diff --git a/packages/elastic_agent/changelog.yml b/packages/elastic_agent/changelog.yml
index cefef5957209..f4a6f88d9bef 100644
--- a/packages/elastic_agent/changelog.yml
+++ b/packages/elastic_agent/changelog.yml
@@ -1,4 +1,9 @@
# newer versions go on top
+- version: "1.2.0"
+ changes:
+ - description: Update dashboard to CGroup CPU usage and events rates visualization and add Elastic Agent logo
+ type: enhancement
+ link: https://github.com/elastic/integrations/pull/1529
- version: "1.1.1"
changes:
- description: Fix missing support for heartbeat metrics and logs
diff --git a/packages/elastic_agent/data_stream/apm_server_logs/fields/base-fields.yml b/packages/elastic_agent/data_stream/apm_server_logs/fields/base-fields.yml
index 0d1791ffed6e..accc7eb66718 100644
--- a/packages/elastic_agent/data_stream/apm_server_logs/fields/base-fields.yml
+++ b/packages/elastic_agent/data_stream/apm_server_logs/fields/base-fields.yml
@@ -10,3 +10,6 @@
- name: "@timestamp"
type: date
description: Event timestamp.
+- name: event.dataset
+ type: constant_keyword
+ description: Event dataset
diff --git a/packages/elastic_agent/data_stream/apm_server_logs/fields/ecs.yml b/packages/elastic_agent/data_stream/apm_server_logs/fields/ecs.yml
new file mode 100644
index 000000000000..0c274af07124
--- /dev/null
+++ b/packages/elastic_agent/data_stream/apm_server_logs/fields/ecs.yml
@@ -0,0 +1,12 @@
+- name: log
+ title: Log
+ group: 2
+ description: "Details about the event's logging mechanism or logging transport.\nThe log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under `log.syslog.*`.\nThe details specific to your event source are typically not logged under `log.*`, but rather in `event.*` or in other ECS fields."
+ type: group
+ fields:
+ - name: level
+ level: core
+ type: keyword
+ ignore_above: 1024
+ description: "Original log level of the log event.\nIf the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity).\nSome examples are `warn`, `err`, `i`, `informational`."
+ example: error
diff --git a/packages/elastic_agent/data_stream/apm_server_metrics/fields/beat-fields.yml b/packages/elastic_agent/data_stream/apm_server_metrics/fields/beat-fields.yml
new file mode 100644
index 000000000000..0c063d19aeeb
--- /dev/null
+++ b/packages/elastic_agent/data_stream/apm_server_metrics/fields/beat-fields.yml
@@ -0,0 +1,81 @@
+- name: beat.type
+ descripion: Beat type.
+ type: keyword
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/data_stream/auditbeat_logs/fields/base-fields.yml b/packages/elastic_agent/data_stream/auditbeat_logs/fields/base-fields.yml
index 0d1791ffed6e..accc7eb66718 100644
--- a/packages/elastic_agent/data_stream/auditbeat_logs/fields/base-fields.yml
+++ b/packages/elastic_agent/data_stream/auditbeat_logs/fields/base-fields.yml
@@ -10,3 +10,6 @@
- name: "@timestamp"
type: date
description: Event timestamp.
+- name: event.dataset
+ type: constant_keyword
+ description: Event dataset
diff --git a/packages/elastic_agent/data_stream/auditbeat_logs/fields/ecs.yml b/packages/elastic_agent/data_stream/auditbeat_logs/fields/ecs.yml
new file mode 100644
index 000000000000..0c274af07124
--- /dev/null
+++ b/packages/elastic_agent/data_stream/auditbeat_logs/fields/ecs.yml
@@ -0,0 +1,12 @@
+- name: log
+ title: Log
+ group: 2
+ description: "Details about the event's logging mechanism or logging transport.\nThe log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under `log.syslog.*`.\nThe details specific to your event source are typically not logged under `log.*`, but rather in `event.*` or in other ECS fields."
+ type: group
+ fields:
+ - name: level
+ level: core
+ type: keyword
+ ignore_above: 1024
+ description: "Original log level of the log event.\nIf the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity).\nSome examples are `warn`, `err`, `i`, `informational`."
+ example: error
diff --git a/packages/elastic_agent/data_stream/auditbeat_metrics/fields/beat-fields.yml b/packages/elastic_agent/data_stream/auditbeat_metrics/fields/beat-fields.yml
new file mode 100644
index 000000000000..0c063d19aeeb
--- /dev/null
+++ b/packages/elastic_agent/data_stream/auditbeat_metrics/fields/beat-fields.yml
@@ -0,0 +1,81 @@
+- name: beat.type
+ descripion: Beat type.
+ type: keyword
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/data_stream/elastic_agent_logs/fields/base-fields.yml b/packages/elastic_agent/data_stream/elastic_agent_logs/fields/base-fields.yml
index 0d1791ffed6e..accc7eb66718 100644
--- a/packages/elastic_agent/data_stream/elastic_agent_logs/fields/base-fields.yml
+++ b/packages/elastic_agent/data_stream/elastic_agent_logs/fields/base-fields.yml
@@ -10,3 +10,6 @@
- name: "@timestamp"
type: date
description: Event timestamp.
+- name: event.dataset
+ type: constant_keyword
+ description: Event dataset
diff --git a/packages/elastic_agent/data_stream/elastic_agent_logs/fields/ecs.yml b/packages/elastic_agent/data_stream/elastic_agent_logs/fields/ecs.yml
new file mode 100644
index 000000000000..0c274af07124
--- /dev/null
+++ b/packages/elastic_agent/data_stream/elastic_agent_logs/fields/ecs.yml
@@ -0,0 +1,12 @@
+- name: log
+ title: Log
+ group: 2
+ description: "Details about the event's logging mechanism or logging transport.\nThe log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under `log.syslog.*`.\nThe details specific to your event source are typically not logged under `log.*`, but rather in `event.*` or in other ECS fields."
+ type: group
+ fields:
+ - name: level
+ level: core
+ type: keyword
+ ignore_above: 1024
+ description: "Original log level of the log event.\nIf the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity).\nSome examples are `warn`, `err`, `i`, `informational`."
+ example: error
diff --git a/packages/elastic_agent/data_stream/elastic_agent_metrics/fields/beat-fields.yml b/packages/elastic_agent/data_stream/elastic_agent_metrics/fields/beat-fields.yml
new file mode 100644
index 000000000000..0c063d19aeeb
--- /dev/null
+++ b/packages/elastic_agent/data_stream/elastic_agent_metrics/fields/beat-fields.yml
@@ -0,0 +1,81 @@
+- name: beat.type
+ descripion: Beat type.
+ type: keyword
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/data_stream/elastic_agent_metrics/fields/beat-stats-fields.yml b/packages/elastic_agent/data_stream/elastic_agent_metrics/fields/beat-stats-fields.yml
new file mode 100644
index 000000000000..8fd2649426aa
--- /dev/null
+++ b/packages/elastic_agent/data_stream/elastic_agent_metrics/fields/beat-stats-fields.yml
@@ -0,0 +1,256 @@
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: beat
+ type: group
+ fields:
+ - name: name
+ type: keyword
+ - name: host
+ type: keyword
+ - name: type
+ type: keyword
+ - name: uuid
+ type: keyword
+ - name: version
+ type: keyword
+ - name: system
+ type: group
+ fields:
+ - name: cpu.cores
+ type: long
+ - name: load
+ type: group
+ fields:
+ - name: "1"
+ type: double
+ - name: "15"
+ type: double
+ - name: "5"
+ type: double
+ - name: norm
+ type: group
+ fields:
+ - name: "1"
+ type: double
+ - name: "15"
+ type: double
+ - name: "5"
+ type: double
+ - name: cpu
+ type: group
+ fields:
+ - name: system.ticks
+ type: long
+ - name: system.time.ms
+ type: long
+ - name: total.value
+ type: long
+ - name: total.ticks
+ type: long
+ - name: total.time.ms
+ type: long
+ - name: user.ticks
+ type: long
+ - name: user.time.ms
+ type: long
+ - name: info
+ type: group
+ fields:
+ - name: ephemeral_id
+ type: keyword
+ - name: uptime.ms
+ type: long
+ - name: cgroup
+ type: group
+ fields:
+ - name: cpu
+ type: group
+ fields:
+ - name: cfs.period.us
+ type: long
+ - name: cfs.quota.us
+ type: long
+ - name: id
+ type: keyword
+ - name: stats
+ type: group
+ fields:
+ - name: periods
+ type: long
+ - name: throttled.periods
+ type: long
+ - name: throttled.ns
+ type: long
+ - name: cpuacct.id
+ type: keyword
+ - name: cpuacct.total.ns
+ type: long
+ - name: memory
+ type: group
+ fields:
+ - name: id
+ type: keyword
+ - name: mem.limit.bytes
+ type: long
+ - name: mem.usage.bytes
+ type: long
+ - name: memstats
+ type: group
+ fields:
+ - name: gc_next
+ type: long
+ - name: memory.alloc
+ type: long
+ - name: memory.total
+ type: long
+ - name: rss
+ type: long
+ - name: handles
+ type: group
+ fields:
+ - name: open
+ type: long
+ - name: limit.hard
+ type: long
+ - name: limit.soft
+ type: long
+ - name: uptime.ms
+ type: long
+ description: >
+ Beat uptime
+
+ - name: runtime.goroutines
+ type: long
+ description: >
+ Number of goroutines running in Beat
+
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: pipeline
+ type: group
+ fields:
+ - name: clients
+ type: long
+ - name: queue.acked
+ type: long
+ - name: events
+ type: group
+ fields:
+ - name: active
+ type: long
+ - name: dropped
+ type: long
+ - name: failed
+ type: long
+ - name: filtered
+ type: long
+ - name: published
+ type: long
+ - name: retry
+ type: long
+ - name: total
+ type: long
+ - name: config
+ type: group
+ fields:
+ - name: running
+ type: short
+ - name: starts
+ type: short
+ - name: stops
+ type: short
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: type
+ type: keyword
+ description: >
+ Type of output
+
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: read
+ type: group
+ description: >
+ Read stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes read
+
+ - name: errors
+ type: long
+ description: >
+ Number of read errors
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/data_stream/endpoint_security_metrics/fields/beat-fields.yml b/packages/elastic_agent/data_stream/endpoint_security_metrics/fields/beat-fields.yml
new file mode 100644
index 000000000000..0c063d19aeeb
--- /dev/null
+++ b/packages/elastic_agent/data_stream/endpoint_security_metrics/fields/beat-fields.yml
@@ -0,0 +1,81 @@
+- name: beat.type
+ descripion: Beat type.
+ type: keyword
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/data_stream/endpoint_sercurity_logs/fields/base-fields.yml b/packages/elastic_agent/data_stream/endpoint_sercurity_logs/fields/base-fields.yml
index 0d1791ffed6e..accc7eb66718 100644
--- a/packages/elastic_agent/data_stream/endpoint_sercurity_logs/fields/base-fields.yml
+++ b/packages/elastic_agent/data_stream/endpoint_sercurity_logs/fields/base-fields.yml
@@ -10,3 +10,6 @@
- name: "@timestamp"
type: date
description: Event timestamp.
+- name: event.dataset
+ type: constant_keyword
+ description: Event dataset
diff --git a/packages/elastic_agent/data_stream/endpoint_sercurity_logs/fields/ecs.yml b/packages/elastic_agent/data_stream/endpoint_sercurity_logs/fields/ecs.yml
new file mode 100644
index 000000000000..0c274af07124
--- /dev/null
+++ b/packages/elastic_agent/data_stream/endpoint_sercurity_logs/fields/ecs.yml
@@ -0,0 +1,12 @@
+- name: log
+ title: Log
+ group: 2
+ description: "Details about the event's logging mechanism or logging transport.\nThe log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under `log.syslog.*`.\nThe details specific to your event source are typically not logged under `log.*`, but rather in `event.*` or in other ECS fields."
+ type: group
+ fields:
+ - name: level
+ level: core
+ type: keyword
+ ignore_above: 1024
+ description: "Original log level of the log event.\nIf the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity).\nSome examples are `warn`, `err`, `i`, `informational`."
+ example: error
diff --git a/packages/elastic_agent/data_stream/filebeat_logs/fields/base-fields.yml b/packages/elastic_agent/data_stream/filebeat_logs/fields/base-fields.yml
index 0d1791ffed6e..accc7eb66718 100644
--- a/packages/elastic_agent/data_stream/filebeat_logs/fields/base-fields.yml
+++ b/packages/elastic_agent/data_stream/filebeat_logs/fields/base-fields.yml
@@ -10,3 +10,6 @@
- name: "@timestamp"
type: date
description: Event timestamp.
+- name: event.dataset
+ type: constant_keyword
+ description: Event dataset
diff --git a/packages/elastic_agent/data_stream/filebeat_logs/fields/ecs.yml b/packages/elastic_agent/data_stream/filebeat_logs/fields/ecs.yml
new file mode 100644
index 000000000000..0c274af07124
--- /dev/null
+++ b/packages/elastic_agent/data_stream/filebeat_logs/fields/ecs.yml
@@ -0,0 +1,12 @@
+- name: log
+ title: Log
+ group: 2
+ description: "Details about the event's logging mechanism or logging transport.\nThe log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under `log.syslog.*`.\nThe details specific to your event source are typically not logged under `log.*`, but rather in `event.*` or in other ECS fields."
+ type: group
+ fields:
+ - name: level
+ level: core
+ type: keyword
+ ignore_above: 1024
+ description: "Original log level of the log event.\nIf the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity).\nSome examples are `warn`, `err`, `i`, `informational`."
+ example: error
diff --git a/packages/elastic_agent/data_stream/filebeat_metrics/fields/beat-fields.yml b/packages/elastic_agent/data_stream/filebeat_metrics/fields/beat-fields.yml
new file mode 100644
index 000000000000..0c063d19aeeb
--- /dev/null
+++ b/packages/elastic_agent/data_stream/filebeat_metrics/fields/beat-fields.yml
@@ -0,0 +1,81 @@
+- name: beat.type
+ descripion: Beat type.
+ type: keyword
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/data_stream/fleet_server_logs/fields/base-fields.yml b/packages/elastic_agent/data_stream/fleet_server_logs/fields/base-fields.yml
index 0d1791ffed6e..accc7eb66718 100644
--- a/packages/elastic_agent/data_stream/fleet_server_logs/fields/base-fields.yml
+++ b/packages/elastic_agent/data_stream/fleet_server_logs/fields/base-fields.yml
@@ -10,3 +10,6 @@
- name: "@timestamp"
type: date
description: Event timestamp.
+- name: event.dataset
+ type: constant_keyword
+ description: Event dataset
diff --git a/packages/elastic_agent/data_stream/fleet_server_logs/fields/ecs.yml b/packages/elastic_agent/data_stream/fleet_server_logs/fields/ecs.yml
new file mode 100644
index 000000000000..0c274af07124
--- /dev/null
+++ b/packages/elastic_agent/data_stream/fleet_server_logs/fields/ecs.yml
@@ -0,0 +1,12 @@
+- name: log
+ title: Log
+ group: 2
+ description: "Details about the event's logging mechanism or logging transport.\nThe log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under `log.syslog.*`.\nThe details specific to your event source are typically not logged under `log.*`, but rather in `event.*` or in other ECS fields."
+ type: group
+ fields:
+ - name: level
+ level: core
+ type: keyword
+ ignore_above: 1024
+ description: "Original log level of the log event.\nIf the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity).\nSome examples are `warn`, `err`, `i`, `informational`."
+ example: error
diff --git a/packages/elastic_agent/data_stream/fleet_server_metrics/fields/beat-fields.yml b/packages/elastic_agent/data_stream/fleet_server_metrics/fields/beat-fields.yml
new file mode 100644
index 000000000000..0c063d19aeeb
--- /dev/null
+++ b/packages/elastic_agent/data_stream/fleet_server_metrics/fields/beat-fields.yml
@@ -0,0 +1,81 @@
+- name: beat.type
+ descripion: Beat type.
+ type: keyword
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/data_stream/heartbeat_logs/fields/ecs.yml b/packages/elastic_agent/data_stream/heartbeat_logs/fields/ecs.yml
new file mode 100644
index 000000000000..0c274af07124
--- /dev/null
+++ b/packages/elastic_agent/data_stream/heartbeat_logs/fields/ecs.yml
@@ -0,0 +1,12 @@
+- name: log
+ title: Log
+ group: 2
+ description: "Details about the event's logging mechanism or logging transport.\nThe log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under `log.syslog.*`.\nThe details specific to your event source are typically not logged under `log.*`, but rather in `event.*` or in other ECS fields."
+ type: group
+ fields:
+ - name: level
+ level: core
+ type: keyword
+ ignore_above: 1024
+ description: "Original log level of the log event.\nIf the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity).\nSome examples are `warn`, `err`, `i`, `informational`."
+ example: error
diff --git a/packages/elastic_agent/data_stream/heartbeat_logs/fields/fields.yml b/packages/elastic_agent/data_stream/heartbeat_logs/fields/fields.yml
index 24771ec5046e..371ed822a54f 100644
--- a/packages/elastic_agent/data_stream/heartbeat_logs/fields/fields.yml
+++ b/packages/elastic_agent/data_stream/heartbeat_logs/fields/fields.yml
@@ -26,3 +26,6 @@
ignore_above: 1024
description: Elastic agent version.
example: 7.11.0
+- name: event.dataset
+ type: constant_keyword
+ description: Event dataset
diff --git a/packages/elastic_agent/data_stream/heartbeat_metrics/fields/beat-fields.yml b/packages/elastic_agent/data_stream/heartbeat_metrics/fields/beat-fields.yml
new file mode 100644
index 000000000000..0c063d19aeeb
--- /dev/null
+++ b/packages/elastic_agent/data_stream/heartbeat_metrics/fields/beat-fields.yml
@@ -0,0 +1,81 @@
+- name: beat.type
+ descripion: Beat type.
+ type: keyword
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/data_stream/metricbeat_logs/fields/base-fields.yml b/packages/elastic_agent/data_stream/metricbeat_logs/fields/base-fields.yml
index 0d1791ffed6e..accc7eb66718 100644
--- a/packages/elastic_agent/data_stream/metricbeat_logs/fields/base-fields.yml
+++ b/packages/elastic_agent/data_stream/metricbeat_logs/fields/base-fields.yml
@@ -10,3 +10,6 @@
- name: "@timestamp"
type: date
description: Event timestamp.
+- name: event.dataset
+ type: constant_keyword
+ description: Event dataset
diff --git a/packages/elastic_agent/data_stream/metricbeat_logs/fields/ecs.yml b/packages/elastic_agent/data_stream/metricbeat_logs/fields/ecs.yml
new file mode 100644
index 000000000000..0c274af07124
--- /dev/null
+++ b/packages/elastic_agent/data_stream/metricbeat_logs/fields/ecs.yml
@@ -0,0 +1,12 @@
+- name: log
+ title: Log
+ group: 2
+ description: "Details about the event's logging mechanism or logging transport.\nThe log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under `log.syslog.*`.\nThe details specific to your event source are typically not logged under `log.*`, but rather in `event.*` or in other ECS fields."
+ type: group
+ fields:
+ - name: level
+ level: core
+ type: keyword
+ ignore_above: 1024
+ description: "Original log level of the log event.\nIf the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity).\nSome examples are `warn`, `err`, `i`, `informational`."
+ example: error
diff --git a/packages/elastic_agent/data_stream/metricbeat_metrics/fields/beat-fields.yml b/packages/elastic_agent/data_stream/metricbeat_metrics/fields/beat-fields.yml
new file mode 100644
index 000000000000..0c063d19aeeb
--- /dev/null
+++ b/packages/elastic_agent/data_stream/metricbeat_metrics/fields/beat-fields.yml
@@ -0,0 +1,81 @@
+- name: beat.type
+ descripion: Beat type.
+ type: keyword
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/data_stream/osquerybeat_logs/fields/base-fields.yml b/packages/elastic_agent/data_stream/osquerybeat_logs/fields/base-fields.yml
index 0d1791ffed6e..accc7eb66718 100644
--- a/packages/elastic_agent/data_stream/osquerybeat_logs/fields/base-fields.yml
+++ b/packages/elastic_agent/data_stream/osquerybeat_logs/fields/base-fields.yml
@@ -10,3 +10,6 @@
- name: "@timestamp"
type: date
description: Event timestamp.
+- name: event.dataset
+ type: constant_keyword
+ description: Event dataset
diff --git a/packages/elastic_agent/data_stream/osquerybeat_logs/fields/ecs.yml b/packages/elastic_agent/data_stream/osquerybeat_logs/fields/ecs.yml
new file mode 100644
index 000000000000..0c274af07124
--- /dev/null
+++ b/packages/elastic_agent/data_stream/osquerybeat_logs/fields/ecs.yml
@@ -0,0 +1,12 @@
+- name: log
+ title: Log
+ group: 2
+ description: "Details about the event's logging mechanism or logging transport.\nThe log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under `log.syslog.*`.\nThe details specific to your event source are typically not logged under `log.*`, but rather in `event.*` or in other ECS fields."
+ type: group
+ fields:
+ - name: level
+ level: core
+ type: keyword
+ ignore_above: 1024
+ description: "Original log level of the log event.\nIf the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity).\nSome examples are `warn`, `err`, `i`, `informational`."
+ example: error
diff --git a/packages/elastic_agent/data_stream/osquerybeat_metrics/fields/beat-fields.yml b/packages/elastic_agent/data_stream/osquerybeat_metrics/fields/beat-fields.yml
new file mode 100644
index 000000000000..0c063d19aeeb
--- /dev/null
+++ b/packages/elastic_agent/data_stream/osquerybeat_metrics/fields/beat-fields.yml
@@ -0,0 +1,81 @@
+- name: beat.type
+ descripion: Beat type.
+ type: keyword
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/data_stream/packetbeat_logs/fields/ecs.yml b/packages/elastic_agent/data_stream/packetbeat_logs/fields/ecs.yml
new file mode 100644
index 000000000000..0c274af07124
--- /dev/null
+++ b/packages/elastic_agent/data_stream/packetbeat_logs/fields/ecs.yml
@@ -0,0 +1,12 @@
+- name: log
+ title: Log
+ group: 2
+ description: "Details about the event's logging mechanism or logging transport.\nThe log.* fields are typically populated with details about the logging mechanism used to create and/or transport the event. For example, syslog details belong under `log.syslog.*`.\nThe details specific to your event source are typically not logged under `log.*`, but rather in `event.*` or in other ECS fields."
+ type: group
+ fields:
+ - name: level
+ level: core
+ type: keyword
+ ignore_above: 1024
+ description: "Original log level of the log event.\nIf the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity).\nSome examples are `warn`, `err`, `i`, `informational`."
+ example: error
diff --git a/packages/elastic_agent/data_stream/packetbeat_metrics/fields/beat-fields.yml b/packages/elastic_agent/data_stream/packetbeat_metrics/fields/beat-fields.yml
new file mode 100644
index 000000000000..0c063d19aeeb
--- /dev/null
+++ b/packages/elastic_agent/data_stream/packetbeat_metrics/fields/beat-fields.yml
@@ -0,0 +1,81 @@
+- name: beat.type
+ descripion: Beat type.
+ type: keyword
+- name: beat.stats
+ description: Beat stats
+ type: group
+ fields:
+ - name: libbeat
+ type: group
+ description: >
+ Fields common to all Beats
+
+ fields:
+ - name: output
+ type: group
+ description: >
+ Output stats
+
+ fields:
+ - name: events
+ type: group
+ description: >
+ Event counters
+
+ fields:
+ - name: acked
+ type: long
+ description: >
+ Number of events acknowledged
+
+ - name: active
+ type: long
+ description: >
+ Number of active events
+
+ - name: batches
+ type: long
+ description: >
+ Number of event batches
+
+ - name: dropped
+ type: long
+ description: >
+ Number of events dropped
+
+ - name: duplicates
+ type: long
+ description: >
+ Number of events duplicated
+
+ - name: failed
+ type: long
+ description: >
+ Number of events failed
+
+ - name: toomany
+ type: long
+ description: >
+ Number of too many events
+
+ - name: total
+ type: long
+ description: >
+ Total number of events
+
+ - name: write
+ type: group
+ description: >
+ Write stats
+
+ fields:
+ - name: bytes
+ type: long
+ description: >
+ Number of bytes written
+
+ - name: errors
+ type: long
+ description: >
+ Number of write errors
+
diff --git a/packages/elastic_agent/img/elastic_agent_metrics.png b/packages/elastic_agent/img/elastic_agent_metrics.png
index a089b553bfc8..c1898d82cb8c 100644
Binary files a/packages/elastic_agent/img/elastic_agent_metrics.png and b/packages/elastic_agent/img/elastic_agent_metrics.png differ
diff --git a/packages/elastic_agent/img/logo_elastic_agent.svg b/packages/elastic_agent/img/logo_elastic_agent.svg
index b5770b901f31..6597f9015404 100644
--- a/packages/elastic_agent/img/logo_elastic_agent.svg
+++ b/packages/elastic_agent/img/logo_elastic_agent.svg
@@ -1,5 +1,15 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/packages/elastic_agent/kibana/dashboard/elastic_agent-f47f18cc-9c7d-4278-b2ea-a6dee816d395.json b/packages/elastic_agent/kibana/dashboard/elastic_agent-f47f18cc-9c7d-4278-b2ea-a6dee816d395.json
index 29b2e9504244..3ef50c1c5705 100644
--- a/packages/elastic_agent/kibana/dashboard/elastic_agent-f47f18cc-9c7d-4278-b2ea-a6dee816d395.json
+++ b/packages/elastic_agent/kibana/dashboard/elastic_agent-f47f18cc-9c7d-4278-b2ea-a6dee816d395.json
@@ -4,7 +4,30 @@
"hits": 0,
"kibanaSavedObjectMeta": {
"searchSourceJSON": {
- "filter": [],
+ "filter": [
+ {
+ "$state": {
+ "store": "appState"
+ },
+ "meta": {
+ "alias": null,
+ "controlledBy": "1628695092511",
+ "disabled": false,
+ "indexRefName": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index",
+ "key": "host.name",
+ "negate": false,
+ "params": {
+ "query": "docker-fleet-agent"
+ },
+ "type": "phrase"
+ },
+ "query": {
+ "match_phrase": {
+ "host.name": "docker-fleet-agent"
+ }
+ }
+ }
+ ],
"highlightAll": true,
"query": {
"language": "kuery",
@@ -15,77 +38,280 @@
},
"optionsJSON": {
"hidePanelTitles": false,
+ "syncColors": true,
"useMargins": true
},
"panelsJSON": [
{
- "version": "8.0.0-SNAPSHOT",
+ "embeddableConfig": {
+ "enhancements": {},
+ "hidePanelTitles": false,
+ "savedVis": {
+ "data": {
+ "aggs": [],
+ "searchSource": {
+ "filter": [],
+ "query": {
+ "language": "kuery",
+ "query": ""
+ }
+ }
+ },
+ "description": "",
+ "params": {
+ "controls": [
+ {
+ "fieldName": "host.name",
+ "id": "1628695092511",
+ "indexPatternRefName": "control_8e715e81-4077-4e7d-9c67-af1d1c98af00_0_index_pattern",
+ "label": "Host name",
+ "options": {
+ "dynamicOptions": true,
+ "multiselect": true,
+ "order": "desc",
+ "size": 5,
+ "type": "terms"
+ },
+ "parent": "",
+ "type": "list"
+ }
+ ],
+ "pinFilters": false,
+ "updateFiltersOnChange": false,
+ "useTimeFilter": false
+ },
+ "title": "",
+ "type": "input_control_vis",
+ "uiState": {}
+ }
+ },
"gridData": {
- "h": 16,
- "i": "aff03363-b1bf-4d47-9325-3dff44b5e758",
- "w": 24,
+ "h": 6,
+ "i": "8e715e81-4077-4e7d-9c67-af1d1c98af00",
+ "w": 48,
"x": 0,
"y": 0
},
- "panelIndex": "aff03363-b1bf-4d47-9325-3dff44b5e758",
+ "panelIndex": "8e715e81-4077-4e7d-9c67-af1d1c98af00",
+ "title": "Host name",
+ "type": "visualization",
+ "version": "7.15.0-SNAPSHOT"
+ },
+ {
"embeddableConfig": {
"enhancements": {}
},
- "panelRefName": "panel_0"
+ "gridData": {
+ "h": 9,
+ "i": "aff03363-b1bf-4d47-9325-3dff44b5e758",
+ "w": 24,
+ "x": 0,
+ "y": 6
+ },
+ "panelIndex": "aff03363-b1bf-4d47-9325-3dff44b5e758",
+ "panelRefName": "panel_aff03363-b1bf-4d47-9325-3dff44b5e758",
+ "type": "visualization",
+ "version": "7.15.0-SNAPSHOT"
},
{
- "version": "8.0.0-SNAPSHOT",
+ "embeddableConfig": {
+ "enhancements": {}
+ },
"gridData": {
- "h": 16,
+ "h": 9,
"i": "5f518ab9-9366-40e5-837b-1b5080d29da3",
"w": 24,
- "x": 24,
- "y": 0
+ "x": 0,
+ "y": 15
},
"panelIndex": "5f518ab9-9366-40e5-837b-1b5080d29da3",
+ "panelRefName": "panel_5f518ab9-9366-40e5-837b-1b5080d29da3",
+ "type": "visualization",
+ "version": "7.15.0-SNAPSHOT"
+ },
+ {
"embeddableConfig": {
- "enhancements": {}
+ "enhancements": {},
+ "hidePanelTitles": false
},
- "panelRefName": "panel_1"
+ "gridData": {
+ "h": 9,
+ "i": "8597b0ac-485c-4749-a2d9-7b8263429ee0",
+ "w": 24,
+ "x": 24,
+ "y": 15
+ },
+ "panelIndex": "8597b0ac-485c-4749-a2d9-7b8263429ee0",
+ "panelRefName": "panel_8597b0ac-485c-4749-a2d9-7b8263429ee0",
+ "title": "[Elastic Agent] CGroup Memory usage ",
+ "type": "visualization",
+ "version": "7.15.0-SNAPSHOT"
},
{
- "version": "8.0.0-SNAPSHOT",
+ "embeddableConfig": {
+ "enhancements": {}
+ },
"gridData": {
- "h": 15,
+ "h": 9,
"i": "9ce78b52-e345-4cfd-b2ad-9819e55aaa7a",
"w": 24,
"x": 0,
- "y": 16
+ "y": 24
},
"panelIndex": "9ce78b52-e345-4cfd-b2ad-9819e55aaa7a",
+ "panelRefName": "panel_9ce78b52-e345-4cfd-b2ad-9819e55aaa7a",
+ "type": "visualization",
+ "version": "7.15.0-SNAPSHOT"
+ },
+ {
+ "embeddableConfig": {
+ "enhancements": {},
+ "hidePanelTitles": false
+ },
+ "gridData": {
+ "h": 9,
+ "i": "e58a6da2-e479-4895-a61b-74c3b673c4d9",
+ "w": 24,
+ "x": 0,
+ "y": 33
+ },
+ "panelIndex": "e58a6da2-e479-4895-a61b-74c3b673c4d9",
+ "panelRefName": "panel_e58a6da2-e479-4895-a61b-74c3b673c4d9",
+ "type": "lens",
+ "version": "7.15.0-SNAPSHOT"
+ },
+ {
+ "embeddableConfig": {
+ "enhancements": {},
+ "hidePanelTitles": false
+ },
+ "gridData": {
+ "h": 9,
+ "i": "89fea7c1-0908-4710-8b65-1f727f5cab24",
+ "w": 24,
+ "x": 24,
+ "y": 33
+ },
+ "panelIndex": "89fea7c1-0908-4710-8b65-1f727f5cab24",
+ "panelRefName": "panel_89fea7c1-0908-4710-8b65-1f727f5cab24",
+ "type": "lens",
+ "version": "7.15.0-SNAPSHOT"
+ },
+ {
+ "embeddableConfig": {
+ "enhancements": {},
+ "hidePanelTitles": false
+ },
+ "gridData": {
+ "h": 9,
+ "i": "b26d8fac-812f-44bf-ad83-acee853b0476",
+ "w": 24,
+ "x": 0,
+ "y": 42
+ },
+ "panelIndex": "b26d8fac-812f-44bf-ad83-acee853b0476",
+ "panelRefName": "panel_b26d8fac-812f-44bf-ad83-acee853b0476",
+ "title": "[Elastic Agent] Errors in writing the response from the output",
+ "type": "lens",
+ "version": "7.15.0-SNAPSHOT"
+ },
+ {
+ "embeddableConfig": {
+ "enhancements": {},
+ "hidePanelTitles": false
+ },
+ "gridData": {
+ "h": 9,
+ "i": "6e45d7b4-8857-448f-8f26-1a63a49d3a78",
+ "w": 24,
+ "x": 24,
+ "y": 24
+ },
+ "panelIndex": "6e45d7b4-8857-448f-8f26-1a63a49d3a78",
+ "panelRefName": "panel_6e45d7b4-8857-448f-8f26-1a63a49d3a78",
+ "type": "lens",
+ "version": "7.15.0-SNAPSHOT"
+ },
+ {
"embeddableConfig": {
"enhancements": {}
},
- "panelRefName": "panel_2"
+ "gridData": {
+ "h": 9,
+ "i": "39247b7d-eb88-4015-b11f-a1105b9fae71",
+ "w": 24,
+ "x": 24,
+ "y": 6
+ },
+ "panelIndex": "39247b7d-eb88-4015-b11f-a1105b9fae71",
+ "panelRefName": "panel_39247b7d-eb88-4015-b11f-a1105b9fae71",
+ "type": "visualization",
+ "version": "7.15.0-SNAPSHOT"
}
],
"timeRestore": false,
"title": "[Elastic Agent] Agent metrics",
"version": 1
},
+ "coreMigrationVersion": "7.15.0",
"id": "elastic_agent-f47f18cc-9c7d-4278-b2ea-a6dee816d395",
"migrationVersion": {
- "dashboard": "7.11.0"
+ "dashboard": "7.14.0"
},
"references": [
+ {
+ "id": "metrics-*",
+ "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index",
+ "type": "index-pattern"
+ },
+ {
+ "id": "metrics-*",
+ "name": "8e715e81-4077-4e7d-9c67-af1d1c98af00:control_8e715e81-4077-4e7d-9c67-af1d1c98af00_0_index_pattern",
+ "type": "index-pattern"
+ },
{
"id": "elastic_agent-a11c250a-865f-4eb2-9441-882d229313be",
- "name": "panel_0",
+ "name": "aff03363-b1bf-4d47-9325-3dff44b5e758:panel_aff03363-b1bf-4d47-9325-3dff44b5e758",
"type": "visualization"
},
{
"id": "elastic_agent-93a8a11d-b2da-4ef3-81dc-c7040560ffde",
- "name": "panel_1",
+ "name": "5f518ab9-9366-40e5-837b-1b5080d29da3:panel_5f518ab9-9366-40e5-837b-1b5080d29da3",
+ "type": "visualization"
+ },
+ {
+ "id": "elastic_agent-69219f50-febc-11eb-9a5b-19cc90b68e55",
+ "name": "8597b0ac-485c-4749-a2d9-7b8263429ee0:panel_8597b0ac-485c-4749-a2d9-7b8263429ee0",
"type": "visualization"
},
{
"id": "elastic_agent-47d87552-8421-4cfc-bc5d-4a7205f5b007",
- "name": "panel_2",
+ "name": "9ce78b52-e345-4cfd-b2ad-9819e55aaa7a:panel_9ce78b52-e345-4cfd-b2ad-9819e55aaa7a",
+ "type": "visualization"
+ },
+ {
+ "id": "elastic_agent-27798780-0037-11ec-af6c-1740f74b2d73",
+ "name": "e58a6da2-e479-4895-a61b-74c3b673c4d9:panel_e58a6da2-e479-4895-a61b-74c3b673c4d9",
+ "type": "lens"
+ },
+ {
+ "id": "elastic_agent-409f5d70-0037-11ec-af6c-1740f74b2d73",
+ "name": "89fea7c1-0908-4710-8b65-1f727f5cab24:panel_89fea7c1-0908-4710-8b65-1f727f5cab24",
+ "type": "lens"
+ },
+ {
+ "id": "elastic_agent-58677820-0037-11ec-af6c-1740f74b2d73",
+ "name": "b26d8fac-812f-44bf-ad83-acee853b0476:panel_b26d8fac-812f-44bf-ad83-acee853b0476",
+ "type": "lens"
+ },
+ {
+ "id": "elastic_agent-6e88c0a0-0037-11ec-af6c-1740f74b2d73",
+ "name": "6e45d7b4-8857-448f-8f26-1a63a49d3a78:panel_6e45d7b4-8857-448f-8f26-1a63a49d3a78",
+ "type": "lens"
+ },
+ {
+ "id": "elastic_agent-819241d0-0037-11ec-af6c-1740f74b2d73",
+ "name": "39247b7d-eb88-4015-b11f-a1105b9fae71:panel_39247b7d-eb88-4015-b11f-a1105b9fae71",
"type": "visualization"
}
],
diff --git a/packages/elastic_agent/kibana/lens/elastic_agent-27798780-0037-11ec-af6c-1740f74b2d73.json b/packages/elastic_agent/kibana/lens/elastic_agent-27798780-0037-11ec-af6c-1740f74b2d73.json
new file mode 100644
index 000000000000..529d67225578
--- /dev/null
+++ b/packages/elastic_agent/kibana/lens/elastic_agent-27798780-0037-11ec-af6c-1740f74b2d73.json
@@ -0,0 +1,150 @@
+{
+ "attributes": {
+ "description": "Total events processed by the output (including retries). (From beat.stats.libbeat.output.events.total)",
+ "state": {
+ "datasourceStates": {
+ "indexpattern": {
+ "layers": {
+ "ad65be36-0be3-4937-8f41-ec9e48adfce6": {
+ "columnOrder": [
+ "2e112c50-5bc4-4c0b-a69b-8c17e0f9fc0a",
+ "49cd060d-6f21-4d81-ad6b-1c8462c97353",
+ "e201a210-6e89-4d72-9d9c-a00b036fb0eb",
+ "f5cbe487-2a43-425b-9cd1-40283e5e596c"
+ ],
+ "columns": {
+ "2e112c50-5bc4-4c0b-a69b-8c17e0f9fc0a": {
+ "dataType": "string",
+ "isBucketed": true,
+ "label": "Top values of beat.type",
+ "operationType": "terms",
+ "params": {
+ "missingBucket": false,
+ "orderBy": {
+ "fallback": true,
+ "type": "alphabetical"
+ },
+ "orderDirection": "asc",
+ "otherBucket": true,
+ "size": 10
+ },
+ "scale": "ordinal",
+ "sourceField": "beat.type"
+ },
+ "49cd060d-6f21-4d81-ad6b-1c8462c97353": {
+ "dataType": "date",
+ "isBucketed": true,
+ "label": "@timestamp",
+ "operationType": "date_histogram",
+ "params": {
+ "interval": "auto"
+ },
+ "scale": "interval",
+ "sourceField": "@timestamp"
+ },
+ "e201a210-6e89-4d72-9d9c-a00b036fb0eb": {
+ "customLabel": true,
+ "dataType": "number",
+ "filter": {
+ "language": "kuery",
+ "query": "data_stream.dataset : \"elastic_agent.*\" "
+ },
+ "isBucketed": false,
+ "label": "Events Rate /s",
+ "operationType": "counter_rate",
+ "references": [
+ "f5cbe487-2a43-425b-9cd1-40283e5e596c"
+ ],
+ "scale": "ratio",
+ "timeScale": "s"
+ },
+ "f5cbe487-2a43-425b-9cd1-40283e5e596c": {
+ "dataType": "number",
+ "isBucketed": false,
+ "label": "Maximum of beat.stats.libbeat.output.events.total",
+ "operationType": "max",
+ "scale": "ratio",
+ "sourceField": "beat.stats.libbeat.output.events.total"
+ }
+ },
+ "incompleteColumns": {}
+ }
+ }
+ }
+ },
+ "filters": [],
+ "query": {
+ "language": "kuery",
+ "query": ""
+ },
+ "visualization": {
+ "axisTitlesVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "fittingFunction": "None",
+ "gridlinesVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "labelsOrientation": {
+ "x": 0,
+ "yLeft": 0,
+ "yRight": 0
+ },
+ "layers": [
+ {
+ "accessors": [
+ "e201a210-6e89-4d72-9d9c-a00b036fb0eb"
+ ],
+ "layerId": "ad65be36-0be3-4937-8f41-ec9e48adfce6",
+ "position": "top",
+ "seriesType": "line",
+ "showGridlines": false,
+ "splitAccessor": "2e112c50-5bc4-4c0b-a69b-8c17e0f9fc0a",
+ "xAccessor": "49cd060d-6f21-4d81-ad6b-1c8462c97353"
+ }
+ ],
+ "legend": {
+ "isVisible": true,
+ "position": "right"
+ },
+ "preferredSeriesType": "line",
+ "tickLabelsVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "valueLabels": "hide",
+ "yLeftExtent": {
+ "mode": "full"
+ },
+ "yRightExtent": {
+ "mode": "full"
+ }
+ }
+ },
+ "title": "[Elastic Agent] Total events rate /s",
+ "visualizationType": "lnsXY"
+ },
+ "coreMigrationVersion": "7.15.0",
+ "id": "elastic_agent-27798780-0037-11ec-af6c-1740f74b2d73",
+ "migrationVersion": {
+ "lens": "7.14.0"
+ },
+ "references": [
+ {
+ "id": "metrics-*",
+ "name": "indexpattern-datasource-current-indexpattern",
+ "type": "index-pattern"
+ },
+ {
+ "id": "metrics-*",
+ "name": "indexpattern-datasource-layer-ad65be36-0be3-4937-8f41-ec9e48adfce6",
+ "type": "index-pattern"
+ }
+ ],
+ "type": "lens"
+}
\ No newline at end of file
diff --git a/packages/elastic_agent/kibana/lens/elastic_agent-409f5d70-0037-11ec-af6c-1740f74b2d73.json b/packages/elastic_agent/kibana/lens/elastic_agent-409f5d70-0037-11ec-af6c-1740f74b2d73.json
new file mode 100644
index 000000000000..6b8e975c90ec
--- /dev/null
+++ b/packages/elastic_agent/kibana/lens/elastic_agent-409f5d70-0037-11ec-af6c-1740f74b2d73.json
@@ -0,0 +1,150 @@
+{
+ "attributes": {
+ "description": "Events acknowledged by the output (includes events dropped by the output). (From beat.stats.libbeat.output.events.acked)",
+ "state": {
+ "datasourceStates": {
+ "indexpattern": {
+ "layers": {
+ "ad65be36-0be3-4937-8f41-ec9e48adfce6": {
+ "columnOrder": [
+ "2e112c50-5bc4-4c0b-a69b-8c17e0f9fc0a",
+ "49cd060d-6f21-4d81-ad6b-1c8462c97353",
+ "e201a210-6e89-4d72-9d9c-a00b036fb0eb",
+ "f5cbe487-2a43-425b-9cd1-40283e5e596c"
+ ],
+ "columns": {
+ "2e112c50-5bc4-4c0b-a69b-8c17e0f9fc0a": {
+ "dataType": "string",
+ "isBucketed": true,
+ "label": "Top values of beat.type",
+ "operationType": "terms",
+ "params": {
+ "missingBucket": false,
+ "orderBy": {
+ "fallback": true,
+ "type": "alphabetical"
+ },
+ "orderDirection": "asc",
+ "otherBucket": true,
+ "size": 10
+ },
+ "scale": "ordinal",
+ "sourceField": "beat.type"
+ },
+ "49cd060d-6f21-4d81-ad6b-1c8462c97353": {
+ "dataType": "date",
+ "isBucketed": true,
+ "label": "@timestamp",
+ "operationType": "date_histogram",
+ "params": {
+ "interval": "auto"
+ },
+ "scale": "interval",
+ "sourceField": "@timestamp"
+ },
+ "e201a210-6e89-4d72-9d9c-a00b036fb0eb": {
+ "customLabel": true,
+ "dataType": "number",
+ "filter": {
+ "language": "kuery",
+ "query": "data_stream.dataset : \"elastic_agent.*\" "
+ },
+ "isBucketed": false,
+ "label": "Events Rate /s",
+ "operationType": "counter_rate",
+ "references": [
+ "f5cbe487-2a43-425b-9cd1-40283e5e596c"
+ ],
+ "scale": "ratio",
+ "timeScale": "s"
+ },
+ "f5cbe487-2a43-425b-9cd1-40283e5e596c": {
+ "dataType": "number",
+ "isBucketed": false,
+ "label": "Maximum of beat.stats.libbeat.output.events.acked",
+ "operationType": "max",
+ "scale": "ratio",
+ "sourceField": "beat.stats.libbeat.output.events.acked"
+ }
+ },
+ "incompleteColumns": {}
+ }
+ }
+ }
+ },
+ "filters": [],
+ "query": {
+ "language": "kuery",
+ "query": ""
+ },
+ "visualization": {
+ "axisTitlesVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "fittingFunction": "None",
+ "gridlinesVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "labelsOrientation": {
+ "x": 0,
+ "yLeft": 0,
+ "yRight": 0
+ },
+ "layers": [
+ {
+ "accessors": [
+ "e201a210-6e89-4d72-9d9c-a00b036fb0eb"
+ ],
+ "layerId": "ad65be36-0be3-4937-8f41-ec9e48adfce6",
+ "position": "top",
+ "seriesType": "line",
+ "showGridlines": false,
+ "splitAccessor": "2e112c50-5bc4-4c0b-a69b-8c17e0f9fc0a",
+ "xAccessor": "49cd060d-6f21-4d81-ad6b-1c8462c97353"
+ }
+ ],
+ "legend": {
+ "isVisible": true,
+ "position": "right"
+ },
+ "preferredSeriesType": "line",
+ "tickLabelsVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "valueLabels": "hide",
+ "yLeftExtent": {
+ "mode": "full"
+ },
+ "yRightExtent": {
+ "mode": "full"
+ }
+ }
+ },
+ "title": "[Elastic Agent] Events acknowledged rate /s",
+ "visualizationType": "lnsXY"
+ },
+ "coreMigrationVersion": "7.15.0",
+ "id": "elastic_agent-409f5d70-0037-11ec-af6c-1740f74b2d73",
+ "migrationVersion": {
+ "lens": "7.14.0"
+ },
+ "references": [
+ {
+ "id": "metrics-*",
+ "name": "indexpattern-datasource-current-indexpattern",
+ "type": "index-pattern"
+ },
+ {
+ "id": "metrics-*",
+ "name": "indexpattern-datasource-layer-ad65be36-0be3-4937-8f41-ec9e48adfce6",
+ "type": "index-pattern"
+ }
+ ],
+ "type": "lens"
+}
\ No newline at end of file
diff --git a/packages/elastic_agent/kibana/lens/elastic_agent-58677820-0037-11ec-af6c-1740f74b2d73.json b/packages/elastic_agent/kibana/lens/elastic_agent-58677820-0037-11ec-af6c-1740f74b2d73.json
new file mode 100644
index 000000000000..979fa555b353
--- /dev/null
+++ b/packages/elastic_agent/kibana/lens/elastic_agent-58677820-0037-11ec-af6c-1740f74b2d73.json
@@ -0,0 +1,151 @@
+{
+ "attributes": {
+ "description": "Errors in writing the response from the output. (From beat.stats.libbeat.output.write.errors)",
+ "state": {
+ "datasourceStates": {
+ "indexpattern": {
+ "layers": {
+ "ad65be36-0be3-4937-8f41-ec9e48adfce6": {
+ "columnOrder": [
+ "cb2f461c-587a-4f6a-8ad4-e4b0f61c9541",
+ "49cd060d-6f21-4d81-ad6b-1c8462c97353",
+ "e201a210-6e89-4d72-9d9c-a00b036fb0eb",
+ "f5cbe487-2a43-425b-9cd1-40283e5e596c"
+ ],
+ "columns": {
+ "49cd060d-6f21-4d81-ad6b-1c8462c97353": {
+ "dataType": "date",
+ "isBucketed": true,
+ "label": "@timestamp",
+ "operationType": "date_histogram",
+ "params": {
+ "interval": "auto"
+ },
+ "scale": "interval",
+ "sourceField": "@timestamp"
+ },
+ "cb2f461c-587a-4f6a-8ad4-e4b0f61c9541": {
+ "customLabel": true,
+ "dataType": "string",
+ "isBucketed": true,
+ "label": "Beat types",
+ "operationType": "terms",
+ "params": {
+ "missingBucket": false,
+ "orderBy": {
+ "fallback": true,
+ "type": "alphabetical"
+ },
+ "orderDirection": "asc",
+ "otherBucket": true,
+ "size": 10
+ },
+ "scale": "ordinal",
+ "sourceField": "beat.type"
+ },
+ "e201a210-6e89-4d72-9d9c-a00b036fb0eb": {
+ "customLabel": true,
+ "dataType": "number",
+ "filter": {
+ "language": "kuery",
+ "query": "data_stream.dataset : \"elastic_agent.*\" "
+ },
+ "isBucketed": false,
+ "label": "Output Errors",
+ "operationType": "counter_rate",
+ "references": [
+ "f5cbe487-2a43-425b-9cd1-40283e5e596c"
+ ],
+ "scale": "ratio",
+ "timeScale": "s"
+ },
+ "f5cbe487-2a43-425b-9cd1-40283e5e596c": {
+ "dataType": "number",
+ "isBucketed": false,
+ "label": "Maximum of beat.stats.libbeat.output.write.errors",
+ "operationType": "max",
+ "scale": "ratio",
+ "sourceField": "beat.stats.libbeat.output.write.errors"
+ }
+ },
+ "incompleteColumns": {}
+ }
+ }
+ }
+ },
+ "filters": [],
+ "query": {
+ "language": "kuery",
+ "query": ""
+ },
+ "visualization": {
+ "axisTitlesVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "fittingFunction": "None",
+ "gridlinesVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "labelsOrientation": {
+ "x": 0,
+ "yLeft": 0,
+ "yRight": 0
+ },
+ "layers": [
+ {
+ "accessors": [
+ "e201a210-6e89-4d72-9d9c-a00b036fb0eb"
+ ],
+ "layerId": "ad65be36-0be3-4937-8f41-ec9e48adfce6",
+ "position": "top",
+ "seriesType": "line",
+ "showGridlines": false,
+ "splitAccessor": "cb2f461c-587a-4f6a-8ad4-e4b0f61c9541",
+ "xAccessor": "49cd060d-6f21-4d81-ad6b-1c8462c97353"
+ }
+ ],
+ "legend": {
+ "isVisible": true,
+ "position": "right"
+ },
+ "preferredSeriesType": "line",
+ "tickLabelsVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "valueLabels": "hide",
+ "yLeftExtent": {
+ "mode": "full"
+ },
+ "yRightExtent": {
+ "mode": "full"
+ }
+ }
+ },
+ "title": "[Elastic Agent] Output write errors",
+ "visualizationType": "lnsXY"
+ },
+ "coreMigrationVersion": "7.15.0",
+ "id": "elastic_agent-58677820-0037-11ec-af6c-1740f74b2d73",
+ "migrationVersion": {
+ "lens": "7.14.0"
+ },
+ "references": [
+ {
+ "id": "metrics-*",
+ "name": "indexpattern-datasource-current-indexpattern",
+ "type": "index-pattern"
+ },
+ {
+ "id": "metrics-*",
+ "name": "indexpattern-datasource-layer-ad65be36-0be3-4937-8f41-ec9e48adfce6",
+ "type": "index-pattern"
+ }
+ ],
+ "type": "lens"
+}
\ No newline at end of file
diff --git a/packages/elastic_agent/kibana/lens/elastic_agent-6e88c0a0-0037-11ec-af6c-1740f74b2d73.json b/packages/elastic_agent/kibana/lens/elastic_agent-6e88c0a0-0037-11ec-af6c-1740f74b2d73.json
new file mode 100644
index 000000000000..8ede7d978271
--- /dev/null
+++ b/packages/elastic_agent/kibana/lens/elastic_agent-6e88c0a0-0037-11ec-af6c-1740f74b2d73.json
@@ -0,0 +1,158 @@
+{
+ "attributes": {
+ "description": "Bytes written to the output (consists of size of network headers and compressed payload)",
+ "state": {
+ "datasourceStates": {
+ "indexpattern": {
+ "layers": {
+ "47363713-6910-43c5-9f85-328b9ee18f0d": {
+ "columnOrder": [
+ "009f999d-bdb4-4b3f-a031-06d2a7173a57",
+ "754d7a35-095e-4905-ad7d-23d89edaf74f",
+ "c601246c-06f3-4f94-9d2a-a950eb4d499e",
+ "672c59a5-1ad7-4f2b-89a5-cb3920d94e4b"
+ ],
+ "columns": {
+ "009f999d-bdb4-4b3f-a031-06d2a7173a57": {
+ "dataType": "string",
+ "isBucketed": true,
+ "label": "Top values of beat.type",
+ "operationType": "terms",
+ "params": {
+ "missingBucket": false,
+ "orderBy": {
+ "fallback": true,
+ "type": "alphabetical"
+ },
+ "orderDirection": "asc",
+ "otherBucket": true,
+ "size": 10
+ },
+ "scale": "ordinal",
+ "sourceField": "beat.type"
+ },
+ "672c59a5-1ad7-4f2b-89a5-cb3920d94e4b": {
+ "dataType": "number",
+ "isBucketed": false,
+ "label": "Maximum of beat.stats.libbeat.output.write.bytes",
+ "operationType": "max",
+ "scale": "ratio",
+ "sourceField": "beat.stats.libbeat.output.write.bytes"
+ },
+ "754d7a35-095e-4905-ad7d-23d89edaf74f": {
+ "dataType": "date",
+ "isBucketed": true,
+ "label": "@timestamp",
+ "operationType": "date_histogram",
+ "params": {
+ "interval": "auto"
+ },
+ "scale": "interval",
+ "sourceField": "@timestamp"
+ },
+ "c601246c-06f3-4f94-9d2a-a950eb4d499e": {
+ "customLabel": true,
+ "dataType": "number",
+ "filter": {
+ "language": "kuery",
+ "query": "data_stream.dataset : \"elastic_agent.*\" "
+ },
+ "isBucketed": false,
+ "label": "Bytes sent/s",
+ "operationType": "counter_rate",
+ "params": {
+ "format": {
+ "id": "bytes",
+ "params": {
+ "decimals": 2
+ }
+ }
+ },
+ "references": [
+ "672c59a5-1ad7-4f2b-89a5-cb3920d94e4b"
+ ],
+ "scale": "ratio",
+ "timeScale": "s"
+ }
+ },
+ "incompleteColumns": {}
+ }
+ }
+ }
+ },
+ "filters": [],
+ "query": {
+ "language": "kuery",
+ "query": ""
+ },
+ "visualization": {
+ "axisTitlesVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "fittingFunction": "None",
+ "gridlinesVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "labelsOrientation": {
+ "x": 0,
+ "yLeft": 0,
+ "yRight": 0
+ },
+ "layers": [
+ {
+ "accessors": [
+ "c601246c-06f3-4f94-9d2a-a950eb4d499e"
+ ],
+ "layerId": "47363713-6910-43c5-9f85-328b9ee18f0d",
+ "position": "top",
+ "seriesType": "line",
+ "showGridlines": false,
+ "splitAccessor": "009f999d-bdb4-4b3f-a031-06d2a7173a57",
+ "xAccessor": "754d7a35-095e-4905-ad7d-23d89edaf74f"
+ }
+ ],
+ "legend": {
+ "isVisible": true,
+ "position": "right"
+ },
+ "preferredSeriesType": "line",
+ "tickLabelsVisibilitySettings": {
+ "x": true,
+ "yLeft": true,
+ "yRight": true
+ },
+ "valueLabels": "hide",
+ "yLeftExtent": {
+ "mode": "full"
+ },
+ "yRightExtent": {
+ "mode": "full"
+ }
+ }
+ },
+ "title": "[Elastic Agent] Output write throughput",
+ "visualizationType": "lnsXY"
+ },
+ "coreMigrationVersion": "7.15.0",
+ "id": "elastic_agent-6e88c0a0-0037-11ec-af6c-1740f74b2d73",
+ "migrationVersion": {
+ "lens": "7.14.0"
+ },
+ "references": [
+ {
+ "id": "metrics-*",
+ "name": "indexpattern-datasource-current-indexpattern",
+ "type": "index-pattern"
+ },
+ {
+ "id": "metrics-*",
+ "name": "indexpattern-datasource-layer-47363713-6910-43c5-9f85-328b9ee18f0d",
+ "type": "index-pattern"
+ }
+ ],
+ "type": "lens"
+}
\ No newline at end of file
diff --git a/packages/elastic_agent/kibana/visualization/elastic_agent-47d87552-8421-4cfc-bc5d-4a7205f5b007.json b/packages/elastic_agent/kibana/visualization/elastic_agent-47d87552-8421-4cfc-bc5d-4a7205f5b007.json
index a9036a5a031f..b8ea07bbf04d 100644
--- a/packages/elastic_agent/kibana/visualization/elastic_agent-47d87552-8421-4cfc-bc5d-4a7205f5b007.json
+++ b/packages/elastic_agent/kibana/visualization/elastic_agent-47d87552-8421-4cfc-bc5d-4a7205f5b007.json
@@ -1,73 +1,72 @@
{
"attributes": {
- "description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": {
+ "filter": [],
"query": {
- "query": "",
- "language": "kuery"
- },
- "filter": []
+ "language": "kuery",
+ "query": ""
+ }
}
},
"title": "[Elastic Agent] Open Handles",
- "uiStateJSON": "{}",
+ "uiStateJSON": {},
"version": 1,
"visState": {
- "title": "[Elastic Agent] Open Handles",
- "type": "metrics",
"aggs": [],
"params": {
+ "axis_formatter": "number",
+ "axis_position": "left",
+ "axis_scale": "normal",
"id": "61ca57f0-469d-11e7-af02-69e470af7417",
- "type": "timeseries",
+ "index_pattern": "metrics-*",
+ "interval": "",
+ "isModelInvalid": false,
"series": [
{
- "id": "61ca57f1-469d-11e7-af02-69e470af7417",
+ "axis_position": "right",
+ "chart_type": "line",
"color": "#68BC00",
- "split_mode": "terms",
- "split_color_mode": "kibana",
+ "fill": 0.5,
+ "filter": {
+ "language": "kuery",
+ "query": "data_stream.dataset : \"elastic_agent.elastic_agent\" "
+ },
+ "formatter": "number",
+ "id": "61ca57f1-469d-11e7-af02-69e470af7417",
+ "label": "Open Handles",
+ "line_width": 1,
"metrics": [
{
+ "field": "system.process.fd.open",
"id": "61ca57f2-469d-11e7-af02-69e470af7417",
- "type": "max",
- "field": "system.process.fd.open"
+ "type": "max"
}
],
- "separate_axis": 0,
- "axis_position": "right",
- "formatter": "number",
- "chart_type": "line",
- "line_width": 1,
"point_size": 1,
- "fill": 0.5,
+ "separate_axis": 0,
+ "split_color_mode": "kibana",
+ "split_mode": "terms",
"stacked": "stacked",
- "label": "Open Handles",
- "filter": {
- "query": "data_stream.dataset : \"elastic_agent.elastic_agent\" ",
- "language": "kuery"
- },
- "type": "timeseries",
- "terms_field": "elastic_agent.process"
+ "terms_field": "elastic_agent.process",
+ "type": "timeseries"
}
],
- "time_field": "",
- "index_pattern": "metrics-*",
- "interval": "",
- "axis_position": "left",
- "axis_formatter": "number",
- "axis_scale": "normal",
- "show_legend": 1,
"show_grid": 1,
+ "show_legend": 1,
+ "time_field": "",
"tooltip_mode": "show_all",
- "default_index_pattern": "metrics-*",
- "default_timefield": "@timestamp",
- "isModelInvalid": false
- }
+ "type": "timeseries",
+ "use_kibana_indexes": false
+ },
+ "title": "[Elastic Agent] Open Handles",
+ "type": "metrics"
}
},
+ "coreMigrationVersion": "7.15.0",
"id": "elastic_agent-47d87552-8421-4cfc-bc5d-4a7205f5b007",
"migrationVersion": {
- "visualization": "7.10.0"
+ "visualization": "7.14.0"
},
"references": [],
"type": "visualization"
diff --git a/packages/elastic_agent/kibana/visualization/elastic_agent-69219f50-febc-11eb-9a5b-19cc90b68e55.json b/packages/elastic_agent/kibana/visualization/elastic_agent-69219f50-febc-11eb-9a5b-19cc90b68e55.json
new file mode 100644
index 000000000000..a039628252a1
--- /dev/null
+++ b/packages/elastic_agent/kibana/visualization/elastic_agent-69219f50-febc-11eb-9a5b-19cc90b68e55.json
@@ -0,0 +1,121 @@
+{
+ "attributes": {
+ "description": "",
+ "kibanaSavedObjectMeta": {
+ "searchSourceJSON": {
+ "filter": [],
+ "query": {
+ "language": "kuery",
+ "query": ""
+ }
+ }
+ },
+ "title": "[Elastic Agent] Memory usage (copy)",
+ "uiStateJSON": {},
+ "version": 1,
+ "visState": {
+ "aggs": [],
+ "params": {
+ "axis_formatter": "number",
+ "axis_position": "left",
+ "axis_scale": "normal",
+ "drop_last_bucket": 0,
+ "id": "61ca57f0-469d-11e7-af02-69e470af7417",
+ "index_pattern": "metrics-*",
+ "interval": "",
+ "isModelInvalid": false,
+ "series": [
+ {
+ "axis_position": "right",
+ "chart_type": "line",
+ "color": "#68BC00",
+ "fill": "0.5",
+ "filter": {
+ "language": "kuery",
+ "query": "data_stream.dataset : \"elastic_agent.elastic_agent\" "
+ },
+ "formatter": "bytes",
+ "id": "61ca57f1-469d-11e7-af02-69e470af7417",
+ "label": "CGroup Memory usage",
+ "line_width": 1,
+ "metrics": [
+ {
+ "field": "system.process.cgroup.memory.mem.usage.bytes",
+ "id": "61ca57f2-469d-11e7-af02-69e470af7417",
+ "type": "max"
+ }
+ ],
+ "override_index_pattern": 0,
+ "point_size": 1,
+ "separate_axis": 0,
+ "series_index_pattern": "metrics-*",
+ "split_color_mode": "kibana",
+ "split_mode": "terms",
+ "stacked": "stacked",
+ "terms_field": "elastic_agent.process",
+ "type": "timeseries"
+ },
+ {
+ "axis_position": "right",
+ "chart_type": "line",
+ "color": "rgba(211,96,134,1)",
+ "fill": "0",
+ "filter": {
+ "language": "kuery",
+ "query": "data_stream.dataset : \"elastic_agent.elastic_agent\" "
+ },
+ "formatter": "bytes",
+ "id": "0a454d00-febd-11eb-9943-cf1fa8e46928",
+ "label": "Container memory limit",
+ "line_width": 1,
+ "metrics": [
+ {
+ "field": "system.process.cgroup.memory.mem.limit.bytes",
+ "id": "0a454d01-febd-11eb-9943-cf1fa8e46928",
+ "type": "max"
+ },
+ {
+ "id": "53b0dac0-febf-11eb-9943-cf1fa8e46928",
+ "script": "if (params.memory_limit \u003c 999999999999999999L) {\n return params.memory_limit;\n}\n",
+ "type": "calculation",
+ "variables": [
+ {
+ "field": "0a454d01-febd-11eb-9943-cf1fa8e46928",
+ "id": "7426ca80-febf-11eb-9943-cf1fa8e46928",
+ "name": "memory_limit"
+ }
+ ]
+ }
+ ],
+ "palette": {
+ "name": "default",
+ "type": "palette"
+ },
+ "point_size": 1,
+ "separate_axis": 0,
+ "series_index_pattern": "",
+ "split_mode": "everything",
+ "stacked": "none",
+ "type": "timeseries"
+ }
+ ],
+ "show_grid": 1,
+ "show_legend": 1,
+ "time_field": "",
+ "time_range_mode": "entire_time_range",
+ "tooltip_mode": "show_all",
+ "type": "timeseries",
+ "use_kibana_indexes": false
+ },
+ "title": "[Elastic Agent] Memory usage (copy)",
+ "type": "metrics"
+ }
+ },
+ "coreMigrationVersion": "7.15.0",
+ "id": "elastic_agent-69219f50-febc-11eb-9a5b-19cc90b68e55",
+ "migrationVersion": {
+ "visualization": "7.14.0"
+ },
+ "references": [],
+ "type": "visualization"
+}
\ No newline at end of file
diff --git a/packages/elastic_agent/kibana/visualization/elastic_agent-819241d0-0037-11ec-af6c-1740f74b2d73.json b/packages/elastic_agent/kibana/visualization/elastic_agent-819241d0-0037-11ec-af6c-1740f74b2d73.json
new file mode 100644
index 000000000000..e2f0d06337d2
--- /dev/null
+++ b/packages/elastic_agent/kibana/visualization/elastic_agent-819241d0-0037-11ec-af6c-1740f74b2d73.json
@@ -0,0 +1,134 @@
+{
+ "attributes": {
+ "description": "",
+ "kibanaSavedObjectMeta": {
+ "searchSourceJSON": {
+ "filter": [],
+ "query": {
+ "language": "kuery",
+ "query": ""
+ }
+ }
+ },
+ "title": "[Elastic Agent] CGroup CPU Usage",
+ "uiStateJSON": {},
+ "version": 1,
+ "visState": {
+ "aggs": [],
+ "params": {
+ "axis_formatter": "number",
+ "axis_position": "left",
+ "axis_scale": "normal",
+ "drop_last_bucket": 0,
+ "filter": {
+ "language": "kuery",
+ "query": ""
+ },
+ "id": "f0383b91-4a09-4b03-a013-f5938add6bfa",
+ "index_pattern_ref_name": "metrics_0_index_pattern",
+ "interval": "",
+ "isModelInvalid": false,
+ "series": [
+ {
+ "axis_position": "right",
+ "chart_type": "line",
+ "color": "#68BC00",
+ "fill": 0.5,
+ "filter": {
+ "language": "kuery",
+ "query": "data_stream.dataset : \"elastic_agent.elastic_agent\" "
+ },
+ "formatter": "number",
+ "id": "a35c4256-5cee-4b6a-ae21-bdd0f0f6d4a2",
+ "label": "Cgroup CPU usage",
+ "line_width": 1,
+ "metrics": [
+ {
+ "field": "system.process.cgroup.cpuacct.total.ns",
+ "id": "458710e3-e78d-4ebf-b9c7-3b1ca8bfc55a",
+ "type": "max"
+ },
+ {
+ "field": "system.process.cgroup.cpu.cfs.quota.us",
+ "id": "5a08b810-fc31-11eb-9d3e-9d72967e3395",
+ "type": "min"
+ },
+ {
+ "field": "458710e3-e78d-4ebf-b9c7-3b1ca8bfc55a",
+ "id": "391dc9f0-fc32-11eb-9d3e-9d72967e3395",
+ "type": "derivative",
+ "unit": "1s"
+ },
+ {
+ "field": "90f31960-fc31-11eb-9d3e-9d72967e3395",
+ "id": "4661f000-fc32-11eb-9d3e-9d72967e3395",
+ "type": "derivative",
+ "unit": "1s"
+ },
+ {
+ "field": "system.process.cgroup.cpu.stats.periods",
+ "id": "90f31960-fc31-11eb-9d3e-9d72967e3395",
+ "type": "max"
+ },
+ {
+ "id": "5c737680-fc31-11eb-9d3e-9d72967e3395",
+ "script": "\n if (params.deltaUsageDerivNormalizedValue \u003e 0 \u0026\u0026 params.periodsDerivNormalizedValue \u003e0 \u0026\u0026 params.quota \u003e 0) {\n // if throttling is configured\n double factor = params.deltaUsageDerivNormalizedValue / (params.periodsDerivNormalizedValue * params.quota * 1000); \n\n return factor * 100; \n }\n\n return null;",
+ "type": "calculation",
+ "variables": [
+ {
+ "field": "391dc9f0-fc32-11eb-9d3e-9d72967e3395",
+ "id": "60300950-fc31-11eb-9d3e-9d72967e3395",
+ "name": "deltaUsageDerivNormalizedValue"
+ },
+ {
+ "field": "4661f000-fc32-11eb-9d3e-9d72967e3395",
+ "id": "d6060d50-fc31-11eb-9d3e-9d72967e3395",
+ "name": "periodsDerivNormalizedValue"
+ },
+ {
+ "field": "5a08b810-fc31-11eb-9d3e-9d72967e3395",
+ "id": "e3368450-fc31-11eb-9d3e-9d72967e3395",
+ "name": "quota"
+ }
+ ]
+ }
+ ],
+ "palette": {
+ "name": "default",
+ "type": "palette"
+ },
+ "point_size": 1,
+ "separate_axis": 0,
+ "split_mode": "terms",
+ "stacked": "stacked",
+ "terms_field": "elastic_agent.process",
+ "type": "timeseries",
+ "value_template": "{{value}}%"
+ }
+ ],
+ "show_grid": 1,
+ "show_legend": 1,
+ "time_field": "@timestamp",
+ "time_range_mode": "entire_time_range",
+ "tooltip_mode": "show_all",
+ "type": "timeseries",
+ "use_kibana_indexes": true
+ },
+ "title": "[Elastic Agent] CGroup CPU Usage",
+ "type": "metrics"
+ }
+ },
+ "coreMigrationVersion": "7.15.0",
+ "id": "elastic_agent-819241d0-0037-11ec-af6c-1740f74b2d73",
+ "migrationVersion": {
+ "visualization": "7.14.0"
+ },
+ "references": [
+ {
+ "id": "metrics-*",
+ "name": "metrics_0_index_pattern",
+ "type": "index-pattern"
+ }
+ ],
+ "type": "visualization"
+}
\ No newline at end of file
diff --git a/packages/elastic_agent/kibana/visualization/elastic_agent-93a8a11d-b2da-4ef3-81dc-c7040560ffde.json b/packages/elastic_agent/kibana/visualization/elastic_agent-93a8a11d-b2da-4ef3-81dc-c7040560ffde.json
index 98a4cfe9f8f3..ac8c41a7bbec 100644
--- a/packages/elastic_agent/kibana/visualization/elastic_agent-93a8a11d-b2da-4ef3-81dc-c7040560ffde.json
+++ b/packages/elastic_agent/kibana/visualization/elastic_agent-93a8a11d-b2da-4ef3-81dc-c7040560ffde.json
@@ -3,71 +3,71 @@
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": {
+ "filter": [],
"query": {
- "query": "",
- "language": "kuery"
- },
- "filter": []
+ "language": "kuery",
+ "query": ""
+ }
}
},
"title": "[Elastic Agent] Memory usage",
- "uiStateJSON": "{}",
+ "uiStateJSON": {},
"version": 1,
"visState": {
- "title": "[Elastic Agent] Memory usage",
- "type": "metrics",
"aggs": [],
"params": {
+ "axis_formatter": "number",
+ "axis_position": "left",
+ "axis_scale": "normal",
"id": "61ca57f0-469d-11e7-af02-69e470af7417",
- "type": "timeseries",
+ "index_pattern": "metrics-*",
+ "interval": "",
+ "isModelInvalid": false,
"series": [
{
- "id": "61ca57f1-469d-11e7-af02-69e470af7417",
+ "axis_position": "right",
+ "chart_type": "line",
"color": "#68BC00",
- "split_mode": "terms",
- "split_color_mode": "kibana",
+ "fill": "0.5",
+ "filter": {
+ "language": "kuery",
+ "query": "data_stream.dataset : \"elastic_agent.elastic_agent\" "
+ },
+ "formatter": "bytes",
+ "id": "61ca57f1-469d-11e7-af02-69e470af7417",
+ "label": "Memory usage",
+ "line_width": 1,
"metrics": [
{
+ "field": "system.process.memory.size",
"id": "61ca57f2-469d-11e7-af02-69e470af7417",
- "type": "max",
- "field": "system.process.memory.size"
+ "type": "max"
}
],
- "separate_axis": 0,
- "axis_position": "right",
- "formatter": "bytes",
- "chart_type": "line",
- "line_width": 1,
"point_size": 1,
- "fill": "0.5",
+ "separate_axis": 0,
+ "split_color_mode": "kibana",
+ "split_mode": "terms",
"stacked": "stacked",
- "label": "Memory usage",
- "type": "timeseries",
"terms_field": "elastic_agent.process",
- "filter": {
- "query": "data_stream.dataset : \"elastic_agent.elastic_agent\" ",
- "language": "kuery"
- }
+ "type": "timeseries"
}
],
- "time_field": "",
- "index_pattern": "metrics-*",
- "interval": "",
- "axis_position": "left",
- "axis_formatter": "number",
- "axis_scale": "normal",
- "show_legend": 1,
"show_grid": 1,
+ "show_legend": 1,
+ "time_field": "",
"tooltip_mode": "show_all",
- "default_index_pattern": "metrics-*",
- "default_timefield": "@timestamp",
- "isModelInvalid": false
- }
+ "type": "timeseries",
+ "use_kibana_indexes": false
+ },
+ "title": "[Elastic Agent] Memory usage",
+ "type": "metrics"
}
},
+ "coreMigrationVersion": "7.15.0",
"id": "elastic_agent-93a8a11d-b2da-4ef3-81dc-c7040560ffde",
"migrationVersion": {
- "visualization": "7.10.0"
+ "visualization": "7.14.0"
},
"references": [],
"type": "visualization"
diff --git a/packages/elastic_agent/kibana/visualization/elastic_agent-a11c250a-865f-4eb2-9441-882d229313be.json b/packages/elastic_agent/kibana/visualization/elastic_agent-a11c250a-865f-4eb2-9441-882d229313be.json
index b7893a080376..dc3406c99406 100644
--- a/packages/elastic_agent/kibana/visualization/elastic_agent-a11c250a-865f-4eb2-9441-882d229313be.json
+++ b/packages/elastic_agent/kibana/visualization/elastic_agent-a11c250a-865f-4eb2-9441-882d229313be.json
@@ -3,89 +3,91 @@
"description": "",
"kibanaSavedObjectMeta": {
"searchSourceJSON": {
+ "filter": [],
"query": {
- "query": "",
- "language": "kuery"
- },
- "filter": []
+ "language": "kuery",
+ "query": ""
+ }
}
},
"title": "[Elastic Agent] CPU Usage",
- "uiStateJSON": "{}",
+ "uiStateJSON": {},
"version": 1,
"visState": {
- "title": "[Elastic Agent] CPU Usage",
- "type": "metrics",
"aggs": [],
"params": {
+ "axis_formatter": "number",
+ "axis_position": "left",
+ "axis_scale": "normal",
+ "drop_last_bucket": 0,
"id": "61ca57f0-469d-11e7-af02-69e470af7417",
- "type": "timeseries",
+ "index_pattern": "metrics-*",
+ "interval": "",
+ "isModelInvalid": false,
"series": [
{
- "id": "61ca57f1-469d-11e7-af02-69e470af7417",
+ "axis_position": "right",
+ "chart_type": "line",
"color": "#68BC00",
- "split_mode": "terms",
- "split_color_mode": "kibana",
+ "fill": 0.5,
+ "filter": {
+ "language": "kuery",
+ "query": "data_stream.dataset : \"elastic_agent.elastic_agent\" "
+ },
+ "formatter": "percent",
+ "id": "61ca57f1-469d-11e7-af02-69e470af7417",
+ "label": "CPU usage",
+ "line_width": 1,
"metrics": [
{
+ "field": "system.process.cpu.total.value",
"id": "61ca57f2-469d-11e7-af02-69e470af7417",
- "type": "max",
- "field": "system.process.cpu.total.value"
+ "type": "max"
},
{
- "unit": "",
+ "field": "61ca57f2-469d-11e7-af02-69e470af7417",
"id": "42fea6f0-3da7-11eb-a63c-0f13e40aab83",
"type": "derivative",
- "field": "61ca57f2-469d-11e7-af02-69e470af7417"
+ "unit": ""
},
{
"id": "48fd6190-3da7-11eb-a63c-0f13e40aab83",
+ "script": "if (params.cpu_total \u003e 0) {\n return params.cpu_total / params._interval \n}\n\n",
"type": "calculation",
"variables": [
{
+ "field": "42fea6f0-3da7-11eb-a63c-0f13e40aab83",
"id": "4b81c280-3da7-11eb-a63c-0f13e40aab83",
- "name": "cpu_total",
- "field": "42fea6f0-3da7-11eb-a63c-0f13e40aab83"
+ "name": "cpu_total"
}
- ],
- "script": "params.cpu_total / params._interval "
+ ]
}
],
- "separate_axis": 0,
- "axis_position": "right",
- "formatter": "percent",
- "chart_type": "line",
- "line_width": 1,
"point_size": 1,
- "fill": 0.5,
+ "separate_axis": 0,
+ "split_color_mode": "kibana",
+ "split_mode": "terms",
"stacked": "stacked",
- "label": "CPU usage",
- "type": "timeseries",
"terms_field": "elastic_agent.process",
- "filter": {
- "query": "data_stream.dataset : \"elastic_agent.elastic_agent\" ",
- "language": "kuery"
- }
+ "type": "timeseries"
}
],
- "time_field": "@timestamp",
- "index_pattern": "metrics-*",
- "interval": "",
- "axis_position": "left",
- "axis_formatter": "number",
- "axis_scale": "normal",
- "show_legend": 1,
"show_grid": 1,
+ "show_legend": 1,
+ "time_field": "@timestamp",
+ "time_range_mode": "entire_time_range",
"tooltip_mode": "show_all",
- "default_index_pattern": "metrics-*",
- "default_timefield": "@timestamp",
- "isModelInvalid": false
- }
+ "type": "timeseries",
+ "use_kibana_indexes": false
+ },
+ "title": "[Elastic Agent] CPU Usage",
+ "type": "metrics"
}
},
+ "coreMigrationVersion": "7.15.0",
"id": "elastic_agent-a11c250a-865f-4eb2-9441-882d229313be",
"migrationVersion": {
- "visualization": "7.10.0"
+ "visualization": "7.14.0"
},
"references": [],
"type": "visualization"
diff --git a/packages/elastic_agent/manifest.yml b/packages/elastic_agent/manifest.yml
index 78c8345744bf..664ff85f8905 100644
--- a/packages/elastic_agent/manifest.yml
+++ b/packages/elastic_agent/manifest.yml
@@ -1,6 +1,6 @@
name: elastic_agent
title: Elastic Agent
-version: 1.1.1
+version: 1.2.0
release: ga
description: This Elastic integration collects metrics from Elastic Agent
type: integration
@@ -19,5 +19,5 @@ icons:
screenshots:
- src: /img/elastic_agent_metrics.png
title: Elastic Agent metrics
- size: 3360×2132
+ size: 3000x1500
type: image/png