README ¶
Beats - Lightweight shippers for Elasticsearch & Logstash
The Beats are lightweight processes, written in Go, that you install on your servers to capture all sorts of operational data like logs, operating system metrics or network packet data, and to send it to Elasticsearch, either directly or via Logstash, so it can be visualized with Kibana.
This repository contains libbeat and all the officially supported Beats, in the following folders:
Folder | Description |
---|---|
libbeat | The Go framework for creating new Beats |
Topbeat | Like 'top' but inserting the data into Elasticsearch |
Packetbeat | Tap into your wire data |
Filebeat | Lightweight log forwarder to Logstash & Elasticsearch |
Winlogbeat | Sends Windows Event logs |
In addition to the above Beats, which are officially supported by Elastic, the community has created a set of other Beats that make use of libbeat but live outside of this Github repository. We maintain a list of community Beats here.
Documentation and Getting Help
You can find the documentation on the elastic.co site. If you need help, you can open a topic on our discuss forums.
Contributing
We'd love working with you! You can help making the Beats better in many ways: report issues, help us reproduce issues, fix bugs, add functionality, or even create your own Beat.
Please start by reading our CONTRIBUTING file.
If you are creating a new Beat, you don't need to submit the code to this repository. You can simply start working in a new repository and make use of the libbeat packages, by following our developer guide. After you have a working prototype, open a pull request to add your Beat to the list of community Beats.
Directories ¶
Path | Synopsis |
---|---|
harvester
The harvester package harvest different inputs for new information.
|
The harvester package harvest different inputs for new information. |
beat
Package beat provides the functions required to manage the life-cycle of a Beat.
|
Package beat provides the functions required to manage the life-cycle of a Beat. |
common/streambuf
The streambuf module provides helpers for buffering multiple packet payloads and some general parsing functions.
|
The streambuf module provides helpers for buffering multiple packet payloads and some general parsing functions. |
outputs/mode
Package mode defines and implents output strategies with failover or load balancing modes for use by output plugins.
|
Package mode defines and implents output strategies with failover or load balancing modes for use by output plugins. |
paths
Package libbeat.paths provides a common way to handle paths configuration for all Beats.
|
Package libbeat.paths provides a common way to handle paths configuration for all Beats. |
beater
Metricbeat collects metric sets from different modules.
|
Metricbeat collects metric sets from different modules. |
include
Package include imports all Module and MetricSet packages so that they register their factories with the global registry.
|
Package include imports all Module and MetricSet packages so that they register their factories with the global registry. |
module/apache
Helper functions for testing used in the apache metricsets
|
Helper functions for testing used in the apache metricsets |
module/apache/status
Package status reads Apache HTTPD server status from the mod_status module.
|
Package status reads Apache HTTPD server status from the mod_status module. |
module/mysql
Helper functions for testing used in the mysql metricsets
|
Helper functions for testing used in the mysql metricsets |
module/mysql/status
* Fetch status information from mysql: http://dev.mysql.com/doc/refman/5.7/en/show-status.html TODO @ruflin, 20160315 * Complete fields read * Complete template * Complete dashboards
|
* Fetch status information from mysql: http://dev.mysql.com/doc/refman/5.7/en/show-status.html TODO @ruflin, 20160315 * Complete fields read * Complete template * Complete dashboards |
module/redis
Helper functions for testing used in the redis metricsets
|
Helper functions for testing used in the redis metricsets |
module/system/cpu
Package cpu collects CPU metrics from the host OS.
|
Package cpu collects CPU metrics from the host OS. |
module/system/memory
Package memory collects memory metrics from the host OS.
|
Package memory collects memory metrics from the host OS. |
protos/applayer
The applayer module provides common definitions with common fields for use with application layer protocols among beats.
|
The applayer module provides common definitions with common fields for use with application layer protocols among beats. |
protos/dns
This file contains the name mapping data used to convert various DNS IDs to their string values.
|
This file contains the name mapping data used to convert various DNS IDs to their string values. |
Package winlogbeat contains the entrypoint to Winlogbeat which is a lightweight data shipper for Windows event logs.
|
Package winlogbeat contains the entrypoint to Winlogbeat which is a lightweight data shipper for Windows event logs. |
beater
Package beater provides the implementation of the libbeat Beater interface for Winlogbeat.
|
Package beater provides the implementation of the libbeat Beater interface for Winlogbeat. |
checkpoint
Package checkpoint persists event log state information to disk so that event log monitoring can resume from the last read event in the case of a restart or unexpected interruption.
|
Package checkpoint persists event log state information to disk so that event log monitoring can resume from the last read event in the case of a restart or unexpected interruption. |
config
Package config provides the winlogbeat specific configuration options.
|
Package config provides the winlogbeat specific configuration options. |
eventlog
Package eventlog provides the means for reading event logs from Windows.
|
Package eventlog provides the means for reading event logs from Windows. |
sys
Package sys provides common data structures and utilties functions that are used by the subpackages for interfacing with the system level APIs to collect event log records from Windows.
|
Package sys provides common data structures and utilties functions that are used by the subpackages for interfacing with the system level APIs to collect event log records from Windows. |
sys/eventlogging
Package eventlogging provides access to the Event Logging API that was designed for applications that run on the Windows Server 2003, Windows XP, or Windows 2000 operating system.
|
Package eventlogging provides access to the Event Logging API that was designed for applications that run on the Windows Server 2003, Windows XP, or Windows 2000 operating system. |
sys/wineventlog
Package wineventlog provides access to the Windows Event Log API used in all versions of Windows since Vista (i.e.
|
Package wineventlog provides access to the Windows Event Log API used in all versions of Windows since Vista (i.e. |