump-all/ilm_policies/logs.json +++ b/internal/dump/testdata/elasticsearch-7-apache-dump-all/ilm_policies/logs.json @@ -1,6 +1,6 @@ { "version": 1, - "modified_date": "2022-01-25T18:01:46.058Z", + "modified_date": "2023-11-27T13:55:33.162Z", "policy": { "phases": { "hot": { @@ -20,10 +20,10 @@ }, "in_use_by": { "indices": [ - ".ds-logs-elastic_agent-default-2022.01.25-000001", - ".ds-logs-elastic_agent.metricbeat-default-2022.01.25-000001", - ".ds-logs-elastic_agent.filebeat-default-2022.01.25-000001", - ".ds-logs-elastic_agent.fleet_server-default-2022.01.25-000001" + ".ds-logs-elastic_agent.metricbeat-default-2023.11.27-000001", + ".ds-logs-elastic_agent.fleet_server-default-2023.11.27-000001", + ".ds-logs-elastic_agent.filebeat-default-2023.11.27-000001", + ".ds-logs-elastic_agent-default-2023.11.27-000001" ], "data_streams": [ "logs-elastic_agent-default", @@ -33,12 +33,15 @@ ], "composable_templates": [ "logs-apache.access", + "logs-elastic_agent.cloudbeat", "logs-elastic_agent.apm_server", + "logs-elastic_agent.cloud_defend", "logs-system.security", "logs-system.auth", "logs-elastic_agent.metricbeat", "logs-elastic_agent.filebeat", "logs-elastic_agent.packetbeat", + "logs-elastic_agent.filebeat_input", "logs-elastic_agent.endpoint_security", "logs-elastic_agent.fleet_server", "logs-apache.error", diff --git a/internal/dump/testdata/elasticsearch-7-apache-dump-all/ilm_policies/metrics.json b/internal/dump/testdata/elasticsearch-7-apache-dump-all/ilm_policies/metrics.json index ef39cae8a6..c12fdf1f50 100644 --- a/internal/dump/testdata/elasticsearch-7-apache-dump-all/ilm_policies/metrics.json +++ b/internal/dump/testdata/elasticsearch-7-apache-dump-all/ilm_policies/metrics.json @@ -1,6 +1,6 @@ { "version": 1, - "modified_date": "2022-01-25T18:01:48.410Z", + "modified_date": "2023-11-27T13:55:33.210Z", "policy": { "phases": { "hot": { @@ -20,21 +20,21 @@ }, "in_use_by": { "indices": [ - ".ds-metrics-system.socket_summary-default-2022.01.25-000001", - ".ds-metrics-system.cpu-default-2022.01.25-000001", - ".ds-metrics-elastic_agent.metricbeat-default-2022.01.25-000001", - ".ds-metrics-system.uptime-default-2022.01.25-000001", - ".ds-metrics-system.process-default-2022.01.25-000001", - ".ds-metrics-system.memory-default-2022.01.25-000001", - ".ds-metrics-system.diskio-default-2022.01.25-000001", - ".ds-metrics-elastic_agent.fleet_server-default-2022.01.25-000001", - ".ds-metrics-elastic_agent.filebeat-default-2022.01.25-000001", - ".ds-metrics-system.load-default-2022.01.25-000001", - ".ds-metrics-system.process.summary-default-2022.01.25-000001", - ".ds-metrics-elastic_agent.elastic_agent-default-2022.01.25-000001", - ".ds-metrics-system.filesystem-default-2022.01.25-000001", - ".ds-metrics-system.network-default-2022.01.25-000001", - ".ds-metrics-system.fsstat-default-2022.01.25-000001" + ".ds-metrics-system.process.summary-default-2023.11.27-000001", + ".ds-metrics-system.fsstat-default-2023.11.27-000001", + ".ds-metrics-system.uptime-default-2023.11.27-000001", + ".ds-metrics-system.network-default-2023.11.27-000001", + ".ds-metrics-system.filesystem-default-2023.11.27-000001", + ".ds-metrics-elastic_agent.elastic_agent-default-2023.11.27-000001", + ".ds-metrics-system.socket_summary-default-2023.11.27-000001", + ".ds-metrics-system.diskio-default-2023.11.27-000001", + ".ds-metrics-elastic_agent.filebeat-default-2023.11.27-000001", + ".ds-metrics-system.process-default-2023.11.27-000001", + ".ds-metrics-system.cpu-default-2023.11.27-000001", + ".ds-metrics-elastic_agent.fleet_server-default-2023.11.27-000001", + ".ds-metrics-elastic_agent.metricbeat-default-2023.11.27-000001", + ".ds-metrics-system.memory-default-2023.11.27-000001", + ".ds-metrics-system.load-default-2023.11.27-000001" ], "data_streams": [ "metrics-system.filesystem-default", @@ -68,11 +68,13 @@ "metrics-system.load", "metrics-system.core", "metrics-elastic_agent.filebeat", + "metrics-elastic_agent.filebeat_input", "metrics-system.uptime", "metrics-system.process.summary", "metrics-system.cpu", "metrics-elastic_agent.heartbeat", "metrics-system.diskio", + "metrics-elastic_agent.cloudbeat", "metrics-elastic_agent.metricbeat", "metrics-elastic_agent.auditbeat", "metrics-system.network", diff --git a/internal/dump/testdata/elasticsearch-7-apache-dump-all/index_templates/logs-apache.access.json b/internal/dump/testdata/elasticsearch-7-apache-dump-all/index_templates/logs-apache.access.json index 4762804096..9e5936000b 100644 --- a/internal/dump/testdata/elasticsearch-7-apache-dump-all/index_templates/logs-apache.access.json +++ b/internal/dump/testdata/elasticsearch-7-apache-dump-all/index_templates/logs-apache.access.json @@ -137,7 +137,8 @@ "properties": { "name": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} } } } @@ -267,7 +268,8 @@ "properties": { "path": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} } } }, @@ -468,7 +470,8 @@ "properties": { "name": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} } } }, @@ -476,13 +479,15 @@ "properties": { "original": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} }, "os": { "properties": { "name": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} }, "version": { "ignore_above": 1024, @@ -490,7 +495,8 @@ }, "full": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} } } }, diff --git a/internal/dump/testdata/elasticsearch-7-apache-dump-all/index_templates/logs-apache.error.json b/internal/dump/testdata/elasticsearch-7-apache-dump-all/index_templates/logs-apache.error.json index 779b5d8ee8..33748c52d7 100644 --- a/internal/dump/testdata/elasticsearch-7-apache-dump-all/index_templates/logs-apache.error.json +++ b/internal/dump/testdata/elasticsearch-7-apache-dump-all/index_templates/logs-apache.error.json @@ -129,7 +129,8 @@ "properties": { "name": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} } } } @@ -258,7 +259,8 @@ "properties": { "path": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} } } }, @@ -436,7 +438,8 @@ "properties": { "name": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} } } }, @@ -444,13 +447,15 @@ "properties": { "original": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} }, "os": { "properties": { "name": { "ignore_above": 1024, - "type": "keyword" + "type": "keyword", + "fields": {} } } }, diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache.yaml b/internal/dump/testdata/elasticsearch-7-mock-dump-apache.yaml new file mode 100644 index 0000000000..acafd7bac3 --- /dev/null +++ b/internal/dump/testdata/elasticsearch-7-mock-dump-apache.yaml @@ -0,0 +1,717 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/ + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 545 + uncompressed: false + body: | + { + "name" : "8342dac6ee38", + "cluster_name" : "elasticsearch", + "cluster_uuid" : "SU93KHrmS8OHbarblnhy-g", + "version" : { + "number" : "7.16.2", + "build_flavor" : "default", + "build_type" : "docker", + "build_hash" : "2b937c44140b6559905130a8650c64dbd0879cfb", + "build_date" : "2021-12-18T19:42:46.604893745Z", + "build_snapshot" : false, + "lucene_version" : "8.10.1", + "minimum_wire_compatibility_version" : "6.8.0", + "minimum_index_compatibility_version" : "6.0.0-beta1" + }, + "tagline" : "You Know, for Search" + } + headers: + Content-Length: + - "545" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 3.640457ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_index_template/*-apache.* + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 15969 + uncompressed: false + body: '{"index_templates":[{"name":"logs-apache.error","index_template":{"index_patterns":["logs-apache.error-*"],"template":{"settings":{"index":{"default_pipeline":"logs-apache.error-1.3.4"}},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"process":{"properties":{"pid":{"type":"long"},"thread":{"properties":{"id":{"type":"long"}}}}},"log":{"properties":{"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword"}}},"offset":{"type":"long"},"level":{"ignore_above":1024,"type":"keyword"}}},"source":{"properties":{"geo":{"properties":{"continent_name":{"ignore_above":1024,"type":"keyword"},"region_iso_code":{"ignore_above":1024,"type":"keyword"},"city_name":{"ignore_above":1024,"type":"keyword"},"country_iso_code":{"ignore_above":1024,"type":"keyword"},"country_name":{"ignore_above":1024,"type":"keyword"},"location":{"type":"geo_point"},"region_name":{"ignore_above":1024,"type":"keyword"}}},"as":{"properties":{"number":{"type":"long"},"organization":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}}}},"address":{"ignore_above":1024,"type":"keyword"},"port":{"type":"long"},"ip":{"type":"ip"}}},"error":{"properties":{"message":{"type":"match_only_text"}}},"message":{"type":"match_only_text"},"url":{"properties":{"path":{"type":"wildcard"},"extension":{"ignore_above":1024,"type":"keyword"},"original":{"type":"wildcard"},"domain":{"ignore_above":1024,"type":"keyword"},"query":{"ignore_above":1024,"type":"keyword"}}},"tags":{"ignore_above":1024,"type":"keyword"},"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"input":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"@timestamp":{"type":"date"},"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword","fields":{}}}},"apache":{"properties":{"error":{"properties":{"module":{"ignore_above":1024,"type":"keyword"}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"http":{"properties":{"request":{"properties":{"referrer":{"ignore_above":1024,"type":"keyword"},"method":{"ignore_above":1024,"type":"keyword"}}},"response":{"properties":{"status_code":{"type":"long"},"body":{"properties":{"bytes":{"type":"long"}}}}},"version":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"kind":{"ignore_above":1024,"type":"keyword"},"timezone":{"ignore_above":1024,"type":"keyword"},"module":{"type":"constant_keyword","value":"apache"},"category":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"dataset":{"type":"constant_keyword","value":"apache.error"}}},"user":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}},"user_agent":{"properties":{"original":{"ignore_above":1024,"type":"keyword","fields":{}},"os":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}},"name":{"ignore_above":1024,"type":"keyword"},"device":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}}}}}}},"composed_of":["logs-apache.error@settings","logs-apache.error@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"data_stream":{"hidden":false}}},{"name":"logs-apache.access","index_template":{"index_patterns":["logs-apache.access-*"],"template":{"settings":{"index":{"default_pipeline":"logs-apache.access-1.3.4"}},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"process":{"properties":{"pid":{"type":"long"},"thread":{"properties":{"id":{"type":"long"}}}}},"log":{"properties":{"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword"}}},"offset":{"type":"long"},"level":{"ignore_above":1024,"type":"keyword"}}},"destination":{"properties":{"domain":{"ignore_above":1024,"type":"keyword"}}},"source":{"properties":{"geo":{"properties":{"continent_name":{"ignore_above":1024,"type":"keyword"},"region_iso_code":{"ignore_above":1024,"type":"keyword"},"city_name":{"ignore_above":1024,"type":"keyword"},"country_iso_code":{"ignore_above":1024,"type":"keyword"},"country_name":{"ignore_above":1024,"type":"keyword"},"location":{"type":"geo_point"},"region_name":{"ignore_above":1024,"type":"keyword"}}},"as":{"properties":{"number":{"type":"long"},"organization":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}}}},"address":{"ignore_above":1024,"type":"keyword"},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"}}},"error":{"properties":{"message":{"type":"match_only_text"}}},"message":{"type":"match_only_text"},"url":{"properties":{"path":{"type":"wildcard"},"extension":{"ignore_above":1024,"type":"keyword"},"original":{"type":"wildcard"},"domain":{"ignore_above":1024,"type":"keyword"},"query":{"ignore_above":1024,"type":"keyword"}}},"tags":{"ignore_above":1024,"type":"keyword"},"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"input":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"@timestamp":{"type":"date"},"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword","fields":{}}}},"apache":{"properties":{"access":{"properties":{"ssl":{"properties":{"cipher":{"ignore_above":1024,"type":"keyword"},"protocol":{"ignore_above":1024,"type":"keyword"}}}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"http":{"properties":{"request":{"properties":{"referrer":{"ignore_above":1024,"type":"keyword"},"method":{"ignore_above":1024,"type":"keyword"}}},"response":{"properties":{"status_code":{"type":"long"},"body":{"properties":{"bytes":{"type":"long"}}}}},"version":{"ignore_above":1024,"type":"keyword"}}},"tls":{"properties":{"cipher":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"version_protocol":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"created":{"type":"date"},"kind":{"ignore_above":1024,"type":"keyword"},"module":{"type":"constant_keyword","value":"apache"},"category":{"ignore_above":1024,"type":"keyword"},"dataset":{"type":"constant_keyword","value":"apache.access"},"outcome":{"ignore_above":1024,"type":"keyword"}}},"user":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}},"user_agent":{"properties":{"original":{"ignore_above":1024,"type":"keyword","fields":{}},"os":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}},"version":{"ignore_above":1024,"type":"keyword"},"full":{"ignore_above":1024,"type":"keyword","fields":{}}}},"name":{"ignore_above":1024,"type":"keyword"},"device":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"version":{"ignore_above":1024,"type":"keyword"}}}}}},"composed_of":["logs-apache.access@settings","logs-apache.access@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"data_stream":{"hidden":false}}},{"name":"metrics-apache.status","index_template":{"index_patterns":["metrics-apache.status-*"],"template":{"settings":{},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"@timestamp":{"type":"date"},"apache":{"properties":{"status":{"properties":{"bytes_per_request":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"load":{"properties":{"1":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"15":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"5":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"}}},"bytes_per_sec":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"total_bytes":{"meta":{"unit":"byte","metric_type":"counter"},"type":"long"},"cpu":{"properties":{"system":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"load":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"children_system":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"children_user":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"user":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"}}},"total_accesses":{"meta":{"metric_type":"counter"},"type":"long"},"scoreboard":{"properties":{"total":{"meta":{"metric_type":"gauge"},"type":"long"},"keepalive":{"meta":{"metric_type":"gauge"},"type":"long"},"idle_cleanup":{"meta":{"metric_type":"gauge"},"type":"long"},"waiting_for_connection":{"meta":{"metric_type":"gauge"},"type":"long"},"logging":{"meta":{"metric_type":"gauge"},"type":"long"},"gracefully_finishing":{"meta":{"metric_type":"gauge"},"type":"long"},"open_slot":{"meta":{"metric_type":"gauge"},"type":"long"},"dns_lookup":{"meta":{"metric_type":"gauge"},"type":"long"},"sending_reply":{"meta":{"metric_type":"gauge"},"type":"long"},"closing_connection":{"meta":{"metric_type":"gauge"},"type":"long"},"starting_up":{"meta":{"metric_type":"gauge"},"type":"long"},"reading_request":{"meta":{"metric_type":"gauge"},"type":"long"}}},"workers":{"properties":{"idle":{"meta":{"metric_type":"gauge"},"type":"long"},"busy":{"meta":{"metric_type":"gauge"},"type":"long"}}},"connections":{"properties":{"async":{"properties":{"closing":{"meta":{"metric_type":"gauge"},"type":"long"},"writing":{"meta":{"metric_type":"gauge"},"type":"long"},"keep_alive":{"meta":{"metric_type":"gauge"},"type":"long"}}},"total":{"meta":{"metric_type":"counter"},"type":"long"}}},"requests_per_sec":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"uptime":{"properties":{"server_uptime":{"meta":{"metric_type":"counter"},"type":"long"},"uptime":{"meta":{"metric_type":"counter"},"type":"long"}}}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"service":{"properties":{"address":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"module":{"type":"constant_keyword","value":"apache"},"dataset":{"type":"constant_keyword","value":"apache.status"}}},"error":{"properties":{"message":{"type":"match_only_text"}}}}}},"composed_of":["metrics-apache.status@settings","metrics-apache.status@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"data_stream":{"hidden":false}}}]}' + headers: + Content-Length: + - "15969" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 803.374µs + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/logs-apache.error@settings + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1306 + uncompressed: false + body: '{"component_templates":[{"name":"logs-apache.error@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"logs"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","input.type","tags","ecs.version","event.category","event.kind","event.timezone","event.type","file.path","http.request.method","http.request.referrer","http.version","log.file.path","log.level","source.address","source.as.organization.name","source.geo.city_name","source.geo.continent_name","source.geo.country_iso_code","source.geo.country_name","source.geo.region_iso_code","source.geo.region_name","tags","url.domain","url.extension","url.query","user.name","user_agent.device.name","user_agent.name","user_agent.original","user_agent.os.name","apache.error.module"]}}}},"_meta":{"package":{"name":"apache"}}}}]}' + headers: + Content-Length: + - "1306" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 325.514µs + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/logs-apache.error@custom + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 149 + uncompressed: false + body: '{"component_templates":[{"name":"logs-apache.error@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"}}}}]}' + headers: + Content-Length: + - "149" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 259.991µs + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/.fleet_component_template-1 + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 393 + uncompressed: false + body: '{"component_templates":[{"name":".fleet_component_template-1","component_template":{"template":{"settings":{"index":{"final_pipeline":".fleet_final_pipeline-1"}},"mappings":{"properties":{"event":{"properties":{"agent_id_status":{"ignore_above":1024,"type":"keyword"},"ingested":{"format":"strict_date_time_no_millis||strict_date_optional_time||epoch_millis","type":"date"}}}}}},"_meta":{}}}]}' + headers: + Content-Length: + - "393" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 347.417µs + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/logs-apache.access@settings + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1559 + uncompressed: false + body: '{"component_templates":[{"name":"logs-apache.access@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"logs"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","input.type","destination.domain","ecs.version","event.category","event.kind","event.outcome","file.path","http.request.method","http.request.referrer","http.version","log.file.path","log.level","source.address","source.as.organization.name","source.domain","source.geo.city_name","source.geo.continent_name","source.geo.country_iso_code","source.geo.country_name","source.geo.region_iso_code","source.geo.region_name","tags","tls.cipher","tls.version","tls.version_protocol","url.domain","url.extension","url.query","user.name","user_agent.device.name","user_agent.device.name","user_agent.name","user_agent.name","user_agent.original","user_agent.original","user_agent.os.full","user_agent.os.name","user_agent.os.name","user_agent.os.version","user_agent.version","apache.access.ssl.protocol","apache.access.ssl.cipher"]}}}},"_meta":{"package":{"name":"apache"}}}}]}' + headers: + Content-Length: + - "1559" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 257.04µs + - id: 6 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/logs-apache.access@custom + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 150 + uncompressed: false + body: '{"component_templates":[{"name":"logs-apache.access@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"}}}}]}' + headers: + Content-Length: + - "150" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 241.005µs + - id: 7 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/metrics-apache.status@settings + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 789 + uncompressed: false + body: '{"component_templates":[{"name":"metrics-apache.status@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"metrics"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","ecs.version","service.address","service.type"]}}}},"_meta":{"package":{"name":"apache"}}}}]}' + headers: + Content-Length: + - "789" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 264.377µs + - id: 8 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/metrics-apache.status@custom + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 153 + uncompressed: false + body: '{"component_templates":[{"name":"metrics-apache.status@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"}}}}]}' + headers: + Content-Length: + - "153" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 315.098µs + - id: 9 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ilm/policy/logs + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1316 + uncompressed: false + body: '{"logs":{"version":1,"modified_date":"2023-11-27T13:55:33.162Z","policy":{"phases":{"hot":{"min_age":"0ms","actions":{"rollover":{"max_primary_shard_size":"50gb","max_age":"30d"}}}},"_meta":{"managed":true,"description":"default policy for the logs index template installed by x-pack"}},"in_use_by":{"indices":[".ds-logs-elastic_agent.metricbeat-default-2023.11.27-000001",".ds-logs-elastic_agent.fleet_server-default-2023.11.27-000001",".ds-logs-elastic_agent.filebeat-default-2023.11.27-000001",".ds-logs-elastic_agent-default-2023.11.27-000001"],"data_streams":["logs-elastic_agent-default","logs-elastic_agent.metricbeat-default","logs-elastic_agent.filebeat-default","logs-elastic_agent.fleet_server-default"],"composable_templates":["logs-apache.access","logs-elastic_agent.cloudbeat","logs-elastic_agent.apm_server","logs-elastic_agent.cloud_defend","logs-system.security","logs-system.auth","logs-elastic_agent.metricbeat","logs-elastic_agent.filebeat","logs-elastic_agent.packetbeat","logs-elastic_agent.filebeat_input","logs-elastic_agent.endpoint_security","logs-elastic_agent.fleet_server","logs-apache.error","logs-system.system","logs-system.application","logs-elastic_agent.osquerybeat","logs-elastic_agent.heartbeat","logs-system.syslog","logs-elastic_agent.auditbeat","logs","logs-elastic_agent"]}}}' + headers: + Content-Length: + - "1316" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 1.292625ms + - id: 10 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ilm/policy/metrics + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 2552 + uncompressed: false + body: '{"metrics":{"version":1,"modified_date":"2023-11-27T13:55:33.210Z","policy":{"phases":{"hot":{"min_age":"0ms","actions":{"rollover":{"max_primary_shard_size":"50gb","max_age":"30d"}}}},"_meta":{"managed":true,"description":"default policy for the metrics index template installed by x-pack"}},"in_use_by":{"indices":[".ds-metrics-system.process.summary-default-2023.11.27-000001",".ds-metrics-system.fsstat-default-2023.11.27-000001",".ds-metrics-system.uptime-default-2023.11.27-000001",".ds-metrics-system.network-default-2023.11.27-000001",".ds-metrics-system.filesystem-default-2023.11.27-000001",".ds-metrics-elastic_agent.elastic_agent-default-2023.11.27-000001",".ds-metrics-system.socket_summary-default-2023.11.27-000001",".ds-metrics-system.diskio-default-2023.11.27-000001",".ds-metrics-elastic_agent.filebeat-default-2023.11.27-000001",".ds-metrics-system.process-default-2023.11.27-000001",".ds-metrics-system.cpu-default-2023.11.27-000001",".ds-metrics-elastic_agent.fleet_server-default-2023.11.27-000001",".ds-metrics-elastic_agent.metricbeat-default-2023.11.27-000001",".ds-metrics-system.memory-default-2023.11.27-000001",".ds-metrics-system.load-default-2023.11.27-000001"],"data_streams":["metrics-system.filesystem-default","metrics-system.cpu-default","metrics-system.process.summary-default","metrics-system.memory-default","metrics-elastic_agent.fleet_server-default","metrics-system.uptime-default","metrics-elastic_agent.elastic_agent-default","metrics-elastic_agent.metricbeat-default","metrics-system.fsstat-default","metrics-system.process-default","metrics-elastic_agent.filebeat-default","metrics-system.network-default","metrics-system.diskio-default","metrics-system.load-default","metrics-system.socket_summary-default"],"composable_templates":["metrics-system.process","metrics-elastic_agent.packetbeat","metrics-system.fsstat","metrics-elastic_agent.osquerybeat","metrics-elastic_agent.endpoint_security","metrics-elastic_agent.apm_server","metrics-system.memory","metrics-system.socket_summary","metrics-apache.status","metrics-elastic_agent.elastic_agent","metrics-elastic_agent.fleet_server","metrics-system.load","metrics-system.core","metrics-elastic_agent.filebeat","metrics-elastic_agent.filebeat_input","metrics-system.uptime","metrics-system.process.summary","metrics-system.cpu","metrics-elastic_agent.heartbeat","metrics-system.diskio","metrics-elastic_agent.cloudbeat","metrics-elastic_agent.metricbeat","metrics-elastic_agent.auditbeat","metrics-system.network","metrics-system.filesystem","metrics"]}}}' + headers: + Content-Length: + - "2552" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 1.250469ms + - id: 11 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ingest/pipeline/logs-apache.error-1.3.4 + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 3693 + uncompressed: false + body: '{"logs-apache.error-1.3.4":{"description":"Pipeline for parsing apache error logs","processors":[{"pipeline":{"if":"ctx.message.startsWith(''{'')","name":"logs-apache.error-1.3.4-third-party"}},{"set":{"field":"event.ingested","value":"{{_ingest.timestamp}}"}},{"set":{"field":"ecs.version","value":"1.12.0"}},{"rename":{"field":"message","target_field":"event.original"}},{"grok":{"field":"event.original","patterns":["\\[%{APACHE_TIME:apache.error.timestamp}\\] \\[%{LOGLEVEL:log.level}\\]( \\[client %{IPORHOST:source.address}(:%{POSINT:source.port})?\\])? %{GREEDYDATA:message}","\\[%{APACHE_TIME:apache.error.timestamp}\\] \\[%{DATA:apache.error.module}:%{APACHE_LOGLEVEL:log.level}\\] \\[pid %{NUMBER:process.pid:long}(:tid %{NUMBER:process.thread.id:long})?\\]( \\[client %{IPORHOST:source.address}(:%{POSINT:source.port})?\\])? %{GREEDYDATA:message}"],"pattern_definitions":{"APACHE_LOGLEVEL":"%{LOGLEVEL}[0-9]*","APACHE_TIME":"%{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR}"},"ignore_missing":true}},{"grok":{"field":"message","patterns":["File does not exist: %{URIPATH:file.path}, referer: %{URI:http.request.referrer}","File does not exist: %{URIPATH:file.path}"],"ignore_missing":true,"ignore_failure":true}},{"date":{"if":"ctx.event.timezone == null","field":"apache.error.timestamp","target_field":"@timestamp","formats":["EEE MMM dd H:m:s yyyy","EEE MMM dd H:m:s.SSSSSS yyyy"],"on_failure":[{"append":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}},{"date":{"if":"ctx.event.timezone != null","field":"apache.error.timestamp","target_field":"@timestamp","formats":["EEE MMM dd H:m:s yyyy","EEE MMM dd H:m:s.SSSSSS yyyy"],"timezone":"{{ event.timezone }}","on_failure":[{"append":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}},{"remove":{"field":"apache.error.timestamp","ignore_failure":true}},{"set":{"field":"event.kind","value":"event"}},{"set":{"field":"event.category","value":"web"}},{"script":{"if":"ctx?.log?.level != null","lang":"painless","source":"def err_levels = [\"emerg\", \"alert\", \"crit\", \"error\", \"warn\"]; if (err_levels.contains(ctx.log.level)) {\n ctx.event.type = \"error\";\n} else {\n ctx.event.type = \"info\";\n}"}},{"grok":{"field":"source.address","ignore_missing":true,"patterns":["^(%{IP:source.ip}|%{HOSTNAME:source.domain})$"]}},{"geoip":{"field":"source.ip","target_field":"source.geo","ignore_missing":true}},{"geoip":{"database_file":"GeoLite2-ASN.mmdb","field":"source.ip","target_field":"source.as","properties":["asn","organization_name"],"ignore_missing":true}},{"rename":{"field":"source.as.asn","target_field":"source.as.number","ignore_missing":true}},{"rename":{"field":"source.as.organization_name","target_field":"source.as.organization.name","ignore_missing":true}},{"convert":{"field":"source.port","type":"long","ignore_missing":true}},{"script":{"lang":"painless","description":"This script processor iterates over the whole document to remove fields with null values.","source":"void handleMap(Map map) {\n for (def x : map.values()) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n map.values().removeIf(v -> v == null);\n}\nvoid handleList(List list) {\n for (def x : list) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n}\nhandleMap(ctx);\n"}},{"remove":{"field":"event.original","if":"ctx?.tags == null || !(ctx.tags.contains(''preserve_original_event''))","ignore_failure":true,"ignore_missing":true}}],"on_failure":[{"set":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}}' + headers: + Content-Length: + - "3693" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 754.413µs + - id: 12 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ingest/pipeline/logs-apache.access-1.3.4 + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 4500 + uncompressed: false + body: '{"logs-apache.access-1.3.4":{"description":"Pipeline for parsing Apache HTTP Server access logs. Requires the geoip and user_agent plugins.","processors":[{"pipeline":{"if":"ctx.message.startsWith(''{'')","name":"logs-apache.access-1.3.4-third-party"}},{"set":{"field":"event.ingested","value":"{{_ingest.timestamp}}"}},{"set":{"field":"ecs.version","value":"1.12.0"}},{"rename":{"field":"message","target_field":"event.original"}},{"grok":{"field":"event.original","patterns":["%{IPORHOST:destination.domain} %{IPORHOST:source.ip} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"(?:%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}|-)?\" %{NUMBER:http.response.status_code:long} (?:%{NUMBER:http.response.body.bytes:long}|-)( \"%{DATA:http.request.referrer}\")?( \"%{DATA:user_agent.original}\")?","%{IPORHOST:source.address} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"(?:%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}|-)?\" %{NUMBER:http.response.status_code:long} (?:%{NUMBER:http.response.body.bytes:long}|-)( \"%{DATA:http.request.referrer}\")?( \"%{DATA:user_agent.original}\")?","%{IPORHOST:source.address} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"-\" %{NUMBER:http.response.status_code:long} -","\\[%{HTTPDATE:apache.access.time}\\] %{IPORHOST:source.address} %{DATA:apache.access.ssl.protocol} %{DATA:apache.access.ssl.cipher} \"%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}\" (-|%{NUMBER:http.response.body.bytes:long})"],"ignore_missing":true}},{"uri_parts":{"field":"_tmp.url_orig","ignore_failure":true}},{"remove":{"field":["_tmp"],"ignore_missing":true}},{"set":{"field":"url.domain","value":"{{destination.domain}}","if":"ctx.url?.domain == null && ctx.destination?.domain != null"}},{"set":{"field":"event.kind","value":"event"}},{"set":{"field":"event.category","value":"web"}},{"set":{"field":"event.outcome","value":"success","if":"ctx?.http?.response?.status_code != null && ctx.http.response.status_code < 400"}},{"set":{"field":"event.outcome","value":"failure","if":"ctx?.http?.response?.status_code != null && ctx.http.response.status_code > 399"}},{"grok":{"field":"source.address","ignore_missing":true,"patterns":["^(%{IP:source.ip}|%{HOSTNAME:source.domain})$"]}},{"remove":{"field":"event.created","ignore_missing":true,"ignore_failure":true}},{"rename":{"field":"@timestamp","target_field":"event.created"}},{"date":{"field":"apache.access.time","target_field":"@timestamp","formats":["dd/MMM/yyyy:H:m:s Z"],"ignore_failure":true}},{"remove":{"field":"apache.access.time","ignore_failure":true}},{"user_agent":{"field":"user_agent.original","ignore_failure":true}},{"geoip":{"field":"source.ip","target_field":"source.geo","ignore_missing":true}},{"geoip":{"database_file":"GeoLite2-ASN.mmdb","field":"source.ip","target_field":"source.as","properties":["asn","organization_name"],"ignore_missing":true}},{"rename":{"field":"source.as.asn","target_field":"source.as.number","ignore_missing":true}},{"rename":{"field":"source.as.organization_name","target_field":"source.as.organization.name","ignore_missing":true}},{"set":{"field":"tls.cipher","value":"{{apache.access.ssl.cipher}}","if":"ctx?.apache?.access?.ssl?.cipher != null"}},{"script":{"lang":"painless","if":"ctx?.apache?.access?.ssl?.protocol != null","source":"def parts = ctx.apache.access.ssl.protocol.toLowerCase().splitOnToken(\"v\"); if (parts.length != 2) {\n return;\n} if (parts[1].contains(\".\")) {\n ctx.tls.version = parts[1];\n} else {\n ctx.tls.version = parts[1] + \".0\";\n} ctx.tls.version_protocol = parts[0];"}},{"script":{"lang":"painless","description":"This script processor iterates over the whole document to remove fields with null values.","source":"void handleMap(Map map) {\n for (def x : map.values()) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n map.values().removeIf(v -> v == null);\n}\nvoid handleList(List list) {\n for (def x : list) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n}\nhandleMap(ctx);\n"}},{"remove":{"field":"event.original","if":"ctx?.tags == null || !(ctx.tags.contains(''preserve_original_event''))","ignore_failure":true,"ignore_missing":true}}],"on_failure":[{"set":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}}' + headers: + Content-Length: + - "4500" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 521.734µs + - id: 13 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ingest/pipeline/.fleet_final_pipeline-1 + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 2865 + uncompressed: false + body: '{".fleet_final_pipeline-1":{"version":1,"description":"Final pipeline for processing all incoming Fleet Agent documents.\n","processors":[{"set":{"description":"Add time when event was ingested.","field":"event.ingested","copy_from":"_ingest.timestamp"}},{"script":{"description":"Remove sub-seconds from event.ingested to improve storage efficiency.","tag":"truncate-subseconds-event-ingested","source":"ctx.event.ingested = ctx.event.ingested.withNano(0).format(DateTimeFormatter.ISO_OFFSET_DATE_TIME);","ignore_failure":true}},{"remove":{"description":"Remove any pre-existing untrusted values.","field":["event.agent_id_status","_security"],"ignore_missing":true}},{"set_security_user":{"field":"_security","properties":["authentication_type","username","realm","api_key"]}},{"script":{"description":"Add event.agent_id_status based on the API key metadata and the agent.id contained in the event.\n","tag":"agent-id-status","source":"boolean is_user_trusted(def ctx, def users) {\n if (ctx?._security?.username == null) {\n return false;\n }\n\n def user = null;\n for (def item : users) {\n if (item?.username == ctx._security.username) {\n user = item;\n break;\n }\n }\n\n if (user == null || user?.realm == null || ctx?._security?.realm?.name == null) {\n return false;\n }\n\n if (ctx._security.realm.name != user.realm) {\n return false;\n }\n\n return true;\n}\n\nString verified(def ctx, def params) {\n // No agent.id field to validate.\n if (ctx?.agent?.id == null) {\n return \"missing\";\n }\n\n // Check auth metadata from API key.\n if (ctx?._security?.authentication_type == null\n // Agents only use API keys.\n || ctx._security.authentication_type != ''API_KEY''\n // Verify the API key owner before trusting any metadata it contains.\n || !is_user_trusted(ctx, params.trusted_users)\n // Verify the API key has metadata indicating the assigned agent ID.\n || ctx?._security?.api_key?.metadata?.agent_id == null) {\n return \"auth_metadata_missing\";\n }\n\n // The API key can only be used represent the agent.id it was issued to.\n if (ctx._security.api_key.metadata.agent_id != ctx.agent.id) {\n // Potential masquerade attempt.\n return \"mismatch\";\n }\n\n return \"verified\";\n}\n\nif (ctx?.event == null) {\n ctx.event = [:];\n}\n\nctx.event.agent_id_status = verified(ctx, params);","params":{"trusted_users":[{"username":"elastic/fleet-server","realm":"_service_account"},{"username":"cloud-internal-agent-server","realm":"found"},{"username":"elastic","realm":"reserved"}]}}},{"remove":{"field":"_security","ignore_missing":true}}],"on_failure":[{"remove":{"field":"_security","ignore_missing":true,"ignore_failure":true}},{"append":{"field":"error.message","value":["failed in Fleet agent final_pipeline: {{ _ingest.on_failure_message }}"]}}]}}' + headers: + Content-Length: + - "2865" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 394.152µs + - id: 14 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ingest/pipeline/logs-apache.error-1.3.4-third-party + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1047 + uncompressed: false + body: '{"logs-apache.error-1.3.4-third-party":{"description":"Pipeline for parsing Apache HTTP Server logs from third party api","processors":[{"json":{"field":"message","target_field":"json"}},{"drop":{"if":"ctx.json?.result == null"}},{"fingerprint":{"fields":["json.result._cd","json.result._indextime","json.result._raw","json.result._time","json.result.host","json.result.source"],"target_field":"_id","ignore_missing":true}},{"set":{"copy_from":"json.result._raw","field":"message","ignore_empty_value":true}},{"set":{"copy_from":"json.result.host","field":"host.name","ignore_empty_value":true}},{"set":{"copy_from":"json.result.source","field":"file.path","ignore_empty_value":true}},{"remove":{"field":["json"],"ignore_missing":true}}],"on_failure":[{"append":{"field":"error.message","value":"error in third-party pipeline: error in [{{_ingest.on_failure_processor_type}}] processor{{#_ingest.on_failure_processor_tag}} with tag [{{_ingest.on_failure_processor_tag }}]{{/_ingest.on_failure_processor_tag}} {{ _ingest.on_failure_message }}"}}]}}' + headers: + Content-Length: + - "1047" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 314.524µs + - id: 15 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ingest/pipeline/logs-apache.access-1.3.4-third-party + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1048 + uncompressed: false + body: '{"logs-apache.access-1.3.4-third-party":{"description":"Pipeline for parsing Apache HTTP Server logs from third party api","processors":[{"json":{"field":"message","target_field":"json"}},{"drop":{"if":"ctx.json?.result == null"}},{"fingerprint":{"fields":["json.result._cd","json.result._indextime","json.result._raw","json.result._time","json.result.host","json.result.source"],"target_field":"_id","ignore_missing":true}},{"set":{"copy_from":"json.result._raw","field":"message","ignore_empty_value":true}},{"set":{"copy_from":"json.result.host","field":"host.name","ignore_empty_value":true}},{"set":{"copy_from":"json.result.source","field":"file.path","ignore_empty_value":true}},{"remove":{"field":["json"],"ignore_missing":true}}],"on_failure":[{"append":{"field":"error.message","value":"error in third-party pipeline: error in [{{_ingest.on_failure_processor_type}}] processor{{#_ingest.on_failure_processor_tag}} with tag [{{_ingest.on_failure_processor_tag }}]{{/_ingest.on_failure_processor_tag}} {{ _ingest.on_failure_message }}"}}]}}' + headers: + Content-Length: + - "1048" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 364.107µs + - id: 16 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ml/trained_models/apache_*?decompress_definition=false&include=definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 38 + uncompressed: false + body: '{"count":0,"trained_model_configs":[]}' + headers: + Content-Length: + - "38" + Content-Type: + - application/json; charset=UTF-8 + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 1.04779ms diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-.fleet_component_template-1.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-.fleet_component_template-1.json deleted file mode 100644 index 232213b5ab..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-.fleet_component_template-1.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":".fleet_component_template-1","component_template":{"template":{"settings":{"index":{"final_pipeline":".fleet_final_pipeline-1"}},"mappings":{"properties":{"event":{"properties":{"agent_id_status":{"ignore_above":1024,"type":"keyword"},"ingested":{"format":"strict_date_time_no_millis||strict_date_optional_time||epoch_millis","type":"date"}}}}}},"_meta":{}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.access@custom.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.access@custom.json deleted file mode 100644 index df2500c990..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.access@custom.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"logs-apache.access@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"}}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.access@settings.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.access@settings.json deleted file mode 100644 index 8dc73a42c8..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.access@settings.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"logs-apache.access@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"logs"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","input.type","destination.domain","ecs.version","event.category","event.kind","event.outcome","file.path","http.request.method","http.request.referrer","http.version","log.file.path","log.level","source.address","source.as.organization.name","source.domain","source.geo.city_name","source.geo.continent_name","source.geo.country_iso_code","source.geo.country_name","source.geo.region_iso_code","source.geo.region_name","tags","tls.cipher","tls.version","tls.version_protocol","url.domain","url.extension","url.query","user.name","user_agent.device.name","user_agent.device.name","user_agent.name","user_agent.name","user_agent.original","user_agent.original","user_agent.os.full","user_agent.os.name","user_agent.os.name","user_agent.os.version","user_agent.version","apache.access.ssl.protocol","apache.access.ssl.cipher"]}}}},"_meta":{"package":{"name":"apache"}}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.error@custom.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.error@custom.json deleted file mode 100644 index 35e124c44c..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.error@custom.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"logs-apache.error@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"}}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.error@settings.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.error@settings.json deleted file mode 100644 index 102eb5b43f..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-logs-apache.error@settings.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"logs-apache.error@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"logs"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","input.type","tags","ecs.version","event.category","event.kind","event.timezone","event.type","file.path","http.request.method","http.request.referrer","http.version","log.file.path","log.level","source.address","source.as.organization.name","source.geo.city_name","source.geo.continent_name","source.geo.country_iso_code","source.geo.country_name","source.geo.region_iso_code","source.geo.region_name","tags","url.domain","url.extension","url.query","user.name","user_agent.device.name","user_agent.name","user_agent.original","user_agent.os.name","apache.error.module"]}}}},"_meta":{"package":{"name":"apache"}}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-metrics-apache.status@custom.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-metrics-apache.status@custom.json deleted file mode 100644 index 7625328b80..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-metrics-apache.status@custom.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"metrics-apache.status@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"}}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-metrics-apache.status@settings.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-metrics-apache.status@settings.json deleted file mode 100644 index 3f9e51c1f5..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_component_template-metrics-apache.status@settings.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"metrics-apache.status@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"metrics"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","ecs.version","service.address","service.type"]}}}},"_meta":{"package":{"name":"apache"}}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ilm-policy-logs.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ilm-policy-logs.json deleted file mode 100644 index ce27b88d92..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ilm-policy-logs.json +++ /dev/null @@ -1 +0,0 @@ -{"logs":{"version":1,"modified_date":"2022-01-25T18:01:46.058Z","policy":{"phases":{"hot":{"min_age":"0ms","actions":{"rollover":{"max_primary_shard_size":"50gb","max_age":"30d"}}}},"_meta":{"managed":true,"description":"default policy for the logs index template installed by x-pack"}},"in_use_by":{"indices":[".ds-logs-elastic_agent-default-2022.01.25-000001",".ds-logs-elastic_agent.metricbeat-default-2022.01.25-000001",".ds-logs-elastic_agent.filebeat-default-2022.01.25-000001",".ds-logs-elastic_agent.fleet_server-default-2022.01.25-000001"],"data_streams":["logs-elastic_agent-default","logs-elastic_agent.metricbeat-default","logs-elastic_agent.filebeat-default","logs-elastic_agent.fleet_server-default"],"composable_templates":["logs-apache.access","logs-elastic_agent.apm_server","logs-system.security","logs-system.auth","logs-elastic_agent.metricbeat","logs-elastic_agent.filebeat","logs-elastic_agent.packetbeat","logs-elastic_agent.endpoint_security","logs-elastic_agent.fleet_server","logs-apache.error","logs-system.system","logs-system.application","logs-elastic_agent.osquerybeat","logs-elastic_agent.heartbeat","logs-system.syslog","logs-elastic_agent.auditbeat","logs","logs-elastic_agent"]}}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ilm-policy-metrics.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ilm-policy-metrics.json deleted file mode 100644 index 8b97998db5..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ilm-policy-metrics.json +++ /dev/null @@ -1 +0,0 @@ -{"metrics":{"version":1,"modified_date":"2022-01-25T18:01:48.410Z","policy":{"phases":{"hot":{"min_age":"0ms","actions":{"rollover":{"max_primary_shard_size":"50gb","max_age":"30d"}}}},"_meta":{"managed":true,"description":"default policy for the metrics index template installed by x-pack"}},"in_use_by":{"indices":[".ds-metrics-system.socket_summary-default-2022.01.25-000001",".ds-metrics-system.cpu-default-2022.01.25-000001",".ds-metrics-elastic_agent.metricbeat-default-2022.01.25-000001",".ds-metrics-system.uptime-default-2022.01.25-000001",".ds-metrics-system.process-default-2022.01.25-000001",".ds-metrics-system.memory-default-2022.01.25-000001",".ds-metrics-system.diskio-default-2022.01.25-000001",".ds-metrics-elastic_agent.fleet_server-default-2022.01.25-000001",".ds-metrics-elastic_agent.filebeat-default-2022.01.25-000001",".ds-metrics-system.load-default-2022.01.25-000001",".ds-metrics-system.process.summary-default-2022.01.25-000001",".ds-metrics-elastic_agent.elastic_agent-default-2022.01.25-000001",".ds-metrics-system.filesystem-default-2022.01.25-000001",".ds-metrics-system.network-default-2022.01.25-000001",".ds-metrics-system.fsstat-default-2022.01.25-000001"],"data_streams":["metrics-system.filesystem-default","metrics-system.cpu-default","metrics-system.process.summary-default","metrics-system.memory-default","metrics-elastic_agent.fleet_server-default","metrics-system.uptime-default","metrics-elastic_agent.elastic_agent-default","metrics-elastic_agent.metricbeat-default","metrics-system.fsstat-default","metrics-system.process-default","metrics-elastic_agent.filebeat-default","metrics-system.network-default","metrics-system.diskio-default","metrics-system.load-default","metrics-system.socket_summary-default"],"composable_templates":["metrics-system.process","metrics-elastic_agent.packetbeat","metrics-system.fsstat","metrics-elastic_agent.osquerybeat","metrics-elastic_agent.endpoint_security","metrics-elastic_agent.apm_server","metrics-system.memory","metrics-system.socket_summary","metrics-apache.status","metrics-elastic_agent.elastic_agent","metrics-elastic_agent.fleet_server","metrics-system.load","metrics-system.core","metrics-elastic_agent.filebeat","metrics-system.uptime","metrics-system.process.summary","metrics-system.cpu","metrics-elastic_agent.heartbeat","metrics-system.diskio","metrics-elastic_agent.metricbeat","metrics-elastic_agent.auditbeat","metrics-system.network","metrics-system.filesystem","metrics"]}}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_index_template-_-apache._.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_index_template-_-apache._.json deleted file mode 100644 index c9d52b9da0..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_index_template-_-apache._.json +++ /dev/null @@ -1 +0,0 @@ -{"index_templates":[{"name":"logs-apache.error","index_template":{"index_patterns":["logs-apache.error-*"],"template":{"settings":{"index":{"default_pipeline":"logs-apache.error-1.3.4"}},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"process":{"properties":{"pid":{"type":"long"},"thread":{"properties":{"id":{"type":"long"}}}}},"log":{"properties":{"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword"}}},"offset":{"type":"long"},"level":{"ignore_above":1024,"type":"keyword"}}},"source":{"properties":{"geo":{"properties":{"continent_name":{"ignore_above":1024,"type":"keyword"},"region_iso_code":{"ignore_above":1024,"type":"keyword"},"city_name":{"ignore_above":1024,"type":"keyword"},"country_iso_code":{"ignore_above":1024,"type":"keyword"},"country_name":{"ignore_above":1024,"type":"keyword"},"location":{"type":"geo_point"},"region_name":{"ignore_above":1024,"type":"keyword"}}},"as":{"properties":{"number":{"type":"long"},"organization":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}}}},"address":{"ignore_above":1024,"type":"keyword"},"port":{"type":"long"},"ip":{"type":"ip"}}},"error":{"properties":{"message":{"type":"match_only_text"}}},"message":{"type":"match_only_text"},"url":{"properties":{"path":{"type":"wildcard"},"extension":{"ignore_above":1024,"type":"keyword"},"original":{"type":"wildcard"},"domain":{"ignore_above":1024,"type":"keyword"},"query":{"ignore_above":1024,"type":"keyword"}}},"tags":{"ignore_above":1024,"type":"keyword"},"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"input":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"@timestamp":{"type":"date"},"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword"}}},"apache":{"properties":{"error":{"properties":{"module":{"ignore_above":1024,"type":"keyword"}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"http":{"properties":{"request":{"properties":{"referrer":{"ignore_above":1024,"type":"keyword"},"method":{"ignore_above":1024,"type":"keyword"}}},"response":{"properties":{"status_code":{"type":"long"},"body":{"properties":{"bytes":{"type":"long"}}}}},"version":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"kind":{"ignore_above":1024,"type":"keyword"},"timezone":{"ignore_above":1024,"type":"keyword"},"module":{"type":"constant_keyword","value":"apache"},"category":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"dataset":{"type":"constant_keyword","value":"apache.error"}}},"user":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"user_agent":{"properties":{"original":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"device":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}}}}}}},"composed_of":["logs-apache.error@settings","logs-apache.error@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"data_stream":{"hidden":false}}},{"name":"logs-apache.access","index_template":{"index_patterns":["logs-apache.access-*"],"template":{"settings":{"index":{"default_pipeline":"logs-apache.access-1.3.4"}},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"process":{"properties":{"pid":{"type":"long"},"thread":{"properties":{"id":{"type":"long"}}}}},"log":{"properties":{"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword"}}},"offset":{"type":"long"},"level":{"ignore_above":1024,"type":"keyword"}}},"destination":{"properties":{"domain":{"ignore_above":1024,"type":"keyword"}}},"source":{"properties":{"geo":{"properties":{"continent_name":{"ignore_above":1024,"type":"keyword"},"region_iso_code":{"ignore_above":1024,"type":"keyword"},"city_name":{"ignore_above":1024,"type":"keyword"},"country_iso_code":{"ignore_above":1024,"type":"keyword"},"country_name":{"ignore_above":1024,"type":"keyword"},"location":{"type":"geo_point"},"region_name":{"ignore_above":1024,"type":"keyword"}}},"as":{"properties":{"number":{"type":"long"},"organization":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}}}},"address":{"ignore_above":1024,"type":"keyword"},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"}}},"error":{"properties":{"message":{"type":"match_only_text"}}},"message":{"type":"match_only_text"},"url":{"properties":{"path":{"type":"wildcard"},"extension":{"ignore_above":1024,"type":"keyword"},"original":{"type":"wildcard"},"domain":{"ignore_above":1024,"type":"keyword"},"query":{"ignore_above":1024,"type":"keyword"}}},"tags":{"ignore_above":1024,"type":"keyword"},"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"input":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"@timestamp":{"type":"date"},"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword"}}},"apache":{"properties":{"access":{"properties":{"ssl":{"properties":{"cipher":{"ignore_above":1024,"type":"keyword"},"protocol":{"ignore_above":1024,"type":"keyword"}}}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"http":{"properties":{"request":{"properties":{"referrer":{"ignore_above":1024,"type":"keyword"},"method":{"ignore_above":1024,"type":"keyword"}}},"response":{"properties":{"status_code":{"type":"long"},"body":{"properties":{"bytes":{"type":"long"}}}}},"version":{"ignore_above":1024,"type":"keyword"}}},"tls":{"properties":{"cipher":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"version_protocol":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"created":{"type":"date"},"kind":{"ignore_above":1024,"type":"keyword"},"module":{"type":"constant_keyword","value":"apache"},"category":{"ignore_above":1024,"type":"keyword"},"dataset":{"type":"constant_keyword","value":"apache.access"},"outcome":{"ignore_above":1024,"type":"keyword"}}},"user":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"user_agent":{"properties":{"original":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"full":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"device":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"version":{"ignore_above":1024,"type":"keyword"}}}}}},"composed_of":["logs-apache.access@settings","logs-apache.access@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"data_stream":{"hidden":false}}},{"name":"metrics-apache.status","index_template":{"index_patterns":["metrics-apache.status-*"],"template":{"settings":{},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"@timestamp":{"type":"date"},"apache":{"properties":{"status":{"properties":{"bytes_per_request":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"load":{"properties":{"1":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"15":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"5":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"}}},"bytes_per_sec":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"total_bytes":{"meta":{"unit":"byte","metric_type":"counter"},"type":"long"},"cpu":{"properties":{"system":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"load":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"children_system":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"children_user":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"user":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"}}},"total_accesses":{"meta":{"metric_type":"counter"},"type":"long"},"scoreboard":{"properties":{"total":{"meta":{"metric_type":"gauge"},"type":"long"},"keepalive":{"meta":{"metric_type":"gauge"},"type":"long"},"idle_cleanup":{"meta":{"metric_type":"gauge"},"type":"long"},"waiting_for_connection":{"meta":{"metric_type":"gauge"},"type":"long"},"logging":{"meta":{"metric_type":"gauge"},"type":"long"},"gracefully_finishing":{"meta":{"metric_type":"gauge"},"type":"long"},"open_slot":{"meta":{"metric_type":"gauge"},"type":"long"},"dns_lookup":{"meta":{"metric_type":"gauge"},"type":"long"},"sending_reply":{"meta":{"metric_type":"gauge"},"type":"long"},"closing_connection":{"meta":{"metric_type":"gauge"},"type":"long"},"starting_up":{"meta":{"metric_type":"gauge"},"type":"long"},"reading_request":{"meta":{"metric_type":"gauge"},"type":"long"}}},"workers":{"properties":{"idle":{"meta":{"metric_type":"gauge"},"type":"long"},"busy":{"meta":{"metric_type":"gauge"},"type":"long"}}},"connections":{"properties":{"async":{"properties":{"closing":{"meta":{"metric_type":"gauge"},"type":"long"},"writing":{"meta":{"metric_type":"gauge"},"type":"long"},"keep_alive":{"meta":{"metric_type":"gauge"},"type":"long"}}},"total":{"meta":{"metric_type":"counter"},"type":"long"}}},"requests_per_sec":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"uptime":{"properties":{"server_uptime":{"meta":{"metric_type":"counter"},"type":"long"},"uptime":{"meta":{"metric_type":"counter"},"type":"long"}}}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"service":{"properties":{"address":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"module":{"type":"constant_keyword","value":"apache"},"dataset":{"type":"constant_keyword","value":"apache.status"}}},"error":{"properties":{"message":{"type":"match_only_text"}}}}}},"composed_of":["metrics-apache.status@settings","metrics-apache.status@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"ingest-manager","managed":true},"data_stream":{"hidden":false}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-.fleet_final_pipeline-1.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-.fleet_final_pipeline-1.json deleted file mode 100644 index 8f90a89abe..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-.fleet_final_pipeline-1.json +++ /dev/null @@ -1 +0,0 @@ -{".fleet_final_pipeline-1":{"version":1,"description":"Final pipeline for processing all incoming Fleet Agent documents.\n","processors":[{"set":{"description":"Add time when event was ingested.","field":"event.ingested","copy_from":"_ingest.timestamp"}},{"script":{"description":"Remove sub-seconds from event.ingested to improve storage efficiency.","tag":"truncate-subseconds-event-ingested","source":"ctx.event.ingested = ctx.event.ingested.withNano(0).format(DateTimeFormatter.ISO_OFFSET_DATE_TIME);","ignore_failure":true}},{"remove":{"description":"Remove any pre-existing untrusted values.","field":["event.agent_id_status","_security"],"ignore_missing":true}},{"set_security_user":{"field":"_security","properties":["authentication_type","username","realm","api_key"]}},{"script":{"description":"Add event.agent_id_status based on the API key metadata and the agent.id contained in the event.\n","tag":"agent-id-status","source":"boolean is_user_trusted(def ctx, def users) {\n if (ctx?._security?.username == null) {\n return false;\n }\n\n def user = null;\n for (def item : users) {\n if (item?.username == ctx._security.username) {\n user = item;\n break;\n }\n }\n\n if (user == null || user?.realm == null || ctx?._security?.realm?.name == null) {\n return false;\n }\n\n if (ctx._security.realm.name != user.realm) {\n return false;\n }\n\n return true;\n}\n\nString verified(def ctx, def params) {\n // No agent.id field to validate.\n if (ctx?.agent?.id == null) {\n return \"missing\";\n }\n\n // Check auth metadata from API key.\n if (ctx?._security?.authentication_type == null\n // Agents only use API keys.\n || ctx._security.authentication_type != 'API_KEY'\n // Verify the API key owner before trusting any metadata it contains.\n || !is_user_trusted(ctx, params.trusted_users)\n // Verify the API key has metadata indicating the assigned agent ID.\n || ctx?._security?.api_key?.metadata?.agent_id == null) {\n return \"auth_metadata_missing\";\n }\n\n // The API key can only be used represent the agent.id it was issued to.\n if (ctx._security.api_key.metadata.agent_id != ctx.agent.id) {\n // Potential masquerade attempt.\n return \"mismatch\";\n }\n\n return \"verified\";\n}\n\nif (ctx?.event == null) {\n ctx.event = [:];\n}\n\nctx.event.agent_id_status = verified(ctx, params);","params":{"trusted_users":[{"username":"elastic/fleet-server","realm":"_service_account"},{"username":"cloud-internal-agent-server","realm":"found"},{"username":"elastic","realm":"reserved"}]}}},{"remove":{"field":"_security","ignore_missing":true}}],"on_failure":[{"remove":{"field":"_security","ignore_missing":true,"ignore_failure":true}},{"append":{"field":"error.message","value":["failed in Fleet agent final_pipeline: {{ _ingest.on_failure_message }}"]}}]}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.4-third-party.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.4-third-party.json deleted file mode 100644 index aceb75d417..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.4-third-party.json +++ /dev/null @@ -1 +0,0 @@ -{"logs-apache.access-1.3.4-third-party":{"description":"Pipeline for parsing Apache HTTP Server logs from third party api","processors":[{"json":{"field":"message","target_field":"json"}},{"drop":{"if":"ctx.json?.result == null"}},{"fingerprint":{"fields":["json.result._cd","json.result._indextime","json.result._raw","json.result._time","json.result.host","json.result.source"],"target_field":"_id","ignore_missing":true}},{"set":{"copy_from":"json.result._raw","field":"message","ignore_empty_value":true}},{"set":{"copy_from":"json.result.host","field":"host.name","ignore_empty_value":true}},{"set":{"copy_from":"json.result.source","field":"file.path","ignore_empty_value":true}},{"remove":{"field":["json"],"ignore_missing":true}}],"on_failure":[{"append":{"field":"error.message","value":"error in third-party pipeline: error in [{{_ingest.on_failure_processor_type}}] processor{{#_ingest.on_failure_processor_tag}} with tag [{{_ingest.on_failure_processor_tag }}]{{/_ingest.on_failure_processor_tag}} {{ _ingest.on_failure_message }}"}}]}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.4.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.4.json deleted file mode 100644 index 5de9ab7bed..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.4.json +++ /dev/null @@ -1 +0,0 @@ -{"logs-apache.access-1.3.4":{"description":"Pipeline for parsing Apache HTTP Server access logs. Requires the geoip and user_agent plugins.","processors":[{"pipeline":{"if":"ctx.message.startsWith('{')","name":"logs-apache.access-1.3.4-third-party"}},{"set":{"field":"event.ingested","value":"{{_ingest.timestamp}}"}},{"set":{"field":"ecs.version","value":"1.12.0"}},{"rename":{"field":"message","target_field":"event.original"}},{"grok":{"field":"event.original","patterns":["%{IPORHOST:destination.domain} %{IPORHOST:source.ip} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"(?:%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}|-)?\" %{NUMBER:http.response.status_code:long} (?:%{NUMBER:http.response.body.bytes:long}|-)( \"%{DATA:http.request.referrer}\")?( \"%{DATA:user_agent.original}\")?","%{IPORHOST:source.address} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"(?:%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}|-)?\" %{NUMBER:http.response.status_code:long} (?:%{NUMBER:http.response.body.bytes:long}|-)( \"%{DATA:http.request.referrer}\")?( \"%{DATA:user_agent.original}\")?","%{IPORHOST:source.address} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"-\" %{NUMBER:http.response.status_code:long} -","\\[%{HTTPDATE:apache.access.time}\\] %{IPORHOST:source.address} %{DATA:apache.access.ssl.protocol} %{DATA:apache.access.ssl.cipher} \"%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}\" (-|%{NUMBER:http.response.body.bytes:long})"],"ignore_missing":true}},{"uri_parts":{"field":"_tmp.url_orig","ignore_failure":true}},{"remove":{"field":["_tmp"],"ignore_missing":true}},{"set":{"field":"url.domain","value":"{{destination.domain}}","if":"ctx.url?.domain == null && ctx.destination?.domain != null"}},{"set":{"field":"event.kind","value":"event"}},{"set":{"field":"event.category","value":"web"}},{"set":{"field":"event.outcome","value":"success","if":"ctx?.http?.response?.status_code != null && ctx.http.response.status_code < 400"}},{"set":{"field":"event.outcome","value":"failure","if":"ctx?.http?.response?.status_code != null && ctx.http.response.status_code > 399"}},{"grok":{"field":"source.address","ignore_missing":true,"patterns":["^(%{IP:source.ip}|%{HOSTNAME:source.domain})$"]}},{"remove":{"field":"event.created","ignore_missing":true,"ignore_failure":true}},{"rename":{"field":"@timestamp","target_field":"event.created"}},{"date":{"field":"apache.access.time","target_field":"@timestamp","formats":["dd/MMM/yyyy:H:m:s Z"],"ignore_failure":true}},{"remove":{"field":"apache.access.time","ignore_failure":true}},{"user_agent":{"field":"user_agent.original","ignore_failure":true}},{"geoip":{"field":"source.ip","target_field":"source.geo","ignore_missing":true}},{"geoip":{"database_file":"GeoLite2-ASN.mmdb","field":"source.ip","target_field":"source.as","properties":["asn","organization_name"],"ignore_missing":true}},{"rename":{"field":"source.as.asn","target_field":"source.as.number","ignore_missing":true}},{"rename":{"field":"source.as.organization_name","target_field":"source.as.organization.name","ignore_missing":true}},{"set":{"field":"tls.cipher","value":"{{apache.access.ssl.cipher}}","if":"ctx?.apache?.access?.ssl?.cipher != null"}},{"script":{"lang":"painless","if":"ctx?.apache?.access?.ssl?.protocol != null","source":"def parts = ctx.apache.access.ssl.protocol.toLowerCase().splitOnToken(\"v\"); if (parts.length != 2) {\n return;\n} if (parts[1].contains(\".\")) {\n ctx.tls.version = parts[1];\n} else {\n ctx.tls.version = parts[1] + \".0\";\n} ctx.tls.version_protocol = parts[0];"}},{"script":{"lang":"painless","description":"This script processor iterates over the whole document to remove fields with null values.","source":"void handleMap(Map map) {\n for (def x : map.values()) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n map.values().removeIf(v -> v == null);\n}\nvoid handleList(List list) {\n for (def x : list) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n}\nhandleMap(ctx);\n"}},{"remove":{"field":"event.original","if":"ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))","ignore_failure":true,"ignore_missing":true}}],"on_failure":[{"set":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.4-third-party.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.4-third-party.json deleted file mode 100644 index 39b66d95b3..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.4-third-party.json +++ /dev/null @@ -1 +0,0 @@ -{"logs-apache.error-1.3.4-third-party":{"description":"Pipeline for parsing Apache HTTP Server logs from third party api","processors":[{"json":{"field":"message","target_field":"json"}},{"drop":{"if":"ctx.json?.result == null"}},{"fingerprint":{"fields":["json.result._cd","json.result._indextime","json.result._raw","json.result._time","json.result.host","json.result.source"],"target_field":"_id","ignore_missing":true}},{"set":{"copy_from":"json.result._raw","field":"message","ignore_empty_value":true}},{"set":{"copy_from":"json.result.host","field":"host.name","ignore_empty_value":true}},{"set":{"copy_from":"json.result.source","field":"file.path","ignore_empty_value":true}},{"remove":{"field":["json"],"ignore_missing":true}}],"on_failure":[{"append":{"field":"error.message","value":"error in third-party pipeline: error in [{{_ingest.on_failure_processor_type}}] processor{{#_ingest.on_failure_processor_tag}} with tag [{{_ingest.on_failure_processor_tag }}]{{/_ingest.on_failure_processor_tag}} {{ _ingest.on_failure_message }}"}}]}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.4.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.4.json deleted file mode 100644 index 3603634d0c..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.4.json +++ /dev/null @@ -1 +0,0 @@ -{"logs-apache.error-1.3.4":{"description":"Pipeline for parsing apache error logs","processors":[{"pipeline":{"if":"ctx.message.startsWith('{')","name":"logs-apache.error-1.3.4-third-party"}},{"set":{"field":"event.ingested","value":"{{_ingest.timestamp}}"}},{"set":{"field":"ecs.version","value":"1.12.0"}},{"rename":{"field":"message","target_field":"event.original"}},{"grok":{"field":"event.original","patterns":["\\[%{APACHE_TIME:apache.error.timestamp}\\] \\[%{LOGLEVEL:log.level}\\]( \\[client %{IPORHOST:source.address}(:%{POSINT:source.port})?\\])? %{GREEDYDATA:message}","\\[%{APACHE_TIME:apache.error.timestamp}\\] \\[%{DATA:apache.error.module}:%{APACHE_LOGLEVEL:log.level}\\] \\[pid %{NUMBER:process.pid:long}(:tid %{NUMBER:process.thread.id:long})?\\]( \\[client %{IPORHOST:source.address}(:%{POSINT:source.port})?\\])? %{GREEDYDATA:message}"],"pattern_definitions":{"APACHE_LOGLEVEL":"%{LOGLEVEL}[0-9]*","APACHE_TIME":"%{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR}"},"ignore_missing":true}},{"grok":{"field":"message","patterns":["File does not exist: %{URIPATH:file.path}, referer: %{URI:http.request.referrer}","File does not exist: %{URIPATH:file.path}"],"ignore_missing":true,"ignore_failure":true}},{"date":{"if":"ctx.event.timezone == null","field":"apache.error.timestamp","target_field":"@timestamp","formats":["EEE MMM dd H:m:s yyyy","EEE MMM dd H:m:s.SSSSSS yyyy"],"on_failure":[{"append":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}},{"date":{"if":"ctx.event.timezone != null","field":"apache.error.timestamp","target_field":"@timestamp","formats":["EEE MMM dd H:m:s yyyy","EEE MMM dd H:m:s.SSSSSS yyyy"],"timezone":"{{ event.timezone }}","on_failure":[{"append":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}},{"remove":{"field":"apache.error.timestamp","ignore_failure":true}},{"set":{"field":"event.kind","value":"event"}},{"set":{"field":"event.category","value":"web"}},{"script":{"if":"ctx?.log?.level != null","lang":"painless","source":"def err_levels = [\"emerg\", \"alert\", \"crit\", \"error\", \"warn\"]; if (err_levels.contains(ctx.log.level)) {\n ctx.event.type = \"error\";\n} else {\n ctx.event.type = \"info\";\n}"}},{"grok":{"field":"source.address","ignore_missing":true,"patterns":["^(%{IP:source.ip}|%{HOSTNAME:source.domain})$"]}},{"geoip":{"field":"source.ip","target_field":"source.geo","ignore_missing":true}},{"geoip":{"database_file":"GeoLite2-ASN.mmdb","field":"source.ip","target_field":"source.as","properties":["asn","organization_name"],"ignore_missing":true}},{"rename":{"field":"source.as.asn","target_field":"source.as.number","ignore_missing":true}},{"rename":{"field":"source.as.organization_name","target_field":"source.as.organization.name","ignore_missing":true}},{"convert":{"field":"source.port","type":"long","ignore_missing":true}},{"script":{"lang":"painless","description":"This script processor iterates over the whole document to remove fields with null values.","source":"void handleMap(Map map) {\n for (def x : map.values()) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n map.values().removeIf(v -> v == null);\n}\nvoid handleList(List list) {\n for (def x : list) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n}\nhandleMap(ctx);\n"}},{"remove":{"field":"event.original","if":"ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))","ignore_failure":true,"ignore_missing":true}}],"on_failure":[{"set":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json deleted file mode 100644 index 5d11489c2f..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json +++ /dev/null @@ -1 +0,0 @@ -{"count":0,"trained_model_configs":[]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_feature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_feature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json deleted file mode 100644 index 5d11489c2f..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_feature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json +++ /dev/null @@ -1 +0,0 @@ -{"count":0,"trained_model_configs":[]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/root.json b/internal/dump/testdata/elasticsearch-7-mock-dump-apache/root.json deleted file mode 100644 index a9e8367c5c..0000000000 --- a/internal/dump/testdata/elasticsearch-7-mock-dump-apache/root.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "name" : "5535c267b580", - "cluster_name" : "elasticsearch", - "cluster_uuid" : "kOEZpuRNRq-ypP9sLaiUjQ", - "version" : { - "number" : "7.16.2", - "build_flavor" : "default", - "build_type" : "docker", - "build_hash" : "2b937c44140b6559905130a8650c64dbd0879cfb", - "build_date" : "2021-12-18T19:42:46.604893745Z", - "build_snapshot" : false, - "lucene_version" : "8.10.1", - "minimum_wire_compatibility_version" : "6.8.0", - "minimum_index_compatibility_version" : "6.0.0-beta1" - }, - "tagline" : "You Know, for Search" -} diff --git a/internal/dump/testdata/elasticsearch-8-apache-dump-all/ilm_policies/logs.json b/internal/dump/testdata/elasticsearch-8-apache-dump-all/ilm_policies/logs.json index 0260e14f61..b98c95afa2 100644 --- a/internal/dump/testdata/elasticsearch-8-apache-dump-all/ilm_policies/logs.json +++ b/internal/dump/testdata/elasticsearch-8-apache-dump-all/ilm_policies/logs.json @@ -1,6 +1,6 @@ { "version": 1, - "modified_date": "2022-04-06T15:40:04.029Z", + "modified_date": "2023-11-27T16:35:54.053Z", "policy": { "phases": { "hot": { @@ -19,16 +19,29 @@ } }, "in_use_by": { - "indices": [], - "data_streams": [], + "indices": [ + ".ds-logs-elastic_agent.metricbeat-default-2023.11.27-000001", + ".ds-logs-elastic_agent.fleet_server-default-2023.11.27-000001", + ".ds-logs-elastic_agent.filebeat-default-2023.11.27-000001", + ".ds-logs-elastic_agent-default-2023.11.27-000001" + ], + "data_streams": [ + "logs-elastic_agent-default", + "logs-elastic_agent.metricbeat-default", + "logs-elastic_agent.filebeat-default", + "logs-elastic_agent.fleet_server-default" + ], "composable_templates": [ "logs-apache.access", + "logs-elastic_agent.cloudbeat", "logs-elastic_agent.apm_server", + "logs-elastic_agent.cloud_defend", "logs-system.security", "logs-system.auth", "logs-elastic_agent.metricbeat", "logs-elastic_agent.filebeat", "logs-elastic_agent.packetbeat", + "logs-elastic_agent.filebeat_input", "logs-elastic_agent.endpoint_security", "logs-elastic_agent.fleet_server", "logs-apache.error", diff --git a/internal/dump/testdata/elasticsearch-8-apache-dump-all/ilm_policies/metrics.json b/internal/dump/testdata/elasticsearch-8-apache-dump-all/ilm_policies/metrics.json index aea99c4d51..be9141951f 100644 --- a/internal/dump/testdata/elasticsearch-8-apache-dump-all/ilm_policies/metrics.json +++ b/internal/dump/testdata/elasticsearch-8-apache-dump-all/ilm_policies/metrics.json @@ -1,6 +1,6 @@ { "version": 1, - "modified_date": "2022-04-06T15:40:04.332Z", + "modified_date": "2023-11-27T16:35:54.011Z", "policy": { "phases": { "hot": { @@ -19,8 +19,40 @@ } }, "in_use_by": { - "indices": [], - "data_streams": [], + "indices": [ + ".ds-metrics-system.process.summary-default-2023.11.27-000001", + ".ds-metrics-system.fsstat-default-2023.11.27-000001", + ".ds-metrics-system.uptime-default-2023.11.27-000001", + ".ds-metrics-system.network-default-2023.11.27-000001", + ".ds-metrics-system.filesystem-default-2023.11.27-000001", + ".ds-metrics-elastic_agent.elastic_agent-default-2023.11.27-000001", + ".ds-metrics-system.socket_summary-default-2023.11.27-000001", + ".ds-metrics-system.diskio-default-2023.11.27-000001", + ".ds-metrics-elastic_agent.filebeat-default-2023.11.27-000001", + ".ds-metrics-system.process-default-2023.11.27-000001", + ".ds-metrics-system.cpu-default-2023.11.27-000001", + ".ds-metrics-elastic_agent.metricbeat-default-2023.11.27-000001", + ".ds-metrics-elastic_agent.fleet_server-default-2023.11.27-000001", + ".ds-metrics-system.load-default-2023.11.27-000001", + ".ds-metrics-system.memory-default-2023.11.27-000001" + ], + "data_streams": [ + "metrics-system.filesystem-default", + "metrics-system.cpu-default", + "metrics-system.process.summary-default", + "metrics-system.memory-default", + "metrics-elastic_agent.fleet_server-default", + "metrics-system.uptime-default", + "metrics-elastic_agent.elastic_agent-default", + "metrics-elastic_agent.metricbeat-default", + "metrics-system.fsstat-default", + "metrics-system.process-default", + "metrics-elastic_agent.filebeat-default", + "metrics-system.network-default", + "metrics-system.diskio-default", + "metrics-system.load-default", + "metrics-system.socket_summary-default" + ], "composable_templates": [ "metrics-system.process", "metrics-elastic_agent.packetbeat", @@ -36,11 +68,13 @@ "metrics-system.load", "metrics-system.core", "metrics-elastic_agent.filebeat", + "metrics-elastic_agent.filebeat_input", "metrics-system.uptime", "metrics-system.process.summary", "metrics-system.cpu", "metrics-elastic_agent.heartbeat", "metrics-system.diskio", + "metrics-elastic_agent.cloudbeat", "metrics-elastic_agent.metricbeat", "metrics-elastic_agent.auditbeat", "metrics-system.network", diff --git a/internal/dump/testdata/elasticsearch-8-dga-dump-all/ml_models/dga_1611725_2.0.json b/internal/dump/testdata/elasticsearch-8-dga-dump-all/ml_models/dga_1611725_2.0.json index dbcb19c8a0..80c24cc6af 100644 --- a/internal/dump/testdata/elasticsearch-8-dga-dump-all/ml_models/dga_1611725_2.0.json +++ b/internal/dump/testdata/elasticsearch-8-dga-dump-all/ml_models/dga_1611725_2.0.json @@ -3,7 +3,7 @@ "model_type": "tree_ensemble", "created_by": "api_user", "version": "8.9.0", - "create_time": 1699476967200, + "create_time": 1701103516636, "model_size_bytes": 246784104, "estimated_operations": 0, "license_level": "platinum", diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache.yaml b/internal/dump/testdata/elasticsearch-8-mock-dump-apache.yaml new file mode 100644 index 0000000000..092fa790e6 --- /dev/null +++ b/internal/dump/testdata/elasticsearch-8-mock-dump-apache.yaml @@ -0,0 +1,717 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/ + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 538 + uncompressed: false + body: | + { + "name" : "f2d4529be9e6", + "cluster_name" : "elasticsearch", + "cluster_uuid" : "jzZs7URYRremBeTRiHjDNQ", + "version" : { + "number" : "8.1.0", + "build_flavor" : "default", + "build_type" : "docker", + "build_hash" : "3700f7679f7d95e36da0b43762189bab189bc53a", + "build_date" : "2022-03-03T14:20:00.690422633Z", + "build_snapshot" : false, + "lucene_version" : "9.0.0", + "minimum_wire_compatibility_version" : "7.17.0", + "minimum_index_compatibility_version" : "7.0.0" + }, + "tagline" : "You Know, for Search" + } + headers: + Content-Length: + - "538" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 4.245924ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_index_template/*-apache.* + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 16106 + uncompressed: false + body: '{"index_templates":[{"name":"logs-apache.error","index_template":{"index_patterns":["logs-apache.error-*"],"template":{"settings":{"index":{"default_pipeline":"logs-apache.error-1.3.6"}},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"process":{"properties":{"pid":{"type":"long"},"thread":{"properties":{"id":{"type":"long"}}}}},"log":{"properties":{"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword"}}},"offset":{"type":"long"},"level":{"ignore_above":1024,"type":"keyword"}}},"source":{"properties":{"geo":{"properties":{"continent_name":{"ignore_above":1024,"type":"keyword"},"region_iso_code":{"ignore_above":1024,"type":"keyword"},"city_name":{"ignore_above":1024,"type":"keyword"},"country_iso_code":{"ignore_above":1024,"type":"keyword"},"country_name":{"ignore_above":1024,"type":"keyword"},"location":{"type":"geo_point"},"region_name":{"ignore_above":1024,"type":"keyword"}}},"as":{"properties":{"number":{"type":"long"},"organization":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}}}},"address":{"ignore_above":1024,"type":"keyword"},"port":{"type":"long"},"ip":{"type":"ip"}}},"error":{"properties":{"message":{"type":"match_only_text"}}},"message":{"type":"match_only_text"},"url":{"properties":{"path":{"ignore_above":1024,"type":"wildcard"},"extension":{"ignore_above":1024,"type":"keyword"},"original":{"ignore_above":1024,"type":"wildcard","fields":{}},"domain":{"ignore_above":1024,"type":"keyword"},"query":{"ignore_above":1024,"type":"keyword"}}},"tags":{"ignore_above":1024,"type":"keyword"},"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"input":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"@timestamp":{"type":"date"},"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword","fields":{}}}},"apache":{"properties":{"error":{"properties":{"module":{"ignore_above":1024,"type":"keyword"}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"http":{"properties":{"request":{"properties":{"referrer":{"ignore_above":1024,"type":"keyword"},"method":{"ignore_above":1024,"type":"keyword"}}},"response":{"properties":{"status_code":{"type":"long"},"body":{"properties":{"bytes":{"type":"long"}}}}},"version":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"kind":{"ignore_above":1024,"type":"keyword"},"timezone":{"ignore_above":1024,"type":"keyword"},"module":{"type":"constant_keyword","value":"apache"},"category":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"dataset":{"type":"constant_keyword","value":"apache.error"}}},"user":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}},"user_agent":{"properties":{"original":{"ignore_above":1024,"type":"keyword","fields":{}},"os":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}},"name":{"ignore_above":1024,"type":"keyword"},"device":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}}}}}}},"composed_of":["logs-apache.error@settings","logs-apache.error@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"data_stream":{"hidden":false,"allow_custom_routing":false}}},{"name":"logs-apache.access","index_template":{"index_patterns":["logs-apache.access-*"],"template":{"settings":{"index":{"default_pipeline":"logs-apache.access-1.3.6"}},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"process":{"properties":{"pid":{"type":"long"},"thread":{"properties":{"id":{"type":"long"}}}}},"log":{"properties":{"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword"}}},"offset":{"type":"long"},"level":{"ignore_above":1024,"type":"keyword"}}},"destination":{"properties":{"domain":{"ignore_above":1024,"type":"keyword"}}},"source":{"properties":{"geo":{"properties":{"continent_name":{"ignore_above":1024,"type":"keyword"},"region_iso_code":{"ignore_above":1024,"type":"keyword"},"city_name":{"ignore_above":1024,"type":"keyword"},"country_iso_code":{"ignore_above":1024,"type":"keyword"},"country_name":{"ignore_above":1024,"type":"keyword"},"location":{"type":"geo_point"},"region_name":{"ignore_above":1024,"type":"keyword"}}},"as":{"properties":{"number":{"type":"long"},"organization":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}}}},"address":{"ignore_above":1024,"type":"keyword"},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"}}},"error":{"properties":{"message":{"type":"match_only_text"}}},"message":{"type":"match_only_text"},"url":{"properties":{"path":{"ignore_above":1024,"type":"wildcard"},"extension":{"ignore_above":1024,"type":"keyword"},"original":{"ignore_above":1024,"type":"wildcard","fields":{}},"domain":{"ignore_above":1024,"type":"keyword"},"query":{"ignore_above":1024,"type":"keyword"}}},"tags":{"ignore_above":1024,"type":"keyword"},"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"input":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"@timestamp":{"type":"date"},"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword","fields":{}}}},"apache":{"properties":{"access":{"properties":{"ssl":{"properties":{"cipher":{"ignore_above":1024,"type":"keyword"},"protocol":{"ignore_above":1024,"type":"keyword"}}}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"http":{"properties":{"request":{"properties":{"referrer":{"ignore_above":1024,"type":"keyword"},"method":{"ignore_above":1024,"type":"keyword"}}},"response":{"properties":{"status_code":{"type":"long"},"body":{"properties":{"bytes":{"type":"long"}}}}},"version":{"ignore_above":1024,"type":"keyword"}}},"tls":{"properties":{"cipher":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"version_protocol":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"created":{"type":"date"},"kind":{"ignore_above":1024,"type":"keyword"},"module":{"type":"constant_keyword","value":"apache"},"category":{"ignore_above":1024,"type":"keyword"},"dataset":{"type":"constant_keyword","value":"apache.access"},"outcome":{"ignore_above":1024,"type":"keyword"}}},"user":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}},"user_agent":{"properties":{"original":{"ignore_above":1024,"type":"keyword","fields":{}},"os":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}},"version":{"ignore_above":1024,"type":"keyword"},"full":{"ignore_above":1024,"type":"keyword","fields":{}}}},"name":{"ignore_above":1024,"type":"keyword"},"device":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"version":{"ignore_above":1024,"type":"keyword"}}}}}},"composed_of":["logs-apache.access@settings","logs-apache.access@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"data_stream":{"hidden":false,"allow_custom_routing":false}}},{"name":"metrics-apache.status","index_template":{"index_patterns":["metrics-apache.status-*"],"template":{"settings":{},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"@timestamp":{"type":"date"},"apache":{"properties":{"status":{"properties":{"bytes_per_request":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"load":{"properties":{"1":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"15":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"5":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"}}},"bytes_per_sec":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"total_bytes":{"meta":{"unit":"byte","metric_type":"counter"},"type":"long"},"cpu":{"properties":{"system":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"load":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"children_system":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"children_user":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"user":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"}}},"total_accesses":{"meta":{"metric_type":"counter"},"type":"long"},"scoreboard":{"properties":{"total":{"meta":{"metric_type":"gauge"},"type":"long"},"keepalive":{"meta":{"metric_type":"gauge"},"type":"long"},"idle_cleanup":{"meta":{"metric_type":"gauge"},"type":"long"},"waiting_for_connection":{"meta":{"metric_type":"gauge"},"type":"long"},"logging":{"meta":{"metric_type":"gauge"},"type":"long"},"gracefully_finishing":{"meta":{"metric_type":"gauge"},"type":"long"},"open_slot":{"meta":{"metric_type":"gauge"},"type":"long"},"dns_lookup":{"meta":{"metric_type":"gauge"},"type":"long"},"sending_reply":{"meta":{"metric_type":"gauge"},"type":"long"},"closing_connection":{"meta":{"metric_type":"gauge"},"type":"long"},"starting_up":{"meta":{"metric_type":"gauge"},"type":"long"},"reading_request":{"meta":{"metric_type":"gauge"},"type":"long"}}},"workers":{"properties":{"idle":{"meta":{"metric_type":"gauge"},"type":"long"},"busy":{"meta":{"metric_type":"gauge"},"type":"long"}}},"connections":{"properties":{"async":{"properties":{"closing":{"meta":{"metric_type":"gauge"},"type":"long"},"writing":{"meta":{"metric_type":"gauge"},"type":"long"},"keep_alive":{"meta":{"metric_type":"gauge"},"type":"long"}}},"total":{"meta":{"metric_type":"counter"},"type":"long"}}},"requests_per_sec":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"uptime":{"properties":{"server_uptime":{"meta":{"metric_type":"counter"},"type":"long"},"uptime":{"meta":{"metric_type":"counter"},"type":"long"}}}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"service":{"properties":{"address":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"module":{"type":"constant_keyword","value":"apache"},"dataset":{"type":"constant_keyword","value":"apache.status"}}},"error":{"properties":{"message":{"type":"match_only_text"}}}}}},"composed_of":["metrics-apache.status@settings","metrics-apache.status@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"data_stream":{"hidden":false,"allow_custom_routing":false}}}]}' + headers: + Content-Length: + - "16106" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 1.497043ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/logs-apache.error@settings + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1342 + uncompressed: false + body: '{"component_templates":[{"name":"logs-apache.error@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"logs"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","input.type","tags","ecs.version","event.category","event.kind","event.timezone","event.type","file.path","http.request.method","http.request.referrer","http.version","log.file.path","log.level","source.address","source.as.organization.name","source.geo.city_name","source.geo.continent_name","source.geo.country_iso_code","source.geo.country_name","source.geo.region_iso_code","source.geo.region_name","tags","url.domain","url.extension","url.query","user.name","user_agent.device.name","user_agent.name","user_agent.original","user_agent.os.name","apache.error.module"]}}}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]}' + headers: + Content-Length: + - "1342" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 513.497µs + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/logs-apache.error@custom + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 185 + uncompressed: false + body: '{"component_templates":[{"name":"logs-apache.error@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]}' + headers: + Content-Length: + - "185" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 369.89µs + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/.fleet_component_template-1 + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 428 + uncompressed: false + body: '{"component_templates":[{"name":".fleet_component_template-1","component_template":{"template":{"settings":{"index":{"final_pipeline":".fleet_final_pipeline-1"}},"mappings":{"properties":{"event":{"properties":{"agent_id_status":{"ignore_above":1024,"type":"keyword"},"ingested":{"format":"strict_date_time_no_millis||strict_date_optional_time||epoch_millis","type":"date"}}}}}},"_meta":{"managed_by":"fleet","managed":true}}}]}' + headers: + Content-Length: + - "428" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 424.645µs + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/logs-apache.access@settings + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1595 + uncompressed: false + body: '{"component_templates":[{"name":"logs-apache.access@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"logs"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","input.type","destination.domain","ecs.version","event.category","event.kind","event.outcome","file.path","http.request.method","http.request.referrer","http.version","log.file.path","log.level","source.address","source.as.organization.name","source.domain","source.geo.city_name","source.geo.continent_name","source.geo.country_iso_code","source.geo.country_name","source.geo.region_iso_code","source.geo.region_name","tags","tls.cipher","tls.version","tls.version_protocol","url.domain","url.extension","url.query","user.name","user_agent.device.name","user_agent.device.name","user_agent.name","user_agent.name","user_agent.original","user_agent.original","user_agent.os.full","user_agent.os.name","user_agent.os.name","user_agent.os.version","user_agent.version","apache.access.ssl.protocol","apache.access.ssl.cipher"]}}}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]}' + headers: + Content-Length: + - "1595" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 497.616µs + - id: 6 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/logs-apache.access@custom + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 186 + uncompressed: false + body: '{"component_templates":[{"name":"logs-apache.access@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]}' + headers: + Content-Length: + - "186" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 344.216µs + - id: 7 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/metrics-apache.status@settings + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 825 + uncompressed: false + body: '{"component_templates":[{"name":"metrics-apache.status@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"metrics"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","ecs.version","service.address","service.type"]}}}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]}' + headers: + Content-Length: + - "825" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 629.712µs + - id: 8 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_component_template/metrics-apache.status@custom + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 189 + uncompressed: false + body: '{"component_templates":[{"name":"metrics-apache.status@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]}' + headers: + Content-Length: + - "189" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 438.911µs + - id: 9 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ilm/policy/logs + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1316 + uncompressed: false + body: '{"logs":{"version":1,"modified_date":"2023-11-27T16:35:54.053Z","policy":{"phases":{"hot":{"min_age":"0ms","actions":{"rollover":{"max_primary_shard_size":"50gb","max_age":"30d"}}}},"_meta":{"managed":true,"description":"default policy for the logs index template installed by x-pack"}},"in_use_by":{"indices":[".ds-logs-elastic_agent.metricbeat-default-2023.11.27-000001",".ds-logs-elastic_agent.fleet_server-default-2023.11.27-000001",".ds-logs-elastic_agent.filebeat-default-2023.11.27-000001",".ds-logs-elastic_agent-default-2023.11.27-000001"],"data_streams":["logs-elastic_agent-default","logs-elastic_agent.metricbeat-default","logs-elastic_agent.filebeat-default","logs-elastic_agent.fleet_server-default"],"composable_templates":["logs-apache.access","logs-elastic_agent.cloudbeat","logs-elastic_agent.apm_server","logs-elastic_agent.cloud_defend","logs-system.security","logs-system.auth","logs-elastic_agent.metricbeat","logs-elastic_agent.filebeat","logs-elastic_agent.packetbeat","logs-elastic_agent.filebeat_input","logs-elastic_agent.endpoint_security","logs-elastic_agent.fleet_server","logs-apache.error","logs-system.system","logs-system.application","logs-elastic_agent.osquerybeat","logs-elastic_agent.heartbeat","logs-system.syslog","logs-elastic_agent.auditbeat","logs","logs-elastic_agent"]}}}' + headers: + Content-Length: + - "1316" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 1.782288ms + - id: 10 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ilm/policy/metrics + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 2552 + uncompressed: false + body: '{"metrics":{"version":1,"modified_date":"2023-11-27T16:35:54.011Z","policy":{"phases":{"hot":{"min_age":"0ms","actions":{"rollover":{"max_primary_shard_size":"50gb","max_age":"30d"}}}},"_meta":{"managed":true,"description":"default policy for the metrics index template installed by x-pack"}},"in_use_by":{"indices":[".ds-metrics-system.process.summary-default-2023.11.27-000001",".ds-metrics-system.fsstat-default-2023.11.27-000001",".ds-metrics-system.uptime-default-2023.11.27-000001",".ds-metrics-system.network-default-2023.11.27-000001",".ds-metrics-system.filesystem-default-2023.11.27-000001",".ds-metrics-elastic_agent.elastic_agent-default-2023.11.27-000001",".ds-metrics-system.socket_summary-default-2023.11.27-000001",".ds-metrics-system.diskio-default-2023.11.27-000001",".ds-metrics-elastic_agent.filebeat-default-2023.11.27-000001",".ds-metrics-system.process-default-2023.11.27-000001",".ds-metrics-system.cpu-default-2023.11.27-000001",".ds-metrics-elastic_agent.metricbeat-default-2023.11.27-000001",".ds-metrics-elastic_agent.fleet_server-default-2023.11.27-000001",".ds-metrics-system.load-default-2023.11.27-000001",".ds-metrics-system.memory-default-2023.11.27-000001"],"data_streams":["metrics-system.filesystem-default","metrics-system.cpu-default","metrics-system.process.summary-default","metrics-system.memory-default","metrics-elastic_agent.fleet_server-default","metrics-system.uptime-default","metrics-elastic_agent.elastic_agent-default","metrics-elastic_agent.metricbeat-default","metrics-system.fsstat-default","metrics-system.process-default","metrics-elastic_agent.filebeat-default","metrics-system.network-default","metrics-system.diskio-default","metrics-system.load-default","metrics-system.socket_summary-default"],"composable_templates":["metrics-system.process","metrics-elastic_agent.packetbeat","metrics-system.fsstat","metrics-elastic_agent.osquerybeat","metrics-elastic_agent.endpoint_security","metrics-elastic_agent.apm_server","metrics-system.memory","metrics-system.socket_summary","metrics-apache.status","metrics-elastic_agent.elastic_agent","metrics-elastic_agent.fleet_server","metrics-system.load","metrics-system.core","metrics-elastic_agent.filebeat","metrics-elastic_agent.filebeat_input","metrics-system.uptime","metrics-system.process.summary","metrics-system.cpu","metrics-elastic_agent.heartbeat","metrics-system.diskio","metrics-elastic_agent.cloudbeat","metrics-elastic_agent.metricbeat","metrics-elastic_agent.auditbeat","metrics-system.network","metrics-system.filesystem","metrics"]}}}' + headers: + Content-Length: + - "2552" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 1.727045ms + - id: 11 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ingest/pipeline/logs-apache.error-1.3.6 + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 3767 + uncompressed: false + body: '{"logs-apache.error-1.3.6":{"description":"Pipeline for parsing apache error logs","processors":[{"pipeline":{"if":"ctx.message.startsWith(''{'')","name":"logs-apache.error-1.3.6-third-party"}},{"set":{"field":"event.ingested","value":"{{_ingest.timestamp}}"}},{"set":{"field":"ecs.version","value":"1.12.0"}},{"rename":{"field":"message","target_field":"event.original"}},{"grok":{"field":"event.original","patterns":["\\[%{APACHE_TIME:apache.error.timestamp}\\] \\[%{LOGLEVEL:log.level}\\]( \\[client %{IPORHOST:source.address}(:%{POSINT:source.port})?\\])? %{GREEDYDATA:message}","\\[%{APACHE_TIME:apache.error.timestamp}\\] \\[%{DATA:apache.error.module}:%{APACHE_LOGLEVEL:log.level}\\] \\[pid %{NUMBER:process.pid:long}(:tid %{NUMBER:process.thread.id:long})?\\]( \\[client %{IPORHOST:source.address}(:%{POSINT:source.port})?\\])? %{GREEDYDATA:message}"],"pattern_definitions":{"APACHE_LOGLEVEL":"%{LOGLEVEL}[0-9]*","APACHE_TIME":"%{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR}"},"ignore_missing":true}},{"grok":{"field":"message","patterns":["File does not exist: %{URIPATH:file.path}, referer: %{URI:http.request.referrer}","File does not exist: %{URIPATH:file.path}"],"ignore_missing":true,"ignore_failure":true}},{"date":{"if":"ctx.event.timezone == null","field":"apache.error.timestamp","target_field":"@timestamp","formats":["EEE MMM dd H:m:s yyyy","EEE MMM dd H:m:s.SSSSSS yyyy"],"on_failure":[{"append":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}},{"date":{"if":"ctx.event.timezone != null","field":"apache.error.timestamp","target_field":"@timestamp","formats":["EEE MMM dd H:m:s yyyy","EEE MMM dd H:m:s.SSSSSS yyyy"],"timezone":"{{ event.timezone }}","on_failure":[{"append":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}},{"remove":{"field":"apache.error.timestamp","ignore_failure":true}},{"set":{"field":"event.kind","value":"event"}},{"set":{"field":"event.category","value":"web"}},{"script":{"if":"ctx?.log?.level != null","lang":"painless","source":"def err_levels = [\"emerg\", \"alert\", \"crit\", \"error\", \"warn\"]; if (err_levels.contains(ctx.log.level)) {\n ctx.event.type = \"error\";\n} else {\n ctx.event.type = \"info\";\n}"}},{"grok":{"field":"source.address","ignore_missing":true,"patterns":["^(%{IP:source.ip}|%{HOSTNAME:source.domain})$"]}},{"geoip":{"field":"source.ip","target_field":"source.geo","ignore_missing":true}},{"geoip":{"database_file":"GeoLite2-ASN.mmdb","field":"source.ip","target_field":"source.as","properties":["asn","organization_name"],"ignore_missing":true}},{"rename":{"field":"source.as.asn","target_field":"source.as.number","ignore_missing":true}},{"rename":{"field":"source.as.organization_name","target_field":"source.as.organization.name","ignore_missing":true}},{"convert":{"field":"source.port","type":"long","ignore_missing":true}},{"script":{"lang":"painless","description":"This script processor iterates over the whole document to remove fields with null values.","source":"void handleMap(Map map) {\n for (def x : map.values()) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n map.values().removeIf(v -> v == null);\n}\nvoid handleList(List list) {\n for (def x : list) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n}\nhandleMap(ctx);\n"}},{"remove":{"field":"event.original","if":"ctx?.tags == null || !(ctx.tags.contains(''preserve_original_event''))","ignore_failure":true,"ignore_missing":true}}],"on_failure":[{"set":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}],"_meta":{"managed_by":"fleet","managed":true,"package":{"name":"apache"}}}}' + headers: + Content-Length: + - "3767" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 1.026301ms + - id: 12 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ingest/pipeline/logs-apache.access-1.3.6 + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 4574 + uncompressed: false + body: '{"logs-apache.access-1.3.6":{"description":"Pipeline for parsing Apache HTTP Server access logs. Requires the geoip and user_agent plugins.","processors":[{"pipeline":{"if":"ctx.message.startsWith(''{'')","name":"logs-apache.access-1.3.6-third-party"}},{"set":{"field":"event.ingested","value":"{{_ingest.timestamp}}"}},{"set":{"field":"ecs.version","value":"1.12.0"}},{"rename":{"field":"message","target_field":"event.original"}},{"grok":{"field":"event.original","patterns":["%{IPORHOST:destination.domain} %{IPORHOST:source.ip} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"(?:%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}|-)?\" %{NUMBER:http.response.status_code:long} (?:%{NUMBER:http.response.body.bytes:long}|-)( \"%{DATA:http.request.referrer}\")?( \"%{DATA:user_agent.original}\")?","%{IPORHOST:source.address} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"(?:%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}|-)?\" %{NUMBER:http.response.status_code:long} (?:%{NUMBER:http.response.body.bytes:long}|-)( \"%{DATA:http.request.referrer}\")?( \"%{DATA:user_agent.original}\")?","%{IPORHOST:source.address} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"-\" %{NUMBER:http.response.status_code:long} -","\\[%{HTTPDATE:apache.access.time}\\] %{IPORHOST:source.address} %{DATA:apache.access.ssl.protocol} %{DATA:apache.access.ssl.cipher} \"%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}\" (-|%{NUMBER:http.response.body.bytes:long})"],"ignore_missing":true}},{"uri_parts":{"field":"_tmp.url_orig","ignore_failure":true}},{"remove":{"field":["_tmp"],"ignore_missing":true}},{"set":{"field":"url.domain","value":"{{destination.domain}}","if":"ctx.url?.domain == null && ctx.destination?.domain != null"}},{"set":{"field":"event.kind","value":"event"}},{"set":{"field":"event.category","value":"web"}},{"set":{"field":"event.outcome","value":"success","if":"ctx?.http?.response?.status_code != null && ctx.http.response.status_code < 400"}},{"set":{"field":"event.outcome","value":"failure","if":"ctx?.http?.response?.status_code != null && ctx.http.response.status_code > 399"}},{"grok":{"field":"source.address","ignore_missing":true,"patterns":["^(%{IP:source.ip}|%{HOSTNAME:source.domain})$"]}},{"remove":{"field":"event.created","ignore_missing":true,"ignore_failure":true}},{"rename":{"field":"@timestamp","target_field":"event.created"}},{"date":{"field":"apache.access.time","target_field":"@timestamp","formats":["dd/MMM/yyyy:H:m:s Z"],"ignore_failure":true}},{"remove":{"field":"apache.access.time","ignore_failure":true}},{"user_agent":{"field":"user_agent.original","ignore_failure":true}},{"geoip":{"field":"source.ip","target_field":"source.geo","ignore_missing":true}},{"geoip":{"database_file":"GeoLite2-ASN.mmdb","field":"source.ip","target_field":"source.as","properties":["asn","organization_name"],"ignore_missing":true}},{"rename":{"field":"source.as.asn","target_field":"source.as.number","ignore_missing":true}},{"rename":{"field":"source.as.organization_name","target_field":"source.as.organization.name","ignore_missing":true}},{"set":{"field":"tls.cipher","value":"{{apache.access.ssl.cipher}}","if":"ctx?.apache?.access?.ssl?.cipher != null"}},{"script":{"lang":"painless","if":"ctx?.apache?.access?.ssl?.protocol != null","source":"def parts = ctx.apache.access.ssl.protocol.toLowerCase().splitOnToken(\"v\"); if (parts.length != 2) {\n return;\n} if (parts[1].contains(\".\")) {\n ctx.tls.version = parts[1];\n} else {\n ctx.tls.version = parts[1] + \".0\";\n} ctx.tls.version_protocol = parts[0];"}},{"script":{"lang":"painless","description":"This script processor iterates over the whole document to remove fields with null values.","source":"void handleMap(Map map) {\n for (def x : map.values()) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n map.values().removeIf(v -> v == null);\n}\nvoid handleList(List list) {\n for (def x : list) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n}\nhandleMap(ctx);\n"}},{"remove":{"field":"event.original","if":"ctx?.tags == null || !(ctx.tags.contains(''preserve_original_event''))","ignore_failure":true,"ignore_missing":true}}],"on_failure":[{"set":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}],"_meta":{"managed_by":"fleet","managed":true,"package":{"name":"apache"}}}}' + headers: + Content-Length: + - "4574" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 850.163µs + - id: 13 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ingest/pipeline/.fleet_final_pipeline-1 + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 2911 + uncompressed: false + body: '{".fleet_final_pipeline-1":{"version":2,"_meta":{"managed_by":"fleet","managed":true},"description":"Final pipeline for processing all incoming Fleet Agent documents.\n","processors":[{"set":{"description":"Add time when event was ingested.","field":"event.ingested","copy_from":"_ingest.timestamp"}},{"script":{"description":"Remove sub-seconds from event.ingested to improve storage efficiency.","tag":"truncate-subseconds-event-ingested","source":"ctx.event.ingested = ctx.event.ingested.withNano(0).format(DateTimeFormatter.ISO_OFFSET_DATE_TIME);","ignore_failure":true}},{"remove":{"description":"Remove any pre-existing untrusted values.","field":["event.agent_id_status","_security"],"ignore_missing":true}},{"set_security_user":{"field":"_security","properties":["authentication_type","username","realm","api_key"]}},{"script":{"description":"Add event.agent_id_status based on the API key metadata and the agent.id contained in the event.\n","tag":"agent-id-status","source":"boolean is_user_trusted(def ctx, def users) {\n if (ctx?._security?.username == null) {\n return false;\n }\n\n def user = null;\n for (def item : users) {\n if (item?.username == ctx._security.username) {\n user = item;\n break;\n }\n }\n\n if (user == null || user?.realm == null || ctx?._security?.realm?.name == null) {\n return false;\n }\n\n if (ctx._security.realm.name != user.realm) {\n return false;\n }\n\n return true;\n}\n\nString verified(def ctx, def params) {\n // No agent.id field to validate.\n if (ctx?.agent?.id == null) {\n return \"missing\";\n }\n\n // Check auth metadata from API key.\n if (ctx?._security?.authentication_type == null\n // Agents only use API keys.\n || ctx._security.authentication_type != ''API_KEY''\n // Verify the API key owner before trusting any metadata it contains.\n || !is_user_trusted(ctx, params.trusted_users)\n // Verify the API key has metadata indicating the assigned agent ID.\n || ctx?._security?.api_key?.metadata?.agent_id == null) {\n return \"auth_metadata_missing\";\n }\n\n // The API key can only be used represent the agent.id it was issued to.\n if (ctx._security.api_key.metadata.agent_id != ctx.agent.id) {\n // Potential masquerade attempt.\n return \"mismatch\";\n }\n\n return \"verified\";\n}\n\nif (ctx?.event == null) {\n ctx.event = [:];\n}\n\nctx.event.agent_id_status = verified(ctx, params);","params":{"trusted_users":[{"username":"elastic/fleet-server","realm":"_service_account"},{"username":"cloud-internal-agent-server","realm":"found"},{"username":"elastic","realm":"reserved"}]}}},{"remove":{"field":"_security","ignore_missing":true}}],"on_failure":[{"remove":{"field":"_security","ignore_missing":true,"ignore_failure":true}},{"append":{"field":"error.message","value":["failed in Fleet agent final_pipeline: {{ _ingest.on_failure_message }}"]}}]}}' + headers: + Content-Length: + - "2911" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 718.117µs + - id: 14 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ingest/pipeline/logs-apache.error-1.3.6-third-party + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1121 + uncompressed: false + body: '{"logs-apache.error-1.3.6-third-party":{"description":"Pipeline for parsing Apache HTTP Server logs from third party api","processors":[{"json":{"field":"message","target_field":"json"}},{"drop":{"if":"ctx.json?.result == null"}},{"fingerprint":{"fields":["json.result._cd","json.result._indextime","json.result._raw","json.result._time","json.result.host","json.result.source"],"target_field":"_id","ignore_missing":true}},{"set":{"copy_from":"json.result._raw","field":"message","ignore_empty_value":true}},{"set":{"copy_from":"json.result.host","field":"host.name","ignore_empty_value":true}},{"set":{"copy_from":"json.result.source","field":"file.path","ignore_empty_value":true}},{"remove":{"field":["json"],"ignore_missing":true}}],"on_failure":[{"append":{"field":"error.message","value":"error in third-party pipeline: error in [{{_ingest.on_failure_processor_type}}] processor{{#_ingest.on_failure_processor_tag}} with tag [{{_ingest.on_failure_processor_tag }}]{{/_ingest.on_failure_processor_tag}} {{ _ingest.on_failure_message }}"}}],"_meta":{"managed_by":"fleet","managed":true,"package":{"name":"apache"}}}}' + headers: + Content-Length: + - "1121" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 746.962µs + - id: 15 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ingest/pipeline/logs-apache.access-1.3.6-third-party + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1122 + uncompressed: false + body: '{"logs-apache.access-1.3.6-third-party":{"description":"Pipeline for parsing Apache HTTP Server logs from third party api","processors":[{"json":{"field":"message","target_field":"json"}},{"drop":{"if":"ctx.json?.result == null"}},{"fingerprint":{"fields":["json.result._cd","json.result._indextime","json.result._raw","json.result._time","json.result.host","json.result.source"],"target_field":"_id","ignore_missing":true}},{"set":{"copy_from":"json.result._raw","field":"message","ignore_empty_value":true}},{"set":{"copy_from":"json.result.host","field":"host.name","ignore_empty_value":true}},{"set":{"copy_from":"json.result.source","field":"file.path","ignore_empty_value":true}},{"remove":{"field":["json"],"ignore_missing":true}}],"on_failure":[{"append":{"field":"error.message","value":"error in third-party pipeline: error in [{{_ingest.on_failure_processor_type}}] processor{{#_ingest.on_failure_processor_tag}} with tag [{{_ingest.on_failure_processor_tag }}]{{/_ingest.on_failure_processor_tag}} {{ _ingest.on_failure_message }}"}}],"_meta":{"managed_by":"fleet","managed":true,"package":{"name":"apache"}}}}' + headers: + Content-Length: + - "1122" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 614.104µs + - id: 16 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ml/trained_models/apache_*?decompress_definition=false&include=definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 38 + uncompressed: false + body: '{"count":0,"trained_model_configs":[]}' + headers: + Content-Length: + - "38" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 1.012949ms diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-.fleet_component_template-1.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-.fleet_component_template-1.json deleted file mode 100644 index 7786f403ad..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-.fleet_component_template-1.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":".fleet_component_template-1","component_template":{"template":{"settings":{"index":{"final_pipeline":".fleet_final_pipeline-1"}},"mappings":{"properties":{"event":{"properties":{"agent_id_status":{"ignore_above":1024,"type":"keyword"},"ingested":{"format":"strict_date_time_no_millis||strict_date_optional_time||epoch_millis","type":"date"}}}}}},"_meta":{"managed_by":"fleet","managed":true}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.access@custom.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.access@custom.json deleted file mode 100644 index 58c5daabab..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.access@custom.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"logs-apache.access@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.access@settings.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.access@settings.json deleted file mode 100644 index fa26896e12..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.access@settings.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"logs-apache.access@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"logs"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","input.type","destination.domain","ecs.version","event.category","event.kind","event.outcome","file.path","http.request.method","http.request.referrer","http.version","log.file.path","log.level","source.address","source.as.organization.name","source.domain","source.geo.city_name","source.geo.continent_name","source.geo.country_iso_code","source.geo.country_name","source.geo.region_iso_code","source.geo.region_name","tags","tls.cipher","tls.version","tls.version_protocol","url.domain","url.extension","url.query","user.name","user_agent.device.name","user_agent.device.name","user_agent.name","user_agent.name","user_agent.original","user_agent.original","user_agent.os.full","user_agent.os.name","user_agent.os.name","user_agent.os.version","user_agent.version","apache.access.ssl.protocol","apache.access.ssl.cipher"]}}}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.error@custom.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.error@custom.json deleted file mode 100644 index a4ba32476f..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.error@custom.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"logs-apache.error@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.error@settings.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.error@settings.json deleted file mode 100644 index 96df1c743f..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-logs-apache.error@settings.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"logs-apache.error@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"logs"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","input.type","tags","ecs.version","event.category","event.kind","event.timezone","event.type","file.path","http.request.method","http.request.referrer","http.version","log.file.path","log.level","source.address","source.as.organization.name","source.geo.city_name","source.geo.continent_name","source.geo.country_iso_code","source.geo.country_name","source.geo.region_iso_code","source.geo.region_name","tags","url.domain","url.extension","url.query","user.name","user_agent.device.name","user_agent.name","user_agent.original","user_agent.os.name","apache.error.module"]}}}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-metrics-apache.status@custom.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-metrics-apache.status@custom.json deleted file mode 100644 index e06d5d32e8..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-metrics-apache.status@custom.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"metrics-apache.status@custom","component_template":{"template":{"settings":{}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-metrics-apache.status@settings.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-metrics-apache.status@settings.json deleted file mode 100644 index 09db718a43..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_component_template-metrics-apache.status@settings.json +++ /dev/null @@ -1 +0,0 @@ -{"component_templates":[{"name":"metrics-apache.status@settings","component_template":{"template":{"settings":{"index":{"lifecycle":{"name":"metrics"},"codec":"best_compression","mapping":{"total_fields":{"limit":"10000"}},"query":{"default_field":["cloud.account.id","cloud.availability_zone","cloud.instance.id","cloud.instance.name","cloud.machine.type","cloud.provider","cloud.region","cloud.project.id","cloud.image.id","container.id","container.image.name","container.name","host.architecture","host.domain","host.hostname","host.id","host.mac","host.name","host.os.family","host.os.kernel","host.os.name","host.os.platform","host.os.version","host.type","host.os.build","host.os.codename","ecs.version","service.address","service.type"]}}}},"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ilm-policy-logs.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ilm-policy-logs.json deleted file mode 100644 index 5c8c4969fd..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ilm-policy-logs.json +++ /dev/null @@ -1 +0,0 @@ -{"logs":{"version":1,"modified_date":"2022-04-06T15:40:04.029Z","policy":{"phases":{"hot":{"min_age":"0ms","actions":{"rollover":{"max_primary_shard_size":"50gb","max_age":"30d"}}}},"_meta":{"managed":true,"description":"default policy for the logs index template installed by x-pack"}},"in_use_by":{"indices":[],"data_streams":[],"composable_templates":["logs-apache.access","logs-elastic_agent.apm_server","logs-system.security","logs-system.auth","logs-elastic_agent.metricbeat","logs-elastic_agent.filebeat","logs-elastic_agent.packetbeat","logs-elastic_agent.endpoint_security","logs-elastic_agent.fleet_server","logs-apache.error","logs-system.system","logs-system.application","logs-elastic_agent.osquerybeat","logs-elastic_agent.heartbeat","logs-system.syslog","logs-elastic_agent.auditbeat","logs","logs-elastic_agent"]}}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ilm-policy-metrics.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ilm-policy-metrics.json deleted file mode 100644 index ed94c94c78..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ilm-policy-metrics.json +++ /dev/null @@ -1 +0,0 @@ -{"metrics":{"version":1,"modified_date":"2022-04-06T15:40:04.332Z","policy":{"phases":{"hot":{"min_age":"0ms","actions":{"rollover":{"max_primary_shard_size":"50gb","max_age":"30d"}}}},"_meta":{"managed":true,"description":"default policy for the metrics index template installed by x-pack"}},"in_use_by":{"indices":[],"data_streams":[],"composable_templates":["metrics-system.process","metrics-elastic_agent.packetbeat","metrics-system.fsstat","metrics-elastic_agent.osquerybeat","metrics-elastic_agent.endpoint_security","metrics-elastic_agent.apm_server","metrics-system.memory","metrics-system.socket_summary","metrics-apache.status","metrics-elastic_agent.elastic_agent","metrics-elastic_agent.fleet_server","metrics-system.load","metrics-system.core","metrics-elastic_agent.filebeat","metrics-system.uptime","metrics-system.process.summary","metrics-system.cpu","metrics-elastic_agent.heartbeat","metrics-system.diskio","metrics-elastic_agent.metricbeat","metrics-elastic_agent.auditbeat","metrics-system.network","metrics-system.filesystem","metrics"]}}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_index_template-_-apache._.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_index_template-_-apache._.json deleted file mode 100644 index 4e02f27281..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_index_template-_-apache._.json +++ /dev/null @@ -1 +0,0 @@ -{"index_templates":[{"name":"logs-apache.error","index_template":{"index_patterns":["logs-apache.error-*"],"template":{"settings":{"index":{"default_pipeline":"logs-apache.error-1.3.6"}},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"process":{"properties":{"pid":{"type":"long"},"thread":{"properties":{"id":{"type":"long"}}}}},"log":{"properties":{"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword"}}},"offset":{"type":"long"},"level":{"ignore_above":1024,"type":"keyword"}}},"source":{"properties":{"geo":{"properties":{"continent_name":{"ignore_above":1024,"type":"keyword"},"region_iso_code":{"ignore_above":1024,"type":"keyword"},"city_name":{"ignore_above":1024,"type":"keyword"},"country_iso_code":{"ignore_above":1024,"type":"keyword"},"country_name":{"ignore_above":1024,"type":"keyword"},"location":{"type":"geo_point"},"region_name":{"ignore_above":1024,"type":"keyword"}}},"as":{"properties":{"number":{"type":"long"},"organization":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}}}},"address":{"ignore_above":1024,"type":"keyword"},"port":{"type":"long"},"ip":{"type":"ip"}}},"error":{"properties":{"message":{"type":"match_only_text"}}},"message":{"type":"match_only_text"},"url":{"properties":{"path":{"ignore_above":1024,"type":"wildcard"},"extension":{"ignore_above":1024,"type":"keyword"},"original":{"ignore_above":1024,"type":"wildcard","fields":{}},"domain":{"ignore_above":1024,"type":"keyword"},"query":{"ignore_above":1024,"type":"keyword"}}},"tags":{"ignore_above":1024,"type":"keyword"},"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"input":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"@timestamp":{"type":"date"},"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword","fields":{}}}},"apache":{"properties":{"error":{"properties":{"module":{"ignore_above":1024,"type":"keyword"}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"http":{"properties":{"request":{"properties":{"referrer":{"ignore_above":1024,"type":"keyword"},"method":{"ignore_above":1024,"type":"keyword"}}},"response":{"properties":{"status_code":{"type":"long"},"body":{"properties":{"bytes":{"type":"long"}}}}},"version":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"kind":{"ignore_above":1024,"type":"keyword"},"timezone":{"ignore_above":1024,"type":"keyword"},"module":{"type":"constant_keyword","value":"apache"},"category":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"dataset":{"type":"constant_keyword","value":"apache.error"}}},"user":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}},"user_agent":{"properties":{"original":{"ignore_above":1024,"type":"keyword","fields":{}},"os":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}},"name":{"ignore_above":1024,"type":"keyword"},"device":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}}}}}}},"composed_of":["logs-apache.error@settings","logs-apache.error@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"data_stream":{"hidden":false,"allow_custom_routing":false}}},{"name":"logs-apache.access","index_template":{"index_patterns":["logs-apache.access-*"],"template":{"settings":{"index":{"default_pipeline":"logs-apache.access-1.3.6"}},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"process":{"properties":{"pid":{"type":"long"},"thread":{"properties":{"id":{"type":"long"}}}}},"log":{"properties":{"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword"}}},"offset":{"type":"long"},"level":{"ignore_above":1024,"type":"keyword"}}},"destination":{"properties":{"domain":{"ignore_above":1024,"type":"keyword"}}},"source":{"properties":{"geo":{"properties":{"continent_name":{"ignore_above":1024,"type":"keyword"},"region_iso_code":{"ignore_above":1024,"type":"keyword"},"city_name":{"ignore_above":1024,"type":"keyword"},"country_iso_code":{"ignore_above":1024,"type":"keyword"},"country_name":{"ignore_above":1024,"type":"keyword"},"location":{"type":"geo_point"},"region_name":{"ignore_above":1024,"type":"keyword"}}},"as":{"properties":{"number":{"type":"long"},"organization":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}}}},"address":{"ignore_above":1024,"type":"keyword"},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"}}},"error":{"properties":{"message":{"type":"match_only_text"}}},"message":{"type":"match_only_text"},"url":{"properties":{"path":{"ignore_above":1024,"type":"wildcard"},"extension":{"ignore_above":1024,"type":"keyword"},"original":{"ignore_above":1024,"type":"wildcard","fields":{}},"domain":{"ignore_above":1024,"type":"keyword"},"query":{"ignore_above":1024,"type":"keyword"}}},"tags":{"ignore_above":1024,"type":"keyword"},"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"input":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"@timestamp":{"type":"date"},"file":{"properties":{"path":{"ignore_above":1024,"type":"keyword","fields":{}}}},"apache":{"properties":{"access":{"properties":{"ssl":{"properties":{"cipher":{"ignore_above":1024,"type":"keyword"},"protocol":{"ignore_above":1024,"type":"keyword"}}}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"http":{"properties":{"request":{"properties":{"referrer":{"ignore_above":1024,"type":"keyword"},"method":{"ignore_above":1024,"type":"keyword"}}},"response":{"properties":{"status_code":{"type":"long"},"body":{"properties":{"bytes":{"type":"long"}}}}},"version":{"ignore_above":1024,"type":"keyword"}}},"tls":{"properties":{"cipher":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"version_protocol":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"created":{"type":"date"},"kind":{"ignore_above":1024,"type":"keyword"},"module":{"type":"constant_keyword","value":"apache"},"category":{"ignore_above":1024,"type":"keyword"},"dataset":{"type":"constant_keyword","value":"apache.access"},"outcome":{"ignore_above":1024,"type":"keyword"}}},"user":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}}}},"user_agent":{"properties":{"original":{"ignore_above":1024,"type":"keyword","fields":{}},"os":{"properties":{"name":{"ignore_above":1024,"type":"keyword","fields":{}},"version":{"ignore_above":1024,"type":"keyword"},"full":{"ignore_above":1024,"type":"keyword","fields":{}}}},"name":{"ignore_above":1024,"type":"keyword"},"device":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"version":{"ignore_above":1024,"type":"keyword"}}}}}},"composed_of":["logs-apache.access@settings","logs-apache.access@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"data_stream":{"hidden":false,"allow_custom_routing":false}}},{"name":"metrics-apache.status","index_template":{"index_patterns":["metrics-apache.status-*"],"template":{"settings":{},"mappings":{"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"dynamic_templates":[{"strings_as_keyword":{"mapping":{"ignore_above":1024,"type":"keyword"},"match_mapping_type":"string"}}],"date_detection":false,"properties":{"cloud":{"properties":{"availability_zone":{"ignore_above":1024,"type":"keyword"},"image":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"instance":{"properties":{"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"}}},"provider":{"ignore_above":1024,"type":"keyword"},"machine":{"properties":{"type":{"ignore_above":1024,"type":"keyword"}}},"project":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}},"region":{"ignore_above":1024,"type":"keyword"},"account":{"properties":{"id":{"ignore_above":1024,"type":"keyword"}}}}},"container":{"properties":{"image":{"properties":{"name":{"ignore_above":1024,"type":"keyword"}}},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"labels":{"type":"object"}}},"@timestamp":{"type":"date"},"apache":{"properties":{"status":{"properties":{"bytes_per_request":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"load":{"properties":{"1":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"15":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"5":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"}}},"bytes_per_sec":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"total_bytes":{"meta":{"unit":"byte","metric_type":"counter"},"type":"long"},"cpu":{"properties":{"system":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"load":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"children_system":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"children_user":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"user":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"}}},"total_accesses":{"meta":{"metric_type":"counter"},"type":"long"},"scoreboard":{"properties":{"total":{"meta":{"metric_type":"gauge"},"type":"long"},"keepalive":{"meta":{"metric_type":"gauge"},"type":"long"},"idle_cleanup":{"meta":{"metric_type":"gauge"},"type":"long"},"waiting_for_connection":{"meta":{"metric_type":"gauge"},"type":"long"},"logging":{"meta":{"metric_type":"gauge"},"type":"long"},"gracefully_finishing":{"meta":{"metric_type":"gauge"},"type":"long"},"open_slot":{"meta":{"metric_type":"gauge"},"type":"long"},"dns_lookup":{"meta":{"metric_type":"gauge"},"type":"long"},"sending_reply":{"meta":{"metric_type":"gauge"},"type":"long"},"closing_connection":{"meta":{"metric_type":"gauge"},"type":"long"},"starting_up":{"meta":{"metric_type":"gauge"},"type":"long"},"reading_request":{"meta":{"metric_type":"gauge"},"type":"long"}}},"workers":{"properties":{"idle":{"meta":{"metric_type":"gauge"},"type":"long"},"busy":{"meta":{"metric_type":"gauge"},"type":"long"}}},"connections":{"properties":{"async":{"properties":{"closing":{"meta":{"metric_type":"gauge"},"type":"long"},"writing":{"meta":{"metric_type":"gauge"},"type":"long"},"keep_alive":{"meta":{"metric_type":"gauge"},"type":"long"}}},"total":{"meta":{"metric_type":"counter"},"type":"long"}}},"requests_per_sec":{"meta":{"metric_type":"gauge"},"scaling_factor":1000,"type":"scaled_float"},"uptime":{"properties":{"server_uptime":{"meta":{"metric_type":"counter"},"type":"long"},"uptime":{"meta":{"metric_type":"counter"},"type":"long"}}}}}}},"ecs":{"properties":{"version":{"ignore_above":1024,"type":"keyword"}}},"data_stream":{"properties":{"namespace":{"type":"constant_keyword"},"type":{"type":"constant_keyword"},"dataset":{"type":"constant_keyword"}}},"service":{"properties":{"address":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"}}},"host":{"properties":{"hostname":{"ignore_above":1024,"type":"keyword"},"os":{"properties":{"build":{"ignore_above":1024,"type":"keyword"},"kernel":{"ignore_above":1024,"type":"keyword"},"codename":{"ignore_above":1024,"type":"keyword"},"name":{"ignore_above":1024,"type":"keyword","fields":{"text":{"type":"text"}}},"family":{"ignore_above":1024,"type":"keyword"},"version":{"ignore_above":1024,"type":"keyword"},"platform":{"ignore_above":1024,"type":"keyword"}}},"domain":{"ignore_above":1024,"type":"keyword"},"ip":{"type":"ip"},"containerized":{"type":"boolean"},"name":{"ignore_above":1024,"type":"keyword"},"id":{"ignore_above":1024,"type":"keyword"},"type":{"ignore_above":1024,"type":"keyword"},"mac":{"ignore_above":1024,"type":"keyword"},"architecture":{"ignore_above":1024,"type":"keyword"}}},"event":{"properties":{"module":{"type":"constant_keyword","value":"apache"},"dataset":{"type":"constant_keyword","value":"apache.status"}}},"error":{"properties":{"message":{"type":"match_only_text"}}}}}},"composed_of":["metrics-apache.status@settings","metrics-apache.status@custom",".fleet_component_template-1"],"priority":200,"_meta":{"package":{"name":"apache"},"managed_by":"fleet","managed":true},"data_stream":{"hidden":false,"allow_custom_routing":false}}}]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-.fleet_final_pipeline-1.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-.fleet_final_pipeline-1.json deleted file mode 100644 index 2c546a7767..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-.fleet_final_pipeline-1.json +++ /dev/null @@ -1 +0,0 @@ -{".fleet_final_pipeline-1":{"version":2,"_meta":{"managed_by":"fleet","managed":true},"description":"Final pipeline for processing all incoming Fleet Agent documents.\n","processors":[{"set":{"description":"Add time when event was ingested.","field":"event.ingested","copy_from":"_ingest.timestamp"}},{"script":{"description":"Remove sub-seconds from event.ingested to improve storage efficiency.","tag":"truncate-subseconds-event-ingested","source":"ctx.event.ingested = ctx.event.ingested.withNano(0).format(DateTimeFormatter.ISO_OFFSET_DATE_TIME);","ignore_failure":true}},{"remove":{"description":"Remove any pre-existing untrusted values.","field":["event.agent_id_status","_security"],"ignore_missing":true}},{"set_security_user":{"field":"_security","properties":["authentication_type","username","realm","api_key"]}},{"script":{"description":"Add event.agent_id_status based on the API key metadata and the agent.id contained in the event.\n","tag":"agent-id-status","source":"boolean is_user_trusted(def ctx, def users) {\n if (ctx?._security?.username == null) {\n return false;\n }\n\n def user = null;\n for (def item : users) {\n if (item?.username == ctx._security.username) {\n user = item;\n break;\n }\n }\n\n if (user == null || user?.realm == null || ctx?._security?.realm?.name == null) {\n return false;\n }\n\n if (ctx._security.realm.name != user.realm) {\n return false;\n }\n\n return true;\n}\n\nString verified(def ctx, def params) {\n // No agent.id field to validate.\n if (ctx?.agent?.id == null) {\n return \"missing\";\n }\n\n // Check auth metadata from API key.\n if (ctx?._security?.authentication_type == null\n // Agents only use API keys.\n || ctx._security.authentication_type != 'API_KEY'\n // Verify the API key owner before trusting any metadata it contains.\n || !is_user_trusted(ctx, params.trusted_users)\n // Verify the API key has metadata indicating the assigned agent ID.\n || ctx?._security?.api_key?.metadata?.agent_id == null) {\n return \"auth_metadata_missing\";\n }\n\n // The API key can only be used represent the agent.id it was issued to.\n if (ctx._security.api_key.metadata.agent_id != ctx.agent.id) {\n // Potential masquerade attempt.\n return \"mismatch\";\n }\n\n return \"verified\";\n}\n\nif (ctx?.event == null) {\n ctx.event = [:];\n}\n\nctx.event.agent_id_status = verified(ctx, params);","params":{"trusted_users":[{"username":"elastic/fleet-server","realm":"_service_account"},{"username":"cloud-internal-agent-server","realm":"found"},{"username":"elastic","realm":"reserved"}]}}},{"remove":{"field":"_security","ignore_missing":true}}],"on_failure":[{"remove":{"field":"_security","ignore_missing":true,"ignore_failure":true}},{"append":{"field":"error.message","value":["failed in Fleet agent final_pipeline: {{ _ingest.on_failure_message }}"]}}]}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.6-third-party.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.6-third-party.json deleted file mode 100644 index 284e4fde72..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.6-third-party.json +++ /dev/null @@ -1 +0,0 @@ -{"logs-apache.access-1.3.6-third-party":{"description":"Pipeline for parsing Apache HTTP Server logs from third party api","processors":[{"json":{"field":"message","target_field":"json"}},{"drop":{"if":"ctx.json?.result == null"}},{"fingerprint":{"fields":["json.result._cd","json.result._indextime","json.result._raw","json.result._time","json.result.host","json.result.source"],"target_field":"_id","ignore_missing":true}},{"set":{"copy_from":"json.result._raw","field":"message","ignore_empty_value":true}},{"set":{"copy_from":"json.result.host","field":"host.name","ignore_empty_value":true}},{"set":{"copy_from":"json.result.source","field":"file.path","ignore_empty_value":true}},{"remove":{"field":["json"],"ignore_missing":true}}],"on_failure":[{"append":{"field":"error.message","value":"error in third-party pipeline: error in [{{_ingest.on_failure_processor_type}}] processor{{#_ingest.on_failure_processor_tag}} with tag [{{_ingest.on_failure_processor_tag }}]{{/_ingest.on_failure_processor_tag}} {{ _ingest.on_failure_message }}"}}],"_meta":{"managed_by":"fleet","managed":true,"package":{"name":"apache"}}}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.6.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.6.json deleted file mode 100644 index 3a70437c72..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.access-1.3.6.json +++ /dev/null @@ -1 +0,0 @@ -{"logs-apache.access-1.3.6":{"description":"Pipeline for parsing Apache HTTP Server access logs. Requires the geoip and user_agent plugins.","processors":[{"pipeline":{"if":"ctx.message.startsWith('{')","name":"logs-apache.access-1.3.6-third-party"}},{"set":{"field":"event.ingested","value":"{{_ingest.timestamp}}"}},{"set":{"field":"ecs.version","value":"1.12.0"}},{"rename":{"field":"message","target_field":"event.original"}},{"grok":{"field":"event.original","patterns":["%{IPORHOST:destination.domain} %{IPORHOST:source.ip} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"(?:%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}|-)?\" %{NUMBER:http.response.status_code:long} (?:%{NUMBER:http.response.body.bytes:long}|-)( \"%{DATA:http.request.referrer}\")?( \"%{DATA:user_agent.original}\")?","%{IPORHOST:source.address} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"(?:%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}|-)?\" %{NUMBER:http.response.status_code:long} (?:%{NUMBER:http.response.body.bytes:long}|-)( \"%{DATA:http.request.referrer}\")?( \"%{DATA:user_agent.original}\")?","%{IPORHOST:source.address} - %{DATA:user.name} \\[%{HTTPDATE:apache.access.time}\\] \"-\" %{NUMBER:http.response.status_code:long} -","\\[%{HTTPDATE:apache.access.time}\\] %{IPORHOST:source.address} %{DATA:apache.access.ssl.protocol} %{DATA:apache.access.ssl.cipher} \"%{WORD:http.request.method} %{DATA:_tmp.url_orig} HTTP/%{NUMBER:http.version}\" (-|%{NUMBER:http.response.body.bytes:long})"],"ignore_missing":true}},{"uri_parts":{"field":"_tmp.url_orig","ignore_failure":true}},{"remove":{"field":["_tmp"],"ignore_missing":true}},{"set":{"field":"url.domain","value":"{{destination.domain}}","if":"ctx.url?.domain == null && ctx.destination?.domain != null"}},{"set":{"field":"event.kind","value":"event"}},{"set":{"field":"event.category","value":"web"}},{"set":{"field":"event.outcome","value":"success","if":"ctx?.http?.response?.status_code != null && ctx.http.response.status_code < 400"}},{"set":{"field":"event.outcome","value":"failure","if":"ctx?.http?.response?.status_code != null && ctx.http.response.status_code > 399"}},{"grok":{"field":"source.address","ignore_missing":true,"patterns":["^(%{IP:source.ip}|%{HOSTNAME:source.domain})$"]}},{"remove":{"field":"event.created","ignore_missing":true,"ignore_failure":true}},{"rename":{"field":"@timestamp","target_field":"event.created"}},{"date":{"field":"apache.access.time","target_field":"@timestamp","formats":["dd/MMM/yyyy:H:m:s Z"],"ignore_failure":true}},{"remove":{"field":"apache.access.time","ignore_failure":true}},{"user_agent":{"field":"user_agent.original","ignore_failure":true}},{"geoip":{"field":"source.ip","target_field":"source.geo","ignore_missing":true}},{"geoip":{"database_file":"GeoLite2-ASN.mmdb","field":"source.ip","target_field":"source.as","properties":["asn","organization_name"],"ignore_missing":true}},{"rename":{"field":"source.as.asn","target_field":"source.as.number","ignore_missing":true}},{"rename":{"field":"source.as.organization_name","target_field":"source.as.organization.name","ignore_missing":true}},{"set":{"field":"tls.cipher","value":"{{apache.access.ssl.cipher}}","if":"ctx?.apache?.access?.ssl?.cipher != null"}},{"script":{"lang":"painless","if":"ctx?.apache?.access?.ssl?.protocol != null","source":"def parts = ctx.apache.access.ssl.protocol.toLowerCase().splitOnToken(\"v\"); if (parts.length != 2) {\n return;\n} if (parts[1].contains(\".\")) {\n ctx.tls.version = parts[1];\n} else {\n ctx.tls.version = parts[1] + \".0\";\n} ctx.tls.version_protocol = parts[0];"}},{"script":{"lang":"painless","description":"This script processor iterates over the whole document to remove fields with null values.","source":"void handleMap(Map map) {\n for (def x : map.values()) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n map.values().removeIf(v -> v == null);\n}\nvoid handleList(List list) {\n for (def x : list) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n}\nhandleMap(ctx);\n"}},{"remove":{"field":"event.original","if":"ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))","ignore_failure":true,"ignore_missing":true}}],"on_failure":[{"set":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}],"_meta":{"managed_by":"fleet","managed":true,"package":{"name":"apache"}}}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.6-third-party.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.6-third-party.json deleted file mode 100644 index 1794fd2eb9..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.6-third-party.json +++ /dev/null @@ -1 +0,0 @@ -{"logs-apache.error-1.3.6-third-party":{"description":"Pipeline for parsing Apache HTTP Server logs from third party api","processors":[{"json":{"field":"message","target_field":"json"}},{"drop":{"if":"ctx.json?.result == null"}},{"fingerprint":{"fields":["json.result._cd","json.result._indextime","json.result._raw","json.result._time","json.result.host","json.result.source"],"target_field":"_id","ignore_missing":true}},{"set":{"copy_from":"json.result._raw","field":"message","ignore_empty_value":true}},{"set":{"copy_from":"json.result.host","field":"host.name","ignore_empty_value":true}},{"set":{"copy_from":"json.result.source","field":"file.path","ignore_empty_value":true}},{"remove":{"field":["json"],"ignore_missing":true}}],"on_failure":[{"append":{"field":"error.message","value":"error in third-party pipeline: error in [{{_ingest.on_failure_processor_type}}] processor{{#_ingest.on_failure_processor_tag}} with tag [{{_ingest.on_failure_processor_tag }}]{{/_ingest.on_failure_processor_tag}} {{ _ingest.on_failure_message }}"}}],"_meta":{"managed_by":"fleet","managed":true,"package":{"name":"apache"}}}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.6.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.6.json deleted file mode 100644 index d2bd22f31b..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ingest-pipeline-logs-apache.error-1.3.6.json +++ /dev/null @@ -1 +0,0 @@ -{"logs-apache.error-1.3.6":{"description":"Pipeline for parsing apache error logs","processors":[{"pipeline":{"if":"ctx.message.startsWith('{')","name":"logs-apache.error-1.3.6-third-party"}},{"set":{"field":"event.ingested","value":"{{_ingest.timestamp}}"}},{"set":{"field":"ecs.version","value":"1.12.0"}},{"rename":{"field":"message","target_field":"event.original"}},{"grok":{"field":"event.original","patterns":["\\[%{APACHE_TIME:apache.error.timestamp}\\] \\[%{LOGLEVEL:log.level}\\]( \\[client %{IPORHOST:source.address}(:%{POSINT:source.port})?\\])? %{GREEDYDATA:message}","\\[%{APACHE_TIME:apache.error.timestamp}\\] \\[%{DATA:apache.error.module}:%{APACHE_LOGLEVEL:log.level}\\] \\[pid %{NUMBER:process.pid:long}(:tid %{NUMBER:process.thread.id:long})?\\]( \\[client %{IPORHOST:source.address}(:%{POSINT:source.port})?\\])? %{GREEDYDATA:message}"],"pattern_definitions":{"APACHE_LOGLEVEL":"%{LOGLEVEL}[0-9]*","APACHE_TIME":"%{DAY} %{MONTH} %{MONTHDAY} %{TIME} %{YEAR}"},"ignore_missing":true}},{"grok":{"field":"message","patterns":["File does not exist: %{URIPATH:file.path}, referer: %{URI:http.request.referrer}","File does not exist: %{URIPATH:file.path}"],"ignore_missing":true,"ignore_failure":true}},{"date":{"if":"ctx.event.timezone == null","field":"apache.error.timestamp","target_field":"@timestamp","formats":["EEE MMM dd H:m:s yyyy","EEE MMM dd H:m:s.SSSSSS yyyy"],"on_failure":[{"append":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}},{"date":{"if":"ctx.event.timezone != null","field":"apache.error.timestamp","target_field":"@timestamp","formats":["EEE MMM dd H:m:s yyyy","EEE MMM dd H:m:s.SSSSSS yyyy"],"timezone":"{{ event.timezone }}","on_failure":[{"append":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}]}},{"remove":{"field":"apache.error.timestamp","ignore_failure":true}},{"set":{"field":"event.kind","value":"event"}},{"set":{"field":"event.category","value":"web"}},{"script":{"if":"ctx?.log?.level != null","lang":"painless","source":"def err_levels = [\"emerg\", \"alert\", \"crit\", \"error\", \"warn\"]; if (err_levels.contains(ctx.log.level)) {\n ctx.event.type = \"error\";\n} else {\n ctx.event.type = \"info\";\n}"}},{"grok":{"field":"source.address","ignore_missing":true,"patterns":["^(%{IP:source.ip}|%{HOSTNAME:source.domain})$"]}},{"geoip":{"field":"source.ip","target_field":"source.geo","ignore_missing":true}},{"geoip":{"database_file":"GeoLite2-ASN.mmdb","field":"source.ip","target_field":"source.as","properties":["asn","organization_name"],"ignore_missing":true}},{"rename":{"field":"source.as.asn","target_field":"source.as.number","ignore_missing":true}},{"rename":{"field":"source.as.organization_name","target_field":"source.as.organization.name","ignore_missing":true}},{"convert":{"field":"source.port","type":"long","ignore_missing":true}},{"script":{"lang":"painless","description":"This script processor iterates over the whole document to remove fields with null values.","source":"void handleMap(Map map) {\n for (def x : map.values()) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n map.values().removeIf(v -> v == null);\n}\nvoid handleList(List list) {\n for (def x : list) {\n if (x instanceof Map) {\n handleMap(x);\n } else if (x instanceof List) {\n handleList(x);\n }\n }\n}\nhandleMap(ctx);\n"}},{"remove":{"field":"event.original","if":"ctx?.tags == null || !(ctx.tags.contains('preserve_original_event'))","ignore_failure":true,"ignore_missing":true}}],"on_failure":[{"set":{"field":"error.message","value":"{{ _ingest.on_failure_message }}"}}],"_meta":{"managed_by":"fleet","managed":true,"package":{"name":"apache"}}}} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json deleted file mode 100644 index 5d11489c2f..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json +++ /dev/null @@ -1 +0,0 @@ -{"count":0,"trained_model_configs":[]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_feature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_feature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json deleted file mode 100644 index 5d11489c2f..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/_ml-trained_models-apache___decompress_definition_false&include_feature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json +++ /dev/null @@ -1 +0,0 @@ -{"count":0,"trained_model_configs":[]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/root.json b/internal/dump/testdata/elasticsearch-8-mock-dump-apache/root.json deleted file mode 100644 index 2e45f2226b..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-apache/root.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "name" : "fc2935e6b13c", - "cluster_name" : "elasticsearch", - "cluster_uuid" : "NX1JVCItRratMEXogOKYSQ", - "version" : { - "number" : "8.1.0", - "build_flavor" : "default", - "build_type" : "docker", - "build_hash" : "3700f7679f7d95e36da0b43762189bab189bc53a", - "build_date" : "2022-03-03T14:20:00.690422633Z", - "build_snapshot" : false, - "lucene_version" : "9.0.0", - "minimum_wire_compatibility_version" : "7.17.0", - "minimum_index_compatibility_version" : "7.0.0" - }, - "tagline" : "You Know, for Search" -} diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-dga.yaml b/internal/dump/testdata/elasticsearch-8-mock-dump-dga.yaml new file mode 100644 index 0000000000..6b5e56fe31 --- /dev/null +++ b/internal/dump/testdata/elasticsearch-8-mock-dump-dga.yaml @@ -0,0 +1,349 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/ + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 538 + uncompressed: false + body: | + { + "name" : "ef4c4bab9373", + "cluster_name" : "elasticsearch", + "cluster_uuid" : "coeNP0PdQY-fabxLWSssFg", + "version" : { + "number" : "8.9.0", + "build_flavor" : "default", + "build_type" : "docker", + "build_hash" : "8aa461beb06aa0417a231c345a1b8c38fb498a0d", + "build_date" : "2023-07-19T14:43:58.555259655Z", + "build_snapshot" : false, + "lucene_version" : "9.7.0", + "minimum_wire_compatibility_version" : "7.17.0", + "minimum_index_compatibility_version" : "7.0.0" + }, + "tagline" : "You Know, for Search" + } + headers: + Content-Length: + - "538" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 4.329333ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_index_template/*-dga.* + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 22 + uncompressed: false + body: '{"index_templates":[]}' + headers: + Content-Length: + - "22" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 404 Not Found + code: 404 + duration: 507.076µs + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_index_template/*-dga.* + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 22 + uncompressed: false + body: '{"index_templates":[]}' + headers: + Content-Length: + - "22" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 404 Not Found + code: 404 + duration: 279.28µs + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_index_template/*-dga.* + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 22 + uncompressed: false + body: '{"index_templates":[]}' + headers: + Content-Length: + - "22" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 404 Not Found + code: 404 + duration: 240.007µs + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_ml/trained_models/dga_*?decompress_definition=false&include=definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 2880 + uncompressed: false + body: | + {"count":1,"trained_model_configs":[{"model_id":"dga_1611725_2.0","model_type":"tree_ensemble","created_by":"api_user","version":"8.9.0","create_time":1701103516636,"model_size_bytes":246784104,"estimated_operations":0,"license_level":"platinum","description":"Model used to detect domain generation algorithm (DGA) activity in your network data.","compressed_definition":"//REDACTED//","tags":["packetbeat-7.10.0-2021-03-10_expanded_8_analysis"],"metadata":{"analytics_config":{"max_num_threads":8,"create_time":1615403883977,"model_memory_limit":"6gb","allow_lazy_start":false,"description":"","analyzed_fields":{"excludes":[],"includes":["f.*","dns.response_code","malicious"]},"id":"packetbeat-7.10.0-2021-03-10_expanded_8_analysis","source":{"query":{"match_all":{}},"index":["packetbeat-7.10.0-2021-03-10_expanded"]},"analysis":{"classification":{"randomize_seed":1,"dependent_variable":"malicious","num_top_classes":2,"training_percent":100,"class_assignment_objective":"maximize_minimum_recall","prediction_field_name":"malicious_prediction"}},"dest":{"index":"packetbeat-7.10.0-2021-03-10_expanded_8_analysis","results_field":"ml"},"version":"7.11.0"}},"input":{"field_names":["dns.response_code","f.b0","f.b1","f.b10","f.b11","f.b12","f.b13","f.b14","f.b15","f.b16","f.b17","f.b18","f.b19","f.b2","f.b20","f.b21","f.b22","f.b23","f.b24","f.b25","f.b26","f.b27","f.b28","f.b29","f.b3","f.b30","f.b31","f.b32","f.b33","f.b34","f.b35","f.b36","f.b37","f.b38","f.b39","f.b4","f.b40","f.b41","f.b42","f.b43","f.b44","f.b45","f.b46","f.b47","f.b48","f.b49","f.b5","f.b50","f.b51","f.b52","f.b53","f.b54","f.b55","f.b56","f.b57","f.b58","f.b59","f.b6","f.b60","f.b7","f.b8","f.b9","f.t0","f.t1","f.t10","f.t11","f.t12","f.t13","f.t14","f.t15","f.t16","f.t17","f.t18","f.t19","f.t2","f.t20","f.t21","f.t22","f.t23","f.t24","f.t25","f.t26","f.t27","f.t28","f.t29","f.t3","f.t30","f.t31","f.t32","f.t33","f.t34","f.t35","f.t36","f.t37","f.t38","f.t39","f.t4","f.t40","f.t41","f.t42","f.t43","f.t44","f.t45","f.t46","f.t47","f.t48","f.t49","f.t5","f.t50","f.t51","f.t52","f.t53","f.t54","f.t55","f.t56","f.t57","f.t58","f.t59","f.t6","f.t7","f.t8","f.t9","f.tld","f.u0","f.u1","f.u10","f.u11","f.u12","f.u13","f.u14","f.u15","f.u16","f.u17","f.u18","f.u19","f.u2","f.u20","f.u21","f.u22","f.u23","f.u24","f.u25","f.u26","f.u27","f.u28","f.u29","f.u3","f.u30","f.u31","f.u32","f.u33","f.u34","f.u35","f.u36","f.u37","f.u38","f.u39","f.u4","f.u40","f.u41","f.u42","f.u43","f.u44","f.u45","f.u46","f.u47","f.u48","f.u49","f.u5","f.u50","f.u51","f.u52","f.u53","f.u54","f.u55","f.u56","f.u57","f.u58","f.u59","f.u6","f.u60","f.u61","f.u7","f.u8","f.u9"]},"inference_config":{"classification":{"num_top_classes":2,"top_classes_results_field":"top_classes","results_field":"malicious_prediction","num_top_feature_importance_values":0,"prediction_field_type":"number"}},"location":{"index":{"name":".ml-inference-000005"}}}]} + headers: + Content-Length: + - "2880" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 145.381452ms + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_index_template/*-dga.* + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 22 + uncompressed: false + body: '{"index_templates":[]}' + headers: + Content-Length: + - "22" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 404 Not Found + code: 404 + duration: 2.7802ms + - id: 6 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_index_template/*-dga.* + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 22 + uncompressed: false + body: '{"index_templates":[]}' + headers: + Content-Length: + - "22" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 404 Not Found + code: 404 + duration: 418.494µs + - id: 7 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_index_template/*-dga.* + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 22 + uncompressed: false + body: '{"index_templates":[]}' + headers: + Content-Length: + - "22" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 404 Not Found + code: 404 + duration: 3.221054ms diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-dga/_index_template-_-dga._.json b/internal/dump/testdata/elasticsearch-8-mock-dump-dga/_index_template-_-dga._.json deleted file mode 100644 index e335955fc0..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-dga/_index_template-_-dga._.json +++ /dev/null @@ -1 +0,0 @@ -{"index_templates":[]} \ No newline at end of file diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-dga/_ml-trained_models-dga___decompress_definition_false&include_definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json b/internal/dump/testdata/elasticsearch-8-mock-dump-dga/_ml-trained_models-dga___decompress_definition_false&include_definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json deleted file mode 100644 index 9bd8a9681d..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-dga/_ml-trained_models-dga___decompress_definition_false&include_definition%2Cfeature_importance_baseline%2Chyperparameters%2Ctotal_feature_importance.json +++ /dev/null @@ -1 +0,0 @@ -{"count":1,"trained_model_configs":[{"model_id":"dga_1611725_2.0","model_type":"tree_ensemble","created_by":"api_user","version":"8.9.0","create_time":1699476967200,"model_size_bytes":246784104,"estimated_operations":0,"license_level":"platinum","description":"Model used to detect domain generation algorithm (DGA) activity in your network data.","compressed_definition":"//REDACTED//","tags":["packetbeat-7.10.0-2021-03-10_expanded_8_analysis"],"metadata":{"analytics_config":{"max_num_threads":8,"create_time":1615403883977,"model_memory_limit":"6gb","allow_lazy_start":false,"description":"","analyzed_fields":{"excludes":[],"includes":["f.*","dns.response_code","malicious"]},"id":"packetbeat-7.10.0-2021-03-10_expanded_8_analysis","source":{"query":{"match_all":{}},"index":["packetbeat-7.10.0-2021-03-10_expanded"]},"analysis":{"classification":{"randomize_seed":1,"dependent_variable":"malicious","num_top_classes":2,"training_percent":100.0,"class_assignment_objective":"maximize_minimum_recall","prediction_field_name":"malicious_prediction"}},"dest":{"index":"packetbeat-7.10.0-2021-03-10_expanded_8_analysis","results_field":"ml"},"version":"7.11.0"}},"input":{"field_names":["dns.response_code","f.b0","f.b1","f.b10","f.b11","f.b12","f.b13","f.b14","f.b15","f.b16","f.b17","f.b18","f.b19","f.b2","f.b20","f.b21","f.b22","f.b23","f.b24","f.b25","f.b26","f.b27","f.b28","f.b29","f.b3","f.b30","f.b31","f.b32","f.b33","f.b34","f.b35","f.b36","f.b37","f.b38","f.b39","f.b4","f.b40","f.b41","f.b42","f.b43","f.b44","f.b45","f.b46","f.b47","f.b48","f.b49","f.b5","f.b50","f.b51","f.b52","f.b53","f.b54","f.b55","f.b56","f.b57","f.b58","f.b59","f.b6","f.b60","f.b7","f.b8","f.b9","f.t0","f.t1","f.t10","f.t11","f.t12","f.t13","f.t14","f.t15","f.t16","f.t17","f.t18","f.t19","f.t2","f.t20","f.t21","f.t22","f.t23","f.t24","f.t25","f.t26","f.t27","f.t28","f.t29","f.t3","f.t30","f.t31","f.t32","f.t33","f.t34","f.t35","f.t36","f.t37","f.t38","f.t39","f.t4","f.t40","f.t41","f.t42","f.t43","f.t44","f.t45","f.t46","f.t47","f.t48","f.t49","f.t5","f.t50","f.t51","f.t52","f.t53","f.t54","f.t55","f.t56","f.t57","f.t58","f.t59","f.t6","f.t7","f.t8","f.t9","f.tld","f.u0","f.u1","f.u10","f.u11","f.u12","f.u13","f.u14","f.u15","f.u16","f.u17","f.u18","f.u19","f.u2","f.u20","f.u21","f.u22","f.u23","f.u24","f.u25","f.u26","f.u27","f.u28","f.u29","f.u3","f.u30","f.u31","f.u32","f.u33","f.u34","f.u35","f.u36","f.u37","f.u38","f.u39","f.u4","f.u40","f.u41","f.u42","f.u43","f.u44","f.u45","f.u46","f.u47","f.u48","f.u49","f.u5","f.u50","f.u51","f.u52","f.u53","f.u54","f.u55","f.u56","f.u57","f.u58","f.u59","f.u6","f.u60","f.u61","f.u7","f.u8","f.u9"]},"inference_config":{"classification":{"num_top_classes":2,"top_classes_results_field":"top_classes","results_field":"malicious_prediction","num_top_feature_importance_values":0,"prediction_field_type":"number"}},"location":{"index":{"name":".ml-inference-000005"}}}]} diff --git a/internal/dump/testdata/elasticsearch-8-mock-dump-dga/root.json b/internal/dump/testdata/elasticsearch-8-mock-dump-dga/root.json deleted file mode 100644 index faee033935..0000000000 --- a/internal/dump/testdata/elasticsearch-8-mock-dump-dga/root.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "name" : "1e7db0dba34c", - "cluster_name" : "elasticsearch", - "cluster_uuid" : "ZaTGsKIBRiejgFuEXWEmPg", - "version" : { - "number" : "8.9.0", - "build_flavor" : "default", - "build_type" : "docker", - "build_hash" : "8aa461beb06aa0417a231c345a1b8c38fb498a0d", - "build_date" : "2023-07-19T14:43:58.555259655Z", - "build_snapshot" : false, - "lucene_version" : "9.7.0", - "minimum_wire_compatibility_version" : "7.17.0", - "minimum_index_compatibility_version" : "7.0.0" - }, - "tagline" : "You Know, for Search" -} diff --git a/internal/dump/testdata/fleet-7-mock-dump-all.yaml b/internal/dump/testdata/fleet-7-mock-dump-all.yaml new file mode 100644 index 0000000000..f19ecdec0d --- /dev/null +++ b/internal/dump/testdata/fleet-7-mock-dump-all.yaml @@ -0,0 +1,183 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic Og== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/status + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 24461 + uncompressed: false + body: '{"name":"kibana","uuid":"c3a74423-07d2-47bc-8843-0580b1fe9eb6","version":{"number":"7.17.0","build_hash":"60a9838d21b6420bbdb5a4d07099111b74c68ceb","build_number":46534,"build_snapshot":false},"status":{"overall":{"since":"2023-08-30T11:43:55.277Z","state":"green","title":"Green","nickname":"Looking good","icon":"success","uiColor":"secondary"},"statuses":[{"id":"core:elasticsearch@7.17.0","message":"Elasticsearch is available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"core:savedObjects@7.17.0","message":"SavedObjects service has completed migrations and is available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:advancedSettings@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:bfetch@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionMetricVis@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionTagcloud@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:charts@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:console@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:customIntegrations@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dashboard@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:data@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dataViews@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:devTools@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:discover@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:embeddable@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:esUiShared@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionError@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionImage@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionMetric@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionRepeatImage@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionRevealImage@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionShape@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressions@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:fieldFormats@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:home@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexPatternEditor@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexPatternFieldEditor@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexPatternManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:inputControlVis@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:inspector@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaLegacy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaOverview@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaReact@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaUsageCollection@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaUtils@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:management@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:mapsEms@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:mapsLegacy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:navigation@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:newsfeed@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:presentationUtil@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:regionMap@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjects@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjectsManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjectsTaggingOss@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:screenshotMode@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:share@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetry@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetryCollectionManager@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetryManagementSection@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:tileMap@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:uiActions@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:urlForwarding@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:usageCollection@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visDefaultEditor@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeMarkdown@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeMetric@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypePie@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTable@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTagcloud@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTimelion@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTimeseries@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeVega@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeVislib@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeXy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visualizations@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visualize@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:actions@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:alerting@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:apm@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:banners@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:canvas@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:cases@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:cloud@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:code@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:crossClusterReplication@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dashboardEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dashboardMode@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dataEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dataVisualizer@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:discoverEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:urlDrilldown@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:embeddableEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:encryptedSavedObjects@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:enterpriseSearch@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:eventLog@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:features@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:fileUpload@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:fleet@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:globalSearch@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:globalSearchBar@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:globalSearchProviders@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:graph@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:grokdebugger@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexLifecycleManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:infra@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:ingestPipelines@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:lens@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:licenseApiGuard@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:licenseManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:licensing@7.17.0","message":"License fetched","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:lists@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:logstash@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:maps@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:ml@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:monitoring@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:observability@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:osquery@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:painlessLab@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:remoteClusters@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:reporting@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:rollup@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:ruleRegistry@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:runtimeFields@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjectsTagging@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:searchprofiler@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:security@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:securitySolution@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:snapshotRestore@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:spaces@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:stackAlerts@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:taskManager@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetryCollectionXpack@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:timelines@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:transform@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:translations@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:triggersActionsUi@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:uiActionsEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:upgradeAssistant@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:uptime@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:watcher@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:xpackLegacy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"}]},"metrics":{"last_updated":"2023-08-30T11:43:52.253Z","collection_interval_in_millis":5000,"os":{"platform":"linux","platformRelease":"linux-5.19.0-50-generic","load":{"1m":1.07,"5m":1.31,"15m":1.24},"memory":{"total_in_bytes":33358266368,"free_in_bytes":268140544,"used_in_bytes":33090125824},"uptime_in_millis":774883580,"distro":"Ubuntu","distroRelease":"Ubuntu-20.04"},"process":{"memory":{"heap":{"total_in_bytes":533340160,"used_in_bytes":410822832,"size_limit":4345298944},"resident_set_size_in_bytes":643715072},"pid":7,"event_loop_delay":10.179153502040817,"event_loop_delay_histogram":{"min":9.09312,"max":30.359551,"mean":10.179153502040817,"exceeds":0,"stddev":0.9353847573344422,"fromTimestamp":"2023-08-30T11:43:47.251Z","lastUpdatedAt":"2023-08-30T11:43:52.248Z","percentiles":{"50":10.125311,"75":10.190847,"95":10.256383,"99":10.477567}},"uptime_in_millis":1549598.888492},"processes":[{"memory":{"heap":{"total_in_bytes":533340160,"used_in_bytes":410822832,"size_limit":4345298944},"resident_set_size_in_bytes":643715072},"pid":7,"event_loop_delay":10.179153502040817,"event_loop_delay_histogram":{"min":9.09312,"max":30.359551,"mean":10.179153502040817,"exceeds":0,"stddev":0.9353847573344422,"fromTimestamp":"2023-08-30T11:43:47.251Z","lastUpdatedAt":"2023-08-30T11:43:52.248Z","percentiles":{"50":10.125311,"75":10.190847,"95":10.256383,"99":10.477567}},"uptime_in_millis":1549598.888492}],"response_times":{"avg_in_millis":11,"max_in_millis":11},"concurrent_connections":0,"requests":{"disconnects":0,"total":1,"statusCodes":{"200":1},"status_codes":{"200":1}}}}' + headers: + Accept-Ranges: + - bytes + Content-Length: + - "24461" + Content-Type: + - application/json + Date: + - Mon, 27 Nov 2023 18:05:27 GMT + Last-Modified: + - Tue, 03 Oct 2023 15:59:45 GMT + status: 200 OK + code: 200 + duration: 3.629565ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic Og== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/fleet/agent_policies?full=true&page=1 + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 41108 + uncompressed: false + body: '{"items":[{"id":"edf437d0-f64e-11ec-acb0-0b2e9206fdb0","name":"Load Balancers Servers","description":"","namespace":"default","monitoring_enabled":["logs","metrics"],"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T19:26:16.891Z","updated_by":"elastic","package_policies":[{"id":"0483a039-2f91-4d47-b43c-4623cadd5f27","version":"WzEyNTcsMV0=","name":"system-3","namespace":"default","package":{"name":"system","title":"System","version":"1.11.0"},"enabled":true,"policy_id":"edf437d0-f64e-11ec-acb0-0b2e9206fdb0","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"name":"Application","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"name":"Security","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"name":"System","condition":"${host.platform} == ''windows''","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-0483a039-2f91-4d47-b43c-4623cadd5f27"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != ''windows''","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-0483a039-2f91-4d47-b43c-4623cadd5f27"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-0483a039-2f91-4d47-b43c-4623cadd5f27"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-0483a039-2f91-4d47-b43c-4623cadd5f27"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T19:25:42.095Z","created_by":"elastic","updated_at":"2022-06-27T19:25:42.095Z","updated_by":"elastic"},{"id":"c864461b-b8d3-48e0-b477-7954434078b5","version":"WzE1MTgsMV0=","name":"nginx-load-balancers-testt","description":"","namespace":"default","policy_id":"edf437d0-f64e-11ec-acb0-0b2e9206fdb0","enabled":true,"output_id":"","inputs":[{"type":"logfile","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"paths":{"value":["/var/log/nginx/access.log*"],"type":"text"},"tags":{"value":["nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.access-c864461b-b8d3-48e0-b477-7954434078b5","compiled_stream":{"paths":["/var/log/nginx/access.log*"],"tags":["nginx-access"],"exclude_files":[".gz$"],"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"paths":{"value":["/var/log/nginx/error.log*"],"type":"text"},"tags":{"value":["nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.error-c864461b-b8d3-48e0-b477-7954434078b5","compiled_stream":{"paths":["/var/log/nginx/error.log*"],"tags":["nginx-error"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\d{4}\\/\\d{2}\\/\\d{2} ","negate":true,"match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"httpjson","policy_template":"nginx","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:access","type":"text"},"tags":{"value":["forwarded","nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.access-c864461b-b8d3-48e0-b477-7954434078b5"},{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:error","type":"text"},"tags":{"value":["forwarded","nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.error-c864461b-b8d3-48e0-b477-7954434078b5"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}},{"type":"nginx/metrics","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"metrics","dataset":"nginx.stubstatus"},"vars":{"period":{"value":"10s","type":"text"},"server_status_path":{"value":"/nginx_status","type":"text"}},"id":"nginx/metrics-nginx.stubstatus-c864461b-b8d3-48e0-b477-7954434078b5","compiled_stream":{"metricsets":["stubstatus"],"hosts":["http://127.0.0.1:80"],"period":"10s","server_status_path":"/nginx_status"}}],"vars":{"hosts":{"value":["http://127.0.0.1:80"],"type":"text"}}}],"package":{"name":"nginx","title":"Nginx","version":"1.3.2"},"revision":1,"created_at":"2022-06-27T19:26:16.169Z","created_by":"elastic","updated_at":"2022-06-27T19:26:16.169Z","updated_by":"elastic"}],"agents":0},{"id":"b57023b0-f64e-11ec-acb0-0b2e9206fdb0","name":"HTTP servers","description":"","namespace":"default","monitoring_enabled":["logs","metrics"],"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T19:24:39.501Z","updated_by":"elastic","package_policies":[{"id":"7a0e17cf-e39e-4846-911d-c1e4322ff358","version":"Wzg4OSwxXQ==","name":"system-2","namespace":"default","package":{"name":"system","title":"System","version":"1.11.0"},"enabled":true,"policy_id":"b57023b0-f64e-11ec-acb0-0b2e9206fdb0","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"name":"Application","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"name":"Security","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"name":"System","condition":"${host.platform} == ''windows''","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-7a0e17cf-e39e-4846-911d-c1e4322ff358"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != ''windows''","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-7a0e17cf-e39e-4846-911d-c1e4322ff358"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-7a0e17cf-e39e-4846-911d-c1e4322ff358"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-7a0e17cf-e39e-4846-911d-c1e4322ff358"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T19:24:09.017Z","created_by":"elastic","updated_at":"2022-06-27T19:24:09.017Z","updated_by":"elastic"},{"id":"95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4","version":"Wzk5NSwxXQ==","name":"nginx-http-servers-test","description":"","namespace":"default","policy_id":"b57023b0-f64e-11ec-acb0-0b2e9206fdb0","enabled":true,"output_id":"","inputs":[{"type":"logfile","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"paths":{"value":["/var/log/nginx/access.log*"],"type":"text"},"tags":{"value":["nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.access-95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4","compiled_stream":{"paths":["/var/log/nginx/access.log*"],"tags":["nginx-access"],"exclude_files":[".gz$"],"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"paths":{"value":["/var/log/nginx/error.log*"],"type":"text"},"tags":{"value":["nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.error-95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4","compiled_stream":{"paths":["/var/log/nginx/error.log*"],"tags":["nginx-error"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\d{4}\\/\\d{2}\\/\\d{2} ","negate":true,"match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"httpjson","policy_template":"nginx","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:access","type":"text"},"tags":{"value":["forwarded","nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.access-95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4"},{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:error","type":"text"},"tags":{"value":["forwarded","nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.error-95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}},{"type":"nginx/metrics","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"metrics","dataset":"nginx.stubstatus"},"vars":{"period":{"value":"10s","type":"text"},"server_status_path":{"value":"/nginx_status","type":"text"}},"id":"nginx/metrics-nginx.stubstatus-95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4","compiled_stream":{"metricsets":["stubstatus"],"hosts":["http://127.0.0.1:80"],"period":"10s","server_status_path":"/nginx_status"}}],"vars":{"hosts":{"value":["http://127.0.0.1:80"],"type":"text"}}}],"package":{"name":"nginx","title":"Nginx","version":"1.3.2"},"revision":1,"created_at":"2022-06-27T19:24:38.498Z","created_by":"elastic","updated_at":"2022-06-27T19:24:38.498Z","updated_by":"elastic"}],"agents":0},{"id":"499b5aa7-d214-5b5d-838b-3cd76469844e","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Default Fleet Server policy","description":"Default Fleet Server agent policy created by Kibana","is_default":false,"is_default_fleet_server":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T19:19:42.793Z","updated_by":"system","package_policies":[{"id":"default-fleet-server-agent-policy","version":"WzYxOSwxXQ==","name":"fleet_server-1","namespace":"default","package":{"name":"fleet_server","title":"Fleet Server","version":"1.2.0"},"enabled":true,"policy_id":"499b5aa7-d214-5b5d-838b-3cd76469844e","output_id":"fleet-default-output","inputs":[{"type":"fleet-server","policy_template":"fleet_server","enabled":true,"streams":[],"vars":{"host":{"value":["0.0.0.0"],"type":"text"},"port":{"value":[8220],"type":"integer"},"max_agents":{"type":"integer"},"max_connections":{"type":"integer"},"custom":{"value":"","type":"yaml"}},"compiled_input":{"server":{"port":8220,"host":"0.0.0.0"}}}],"revision":1,"created_at":"2022-06-27T19:19:41.976Z","created_by":"system","updated_at":"2022-06-27T19:19:41.976Z","updated_by":"system"}],"agents":1},{"id":"2016d7cc-135e-5583-9758-3ba01f5a06e5","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Default policy","description":"Default agent policy created by Kibana","is_default":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T19:19:39.755Z","updated_by":"system","package_policies":[{"id":"default-system-policy","version":"WzYxNywxXQ==","name":"system-1","namespace":"default","package":{"name":"system","title":"System","version":"1.11.0"},"enabled":true,"policy_id":"2016d7cc-135e-5583-9758-3ba01f5a06e5","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-default-system-policy","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-default-system-policy","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-default-system-policy","compiled_stream":{"name":"Application","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-default-system-policy","compiled_stream":{"name":"Security","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-default-system-policy","compiled_stream":{"name":"System","condition":"${host.platform} == ''windows''","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-default-system-policy"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-default-system-policy","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-default-system-policy","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-default-system-policy","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-default-system-policy","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-default-system-policy","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != ''windows''","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-default-system-policy","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-default-system-policy","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-default-system-policy","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-default-system-policy","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-default-system-policy","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-default-system-policy","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-default-system-policy"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-default-system-policy"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-default-system-policy"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T19:19:38.837Z","created_by":"system","updated_at":"2022-06-27T19:19:38.837Z","updated_by":"system"}],"agents":1}],"total":4,"page":1,"perPage":20}' + headers: + Accept-Ranges: + - bytes + Content-Length: + - "41108" + Content-Type: + - application/json + Date: + - Mon, 27 Nov 2023 18:05:27 GMT + Last-Modified: + - Wed, 30 Aug 2023 11:46:06 GMT + status: 200 OK + code: 200 + duration: 287.968µs + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic Og== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/status + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 24461 + uncompressed: false + body: '{"name":"kibana","uuid":"c3a74423-07d2-47bc-8843-0580b1fe9eb6","version":{"number":"7.17.0","build_hash":"60a9838d21b6420bbdb5a4d07099111b74c68ceb","build_number":46534,"build_snapshot":false},"status":{"overall":{"since":"2023-08-30T11:43:55.277Z","state":"green","title":"Green","nickname":"Looking good","icon":"success","uiColor":"secondary"},"statuses":[{"id":"core:elasticsearch@7.17.0","message":"Elasticsearch is available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"core:savedObjects@7.17.0","message":"SavedObjects service has completed migrations and is available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:advancedSettings@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:bfetch@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionMetricVis@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionTagcloud@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:charts@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:console@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:customIntegrations@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dashboard@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:data@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dataViews@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:devTools@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:discover@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:embeddable@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:esUiShared@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionError@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionImage@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionMetric@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionRepeatImage@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionRevealImage@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionShape@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressions@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:fieldFormats@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:home@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexPatternEditor@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexPatternFieldEditor@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexPatternManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:inputControlVis@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:inspector@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaLegacy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaOverview@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaReact@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaUsageCollection@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaUtils@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:management@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:mapsEms@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:mapsLegacy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:navigation@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:newsfeed@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:presentationUtil@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:regionMap@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjects@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjectsManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjectsTaggingOss@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:screenshotMode@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:share@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetry@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetryCollectionManager@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetryManagementSection@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:tileMap@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:uiActions@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:urlForwarding@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:usageCollection@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visDefaultEditor@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeMarkdown@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeMetric@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypePie@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTable@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTagcloud@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTimelion@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTimeseries@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeVega@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeVislib@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeXy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visualizations@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visualize@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:actions@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:alerting@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:apm@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:banners@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:canvas@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:cases@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:cloud@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:code@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:crossClusterReplication@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dashboardEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dashboardMode@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dataEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dataVisualizer@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:discoverEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:urlDrilldown@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:embeddableEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:encryptedSavedObjects@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:enterpriseSearch@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:eventLog@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:features@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:fileUpload@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:fleet@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:globalSearch@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:globalSearchBar@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:globalSearchProviders@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:graph@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:grokdebugger@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexLifecycleManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:infra@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:ingestPipelines@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:lens@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:licenseApiGuard@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:licenseManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:licensing@7.17.0","message":"License fetched","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:lists@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:logstash@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:maps@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:ml@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:monitoring@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:observability@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:osquery@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:painlessLab@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:remoteClusters@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:reporting@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:rollup@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:ruleRegistry@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:runtimeFields@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjectsTagging@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:searchprofiler@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:security@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:securitySolution@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:snapshotRestore@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:spaces@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:stackAlerts@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:taskManager@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetryCollectionXpack@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:timelines@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:transform@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:translations@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:triggersActionsUi@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:uiActionsEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:upgradeAssistant@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:uptime@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:watcher@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:xpackLegacy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"}]},"metrics":{"last_updated":"2023-08-30T11:43:52.253Z","collection_interval_in_millis":5000,"os":{"platform":"linux","platformRelease":"linux-5.19.0-50-generic","load":{"1m":1.07,"5m":1.31,"15m":1.24},"memory":{"total_in_bytes":33358266368,"free_in_bytes":268140544,"used_in_bytes":33090125824},"uptime_in_millis":774883580,"distro":"Ubuntu","distroRelease":"Ubuntu-20.04"},"process":{"memory":{"heap":{"total_in_bytes":533340160,"used_in_bytes":410822832,"size_limit":4345298944},"resident_set_size_in_bytes":643715072},"pid":7,"event_loop_delay":10.179153502040817,"event_loop_delay_histogram":{"min":9.09312,"max":30.359551,"mean":10.179153502040817,"exceeds":0,"stddev":0.9353847573344422,"fromTimestamp":"2023-08-30T11:43:47.251Z","lastUpdatedAt":"2023-08-30T11:43:52.248Z","percentiles":{"50":10.125311,"75":10.190847,"95":10.256383,"99":10.477567}},"uptime_in_millis":1549598.888492},"processes":[{"memory":{"heap":{"total_in_bytes":533340160,"used_in_bytes":410822832,"size_limit":4345298944},"resident_set_size_in_bytes":643715072},"pid":7,"event_loop_delay":10.179153502040817,"event_loop_delay_histogram":{"min":9.09312,"max":30.359551,"mean":10.179153502040817,"exceeds":0,"stddev":0.9353847573344422,"fromTimestamp":"2023-08-30T11:43:47.251Z","lastUpdatedAt":"2023-08-30T11:43:52.248Z","percentiles":{"50":10.125311,"75":10.190847,"95":10.256383,"99":10.477567}},"uptime_in_millis":1549598.888492}],"response_times":{"avg_in_millis":11,"max_in_millis":11},"concurrent_connections":0,"requests":{"disconnects":0,"total":1,"statusCodes":{"200":1},"status_codes":{"200":1}}}}' + headers: + Accept-Ranges: + - bytes + Content-Length: + - "24461" + Content-Type: + - application/json + Date: + - Mon, 27 Nov 2023 18:05:27 GMT + Last-Modified: + - Tue, 03 Oct 2023 15:59:45 GMT + status: 200 OK + code: 200 + duration: 459.281µs + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic Og== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/fleet/agent_policies/499b5aa7-d214-5b5d-838b-3cd76469844e + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1208 + uncompressed: false + body: '{"item":{"id":"499b5aa7-d214-5b5d-838b-3cd76469844e","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Default Fleet Server policy","description":"Default Fleet Server agent policy created by Kibana","is_default":false,"is_default_fleet_server":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T19:19:42.793Z","updated_by":"system","package_policies":[{"id":"default-fleet-server-agent-policy","version":"WzYxOSwxXQ==","name":"fleet_server-1","namespace":"default","package":{"name":"fleet_server","title":"Fleet Server","version":"1.2.0"},"enabled":true,"policy_id":"499b5aa7-d214-5b5d-838b-3cd76469844e","output_id":"fleet-default-output","inputs":[{"type":"fleet-server","policy_template":"fleet_server","enabled":true,"streams":[],"vars":{"host":{"value":["0.0.0.0"],"type":"text"},"port":{"value":[8220],"type":"integer"},"max_agents":{"type":"integer"},"max_connections":{"type":"integer"},"custom":{"value":"","type":"yaml"}},"compiled_input":{"server":{"port":8220,"host":"0.0.0.0"}}}],"revision":1,"created_at":"2022-06-27T19:19:41.976Z","created_by":"system","updated_at":"2022-06-27T19:19:41.976Z","updated_by":"system"}]}}' + headers: + Accept-Ranges: + - bytes + Content-Length: + - "1208" + Content-Type: + - application/json + Date: + - Mon, 27 Nov 2023 18:05:27 GMT + Last-Modified: + - Wed, 30 Aug 2023 11:46:06 GMT + status: 200 OK + code: 200 + duration: 275.535µs diff --git a/internal/dump/testdata/fleet-7-mock-dump-all/api-fleet-agent_policies-499b5aa7-d214-5b5d-838b-3cd76469844e.json b/internal/dump/testdata/fleet-7-mock-dump-all/api-fleet-agent_policies-499b5aa7-d214-5b5d-838b-3cd76469844e.json deleted file mode 100644 index 629734ee4a..0000000000 --- a/internal/dump/testdata/fleet-7-mock-dump-all/api-fleet-agent_policies-499b5aa7-d214-5b5d-838b-3cd76469844e.json +++ /dev/null @@ -1 +0,0 @@ -{"item":{"id":"499b5aa7-d214-5b5d-838b-3cd76469844e","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Default Fleet Server policy","description":"Default Fleet Server agent policy created by Kibana","is_default":false,"is_default_fleet_server":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T19:19:42.793Z","updated_by":"system","package_policies":[{"id":"default-fleet-server-agent-policy","version":"WzYxOSwxXQ==","name":"fleet_server-1","namespace":"default","package":{"name":"fleet_server","title":"Fleet Server","version":"1.2.0"},"enabled":true,"policy_id":"499b5aa7-d214-5b5d-838b-3cd76469844e","output_id":"fleet-default-output","inputs":[{"type":"fleet-server","policy_template":"fleet_server","enabled":true,"streams":[],"vars":{"host":{"value":["0.0.0.0"],"type":"text"},"port":{"value":[8220],"type":"integer"},"max_agents":{"type":"integer"},"max_connections":{"type":"integer"},"custom":{"value":"","type":"yaml"}},"compiled_input":{"server":{"port":8220,"host":"0.0.0.0"}}}],"revision":1,"created_at":"2022-06-27T19:19:41.976Z","created_by":"system","updated_at":"2022-06-27T19:19:41.976Z","updated_by":"system"}]}} \ No newline at end of file diff --git a/internal/dump/testdata/fleet-7-mock-dump-all/api-fleet-agent_policies.full=true.page=1.json b/internal/dump/testdata/fleet-7-mock-dump-all/api-fleet-agent_policies.full=true.page=1.json deleted file mode 100644 index 61c7799103..0000000000 --- a/internal/dump/testdata/fleet-7-mock-dump-all/api-fleet-agent_policies.full=true.page=1.json +++ /dev/null @@ -1 +0,0 @@ -{"items":[{"id":"edf437d0-f64e-11ec-acb0-0b2e9206fdb0","name":"Load Balancers Servers","description":"","namespace":"default","monitoring_enabled":["logs","metrics"],"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T19:26:16.891Z","updated_by":"elastic","package_policies":[{"id":"0483a039-2f91-4d47-b43c-4623cadd5f27","version":"WzEyNTcsMV0=","name":"system-3","namespace":"default","package":{"name":"system","title":"System","version":"1.11.0"},"enabled":true,"policy_id":"edf437d0-f64e-11ec-acb0-0b2e9206fdb0","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"name":"Application","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"name":"Security","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"name":"System","condition":"${host.platform} == 'windows'","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-0483a039-2f91-4d47-b43c-4623cadd5f27"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != 'windows'","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-0483a039-2f91-4d47-b43c-4623cadd5f27","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-0483a039-2f91-4d47-b43c-4623cadd5f27"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-0483a039-2f91-4d47-b43c-4623cadd5f27"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-0483a039-2f91-4d47-b43c-4623cadd5f27"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T19:25:42.095Z","created_by":"elastic","updated_at":"2022-06-27T19:25:42.095Z","updated_by":"elastic"},{"id":"c864461b-b8d3-48e0-b477-7954434078b5","version":"WzE1MTgsMV0=","name":"nginx-load-balancers-testt","description":"","namespace":"default","policy_id":"edf437d0-f64e-11ec-acb0-0b2e9206fdb0","enabled":true,"output_id":"","inputs":[{"type":"logfile","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"paths":{"value":["/var/log/nginx/access.log*"],"type":"text"},"tags":{"value":["nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.access-c864461b-b8d3-48e0-b477-7954434078b5","compiled_stream":{"paths":["/var/log/nginx/access.log*"],"tags":["nginx-access"],"exclude_files":[".gz$"],"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"paths":{"value":["/var/log/nginx/error.log*"],"type":"text"},"tags":{"value":["nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.error-c864461b-b8d3-48e0-b477-7954434078b5","compiled_stream":{"paths":["/var/log/nginx/error.log*"],"tags":["nginx-error"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\d{4}\\/\\d{2}\\/\\d{2} ","negate":true,"match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"httpjson","policy_template":"nginx","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:access","type":"text"},"tags":{"value":["forwarded","nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.access-c864461b-b8d3-48e0-b477-7954434078b5"},{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:error","type":"text"},"tags":{"value":["forwarded","nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.error-c864461b-b8d3-48e0-b477-7954434078b5"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}},{"type":"nginx/metrics","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"metrics","dataset":"nginx.stubstatus"},"vars":{"period":{"value":"10s","type":"text"},"server_status_path":{"value":"/nginx_status","type":"text"}},"id":"nginx/metrics-nginx.stubstatus-c864461b-b8d3-48e0-b477-7954434078b5","compiled_stream":{"metricsets":["stubstatus"],"hosts":["http://127.0.0.1:80"],"period":"10s","server_status_path":"/nginx_status"}}],"vars":{"hosts":{"value":["http://127.0.0.1:80"],"type":"text"}}}],"package":{"name":"nginx","title":"Nginx","version":"1.3.2"},"revision":1,"created_at":"2022-06-27T19:26:16.169Z","created_by":"elastic","updated_at":"2022-06-27T19:26:16.169Z","updated_by":"elastic"}],"agents":0},{"id":"b57023b0-f64e-11ec-acb0-0b2e9206fdb0","name":"HTTP servers","description":"","namespace":"default","monitoring_enabled":["logs","metrics"],"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T19:24:39.501Z","updated_by":"elastic","package_policies":[{"id":"7a0e17cf-e39e-4846-911d-c1e4322ff358","version":"Wzg4OSwxXQ==","name":"system-2","namespace":"default","package":{"name":"system","title":"System","version":"1.11.0"},"enabled":true,"policy_id":"b57023b0-f64e-11ec-acb0-0b2e9206fdb0","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"name":"Application","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"name":"Security","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"name":"System","condition":"${host.platform} == 'windows'","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-7a0e17cf-e39e-4846-911d-c1e4322ff358"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != 'windows'","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-7a0e17cf-e39e-4846-911d-c1e4322ff358","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-7a0e17cf-e39e-4846-911d-c1e4322ff358"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-7a0e17cf-e39e-4846-911d-c1e4322ff358"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-7a0e17cf-e39e-4846-911d-c1e4322ff358"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T19:24:09.017Z","created_by":"elastic","updated_at":"2022-06-27T19:24:09.017Z","updated_by":"elastic"},{"id":"95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4","version":"Wzk5NSwxXQ==","name":"nginx-http-servers-test","description":"","namespace":"default","policy_id":"b57023b0-f64e-11ec-acb0-0b2e9206fdb0","enabled":true,"output_id":"","inputs":[{"type":"logfile","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"paths":{"value":["/var/log/nginx/access.log*"],"type":"text"},"tags":{"value":["nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.access-95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4","compiled_stream":{"paths":["/var/log/nginx/access.log*"],"tags":["nginx-access"],"exclude_files":[".gz$"],"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"paths":{"value":["/var/log/nginx/error.log*"],"type":"text"},"tags":{"value":["nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.error-95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4","compiled_stream":{"paths":["/var/log/nginx/error.log*"],"tags":["nginx-error"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\d{4}\\/\\d{2}\\/\\d{2} ","negate":true,"match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"httpjson","policy_template":"nginx","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:access","type":"text"},"tags":{"value":["forwarded","nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.access-95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4"},{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:error","type":"text"},"tags":{"value":["forwarded","nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.error-95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}},{"type":"nginx/metrics","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"metrics","dataset":"nginx.stubstatus"},"vars":{"period":{"value":"10s","type":"text"},"server_status_path":{"value":"/nginx_status","type":"text"}},"id":"nginx/metrics-nginx.stubstatus-95aa181b-0ab8-4ce0-ac0a-c5e3f629c1f4","compiled_stream":{"metricsets":["stubstatus"],"hosts":["http://127.0.0.1:80"],"period":"10s","server_status_path":"/nginx_status"}}],"vars":{"hosts":{"value":["http://127.0.0.1:80"],"type":"text"}}}],"package":{"name":"nginx","title":"Nginx","version":"1.3.2"},"revision":1,"created_at":"2022-06-27T19:24:38.498Z","created_by":"elastic","updated_at":"2022-06-27T19:24:38.498Z","updated_by":"elastic"}],"agents":0},{"id":"499b5aa7-d214-5b5d-838b-3cd76469844e","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Default Fleet Server policy","description":"Default Fleet Server agent policy created by Kibana","is_default":false,"is_default_fleet_server":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T19:19:42.793Z","updated_by":"system","package_policies":[{"id":"default-fleet-server-agent-policy","version":"WzYxOSwxXQ==","name":"fleet_server-1","namespace":"default","package":{"name":"fleet_server","title":"Fleet Server","version":"1.2.0"},"enabled":true,"policy_id":"499b5aa7-d214-5b5d-838b-3cd76469844e","output_id":"fleet-default-output","inputs":[{"type":"fleet-server","policy_template":"fleet_server","enabled":true,"streams":[],"vars":{"host":{"value":["0.0.0.0"],"type":"text"},"port":{"value":[8220],"type":"integer"},"max_agents":{"type":"integer"},"max_connections":{"type":"integer"},"custom":{"value":"","type":"yaml"}},"compiled_input":{"server":{"port":8220,"host":"0.0.0.0"}}}],"revision":1,"created_at":"2022-06-27T19:19:41.976Z","created_by":"system","updated_at":"2022-06-27T19:19:41.976Z","updated_by":"system"}],"agents":1},{"id":"2016d7cc-135e-5583-9758-3ba01f5a06e5","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Default policy","description":"Default agent policy created by Kibana","is_default":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T19:19:39.755Z","updated_by":"system","package_policies":[{"id":"default-system-policy","version":"WzYxNywxXQ==","name":"system-1","namespace":"default","package":{"name":"system","title":"System","version":"1.11.0"},"enabled":true,"policy_id":"2016d7cc-135e-5583-9758-3ba01f5a06e5","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-default-system-policy","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-default-system-policy","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-default-system-policy","compiled_stream":{"name":"Application","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-default-system-policy","compiled_stream":{"name":"Security","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-default-system-policy","compiled_stream":{"name":"System","condition":"${host.platform} == 'windows'","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-default-system-policy"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-default-system-policy","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-default-system-policy","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-default-system-policy","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-default-system-policy","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-default-system-policy","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != 'windows'","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-default-system-policy","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-default-system-policy","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-default-system-policy","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-default-system-policy","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-default-system-policy","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-default-system-policy","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-default-system-policy"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-default-system-policy"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-default-system-policy"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T19:19:38.837Z","created_by":"system","updated_at":"2022-06-27T19:19:38.837Z","updated_by":"system"}],"agents":1}],"total":4,"page":1,"perPage":20} \ No newline at end of file diff --git a/internal/dump/testdata/fleet-7-mock-dump-all/api-status.json b/internal/dump/testdata/fleet-7-mock-dump-all/api-status.json deleted file mode 100644 index 9746ff9855..0000000000 --- a/internal/dump/testdata/fleet-7-mock-dump-all/api-status.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"kibana","uuid":"c3a74423-07d2-47bc-8843-0580b1fe9eb6","version":{"number":"7.17.0","build_hash":"60a9838d21b6420bbdb5a4d07099111b74c68ceb","build_number":46534,"build_snapshot":false},"status":{"overall":{"since":"2023-08-30T11:43:55.277Z","state":"green","title":"Green","nickname":"Looking good","icon":"success","uiColor":"secondary"},"statuses":[{"id":"core:elasticsearch@7.17.0","message":"Elasticsearch is available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"core:savedObjects@7.17.0","message":"SavedObjects service has completed migrations and is available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:advancedSettings@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:bfetch@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionMetricVis@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionTagcloud@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:charts@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:console@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:customIntegrations@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dashboard@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:data@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dataViews@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:devTools@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:discover@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:embeddable@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:esUiShared@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionError@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionImage@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionMetric@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionRepeatImage@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionRevealImage@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressionShape@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:expressions@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:fieldFormats@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:home@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexPatternEditor@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexPatternFieldEditor@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexPatternManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:inputControlVis@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:inspector@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaLegacy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaOverview@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaReact@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaUsageCollection@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:kibanaUtils@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:management@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:mapsEms@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:mapsLegacy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:navigation@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:newsfeed@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:presentationUtil@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:regionMap@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjects@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjectsManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjectsTaggingOss@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:screenshotMode@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:share@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetry@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetryCollectionManager@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetryManagementSection@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:tileMap@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:uiActions@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:urlForwarding@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:usageCollection@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visDefaultEditor@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeMarkdown@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeMetric@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypePie@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTable@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTagcloud@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTimelion@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeTimeseries@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeVega@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeVislib@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visTypeXy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visualizations@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:visualize@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:actions@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:alerting@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:apm@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:banners@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:canvas@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:cases@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:cloud@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:code@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:crossClusterReplication@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dashboardEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dashboardMode@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dataEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:dataVisualizer@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:discoverEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:urlDrilldown@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:embeddableEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:encryptedSavedObjects@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:enterpriseSearch@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:eventLog@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:features@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:fileUpload@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:fleet@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:globalSearch@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:globalSearchBar@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:globalSearchProviders@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:graph@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:grokdebugger@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexLifecycleManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:indexManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:infra@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:ingestPipelines@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:lens@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:licenseApiGuard@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:licenseManagement@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:licensing@7.17.0","message":"License fetched","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:lists@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:logstash@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:maps@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:ml@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:monitoring@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:observability@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:osquery@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:painlessLab@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:remoteClusters@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:reporting@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:rollup@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:ruleRegistry@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:runtimeFields@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:savedObjectsTagging@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:searchprofiler@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:security@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:securitySolution@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:snapshotRestore@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:spaces@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:stackAlerts@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:taskManager@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:telemetryCollectionXpack@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:timelines@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:transform@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:translations@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:triggersActionsUi@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:uiActionsEnhanced@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:upgradeAssistant@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:uptime@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:watcher@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"},{"id":"plugin:xpackLegacy@7.17.0","message":"All dependencies are available","since":"2023-08-30T11:43:55.277Z","state":"green","icon":"success","uiColor":"secondary"}]},"metrics":{"last_updated":"2023-08-30T11:43:52.253Z","collection_interval_in_millis":5000,"os":{"platform":"linux","platformRelease":"linux-5.19.0-50-generic","load":{"1m":1.07,"5m":1.31,"15m":1.24},"memory":{"total_in_bytes":33358266368,"free_in_bytes":268140544,"used_in_bytes":33090125824},"uptime_in_millis":774883580,"distro":"Ubuntu","distroRelease":"Ubuntu-20.04"},"process":{"memory":{"heap":{"total_in_bytes":533340160,"used_in_bytes":410822832,"size_limit":4345298944},"resident_set_size_in_bytes":643715072},"pid":7,"event_loop_delay":10.179153502040817,"event_loop_delay_histogram":{"min":9.09312,"max":30.359551,"mean":10.179153502040817,"exceeds":0,"stddev":0.9353847573344422,"fromTimestamp":"2023-08-30T11:43:47.251Z","lastUpdatedAt":"2023-08-30T11:43:52.248Z","percentiles":{"50":10.125311,"75":10.190847,"95":10.256383,"99":10.477567}},"uptime_in_millis":1549598.888492},"processes":[{"memory":{"heap":{"total_in_bytes":533340160,"used_in_bytes":410822832,"size_limit":4345298944},"resident_set_size_in_bytes":643715072},"pid":7,"event_loop_delay":10.179153502040817,"event_loop_delay_histogram":{"min":9.09312,"max":30.359551,"mean":10.179153502040817,"exceeds":0,"stddev":0.9353847573344422,"fromTimestamp":"2023-08-30T11:43:47.251Z","lastUpdatedAt":"2023-08-30T11:43:52.248Z","percentiles":{"50":10.125311,"75":10.190847,"95":10.256383,"99":10.477567}},"uptime_in_millis":1549598.888492}],"response_times":{"avg_in_millis":11,"max_in_millis":11},"concurrent_connections":0,"requests":{"disconnects":0,"total":1,"statusCodes":{"200":1},"status_codes":{"200":1}}}} \ No newline at end of file diff --git a/internal/dump/testdata/fleet-8-mock-dump-all.yaml b/internal/dump/testdata/fleet-8-mock-dump-all.yaml new file mode 100644 index 0000000000..7e95757761 --- /dev/null +++ b/internal/dump/testdata/fleet-8-mock-dump-all.yaml @@ -0,0 +1,183 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic Og== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/status + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 12279 + uncompressed: false + body: '{"name":"kibana","uuid":"4d61db22-fa55-4750-91b8-dd344522c879","version":{"number":"8.0.0","build_hash":"57ca5e139a33dd2eed927ce98d8231a1f217cd15","build_number":49192,"build_snapshot":false},"status":{"overall":{"level":"available","summary":"All services are available"},"core":{"elasticsearch":{"level":"available","summary":"Elasticsearch is available","meta":{"warningNodes":[],"incompatibleNodes":[]}},"savedObjects":{"level":"available","summary":"SavedObjects service has completed migrations and is available","meta":{"migratedIndices":{"migrated":0,"skipped":0,"patched":2}}}},"plugins":{"advancedSettings":{"level":"available","summary":"All dependencies are available"},"bfetch":{"level":"available","summary":"All dependencies are available"},"expressionMetricVis":{"level":"available","summary":"All dependencies are available"},"expressionTagcloud":{"level":"available","summary":"All dependencies are available"},"charts":{"level":"available","summary":"All dependencies are available"},"console":{"level":"available","summary":"All dependencies are available"},"customIntegrations":{"level":"available","summary":"All dependencies are available"},"dashboard":{"level":"available","summary":"All dependencies are available"},"data":{"level":"available","summary":"All dependencies are available"},"dataViews":{"level":"available","summary":"All dependencies are available"},"devTools":{"level":"available","summary":"All dependencies are available"},"discover":{"level":"available","summary":"All dependencies are available"},"embeddable":{"level":"available","summary":"All dependencies are available"},"esUiShared":{"level":"available","summary":"All dependencies are available"},"expressionError":{"level":"available","summary":"All dependencies are available"},"expressionImage":{"level":"available","summary":"All dependencies are available"},"expressionMetric":{"level":"available","summary":"All dependencies are available"},"expressionRepeatImage":{"level":"available","summary":"All dependencies are available"},"expressionRevealImage":{"level":"available","summary":"All dependencies are available"},"expressionShape":{"level":"available","summary":"All dependencies are available"},"expressions":{"level":"available","summary":"All dependencies are available"},"fieldFormats":{"level":"available","summary":"All dependencies are available"},"home":{"level":"available","summary":"All dependencies are available"},"indexPatternEditor":{"level":"available","summary":"All dependencies are available"},"indexPatternFieldEditor":{"level":"available","summary":"All dependencies are available"},"indexPatternManagement":{"level":"available","summary":"All dependencies are available"},"inputControlVis":{"level":"available","summary":"All dependencies are available"},"inspector":{"level":"available","summary":"All dependencies are available"},"kibanaLegacy":{"level":"available","summary":"All dependencies are available"},"kibanaOverview":{"level":"available","summary":"All dependencies are available"},"kibanaReact":{"level":"available","summary":"All dependencies are available"},"kibanaUsageCollection":{"level":"available","summary":"All dependencies are available"},"kibanaUtils":{"level":"available","summary":"All dependencies are available"},"management":{"level":"available","summary":"All dependencies are available"},"mapsEms":{"level":"available","summary":"All dependencies are available"},"navigation":{"level":"available","summary":"All dependencies are available"},"newsfeed":{"level":"available","summary":"All dependencies are available"},"presentationUtil":{"level":"available","summary":"All dependencies are available"},"savedObjects":{"level":"available","summary":"All dependencies are available"},"savedObjectsManagement":{"level":"available","summary":"All dependencies are available"},"savedObjectsTaggingOss":{"level":"available","summary":"All dependencies are available"},"screenshotMode":{"level":"available","summary":"All dependencies are available"},"share":{"level":"available","summary":"All dependencies are available"},"telemetry":{"level":"available","summary":"All dependencies are available"},"telemetryCollectionManager":{"level":"available","summary":"All dependencies are available"},"telemetryManagementSection":{"level":"available","summary":"All dependencies are available"},"uiActions":{"level":"available","summary":"All dependencies are available"},"urlForwarding":{"level":"available","summary":"All dependencies are available"},"usageCollection":{"level":"available","summary":"All dependencies are available"},"visDefaultEditor":{"level":"available","summary":"All dependencies are available"},"visTypeMarkdown":{"level":"available","summary":"All dependencies are available"},"visTypeMetric":{"level":"available","summary":"All dependencies are available"},"visTypePie":{"level":"available","summary":"All dependencies are available"},"visTypeTable":{"level":"available","summary":"All dependencies are available"},"visTypeTagcloud":{"level":"available","summary":"All dependencies are available"},"visTypeTimelion":{"level":"available","summary":"All dependencies are available"},"visTypeTimeseries":{"level":"available","summary":"All dependencies are available"},"visTypeVega":{"level":"available","summary":"All dependencies are available"},"visTypeVislib":{"level":"available","summary":"All dependencies are available"},"visTypeXy":{"level":"available","summary":"All dependencies are available"},"visualizations":{"level":"available","summary":"All dependencies are available"},"visualize":{"level":"available","summary":"All dependencies are available"},"actions":{"level":"available","summary":"All dependencies are available"},"alerting":{"level":"available","summary":"Alerting is (probably) ready"},"apm":{"level":"available","summary":"All dependencies are available"},"banners":{"level":"available","summary":"All dependencies are available"},"canvas":{"level":"available","summary":"All dependencies are available"},"cases":{"level":"available","summary":"All dependencies are available"},"cloud":{"level":"available","summary":"All dependencies are available"},"crossClusterReplication":{"level":"available","summary":"All dependencies are available"},"dashboardEnhanced":{"level":"available","summary":"All dependencies are available"},"dataEnhanced":{"level":"available","summary":"All dependencies are available"},"dataVisualizer":{"level":"available","summary":"All dependencies are available"},"discoverEnhanced":{"level":"available","summary":"All dependencies are available"},"urlDrilldown":{"level":"available","summary":"All dependencies are available"},"embeddableEnhanced":{"level":"available","summary":"All dependencies are available"},"encryptedSavedObjects":{"level":"available","summary":"All dependencies are available"},"enterpriseSearch":{"level":"available","summary":"All dependencies are available"},"eventLog":{"level":"available","summary":"All dependencies are available"},"features":{"level":"available","summary":"All dependencies are available"},"fileUpload":{"level":"available","summary":"All dependencies are available"},"fleet":{"level":"available","summary":"Fleet is available"},"globalSearch":{"level":"available","summary":"All dependencies are available"},"globalSearchBar":{"level":"available","summary":"All dependencies are available"},"globalSearchProviders":{"level":"available","summary":"All dependencies are available"},"graph":{"level":"available","summary":"All dependencies are available"},"grokdebugger":{"level":"available","summary":"All dependencies are available"},"indexLifecycleManagement":{"level":"available","summary":"All dependencies are available"},"indexManagement":{"level":"available","summary":"All dependencies are available"},"infra":{"level":"available","summary":"All dependencies are available"},"ingestPipelines":{"level":"available","summary":"All dependencies are available"},"lens":{"level":"available","summary":"All dependencies are available"},"licenseApiGuard":{"level":"available","summary":"All dependencies are available"},"licenseManagement":{"level":"available","summary":"All dependencies are available"},"licensing":{"level":"available","summary":"License fetched"},"lists":{"level":"available","summary":"All dependencies are available"},"logstash":{"level":"available","summary":"All dependencies are available"},"maps":{"level":"available","summary":"All dependencies are available"},"ml":{"level":"available","summary":"All dependencies are available"},"monitoring":{"level":"available","summary":"All dependencies are available"},"observability":{"level":"available","summary":"All dependencies are available"},"osquery":{"level":"available","summary":"All dependencies are available"},"painlessLab":{"level":"available","summary":"All dependencies are available"},"remoteClusters":{"level":"available","summary":"All dependencies are available"},"reporting":{"level":"available","summary":"All dependencies are available"},"rollup":{"level":"available","summary":"All dependencies are available"},"ruleRegistry":{"level":"available","summary":"All dependencies are available"},"runtimeFields":{"level":"available","summary":"All dependencies are available"},"savedObjectsTagging":{"level":"available","summary":"All dependencies are available"},"screenshotting":{"level":"available","summary":"All dependencies are available"},"searchprofiler":{"level":"available","summary":"All dependencies are available"},"security":{"level":"available","summary":"All dependencies are available"},"securitySolution":{"level":"available","summary":"All dependencies are available"},"snapshotRestore":{"level":"available","summary":"All dependencies are available"},"spaces":{"level":"available","summary":"All dependencies are available"},"stackAlerts":{"level":"available","summary":"All dependencies are available"},"taskManager":{"level":"available","summary":"All dependencies are available"},"telemetryCollectionXpack":{"level":"available","summary":"All dependencies are available"},"timelines":{"level":"available","summary":"All dependencies are available"},"transform":{"level":"available","summary":"All dependencies are available"},"translations":{"level":"available","summary":"All dependencies are available"},"triggersActionsUi":{"level":"available","summary":"All dependencies are available"},"uiActionsEnhanced":{"level":"available","summary":"All dependencies are available"},"upgradeAssistant":{"level":"available","summary":"All dependencies are available"},"uptime":{"level":"available","summary":"All dependencies are available"},"watcher":{"level":"available","summary":"All dependencies are available"}}},"metrics":{"last_updated":"2023-08-30T11:53:46.940Z","collection_interval_in_millis":5000,"os":{"platform":"linux","platformRelease":"linux-5.19.0-50-generic","load":{"1m":3.9,"5m":2.38,"15m":1.66},"memory":{"total_in_bytes":33358266368,"free_in_bytes":276086784,"used_in_bytes":33082179584},"uptime_in_millis":775478260,"distro":"Ubuntu","distroRelease":"Ubuntu-20.04"},"process":{"memory":{"heap":{"total_in_bytes":467066880,"used_in_bytes":369791072,"size_limit":4345298944},"resident_set_size_in_bytes":553046016},"pid":7,"event_loop_delay":10.310148231404959,"event_loop_delay_histogram":{"min":9.09312,"max":38.502399,"mean":10.310148231404959,"exceeds":0,"stddev":1.6360547505591572,"fromTimestamp":"2023-08-30T11:53:41.937Z","lastUpdatedAt":"2023-08-30T11:53:46.935Z","percentiles":{"50":10.100735,"75":10.117119,"95":10.895359,"99":14.811135}},"uptime_in_millis":90449.453821},"processes":[{"memory":{"heap":{"total_in_bytes":467066880,"used_in_bytes":369791072,"size_limit":4345298944},"resident_set_size_in_bytes":553046016},"pid":7,"event_loop_delay":10.310148231404959,"event_loop_delay_histogram":{"min":9.09312,"max":38.502399,"mean":10.310148231404959,"exceeds":0,"stddev":1.6360547505591572,"fromTimestamp":"2023-08-30T11:53:41.937Z","lastUpdatedAt":"2023-08-30T11:53:46.935Z","percentiles":{"50":10.100735,"75":10.117119,"95":10.895359,"99":14.811135}},"uptime_in_millis":90449.453821}],"response_times":{"avg_in_millis":26,"max_in_millis":26},"concurrent_connections":7,"requests":{"disconnects":0,"total":1,"statusCodes":{"200":1},"status_codes":{"200":1}}}}' + headers: + Accept-Ranges: + - bytes + Content-Length: + - "12279" + Content-Type: + - application/json + Date: + - Mon, 27 Nov 2023 18:05:27 GMT + Last-Modified: + - Tue, 03 Oct 2023 15:59:45 GMT + status: 200 OK + code: 200 + duration: 543.692µs + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic Og== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/fleet/agent_policies?full=true&page=1 + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 40767 + uncompressed: false + body: '{"items":[{"id":"8c913da0-f62e-11ec-9a9f-c3fb2ce46e7f","name":"Load Balancers Servers","description":"","namespace":"default","monitoring_enabled":["logs","metrics"],"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T15:33:59.587Z","updated_by":"elastic","package_policies":[{"id":"a09f2609-9e8b-4b48-998f-ce99340da027","version":"WzEzMjAsMV0=","name":"system-3","namespace":"default","package":{"name":"system","title":"System","version":"1.16.2"},"enabled":true,"policy_id":"8c913da0-f62e-11ec-9a9f-c3fb2ce46e7f","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"name":"Application","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"name":"Security","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"name":"System","condition":"${host.platform} == ''windows''","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-a09f2609-9e8b-4b48-998f-ce99340da027"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != ''windows''","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-a09f2609-9e8b-4b48-998f-ce99340da027"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-a09f2609-9e8b-4b48-998f-ce99340da027"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-a09f2609-9e8b-4b48-998f-ce99340da027"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T15:33:55.519Z","created_by":"elastic","updated_at":"2022-06-27T15:33:55.519Z","updated_by":"elastic"},{"id":"46331ee9-90a9-4b1f-b568-98641e9bafc9","version":"WzEzMjIsMV0=","name":"nginx-load-balancers-test","namespace":"default","description":"","package":{"name":"nginx","title":"Nginx","version":"1.4.0"},"enabled":true,"policy_id":"8c913da0-f62e-11ec-9a9f-c3fb2ce46e7f","output_id":"","inputs":[{"type":"logfile","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"paths":{"value":["/var/log/nginx/access.log*"],"type":"text"},"tags":{"value":["nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.access-46331ee9-90a9-4b1f-b568-98641e9bafc9","compiled_stream":{"paths":["/var/log/nginx/access.log*"],"tags":["nginx-access"],"exclude_files":[".gz$"],"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"paths":{"value":["/var/log/nginx/error.log*"],"type":"text"},"tags":{"value":["nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.error-46331ee9-90a9-4b1f-b568-98641e9bafc9","compiled_stream":{"paths":["/var/log/nginx/error.log*"],"tags":["nginx-error"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\d{4}\\/\\d{2}\\/\\d{2} ","negate":true,"match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"httpjson","policy_template":"nginx","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:access","type":"text"},"tags":{"value":["forwarded","nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.access-46331ee9-90a9-4b1f-b568-98641e9bafc9"},{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:error","type":"text"},"tags":{"value":["forwarded","nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.error-46331ee9-90a9-4b1f-b568-98641e9bafc9"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}},{"type":"nginx/metrics","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"metrics","dataset":"nginx.stubstatus"},"vars":{"period":{"value":"10s","type":"text"},"server_status_path":{"value":"/nginx_status","type":"text"}},"id":"nginx/metrics-nginx.stubstatus-46331ee9-90a9-4b1f-b568-98641e9bafc9","compiled_stream":{"metricsets":["stubstatus"],"hosts":["http://127.0.0.1:80"],"period":"10s","server_status_path":"/nginx_status"}}],"vars":{"hosts":{"value":["http://127.0.0.1:80"],"type":"text"}}}],"revision":1,"created_at":"2022-06-27T15:33:58.606Z","created_by":"elastic","updated_at":"2022-06-27T15:33:58.606Z","updated_by":"elastic"}],"agents":0},{"id":"67c64ba0-f62e-11ec-9a9f-c3fb2ce46e7f","name":"HTTP servers","description":"","namespace":"default","monitoring_enabled":["logs","metrics"],"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T15:33:05.252Z","updated_by":"elastic","package_policies":[{"id":"863e86ed-8d12-466c-a6b9-b5c3769f4f80","version":"WzkyMywxXQ==","name":"system-2","namespace":"default","package":{"name":"system","title":"System","version":"1.16.2"},"enabled":true,"policy_id":"67c64ba0-f62e-11ec-9a9f-c3fb2ce46e7f","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"name":"Application","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"name":"Security","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"name":"System","condition":"${host.platform} == ''windows''","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-863e86ed-8d12-466c-a6b9-b5c3769f4f80"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != ''windows''","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-863e86ed-8d12-466c-a6b9-b5c3769f4f80"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-863e86ed-8d12-466c-a6b9-b5c3769f4f80"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-863e86ed-8d12-466c-a6b9-b5c3769f4f80"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T15:32:53.484Z","created_by":"elastic","updated_at":"2022-06-27T15:32:53.484Z","updated_by":"elastic"},{"id":"9be915b0-9b9b-45e2-adfc-37f18b64d468","version":"WzEwMjIsMV0=","name":"nginx-http-servers-test","namespace":"default","description":"","package":{"name":"nginx","title":"Nginx","version":"1.4.0"},"enabled":true,"policy_id":"67c64ba0-f62e-11ec-9a9f-c3fb2ce46e7f","output_id":"","inputs":[{"type":"logfile","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"paths":{"value":["/var/log/nginx/access.log*"],"type":"text"},"tags":{"value":["nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.access-9be915b0-9b9b-45e2-adfc-37f18b64d468","compiled_stream":{"paths":["/var/log/nginx/access.log*"],"tags":["nginx-access"],"exclude_files":[".gz$"],"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"paths":{"value":["/var/log/nginx/error.log*"],"type":"text"},"tags":{"value":["nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.error-9be915b0-9b9b-45e2-adfc-37f18b64d468","compiled_stream":{"paths":["/var/log/nginx/error.log*"],"tags":["nginx-error"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\d{4}\\/\\d{2}\\/\\d{2} ","negate":true,"match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"httpjson","policy_template":"nginx","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:access","type":"text"},"tags":{"value":["forwarded","nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.access-9be915b0-9b9b-45e2-adfc-37f18b64d468"},{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:error","type":"text"},"tags":{"value":["forwarded","nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.error-9be915b0-9b9b-45e2-adfc-37f18b64d468"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}},{"type":"nginx/metrics","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"metrics","dataset":"nginx.stubstatus"},"vars":{"period":{"value":"10s","type":"text"},"server_status_path":{"value":"/nginx_status","type":"text"}},"id":"nginx/metrics-nginx.stubstatus-9be915b0-9b9b-45e2-adfc-37f18b64d468","compiled_stream":{"metricsets":["stubstatus"],"hosts":["http://127.0.0.1:80"],"period":"10s","server_status_path":"/nginx_status"}}],"vars":{"hosts":{"value":["http://127.0.0.1:80"],"type":"text"}}}],"revision":1,"created_at":"2022-06-27T15:33:04.248Z","created_by":"elastic","updated_at":"2022-06-27T15:33:04.248Z","updated_by":"elastic"}],"agents":0},{"id":"fleet-server-policy","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Fleet Server (elastic-package)","is_default_fleet_server":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T15:31:03.382Z","updated_by":"system","package_policies":[{"id":"default-fleet-server","version":"WzYyNCwxXQ==","name":"fleet_server-1","namespace":"default","package":{"name":"fleet_server","title":"Fleet Server","version":"1.2.0"},"enabled":true,"policy_id":"fleet-server-policy","output_id":"fleet-default-output","inputs":[{"type":"fleet-server","policy_template":"fleet_server","enabled":true,"streams":[],"vars":{"host":{"value":["0.0.0.0"],"type":"text"},"port":{"value":[8220],"type":"integer"},"max_agents":{"type":"integer"},"max_connections":{"type":"integer"},"custom":{"value":"","type":"yaml"}},"compiled_input":{"server":{"port":8220,"host":"0.0.0.0"}}}],"revision":1,"created_at":"2022-06-27T15:31:03.351Z","created_by":"system","updated_at":"2022-06-27T15:31:03.351Z","updated_by":"system"}],"agents":1},{"id":"elastic-agent-managed-ep","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Elastic-Agent (elastic-package)","is_default":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T15:31:01.360Z","updated_by":"system","package_policies":[{"id":"default-system","version":"WzYyMiwxXQ==","name":"system-1","namespace":"default","package":{"name":"system","title":"System","version":"1.16.2"},"enabled":true,"policy_id":"elastic-agent-managed-ep","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-default-system","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-default-system","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-default-system","compiled_stream":{"name":"Application","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-default-system","compiled_stream":{"name":"Security","condition":"${host.platform} == ''windows''","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-default-system","compiled_stream":{"name":"System","condition":"${host.platform} == ''windows''","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-default-system"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-default-system","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-default-system","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-default-system","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-default-system","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-default-system","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != ''windows''","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-default-system","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-default-system","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-default-system","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-default-system","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-default-system","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-default-system","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-default-system"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-default-system"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-default-system"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T15:31:00.403Z","created_by":"system","updated_at":"2022-06-27T15:31:00.403Z","updated_by":"system"}],"agents":1}],"total":4,"page":1,"perPage":20}' + headers: + Accept-Ranges: + - bytes + Content-Length: + - "40767" + Content-Type: + - application/json + Date: + - Mon, 27 Nov 2023 18:05:27 GMT + Last-Modified: + - Mon, 06 Mar 2023 12:23:37 GMT + status: 200 OK + code: 200 + duration: 678.078µs + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic Og== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/status + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 12279 + uncompressed: false + body: '{"name":"kibana","uuid":"4d61db22-fa55-4750-91b8-dd344522c879","version":{"number":"8.0.0","build_hash":"57ca5e139a33dd2eed927ce98d8231a1f217cd15","build_number":49192,"build_snapshot":false},"status":{"overall":{"level":"available","summary":"All services are available"},"core":{"elasticsearch":{"level":"available","summary":"Elasticsearch is available","meta":{"warningNodes":[],"incompatibleNodes":[]}},"savedObjects":{"level":"available","summary":"SavedObjects service has completed migrations and is available","meta":{"migratedIndices":{"migrated":0,"skipped":0,"patched":2}}}},"plugins":{"advancedSettings":{"level":"available","summary":"All dependencies are available"},"bfetch":{"level":"available","summary":"All dependencies are available"},"expressionMetricVis":{"level":"available","summary":"All dependencies are available"},"expressionTagcloud":{"level":"available","summary":"All dependencies are available"},"charts":{"level":"available","summary":"All dependencies are available"},"console":{"level":"available","summary":"All dependencies are available"},"customIntegrations":{"level":"available","summary":"All dependencies are available"},"dashboard":{"level":"available","summary":"All dependencies are available"},"data":{"level":"available","summary":"All dependencies are available"},"dataViews":{"level":"available","summary":"All dependencies are available"},"devTools":{"level":"available","summary":"All dependencies are available"},"discover":{"level":"available","summary":"All dependencies are available"},"embeddable":{"level":"available","summary":"All dependencies are available"},"esUiShared":{"level":"available","summary":"All dependencies are available"},"expressionError":{"level":"available","summary":"All dependencies are available"},"expressionImage":{"level":"available","summary":"All dependencies are available"},"expressionMetric":{"level":"available","summary":"All dependencies are available"},"expressionRepeatImage":{"level":"available","summary":"All dependencies are available"},"expressionRevealImage":{"level":"available","summary":"All dependencies are available"},"expressionShape":{"level":"available","summary":"All dependencies are available"},"expressions":{"level":"available","summary":"All dependencies are available"},"fieldFormats":{"level":"available","summary":"All dependencies are available"},"home":{"level":"available","summary":"All dependencies are available"},"indexPatternEditor":{"level":"available","summary":"All dependencies are available"},"indexPatternFieldEditor":{"level":"available","summary":"All dependencies are available"},"indexPatternManagement":{"level":"available","summary":"All dependencies are available"},"inputControlVis":{"level":"available","summary":"All dependencies are available"},"inspector":{"level":"available","summary":"All dependencies are available"},"kibanaLegacy":{"level":"available","summary":"All dependencies are available"},"kibanaOverview":{"level":"available","summary":"All dependencies are available"},"kibanaReact":{"level":"available","summary":"All dependencies are available"},"kibanaUsageCollection":{"level":"available","summary":"All dependencies are available"},"kibanaUtils":{"level":"available","summary":"All dependencies are available"},"management":{"level":"available","summary":"All dependencies are available"},"mapsEms":{"level":"available","summary":"All dependencies are available"},"navigation":{"level":"available","summary":"All dependencies are available"},"newsfeed":{"level":"available","summary":"All dependencies are available"},"presentationUtil":{"level":"available","summary":"All dependencies are available"},"savedObjects":{"level":"available","summary":"All dependencies are available"},"savedObjectsManagement":{"level":"available","summary":"All dependencies are available"},"savedObjectsTaggingOss":{"level":"available","summary":"All dependencies are available"},"screenshotMode":{"level":"available","summary":"All dependencies are available"},"share":{"level":"available","summary":"All dependencies are available"},"telemetry":{"level":"available","summary":"All dependencies are available"},"telemetryCollectionManager":{"level":"available","summary":"All dependencies are available"},"telemetryManagementSection":{"level":"available","summary":"All dependencies are available"},"uiActions":{"level":"available","summary":"All dependencies are available"},"urlForwarding":{"level":"available","summary":"All dependencies are available"},"usageCollection":{"level":"available","summary":"All dependencies are available"},"visDefaultEditor":{"level":"available","summary":"All dependencies are available"},"visTypeMarkdown":{"level":"available","summary":"All dependencies are available"},"visTypeMetric":{"level":"available","summary":"All dependencies are available"},"visTypePie":{"level":"available","summary":"All dependencies are available"},"visTypeTable":{"level":"available","summary":"All dependencies are available"},"visTypeTagcloud":{"level":"available","summary":"All dependencies are available"},"visTypeTimelion":{"level":"available","summary":"All dependencies are available"},"visTypeTimeseries":{"level":"available","summary":"All dependencies are available"},"visTypeVega":{"level":"available","summary":"All dependencies are available"},"visTypeVislib":{"level":"available","summary":"All dependencies are available"},"visTypeXy":{"level":"available","summary":"All dependencies are available"},"visualizations":{"level":"available","summary":"All dependencies are available"},"visualize":{"level":"available","summary":"All dependencies are available"},"actions":{"level":"available","summary":"All dependencies are available"},"alerting":{"level":"available","summary":"Alerting is (probably) ready"},"apm":{"level":"available","summary":"All dependencies are available"},"banners":{"level":"available","summary":"All dependencies are available"},"canvas":{"level":"available","summary":"All dependencies are available"},"cases":{"level":"available","summary":"All dependencies are available"},"cloud":{"level":"available","summary":"All dependencies are available"},"crossClusterReplication":{"level":"available","summary":"All dependencies are available"},"dashboardEnhanced":{"level":"available","summary":"All dependencies are available"},"dataEnhanced":{"level":"available","summary":"All dependencies are available"},"dataVisualizer":{"level":"available","summary":"All dependencies are available"},"discoverEnhanced":{"level":"available","summary":"All dependencies are available"},"urlDrilldown":{"level":"available","summary":"All dependencies are available"},"embeddableEnhanced":{"level":"available","summary":"All dependencies are available"},"encryptedSavedObjects":{"level":"available","summary":"All dependencies are available"},"enterpriseSearch":{"level":"available","summary":"All dependencies are available"},"eventLog":{"level":"available","summary":"All dependencies are available"},"features":{"level":"available","summary":"All dependencies are available"},"fileUpload":{"level":"available","summary":"All dependencies are available"},"fleet":{"level":"available","summary":"Fleet is available"},"globalSearch":{"level":"available","summary":"All dependencies are available"},"globalSearchBar":{"level":"available","summary":"All dependencies are available"},"globalSearchProviders":{"level":"available","summary":"All dependencies are available"},"graph":{"level":"available","summary":"All dependencies are available"},"grokdebugger":{"level":"available","summary":"All dependencies are available"},"indexLifecycleManagement":{"level":"available","summary":"All dependencies are available"},"indexManagement":{"level":"available","summary":"All dependencies are available"},"infra":{"level":"available","summary":"All dependencies are available"},"ingestPipelines":{"level":"available","summary":"All dependencies are available"},"lens":{"level":"available","summary":"All dependencies are available"},"licenseApiGuard":{"level":"available","summary":"All dependencies are available"},"licenseManagement":{"level":"available","summary":"All dependencies are available"},"licensing":{"level":"available","summary":"License fetched"},"lists":{"level":"available","summary":"All dependencies are available"},"logstash":{"level":"available","summary":"All dependencies are available"},"maps":{"level":"available","summary":"All dependencies are available"},"ml":{"level":"available","summary":"All dependencies are available"},"monitoring":{"level":"available","summary":"All dependencies are available"},"observability":{"level":"available","summary":"All dependencies are available"},"osquery":{"level":"available","summary":"All dependencies are available"},"painlessLab":{"level":"available","summary":"All dependencies are available"},"remoteClusters":{"level":"available","summary":"All dependencies are available"},"reporting":{"level":"available","summary":"All dependencies are available"},"rollup":{"level":"available","summary":"All dependencies are available"},"ruleRegistry":{"level":"available","summary":"All dependencies are available"},"runtimeFields":{"level":"available","summary":"All dependencies are available"},"savedObjectsTagging":{"level":"available","summary":"All dependencies are available"},"screenshotting":{"level":"available","summary":"All dependencies are available"},"searchprofiler":{"level":"available","summary":"All dependencies are available"},"security":{"level":"available","summary":"All dependencies are available"},"securitySolution":{"level":"available","summary":"All dependencies are available"},"snapshotRestore":{"level":"available","summary":"All dependencies are available"},"spaces":{"level":"available","summary":"All dependencies are available"},"stackAlerts":{"level":"available","summary":"All dependencies are available"},"taskManager":{"level":"available","summary":"All dependencies are available"},"telemetryCollectionXpack":{"level":"available","summary":"All dependencies are available"},"timelines":{"level":"available","summary":"All dependencies are available"},"transform":{"level":"available","summary":"All dependencies are available"},"translations":{"level":"available","summary":"All dependencies are available"},"triggersActionsUi":{"level":"available","summary":"All dependencies are available"},"uiActionsEnhanced":{"level":"available","summary":"All dependencies are available"},"upgradeAssistant":{"level":"available","summary":"All dependencies are available"},"uptime":{"level":"available","summary":"All dependencies are available"},"watcher":{"level":"available","summary":"All dependencies are available"}}},"metrics":{"last_updated":"2023-08-30T11:53:46.940Z","collection_interval_in_millis":5000,"os":{"platform":"linux","platformRelease":"linux-5.19.0-50-generic","load":{"1m":3.9,"5m":2.38,"15m":1.66},"memory":{"total_in_bytes":33358266368,"free_in_bytes":276086784,"used_in_bytes":33082179584},"uptime_in_millis":775478260,"distro":"Ubuntu","distroRelease":"Ubuntu-20.04"},"process":{"memory":{"heap":{"total_in_bytes":467066880,"used_in_bytes":369791072,"size_limit":4345298944},"resident_set_size_in_bytes":553046016},"pid":7,"event_loop_delay":10.310148231404959,"event_loop_delay_histogram":{"min":9.09312,"max":38.502399,"mean":10.310148231404959,"exceeds":0,"stddev":1.6360547505591572,"fromTimestamp":"2023-08-30T11:53:41.937Z","lastUpdatedAt":"2023-08-30T11:53:46.935Z","percentiles":{"50":10.100735,"75":10.117119,"95":10.895359,"99":14.811135}},"uptime_in_millis":90449.453821},"processes":[{"memory":{"heap":{"total_in_bytes":467066880,"used_in_bytes":369791072,"size_limit":4345298944},"resident_set_size_in_bytes":553046016},"pid":7,"event_loop_delay":10.310148231404959,"event_loop_delay_histogram":{"min":9.09312,"max":38.502399,"mean":10.310148231404959,"exceeds":0,"stddev":1.6360547505591572,"fromTimestamp":"2023-08-30T11:53:41.937Z","lastUpdatedAt":"2023-08-30T11:53:46.935Z","percentiles":{"50":10.100735,"75":10.117119,"95":10.895359,"99":14.811135}},"uptime_in_millis":90449.453821}],"response_times":{"avg_in_millis":26,"max_in_millis":26},"concurrent_connections":7,"requests":{"disconnects":0,"total":1,"statusCodes":{"200":1},"status_codes":{"200":1}}}}' + headers: + Accept-Ranges: + - bytes + Content-Length: + - "12279" + Content-Type: + - application/json + Date: + - Mon, 27 Nov 2023 18:05:27 GMT + Last-Modified: + - Tue, 03 Oct 2023 15:59:45 GMT + status: 200 OK + code: 200 + duration: 479.777µs + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic Og== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/fleet/agent_policies/fleet-server-policy + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 1077 + uncompressed: false + body: '{"item":{"id":"fleet-server-policy","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Fleet Server (elastic-package)","is_default_fleet_server":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T15:31:03.382Z","updated_by":"system","package_policies":[{"id":"default-fleet-server","version":"WzYyNCwxXQ==","name":"fleet_server-1","namespace":"default","package":{"name":"fleet_server","title":"Fleet Server","version":"1.2.0"},"enabled":true,"policy_id":"fleet-server-policy","output_id":"fleet-default-output","inputs":[{"type":"fleet-server","policy_template":"fleet_server","enabled":true,"streams":[],"vars":{"host":{"value":["0.0.0.0"],"type":"text"},"port":{"value":[8220],"type":"integer"},"max_agents":{"type":"integer"},"max_connections":{"type":"integer"},"custom":{"value":"","type":"yaml"}},"compiled_input":{"server":{"port":8220,"host":"0.0.0.0"}}}],"revision":1,"created_at":"2022-06-27T15:31:03.351Z","created_by":"system","updated_at":"2022-06-27T15:31:03.351Z","updated_by":"system"}]}}' + headers: + Accept-Ranges: + - bytes + Content-Length: + - "1077" + Content-Type: + - application/json + Date: + - Mon, 27 Nov 2023 18:05:27 GMT + Last-Modified: + - Mon, 06 Mar 2023 12:23:37 GMT + status: 200 OK + code: 200 + duration: 166.075µs diff --git a/internal/dump/testdata/fleet-8-mock-dump-all/api-fleet-agent_policies-fleet-server-policy.json b/internal/dump/testdata/fleet-8-mock-dump-all/api-fleet-agent_policies-fleet-server-policy.json deleted file mode 100644 index 65e4184460..0000000000 --- a/internal/dump/testdata/fleet-8-mock-dump-all/api-fleet-agent_policies-fleet-server-policy.json +++ /dev/null @@ -1 +0,0 @@ -{"item":{"id":"fleet-server-policy","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Fleet Server (elastic-package)","is_default_fleet_server":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T15:31:03.382Z","updated_by":"system","package_policies":[{"id":"default-fleet-server","version":"WzYyNCwxXQ==","name":"fleet_server-1","namespace":"default","package":{"name":"fleet_server","title":"Fleet Server","version":"1.2.0"},"enabled":true,"policy_id":"fleet-server-policy","output_id":"fleet-default-output","inputs":[{"type":"fleet-server","policy_template":"fleet_server","enabled":true,"streams":[],"vars":{"host":{"value":["0.0.0.0"],"type":"text"},"port":{"value":[8220],"type":"integer"},"max_agents":{"type":"integer"},"max_connections":{"type":"integer"},"custom":{"value":"","type":"yaml"}},"compiled_input":{"server":{"port":8220,"host":"0.0.0.0"}}}],"revision":1,"created_at":"2022-06-27T15:31:03.351Z","created_by":"system","updated_at":"2022-06-27T15:31:03.351Z","updated_by":"system"}]}} \ No newline at end of file diff --git a/internal/dump/testdata/fleet-8-mock-dump-all/api-fleet-agent_policies.full=true.page=1.json b/internal/dump/testdata/fleet-8-mock-dump-all/api-fleet-agent_policies.full=true.page=1.json deleted file mode 100644 index 7247809d6b..0000000000 --- a/internal/dump/testdata/fleet-8-mock-dump-all/api-fleet-agent_policies.full=true.page=1.json +++ /dev/null @@ -1 +0,0 @@ -{"items":[{"id":"8c913da0-f62e-11ec-9a9f-c3fb2ce46e7f","name":"Load Balancers Servers","description":"","namespace":"default","monitoring_enabled":["logs","metrics"],"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T15:33:59.587Z","updated_by":"elastic","package_policies":[{"id":"a09f2609-9e8b-4b48-998f-ce99340da027","version":"WzEzMjAsMV0=","name":"system-3","namespace":"default","package":{"name":"system","title":"System","version":"1.16.2"},"enabled":true,"policy_id":"8c913da0-f62e-11ec-9a9f-c3fb2ce46e7f","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"name":"Application","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"name":"Security","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"name":"System","condition":"${host.platform} == 'windows'","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-a09f2609-9e8b-4b48-998f-ce99340da027"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != 'windows'","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-a09f2609-9e8b-4b48-998f-ce99340da027","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-a09f2609-9e8b-4b48-998f-ce99340da027"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-a09f2609-9e8b-4b48-998f-ce99340da027"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-a09f2609-9e8b-4b48-998f-ce99340da027"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T15:33:55.519Z","created_by":"elastic","updated_at":"2022-06-27T15:33:55.519Z","updated_by":"elastic"},{"id":"46331ee9-90a9-4b1f-b568-98641e9bafc9","version":"WzEzMjIsMV0=","name":"nginx-load-balancers-test","namespace":"default","description":"","package":{"name":"nginx","title":"Nginx","version":"1.4.0"},"enabled":true,"policy_id":"8c913da0-f62e-11ec-9a9f-c3fb2ce46e7f","output_id":"","inputs":[{"type":"logfile","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"paths":{"value":["/var/log/nginx/access.log*"],"type":"text"},"tags":{"value":["nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.access-46331ee9-90a9-4b1f-b568-98641e9bafc9","compiled_stream":{"paths":["/var/log/nginx/access.log*"],"tags":["nginx-access"],"exclude_files":[".gz$"],"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"paths":{"value":["/var/log/nginx/error.log*"],"type":"text"},"tags":{"value":["nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.error-46331ee9-90a9-4b1f-b568-98641e9bafc9","compiled_stream":{"paths":["/var/log/nginx/error.log*"],"tags":["nginx-error"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\d{4}\\/\\d{2}\\/\\d{2} ","negate":true,"match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"httpjson","policy_template":"nginx","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:access","type":"text"},"tags":{"value":["forwarded","nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.access-46331ee9-90a9-4b1f-b568-98641e9bafc9"},{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:error","type":"text"},"tags":{"value":["forwarded","nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.error-46331ee9-90a9-4b1f-b568-98641e9bafc9"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}},{"type":"nginx/metrics","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"metrics","dataset":"nginx.stubstatus"},"vars":{"period":{"value":"10s","type":"text"},"server_status_path":{"value":"/nginx_status","type":"text"}},"id":"nginx/metrics-nginx.stubstatus-46331ee9-90a9-4b1f-b568-98641e9bafc9","compiled_stream":{"metricsets":["stubstatus"],"hosts":["http://127.0.0.1:80"],"period":"10s","server_status_path":"/nginx_status"}}],"vars":{"hosts":{"value":["http://127.0.0.1:80"],"type":"text"}}}],"revision":1,"created_at":"2022-06-27T15:33:58.606Z","created_by":"elastic","updated_at":"2022-06-27T15:33:58.606Z","updated_by":"elastic"}],"agents":0},{"id":"67c64ba0-f62e-11ec-9a9f-c3fb2ce46e7f","name":"HTTP servers","description":"","namespace":"default","monitoring_enabled":["logs","metrics"],"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T15:33:05.252Z","updated_by":"elastic","package_policies":[{"id":"863e86ed-8d12-466c-a6b9-b5c3769f4f80","version":"WzkyMywxXQ==","name":"system-2","namespace":"default","package":{"name":"system","title":"System","version":"1.16.2"},"enabled":true,"policy_id":"67c64ba0-f62e-11ec-9a9f-c3fb2ce46e7f","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"name":"Application","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"name":"Security","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"name":"System","condition":"${host.platform} == 'windows'","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-863e86ed-8d12-466c-a6b9-b5c3769f4f80"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != 'windows'","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-863e86ed-8d12-466c-a6b9-b5c3769f4f80","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-863e86ed-8d12-466c-a6b9-b5c3769f4f80"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-863e86ed-8d12-466c-a6b9-b5c3769f4f80"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-863e86ed-8d12-466c-a6b9-b5c3769f4f80"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T15:32:53.484Z","created_by":"elastic","updated_at":"2022-06-27T15:32:53.484Z","updated_by":"elastic"},{"id":"9be915b0-9b9b-45e2-adfc-37f18b64d468","version":"WzEwMjIsMV0=","name":"nginx-http-servers-test","namespace":"default","description":"","package":{"name":"nginx","title":"Nginx","version":"1.4.0"},"enabled":true,"policy_id":"67c64ba0-f62e-11ec-9a9f-c3fb2ce46e7f","output_id":"","inputs":[{"type":"logfile","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"paths":{"value":["/var/log/nginx/access.log*"],"type":"text"},"tags":{"value":["nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.access-9be915b0-9b9b-45e2-adfc-37f18b64d468","compiled_stream":{"paths":["/var/log/nginx/access.log*"],"tags":["nginx-access"],"exclude_files":[".gz$"],"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"paths":{"value":["/var/log/nginx/error.log*"],"type":"text"},"tags":{"value":["nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"logfile-nginx.error-9be915b0-9b9b-45e2-adfc-37f18b64d468","compiled_stream":{"paths":["/var/log/nginx/error.log*"],"tags":["nginx-error"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\d{4}\\/\\d{2}\\/\\d{2} ","negate":true,"match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"httpjson","policy_template":"nginx","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.access"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:access","type":"text"},"tags":{"value":["forwarded","nginx-access"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.access-9be915b0-9b9b-45e2-adfc-37f18b64d468"},{"enabled":false,"data_stream":{"type":"logs","dataset":"nginx.error"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=nginx:plus:error","type":"text"},"tags":{"value":["forwarded","nginx-error"],"type":"text"},"preserve_original_event":{"value":false,"type":"bool"},"processors":{"type":"yaml"}},"id":"httpjson-nginx.error-9be915b0-9b9b-45e2-adfc-37f18b64d468"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}},{"type":"nginx/metrics","policy_template":"nginx","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"metrics","dataset":"nginx.stubstatus"},"vars":{"period":{"value":"10s","type":"text"},"server_status_path":{"value":"/nginx_status","type":"text"}},"id":"nginx/metrics-nginx.stubstatus-9be915b0-9b9b-45e2-adfc-37f18b64d468","compiled_stream":{"metricsets":["stubstatus"],"hosts":["http://127.0.0.1:80"],"period":"10s","server_status_path":"/nginx_status"}}],"vars":{"hosts":{"value":["http://127.0.0.1:80"],"type":"text"}}}],"revision":1,"created_at":"2022-06-27T15:33:04.248Z","created_by":"elastic","updated_at":"2022-06-27T15:33:04.248Z","updated_by":"elastic"}],"agents":0},{"id":"fleet-server-policy","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Fleet Server (elastic-package)","is_default_fleet_server":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T15:31:03.382Z","updated_by":"system","package_policies":[{"id":"default-fleet-server","version":"WzYyNCwxXQ==","name":"fleet_server-1","namespace":"default","package":{"name":"fleet_server","title":"Fleet Server","version":"1.2.0"},"enabled":true,"policy_id":"fleet-server-policy","output_id":"fleet-default-output","inputs":[{"type":"fleet-server","policy_template":"fleet_server","enabled":true,"streams":[],"vars":{"host":{"value":["0.0.0.0"],"type":"text"},"port":{"value":[8220],"type":"integer"},"max_agents":{"type":"integer"},"max_connections":{"type":"integer"},"custom":{"value":"","type":"yaml"}},"compiled_input":{"server":{"port":8220,"host":"0.0.0.0"}}}],"revision":1,"created_at":"2022-06-27T15:31:03.351Z","created_by":"system","updated_at":"2022-06-27T15:31:03.351Z","updated_by":"system"}],"agents":1},{"id":"elastic-agent-managed-ep","namespace":"default","monitoring_enabled":["logs","metrics"],"name":"Elastic-Agent (elastic-package)","is_default":true,"is_preconfigured":true,"status":"active","is_managed":false,"revision":2,"updated_at":"2022-06-27T15:31:01.360Z","updated_by":"system","package_policies":[{"id":"default-system","version":"WzYyMiwxXQ==","name":"system-1","namespace":"default","package":{"name":"system","title":"System","version":"1.16.2"},"enabled":true,"policy_id":"elastic-agent-managed-ep","output_id":"fleet-default-output","inputs":[{"type":"logfile","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.auth"},"vars":{"paths":{"value":["/var/log/auth.log*","/var/log/secure*"],"type":"text"}},"id":"logfile-system.auth-default-system","compiled_stream":{"paths":["/var/log/auth.log*","/var/log/secure*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.syslog"},"vars":{"paths":{"value":["/var/log/messages*","/var/log/syslog*"],"type":"text"}},"id":"logfile-system.syslog-default-system","compiled_stream":{"paths":["/var/log/messages*","/var/log/syslog*"],"exclude_files":[".gz$"],"multiline":{"pattern":"^\\s","match":"after"},"processors":[{"add_locale":null}]}}]},{"type":"winlog","policy_template":"system","enabled":true,"streams":[{"enabled":true,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.application-default-system","compiled_stream":{"name":"Application","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.security-default-system","compiled_stream":{"name":"Security","condition":"${host.platform} == 'windows'","ignore_older":"72h"}},{"enabled":true,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"preserve_original_event":{"value":false,"type":"bool"},"event_id":{"type":"text"},"ignore_older":{"value":"72h","type":"text"},"language":{"value":0,"type":"text"},"tags":{"value":[],"type":"text"},"processors":{"type":"yaml"}},"id":"winlog-system.system-default-system","compiled_stream":{"name":"System","condition":"${host.platform} == 'windows'","ignore_older":"72h"}}]},{"type":"system/metrics","policy_template":"system","enabled":true,"streams":[{"enabled":false,"data_stream":{"type":"metrics","dataset":"system.core"},"vars":{"period":{"value":"10s","type":"text"},"core.metrics":{"value":["percentages"],"type":"text"}},"id":"system/metrics-system.core-default-system"},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.cpu"},"vars":{"period":{"value":"10s","type":"text"},"cpu.metrics":{"value":["percentages","normalized_percentages"],"type":"text"}},"id":"system/metrics-system.cpu-default-system","compiled_stream":{"metricsets":["cpu"],"cpu.metrics":["percentages","normalized_percentages"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.diskio"},"vars":{"period":{"value":"10s","type":"text"},"diskio.include_devices":{"value":[],"type":"text"}},"id":"system/metrics-system.diskio-default-system","compiled_stream":{"metricsets":["diskio"],"diskio.include_devices":null,"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.filesystem"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"},"filesystem.ignore_types":{"value":[],"type":"text"}},"id":"system/metrics-system.filesystem-default-system","compiled_stream":{"metricsets":["filesystem"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.filesystem.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.fsstat"},"vars":{"period":{"value":"1m","type":"text"},"processors":{"value":"- drop_event.when.regexp:\n system.fsstat.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)\n","type":"yaml"}},"id":"system/metrics-system.fsstat-default-system","compiled_stream":{"metricsets":["fsstat"],"period":"1m","processors":[{"drop_event.when.regexp":{"system.fsstat.mount_point":"^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)"}}]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.load"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.load-default-system","compiled_stream":{"metricsets":["load"],"condition":"${host.platform} != 'windows'","period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.memory"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.memory-default-system","compiled_stream":{"metricsets":["memory"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.network"},"vars":{"period":{"value":"10s","type":"text"},"network.interfaces":{"value":[],"type":"text"}},"id":"system/metrics-system.network-default-system","compiled_stream":{"metricsets":["network"],"period":"10s","network.interfaces":null}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process"},"vars":{"period":{"value":"10s","type":"text"},"process.include_top_n.by_cpu":{"value":5,"type":"integer"},"process.include_top_n.by_memory":{"value":5,"type":"integer"},"process.cmdline.cache.enabled":{"value":true,"type":"bool"},"process.cgroups.enabled":{"value":false,"type":"bool"},"process.env.whitelist":{"value":[],"type":"text"},"process.include_cpu_ticks":{"value":false,"type":"bool"},"processes":{"value":[".*"],"type":"text"}},"id":"system/metrics-system.process-default-system","compiled_stream":{"metricsets":["process"],"period":"10s","process.include_top_n.by_cpu":5,"process.include_top_n.by_memory":5,"process.cmdline.cache.enabled":true,"process.cgroups.enabled":false,"process.include_cpu_ticks":false,"processes":[".*"]}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.process.summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.process.summary-default-system","compiled_stream":{"metricsets":["process_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.socket_summary"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.socket_summary-default-system","compiled_stream":{"metricsets":["socket_summary"],"period":"10s"}},{"enabled":true,"data_stream":{"type":"metrics","dataset":"system.uptime"},"vars":{"period":{"value":"10s","type":"text"}},"id":"system/metrics-system.uptime-default-system","compiled_stream":{"metricsets":["uptime"],"period":"10s"}}],"vars":{"system.hostfs":{"type":"text"}}},{"type":"httpjson","policy_template":"system","enabled":false,"streams":[{"enabled":false,"data_stream":{"type":"logs","dataset":"system.application"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Application\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.application-default-system"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.security"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:Security\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.security-default-system"},{"enabled":false,"data_stream":{"type":"logs","dataset":"system.system"},"vars":{"interval":{"value":"10s","type":"text"},"search":{"value":"search sourcetype=\"XmlWinEventLog:System\"","type":"text"},"tags":{"value":["forwarded"],"type":"text"}},"id":"httpjson-system.system-default-system"}],"vars":{"url":{"value":"https://server.example.com:8089","type":"text"},"username":{"type":"text"},"password":{"type":"password"},"token":{"type":"password"},"preserve_original_event":{"value":false,"type":"bool"},"ssl":{"value":"#certificate_authorities:\n# - |\n# -----BEGIN CERTIFICATE-----\n# MIIDCjCCAfKgAwIBAgITJ706Mu2wJlKckpIvkWxEHvEyijANBgkqhkiG9w0BAQsF\n# ADAUMRIwEAYDVQQDDAlsb2NhbGhvc3QwIBcNMTkwNzIyMTkyOTA0WhgPMjExOTA2\n# MjgxOTI5MDRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB\n# BQADggEPADCCAQoCggEBANce58Y/JykI58iyOXpxGfw0/gMvF0hUQAcUrSMxEO6n\n# fZRA49b4OV4SwWmA3395uL2eB2NB8y8qdQ9muXUdPBWE4l9rMZ6gmfu90N5B5uEl\n# 94NcfBfYOKi1fJQ9i7WKhTjlRkMCgBkWPkUokvBZFRt8RtF7zI77BSEorHGQCk9t\n# /D7BS0GJyfVEhftbWcFEAG3VRcoMhF7kUzYwp+qESoriFRYLeDWv68ZOvG7eoWnP\n# PsvZStEVEimjvK5NSESEQa9xWyJOmlOKXhkdymtcUd/nXnx6UTCFgnkgzSdTWV41\n# CI6B6aJ9svCTI2QuoIq2HxX/ix7OvW1huVmcyHVxyUECAwEAAaNTMFEwHQYDVR0O\n# BBYEFPwN1OceFGm9v6ux8G+DZ3TUDYxqMB8GA1UdIwQYMBaAFPwN1OceFGm9v6ux\n# 8G+DZ3TUDYxqMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5D\n# 874A4YI7YUwOVsVAdbWtgp1d0zKcPRR+r2OdSbTAV5/gcS3jgBJ3i1BN34JuDVFw\n# 3DeJSYT3nxy2Y56lLnxDeF8CUTUtVQx3CuGkRg1ouGAHpO/6OqOhwLLorEmxi7tA\n# H2O8mtT0poX5AnOAhzVy7QW0D/k4WaoLyckM5hUa6RtvgvLxOwA0U+VGurCDoctu\n# 8F4QOgTAWyh8EZIwaKCliFRSynDpv3JTUwtfZkxo6K6nce1RhCWFAsMvDZL8Dgc0\n# yvgJ38BRsFOtkRuAGSf6ZUwTO8JJRRIFnpUzXflAnGivK9M13D5GEQMmIl6U9Pvk\n# sxSmbIUfc2SGJGCJD4I=\n# -----END CERTIFICATE-----\n","type":"yaml"}}}],"revision":1,"created_at":"2022-06-27T15:31:00.403Z","created_by":"system","updated_at":"2022-06-27T15:31:00.403Z","updated_by":"system"}],"agents":1}],"total":4,"page":1,"perPage":20} \ No newline at end of file diff --git a/internal/dump/testdata/fleet-8-mock-dump-all/api-status.json b/internal/dump/testdata/fleet-8-mock-dump-all/api-status.json deleted file mode 100644 index e6d750c7c1..0000000000 --- a/internal/dump/testdata/fleet-8-mock-dump-all/api-status.json +++ /dev/null @@ -1 +0,0 @@ -{"name":"kibana","uuid":"4d61db22-fa55-4750-91b8-dd344522c879","version":{"number":"8.0.0","build_hash":"57ca5e139a33dd2eed927ce98d8231a1f217cd15","build_number":49192,"build_snapshot":false},"status":{"overall":{"level":"available","summary":"All services are available"},"core":{"elasticsearch":{"level":"available","summary":"Elasticsearch is available","meta":{"warningNodes":[],"incompatibleNodes":[]}},"savedObjects":{"level":"available","summary":"SavedObjects service has completed migrations and is available","meta":{"migratedIndices":{"migrated":0,"skipped":0,"patched":2}}}},"plugins":{"advancedSettings":{"level":"available","summary":"All dependencies are available"},"bfetch":{"level":"available","summary":"All dependencies are available"},"expressionMetricVis":{"level":"available","summary":"All dependencies are available"},"expressionTagcloud":{"level":"available","summary":"All dependencies are available"},"charts":{"level":"available","summary":"All dependencies are available"},"console":{"level":"available","summary":"All dependencies are available"},"customIntegrations":{"level":"available","summary":"All dependencies are available"},"dashboard":{"level":"available","summary":"All dependencies are available"},"data":{"level":"available","summary":"All dependencies are available"},"dataViews":{"level":"available","summary":"All dependencies are available"},"devTools":{"level":"available","summary":"All dependencies are available"},"discover":{"level":"available","summary":"All dependencies are available"},"embeddable":{"level":"available","summary":"All dependencies are available"},"esUiShared":{"level":"available","summary":"All dependencies are available"},"expressionError":{"level":"available","summary":"All dependencies are available"},"expressionImage":{"level":"available","summary":"All dependencies are available"},"expressionMetric":{"level":"available","summary":"All dependencies are available"},"expressionRepeatImage":{"level":"available","summary":"All dependencies are available"},"expressionRevealImage":{"level":"available","summary":"All dependencies are available"},"expressionShape":{"level":"available","summary":"All dependencies are available"},"expressions":{"level":"available","summary":"All dependencies are available"},"fieldFormats":{"level":"available","summary":"All dependencies are available"},"home":{"level":"available","summary":"All dependencies are available"},"indexPatternEditor":{"level":"available","summary":"All dependencies are available"},"indexPatternFieldEditor":{"level":"available","summary":"All dependencies are available"},"indexPatternManagement":{"level":"available","summary":"All dependencies are available"},"inputControlVis":{"level":"available","summary":"All dependencies are available"},"inspector":{"level":"available","summary":"All dependencies are available"},"kibanaLegacy":{"level":"available","summary":"All dependencies are available"},"kibanaOverview":{"level":"available","summary":"All dependencies are available"},"kibanaReact":{"level":"available","summary":"All dependencies are available"},"kibanaUsageCollection":{"level":"available","summary":"All dependencies are available"},"kibanaUtils":{"level":"available","summary":"All dependencies are available"},"management":{"level":"available","summary":"All dependencies are available"},"mapsEms":{"level":"available","summary":"All dependencies are available"},"navigation":{"level":"available","summary":"All dependencies are available"},"newsfeed":{"level":"available","summary":"All dependencies are available"},"presentationUtil":{"level":"available","summary":"All dependencies are available"},"savedObjects":{"level":"available","summary":"All dependencies are available"},"savedObjectsManagement":{"level":"available","summary":"All dependencies are available"},"savedObjectsTaggingOss":{"level":"available","summary":"All dependencies are available"},"screenshotMode":{"level":"available","summary":"All dependencies are available"},"share":{"level":"available","summary":"All dependencies are available"},"telemetry":{"level":"available","summary":"All dependencies are available"},"telemetryCollectionManager":{"level":"available","summary":"All dependencies are available"},"telemetryManagementSection":{"level":"available","summary":"All dependencies are available"},"uiActions":{"level":"available","summary":"All dependencies are available"},"urlForwarding":{"level":"available","summary":"All dependencies are available"},"usageCollection":{"level":"available","summary":"All dependencies are available"},"visDefaultEditor":{"level":"available","summary":"All dependencies are available"},"visTypeMarkdown":{"level":"available","summary":"All dependencies are available"},"visTypeMetric":{"level":"available","summary":"All dependencies are available"},"visTypePie":{"level":"available","summary":"All dependencies are available"},"visTypeTable":{"level":"available","summary":"All dependencies are available"},"visTypeTagcloud":{"level":"available","summary":"All dependencies are available"},"visTypeTimelion":{"level":"available","summary":"All dependencies are available"},"visTypeTimeseries":{"level":"available","summary":"All dependencies are available"},"visTypeVega":{"level":"available","summary":"All dependencies are available"},"visTypeVislib":{"level":"available","summary":"All dependencies are available"},"visTypeXy":{"level":"available","summary":"All dependencies are available"},"visualizations":{"level":"available","summary":"All dependencies are available"},"visualize":{"level":"available","summary":"All dependencies are available"},"actions":{"level":"available","summary":"All dependencies are available"},"alerting":{"level":"available","summary":"Alerting is (probably) ready"},"apm":{"level":"available","summary":"All dependencies are available"},"banners":{"level":"available","summary":"All dependencies are available"},"canvas":{"level":"available","summary":"All dependencies are available"},"cases":{"level":"available","summary":"All dependencies are available"},"cloud":{"level":"available","summary":"All dependencies are available"},"crossClusterReplication":{"level":"available","summary":"All dependencies are available"},"dashboardEnhanced":{"level":"available","summary":"All dependencies are available"},"dataEnhanced":{"level":"available","summary":"All dependencies are available"},"dataVisualizer":{"level":"available","summary":"All dependencies are available"},"discoverEnhanced":{"level":"available","summary":"All dependencies are available"},"urlDrilldown":{"level":"available","summary":"All dependencies are available"},"embeddableEnhanced":{"level":"available","summary":"All dependencies are available"},"encryptedSavedObjects":{"level":"available","summary":"All dependencies are available"},"enterpriseSearch":{"level":"available","summary":"All dependencies are available"},"eventLog":{"level":"available","summary":"All dependencies are available"},"features":{"level":"available","summary":"All dependencies are available"},"fileUpload":{"level":"available","summary":"All dependencies are available"},"fleet":{"level":"available","summary":"Fleet is available"},"globalSearch":{"level":"available","summary":"All dependencies are available"},"globalSearchBar":{"level":"available","summary":"All dependencies are available"},"globalSearchProviders":{"level":"available","summary":"All dependencies are available"},"graph":{"level":"available","summary":"All dependencies are available"},"grokdebugger":{"level":"available","summary":"All dependencies are available"},"indexLifecycleManagement":{"level":"available","summary":"All dependencies are available"},"indexManagement":{"level":"available","summary":"All dependencies are available"},"infra":{"level":"available","summary":"All dependencies are available"},"ingestPipelines":{"level":"available","summary":"All dependencies are available"},"lens":{"level":"available","summary":"All dependencies are available"},"licenseApiGuard":{"level":"available","summary":"All dependencies are available"},"licenseManagement":{"level":"available","summary":"All dependencies are available"},"licensing":{"level":"available","summary":"License fetched"},"lists":{"level":"available","summary":"All dependencies are available"},"logstash":{"level":"available","summary":"All dependencies are available"},"maps":{"level":"available","summary":"All dependencies are available"},"ml":{"level":"available","summary":"All dependencies are available"},"monitoring":{"level":"available","summary":"All dependencies are available"},"observability":{"level":"available","summary":"All dependencies are available"},"osquery":{"level":"available","summary":"All dependencies are available"},"painlessLab":{"level":"available","summary":"All dependencies are available"},"remoteClusters":{"level":"available","summary":"All dependencies are available"},"reporting":{"level":"available","summary":"All dependencies are available"},"rollup":{"level":"available","summary":"All dependencies are available"},"ruleRegistry":{"level":"available","summary":"All dependencies are available"},"runtimeFields":{"level":"available","summary":"All dependencies are available"},"savedObjectsTagging":{"level":"available","summary":"All dependencies are available"},"screenshotting":{"level":"available","summary":"All dependencies are available"},"searchprofiler":{"level":"available","summary":"All dependencies are available"},"security":{"level":"available","summary":"All dependencies are available"},"securitySolution":{"level":"available","summary":"All dependencies are available"},"snapshotRestore":{"level":"available","summary":"All dependencies are available"},"spaces":{"level":"available","summary":"All dependencies are available"},"stackAlerts":{"level":"available","summary":"All dependencies are available"},"taskManager":{"level":"available","summary":"All dependencies are available"},"telemetryCollectionXpack":{"level":"available","summary":"All dependencies are available"},"timelines":{"level":"available","summary":"All dependencies are available"},"transform":{"level":"available","summary":"All dependencies are available"},"translations":{"level":"available","summary":"All dependencies are available"},"triggersActionsUi":{"level":"available","summary":"All dependencies are available"},"uiActionsEnhanced":{"level":"available","summary":"All dependencies are available"},"upgradeAssistant":{"level":"available","summary":"All dependencies are available"},"uptime":{"level":"available","summary":"All dependencies are available"},"watcher":{"level":"available","summary":"All dependencies are available"}}},"metrics":{"last_updated":"2023-08-30T11:53:46.940Z","collection_interval_in_millis":5000,"os":{"platform":"linux","platformRelease":"linux-5.19.0-50-generic","load":{"1m":3.9,"5m":2.38,"15m":1.66},"memory":{"total_in_bytes":33358266368,"free_in_bytes":276086784,"used_in_bytes":33082179584},"uptime_in_millis":775478260,"distro":"Ubuntu","distroRelease":"Ubuntu-20.04"},"process":{"memory":{"heap":{"total_in_bytes":467066880,"used_in_bytes":369791072,"size_limit":4345298944},"resident_set_size_in_bytes":553046016},"pid":7,"event_loop_delay":10.310148231404959,"event_loop_delay_histogram":{"min":9.09312,"max":38.502399,"mean":10.310148231404959,"exceeds":0,"stddev":1.6360547505591572,"fromTimestamp":"2023-08-30T11:53:41.937Z","lastUpdatedAt":"2023-08-30T11:53:46.935Z","percentiles":{"50":10.100735,"75":10.117119,"95":10.895359,"99":14.811135}},"uptime_in_millis":90449.453821},"processes":[{"memory":{"heap":{"total_in_bytes":467066880,"used_in_bytes":369791072,"size_limit":4345298944},"resident_set_size_in_bytes":553046016},"pid":7,"event_loop_delay":10.310148231404959,"event_loop_delay_histogram":{"min":9.09312,"max":38.502399,"mean":10.310148231404959,"exceeds":0,"stddev":1.6360547505591572,"fromTimestamp":"2023-08-30T11:53:41.937Z","lastUpdatedAt":"2023-08-30T11:53:46.935Z","percentiles":{"50":10.100735,"75":10.117119,"95":10.895359,"99":14.811135}},"uptime_in_millis":90449.453821}],"response_times":{"avg_in_millis":26,"max_in_millis":26},"concurrent_connections":7,"requests":{"disconnects":0,"total":1,"statusCodes":{"200":1},"status_codes":{"200":1}}}} \ No newline at end of file diff --git a/internal/elasticsearch/client.go b/internal/elasticsearch/client.go index 986442102c..694306c14c 100644 --- a/internal/elasticsearch/client.go +++ b/internal/elasticsearch/client.go @@ -89,13 +89,22 @@ type Client struct { // NewClient method creates new instance of the Elasticsearch client. func NewClient(customOptions ...ClientOption) (*Client, error) { + config, err := NewConfig(customOptions...) + if err != nil { + return nil, err + } + + return NewClientWithConfig(config) +} + +func NewConfig(customOptions ...ClientOption) (elasticsearch.Config, error) { options := clientOptions{} for _, option := range customOptions { option(&options) } if options.address == "" { - return nil, ErrUndefinedAddress + return elasticsearch.Config{}, ErrUndefinedAddress } config := elasticsearch.Config{ @@ -110,13 +119,17 @@ func NewClient(customOptions ...ClientOption) (*Client, error) { } else if options.certificateAuthority != "" { rootCAs, err := certs.SystemPoolWithCACertificate(options.certificateAuthority) if err != nil { - return nil, fmt.Errorf("reading CA certificate: %w", err) + return config, fmt.Errorf("reading CA certificate: %w", err) } config.Transport = &http.Transport{ TLSClientConfig: &tls.Config{RootCAs: rootCAs}, } } + return config, nil +} + +func NewClientWithConfig(config elasticsearch.Config) (*Client, error) { client, err := elasticsearch.NewClient(config) if err != nil { return nil, fmt.Errorf("can't create instance: %w", err) diff --git a/internal/elasticsearch/client_test.go b/internal/elasticsearch/client_test.go index 51e218a6d0..b39f55fb8b 100644 --- a/internal/elasticsearch/client_test.go +++ b/internal/elasticsearch/client_test.go @@ -56,21 +56,25 @@ func TestClientWithTLS(t *testing.T) { func TestClusterHealth(t *testing.T) { cases := []struct { - RecordDir string - Expected string + Record string + Expected string }{ { - RecordDir: "./testdata/elasticsearch-8-5-healthy", + // To reproduce the scenario, just start the stack with 8.5 version. + Record: "./testdata/elasticsearch-8-5-healthy", }, { - RecordDir: "./testdata/elasticsearch-8-5-red-out-of-disk", - Expected: "cluster in unhealthy state: 33 indices reside on nodes that have run or are likely to run out of disk space, this can temporarily disable writing on these indices.", + // To reproduce the scenario, start the stack with 8.5 version and + // limited disk space. If difficult to reproduce, manually modify + // the recording using info from previous changesets. + Record: "./testdata/elasticsearch-8-5-red-out-of-disk", + Expected: "cluster in unhealthy state: 33 indices reside on nodes that have run or are likely to run out of disk space, this can temporarily disable writing on these indices.", }, } for _, c := range cases { - t.Run(c.RecordDir, func(t *testing.T) { - client := test.NewClient(t, c.RecordDir) + t.Run(c.Record, func(t *testing.T) { + client := test.NewClient(t, c.Record) err := client.CheckHealth(context.Background()) if c.Expected != "" { diff --git a/internal/elasticsearch/test/httptest.go b/internal/elasticsearch/test/httptest.go index d35ed7896c..b13c3c77f4 100644 --- a/internal/elasticsearch/test/httptest.go +++ b/internal/elasticsearch/test/httptest.go @@ -5,16 +5,11 @@ package test import ( - "io" - "net/http" - "net/http/httptest" - "net/url" "os" - "path/filepath" - "strings" "testing" "github.com/stretchr/testify/require" + "gopkg.in/dnaeon/go-vcr.v3/recorder" "github.com/elastic/elastic-package/internal/elasticsearch" "github.com/elastic/elastic-package/internal/stack" @@ -24,65 +19,35 @@ import ( // responses. If responses are not found, it forwards the query to the server started by // elastic-package stack, and records the response. // Responses are recorded in the directory indicated by serverDataDir. -func NewClient(t *testing.T, serverDataDir string) *elasticsearch.Client { - server := testElasticsearchServer(t, serverDataDir) - t.Cleanup(func() { server.Close() }) - - client, err := stack.NewElasticsearchClient( - elasticsearch.OptionWithAddress(server.URL), - ) - require.NoError(t, err) - - return client -} - -func testElasticsearchServer(t *testing.T, mockServerDir string) *httptest.Server { - return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - t.Log(r.Method, r.URL.String()) - f := filepath.Join(mockServerDir, pathForURL(r.URL.String())) - if _, err := os.Stat(f); err != nil { - recordRequest(t, r, f) - } - http.ServeFile(w, r, f) - })) -} - -var pathReplacer = strings.NewReplacer( - "/", "-", - "*", "_", - "?", "_", - "=", "_", -) - -func pathForURL(url string) string { - clean := strings.Trim(url, "/") - if len(clean) == 0 { - return "root.json" +func NewClient(t *testing.T, recordFileName string) *elasticsearch.Client { + address := os.Getenv(stack.ElasticsearchHostEnv) + if address == "" { + address = "https://127.0.0.1:9200" } - return pathReplacer.Replace(clean) + ".json" -} - -func recordRequest(t *testing.T, r *http.Request, path string) { - client, err := stack.NewElasticsearchClient() + config, err := elasticsearch.NewConfig( + elasticsearch.OptionWithAddress(address), + elasticsearch.OptionWithPassword(os.Getenv(stack.ElasticsearchPasswordEnv)), + elasticsearch.OptionWithUsername(os.Getenv(stack.ElasticsearchUsernameEnv)), + elasticsearch.OptionWithCertificateAuthority(os.Getenv(stack.CACertificateEnv)), + ) require.NoError(t, err) - t.Logf("Recording %s in %s", r.URL.Path, path) - var recordURL url.URL - recordURL.Path = r.URL.Path - recordURL.RawQuery = r.URL.RawQuery - - req, err := http.NewRequest(r.Method, recordURL.String(), nil) + rec, err := recorder.NewWithOptions(&recorder.Options{ + CassetteName: recordFileName, + Mode: recorder.ModeRecordOnce, + SkipRequestLatency: true, + RealTransport: config.Transport, + }) require.NoError(t, err) + config.Transport = rec - resp, err := client.Perform(req) + client, err := elasticsearch.NewClientWithConfig(config) require.NoError(t, err) - defer resp.Body.Close() - os.MkdirAll(filepath.Dir(path), 0755) - f, err := os.Create(path) - require.NoError(t, err) - defer f.Close() + t.Cleanup(func() { + err := rec.Stop() + require.NoError(t, err) + }) - _, err = io.Copy(f, resp.Body) - require.NoError(t, err) + return client } diff --git a/internal/elasticsearch/testdata/elasticsearch-8-5-healthy.yaml b/internal/elasticsearch/testdata/elasticsearch-8-5-healthy.yaml new file mode 100644 index 0000000000..782e9228c1 --- /dev/null +++ b/internal/elasticsearch/testdata/elasticsearch-8-5-healthy.yaml @@ -0,0 +1,102 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/ + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 538 + uncompressed: false + body: | + { + "name" : "395e0d3471a2", + "cluster_name" : "elasticsearch", + "cluster_uuid" : "1Lg4BY0OQHy8IY9s4de1cw", + "version" : { + "number" : "8.5.0", + "build_flavor" : "default", + "build_type" : "docker", + "build_hash" : "c94b4700cda13820dad5aa74fae6db185ca5c304", + "build_date" : "2022-10-24T16:54:16.433628434Z", + "build_snapshot" : false, + "lucene_version" : "9.4.1", + "minimum_wire_compatibility_version" : "7.17.0", + "minimum_index_compatibility_version" : "7.0.0" + }, + "tagline" : "You Know, for Search" + } + headers: + Content-Length: + - "538" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 4.504445ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_cluster/health + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 405 + uncompressed: false + body: '{"cluster_name":"elasticsearch","status":"yellow","timed_out":false,"number_of_nodes":1,"number_of_data_nodes":1,"active_primary_shards":33,"active_shards":33,"relocating_shards":0,"initializing_shards":0,"unassigned_shards":19,"delayed_unassigned_shards":0,"number_of_pending_tasks":0,"number_of_in_flight_fetch":0,"task_max_waiting_in_queue_millis":0,"active_shards_percent_as_number":63.46153846153846}' + headers: + Content-Length: + - "405" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 1.533637ms diff --git a/internal/elasticsearch/testdata/elasticsearch-8-5-healthy/_cluster-health.json b/internal/elasticsearch/testdata/elasticsearch-8-5-healthy/_cluster-health.json deleted file mode 100644 index 26ab1ed050..0000000000 --- a/internal/elasticsearch/testdata/elasticsearch-8-5-healthy/_cluster-health.json +++ /dev/null @@ -1 +0,0 @@ -{"cluster_name":"elasticsearch","status":"yellow","timed_out":false,"number_of_nodes":1,"number_of_data_nodes":1,"active_primary_shards":33,"active_shards":33,"relocating_shards":0,"initializing_shards":0,"unassigned_shards":19,"delayed_unassigned_shards":0,"number_of_pending_tasks":0,"number_of_in_flight_fetch":0,"task_max_waiting_in_queue_millis":0,"active_shards_percent_as_number":63.46153846153846} \ No newline at end of file diff --git a/internal/elasticsearch/testdata/elasticsearch-8-5-healthy/root.json b/internal/elasticsearch/testdata/elasticsearch-8-5-healthy/root.json deleted file mode 100644 index b5284be82c..0000000000 --- a/internal/elasticsearch/testdata/elasticsearch-8-5-healthy/root.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "name" : "6dcb6ee762ec", - "cluster_name" : "elasticsearch", - "cluster_uuid" : "YhxaHz-aRrKl_rtySRVBoQ", - "version" : { - "number" : "8.5.0-SNAPSHOT", - "build_flavor" : "default", - "build_type" : "docker", - "build_hash" : "77b936e44234defdde3c7ded0d1ad9ae5e288f77", - "build_date" : "2022-10-29T04:11:27.132517622Z", - "build_snapshot" : true, - "lucene_version" : "9.4.1", - "minimum_wire_compatibility_version" : "7.17.0", - "minimum_index_compatibility_version" : "7.0.0" - }, - "tagline" : "You Know, for Search" -} diff --git a/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk.yaml b/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk.yaml new file mode 100644 index 0000000000..5a33e0a57a --- /dev/null +++ b/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk.yaml @@ -0,0 +1,144 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/ + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 538 + uncompressed: false + body: | + { + "name" : "395e0d3471a2", + "cluster_name" : "elasticsearch", + "cluster_uuid" : "1Lg4BY0OQHy8IY9s4de1cw", + "version" : { + "number" : "8.5.0", + "build_flavor" : "default", + "build_type" : "docker", + "build_hash" : "c94b4700cda13820dad5aa74fae6db185ca5c304", + "build_date" : "2022-10-24T16:54:16.433628434Z", + "build_snapshot" : false, + "lucene_version" : "9.4.1", + "minimum_wire_compatibility_version" : "7.17.0", + "minimum_index_compatibility_version" : "7.0.0" + }, + "tagline" : "You Know, for Search" + } + headers: + Content-Length: + - "538" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 4.321606ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_cluster/health + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 405 + uncompressed: false + body: '{"cluster_name":"elasticsearch","status":"red","timed_out":false,"number_of_nodes":1,"number_of_data_nodes":1,"active_primary_shards":33,"active_shards":33,"relocating_shards":0,"initializing_shards":0,"unassigned_shards":20,"delayed_unassigned_shards":0,"number_of_pending_tasks":0,"number_of_in_flight_fetch":0,"task_max_waiting_in_queue_millis":0,"active_shards_percent_as_number":62.264150943396224}' + headers: + Content-Length: + - "405" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 1.265951ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: "" + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + User-Agent: + - go-elasticsearch/7.17.10 (linux amd64; Go 1.21.3) + X-Elastic-Client-Meta: + - es=7.17.10,go=1.21.3,t=7.17.10,hc=1.21.3 + url: https://127.0.0.1:9200/_internal/_health + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 3758 + uncompressed: false + body: | + {"status":"red","cluster_name":"elasticsearch","indicators":{"master_is_stable":{"status":"green","symptom":"The cluster has a stable master node","details":{"current_master":{"node_id":"PWBH3euxQn2wZwg0OgeCzQ","name":"008309953ac4"},"recent_masters":[{"node_id":"PWBH3euxQn2wZwg0OgeCzQ","name":"008309953ac4"}]}},"repository_integrity":{"status":"green","symptom":"No snapshot repositories configured."},"shards_availability":{"status":"red","symptom":"This cluster has 1 unavailable primary shard, 19 unavailable replica shards.","details":{"creating_primaries":0,"unassigned_replicas":19,"restarting_primaries":0,"restarting_replicas":0,"initializing_primaries":0,"started_replicas":0,"initializing_replicas":0,"unassigned_primaries":1,"started_primaries":33},"impacts":[{"id":"elasticsearch:health:shards_availability:impact:primary_unassigned","severity":1,"description":"Cannot add data to 1 index [.fleet-actions-7]. Searches might return incomplete results.","impact_areas":["ingest","search"]},{"id":"elasticsearch:health:shards_availability:impact:replica_unassigned","severity":2,"description":"Searches might be slower than usual. Fewer redundant copies of the data exist on 19 indices [.ds-logs-elastic_agent-default-2022.11.25-000001, .ds-logs-elastic_agent.filebeat-default-2022.11.25-000001, .ds-logs-elastic_agent.fleet_server-default-2022.11.25-000001, .ds-logs-elastic_agent.metricbeat-default-2022.11.25-000001, .ds-metrics-elastic_agent.elastic_agent-default-2022.11.25-000001, .ds-metrics-elastic_agent.filebeat-default-2022.11.25-000001, .ds-metrics-elastic_agent.fleet_server-default-2022.11.25-000001, .ds-metrics-elastic_agent.metricbeat-default-2022.11.25-000001, .ds-metrics-system.cpu-default-2022.11.25-000001, .ds-metrics-system.diskio-default-2022.11.25-000001, ...].","impact_areas":["search"]}],"diagnosis":[{"id":"elasticsearch:health:shards_availability:diagnosis:increase_tier_capacity_for_allocations:tier:data_hot","cause":"Elasticsearch isn't allowed to allocate some shards from these indices to any of the nodes in the desired data tier because there are not enough nodes in the [data_hot] tier to allocate each shard copy on a different node.","action":"Increase the number of nodes in this tier or decrease the number of replica shards in the affected indices.","affected_resources":[".ds-logs-elastic_agent-default-2022.11.25-000001",".ds-logs-elastic_agent.filebeat-default-2022.11.25-000001",".ds-logs-elastic_agent.fleet_server-default-2022.11.25-000001",".ds-logs-elastic_agent.metricbeat-default-2022.11.25-000001",".ds-metrics-elastic_agent.elastic_agent-default-2022.11.25-000001",".ds-metrics-elastic_agent.filebeat-default-2022.11.25-000001",".ds-metrics-elastic_agent.fleet_server-default-2022.11.25-000001",".ds-metrics-elastic_agent.metricbeat-default-2022.11.25-000001",".ds-metrics-system.cpu-default-2022.11.25-000001",".ds-metrics-system.diskio-default-2022.11.25-000001",".ds-metrics-system.filesystem-default-2022.11.25-000001",".ds-metrics-system.fsstat-default-2022.11.25-000001",".ds-metrics-system.load-default-2022.11.25-000001",".ds-metrics-system.memory-default-2022.11.25-000001",".ds-metrics-system.network-default-2022.11.25-000001",".ds-metrics-system.process-default-2022.11.25-000001",".ds-metrics-system.process.summary-default-2022.11.25-000001",".ds-metrics-system.socket_summary-default-2022.11.25-000001",".ds-metrics-system.uptime-default-2022.11.25-000001"],"help_url":"http://ela.st/tier-capacity"},{"id":"elasticsearch:health:shards_availability:diagnosis:explain_allocations","cause":"Elasticsearch isn't allowed to allocate some shards from these indices to any of the nodes in the cluster.","action":"Diagnose the issue by calling the allocation explain API for an index [GET _cluster/allocation/explain]. Choose a node to which you expect a shard to be allocated, find this node in the node-by-node explanation, and address the reasons which prevent Elasticsearch from allocating the shard.","affected_resources":[".fleet-actions-7"],"help_url":"http://ela.st/diagnose-shards"}]},"disk":{"status":"red","symptom":"33 indices are not allowed to be updated. 1 node is out of disk or running low on disk space.","details":{"indices_with_readonly_block":33,"nodes_with_enough_disk_space":0,"nodes_with_unknown_disk_status":0,"nodes_over_high_watermark":0,"nodes_over_flood_stage_watermark":1},"impacts":[{"id":"elasticsearch:health:disk:impact:ingest_capability_unavailable","severity":1,"description":"Cannot insert or update documents in the affected indices [.kibana_security_session_1, .security-7, .kibana_8.5.0_001, .kibana_task_manager_8.5.0_001, .apm-agent-configuration, .apm-custom-link, .ds-.logs-deprecation.elasticsearch-default-2022.11.25-000001, .ds-ilm-history-5-2022.11.25-000001, .ds-logs-elastic_agent-default-2022.11.25-000001, .ds-logs-elastic_agent.filebeat-default-2022.11.25-000001, ...].","impact_areas":["ingest"]},{"id":"elasticsearch:health:disk:impact:cluster_stability_at_risk","severity":1,"description":"Cluster stability might be impaired.","impact_areas":["deployment_management"]},{"id":"elasticsearch:health:disk:impact:cluster_functionality_unavailable","severity":3,"description":"The [ingest, ml, remote_cluster_client, transform] functionality might be impaired.","impact_areas":["deployment_management"]}],"diagnosis":[{"id":"elasticsearch:health:disk:diagnosis:add_disk_capacity_data_nodes","cause":"33 indices reside on nodes that have run or are likely to run out of disk space, this can temporarily disable writing on these indices.","action":"Enable autoscaling (if applicable), add disk capacity or free up disk space to resolve this. If you have already taken action please wait for the rebalancing to complete.","affected_resources":["PWBH3euxQn2wZwg0OgeCzQ"],"help_url":"https://ela.st/fix-data-disk"}]},"ilm":{"status":"green","symptom":"Index Lifecycle Management is running","details":{"policies":25,"ilm_status":"RUNNING"}},"slm":{"status":"green","symptom":"No Snapshot Lifecycle Management policies configured","details":{"slm_status":"RUNNING","policies":0}}}} + headers: + Content-Length: + - "3758" + Content-Type: + - application/json + X-Elastic-Product: + - Elasticsearch + status: 200 OK + code: 200 + duration: 20.397377ms diff --git a/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk/_cluster-health.json b/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk/_cluster-health.json deleted file mode 100644 index 8def409a5a..0000000000 --- a/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk/_cluster-health.json +++ /dev/null @@ -1 +0,0 @@ -{"cluster_name":"elasticsearch","status":"red","timed_out":false,"number_of_nodes":1,"number_of_data_nodes":1,"active_primary_shards":33,"active_shards":33,"relocating_shards":0,"initializing_shards":0,"unassigned_shards":20,"delayed_unassigned_shards":0,"number_of_pending_tasks":0,"number_of_in_flight_fetch":0,"task_max_waiting_in_queue_millis":0,"active_shards_percent_as_number":62.264150943396224} \ No newline at end of file diff --git a/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk/_internal-_health.json b/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk/_internal-_health.json deleted file mode 100644 index d140d20c44..0000000000 --- a/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk/_internal-_health.json +++ /dev/null @@ -1 +0,0 @@ -{"status":"red","cluster_name":"elasticsearch","indicators":{"master_is_stable":{"status":"green","symptom":"The cluster has a stable master node","details":{"current_master":{"node_id":"PWBH3euxQn2wZwg0OgeCzQ","name":"008309953ac4"},"recent_masters":[{"node_id":"PWBH3euxQn2wZwg0OgeCzQ","name":"008309953ac4"}]}},"repository_integrity":{"status":"green","symptom":"No snapshot repositories configured."},"shards_availability":{"status":"red","symptom":"This cluster has 1 unavailable primary shard, 19 unavailable replica shards.","details":{"creating_primaries":0,"unassigned_replicas":19,"restarting_primaries":0,"restarting_replicas":0,"initializing_primaries":0,"started_replicas":0,"initializing_replicas":0,"unassigned_primaries":1,"started_primaries":33},"impacts":[{"id":"elasticsearch:health:shards_availability:impact:primary_unassigned","severity":1,"description":"Cannot add data to 1 index [.fleet-actions-7]. Searches might return incomplete results.","impact_areas":["ingest","search"]},{"id":"elasticsearch:health:shards_availability:impact:replica_unassigned","severity":2,"description":"Searches might be slower than usual. Fewer redundant copies of the data exist on 19 indices [.ds-logs-elastic_agent-default-2022.11.25-000001, .ds-logs-elastic_agent.filebeat-default-2022.11.25-000001, .ds-logs-elastic_agent.fleet_server-default-2022.11.25-000001, .ds-logs-elastic_agent.metricbeat-default-2022.11.25-000001, .ds-metrics-elastic_agent.elastic_agent-default-2022.11.25-000001, .ds-metrics-elastic_agent.filebeat-default-2022.11.25-000001, .ds-metrics-elastic_agent.fleet_server-default-2022.11.25-000001, .ds-metrics-elastic_agent.metricbeat-default-2022.11.25-000001, .ds-metrics-system.cpu-default-2022.11.25-000001, .ds-metrics-system.diskio-default-2022.11.25-000001, ...].","impact_areas":["search"]}],"diagnosis":[{"id":"elasticsearch:health:shards_availability:diagnosis:increase_tier_capacity_for_allocations:tier:data_hot","cause":"Elasticsearch isn't allowed to allocate some shards from these indices to any of the nodes in the desired data tier because there are not enough nodes in the [data_hot] tier to allocate each shard copy on a different node.","action":"Increase the number of nodes in this tier or decrease the number of replica shards in the affected indices.","affected_resources":[".ds-logs-elastic_agent-default-2022.11.25-000001",".ds-logs-elastic_agent.filebeat-default-2022.11.25-000001",".ds-logs-elastic_agent.fleet_server-default-2022.11.25-000001",".ds-logs-elastic_agent.metricbeat-default-2022.11.25-000001",".ds-metrics-elastic_agent.elastic_agent-default-2022.11.25-000001",".ds-metrics-elastic_agent.filebeat-default-2022.11.25-000001",".ds-metrics-elastic_agent.fleet_server-default-2022.11.25-000001",".ds-metrics-elastic_agent.metricbeat-default-2022.11.25-000001",".ds-metrics-system.cpu-default-2022.11.25-000001",".ds-metrics-system.diskio-default-2022.11.25-000001",".ds-metrics-system.filesystem-default-2022.11.25-000001",".ds-metrics-system.fsstat-default-2022.11.25-000001",".ds-metrics-system.load-default-2022.11.25-000001",".ds-metrics-system.memory-default-2022.11.25-000001",".ds-metrics-system.network-default-2022.11.25-000001",".ds-metrics-system.process-default-2022.11.25-000001",".ds-metrics-system.process.summary-default-2022.11.25-000001",".ds-metrics-system.socket_summary-default-2022.11.25-000001",".ds-metrics-system.uptime-default-2022.11.25-000001"],"help_url":"http://ela.st/tier-capacity"},{"id":"elasticsearch:health:shards_availability:diagnosis:explain_allocations","cause":"Elasticsearch isn't allowed to allocate some shards from these indices to any of the nodes in the cluster.","action":"Diagnose the issue by calling the allocation explain API for an index [GET _cluster/allocation/explain]. Choose a node to which you expect a shard to be allocated, find this node in the node-by-node explanation, and address the reasons which prevent Elasticsearch from allocating the shard.","affected_resources":[".fleet-actions-7"],"help_url":"http://ela.st/diagnose-shards"}]},"disk":{"status":"red","symptom":"33 indices are not allowed to be updated. 1 node is out of disk or running low on disk space.","details":{"indices_with_readonly_block":33,"nodes_with_enough_disk_space":0,"nodes_with_unknown_disk_status":0,"nodes_over_high_watermark":0,"nodes_over_flood_stage_watermark":1},"impacts":[{"id":"elasticsearch:health:disk:impact:ingest_capability_unavailable","severity":1,"description":"Cannot insert or update documents in the affected indices [.kibana_security_session_1, .security-7, .kibana_8.5.0_001, .kibana_task_manager_8.5.0_001, .apm-agent-configuration, .apm-custom-link, .ds-.logs-deprecation.elasticsearch-default-2022.11.25-000001, .ds-ilm-history-5-2022.11.25-000001, .ds-logs-elastic_agent-default-2022.11.25-000001, .ds-logs-elastic_agent.filebeat-default-2022.11.25-000001, ...].","impact_areas":["ingest"]},{"id":"elasticsearch:health:disk:impact:cluster_stability_at_risk","severity":1,"description":"Cluster stability might be impaired.","impact_areas":["deployment_management"]},{"id":"elasticsearch:health:disk:impact:cluster_functionality_unavailable","severity":3,"description":"The [ingest, ml, remote_cluster_client, transform] functionality might be impaired.","impact_areas":["deployment_management"]}],"diagnosis":[{"id":"elasticsearch:health:disk:diagnosis:add_disk_capacity_data_nodes","cause":"33 indices reside on nodes that have run or are likely to run out of disk space, this can temporarily disable writing on these indices.","action":"Enable autoscaling (if applicable), add disk capacity or free up disk space to resolve this. If you have already taken action please wait for the rebalancing to complete.","affected_resources":["PWBH3euxQn2wZwg0OgeCzQ"],"help_url":"https://ela.st/fix-data-disk"}]},"ilm":{"status":"green","symptom":"Index Lifecycle Management is running","details":{"policies":25,"ilm_status":"RUNNING"}},"slm":{"status":"green","symptom":"No Snapshot Lifecycle Management policies configured","details":{"slm_status":"RUNNING","policies":0}}}} \ No newline at end of file diff --git a/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk/root.json b/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk/root.json deleted file mode 100644 index b3e9625dbd..0000000000 --- a/internal/elasticsearch/testdata/elasticsearch-8-5-red-out-of-disk/root.json +++ /dev/null @@ -1,17 +0,0 @@ -{ - "name" : "008309953ac4", - "cluster_name" : "elasticsearch", - "cluster_uuid" : "vYXuo7eQR-ikBlJfH3kQaQ", - "version" : { - "number" : "8.5.0-SNAPSHOT", - "build_flavor" : "default", - "build_type" : "docker", - "build_hash" : "77b936e44234defdde3c7ded0d1ad9ae5e288f77", - "build_date" : "2022-10-29T04:11:27.132517622Z", - "build_snapshot" : true, - "lucene_version" : "9.4.1", - "minimum_wire_compatibility_version" : "7.17.0", - "minimum_index_compatibility_version" : "7.0.0" - }, - "tagline" : "You Know, for Search" -} diff --git a/internal/kibana/client.go b/internal/kibana/client.go index df5923ecd7..c53ee63e61 100644 --- a/internal/kibana/client.go +++ b/internal/kibana/client.go @@ -35,8 +35,9 @@ type Client struct { versionInfo VersionInfo semver *semver.Version - retryMax int - http *http.Client + retryMax int + http *http.Client + httpClientSetup func(*http.Client) *http.Client } // ClientOption is functional option modifying Kibana client. @@ -121,6 +122,13 @@ func CertificateAuthority(certificateAuthority string) ClientOption { } } +// HTTPClientSetup adds an initializing function for the http client. +func HTTPClientSetup(setup func(*http.Client) *http.Client) ClientOption { + return func(c *Client) { + c.httpClientSetup = setup + } +} + func (c *Client) get(resourcePath string) (int, []byte, error) { return c.SendRequest(http.MethodGet, resourcePath, nil) } @@ -212,5 +220,9 @@ func (c *Client) newHttpClient() (*http.Client, error) { client = retry.WrapHTTPClient(client, opts) } + if c.httpClientSetup != nil { + client = c.httpClientSetup(client) + } + return client, nil } diff --git a/internal/kibana/savedobjects_test.go b/internal/kibana/savedobjects_test.go index 2a97014470..c678a70b8f 100644 --- a/internal/kibana/savedobjects_test.go +++ b/internal/kibana/savedobjects_test.go @@ -5,39 +5,35 @@ package kibana_test import ( - "errors" "net/http" "testing" - "github.com/google/uuid" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/elastic/elastic-package/internal/kibana" - "github.com/elastic/elastic-package/internal/stack" + kibanatest "github.com/elastic/elastic-package/internal/kibana/test" ) func TestSetManagedSavedObject(t *testing.T) { - // TODO: Use kibana test client when we support recording POST requests. - client, err := stack.NewKibanaClient(kibana.RetryMax(0)) - var undefinedEnvError *stack.ErrUndefinedEnv - if errors.As(err, &undefinedEnvError) { - t.Skip("Kibana host required:", err) - } - require.NoError(t, err) + // Recorded requests are not going to match the boundaries of + // multipart fields in requests, but we can ignore it by now as + // we are mostly interested on the bodies of the responses. + // To update this test just remove the record file and run the test. + client := kibanatest.NewClient(t, "testdata/kibana-8-mock-set-managed") id := preloadDashboard(t, client) require.True(t, getManagedSavedObject(t, client, "dashboard", id)) - err = client.SetManagedSavedObject("dashboard", id, false) + err := client.SetManagedSavedObject("dashboard", id, false) require.NoError(t, err) assert.False(t, getManagedSavedObject(t, client, "dashboard", id)) } func preloadDashboard(t *testing.T, client *kibana.Client) string { - id := uuid.New().String() + id := "test-managed-saved-objects" importRequest := kibana.ImportSavedObjectsRequest{ - Overwrite: false, // Highly unlikely, but avoid overwriting existing objects. + Overwrite: false, // We should not need to overwrite objects. Objects: []map[string]any{ { "attributes": map[string]any{ diff --git a/internal/kibana/test/httptest.go b/internal/kibana/test/httptest.go index e24d6b9ebb..b907fbab79 100644 --- a/internal/kibana/test/httptest.go +++ b/internal/kibana/test/httptest.go @@ -6,13 +6,11 @@ package test import ( "net/http" - "net/http/httptest" "os" - "path/filepath" - "strings" "testing" "github.com/stretchr/testify/require" + "gopkg.in/dnaeon/go-vcr.v3/recorder" "github.com/elastic/elastic-package/internal/kibana" "github.com/elastic/elastic-package/internal/stack" @@ -22,54 +20,36 @@ import ( // responses. If responses are not found, it forwards the query to the server started by // elastic-package stack, and records the response. // Responses are recorded in the directory indicated by serverDataDir. -func NewClient(t *testing.T, serverDataDir string) *kibana.Client { - server := testKibanaServer(t, serverDataDir) - t.Cleanup(func() { server.Close() }) +func NewClient(t *testing.T, recordFileName string) *kibana.Client { + setupHTTPClient := func(client *http.Client) *http.Client { + rec, err := recorder.NewWithOptions(&recorder.Options{ + CassetteName: recordFileName, + Mode: recorder.ModeRecordOnce, + SkipRequestLatency: true, + RealTransport: client.Transport, + }) + require.NoError(t, err) + t.Cleanup(func() { + err := rec.Stop() + require.NoError(t, err) + }) + return rec.GetDefaultClient() + } + address := os.Getenv(stack.KibanaHostEnv) + if address == "" { + address = "https://127.0.0.1:5601" + } client, err := kibana.NewClient( - kibana.Address(server.URL), + kibana.Address(address), + kibana.Password(os.Getenv(stack.ElasticsearchPasswordEnv)), + kibana.Username(os.Getenv(stack.ElasticsearchUsernameEnv)), + kibana.CertificateAuthority(os.Getenv(stack.CACertificateEnv)), + + kibana.HTTPClientSetup(setupHTTPClient), + kibana.RetryMax(0), ) require.NoError(t, err) return client } - -func testKibanaServer(t *testing.T, mockServerDir string) *httptest.Server { - return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - t.Log(r.Method, r.URL.String()) - f := filepath.Join(mockServerDir, pathForURL(r.URL.String())) - if _, err := os.Stat(f); err != nil { - recordRequest(t, r, f) - } - http.ServeFile(w, r, f) - })) -} - -var pathReplacer = strings.NewReplacer("/", "-", "*", "_", "?", ".", "&", ".") - -// FIXME duplicated in internal/elasticsearch/test/http_test.go -func pathForURL(url string) string { - clean := strings.Trim(url, "/") - if len(clean) == 0 { - return "root.json" - } - return pathReplacer.Replace(clean) + ".json" -} - -func recordRequest(t *testing.T, r *http.Request, path string) { - client, err := stack.NewKibanaClient() - require.NoError(t, err) - - t.Logf("Recording %s in %s", r.URL.RequestURI(), path) - status, respBody, err := client.SendRequest(http.MethodGet, r.URL.RequestURI(), nil) - require.Equal(t, 200, status) - require.NoError(t, err) - - os.MkdirAll(filepath.Dir(path), 0755) - f, err := os.Create(path) - require.NoError(t, err) - defer f.Close() - - _, err = f.Write(respBody) - require.NoError(t, err) -} diff --git a/internal/kibana/testdata/kibana-8-mock-set-managed.yaml b/internal/kibana/testdata/kibana-8-mock-set-managed.yaml new file mode 100644 index 0000000000..58f6c8a3d6 --- /dev/null +++ b/internal/kibana/testdata/kibana-8-mock-set-managed.yaml @@ -0,0 +1,437 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/status + method: GET + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: + - chunked + trailer: {} + content_length: -1 + uncompressed: true + body: '{"name":"kibana","uuid":"ac342633-d520-4ca4-a2f6-c769ed6d1ddf","version":{"number":"8.10.1","build_hash":"6957ba896ec80fbaeaa269debfdce1478bdde661","build_number":66390,"build_snapshot":false,"build_date":"2023-09-14T23:20:44.999Z"},"status":{"overall":{"level":"available","summary":"All services are available"},"core":{"elasticsearch":{"level":"available","summary":"Elasticsearch is available","meta":{"warningNodes":[],"incompatibleNodes":[]}},"savedObjects":{"level":"available","summary":"SavedObjects service has completed migrations and is available","meta":{"migratedIndices":{"migrated":0,"skipped":0,"patched":6}}}},"plugins":{"licensing":{"level":"available","summary":"License fetched"},"banners":{"level":"available","summary":"All dependencies are available"},"customBranding":{"level":"available","summary":"All dependencies are available"},"features":{"level":"available","summary":"All dependencies are available"},"globalSearch":{"level":"available","summary":"All dependencies are available"},"mapsEms":{"level":"available","summary":"All dependencies are available"},"globalSearchProviders":{"level":"available","summary":"All dependencies are available"},"guidedOnboarding":{"level":"available","summary":"All dependencies are available"},"home":{"level":"available","summary":"All dependencies are available"},"console":{"level":"available","summary":"All dependencies are available"},"grokdebugger":{"level":"available","summary":"All dependencies are available"},"management":{"level":"available","summary":"All dependencies are available"},"painlessLab":{"level":"available","summary":"All dependencies are available"},"searchprofiler":{"level":"available","summary":"All dependencies are available"},"advancedSettings":{"level":"available","summary":"All dependencies are available"},"cloudDataMigration":{"level":"available","summary":"All dependencies are available"},"spaces":{"level":"available","summary":"All dependencies are available"},"eventLog":{"level":"available","summary":"All dependencies are available"},"security":{"level":"available","summary":"All dependencies are available"},"cloudLinks":{"level":"available","summary":"All dependencies are available"},"data":{"level":"available","summary":"All dependencies are available"},"encryptedSavedObjects":{"level":"available","summary":"All dependencies are available"},"files":{"level":"available","summary":"All dependencies are available"},"lists":{"level":"available","summary":"All dependencies are available"},"snapshotRestore":{"level":"available","summary":"All dependencies are available"},"telemetry":{"level":"available","summary":"All dependencies are available"},"actions":{"level":"available","summary":"All dependencies are available"},"dataViewEditor":{"level":"available","summary":"All dependencies are available"},"dataViewFieldEditor":{"level":"available","summary":"All dependencies are available"},"ecsDataQualityDashboard":{"level":"available","summary":"All dependencies are available"},"fileUpload":{"level":"available","summary":"All dependencies are available"},"filesManagement":{"level":"available","summary":"All dependencies are available"},"licenseManagement":{"level":"available","summary":"All dependencies are available"},"savedObjects":{"level":"available","summary":"All dependencies are available"},"telemetryManagementSection":{"level":"available","summary":"All dependencies are available"},"ingestPipelines":{"level":"available","summary":"All dependencies are available"},"notifications":{"level":"available","summary":"All dependencies are available"},"savedObjectsTaggingOss":{"level":"available","summary":"All dependencies are available"},"watcher":{"level":"available","summary":"All dependencies are available"},"savedObjectsManagement":{"level":"available","summary":"All dependencies are available"},"savedObjectsTagging":{"level":"available","summary":"All dependencies are available"},"embeddable":{"level":"available","summary":"All dependencies are available"},"globalSearchBar":{"level":"available","summary":"All dependencies are available"},"unifiedSearch":{"level":"available","summary":"All dependencies are available"},"dataViewManagement":{"level":"available","summary":"All dependencies are available"},"imageEmbeddable":{"level":"available","summary":"All dependencies are available"},"navigation":{"level":"available","summary":"All dependencies are available"},"presentationUtil":{"level":"available","summary":"All dependencies are available"},"savedSearch":{"level":"available","summary":"All dependencies are available"},"uiActionsEnhanced":{"level":"available","summary":"All dependencies are available"},"controls":{"level":"available","summary":"All dependencies are available"},"embeddableEnhanced":{"level":"available","summary":"All dependencies are available"},"expressionError":{"level":"available","summary":"All dependencies are available"},"expressionImage":{"level":"available","summary":"All dependencies are available"},"expressionMetric":{"level":"available","summary":"All dependencies are available"},"expressionRepeatImage":{"level":"available","summary":"All dependencies are available"},"expressionRevealImage":{"level":"available","summary":"All dependencies are available"},"expressionShape":{"level":"available","summary":"All dependencies are available"},"graph":{"level":"available","summary":"All dependencies are available"},"kibanaOverview":{"level":"available","summary":"All dependencies are available"},"urlDrilldown":{"level":"available","summary":"All dependencies are available"},"visualizations":{"level":"available","summary":"All dependencies are available"},"dashboard":{"level":"available","summary":"All dependencies are available"},"eventAnnotation":{"level":"available","summary":"All dependencies are available"},"expressionGauge":{"level":"available","summary":"All dependencies are available"},"expressionHeatmap":{"level":"available","summary":"All dependencies are available"},"expressionLegacyMetricVis":{"level":"available","summary":"All dependencies are available"},"expressionMetricVis":{"level":"available","summary":"All dependencies are available"},"expressionPartitionVis":{"level":"available","summary":"All dependencies are available"},"expressionTagcloud":{"level":"available","summary":"All dependencies are available"},"visDefaultEditor":{"level":"available","summary":"All dependencies are available"},"visTypeHeatmap":{"level":"available","summary":"All dependencies are available"},"visTypeMarkdown":{"level":"available","summary":"All dependencies are available"},"visTypeMetric":{"level":"available","summary":"All dependencies are available"},"visTypeTable":{"level":"available","summary":"All dependencies are available"},"visTypeTagcloud":{"level":"available","summary":"All dependencies are available"},"visTypeTimelion":{"level":"available","summary":"All dependencies are available"},"visTypeTimeseries":{"level":"available","summary":"All dependencies are available"},"visTypeVega":{"level":"available","summary":"All dependencies are available"},"visTypeVislib":{"level":"available","summary":"All dependencies are available"},"visTypeXy":{"level":"available","summary":"All dependencies are available"},"dashboardEnhanced":{"level":"available","summary":"All dependencies are available"},"expressionXY":{"level":"available","summary":"All dependencies are available"},"inputControlVis":{"level":"available","summary":"All dependencies are available"},"triggersActionsUi":{"level":"available","summary":"All dependencies are available"},"visTypeGauge":{"level":"available","summary":"All dependencies are available"},"visTypePie":{"level":"available","summary":"All dependencies are available"},"lens":{"level":"available","summary":"All dependencies are available"},"ruleRegistry":{"level":"available","summary":"All dependencies are available"},"stackAlerts":{"level":"available","summary":"All dependencies are available"},"stackConnectors":{"level":"available","summary":"All dependencies are available"},"transform":{"level":"available","summary":"All dependencies are available"},"cases":{"level":"available","summary":"All dependencies are available"},"discover":{"level":"available","summary":"All dependencies are available"},"maps":{"level":"available","summary":"All dependencies are available"},"aiops":{"level":"available","summary":"All dependencies are available"},"dataVisualizer":{"level":"available","summary":"All dependencies are available"},"discoverEnhanced":{"level":"available","summary":"All dependencies are available"},"observabilityShared":{"level":"available","summary":"All dependencies are available"},"reporting":{"level":"available","summary":"All dependencies are available"},"threatIntelligence":{"level":"available","summary":"All dependencies are available"},"timelines":{"level":"available","summary":"All dependencies are available"},"canvas":{"level":"available","summary":"All dependencies are available"},"cloudSecurityPosture":{"level":"available","summary":"All dependencies are available"},"discoverLogExplorer":{"level":"available","summary":"All dependencies are available"},"indexManagement":{"level":"available","summary":"All dependencies are available"},"ml":{"level":"available","summary":"All dependencies are available"},"observabilityAIAssistant":{"level":"available","summary":"All dependencies are available"},"osquery":{"level":"available","summary":"All dependencies are available"},"sessionView":{"level":"available","summary":"All dependencies are available"},"exploratoryView":{"level":"available","summary":"All dependencies are available"},"indexLifecycleManagement":{"level":"available","summary":"All dependencies are available"},"kubernetesSecurity":{"level":"available","summary":"All dependencies are available"},"logsShared":{"level":"available","summary":"All dependencies are available"},"remoteClusters":{"level":"available","summary":"All dependencies are available"},"rollup":{"level":"available","summary":"All dependencies are available"},"cloudDefend":{"level":"available","summary":"All dependencies are available"},"crossClusterReplication":{"level":"available","summary":"All dependencies are available"},"enterpriseSearch":{"level":"available","summary":"All dependencies are available"},"observability":{"level":"available","summary":"All dependencies are available"},"infra":{"level":"available","summary":"All dependencies are available"},"observabilityOnboarding":{"level":"available","summary":"All dependencies are available"},"securitySolution":{"level":"available","summary":"All dependencies are available"},"synthetics":{"level":"available","summary":"All dependencies are available"},"uptime":{"level":"available","summary":"All dependencies are available"},"apm":{"level":"available","summary":"All dependencies are available"},"monitoring":{"level":"available","summary":"All dependencies are available"},"securitySolutionEss":{"level":"available","summary":"All dependencies are available"},"upgradeAssistant":{"level":"available","summary":"All dependencies are available"},"logstash":{"level":"available","summary":"All dependencies are available"},"ux":{"level":"available","summary":"All dependencies are available"},"alerting":{"level":"available","summary":"Alerting is (probably) ready"},"fleet":{"level":"available","summary":"Fleet is available"},"assetManager":{"level":"available","summary":"All dependencies are available"},"bfetch":{"level":"available","summary":"All dependencies are available"},"cloudChatProvider":{"level":"available","summary":"All dependencies are available"},"contentManagement":{"level":"available","summary":"All dependencies are available"},"customIntegrations":{"level":"available","summary":"All dependencies are available"},"esUiShared":{"level":"available","summary":"All dependencies are available"},"expressions":{"level":"available","summary":"All dependencies are available"},"fieldFormats":{"level":"available","summary":"All dependencies are available"},"ftrApis":{"level":"available","summary":"All dependencies are available"},"kibanaReact":{"level":"available","summary":"All dependencies are available"},"kibanaUtils":{"level":"available","summary":"All dependencies are available"},"licenseApiGuard":{"level":"available","summary":"All dependencies are available"},"monitoringCollection":{"level":"available","summary":"All dependencies are available"},"runtimeFields":{"level":"available","summary":"All dependencies are available"},"savedObjectsFinder":{"level":"available","summary":"All dependencies are available"},"screenshotMode":{"level":"available","summary":"All dependencies are available"},"share":{"level":"available","summary":"All dependencies are available"},"textBasedLanguages":{"level":"available","summary":"All dependencies are available"},"translations":{"level":"available","summary":"All dependencies are available"},"unifiedHistogram":{"level":"available","summary":"All dependencies are available"},"urlForwarding":{"level":"available","summary":"All dependencies are available"},"charts":{"level":"available","summary":"All dependencies are available"},"devTools":{"level":"available","summary":"All dependencies are available"},"inspector":{"level":"available","summary":"All dependencies are available"},"newsfeed":{"level":"available","summary":"All dependencies are available"},"usageCollection":{"level":"available","summary":"All dependencies are available"},"cloud":{"level":"available","summary":"All dependencies are available"},"dataViews":{"level":"available","summary":"All dependencies are available"},"kibanaUsageCollection":{"level":"available","summary":"All dependencies are available"},"telemetryCollectionManager":{"level":"available","summary":"All dependencies are available"},"screenshotting":{"level":"available","summary":"All dependencies are available"},"telemetryCollectionXpack":{"level":"available","summary":"All dependencies are available"},"uiActions":{"level":"available","summary":"All dependencies are available"},"taskManager":{"level":"available","summary":"All dependencies are available"}}},"metrics":{"last_updated":"2023-11-27T19:51:49.728Z","collection_interval_in_millis":5000,"os":{"platform":"linux","platformRelease":"linux-5.19.0-50-generic","load":{"1m":0.86,"5m":0.88,"15m":1.01},"memory":{"total_in_bytes":33358274560,"free_in_bytes":16886738944,"used_in_bytes":16471535616},"uptime_in_millis":1455617740,"distro":"Ubuntu","distroRelease":"Ubuntu-20.04","cpu":{"cfs_quota_micros":-1,"cfs_period_micros":100000,"control_group":"/","stat":{"number_of_elapsed_periods":0,"number_of_times_throttled":0,"time_throttled_nanos":0}},"cpuacct":{"control_group":"/","usage_nanos":129635956}},"process":{"memory":{"heap":{"total_in_bytes":379478016,"used_in_bytes":307482584,"size_limit":4345298944},"resident_set_size_in_bytes":610041856},"pid":7,"event_loop_delay":10.180566204081632,"event_loop_delay_histogram":{"min":9.09312,"max":14.802943,"mean":10.180566204081632,"exceeds":0,"stddev":0.3563497155805315,"fromTimestamp":"2023-11-27T19:51:44.728Z","lastUpdatedAt":"2023-11-27T19:51:49.726Z","percentiles":{"50":10.174463,"75":10.239999,"95":10.428415,"99":10.625023}},"event_loop_utilization":{"active":60.17837201897055,"idle":4938.283816999756,"utilization":0.012039377261106075},"uptime_in_millis":4041872.0336269997},"processes":[{"memory":{"heap":{"total_in_bytes":379478016,"used_in_bytes":307482584,"size_limit":4345298944},"resident_set_size_in_bytes":610041856},"pid":7,"event_loop_delay":10.180566204081632,"event_loop_delay_histogram":{"min":9.09312,"max":14.802943,"mean":10.180566204081632,"exceeds":0,"stddev":0.3563497155805315,"fromTimestamp":"2023-11-27T19:51:44.728Z","lastUpdatedAt":"2023-11-27T19:51:49.726Z","percentiles":{"50":10.174463,"75":10.239999,"95":10.428415,"99":10.625023}},"event_loop_utilization":{"active":60.17837201897055,"idle":4938.283816999756,"utilization":0.012039377261106075},"uptime_in_millis":4041872.0336269997}],"response_times":{"avg_in_millis":9,"max_in_millis":9},"concurrent_connections":0,"requests":{"disconnects":0,"total":1,"statusCodes":{"200":1},"status_codes":{"200":1}},"elasticsearch_client":{"totalActiveSockets":0,"totalIdleSockets":3,"totalQueuedRequests":0}}}' + headers: + Cache-Control: + - private, no-cache, no-store, must-revalidate + Connection: + - keep-alive + Content-Security-Policy: + - 'script-src ''self''; worker-src blob: ''self''; style-src ''unsafe-inline'' ''self''' + Content-Type: + - application/json; charset=utf-8 + Cross-Origin-Opener-Policy: + - same-origin + Date: + - Mon, 27 Nov 2023 19:51:54 GMT + Kbn-License-Sig: + - f0ae7ae108395463da89bade52208713b4111c97704925e60abb2bef6dd69cfd + Kbn-Name: + - kibana + Keep-Alive: + - timeout=120 + Permissions-Policy: + - camera=(), display-capture=(), fullscreen=(self), geolocation=(), microphone=(), web-share=() + Referrer-Policy: + - no-referrer-when-downgrade + Vary: + - accept-encoding + X-Content-Type-Options: + - nosniff + status: 200 OK + code: 200 + duration: 24.268951ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 354 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "--d231f05799994258c4fcd91ad70a8f7fc43274e388c409f83302bde62018\r\nContent-Disposition: form-data; name=\"file\"; filename=\"file.ndjson\"\r\nContent-Type: application/octet-stream\r\n\r\n{\"attributes\":{\"title\":\"Empty Dashboard\"},\"id\":\"test-managed-saved-objects\",\"managed\":true,\"type\":\"dashboard\"}\n\r\n--d231f05799994258c4fcd91ad70a8f7fc43274e388c409f83302bde62018--\r\n" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + Content-Type: + - multipart/form-data; boundary=d231f05799994258c4fcd91ad70a8f7fc43274e388c409f83302bde62018 + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/saved_objects/_import + method: POST + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 193 + uncompressed: false + body: '{"successCount":1,"success":true,"warnings":[],"successResults":[{"type":"dashboard","id":"test-managed-saved-objects","meta":{"title":"Empty Dashboard","icon":"dashboardApp"},"managed":true}]}' + headers: + Cache-Control: + - private, no-cache, no-store, must-revalidate + Connection: + - keep-alive + Content-Length: + - "193" + Content-Security-Policy: + - 'script-src ''self''; worker-src blob: ''self''; style-src ''unsafe-inline'' ''self''' + Content-Type: + - application/json; charset=utf-8 + Cross-Origin-Opener-Policy: + - same-origin + Date: + - Mon, 27 Nov 2023 19:51:54 GMT + Kbn-License-Sig: + - f0ae7ae108395463da89bade52208713b4111c97704925e60abb2bef6dd69cfd + Kbn-Name: + - kibana + Keep-Alive: + - timeout=120 + Permissions-Policy: + - camera=(), display-capture=(), fullscreen=(self), geolocation=(), microphone=(), web-share=() + Referrer-Policy: + - no-referrer-when-downgrade + X-Content-Type-Options: + - nosniff + status: 200 OK + code: 200 + duration: 413.5013ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 126 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: '{"excludeExportDetails":true,"includeReferencesDeep":false,"objects":[{"id":"test-managed-saved-objects","type":"dashboard"}]}' + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/saved_objects/_export + method: POST + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 311 + uncompressed: false + body: '{"attributes":{"panelsJSON":"[]","title":"Empty Dashboard"},"coreMigrationVersion":"8.8.0","created_at":"2023-11-27T19:51:54.274Z","id":"test-managed-saved-objects","managed":true,"references":[],"type":"dashboard","typeMigrationVersion":"8.9.0","updated_at":"2023-11-27T19:51:54.274Z","version":"WzEwOSwxXQ=="}' + headers: + Cache-Control: + - private, no-cache, no-store, must-revalidate + Connection: + - keep-alive + Content-Disposition: + - attachment; filename="export.ndjson" + Content-Length: + - "311" + Content-Security-Policy: + - 'script-src ''self''; worker-src blob: ''self''; style-src ''unsafe-inline'' ''self''' + Content-Type: + - application/ndjson + Cross-Origin-Opener-Policy: + - same-origin + Date: + - Mon, 27 Nov 2023 19:51:54 GMT + Kbn-License-Sig: + - f0ae7ae108395463da89bade52208713b4111c97704925e60abb2bef6dd69cfd + Kbn-Name: + - kibana + Keep-Alive: + - timeout=120 + Permissions-Policy: + - camera=(), display-capture=(), fullscreen=(self), geolocation=(), microphone=(), web-share=() + Referrer-Policy: + - no-referrer-when-downgrade + X-Content-Type-Options: + - nosniff + status: 200 OK + code: 200 + duration: 9.351776ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 126 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: '{"excludeExportDetails":true,"includeReferencesDeep":false,"objects":[{"id":"test-managed-saved-objects","type":"dashboard"}]}' + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/saved_objects/_export + method: POST + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 311 + uncompressed: false + body: '{"attributes":{"panelsJSON":"[]","title":"Empty Dashboard"},"coreMigrationVersion":"8.8.0","created_at":"2023-11-27T19:51:54.274Z","id":"test-managed-saved-objects","managed":true,"references":[],"type":"dashboard","typeMigrationVersion":"8.9.0","updated_at":"2023-11-27T19:51:54.274Z","version":"WzEwOSwxXQ=="}' + headers: + Cache-Control: + - private, no-cache, no-store, must-revalidate + Connection: + - keep-alive + Content-Disposition: + - attachment; filename="export.ndjson" + Content-Length: + - "311" + Content-Security-Policy: + - 'script-src ''self''; worker-src blob: ''self''; style-src ''unsafe-inline'' ''self''' + Content-Type: + - application/ndjson + Cross-Origin-Opener-Policy: + - same-origin + Date: + - Mon, 27 Nov 2023 19:51:54 GMT + Kbn-License-Sig: + - f0ae7ae108395463da89bade52208713b4111c97704925e60abb2bef6dd69cfd + Kbn-Name: + - kibana + Keep-Alive: + - timeout=120 + Permissions-Policy: + - camera=(), display-capture=(), fullscreen=(self), geolocation=(), microphone=(), web-share=() + Referrer-Policy: + - no-referrer-when-downgrade + X-Content-Type-Options: + - nosniff + status: 200 OK + code: 200 + duration: 11.463758ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 556 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "--c4e5110eb103302fdb764571df144ade179ba6a78acdc763675124626e89\r\nContent-Disposition: form-data; name=\"file\"; filename=\"file.ndjson\"\r\nContent-Type: application/octet-stream\r\n\r\n{\"attributes\":{\"panelsJSON\":\"[]\",\"title\":\"Empty Dashboard\"},\"coreMigrationVersion\":\"8.8.0\",\"created_at\":\"2023-11-27T19:51:54.274Z\",\"id\":\"test-managed-saved-objects\",\"managed\":false,\"references\":[],\"type\":\"dashboard\",\"typeMigrationVersion\":\"8.9.0\",\"updated_at\":\"2023-11-27T19:51:54.274Z\",\"version\":\"WzEwOSwxXQ==\"}\n\r\n--c4e5110eb103302fdb764571df144ade179ba6a78acdc763675124626e89--\r\n" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + Content-Type: + - multipart/form-data; boundary=c4e5110eb103302fdb764571df144ade179ba6a78acdc763675124626e89 + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/saved_objects/_import?overwrite=true + method: POST + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 211 + uncompressed: false + body: '{"successCount":1,"success":true,"warnings":[],"successResults":[{"type":"dashboard","id":"test-managed-saved-objects","meta":{"title":"Empty Dashboard","icon":"dashboardApp"},"managed":false,"overwrite":true}]}' + headers: + Cache-Control: + - private, no-cache, no-store, must-revalidate + Connection: + - keep-alive + Content-Length: + - "211" + Content-Security-Policy: + - 'script-src ''self''; worker-src blob: ''self''; style-src ''unsafe-inline'' ''self''' + Content-Type: + - application/json; charset=utf-8 + Cross-Origin-Opener-Policy: + - same-origin + Date: + - Mon, 27 Nov 2023 19:51:55 GMT + Kbn-License-Sig: + - f0ae7ae108395463da89bade52208713b4111c97704925e60abb2bef6dd69cfd + Kbn-Name: + - kibana + Keep-Alive: + - timeout=120 + Permissions-Policy: + - camera=(), display-capture=(), fullscreen=(self), geolocation=(), microphone=(), web-share=() + Referrer-Policy: + - no-referrer-when-downgrade + X-Content-Type-Options: + - nosniff + status: 200 OK + code: 200 + duration: 987.517416ms + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 126 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: '{"excludeExportDetails":true,"includeReferencesDeep":false,"objects":[{"id":"test-managed-saved-objects","type":"dashboard"}]}' + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/saved_objects/_export + method: POST + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 312 + uncompressed: false + body: '{"attributes":{"panelsJSON":"[]","title":"Empty Dashboard"},"coreMigrationVersion":"8.8.0","created_at":"2023-11-27T19:51:54.697Z","id":"test-managed-saved-objects","managed":false,"references":[],"type":"dashboard","typeMigrationVersion":"8.9.0","updated_at":"2023-11-27T19:51:54.697Z","version":"WzExMCwxXQ=="}' + headers: + Cache-Control: + - private, no-cache, no-store, must-revalidate + Connection: + - keep-alive + Content-Disposition: + - attachment; filename="export.ndjson" + Content-Length: + - "312" + Content-Security-Policy: + - 'script-src ''self''; worker-src blob: ''self''; style-src ''unsafe-inline'' ''self''' + Content-Type: + - application/ndjson + Cross-Origin-Opener-Policy: + - same-origin + Date: + - Mon, 27 Nov 2023 19:51:55 GMT + Kbn-License-Sig: + - f0ae7ae108395463da89bade52208713b4111c97704925e60abb2bef6dd69cfd + Kbn-Name: + - kibana + Keep-Alive: + - timeout=120 + Permissions-Policy: + - camera=(), display-capture=(), fullscreen=(self), geolocation=(), microphone=(), web-share=() + Referrer-Policy: + - no-referrer-when-downgrade + X-Content-Type-Options: + - nosniff + status: 200 OK + code: 200 + duration: 8.412405ms + - id: 6 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: 127.0.0.1:5601 + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Authorization: + - Basic ZWxhc3RpYzpjaGFuZ2VtZQ== + Content-Type: + - application/json + Kbn-Xsrf: + - 8.10.1 + url: https://127.0.0.1:5601/api/saved_objects/dashboard/test-managed-saved-objects + method: DELETE + response: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + transfer_encoding: [] + trailer: {} + content_length: 2 + uncompressed: false + body: '{}' + headers: + Cache-Control: + - private, no-cache, no-store, must-revalidate + Connection: + - keep-alive + Content-Length: + - "2" + Content-Security-Policy: + - 'script-src ''self''; worker-src blob: ''self''; style-src ''unsafe-inline'' ''self''' + Content-Type: + - application/json; charset=utf-8 + Cross-Origin-Opener-Policy: + - same-origin + Date: + - Mon, 27 Nov 2023 19:51:56 GMT + Kbn-License-Sig: + - f0ae7ae108395463da89bade52208713b4111c97704925e60abb2bef6dd69cfd + Kbn-Name: + - kibana + Keep-Alive: + - timeout=120 + Permissions-Policy: + - camera=(), display-capture=(), fullscreen=(self), geolocation=(), microphone=(), web-share=() + Referrer-Policy: + - no-referrer-when-downgrade + X-Content-Type-Options: + - nosniff + status: 200 OK + code: 200 + duration: 1.002249614s