Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[x-pack/filebeat/netflow] add netflow status reporting under Agent management #40080

Merged
Show file tree
Hide file tree
Changes from 7 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.next.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -295,6 +295,7 @@ https://github.com/elastic/beats/compare/v8.8.1\...main[Check the HEAD diff]
- Add ability to remove request trace logs from http_endpoint input. {pull}40005[40005]
- Add ability to remove request trace logs from entityanalytics input. {pull}40004[40004]
- Relax constraint on Base DN in entity analytics Active Directory provider. {pull}40054[40054]
- Implement Elastic Agent status and health reporting for Netflow Filebeat input. {pull}40080[40080]

*Auditbeat*

Expand Down
11 changes: 10 additions & 1 deletion x-pack/filebeat/input/netflow/input.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import (
"github.com/elastic/beats/v7/filebeat/inputsource/udp"
"github.com/elastic/beats/v7/libbeat/beat"
"github.com/elastic/beats/v7/libbeat/feature"
"github.com/elastic/beats/v7/libbeat/management/status"
"github.com/elastic/beats/v7/x-pack/filebeat/input/netflow/decoder"
"github.com/elastic/beats/v7/x-pack/filebeat/input/netflow/decoder/fields"

Expand Down Expand Up @@ -110,6 +111,7 @@ func (n *netflowInput) Run(ctx v2.Context, connector beat.PipelineConnector) err
n.started = true
n.mtx.Unlock()

ctx.UpdateStatus(status.Starting, "Starting netflow input")
n.logger.Info("Starting netflow input")

n.logger.Info("Connecting to beat event publishing")
Expand All @@ -121,6 +123,7 @@ func (n *netflowInput) Run(ctx v2.Context, connector beat.PipelineConnector) err
EventListener: nil,
})
if err != nil {
ctx.UpdateStatus(status.Failed, fmt.Sprintf("Failed connecting to beat event publishing: %v", err))
n.logger.Errorw("Failed connecting to beat event publishing", "error", err)
n.stop()
return err
Expand All @@ -142,11 +145,13 @@ func (n *netflowInput) Run(ctx v2.Context, connector beat.PipelineConnector) err
WithSharedTemplates(n.cfg.ShareTemplates).
WithActiveSessionsMetric(flowMetrics.ActiveSessions()))
if err != nil {
ctx.UpdateStatus(status.Failed, fmt.Sprintf("Failed to initialize netflow decoder: %v", err))
return fmt.Errorf("error initializing netflow decoder: %w", err)
}

n.logger.Info("Starting netflow decoder")
if err := n.decoder.Start(); err != nil {
ctx.UpdateStatus(status.Failed, fmt.Sprintf("Failed to start netflow decoder: %v", err))
n.logger.Errorw("Failed to start netflow decoder", "error", err)
n.stop()
return err
Expand All @@ -167,7 +172,9 @@ func (n *netflowInput) Run(ctx v2.Context, connector beat.PipelineConnector) err
})
err = udpServer.Start()
if err != nil {
n.logger.Errorf("Failed to start udp server: %v", err)
errorMsg := fmt.Sprintf("Failed to start udp server: %v", err)
n.logger.Errorf(errorMsg)
ctx.UpdateStatus(status.Failed, errorMsg)
n.stop()
return err
}
Expand All @@ -178,6 +185,8 @@ func (n *netflowInput) Run(ctx v2.Context, connector beat.PipelineConnector) err
n.stop()
}()

ctx.UpdateStatus(status.Running, "")

for packet := range n.queueC {
flows, err := n.decoder.Read(bytes.NewBuffer(packet.data), packet.source)
if err != nil {
Expand Down
Loading
Loading