Facter 3 (cFacter) is recommended, and is the default. The output from Facter 3 is more structured and more stable than that of Facter 2, which makes for a much better experience with Factbeat and Elasticsearch.
If you really want to, you can configure the path to Facter, so you could point Factbeat at Facter 2 instead.
Pre-built binaries are availble for Windows and Linux (x86_64) on the releases page.
The downloads for both platforms contain:
- An example
- The Elasticsearch mapping template:
The Windows archive also contains two Powershell scripts, for registering and removing the Factbeat Windows service.
Factbeat was created in accordance with the Beats Developer Guide and thus uses the common build system. With the appropriate pre-requisites in place, you should be able to simply:
to get a
Factbeat ships with a containerized test suite.
The containerized test system requires that you have:
However you don't need to install Elasticsearch, Python etc. They are all packaged for you in Docker containers.
To run the suite, invoke:
- Convert percents to beats style ie. "83.3%" -> 0.833
- Improved mapping template.
- Your suggestions.