-
-
Save vinothnw/f7170e1aab4ef43edb8fb59ca23ad2dd to your computer and use it in GitHub Desktop.
I got this log from the location var/log/filebeat and I done sort by last modified and got the file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{"log.level":"info","@timestamp":"2022-02-22T12:32:12.097+0530","log.origin":{"file.name":"instance/beat.go","file.line":679},"message":"Home path: [/usr/share/filebeat] Config path: [/etc/filebeat] Data path: [/var/lib/filebeat] Logs path: [/var/log/filebeat]","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:12.098+0530","log.logger":"beat","log.origin":{"file.name":"instance/beat.go","file.line":737},"message":"Beat metadata path: /var/lib/filebeat/meta.json","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:12.098+0530","log.origin":{"file.name":"instance/beat.go","file.line":687},"message":"Beat ID: e7ebe7ac-88da-4bdb-9fe7-d02e1ada5f7f","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:12.099+0530","log.logger":"conditions","log.origin":{"file.name":"conditions/conditions.go","file.line":98},"message":"New condition contains: map[]","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:12.099+0530","log.logger":"conditions","log.origin":{"file.name":"conditions/conditions.go","file.line":98},"message":"New condition !contains: map[]","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"warn","@timestamp":"2022-02-22T12:32:15.101+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/provider_aws_ec2.go","file.line":80},"message":"read token request for getting IMDSv2 token returns empty: Put \"http://169.254.169.254/latest/api/token\": context deadline exceeded (Client.Timeout exceeded while awaiting headers). No token in the metadata request will be used.","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.101+0530","log.logger":"docker","log.origin":{"file.name":"docker/client.go","file.line":49},"message":"Docker client will negotiate the API version on the first request.","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.101+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/providers.go","file.line":129},"message":"add_cloud_metadata: starting to fetch metadata, timeout=3s","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.101+0530","log.logger":"add_docker_metadata","log.origin":{"file.name":"add_docker_metadata/add_docker_metadata.go","file.line":88},"message":"add_docker_metadata: docker environment not detected: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.101+0530","log.logger":"kubernetes","log.origin":{"file.name":"add_kubernetes_metadata/kubernetes.go","file.line":147},"message":"Could not create kubernetes client using in_cluster config: unable to build kube config due to error: invalid configuration: no configuration has been provided, try setting KUBERNETES_MASTER environment variable","service.name":"filebeat","libbeat.processor":"add_kubernetes_metadata","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/providers.go","file.line":166},"message":"add_cloud_metadata: received disposition for huawei after 67.89637ms. result=[provider:huawei, error=failed requesting huawei metadata: Get \"http://169.254.169.254/openstack/latest/meta_data.json\": dial tcp 169.254.169.254:80: connect: no route to host, metadata={}]","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/providers.go","file.line":166},"message":"add_cloud_metadata: received disposition for azure after 67.991454ms. result=[provider:azure, error=failed requesting azure metadata: Get \"http://169.254.169.254/metadata/instance/compute?api-version=2017-04-02\": dial tcp 169.254.169.254:80: connect: no route to host, metadata={}]","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/providers.go","file.line":166},"message":"add_cloud_metadata: received disposition for openstack after 68.024996ms. result=[provider:openstack, error=failed requesting openstack metadata: Get \"https://169.254.169.254/2009-04-04/meta-data/instance-id\": dial tcp 169.254.169.254:443: connect: no route to host, metadata={}]","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/providers.go","file.line":166},"message":"add_cloud_metadata: received disposition for gcp after 68.049967ms. result=[provider:gcp, error=failed requesting gcp metadata: Get \"http://169.254.169.254/computeMetadata/v1/?recursive=true&alt=json\": dial tcp 169.254.169.254:80: connect: no route to host, metadata={}]","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/providers.go","file.line":166},"message":"add_cloud_metadata: received disposition for aws after 68.062612ms. result=[provider:aws, error=failed requesting aws metadata: Get \"http://169.254.169.254/2014-02-25/dynamic/instance-identity/document\": dial tcp 169.254.169.254:80: connect: no route to host, metadata={}]","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/providers.go","file.line":166},"message":"add_cloud_metadata: received disposition for openstack after 68.076076ms. result=[provider:openstack, error=failed requesting openstack metadata: Get \"http://169.254.169.254/2009-04-04/meta-data/hostname\": dial tcp 169.254.169.254:80: connect: no route to host, metadata={}]","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/providers.go","file.line":166},"message":"add_cloud_metadata: received disposition for digitalocean after 68.086669ms. result=[provider:digitalocean, error=failed requesting digitalocean metadata: Get \"http://169.254.169.254/metadata/v1.json\": dial tcp 169.254.169.254:80: connect: no route to host, metadata={}]","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/providers.go","file.line":132},"message":"add_cloud_metadata: fetchMetadata ran for 68.097549ms","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"add_cloud_metadata","log.origin":{"file.name":"add_cloud_metadata/add_cloud_metadata.go","file.line":101},"message":"add_cloud_metadata: hosting provider type not detected.","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"processors","log.origin":{"file.name":"processors/processor.go","file.line":120},"message":"Generated new processors: add_host_metadata=[netinfo.enabled=[true], cache.ttl=[5m0s]], condition=!contains: map[], add_cloud_metadata={}, add_docker_metadata=[match_fields=[] match_pids=[process.pid, process.parent.pid]], add_kubernetes_metadata","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"seccomp","log.origin":{"file.name":"seccomp/seccomp.go","file.line":117},"message":"Loading syscall filter","service.name":"filebeat","seccomp_filter":{"no_new_privs":true,"flag":"tsync","policy":{"default_action":"errno","syscalls":[{"names":["accept","accept4","access","arch_prctl","bind","brk","chmod","chown","clock_gettime","clone","clone3","close","connect","dup","dup2","epoll_create","epoll_create1","epoll_ctl","epoll_pwait","epoll_wait","exit","exit_group","fchdir","fchmod","fchmodat","fchown","fchownat","fcntl","fdatasync","flock","fstat","fstatfs","fsync","ftruncate","futex","getcwd","getdents","getdents64","geteuid","getgid","getpeername","getpid","getppid","getrandom","getrlimit","getrusage","getsockname","getsockopt","gettid","gettimeofday","getuid","inotify_add_watch","inotify_init1","inotify_rm_watch","ioctl","kill","listen","lseek","lstat","madvise","mincore","mkdirat","mmap","mprotect","munmap","nanosleep","newfstatat","open","openat","pipe","pipe2","poll","ppoll","pread64","pselect6","pwrite64","read","readlink","readlinkat","recvfrom","recvmmsg","recvmsg","rename","renameat","rt_sigaction","rt_sigprocmask","rt_sigreturn","sched_getaffinity","sched_yield","sendfile","sendmmsg","sendmsg","sendto","set_robust_list","setitimer","setsockopt","shutdown","sigaltstack","socket","splice","stat","statfs","sysinfo","tgkill","time","tkill","uname","unlink","unlinkat","wait4","waitid","write","writev"],"action":"allow"}]}},"ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"seccomp","log.origin":{"file.name":"seccomp/seccomp.go","file.line":124},"message":"Syscall filter successfully installed","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"beat","log.origin":{"file.name":"instance/beat.go","file.line":1050},"message":"Beat info","service.name":"filebeat","system_info":{"beat":{"path":{"config":"/etc/filebeat","data":"/var/lib/filebeat","home":"/usr/share/filebeat","logs":"/var/log/filebeat"},"type":"filebeat","uuid":"e7ebe7ac-88da-4bdb-9fe7-d02e1ada5f7f"},"ecs.version":"1.6.0"}} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"beat","log.origin":{"file.name":"instance/beat.go","file.line":1059},"message":"Build info","service.name":"filebeat","system_info":{"build":{"commit":"2ab3a7334016f570e0bfc7e9a577a35a22e02df5","libbeat":"8.0.0","time":"2022-02-03T18:02:05.000Z","version":"8.0.0"},"ecs.version":"1.6.0"}} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.169+0530","log.logger":"beat","log.origin":{"file.name":"instance/beat.go","file.line":1062},"message":"Go runtime info","service.name":"filebeat","system_info":{"go":{"os":"linux","arch":"amd64","max_procs":6,"version":"go1.17.6"},"ecs.version":"1.6.0"}} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.170+0530","log.logger":"beat","log.origin":{"file.name":"instance/beat.go","file.line":1066},"message":"Host info","service.name":"filebeat","system_info":{"host":{"architecture":"x86_64","boot_time":"2022-02-16T06:56:21+05:30","containerized":false,"name":"ZSCHN01DSK0002L","ip":["127.0.0.1/8","::1/128","192.168.0.65/24","fe80::c53e:91e0:559a:d6b/64"],"kernel_version":"5.13.0-28-generic","mac":["8c:ec:4b:d2:e1:c0"],"os":{"type":"linux","family":"debian","platform":"ubuntu","name":"Ubuntu","version":"20.04.3 LTS (Focal Fossa)","major":20,"minor":4,"patch":3,"codename":"focal"},"timezone":"IST","timezone_offset_sec":19800,"id":"7df4b585356b45c8aab672fcc50c8e37"},"ecs.version":"1.6.0"}} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.170+0530","log.logger":"beat","log.origin":{"file.name":"instance/beat.go","file.line":1095},"message":"Process info","service.name":"filebeat","system_info":{"process":{"capabilities":{"inheritable":null,"permitted":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend","audit_read","38","39","40"],"effective":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend","audit_read","38","39","40"],"bounding":["chown","dac_override","dac_read_search","fowner","fsetid","kill","setgid","setuid","setpcap","linux_immutable","net_bind_service","net_broadcast","net_admin","net_raw","ipc_lock","ipc_owner","sys_module","sys_rawio","sys_chroot","sys_ptrace","sys_pacct","sys_admin","sys_boot","sys_nice","sys_resource","sys_time","sys_tty_config","mknod","lease","audit_write","audit_control","setfcap","mac_override","mac_admin","syslog","wake_alarm","block_suspend","audit_read","38","39","40"],"ambient":null},"cwd":"/","exe":"/usr/share/filebeat/bin/filebeat","name":"filebeat","pid":3110103,"ppid":1,"seccomp":{"mode":"filter","no_new_privs":true},"start_time":"2022-02-22T12:32:11.040+0530"},"ecs.version":"1.6.0"}} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.170+0530","log.origin":{"file.name":"instance/beat.go","file.line":332},"message":"Setup Beat: filebeat; Version: 8.0.0","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.170+0530","log.logger":"beat","log.origin":{"file.name":"instance/beat.go","file.line":360},"message":"Initializing output plugins","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.171+0530","log.logger":"esclientleg","log.origin":{"file.name":"eslegclient/connection.go","file.line":105},"message":"elasticsearch url: http://192.168.0.65:9200","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.171+0530","log.logger":"publisher","log.origin":{"file.name":"pipeline/consumer.go","file.line":98},"message":"start pipeline event consumer","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.171+0530","log.logger":"publisher","log.origin":{"file.name":"pipeline/module.go","file.line":113},"message":"Beat name: ZSCHN01DSK0002L","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.171+0530","log.logger":"publisher","log.origin":{"file.name":"pipeline/queue_reader.go","file.line":48},"message":"pipeline event consumer queue reader: start","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.171+0530","log.origin":{"file.name":"fileset/modules.go","file.line":103},"message":"Enabled modules/filesets: ()","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.171+0530","log.origin":{"file.name":"instance/beat.go","file.line":498},"message":"filebeat start running.","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.171+0530","log.logger":"monitoring","log.origin":{"file.name":"log/log.go","file.line":142},"message":"Starting metrics logging every 30s","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.171+0530","log.logger":"test","log.origin":{"file.name":"registrar/migrate.go","file.line":304},"message":"isFile(/var/lib/filebeat/registry) -> false","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.171+0530","log.logger":"test","log.origin":{"file.name":"registrar/migrate.go","file.line":304},"message":"isFile() -> false","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.171+0530","log.logger":"test","log.origin":{"file.name":"registrar/migrate.go","file.line":297},"message":"isDir(/var/lib/filebeat/registry/filebeat) -> true","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.171+0530","log.logger":"test","log.origin":{"file.name":"registrar/migrate.go","file.line":304},"message":"isFile(/var/lib/filebeat/registry/filebeat/meta.json) -> true","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.171+0530","log.logger":"registrar","log.origin":{"file.name":"registrar/migrate.go","file.line":84},"message":"Registry type '1' found","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.171+0530","log.origin":{"file.name":"memlog/store.go","file.line":119},"message":"Loading data file of '/var/lib/filebeat/registry/filebeat' succeeded. Active transaction id=0","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.171+0530","log.origin":{"file.name":"memlog/store.go","file.line":124},"message":"Finished loading transaction log file for '/var/lib/filebeat/registry/filebeat'. Active transaction id=0","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/transform_registry.go","file.line":75},"message":"Register transform request:append","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/transform_registry.go","file.line":75},"message":"Register transform request:delete","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/transform_registry.go","file.line":75},"message":"Register transform request:set","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/transform_registry.go","file.line":75},"message":"Register transform response:append","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/transform_registry.go","file.line":75},"message":"Register transform response:delete","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/transform_registry.go","file.line":75},"message":"Register transform response:set","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/transform_registry.go","file.line":75},"message":"Register transform pagination:append","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/transform_registry.go","file.line":75},"message":"Register transform pagination:delete","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/transform_registry.go","file.line":75},"message":"Register transform pagination:set","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/encoding.go","file.line":82},"message":"<nil>","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/encoding.go","file.line":83},"message":"<nil>","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/encoding.go","file.line":88},"message":"<nil>","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/encoding.go","file.line":89},"message":"<nil>","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"httpjson.transforms","log.origin":{"file.name":"httpjson/encoding.go","file.line":90},"message":"<nil>","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"registrar","log.origin":{"file.name":"registrar/registrar.go","file.line":109},"message":"States Loaded from registrar: 0","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"crawler","log.origin":{"file.name":"beater/crawler.go","file.line":71},"message":"Loading Inputs: 1","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"cfgfile","log.origin":{"file.name":"cfgfile/reload.go","file.line":132},"message":"Checking module configs from: /etc/filebeat/modules.d/*.yml","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"registrar","log.origin":{"file.name":"registrar/registrar.go","file.line":140},"message":"Starting Registrar","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"cfgfile","log.origin":{"file.name":"cfgfile/cfgfile.go","file.line":193},"message":"Load config from file: /etc/filebeat/modules.d/fortinet.yml","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"cfgfile","log.origin":{"file.name":"cfgfile/cfgfile.go","file.line":193},"message":"Load config from file: /etc/filebeat/modules.d/system.yml","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.172+0530","log.logger":"cfgfile","log.origin":{"file.name":"cfgfile/reload.go","file.line":146},"message":"Number of module configs found: 2","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.173+0530","log.origin":{"file.name":"fileset/modules.go","file.line":103},"message":"Enabled modules/filesets: fortinet (clientendpoint, firewall)","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.174+0530","log.origin":{"file.name":"fileset/modules.go","file.line":103},"message":"Enabled modules/filesets: system ()","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.174+0530","log.origin":{"file.name":"beater/crawler.go","file.line":148},"message":"Stopping Crawler","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.174+0530","log.origin":{"file.name":"beater/crawler.go","file.line":158},"message":"Stopping 0 inputs","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.174+0530","log.origin":{"file.name":"beater/crawler.go","file.line":178},"message":"Crawler stopped","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.174+0530","log.logger":"registrar","log.origin":{"file.name":"registrar/registrar.go","file.line":132},"message":"Stopping Registrar","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.174+0530","log.logger":"registrar","log.origin":{"file.name":"registrar/registrar.go","file.line":166},"message":"Ending Registrar","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"debug","@timestamp":"2022-02-22T12:32:15.174+0530","log.logger":"registrar","log.origin":{"file.name":"registrar/registrar.go","file.line":167},"message":"Stopping Registrar","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.174+0530","log.logger":"registrar","log.origin":{"file.name":"registrar/registrar.go","file.line":137},"message":"Registrar stopped","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.176+0530","log.logger":"monitoring","log.origin":{"file.name":"log/log.go","file.line":192},"message":"Total metrics","service.name":"filebeat","monitoring":{"metrics":{"beat":{"cgroup":{"memory":{"id":"filebeat.service","mem":{"limit":{"bytes":9223372036854771712},"usage":{"bytes":44838912}}}},"cpu":{"system":{"ticks":30,"time":{"ms":38}},"total":{"ticks":110,"time":{"ms":118},"value":110},"user":{"ticks":80,"time":{"ms":80}}},"handles":{"limit":{"hard":524288,"soft":1024},"open":10},"info":{"ephemeral_id":"b2779d99-fd8b-406c-a238-7043e3f229e3","uptime":{"ms":3118},"version":"8.0.0"},"memstats":{"gc_next":17268960,"memory_alloc":13493432,"memory_sys":38093832,"memory_total":52241416,"rss":118251520},"runtime":{"goroutines":19}},"filebeat":{"events":{"active":0,"added":0,"done":0},"harvester":{"closed":0,"open_files":0,"running":0,"skipped":0,"started":0},"input":{"log":{"files":{"renamed":0,"truncated":0}},"netflow":{"flows":0,"packets":{"dropped":0,"received":0}}}},"libbeat":{"config":{"module":{"running":0,"starts":0,"stops":0},"reloads":0,"scans":0},"output":{"events":{"acked":0,"active":0,"batches":0,"dropped":0,"duplicates":0,"failed":0,"toomany":0,"total":0},"read":{"bytes":0,"errors":0},"type":"elasticsearch","write":{"bytes":0,"errors":0}},"pipeline":{"clients":0,"events":{"active":0,"dropped":0,"failed":0,"filtered":0,"published":0,"retry":0,"total":0},"queue":{"acked":0,"max_events":4096}}},"registrar":{"states":{"cleanup":0,"current":0,"update":0},"writes":{"fail":0,"success":0,"total":0}},"system":{"cpu":{"cores":6},"load":{"1":4.08,"15":3.69,"5":3.73,"norm":{"1":0.68,"15":0.615,"5":0.6217}}}},"ecs.version":"1.6.0"}} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.177+0530","log.logger":"monitoring","log.origin":{"file.name":"log/log.go","file.line":193},"message":"Uptime: 3.118559519s","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.177+0530","log.logger":"monitoring","log.origin":{"file.name":"log/log.go","file.line":160},"message":"Stopping metrics logging.","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"info","@timestamp":"2022-02-22T12:32:15.177+0530","log.origin":{"file.name":"instance/beat.go","file.line":504},"message":"filebeat stopped.","service.name":"filebeat","ecs.version":"1.6.0"} | |
{"log.level":"error","@timestamp":"2022-02-22T12:32:15.205+0530","log.origin":{"file.name":"instance/beat.go","file.line":1025},"message":"Exiting: Failed to start crawler: creating module reloader failed: could not create module registry for filesets: module system is configured but has no enabled filesets","service.name":"filebeat","ecs.version":"1.6.0"} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment