diff --git a/.eslintignore b/.eslintignore index 362b3e42d48e5..577dc2dac86a0 100644 --- a/.eslintignore +++ b/.eslintignore @@ -35,7 +35,7 @@ target /x-pack/legacy/plugins/infra/public/graphql/types.ts /x-pack/legacy/plugins/infra/server/graphql/types.ts /x-pack/legacy/plugins/maps/public/vendor/** - +/x-pack/test/epm_api_integration/apis/fixtures/** # package overrides /packages/eslint-config-kibana /packages/kbn-interpreter/src/common/lib/grammar.js diff --git a/packages/kbn-test/src/functional_test_runner/lib/config/schema.ts b/packages/kbn-test/src/functional_test_runner/lib/config/schema.ts index 2b9d3b0fb92aa..3f4865081b0df 100644 --- a/packages/kbn-test/src/functional_test_runner/lib/config/schema.ts +++ b/packages/kbn-test/src/functional_test_runner/lib/config/schema.ts @@ -61,6 +61,9 @@ const dockerServerSchema = () => portInContainer: Joi.number().required(), waitForLogLine: Joi.alternatives(Joi.object().type(RegExp), Joi.string()).optional(), waitFor: Joi.func().optional(), + args: Joi.array() + .items(Joi.string()) + .optional(), }) .default(); diff --git a/packages/kbn-test/src/functional_test_runner/lib/docker_servers/define_docker_servers_config.ts b/packages/kbn-test/src/functional_test_runner/lib/docker_servers/define_docker_servers_config.ts index aeae36d340db9..c7185c3887582 100644 --- a/packages/kbn-test/src/functional_test_runner/lib/docker_servers/define_docker_servers_config.ts +++ b/packages/kbn-test/src/functional_test_runner/lib/docker_servers/define_docker_servers_config.ts @@ -24,8 +24,10 @@ export interface DockerServerSpec { port: number; image: string; waitForLogLine?: RegExp | string; - /** a function that should return an obeservable that will allow the tests to execute as soon as it emits anything */ + /** a function that should return an observable that will allow the tests to execute as soon as it emits anything */ waitFor?: (server: DockerServer, logLine$: Rx.Observable) => Rx.Observable; + /* additional command line arguments passed to docker run */ + args?: string[]; } export interface DockerServer extends DockerServerSpec { @@ -37,6 +39,6 @@ export interface DockerServer extends DockerServerSpec { * Helper that helps authors use the type definitions for the section of the FTR config * under the `dockerServers` key. */ -export function defineDockerServersConfig(config: { [name: string]: DockerServerSpec }) { +export function defineDockerServersConfig(config: { [name: string]: DockerServerSpec } | {}) { return config; } diff --git a/packages/kbn-test/src/functional_test_runner/lib/docker_servers/docker_servers_service.ts b/packages/kbn-test/src/functional_test_runner/lib/docker_servers/docker_servers_service.ts index e9c5f7e7b3abf..827ef9238ec9a 100644 --- a/packages/kbn-test/src/functional_test_runner/lib/docker_servers/docker_servers_service.ts +++ b/packages/kbn-test/src/functional_test_runner/lib/docker_servers/docker_servers_service.ts @@ -68,16 +68,19 @@ export class DockerServersService { } private async dockerRun(server: DockerServer) { + const { args } = server; try { this.log.info(`[docker:${server.name}] running image "${server.image}"`); - const res = await execa('docker', [ + const dockerArgs = [ 'run', '-dit', + args || [], '-p', `${server.port}:${server.portInContainer}`, server.image, - ]); + ].flat(); + const res = await execa('docker', dockerArgs); return res.stdout.trim(); } catch (error) { @@ -117,8 +120,12 @@ export class DockerServersService { lifecycle.cleanup.add(() => { try { execa.sync('docker', ['kill', containerId]); + execa.sync('docker', ['rm', containerId]); } catch (error) { - if (error.message.includes(`Container ${containerId} is not running`)) { + if ( + error.message.includes(`Container ${containerId} is not running`) || + error.message.includes(`No such container: ${containerId}`) + ) { return; } diff --git a/src/dev/precommit_hook/casing_check_config.js b/src/dev/precommit_hook/casing_check_config.js index 2eee3b2c53bd3..3a5719ab1fdc9 100644 --- a/src/dev/precommit_hook/casing_check_config.js +++ b/src/dev/precommit_hook/casing_check_config.js @@ -60,6 +60,10 @@ export const IGNORE_FILE_GLOBS = [ // filename required by api-extractor 'api-documenter.json', + // test cases come from elastic/package-storage repo, which uses + // nameing conventions from elastic/beats modules + 'x-pack/test/epm_api_integration/apis/fixtures/**', + // TODO fix file names in APM to remove these 'x-pack/plugins/apm/public/**/*', 'x-pack/plugins/apm/scripts/**/*', diff --git a/x-pack/test/epm_api_integration/apis/fixtures/packages/epr/yamlpipeline_1.0.0.tar.gz b/x-pack/test/epm_api_integration/apis/fixtures/packages/epr/yamlpipeline_1.0.0.tar.gz deleted file mode 100644 index ca8695f111d02..0000000000000 Binary files a/x-pack/test/epm_api_integration/apis/fixtures/packages/epr/yamlpipeline_1.0.0.tar.gz and /dev/null differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/packages/package/yamlpipeline_1.0.0 b/x-pack/test/epm_api_integration/apis/fixtures/packages/package/yamlpipeline_1.0.0 deleted file mode 100644 index bf167c583aab3..0000000000000 --- a/x-pack/test/epm_api_integration/apis/fixtures/packages/package/yamlpipeline_1.0.0 +++ /dev/null @@ -1,32 +0,0 @@ -{ - "name": "yamlpipeline", - "title": "Yaml Pipeline package", - "version": "1.0.0", - "description": "This package contains a yaml pipeline.\n", - "type": "integration", - "categories": [ - "logs" - ], - "requirement": { - "kibana": {} - }, - "assets": [ - "/package/yamlpipeline-1.0.0/manifest.yml", - "/package/yamlpipeline-1.0.0/dataset/log/manifest.yml", - "/package/yamlpipeline-1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-entry.yml", - "/package/yamlpipeline-1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-json.yml", - "/package/yamlpipeline-1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-plaintext.yml" - ], - "format_version": "1.0.0", - "datasets": [ - { - "title": "Log Yaml pipeline", - "name": "log", - "release": "", - "type": "logs", - "ingest_pipeline": "" - } - ], - "download": "/epr/yamlpipeline/yamlpipeline-1.0.0.tar.gz", - "path": "/package/yamlpipeline-1.0.0" -} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/docs/README.md b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/docs/README.md new file mode 100644 index 0000000000000..152200ea6db99 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/docs/README.md @@ -0,0 +1,3 @@ +# Base package + +This is installed in the background by EPM to setup the Elastic Stack. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/events-mappings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/events-mappings.json new file mode 100644 index 0000000000000..35488413ae3e3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/events-mappings.json @@ -0,0 +1,148 @@ +{ + "template": { + "mappings": { + "_meta": { + }, + "dynamic_templates": [ + { + "strings_as_keyword": { + "mapping": { + "ignore_above": 1024, + "type": "keyword" + }, + "match_mapping_type": "string" + } + } + ], + "date_detection": false, + "properties": { + "@timestamp": { + "type": "date" + }, + "stream": { + "properties": { + "type": { + "type": "constant_keyword" + }, + "dataset": { + "type": "constant_keyword" + }, + "namespace": { + "type": "constant_keyword" + } + } + }, + "agent": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "ephemeral_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ecs": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "host": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "os": { + "properties": { + "build": { + "ignore_above": 1024, + "type": "keyword" + }, + "kernel": { + "ignore_above": 1024, + "type": "keyword" + }, + "codename": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "family": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + }, + "platform": { + "ignore_above": 1024, + "type": "keyword" + }, + "full": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ip": { + "type": "ip" + }, + "containerized": { + "type": "boolean" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "mac": { + "ignore_above": 1024, + "type": "keyword" + }, + "architecture": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "message": { + "type": "text" + } + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/events-settings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/events-settings.json new file mode 100644 index 0000000000000..3cd594414e2cf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/events-settings.json @@ -0,0 +1,21 @@ +{ + "template": { + "settings": { + "index": { + "lifecycle": { + "name": "events-default" + }, + "codec": "best_compression", + "refresh_interval": "5s", + "number_of_shards": "1", + "query": { + "default_field": [ + "message" + ] + }, + "number_of_routing_shards": "30" + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/logs-mappings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/logs-mappings.json new file mode 100644 index 0000000000000..35488413ae3e3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/logs-mappings.json @@ -0,0 +1,148 @@ +{ + "template": { + "mappings": { + "_meta": { + }, + "dynamic_templates": [ + { + "strings_as_keyword": { + "mapping": { + "ignore_above": 1024, + "type": "keyword" + }, + "match_mapping_type": "string" + } + } + ], + "date_detection": false, + "properties": { + "@timestamp": { + "type": "date" + }, + "stream": { + "properties": { + "type": { + "type": "constant_keyword" + }, + "dataset": { + "type": "constant_keyword" + }, + "namespace": { + "type": "constant_keyword" + } + } + }, + "agent": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "ephemeral_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ecs": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "host": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "os": { + "properties": { + "build": { + "ignore_above": 1024, + "type": "keyword" + }, + "kernel": { + "ignore_above": 1024, + "type": "keyword" + }, + "codename": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "family": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + }, + "platform": { + "ignore_above": 1024, + "type": "keyword" + }, + "full": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ip": { + "type": "ip" + }, + "containerized": { + "type": "boolean" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "mac": { + "ignore_above": 1024, + "type": "keyword" + }, + "architecture": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "message": { + "type": "text" + } + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/logs-settings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/logs-settings.json new file mode 100644 index 0000000000000..eaaa60a9a3b5e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/logs-settings.json @@ -0,0 +1,21 @@ +{ + "template": { + "settings": { + "index": { + "lifecycle": { + "name": "logs-default" + }, + "codec": "best_compression", + "refresh_interval": "5s", + "number_of_shards": "1", + "query": { + "default_field": [ + "message" + ] + }, + "number_of_routing_shards": "30" + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/metrics-mappings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/metrics-mappings.json new file mode 100644 index 0000000000000..29f7d8bd10fa9 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/metrics-mappings.json @@ -0,0 +1,145 @@ +{ + "template": { + "mappings": { + "_meta": { + }, + "dynamic_templates": [ + { + "strings_as_keyword": { + "mapping": { + "ignore_above": 1024, + "type": "keyword" + }, + "match_mapping_type": "string" + } + } + ], + "date_detection": false, + "properties": { + "@timestamp": { + "type": "date" + }, + "stream": { + "properties": { + "type": { + "type": "constant_keyword" + }, + "dataset": { + "type": "constant_keyword" + }, + "namespace": { + "type": "constant_keyword" + } + } + }, + "agent": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "ephemeral_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ecs": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "host": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "os": { + "properties": { + "build": { + "ignore_above": 1024, + "type": "keyword" + }, + "kernel": { + "ignore_above": 1024, + "type": "keyword" + }, + "codename": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "family": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + }, + "platform": { + "ignore_above": 1024, + "type": "keyword" + }, + "full": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ip": { + "type": "ip" + }, + "containerized": { + "type": "boolean" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "mac": { + "ignore_above": 1024, + "type": "keyword" + }, + "architecture": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/metrics-settings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/metrics-settings.json new file mode 100644 index 0000000000000..539f79ed9dd96 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/component-template/metrics-settings.json @@ -0,0 +1,21 @@ +{ + "template": { + "settings": { + "index": { + "lifecycle": { + "name": "metrics-default" + }, + "codec": "best_compression", + "refresh_interval": "5s", + "number_of_shards": "1", + "query": { + "default_field": [ + "message" + ] + }, + "number_of_routing_shards": "30" + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/ilm-policy/events-default.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/ilm-policy/events-default.json new file mode 100644 index 0000000000000..26115b3a31cbf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/ilm-policy/events-default.json @@ -0,0 +1,15 @@ +{ + "policy": { + "phases": { + "hot": { + "min_age": "0ms", + "actions": { + "rollover": { + "max_size": "50gb", + "max_age": "30d" + } + } + } + } + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/ilm-policy/logs-default.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/ilm-policy/logs-default.json new file mode 100644 index 0000000000000..8d8db418e7a4f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/ilm-policy/logs-default.json @@ -0,0 +1,15 @@ +{ + "policy": { + "phases": { + "hot": { + "min_age": "0ms", + "actions": { + "rollover": { + "max_size": "50gb", + "max_age": "30d" + } + } + } + } + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/ilm-policy/metrics-default.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/ilm-policy/metrics-default.json new file mode 100644 index 0000000000000..26115b3a31cbf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/ilm-policy/metrics-default.json @@ -0,0 +1,15 @@ +{ + "policy": { + "phases": { + "hot": { + "min_age": "0ms", + "actions": { + "rollover": { + "max_size": "50gb", + "max_age": "30d" + } + } + } + } + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/index-template/events.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/index-template/events.json new file mode 100644 index 0000000000000..2d0a06c0879ee --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/index-template/events.json @@ -0,0 +1,10 @@ +{ + "index_patterns": [ + "events-*-*" + ], + "priority": 0, + "composed_of": [ + "events-mappings", + "events-settings" + ] +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/index-template/logs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/index-template/logs.json new file mode 100644 index 0000000000000..ac4e5f69a1a99 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/index-template/logs.json @@ -0,0 +1,10 @@ +{ + "index_patterns": [ + "logs-*-*" + ], + "priority": 0, + "composed_of": [ + "logs-mappings", + "logs-settings" + ] +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/index-template/metrics.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/index-template/metrics.json new file mode 100644 index 0000000000000..c07ef16aff49d --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/elasticsearch/index-template/metrics.json @@ -0,0 +1,10 @@ +{ + "index_patterns": [ + "metrics-*-*" + ], + "priority": 0, + "composed_of": [ + "metrics-mappings", + "metrics-settings" + ] +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/manifest.yml new file mode 100644 index 0000000000000..7fc5d09679b72 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.1.0/manifest.yml @@ -0,0 +1,30 @@ +format_version: 1.0.0 + +name: base +title: Base package +description: > + The base package contains assets which are needed for the basic setup of the stack. + + It contains the default ILM policies. +version: 0.1.0 +categories: [] +release: ga + +# The base package cannot be removed +removable: false + +# The user should not see this package and not be able to install it +internal: true + +license: basic +# This is called type integration because it is required for all the integration packages +type: integration + +requirement: + elasticsearch: + # Requires ILM which was released in 6.6. + versions: ">6.6.0" + +# No icons +icons: + diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/docs/README.md b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/docs/README.md new file mode 100644 index 0000000000000..152200ea6db99 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/docs/README.md @@ -0,0 +1,3 @@ +# Base package + +This is installed in the background by EPM to setup the Elastic Stack. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/events-mappings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/events-mappings.json new file mode 100644 index 0000000000000..bf0280cdfcd88 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/events-mappings.json @@ -0,0 +1,149 @@ +{ + "template": { + "mappings": { + "_meta": { + }, + "dynamic_templates": [ + { + "strings_as_keyword": { + "mapping": { + "ignore_above": 1024, + "type": "keyword" + }, + "match_mapping_type": "string" + } + } + ], + "date_detection": false, + "properties": { + "@timestamp": { + "type": "date" + }, + "stream": { + "properties": { + "type": { + "type": "constant_keyword", + "value": "events" + }, + "dataset": { + "type": "constant_keyword" + }, + "namespace": { + "type": "constant_keyword" + } + } + }, + "agent": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "ephemeral_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ecs": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "host": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "os": { + "properties": { + "build": { + "ignore_above": 1024, + "type": "keyword" + }, + "kernel": { + "ignore_above": 1024, + "type": "keyword" + }, + "codename": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "family": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + }, + "platform": { + "ignore_above": 1024, + "type": "keyword" + }, + "full": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ip": { + "type": "ip" + }, + "containerized": { + "type": "boolean" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "mac": { + "ignore_above": 1024, + "type": "keyword" + }, + "architecture": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "message": { + "type": "text" + } + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/events-settings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/events-settings.json new file mode 100644 index 0000000000000..3cd594414e2cf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/events-settings.json @@ -0,0 +1,21 @@ +{ + "template": { + "settings": { + "index": { + "lifecycle": { + "name": "events-default" + }, + "codec": "best_compression", + "refresh_interval": "5s", + "number_of_shards": "1", + "query": { + "default_field": [ + "message" + ] + }, + "number_of_routing_shards": "30" + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/logs-mappings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/logs-mappings.json new file mode 100644 index 0000000000000..4fdfb334fda18 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/logs-mappings.json @@ -0,0 +1,149 @@ +{ + "template": { + "mappings": { + "_meta": { + }, + "dynamic_templates": [ + { + "strings_as_keyword": { + "mapping": { + "ignore_above": 1024, + "type": "keyword" + }, + "match_mapping_type": "string" + } + } + ], + "date_detection": false, + "properties": { + "@timestamp": { + "type": "date" + }, + "stream": { + "properties": { + "type": { + "type": "constant_keyword", + "value": "logs" + }, + "dataset": { + "type": "constant_keyword" + }, + "namespace": { + "type": "constant_keyword" + } + } + }, + "agent": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "ephemeral_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ecs": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "host": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "os": { + "properties": { + "build": { + "ignore_above": 1024, + "type": "keyword" + }, + "kernel": { + "ignore_above": 1024, + "type": "keyword" + }, + "codename": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "family": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + }, + "platform": { + "ignore_above": 1024, + "type": "keyword" + }, + "full": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ip": { + "type": "ip" + }, + "containerized": { + "type": "boolean" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "mac": { + "ignore_above": 1024, + "type": "keyword" + }, + "architecture": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "message": { + "type": "text" + } + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/logs-settings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/logs-settings.json new file mode 100644 index 0000000000000..eaaa60a9a3b5e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/logs-settings.json @@ -0,0 +1,21 @@ +{ + "template": { + "settings": { + "index": { + "lifecycle": { + "name": "logs-default" + }, + "codec": "best_compression", + "refresh_interval": "5s", + "number_of_shards": "1", + "query": { + "default_field": [ + "message" + ] + }, + "number_of_routing_shards": "30" + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/metrics-mappings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/metrics-mappings.json new file mode 100644 index 0000000000000..a5aa0847a15af --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/metrics-mappings.json @@ -0,0 +1,146 @@ +{ + "template": { + "mappings": { + "_meta": { + }, + "dynamic_templates": [ + { + "strings_as_keyword": { + "mapping": { + "ignore_above": 1024, + "type": "keyword" + }, + "match_mapping_type": "string" + } + } + ], + "date_detection": false, + "properties": { + "@timestamp": { + "type": "date" + }, + "stream": { + "properties": { + "type": { + "type": "constant_keyword", + "value": "metrics" + }, + "dataset": { + "type": "constant_keyword" + }, + "namespace": { + "type": "constant_keyword" + } + } + }, + "agent": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "ephemeral_id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ecs": { + "properties": { + "version": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "host": { + "properties": { + "hostname": { + "ignore_above": 1024, + "type": "keyword" + }, + "os": { + "properties": { + "build": { + "ignore_above": 1024, + "type": "keyword" + }, + "kernel": { + "ignore_above": 1024, + "type": "keyword" + }, + "codename": { + "ignore_above": 1024, + "type": "keyword" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "family": { + "ignore_above": 1024, + "type": "keyword" + }, + "version": { + "ignore_above": 1024, + "type": "keyword" + }, + "platform": { + "ignore_above": 1024, + "type": "keyword" + }, + "full": { + "ignore_above": 1024, + "type": "keyword" + } + } + }, + "ip": { + "type": "ip" + }, + "containerized": { + "type": "boolean" + }, + "name": { + "ignore_above": 1024, + "type": "keyword" + }, + "id": { + "ignore_above": 1024, + "type": "keyword" + }, + "type": { + "ignore_above": 1024, + "type": "keyword" + }, + "mac": { + "ignore_above": 1024, + "type": "keyword" + }, + "architecture": { + "ignore_above": 1024, + "type": "keyword" + } + } + } + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/metrics-settings.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/metrics-settings.json new file mode 100644 index 0000000000000..539f79ed9dd96 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/component-template/metrics-settings.json @@ -0,0 +1,21 @@ +{ + "template": { + "settings": { + "index": { + "lifecycle": { + "name": "metrics-default" + }, + "codec": "best_compression", + "refresh_interval": "5s", + "number_of_shards": "1", + "query": { + "default_field": [ + "message" + ] + }, + "number_of_routing_shards": "30" + } + }, + "aliases": {} + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/ilm-policy/events-default.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/ilm-policy/events-default.json new file mode 100644 index 0000000000000..26115b3a31cbf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/ilm-policy/events-default.json @@ -0,0 +1,15 @@ +{ + "policy": { + "phases": { + "hot": { + "min_age": "0ms", + "actions": { + "rollover": { + "max_size": "50gb", + "max_age": "30d" + } + } + } + } + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/ilm-policy/logs-default.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/ilm-policy/logs-default.json new file mode 100644 index 0000000000000..8d8db418e7a4f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/ilm-policy/logs-default.json @@ -0,0 +1,15 @@ +{ + "policy": { + "phases": { + "hot": { + "min_age": "0ms", + "actions": { + "rollover": { + "max_size": "50gb", + "max_age": "30d" + } + } + } + } + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/ilm-policy/metrics-default.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/ilm-policy/metrics-default.json new file mode 100644 index 0000000000000..26115b3a31cbf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/ilm-policy/metrics-default.json @@ -0,0 +1,15 @@ +{ + "policy": { + "phases": { + "hot": { + "min_age": "0ms", + "actions": { + "rollover": { + "max_size": "50gb", + "max_age": "30d" + } + } + } + } + } +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/index-template/events.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/index-template/events.json new file mode 100644 index 0000000000000..34f8478216124 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/index-template/events.json @@ -0,0 +1,13 @@ +{ + "index_patterns": [ + "events-*-*" + ], + "priority": 0, + "data_stream": { + "timestamp_field": "@timestamp" + }, + "composed_of": [ + "events-mappings", + "events-settings" + ] +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/index-template/logs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/index-template/logs.json new file mode 100644 index 0000000000000..a43d680b9b866 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/index-template/logs.json @@ -0,0 +1,13 @@ +{ + "index_patterns": [ + "logs-*-*" + ], + "priority": 0, + "data_stream": { + "timestamp_field": "@timestamp" + }, + "composed_of": [ + "logs-mappings", + "logs-settings" + ] +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/index-template/metrics.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/index-template/metrics.json new file mode 100644 index 0000000000000..7f2860fa76c2c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/elasticsearch/index-template/metrics.json @@ -0,0 +1,13 @@ +{ + "index_patterns": [ + "metrics-*-*" + ], + "priority": 0, + "data_stream": { + "timestamp_field": "@timestamp" + }, + "composed_of": [ + "metrics-mappings", + "metrics-settings" + ] +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/manifest.yml new file mode 100644 index 0000000000000..d3c538eb37a1d --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/base/0.2.0/manifest.yml @@ -0,0 +1,30 @@ +format_version: 1.0.0 + +name: base +title: Base package +description: > + The base package contains assets which are needed for the basic setup of the stack. + + It contains the default ILM policies. +version: 0.2.0 +categories: [] +release: ga + +# The base package cannot be removed +removable: false + +# The user should not see this package and not be able to install it +internal: true + +license: basic +# This is called type integration because it is required for all the integration packages +type: integration + +requirement: + elasticsearch: + # Requires ILM which was released in 6.6. + versions: ">6.6.0" + +# No icons +icons: + diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..364aa85f53ee1 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/agent/stream/stream.yml.hbs @@ -0,0 +1,12 @@ +paths: +{{#each paths}} + - {{this}} +{{/each}} +exclude_files: [".gz$"] +multiline: + # Consider lines without timestamp part of the previous message + pattern: '^([0-9]{4}-[0-9]{2}-[0-9]{2}|[0-9]{6})' + negate: true + match: after +processors: +- add_locale: ~ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/elasticsearch/ingest-pipeline/default.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/elasticsearch/ingest-pipeline/default.yml new file mode 100644 index 0000000000000..9362ef4c089c2 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/elasticsearch/ingest-pipeline/default.yml @@ -0,0 +1,71 @@ +--- +description: Pipeline for parsing MySQL error logs +processors: +- grok: + field: message + patterns: + - '%{MYSQLDATETIME}%{SPACE}(%{NUMBER:mysql.thread_id:long}%{SPACE})?(\[%{DATA:log.level}\]%{SPACE})?%{GREEDYMULTILINE:message}' + - '%{GREEDYDATA:message}' + ignore_missing: true + pattern_definitions: + LOCALDATETIME: (?:%{YEAR}-%{MONTHNUM}-%{MONTHDAY}|%{NUMBER})%{SPACE}%{TIME} + MYSQLDATETIME: (?:%{LOCALDATETIME:_tmp.local_timestamp}|%{TIMESTAMP_ISO8601:_tmp.timestamp}) + GREEDYMULTILINE: |- + (.| + )+ +- grok: + field: message + patterns: + - '(\[%{DATA:event.code}\])%{SPACE}(\[%{DATA:event.provider}\])%{SPACE}%{GREEDYMULTILINE}' + - '%{GREEDYDATA}' + ignore_missing: true + ignore_failure: true + pattern_definitions: + GREEDYMULTILINE: |- + (.| + )+ +- rename: + field: '@timestamp' + target_field: event.created +- date: + if: ctx._tmp?.local_timestamp != null && ctx.event?.timezone == null + field: _tmp.local_timestamp + formats: + - yyMMdd H:m:s + - yyMMdd H:m:s + - yyyy-MM-dd H:m:s + - yyyy-MM-dd H:m:s +- date: + if: ctx._tmp?.local_timestamp != null && ctx.event?.timezone != null + field: _tmp.local_timestamp + timezone: '{{ event.timezone }}' + formats: + - yyMMdd H:m:s + - yyMMdd H:m:s + - yyyy-MM-dd H:m:s + - yyyy-MM-dd H:m:s +- date: + if: ctx._tmp?.timestamp != null + field: _tmp.timestamp + formats: + - ISO8601 +- remove: + field: _tmp + ignore_missing: true +- set: + field: event.kind + value: event +- append: + field: event.category + value: database +- append: + field: event.type + value: info +- append: + field: event.type + value: error + if: "ctx?.log?.level != null && ctx.log.level.toLowerCase() == 'error'" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/ecs.yml new file mode 100644 index 0000000000000..42840dcb48820 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/ecs.yml @@ -0,0 +1,20 @@ +- name: message + level: core + type: text + description: |- + For log events the message field contains the log message, optimized for viewing in a log viewer. + For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. + If multiple messages exist, they can be combined into one message. +- name: log + title: Log + group: 2 + type: group + fields: + - name: level + level: core + type: keyword + description: |- + Original log level of the log event. + If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). + Some examples are `warn`, `err`, `i`, `informational`. + ignore_above: 1024 diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/fields.yml new file mode 100644 index 0000000000000..6f5883d4d12a4 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/fields.yml @@ -0,0 +1,23 @@ +- name: mysql.error + type: group +- name: event.code + type: keyword + description: Identification code for this event +- name: event.provider + type: keyword + description: Source of the event (e.g. Server) +- name: event.created + type: date + description: Date/time when the event was first read by an agent, or by your pipeline. +- name: event.timezone + type: keyword + description: Time zone information +- name: event.kind + type: keyword + description: Event kind (e.g. event) +- name: event.category + type: keyword + description: Event category (e.g. database) +- name: event.type + type: keyword + description: Event severity (e.g. info, error) diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/package-fields.yml new file mode 100644 index 0000000000000..a35a72d6dd7f3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/fields/package-fields.yml @@ -0,0 +1,7 @@ +- name: mysql + type: group + fields: + - name: thread_id + type: long + description: | + The connection or thread ID for the query. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/manifest.yml new file mode 100644 index 0000000000000..573ebb5975053 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/error/manifest.yml @@ -0,0 +1,23 @@ +title: MySQL error logs +type: logs +release: beta +streams: +- input: logs + vars: + - name: paths + type: text + title: Error log paths + multi: true + required: true + show_user: true + default: + - /var/log/mysql/error.log* + - /var/log/mysqld.log* + os.darwin: + default: + - /usr/local/var/mysql/localhost.localdomain.err* + os.windows: + default: + - c:/programdata/MySQL/MySQL Server*/error.log* + title: MySQL error logs + description: Collect MySQL error logs diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..cd1e5c57c2c9a --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/agent/stream/stream.yml.hbs @@ -0,0 +1,15 @@ +metricsets: ["galera_status"] +hosts: +{{#each hosts}} + - {{this}} +{{/each}} +{{#if password}} +password: {{password}} +{{/if}} +period: {{period}} +{{#if raw}} +raw: {{raw}} +{{/if}} +{{#if username}} +username: {{username}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/fields/fields.yml new file mode 100644 index 0000000000000..56458b40882b3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/fields/fields.yml @@ -0,0 +1,201 @@ +- name: mysql.galera_status + type: group + release: beta + fields: + - name: apply + type: group + fields: + - name: oooe + type: double + description: | + How often applier started write-set applying out-of-order (parallelization efficiency). + - name: oool + type: double + description: | + How often write-set was so slow to apply that write-set with higher seqno's were applied earlier. Values closer to 0 refer to a greater gap between slow and fast write-sets. + - name: window + type: double + description: | + Average distance between highest and lowest concurrently applied seqno. + - name: cert + type: group + fields: + - name: deps_distance + type: double + description: | + Average distance between highest and lowest seqno value that can be possibly applied in parallel (potential degree of parallelization). + - name: index_size + type: long + description: | + The number of entries in the certification index. + - name: interval + type: double + description: | + Average number of transactions received while a transaction replicates. + - name: cluster + type: group + fields: + - name: conf_id + type: long + description: | + Total number of cluster membership changes happened. + - name: size + type: long + description: | + Current number of members in the cluster. + - name: status + type: keyword + description: | + Status of this cluster component. That is, whether the node is part of a PRIMARY or NON_PRIMARY component. + - name: commit + type: group + fields: + - name: oooe + type: double + description: | + How often a transaction was committed out of order. + - name: window + type: long + description: | + Average distance between highest and lowest concurrently committed seqno. + - name: connected + type: keyword + description: | + If the value is OFF, the node has not yet connected to any of the cluster components. This may be due to misconfiguration. Check the error log for proper diagnostics. + - name: evs + type: group + fields: + - name: evict + type: keyword + description: | + Lists the UUID's of all nodes evicted from the cluster. Evicted nodes cannot rejoin the cluster until you restart their mysqld processes. + - name: state + type: keyword + description: | + Shows the internal state of the EVS Protocol. + - name: flow_ctl + type: group + fields: + - name: paused + type: double + description: | + The fraction of time since the last FLUSH STATUS command that replication was paused due to flow control. In other words, how much the slave lag is slowing down the cluster. + - name: paused_ns + type: long + description: | + The total time spent in a paused state measured in nanoseconds. + - name: recv + type: long + description: | + Returns the number of FC_PAUSE events the node has received, including those the node has sent. Unlike most status variables, the counter for this one does not reset every time you run the query. + - name: sent + type: long + description: | + Returns the number of FC_PAUSE events the node has sent. Unlike most status variables, the counter for this one does not reset every time you run the query. + - name: last_committed + type: long + description: | + The sequence number, or seqno, of the last committed transaction. + - name: local + type: group + fields: + - name: bf_aborts + type: long + description: | + Total number of local transactions that were aborted by slave transactions while in execution. + - name: cert_failures + type: long + description: | + Total number of local transactions that failed certification test. + - name: commits + type: long + description: | + Total number of local transactions committed. + - name: recv + type: group + fields: + - name: queue + type: long + description: | + Current (instantaneous) length of the recv queue. + - name: queue_avg + type: double + description: | + Recv queue length averaged over interval since the last FLUSH STATUS command. Values considerably larger than 0.0 mean that the node cannot apply write-sets as fast as they are received and will generate a lot of replication throttling. + - name: queue_max + type: long + description: | + The maximum length of the recv queue since the last FLUSH STATUS command. + - name: queue_min + type: long + description: | + The minimum length of the recv queue since the last FLUSH STATUS command. + - name: replays + type: long + description: | + Total number of transaction replays due to asymmetric lock granularity. + - name: send + type: group + fields: + - name: queue + type: long + description: | + Current (instantaneous) length of the send queue. + - name: queue_avg + type: double + description: | + Send queue length averaged over time since the last FLUSH STATUS command. Values considerably larger than 0.0 indicate replication throttling or network throughput issue. + - name: queue_max + type: long + description: | + The maximum length of the send queue since the last FLUSH STATUS command. + - name: queue_min + type: long + description: | + The minimum length of the send queue since the last FLUSH STATUS command. + - name: state + type: keyword + description: | + Internal Galera Cluster FSM state number. + - name: ready + type: keyword + description: | + Whether the server is ready to accept queries. + - name: received + type: group + fields: + - name: count + type: long + description: | + Total number of write-sets received from other nodes. + - name: bytes + type: long + description: | + Total size of write-sets received from other nodes. + - name: repl + type: group + fields: + - name: data_bytes + type: long + description: | + Total size of data replicated. + - name: keys + type: long + description: | + Total number of keys replicated. + - name: keys_bytes + type: long + description: | + Total size of keys replicated. + - name: other_bytes + type: long + description: | + Total size of other bits replicated. + - name: count + type: long + description: | + Total number of write-sets replicated (sent to other nodes). + - name: bytes + type: long + description: | + Total size of write-sets replicated. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/fields/package-fields.yml new file mode 100644 index 0000000000000..57436911ee58b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: mysql + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/manifest.yml new file mode 100644 index 0000000000000..6829901e7a94f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/galera_status/manifest.yml @@ -0,0 +1,22 @@ +title: MySQL galera_status metrics +type: metrics +release: beta +streams: +- input: mysql/metrics + enabled: false + vars: + - name: period + type: text + title: Period + required: true + show_user: true + default: 10s + - name: raw + type: bool + title: Raw + description: > + When enabled, in addition to the existing data structure, all fields available from the mysql service through + "SHOW /*!50002 GLOBAL */ STATUS;" will be added to the event. + default: false + title: MySQL galera_status metrics + description: Collect MySQL galera_status metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..ac9eba50f6952 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/agent/stream/stream.yml.hbs @@ -0,0 +1,10 @@ +paths: +{{#each paths}} + - {{this}} +{{/each}} +exclude_files: ['.gz$'] +multiline: + pattern: '^(# User@Host: |# Time: )' + negate: true + match: after +exclude_lines: ['^[\/\w\.]+, Version: .* started with:.*', '^# Time:.*'] # Exclude the header and time diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/elasticsearch/ingest-pipeline/default.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/elasticsearch/ingest-pipeline/default.json new file mode 100644 index 0000000000000..93ce577a3304d --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/elasticsearch/ingest-pipeline/default.json @@ -0,0 +1,86 @@ +{ + "description": "Pipeline for parsing MySQL slow logs.", + "processors": [{ + "grok": { + "field": "message", + "patterns":[ + "^# User@Host: %{USER:user.name}(\\[%{USER:mysql.slowlog.current_user}\\])? @ %{HOSTNAME:source.domain}? \\[%{IP:source.ip}?\\]%{METRICSPACE}(Id:%{SPACE}%{NUMBER:mysql.thread_id:long}%{METRICSPACE})?(Thread_id:%{SPACE}%{NUMBER:mysql.thread_id}%{METRICSPACE})?(Schema:%{SPACE}%{WORD:mysql.slowlog.schema}?%{METRICSPACE})?(Last_errno: %{NUMBER:mysql.slowlog.last_errno:long}%{METRICSPACE})?(Killed: %{NUMBER:mysql.slowlog.killed:long}%{METRICSPACE})?(QC_hit: %{WORD:mysql.slowlog.query_cache_hit}%{METRICSPACE})?(Query_time: %{NUMBER:temp.duration:float}%{METRICSPACE})?(Lock_time: %{NUMBER:mysql.slowlog.lock_time.sec:float}%{METRICSPACE})?(Rows_sent: %{NUMBER:mysql.slowlog.rows_sent:long}%{METRICSPACE})?(Rows_examined: %{NUMBER:mysql.slowlog.rows_examined:long}%{METRICSPACE})?(Rows_affected: %{NUMBER:mysql.slowlog.rows_affected:long}%{METRICSPACE})?(Thread_id: %{NUMBER:mysql.thread_id}%{METRICSPACE})?(Errno: %{NUMBER:mysql.slowlog.last_errno:long}%{METRICSPACE})?(Killed: %{NUMBER:mysql.slowlog.killed:long}%{METRICSPACE})?(Bytes_received: %{NUMBER:mysql.slowlog.bytes_received:long}%{METRICSPACE})?(Bytes_sent: %{NUMBER:mysql.slowlog.bytes_sent:long}%{METRICSPACE})?(Read_first: %{NUMBER:mysql.slowlog.read_first:long}%{METRICSPACE})?(Read_last: %{NUMBER:mysql.slowlog.read_last:long}%{METRICSPACE})?(Read_key: %{NUMBER:mysql.slowlog.read_key:long}%{METRICSPACE})?(Read_next: %{NUMBER:mysql.slowlog.read_next:long}%{METRICSPACE})?(Read_prev: %{NUMBER:mysql.slowlog.read_prev:long}%{METRICSPACE})?(Read_rnd: %{NUMBER:mysql.slowlog.read_rnd:long}%{METRICSPACE})?(Read_rnd_next: %{NUMBER:mysql.slowlog.read_rnd_next:long}%{METRICSPACE})?(Sort_merge_passes: %{NUMBER:mysql.slowlog.sort_merge_passes:long}%{METRICSPACE})?(Sort_range_count: %{NUMBER:mysql.slowlog.sort_range_count:long}%{METRICSPACE})?(Sort_rows: %{NUMBER:mysql.slowlog.sort_rows:long}%{METRICSPACE})?(Sort_scan_count: %{NUMBER:mysql.slowlog.sort_scan_count:long}%{METRICSPACE})?(Created_tmp_disk_tables: %{NUMBER:mysql.slowlog.tmp_disk_tables:long}%{METRICSPACE})?(Created_tmp_tables: %{NUMBER:mysql.slowlog.tmp_tables:long}%{METRICSPACE})?(Tmp_tables: %{NUMBER:mysql.slowlog.tmp_tables:long}%{METRICSPACE})?(Tmp_disk_tables: %{NUMBER:mysql.slowlog.tmp_disk_tables}%{METRICSPACE})?(Tmp_table_sizes: %{NUMBER:mysql.slowlog.tmp_table_sizes:long}%{METRICSPACE})?(Start: %{TIMESTAMP_ISO8601:event.start}%{METRICSPACE})?(End: %{TIMESTAMP_ISO8601:event.end}%{METRICSPACE})?(InnoDB_trx_id: %{WORD:mysql.slowlog.innodb.trx_id}%{METRICSPACE})?(QC_Hit: %{WORD:mysql.slowlog.query_cache_hit}%{METRICSPACE})?(Full_scan: %{WORD:mysql.slowlog.full_scan}%{METRICSPACE})?(Full_join: %{WORD:mysql.slowlog.full_join}%{METRICSPACE})?(Tmp_table: %{WORD:mysql.slowlog.tmp_table}%{METRICSPACE})?(Tmp_table_on_disk: %{WORD:mysql.slowlog.tmp_table_on_disk}%{METRICSPACE})?(Filesort: %{WORD:mysql.slowlog.filesort}%{METRICSPACE})?(Filesort_on_disk: %{WORD:mysql.slowlog.filesort_on_disk}%{METRICSPACE})?(Merge_passes: %{NUMBER:mysql.slowlog.merge_passes:long}%{METRICSPACE})?(Priority_queue: %{WORD:mysql.slowlog.priority_queue}%{METRICSPACE})?(No InnoDB statistics available for this query%{METRICSPACE})?(InnoDB_IO_r_ops: %{NUMBER:mysql.slowlog.innodb.io_r_ops:long}%{METRICSPACE})?(InnoDB_IO_r_bytes: %{NUMBER:mysql.slowlog.innodb.io_r_bytes:long}%{METRICSPACE})?(InnoDB_IO_r_wait: %{NUMBER:mysql.slowlog.innodb.io_r_wait.sec:float}%{METRICSPACE})?(InnoDB_rec_lock_wait: %{NUMBER:mysql.slowlog.innodb.rec_lock_wait.sec:float}%{METRICSPACE})?(InnoDB_queue_wait: %{NUMBER:mysql.slowlog.innodb.queue_wait.sec:float}%{METRICSPACE})?(InnoDB_pages_distinct: %{NUMBER:mysql.slowlog.innodb.pages_distinct:long}%{METRICSPACE})?(Log_slow_rate_type: %{WORD:mysql.slowlog.log_slow_rate_type}%{METRICSPACE})?(Log_slow_rate_limit: %{NUMBER:mysql.slowlog.log_slow_rate_limit:long}%{METRICSPACE})?%{EXPLAIN}(use %{WORD:mysql.slowlog.schema};\n)?SET timestamp=%{NUMBER:mysql.slowlog.timestamp:long};\n%{GREEDYMULTILINE:mysql.slowlog.query}" + ], + "pattern_definitions" : { + "GREEDYMULTILINE": "(.|\n)*", + "METRICSPACE": "([ #\n]*)", + "EXPLAIN": "(# explain:.*\n|#\\s*\n)*" + }, + "ignore_missing": true + } + }, { + "remove":{ + "field": "message" + } + }, { + "script": { + "lang": "painless", + "source": "for (field in params.fields) { def v = ctx.mysql.slowlog.get(field); if (v != null) { ctx.mysql.slowlog.put(field, params.mapping.get(v)) } }", + "params": { + "mapping": { + "Yes": true, + "No": false + }, + "fields": [ + "query_cache_hit", + "tmp_table", + "tmp_table_on_disk", + "filesort", + "filesort_on_disk", + "priority_queue", + "full_scan", + "full_join" + ] + } + } + }, { + "script": { + "lang": "painless", + "source": "ctx.event.duration = Math.round(ctx.temp.duration * 1000000) * 1000", + "if": "ctx.temp?.duration != null" + } + }, { + "remove": { + "field": "temp.duration", + "ignore_missing": true + } + }, { + "date": { + "field": "mysql.slowlog.timestamp", + "target_field": "@timestamp", + "formats": ["UNIX"], + "ignore_failure": true + } + }, { + "remove":{ + "field": "mysql.slowlog.timestamp", + "ignore_missing": true + } + }, { + "set":{ + "field": "event.kind", + "value": "event" + } + }, { + "append":{ + "field": "event.category", + "value": "database" + } + }, { + "append":{ + "field": "event.type", + "value": "info" + } + }], + "on_failure" : [{ + "set" : { + "field" : "error.message", + "value" : "{{ _ingest.on_failure_message }}" + } + }] +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/ecs.yml new file mode 100644 index 0000000000000..ba864aa07fb41 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/ecs.yml @@ -0,0 +1,29 @@ +- name: source + title: Source + group: 2 + type: group + fields: + - name: domain + level: core + type: keyword + description: Source domain. + ignore_above: 1024 + - name: ip + level: core + type: ip + description: IP address of the source (IPv4 or IPv6). +- name: user + title: User + group: 2 + type: group + fields: + - name: name + level: core + type: keyword + description: Short name or login of the user. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/fields.yml new file mode 100644 index 0000000000000..681c9d98d9343 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/fields.yml @@ -0,0 +1,180 @@ +- name: mysql.slowlog + type: group + fields: + - name: lock_time.sec + type: float + description: | + The amount of time the query waited for the lock to be available. The value is in seconds, as a floating point number. + - name: rows_sent + type: long + description: | + The number of rows returned by the query. + - name: rows_examined + type: long + description: | + The number of rows scanned by the query. + - name: rows_affected + type: long + description: | + The number of rows modified by the query. + - name: bytes_sent + type: long + format: bytes + description: | + The number of bytes sent to client. + - name: bytes_received + type: long + format: bytes + description: | + The number of bytes received from client. + - name: query + type: keyword + description: | + The slow query. + - name: schema + type: keyword + description: | + The schema where the slow query was executed. + - name: current_user + type: keyword + description: | + Current authenticated user, used to determine access privileges. Can differ from the value for user. + - name: last_errno + type: keyword + description: | + Last SQL error seen. + - name: killed + type: keyword + description: | + Code of the reason if the query was killed. + - name: query_cache_hit + type: boolean + description: | + Whether the query cache was hit. + - name: tmp_table + type: boolean + description: | + Whether a temporary table was used to resolve the query. + - name: tmp_table_on_disk + type: boolean + description: | + Whether the query needed temporary tables on disk. + - name: tmp_tables + type: long + description: | + Number of temporary tables created for this query + - name: tmp_disk_tables + type: long + description: | + Number of temporary tables created on disk for this query. + - name: tmp_table_sizes + type: long + format: bytes + description: Size of temporary tables created for this query. + - name: filesort + type: boolean + description: | + Whether filesort optimization was used. + - name: filesort_on_disk + type: boolean + description: | + Whether filesort optimization was used and it needed temporary tables on disk. + - name: priority_queue + type: boolean + description: | + Whether a priority queue was used for filesort. + - name: full_scan + type: boolean + description: | + Whether a full table scan was needed for the slow query. + - name: full_join + type: boolean + description: | + Whether a full join was needed for the slow query (no indexes were used for joins). + - name: merge_passes + type: long + description: | + Number of merge passes executed for the query. + - name: sort_merge_passes + type: long + description: | + Number of merge passes that the sort algorithm has had to do. + - name: sort_range_count + type: long + description: "Number of sorts that were done using ranges. \n" + - name: sort_rows + type: long + description: | + Number of sorted rows. + - name: sort_scan_count + type: long + description: | + Number of sorts that were done by scanning the table. + - name: log_slow_rate_type + type: keyword + description: | + Type of slow log rate limit, it can be `session` if the rate limit is applied per session, or `query` if it applies per query. + - name: log_slow_rate_limit + type: keyword + description: | + Slow log rate limit, a value of 100 means that one in a hundred queries or sessions are being logged. + - name: read_first + type: long + description: | + The number of times the first entry in an index was read. + - name: read_last + type: long + description: | + The number of times the last key in an index was read. + - name: read_key + type: long + description: | + The number of requests to read a row based on a key. + - name: read_next + type: long + description: | + The number of requests to read the next row in key order. + - name: read_prev + type: long + description: | + The number of requests to read the previous row in key order. + - name: read_rnd + type: long + description: "The number of requests to read a row based on a fixed position. + \n" + - name: read_rnd_next + type: long + description: | + The number of requests to read the next row in the data file. + - name: innodb + type: group + fields: + - name: trx_id + type: keyword + description: | + Transaction ID + - name: io_r_ops + type: long + description: | + Number of page read operations. + - name: io_r_bytes + type: long + format: bytes + description: | + Bytes read during page read operations. + - name: io_r_wait.sec + type: long + description: | + How long it took to read all needed data from storage. + - name: rec_lock_wait.sec + type: long + description: | + How long the query waited for locks. + - name: queue_wait.sec + type: long + description: | + How long the query waited to enter the InnoDB queue and to be executed once in the queue. + - name: pages_distinct + type: long + description: | + Approximated count of pages accessed to execute the query. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/package-fields.yml new file mode 100644 index 0000000000000..a35a72d6dd7f3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/fields/package-fields.yml @@ -0,0 +1,7 @@ +- name: mysql + type: group + fields: + - name: thread_id + type: long + description: | + The connection or thread ID for the query. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/manifest.yml new file mode 100644 index 0000000000000..b0ef940e3ecfd --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/slowlog/manifest.yml @@ -0,0 +1,22 @@ +title: MySQL slowlog logs +type: logs +release: beta +streams: +- input: logs + vars: + - name: paths + type: text + title: Slowlog paths + multi: true + required: true + show_user: true + default: + - /var/log/mysql/mysql-slow.log* + os.darwin: + default: + - /usr/local/var/mysql/localhost-slow.log* + os.windows: + default: + - c:/programdata/MySQL/MySQL Server*/mysql-slow.log* + title: MySQL slowlog logs + description: Collect MySQL slowlog logs diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..8cb5142b3d30d --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/agent/stream/stream.yml.hbs @@ -0,0 +1,15 @@ +metricsets: ["status"] +hosts: +{{#each hosts}} + - {{this}} +{{/each}} +{{#if password}} +password: {{password}} +{{/if}} +period: {{period}} +{{#if raw}} +raw: {{raw}} +{{/if}} +{{#if username}} +username: {{username}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/fields/fields.yml new file mode 100644 index 0000000000000..901a3728b252e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/fields/fields.yml @@ -0,0 +1,282 @@ +- name: mysql.status + type: group + release: ga + fields: + - name: aborted + type: group + fields: + - name: clients + type: long + description: | + The number of connections that were aborted because the client died without closing the connection properly. + - name: connects + type: long + description: | + The number of failed attempts to connect to the MySQL server. + - name: binlog + type: group + fields: + - name: cache.disk_use + type: long + - name: cache.use + type: long + - name: bytes + type: group + fields: + - name: received + type: long + format: bytes + description: | + The number of bytes received from all clients. + - name: sent + type: long + format: bytes + description: | + The number of bytes sent to all clients. + - name: threads + type: group + fields: + - name: cached + type: long + description: | + The number of cached threads. + - name: created + type: long + description: | + The number of created threads. + - name: connected + type: long + description: | + The number of connected threads. + - name: running + type: long + description: | + The number of running threads. + - name: connections + type: long + - name: created + type: group + fields: + - name: tmp.disk_tables + type: long + - name: tmp.files + type: long + - name: tmp.tables + type: long + - name: delayed + type: group + fields: + - name: errors + type: long + - name: insert_threads + type: long + - name: writes + type: long + - name: flush_commands + type: long + - name: max_used_connections + type: long + - name: open + type: group + fields: + - name: files + type: long + - name: streams + type: long + - name: tables + type: long + - name: opened_tables + type: long + - name: command + type: group + fields: + - name: delete + type: long + description: | + The number of DELETE queries since startup. + - name: insert + type: long + description: | + The number of INSERT queries since startup. + - name: select + type: long + description: | + The number of SELECT queries since startup. + - name: update + type: long + description: | + The number of UPDATE queries since startup. + - name: queries + type: long + description: | + The number of statements executed by the server. This variable includes statements executed within stored programs, unlike the Questions variable. It does not count COM_PING or COM_STATISTICS commands. + - name: questions + type: long + description: | + The number of statements executed by the server. This includes only statements sent to the server by clients and not statements executed within stored programs, unlike the Queries variable. This variable does not count COM_PING, COM_STATISTICS, COM_STMT_PREPARE, COM_STMT_CLOSE, or COM_STMT_RESET commands. + - name: handler + type: group + fields: + - name: commit + type: long + description: | + The number of internal COMMIT statements. + - name: delete + type: long + description: | + The number of times that rows have been deleted from tables. + - name: external_lock + type: long + description: | + The server increments this variable for each call to its external_lock() function, which generally occurs at the beginning and end of access to a table instance. + - name: mrr_init + type: long + description: | + The number of times the server uses a storage engine's own Multi-Range Read implementation for table access. + - name: prepare + type: long + description: | + A counter for the prepare phase of two-phase commit operations. + - name: read + type: group + fields: + - name: first + type: long + description: | + The number of times the first entry in an index was read. + - name: key + type: long + description: | + The number of requests to read a row based on a key. + - name: last + type: long + description: "The number of requests to read the last key in an index. \n" + - name: next + type: long + description: | + The number of requests to read the next row in key order. + - name: prev + type: long + description: | + The number of requests to read the previous row in key order. + - name: rnd + type: long + description: "The number of requests to read a row based on a fixed position. + \n" + - name: rnd_next + type: long + description: "The number of requests to read the next row in the data file. + \n" + - name: rollback + type: long + description: | + The number of requests for a storage engine to perform a rollback operation. + - name: savepoint + type: long + description: | + The number of requests for a storage engine to place a savepoint. + - name: savepoint_rollback + type: long + description: | + The number of requests for a storage engine to roll back to a savepoint. + - name: update + type: long + description: | + The number of requests to update a row in a table. + - name: write + type: long + description: | + The number of requests to insert a row in a table. + - name: innodb + type: group + fields: + - name: buffer_pool + type: group + fields: + - name: dump_status + type: long + description: | + The progress of an operation to record the pages held in the InnoDB buffer pool, triggered by the setting of innodb_buffer_pool_dump_at_shutdown or innodb_buffer_pool_dump_now. + - name: load_status + type: long + description: | + The progress of an operation to warm up the InnoDB buffer pool by reading in a set of pages corresponding to an earlier point in time, triggered by the setting of innodb_buffer_pool_load_at_startup or innodb_buffer_pool_load_now. + - name: bytes + type: group + fields: + - name: data + type: long + description: "The total number of bytes in the InnoDB buffer pool containing + data. \n" + - name: dirty + type: long + description: | + The total current number of bytes held in dirty pages in the InnoDB buffer pool. + - name: pages + type: group + fields: + - name: data + type: long + description: | + he number of pages in the InnoDB buffer pool containing data. + - name: dirty + type: long + description: | + The current number of dirty pages in the InnoDB buffer pool. + - name: flushed + type: long + description: | + The number of requests to flush pages from the InnoDB buffer pool. + - name: free + type: long + description: | + The number of free pages in the InnoDB buffer pool. + - name: latched + type: long + description: | + The number of latched pages in the InnoDB buffer pool. + - name: misc + type: long + description: | + The number of pages in the InnoDB buffer pool that are busy because they have been allocated for administrative overhead, such as row locks or the adaptive hash index. + - name: total + type: long + description: | + The total size of the InnoDB buffer pool, in pages. + - name: read + type: group + fields: + - name: ahead + type: long + description: | + The number of pages read into the InnoDB buffer pool by the read-ahead background thread. + - name: ahead_evicted + type: long + description: | + The number of pages read into the InnoDB buffer pool by the read-ahead background thread that were subsequently evicted without having been accessed by queries. + - name: ahead_rnd + type: long + description: | + The number of "random" read-aheads initiated by InnoDB. + - name: requests + type: long + description: | + The number of logical read requests. + - name: pool + type: group + fields: + - name: reads + type: long + description: | + The number of logical reads that InnoDB could not satisfy from the buffer pool, and had to read directly from disk. + - name: resize_status + type: long + description: | + The status of an operation to resize the InnoDB buffer pool dynamically, triggered by setting the innodb_buffer_pool_size parameter dynamically. + - name: wait_free + type: long + description: | + Normally, writes to the InnoDB buffer pool happen in the background. When InnoDB needs to read or create a page and no clean pages are available, InnoDB flushes some dirty pages first and waits for that operation to finish. This counter counts instances of these waits. + - name: write_requests + type: long + description: The number of writes done to the InnoDB buffer pool. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/fields/package-fields.yml new file mode 100644 index 0000000000000..57436911ee58b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: mysql + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/manifest.yml new file mode 100644 index 0000000000000..b9175fe7c0696 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/dataset/status/manifest.yml @@ -0,0 +1,21 @@ +title: MySQL status metrics +type: metrics +release: beta +streams: +- input: mysql/metrics + vars: + - name: period + type: text + title: Period + required: true + show_user: true + default: 10s + - name: raw + type: bool + title: Raw + description: > + When enabled, in addition to the existing data structure, all fields available from the mysql service through + "SHOW /*!50002 GLOBAL */ STATUS;" will be added to the event. + default: false + title: MySQL status metrics + description: Collect MySQL status metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/docs/README.md b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/docs/README.md new file mode 100644 index 0000000000000..68dac87331be2 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/docs/README.md @@ -0,0 +1,465 @@ +# MySQL Integration + +This integration periodically fetches logs and metrics from [https://www.mysql.com/](MySQL) servers. + +## Compatibility + +The `error` and `slowlog` datasets were tested with logs from MySQL 5.5, 5.7 and 8.0, MariaDB 10.1, 10.2 and 10.3, and Percona 5.7 and 8.0. + +The `galera_status` and `status` datasets were tested with MySQL and Percona 5.7 and 8.0 and are expected to work with all +versions >= 5.7.0. It is also tested with MariaDB 10.2, 10.3 and 10.4. + +## Logs + +### error + +The `error` dataset collects the MySQL error logs. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| event.category | Event category (e.g. database) | keyword | +| event.code | Identification code for this event | keyword | +| event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | +| event.kind | Event kind (e.g. event) | keyword | +| event.provider | Source of the event (e.g. Server) | keyword | +| event.timezone | Time zone information | keyword | +| event.type | Event severity (e.g. info, error) | keyword | +| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | +| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | text | +| mysql.thread_id | The connection or thread ID for the query. | long | + + +### slowlog + +The `slowlog` dataset collects the MySQL slow logs. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| mysql.slowlog.bytes_received | The number of bytes received from client. | long | +| mysql.slowlog.bytes_sent | The number of bytes sent to client. | long | +| mysql.slowlog.current_user | Current authenticated user, used to determine access privileges. Can differ from the value for user. | keyword | +| mysql.slowlog.filesort | Whether filesort optimization was used. | boolean | +| mysql.slowlog.filesort_on_disk | Whether filesort optimization was used and it needed temporary tables on disk. | boolean | +| mysql.slowlog.full_join | Whether a full join was needed for the slow query (no indexes were used for joins). | boolean | +| mysql.slowlog.full_scan | Whether a full table scan was needed for the slow query. | boolean | +| mysql.slowlog.innodb.io_r_bytes | Bytes read during page read operations. | long | +| mysql.slowlog.innodb.io_r_ops | Number of page read operations. | long | +| mysql.slowlog.innodb.io_r_wait.sec | How long it took to read all needed data from storage. | long | +| mysql.slowlog.innodb.pages_distinct | Approximated count of pages accessed to execute the query. | long | +| mysql.slowlog.innodb.queue_wait.sec | How long the query waited to enter the InnoDB queue and to be executed once in the queue. | long | +| mysql.slowlog.innodb.rec_lock_wait.sec | How long the query waited for locks. | long | +| mysql.slowlog.innodb.trx_id | Transaction ID | keyword | +| mysql.slowlog.killed | Code of the reason if the query was killed. | keyword | +| mysql.slowlog.last_errno | Last SQL error seen. | keyword | +| mysql.slowlog.lock_time.sec | The amount of time the query waited for the lock to be available. The value is in seconds, as a floating point number. | float | +| mysql.slowlog.log_slow_rate_limit | Slow log rate limit, a value of 100 means that one in a hundred queries or sessions are being logged. | keyword | +| mysql.slowlog.log_slow_rate_type | Type of slow log rate limit, it can be `session` if the rate limit is applied per session, or `query` if it applies per query. | keyword | +| mysql.slowlog.merge_passes | Number of merge passes executed for the query. | long | +| mysql.slowlog.priority_queue | Whether a priority queue was used for filesort. | boolean | +| mysql.slowlog.query | The slow query. | keyword | +| mysql.slowlog.query_cache_hit | Whether the query cache was hit. | boolean | +| mysql.slowlog.read_first | The number of times the first entry in an index was read. | long | +| mysql.slowlog.read_key | The number of requests to read a row based on a key. | long | +| mysql.slowlog.read_last | The number of times the last key in an index was read. | long | +| mysql.slowlog.read_next | The number of requests to read the next row in key order. | long | +| mysql.slowlog.read_prev | The number of requests to read the previous row in key order. | long | +| mysql.slowlog.read_rnd | The number of requests to read a row based on a fixed position. | long | +| mysql.slowlog.read_rnd_next | The number of requests to read the next row in the data file. | long | +| mysql.slowlog.rows_affected | The number of rows modified by the query. | long | +| mysql.slowlog.rows_examined | The number of rows scanned by the query. | long | +| mysql.slowlog.rows_sent | The number of rows returned by the query. | long | +| mysql.slowlog.schema | The schema where the slow query was executed. | keyword | +| mysql.slowlog.sort_merge_passes | Number of merge passes that the sort algorithm has had to do. | long | +| mysql.slowlog.sort_range_count | Number of sorts that were done using ranges. | long | +| mysql.slowlog.sort_rows | Number of sorted rows. | long | +| mysql.slowlog.sort_scan_count | Number of sorts that were done by scanning the table. | long | +| mysql.slowlog.tmp_disk_tables | Number of temporary tables created on disk for this query. | long | +| mysql.slowlog.tmp_table | Whether a temporary table was used to resolve the query. | boolean | +| mysql.slowlog.tmp_table_on_disk | Whether the query needed temporary tables on disk. | boolean | +| mysql.slowlog.tmp_table_sizes | Size of temporary tables created for this query. | long | +| mysql.slowlog.tmp_tables | Number of temporary tables created for this query | long | +| mysql.thread_id | The connection or thread ID for the query. | long | +| source.domain | Source domain. | keyword | +| source.ip | IP address of the source (IPv4 or IPv6). | ip | +| user.name | Short name or login of the user. | keyword | + + +## Metrics + +### galera_status + +The `galera_status` dataset periodically fetches metrics from [http://galeracluster.com/](Galera)-MySQL cluster servers. + +An example event for `galera_status` looks as following: + +```$json +{ + "@timestamp":"2020-04-20T12:33:24.613Z", + "mysql":{ + "galera_status":{ + "apply":{ + "oooe":0, + "oool":0, + "window":1 + }, + "connected":"ON", + "flow_ctl":{ + "recv":0, + "sent":0, + "paused":0, + "paused_ns":0 + }, + "ready":"ON", + "received":{ + "count":173, + "bytes":152425 + }, + "local":{ + "state":"Synced", + "bf_aborts":0, + "cert_failures":0, + "commits":1325, + "recv":{ + "queue_max":2, + "queue_min":0, + "queue":0, + "queue_avg":0.011561 + }, + "replays":0, + "send":{ + "queue_min":0, + "queue":0, + "queue_avg":0, + "queue_max":1 + } + }, + "evs":{ + "evict":"", + "state":"OPERATIONAL" + }, + "repl":{ + "bytes":1689804, + "data_bytes":1540647, + "keys":4170, + "keys_bytes":63973, + "other_bytes":0, + "count":1331 + }, + "commit":{ + "oooe":0, + "window":1 + }, + "cluster":{ + "conf_id":930, + "size":3, + "status":"Primary" + }, + "last_committed":23944, + "cert":{ + "deps_distance":43.524557, + "index_size":22, + "interval":0 + } + } + }, + "fields":{ + "stream":{ + "type":"metrics", + "dataset":"mysql.galera_status", + "namespace":"default" + } + }, + "ecs":{ + "version":"1.5.0" + }, + "agent":{ + "hostname":"MacBook-Elastic.local", + "id":"ede0be38-46a9-4ffc-8f1e-2ff9195193b6", + "version":"8.0.0", + "type":"metricbeat", + "ephemeral_id":"4c773a2e-16d5-4d86-be49-cfb3573f4f4f" + }, + "event":{ + "dataset":"mysql.galera_status", + "module":"mysql", + "duration":3275482 + }, + "metricset":{ + "name":"galera_status", + "period":10000 + }, + "service":{ + "address":"127.0.0.1:3306", + "type":"mysql" + } +} +``` + +The fields reported are: + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| mysql.galera_status.apply.oooe | How often applier started write-set applying out-of-order (parallelization efficiency). | double | +| mysql.galera_status.apply.oool | How often write-set was so slow to apply that write-set with higher seqno's were applied earlier. Values closer to 0 refer to a greater gap between slow and fast write-sets. | double | +| mysql.galera_status.apply.window | Average distance between highest and lowest concurrently applied seqno. | double | +| mysql.galera_status.cert.deps_distance | Average distance between highest and lowest seqno value that can be possibly applied in parallel (potential degree of parallelization). | double | +| mysql.galera_status.cert.index_size | The number of entries in the certification index. | long | +| mysql.galera_status.cert.interval | Average number of transactions received while a transaction replicates. | double | +| mysql.galera_status.cluster.conf_id | Total number of cluster membership changes happened. | long | +| mysql.galera_status.cluster.size | Current number of members in the cluster. | long | +| mysql.galera_status.cluster.status | Status of this cluster component. That is, whether the node is part of a PRIMARY or NON_PRIMARY component. | keyword | +| mysql.galera_status.commit.oooe | How often a transaction was committed out of order. | double | +| mysql.galera_status.commit.window | Average distance between highest and lowest concurrently committed seqno. | long | +| mysql.galera_status.connected | If the value is OFF, the node has not yet connected to any of the cluster components. This may be due to misconfiguration. Check the error log for proper diagnostics. | keyword | +| mysql.galera_status.evs.evict | Lists the UUID's of all nodes evicted from the cluster. Evicted nodes cannot rejoin the cluster until you restart their mysqld processes. | keyword | +| mysql.galera_status.evs.state | Shows the internal state of the EVS Protocol. | keyword | +| mysql.galera_status.flow_ctl.paused | The fraction of time since the last FLUSH STATUS command that replication was paused due to flow control. In other words, how much the slave lag is slowing down the cluster. | double | +| mysql.galera_status.flow_ctl.paused_ns | The total time spent in a paused state measured in nanoseconds. | long | +| mysql.galera_status.flow_ctl.recv | Returns the number of FC_PAUSE events the node has received, including those the node has sent. Unlike most status variables, the counter for this one does not reset every time you run the query. | long | +| mysql.galera_status.flow_ctl.sent | Returns the number of FC_PAUSE events the node has sent. Unlike most status variables, the counter for this one does not reset every time you run the query. | long | +| mysql.galera_status.last_committed | The sequence number, or seqno, of the last committed transaction. | long | +| mysql.galera_status.local.bf_aborts | Total number of local transactions that were aborted by slave transactions while in execution. | long | +| mysql.galera_status.local.cert_failures | Total number of local transactions that failed certification test. | long | +| mysql.galera_status.local.commits | Total number of local transactions committed. | long | +| mysql.galera_status.local.recv.queue | Current (instantaneous) length of the recv queue. | long | +| mysql.galera_status.local.recv.queue_avg | Recv queue length averaged over interval since the last FLUSH STATUS command. Values considerably larger than 0.0 mean that the node cannot apply write-sets as fast as they are received and will generate a lot of replication throttling. | double | +| mysql.galera_status.local.recv.queue_max | The maximum length of the recv queue since the last FLUSH STATUS command. | long | +| mysql.galera_status.local.recv.queue_min | The minimum length of the recv queue since the last FLUSH STATUS command. | long | +| mysql.galera_status.local.replays | Total number of transaction replays due to asymmetric lock granularity. | long | +| mysql.galera_status.local.send.queue | Current (instantaneous) length of the send queue. | long | +| mysql.galera_status.local.send.queue_avg | Send queue length averaged over time since the last FLUSH STATUS command. Values considerably larger than 0.0 indicate replication throttling or network throughput issue. | double | +| mysql.galera_status.local.send.queue_max | The maximum length of the send queue since the last FLUSH STATUS command. | long | +| mysql.galera_status.local.send.queue_min | The minimum length of the send queue since the last FLUSH STATUS command. | long | +| mysql.galera_status.local.state | Internal Galera Cluster FSM state number. | keyword | +| mysql.galera_status.ready | Whether the server is ready to accept queries. | keyword | +| mysql.galera_status.received.bytes | Total size of write-sets received from other nodes. | long | +| mysql.galera_status.received.count | Total number of write-sets received from other nodes. | long | +| mysql.galera_status.repl.bytes | Total size of write-sets replicated. | long | +| mysql.galera_status.repl.count | Total number of write-sets replicated (sent to other nodes). | long | +| mysql.galera_status.repl.data_bytes | Total size of data replicated. | long | +| mysql.galera_status.repl.keys | Total number of keys replicated. | long | +| mysql.galera_status.repl.keys_bytes | Total size of keys replicated. | long | +| mysql.galera_status.repl.other_bytes | Total size of other bits replicated. | long | + + +### status + +The MySQL `status` dataset collects data from MySQL by running a `SHOW GLOBAL STATUS;` SQL query. This query returns a large number of metrics. + +An example event for `status` looks as following: + +```$json +{ + "@timestamp":"2020-04-20T12:32:54.614Z", + "mysql":{ + "status":{ + "max_used_connections":3, + "queries":479, + "handler":{ + "prepare":0, + "savepoint":0, + "update":0, + "delete":0, + "read":{ + "rnd_next":59604, + "first":8, + "key":6, + "last":0, + "next":1, + "prev":0, + "rnd":0 + }, + "rollback":0, + "write":0, + "commit":5, + "savepoint_rollback":0, + "external_lock":552, + "mrr_init":0 + }, + "aborted":{ + "clients":0, + "connects":0 + }, + "threads":{ + "running":2, + "cached":1, + "created":3, + "connected":2 + }, + "flush_commands":1, + "created":{ + "tmp":{ + "disk_tables":0, + "files":6, + "tables":0 + } + }, + "connections":159, + "command":{ + "insert":0, + "select":155, + "update":0, + "delete":0 + }, + "opened_tables":122, + "binlog":{ + "cache":{ + "use":0, + "disk_use":0 + } + }, + "delayed":{ + "writes":0, + "errors":0, + "insert_threads":0 + }, + "questions":479, + "innodb":{ + "buffer_pool":{ + "read":{ + "ahead_rnd":0, + "requests":1488, + "ahead":0, + "ahead_evicted":0 + }, + "pool":{ + "wait_free":0, + "reads":405 + }, + "write_requests":325, + "bytes":{ + "data":7176192, + "dirty":0 + }, + "pages":{ + "dirty":0, + "flushed":36, + "free":7753, + "misc":0, + "total":8191, + "data":438 + } + } + }, + "bytes":{ + "received":38468, + "sent":1622162 + }, + "open":{ + "streams":0, + "tables":115, + "files":14 + } + } + }, + "event":{ + "dataset":"mysql.status", + "module":"mysql", + "duration":4708776 + }, + "metricset":{ + "name":"status", + "period":10000 + }, + "fields":{ + "stream":{ + "type":"metrics", + "dataset":"mysql.status", + "namespace":"default" + } + }, + "ecs":{ + "version":"1.5.0" + }, + "agent":{ + "id":"ede0be38-46a9-4ffc-8f1e-2ff9195193b6", + "version":"8.0.0", + "type":"metricbeat", + "ephemeral_id":"4c773a2e-16d5-4d86-be49-cfb3573f4f4f", + "hostname":"MacBook-Elastic.local" + }, + "service":{ + "address":"127.0.0.1:3306", + "type":"mysql" + } +} +``` + +The fields reported are: + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| mysql.status.aborted.clients | The number of connections that were aborted because the client died without closing the connection properly. | long | +| mysql.status.aborted.connects | The number of failed attempts to connect to the MySQL server. | long | +| mysql.status.binlog.cache.disk_use | | long | +| mysql.status.binlog.cache.use | | long | +| mysql.status.bytes.received | The number of bytes received from all clients. | long | +| mysql.status.bytes.sent | The number of bytes sent to all clients. | long | +| mysql.status.command.delete | The number of DELETE queries since startup. | long | +| mysql.status.command.insert | The number of INSERT queries since startup. | long | +| mysql.status.command.select | The number of SELECT queries since startup. | long | +| mysql.status.command.update | The number of UPDATE queries since startup. | long | +| mysql.status.connections | | long | +| mysql.status.created.tmp.disk_tables | | long | +| mysql.status.created.tmp.files | | long | +| mysql.status.created.tmp.tables | | long | +| mysql.status.delayed.errors | | long | +| mysql.status.delayed.insert_threads | | long | +| mysql.status.delayed.writes | | long | +| mysql.status.flush_commands | | long | +| mysql.status.handler.commit | The number of internal COMMIT statements. | long | +| mysql.status.handler.delete | The number of times that rows have been deleted from tables. | long | +| mysql.status.handler.external_lock | The server increments this variable for each call to its external_lock() function, which generally occurs at the beginning and end of access to a table instance. | long | +| mysql.status.handler.mrr_init | The number of times the server uses a storage engine's own Multi-Range Read implementation for table access. | long | +| mysql.status.handler.prepare | A counter for the prepare phase of two-phase commit operations. | long | +| mysql.status.handler.read.first | The number of times the first entry in an index was read. | long | +| mysql.status.handler.read.key | The number of requests to read a row based on a key. | long | +| mysql.status.handler.read.last | The number of requests to read the last key in an index. | long | +| mysql.status.handler.read.next | The number of requests to read the next row in key order. | long | +| mysql.status.handler.read.prev | The number of requests to read the previous row in key order. | long | +| mysql.status.handler.read.rnd | The number of requests to read a row based on a fixed position. | long | +| mysql.status.handler.read.rnd_next | The number of requests to read the next row in the data file. | long | +| mysql.status.handler.rollback | The number of requests for a storage engine to perform a rollback operation. | long | +| mysql.status.handler.savepoint | The number of requests for a storage engine to place a savepoint. | long | +| mysql.status.handler.savepoint_rollback | The number of requests for a storage engine to roll back to a savepoint. | long | +| mysql.status.handler.update | The number of requests to update a row in a table. | long | +| mysql.status.handler.write | The number of requests to insert a row in a table. | long | +| mysql.status.innodb.buffer_pool.bytes.data | The total number of bytes in the InnoDB buffer pool containing data. | long | +| mysql.status.innodb.buffer_pool.bytes.dirty | The total current number of bytes held in dirty pages in the InnoDB buffer pool. | long | +| mysql.status.innodb.buffer_pool.dump_status | The progress of an operation to record the pages held in the InnoDB buffer pool, triggered by the setting of innodb_buffer_pool_dump_at_shutdown or innodb_buffer_pool_dump_now. | long | +| mysql.status.innodb.buffer_pool.load_status | The progress of an operation to warm up the InnoDB buffer pool by reading in a set of pages corresponding to an earlier point in time, triggered by the setting of innodb_buffer_pool_load_at_startup or innodb_buffer_pool_load_now. | long | +| mysql.status.innodb.buffer_pool.pages.data | he number of pages in the InnoDB buffer pool containing data. | long | +| mysql.status.innodb.buffer_pool.pages.dirty | The current number of dirty pages in the InnoDB buffer pool. | long | +| mysql.status.innodb.buffer_pool.pages.flushed | The number of requests to flush pages from the InnoDB buffer pool. | long | +| mysql.status.innodb.buffer_pool.pages.free | The number of free pages in the InnoDB buffer pool. | long | +| mysql.status.innodb.buffer_pool.pages.latched | The number of latched pages in the InnoDB buffer pool. | long | +| mysql.status.innodb.buffer_pool.pages.misc | The number of pages in the InnoDB buffer pool that are busy because they have been allocated for administrative overhead, such as row locks or the adaptive hash index. | long | +| mysql.status.innodb.buffer_pool.pages.total | The total size of the InnoDB buffer pool, in pages. | long | +| mysql.status.innodb.buffer_pool.pool.reads | The number of logical reads that InnoDB could not satisfy from the buffer pool, and had to read directly from disk. | long | +| mysql.status.innodb.buffer_pool.pool.resize_status | The status of an operation to resize the InnoDB buffer pool dynamically, triggered by setting the innodb_buffer_pool_size parameter dynamically. | long | +| mysql.status.innodb.buffer_pool.pool.wait_free | Normally, writes to the InnoDB buffer pool happen in the background. When InnoDB needs to read or create a page and no clean pages are available, InnoDB flushes some dirty pages first and waits for that operation to finish. This counter counts instances of these waits. | long | +| mysql.status.innodb.buffer_pool.read.ahead | The number of pages read into the InnoDB buffer pool by the read-ahead background thread. | long | +| mysql.status.innodb.buffer_pool.read.ahead_evicted | The number of pages read into the InnoDB buffer pool by the read-ahead background thread that were subsequently evicted without having been accessed by queries. | long | +| mysql.status.innodb.buffer_pool.read.ahead_rnd | The number of "random" read-aheads initiated by InnoDB. | long | +| mysql.status.innodb.buffer_pool.read.requests | The number of logical read requests. | long | +| mysql.status.innodb.buffer_pool.write_requests | The number of writes done to the InnoDB buffer pool. | long | +| mysql.status.max_used_connections | | long | +| mysql.status.open.files | | long | +| mysql.status.open.streams | | long | +| mysql.status.open.tables | | long | +| mysql.status.opened_tables | | long | +| mysql.status.queries | The number of statements executed by the server. This variable includes statements executed within stored programs, unlike the Questions variable. It does not count COM_PING or COM_STATISTICS commands. | long | +| mysql.status.questions | The number of statements executed by the server. This includes only statements sent to the server by clients and not statements executed within stored programs, unlike the Queries variable. This variable does not count COM_PING, COM_STATISTICS, COM_STMT_PREPARE, COM_STMT_CLOSE, or COM_STMT_RESET commands. | long | +| mysql.status.threads.cached | The number of cached threads. | long | +| mysql.status.threads.connected | The number of connected threads. | long | +| mysql.status.threads.created | The number of created threads. | long | +| mysql.status.threads.running | The number of running threads. | long | + diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/img/kibana-mysql.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/img/kibana-mysql.png new file mode 100644 index 0000000000000..13c5ea4d276fc Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/img/kibana-mysql.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/img/logo_mysql.svg b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/img/logo_mysql.svg new file mode 100644 index 0000000000000..cfe6cbb664e7f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/img/logo_mysql.svg @@ -0,0 +1,6 @@ + + + + + + diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/img/metricbeat-mysql.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/img/metricbeat-mysql.png new file mode 100644 index 0000000000000..ee6ec195d46b1 Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/img/metricbeat-mysql.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/dashboard/57b3fb50-6309-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/dashboard/57b3fb50-6309-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..b5d46a4b72900 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/dashboard/57b3fb50-6309-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,78 @@ +{ + "attributes": { + "description": "Overview of MySQL server", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false,\"useMargins\":true}", + "panelsJSON": "[{\"embeddableConfig\":{\"title\":\"Open Tables, Files, Streams\"},\"gridData\":{\"h\":15,\"i\":\"14\",\"w\":24,\"x\":24,\"y\":38},\"panelIndex\":\"14\",\"panelRefName\":\"panel_0\",\"title\":\"Open Tables, Files, Streams\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Rate of Questions\"},\"gridData\":{\"h\":12,\"i\":\"050b110b-0b4d-404a-86c0-fa97f7eed2a0\",\"w\":16,\"x\":0,\"y\":0},\"panelIndex\":\"050b110b-0b4d-404a-86c0-fa97f7eed2a0\",\"panelRefName\":\"panel_1\",\"title\":\"Rate of Questions\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Rate of SELECT statements\"},\"gridData\":{\"h\":12,\"i\":\"988a61d7-ac3e-481e-a6ae-aa75aaa32a3a\",\"w\":16,\"x\":16,\"y\":0},\"panelIndex\":\"988a61d7-ac3e-481e-a6ae-aa75aaa32a3a\",\"panelRefName\":\"panel_2\",\"title\":\"Rate of SELECT statements\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Rate of INSERT, UPDATE, DELETE\"},\"gridData\":{\"h\":12,\"i\":\"a1f8fa38-a62f-4e05-adde-e995dae9ad83\",\"w\":16,\"x\":32,\"y\":0},\"panelIndex\":\"a1f8fa38-a62f-4e05-adde-e995dae9ad83\",\"panelRefName\":\"panel_3\",\"title\":\"Rate of INSERT, UPDATE, DELETE\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Connected Threads\"},\"gridData\":{\"h\":12,\"i\":\"d126fb61-605f-43af-b5d5-3fa3c128f726\",\"w\":6,\"x\":0,\"y\":12},\"panelIndex\":\"d126fb61-605f-43af-b5d5-3fa3c128f726\",\"panelRefName\":\"panel_4\",\"title\":\"Connected Threads\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Connections\"},\"gridData\":{\"h\":12,\"i\":\"59586d96-3abd-48a3-a258-cfd620826ec2\",\"w\":14,\"x\":6,\"y\":12},\"panelIndex\":\"59586d96-3abd-48a3-a258-cfd620826ec2\",\"panelRefName\":\"panel_5\",\"title\":\"Connections\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Aborted Connections Rate\"},\"gridData\":{\"h\":12,\"i\":\"dd0cf202-fe22-4daf-8f25-09c64d412bf3\",\"w\":14,\"x\":20,\"y\":12},\"panelIndex\":\"dd0cf202-fe22-4daf-8f25-09c64d412bf3\",\"panelRefName\":\"panel_6\",\"title\":\"Aborted Connections Rate\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Thread Activity\"},\"gridData\":{\"h\":12,\"i\":\"ead16a55-a2d3-49ae-a09b-a0b03560e9a0\",\"w\":14,\"x\":34,\"y\":12},\"panelIndex\":\"ead16a55-a2d3-49ae-a09b-a0b03560e9a0\",\"panelRefName\":\"panel_7\",\"title\":\"Thread Activity\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Buffer Pool Pages\"},\"gridData\":{\"h\":14,\"i\":\"24fc2926-610d-4910-8f3e-eb63ca69788c\",\"w\":15,\"x\":0,\"y\":24},\"panelIndex\":\"24fc2926-610d-4910-8f3e-eb63ca69788c\",\"panelRefName\":\"panel_8\",\"title\":\"Buffer Pool Pages\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Buffer Pool Utilization\"},\"gridData\":{\"h\":14,\"i\":\"33c10c95-be67-492e-afb5-863f375cffc2\",\"w\":16,\"x\":15,\"y\":24},\"panelIndex\":\"33c10c95-be67-492e-afb5-863f375cffc2\",\"panelRefName\":\"panel_9\",\"title\":\"Buffer Pool Utilization\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Network Traffic\"},\"gridData\":{\"h\":15,\"i\":\"3cd58868-0d03-4715-9ecc-9fba3cde47c1\",\"w\":24,\"x\":0,\"y\":38},\"panelIndex\":\"3cd58868-0d03-4715-9ecc-9fba3cde47c1\",\"panelRefName\":\"panel_10\",\"title\":\"Network Traffic\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Buffer Pool Efficiency\"},\"gridData\":{\"h\":14,\"i\":\"d35d7c5e-8832-40e2-8c77-953ad320c853\",\"w\":17,\"x\":31,\"y\":24},\"panelIndex\":\"d35d7c5e-8832-40e2-8c77-953ad320c853\",\"panelRefName\":\"panel_11\",\"title\":\"Buffer Pool Efficiency\",\"version\":\"7.3.1\"}]", + "timeRestore": false, + "title": "[Metrics MySQL] Database Overview", + "version": 1 + }, + "id": "57b3fb50-6309-11ea-a83e-25b8612d00cc", + "references": [ + { + "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "4fa69a10-630b-11ea-a83e-25b8612d00cc", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "7ea77d30-630a-11ea-a83e-25b8612d00cc", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "779ee920-6309-11ea-a83e-25b8612d00cc", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "fc6b5a40-630d-11ea-a83e-25b8612d00cc", + "name": "panel_4", + "type": "visualization" + }, + { + "id": "493e8460-630d-11ea-a83e-25b8612d00cc", + "name": "panel_5", + "type": "visualization" + }, + { + "id": "bf60bc10-639b-11ea-a83e-25b8612d00cc", + "name": "panel_6", + "type": "visualization" + }, + { + "id": "822df290-630f-11ea-a83e-25b8612d00cc", + "name": "panel_7", + "type": "visualization" + }, + { + "id": "98c7bca0-63a2-11ea-a83e-25b8612d00cc", + "name": "panel_8", + "type": "visualization" + }, + { + "id": "96d46630-63a4-11ea-a83e-25b8612d00cc", + "name": "panel_9", + "type": "visualization" + }, + { + "id": "c8661020-6310-11ea-a83e-25b8612d00cc", + "name": "panel_10", + "type": "visualization" + }, + { + "id": "a1e00160-63a4-11ea-a83e-25b8612d00cc", + "name": "panel_11", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/dashboard/Logs-MySQL-Dashboard-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/dashboard/Logs-MySQL-Dashboard-ecs.json new file mode 100644 index 0000000000000..a65ba9462cd26 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/dashboard/Logs-MySQL-Dashboard-ecs.json @@ -0,0 +1,48 @@ +{ + "attributes": { + "description": "Overview dashboard for the MySQL integration (logs)", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":16,\"i\":\"1\",\"w\":24,\"x\":0,\"y\":28},\"panelIndex\":\"1\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"2\",\"w\":24,\"x\":0,\"y\":0},\"panelIndex\":\"2\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"3\",\"w\":24,\"x\":24,\"y\":0},\"panelIndex\":\"3\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"columns\":[\"log.level\",\"message\"],\"sort\":[\"@timestamp\",\"desc\"]},\"gridData\":{\"h\":20,\"i\":\"4\",\"w\":24,\"x\":24,\"y\":28},\"panelIndex\":\"4\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":16,\"i\":\"5\",\"w\":24,\"x\":24,\"y\":12},\"panelIndex\":\"5\",\"panelRefName\":\"panel_4\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":16,\"i\":\"6\",\"w\":24,\"x\":0,\"y\":12},\"panelIndex\":\"6\",\"panelRefName\":\"panel_5\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Logs MySQL] Overview ECS", + "version": 1 + }, + "id": "Logs-MySQL-Dashboard-ecs", + "references": [ + { + "id": "MySQL-slowest-queries-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "MySQL-Slow-queries-over-time-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "MySQL-error-logs-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "Logs-MySQL-error-log-ecs", + "name": "panel_3", + "type": "search" + }, + { + "id": "MySQL-Error-logs-levels-ecs", + "name": "panel_4", + "type": "visualization" + }, + { + "id": "MySQL-Slow-logs-by-count-ecs", + "name": "panel_5", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/search/Logs-MySQL-Slow-log-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/search/Logs-MySQL-Slow-log-ecs.json new file mode 100644 index 0000000000000..217cb65fe197c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/search/Logs-MySQL-Slow-log-ecs.json @@ -0,0 +1,39 @@ +{ + "attributes": { + "columns": [ + "_source" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\",\"key\":\"query\",\"negate\":false,\"type\":\"custom\",\"value\":\"{\\\"match_phrase_prefix\\\":{\\\"event.dataset\\\":{\\\"query\\\":\\\"mysql.\\\"}}}\"},\"query\":{\"match_phrase_prefix\":{\"event.dataset\":{\"query\":\"mysql.\"}}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\",\"key\":\"fileset.name\",\"negate\":false,\"params\":{\"query\":\"slowlog\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"slowlog\"},\"query\":{\"match\":{\"fileset.name\":{\"query\":\"slowlog\",\"type\":\"phrase\"}}}}],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Slow logs [Logs MySQL] ECS", + "version": 1 + }, + "id": "Logs-MySQL-Slow-log-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/search/Logs-MySQL-error-log-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/search/Logs-MySQL-error-log-ecs.json new file mode 100644 index 0000000000000..8d7b9a22127be --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/search/Logs-MySQL-error-log-ecs.json @@ -0,0 +1,40 @@ +{ + "attributes": { + "columns": [ + "log.level", + "message" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\",\"key\":\"query\",\"negate\":false,\"type\":\"custom\",\"value\":\"{\\\"match_phrase_prefix\\\":{\\\"event.dataset\\\":{\\\"query\\\":\\\"mysql.\\\"}}}\"},\"query\":{\"match_phrase_prefix\":{\"event.dataset\":{\"query\":\"mysql.\"}}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\",\"key\":\"fileset.name\",\"negate\":false,\"params\":{\"query\":\"error\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"error\"},\"query\":{\"match\":{\"fileset.name\":{\"query\":\"error\",\"type\":\"phrase\"}}}}],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Error logs [Logs MySQL] ECS", + "version": 1 + }, + "id": "Logs-MySQL-error-log-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/493e8460-630d-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/493e8460-630d-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..3f431dbf207be --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/493e8460-630d-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Connections [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(198,135,31,1)\",\"fill\":\"0.2\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Connection rate\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.connections\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"max\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"id\":\"caee3e70-630c-11ea-99e6-b5eed31db613\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"caee3e70-630c-11ea-99e6-b5eed31db613\",\"id\":\"d4eb4fd0-630c-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(115,216,255,0.89)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"fe9af660-630b-11ea-99e6-b5eed31db613\",\"label\":\"Connected\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.threads.connected\",\"id\":\"fe9af661-630b-11ea-99e6-b5eed31db613\",\"type\":\"max\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":\"0\",\"formatter\":\"number\",\"id\":\"e3d46bf0-630f-11ea-99e6-b5eed31db613\",\"label\":\"Max Used Connections\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.max_used_connections\",\"id\":\"e3d46bf1-630f-11ea-99e6-b5eed31db613\",\"type\":\"avg\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Connections [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "493e8460-630d-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/4fa69a10-630b-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/4fa69a10-630b-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..a3541c8ed07cb --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/4fa69a10-630b-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Question rates [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"id\":\"d61928d0-6309-11ea-99e6-b5eed31db613\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"right\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(252,220,0,1)\",\"fill\":\"0.3\",\"formatter\":\"'0.0a'\",\"id\":\"3c2a2a40-f1f4-11e7-a752-236fe3270d99\",\"label\":\"SELECT\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.questions\",\"id\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"id\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"id\":\"82f59710-6309-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":0,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Question rates [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "4fa69a10-630b-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/779ee920-6309-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/779ee920-6309-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..a9a42e4d2a53c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/779ee920-6309-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Insert, Update, Delete rates [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"id\":\"d61928d0-6309-11ea-99e6-b5eed31db613\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(104,204,202,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"3c2a2a40-f1f4-11e7-a752-236fe3270d99\",\"label\":\"INSERT\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.command.insert\",\"id\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"id\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"id\":\"82f59710-6309-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(252,220,0,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"485ce050-f1f4-11e7-a752-236fe3270d99\",\"label\":\"UPDATE\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.command.update\",\"id\":\"485ce051-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"485ce051-f1f4-11e7-a752-236fe3270d99\",\"id\":\"485ce052-f1f4-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"485ce052-f1f4-11e7-a752-236fe3270d99\",\"id\":\"a4092660-6309-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(244,78,59,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"543a4a70-f1f4-11e7-a752-236fe3270d99\",\"label\":\"DELETE\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.command.delete\",\"id\":\"543a4a71-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"543a4a71-f1f4-11e7-a752-236fe3270d99\",\"id\":\"543a4a72-f1f4-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"543a4a72-f1f4-11e7-a752-236fe3270d99\",\"id\":\"bae29b50-6309-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Insert, Update, Delete rates [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "779ee920-6309-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/7ea77d30-630a-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/7ea77d30-630a-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..5899525979a54 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/7ea77d30-630a-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "SELECT rates [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"id\":\"d61928d0-6309-11ea-99e6-b5eed31db613\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"right\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,156,224,1)\",\"fill\":\"0.3\",\"formatter\":\"'0.0a'\",\"id\":\"3c2a2a40-f1f4-11e7-a752-236fe3270d99\",\"label\":\"SELECT\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.command.select\",\"id\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"id\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"id\":\"82f59710-6309-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":0,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"SELECT rates [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "7ea77d30-630a-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/822df290-630f-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/822df290-630f-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..cc1df445ad3a4 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/822df290-630f-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Thread Activity [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(226,115,0,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Avg Threads Running\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.threads.running\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(22,165,165,1)\",\"fill\":\"0\",\"formatter\":\"number\",\"id\":\"895f0820-630e-11ea-99e6-b5eed31db613\",\"label\":\"Peak Threads Running\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.threads.running\",\"id\":\"895f0821-630e-11ea-99e6-b5eed31db613\",\"type\":\"max\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(77,77,77,1)\",\"fill\":\"0\",\"formatter\":\"number\",\"id\":\"f8752460-630e-11ea-99e6-b5eed31db613\",\"label\":\"Peak Threads Connected\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.threads.connected\",\"id\":\"f8752461-630e-11ea-99e6-b5eed31db613\",\"type\":\"max\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Thread Activity [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "822df290-630f-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/96d46630-63a4-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/96d46630-63a4-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..3abb0c8b6ac99 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/96d46630-63a4-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Buffer Pool Utilization [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_min\":0,\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"background_color_rules\":[{\"id\":\"0f20fa60-63a3-11ea-90a2-c51229c5db5f\"}],\"bar_color_rules\":[{\"id\":\"0e1ecca0-63a3-11ea-90a2-c51229c5db5f\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"filter\":{\"language\":\"kuery\",\"query\":\"\"},\"gauge_color_rules\":[{\"id\":\"07c08ce0-63a3-11ea-90a2-c51229c5db5f\"}],\"gauge_inner_width\":10,\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"515b9dd0-639f-11ea-96d8-1943b9bb65d9\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(226,115,0,1)\",\"fill\":\"0.1\",\"formatter\":\"percent\",\"id\":\"256f1f40-63a3-11ea-90a2-c51229c5db5f\",\"label\":\"Utilization\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.innodb.buffer_pool.pages.total\",\"id\":\"256f1f41-63a3-11ea-90a2-c51229c5db5f\",\"type\":\"max\"},{\"field\":\"mysql.status.innodb.buffer_pool.pages.free\",\"id\":\"256f1f43-63a3-11ea-90a2-c51229c5db5f\",\"type\":\"max\"},{\"id\":\"256f1f45-63a3-11ea-90a2-c51229c5db5f\",\"script\":\"params.total != null \\u0026\\u0026 params.total \\u003e 0 ? (params.total - params.free)/params.total : null\",\"type\":\"calculation\",\"variables\":[{\"field\":\"256f1f41-63a3-11ea-90a2-c51229c5db5f\",\"id\":\"256f1f42-63a3-11ea-90a2-c51229c5db5f\",\"name\":\"total\"},{\"field\":\"256f1f43-63a3-11ea-90a2-c51229c5db5f\",\"id\":\"256f1f44-63a3-11ea-90a2-c51229c5db5f\",\"name\":\"free\"}]}],\"point_size\":\"2\",\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Buffer Pool Utilization [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "96d46630-63a4-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/98c7bca0-63a2-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/98c7bca0-63a2-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..37bf6efd8cd8b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/98c7bca0-63a2-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Buffer Pool Pages [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_min\":0,\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"filter\":{\"language\":\"kuery\",\"query\":\"\"},\"id\":\"515b9dd0-639f-11ea-96d8-1943b9bb65d9\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":\"0\",\"formatter\":\"'0.0a'\",\"id\":\"37f2d600-63a0-11ea-90a2-c51229c5db5f\",\"label\":\"Buffer Pool Pages Data\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.innodb.buffer_pool.pages.data\",\"id\":\"37f2d601-63a0-11ea-90a2-c51229c5db5f\",\"type\":\"avg\"}],\"point_size\":1,\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(22,165,165,1)\",\"fill\":\"0\",\"formatter\":\"'0.0a'\",\"id\":\"57ae9d80-63a0-11ea-90a2-c51229c5db5f\",\"label\":\"Buffer Pool Pages Free\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.innodb.buffer_pool.pages.free\",\"id\":\"57ae9d81-63a0-11ea-90a2-c51229c5db5f\",\"type\":\"avg\"}],\"point_size\":1,\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(102,102,102,1)\",\"fill\":\"0\",\"formatter\":\"'0.0a'\",\"id\":\"c86cc470-63a0-11ea-90a2-c51229c5db5f\",\"label\":\"Buffer Pool Pages Total\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.innodb.buffer_pool.pages.total\",\"id\":\"c86ceb80-63a0-11ea-90a2-c51229c5db5f\",\"type\":\"avg\"}],\"point_size\":1,\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Buffer Pool Pages [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "98c7bca0-63a2-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-Error-logs-levels-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-Error-logs-levels-ecs.json new file mode 100644 index 0000000000000..0d00d5b31438a --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-Error-logs-levels-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Error logs levels breakdown [Logs MySQL] ECS", + "uiStateJSON": "{\"vis\":{\"colors\":{\"ERROR\":\"#E24D42\",\"Note\":\"#9AC48A\",\"Warning\":\"#F9934E\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"log.level\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":false,\"legendPosition\":\"bottom\",\"shareYAxis\":true,\"type\":\"pie\"},\"title\":\"Error logs levels breakdown [Logs MySQL] ECS\",\"type\":\"pie\"}" + }, + "id": "MySQL-Error-logs-levels-ecs", + "references": [ + { + "id": "Logs-MySQL-error-log-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-Slow-logs-by-count-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-Slow-logs-by-count-ecs.json new file mode 100644 index 0000000000000..ee28a1e0e8dac --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-Slow-logs-by-count-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Slow logs breakdown [Logs MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"mysql.slowlog.query\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":false,\"legendPosition\":\"bottom\",\"shareYAxis\":true,\"type\":\"pie\"},\"title\":\"Slow logs breakdown [Logs MySQL] ECS\",\"type\":\"pie\"}" + }, + "id": "MySQL-Slow-logs-by-count-ecs", + "references": [ + { + "id": "Logs-MySQL-Slow-log-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-Slow-queries-over-time-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-Slow-queries-over-time-ecs.json new file mode 100644 index 0000000000000..b90b9d22533ab --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-Slow-queries-over-time-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Slow queries over time [Logs MySQL] ECS", + "uiStateJSON": "{\"vis\":{\"colors\":{\"Slow queries\":\"#EF843C\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Slow queries\"},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"}],\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"@timestamp per 30 seconds\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Slow queries\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Slow queries\"},\"type\":\"value\"}],\"yAxis\":{}},\"title\":\"Slow queries over time [Logs MySQL] ECS\",\"type\":\"histogram\"}" + }, + "id": "MySQL-Slow-queries-over-time-ecs", + "references": [ + { + "id": "Logs-MySQL-Slow-log-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-error-logs-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-error-logs-ecs.json new file mode 100644 index 0000000000000..4debac094e2d0 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-error-logs-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Error logs over time [Logs MySQL] ECS", + "uiStateJSON": "{\"vis\":{\"colors\":{\"Count\":\"#447EBC\",\"Error logs\":\"#1F78C1\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Error logs\"},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"}],\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"@timestamp per 30 seconds\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Error logs\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Error logs\"},\"type\":\"value\"}],\"yAxis\":{}},\"title\":\"Error logs over time [Logs MySQL] ECS\",\"type\":\"histogram\"}" + }, + "id": "MySQL-error-logs-ecs", + "references": [ + { + "id": "Logs-MySQL-error-log-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-slowest-queries-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-slowest-queries-ecs.json new file mode 100644 index 0000000000000..6a5e5734b34af --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/MySQL-slowest-queries-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Top slowest queries [Logs MySQL] ECS", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Query time\",\"field\":\"event.duration\"},\"schema\":\"metric\",\"type\":\"max\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"Query\",\"field\":\"mysql.slowlog.query\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"customLabel\":\"User\",\"field\":\"user.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"}],\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"Top slowest queries [Logs MySQL] ECS\",\"type\":\"table\"}" + }, + "id": "MySQL-slowest-queries-ecs", + "references": [ + { + "id": "Logs-MySQL-Slow-log-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/a1e00160-63a4-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/a1e00160-63a4-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..ce5e8f5fc9669 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/a1e00160-63a4-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Buffer Pool Efficiency [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_min\":0,\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"background_color_rules\":[{\"id\":\"0f20fa60-63a3-11ea-90a2-c51229c5db5f\"}],\"bar_color_rules\":[{\"id\":\"0e1ecca0-63a3-11ea-90a2-c51229c5db5f\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"filter\":{\"language\":\"kuery\",\"query\":\"\"},\"gauge_color_rules\":[{\"id\":\"07c08ce0-63a3-11ea-90a2-c51229c5db5f\"}],\"gauge_inner_width\":10,\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"515b9dd0-639f-11ea-96d8-1943b9bb65d9\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(87,177,211,1)\",\"fill\":\"0.1\",\"formatter\":\"number\",\"hidden\":false,\"id\":\"a397d570-63a2-11ea-90a2-c51229c5db5f\",\"label\":\"Effeciency (lower is better)\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.innodb.buffer_pool.pool.reads\",\"id\":\"a397d571-63a2-11ea-90a2-c51229c5db5f\",\"type\":\"max\"},{\"field\":\"mysql.status.innodb.buffer_pool.read.requests\",\"id\":\"ad177970-63a2-11ea-90a2-c51229c5db5f\",\"type\":\"max\"},{\"id\":\"af58ddf0-63a2-11ea-90a2-c51229c5db5f\",\"script\":\"params.pool_read_requests != null \\u0026\\u0026 params.pool_read_requests \\u003e 0 ? (params.pool_reads/params.pool_read_requests) * 100: null\",\"type\":\"calculation\",\"variables\":[{\"field\":\"a397d571-63a2-11ea-90a2-c51229c5db5f\",\"id\":\"b1b6cb20-63a2-11ea-90a2-c51229c5db5f\",\"name\":\"pool_reads\"},{\"field\":\"ad177970-63a2-11ea-90a2-c51229c5db5f\",\"id\":\"c3fe5be0-63a2-11ea-90a2-c51229c5db5f\",\"name\":\"pool_read_requests\"}]}],\"point_size\":\"2\",\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Buffer Pool Efficiency [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "a1e00160-63a4-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs.json new file mode 100644 index 0000000000000..b1f1525b407ca --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Open tables, files, streams [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(22,165,165,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Open Tables\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.open.tables\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(252,196,0,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"615a2400-6312-11ea-99e6-b5eed31db613\",\"label\":\"Open Files\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.open.files\",\"id\":\"615a2401-6312-11ea-99e6-b5eed31db613\",\"type\":\"avg\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(226,115,0,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"15d7bcd0-6313-11ea-99e6-b5eed31db613\",\"label\":\"Open Streams\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.open.streams\",\"id\":\"15d7bcd1-6313-11ea-99e6-b5eed31db613\",\"type\":\"avg\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Open tables, files, streams [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/bf60bc10-639b-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/bf60bc10-639b-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..ba6abd259f0c8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/bf60bc10-639b-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Aborted Connections Rate [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"id\":\"d61928d0-6309-11ea-99e6-b5eed31db613\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(176,188,0,1)\",\"fill\":\"0.3\",\"formatter\":\"'0.0a'\",\"id\":\"3c2a2a40-f1f4-11e7-a752-236fe3270d99\",\"label\":\"Aborted Connections\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.aborted.clients\",\"id\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"id\":\"6d053540-639b-11ea-83d6-4f7a6fe5aed4\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"6d053540-639b-11ea-83d6-4f7a6fe5aed4\",\"id\":\"7548afc0-639b-11ea-83d6-4f7a6fe5aed4\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(251,158,0,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"d6572ee0-639b-11ea-83d6-4f7a6fe5aed4\",\"label\":\"Failed Attempts to Connect \",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.aborted.connects\",\"id\":\"d6572ee1-639b-11ea-83d6-4f7a6fe5aed4\",\"type\":\"max\"},{\"field\":\"d6572ee1-639b-11ea-83d6-4f7a6fe5aed4\",\"id\":\"e4a63540-639b-11ea-83d6-4f7a6fe5aed4\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"id\":\"ec492a00-639b-11ea-83d6-4f7a6fe5aed4\",\"type\":\"positive_only\"}],\"point_size\":1,\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Aborted Connections Rate [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "bf60bc10-639b-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/c8661020-6310-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/c8661020-6310-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..2978cf325b056 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/c8661020-6310-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Network Traffic [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,98,177,1)\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"2b1c2390-f1f7-11e7-a752-236fe3270d99\",\"label\":\"Received bytes\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.bytes.received\",\"id\":\"2b1c2391-f1f7-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"2b1c2391-f1f7-11e7-a752-236fe3270d99\",\"id\":\"2b1c2392-f1f7-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"2b1c2392-f1f7-11e7-a752-236fe3270d99\",\"id\":\"788d3c90-6310-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"},{\"id\":\"88f8e160-6310-11ea-99e6-b5eed31db613\",\"script\":\"params.received != null \\u0026\\u0026 params.received \\u003e 0 ? params.received * -1 : null\",\"type\":\"calculation\",\"variables\":[{\"field\":\"788d3c90-6310-11ea-99e6-b5eed31db613\",\"id\":\"8beb4660-6310-11ea-99e6-b5eed31db613\",\"name\":\"received\"}]}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Sent bytes\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.bytes.sent\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"max\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"id\":\"23cfda50-f1f7-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"23cfda50-f1f7-11e7-a752-236fe3270d99\",\"id\":\"ad26a900-6310-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Network Traffic [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "c8661020-6310-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/fc6b5a40-630d-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/fc6b5a40-630d-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..febf0dfe79c14 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/kibana/visualization/fc6b5a40-630d-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Connected Threads [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"background_color_rules\":[{\"id\":\"d5fcf170-630d-11ea-99e6-b5eed31db613\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"gauge_color_rules\":[{\"id\":\"f1321f60-630d-11ea-99e6-b5eed31db613\"}],\"gauge_inner_width\":10,\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(115,216,255,0.89)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"fe9af660-630b-11ea-99e6-b5eed31db613\",\"label\":\"Connections\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.threads.connected\",\"id\":\"fe9af661-630b-11ea-99e6-b5eed31db613\",\"type\":\"max\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"gauge\"},\"title\":\"Connected Threads [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "fc6b5a40-630d-11ea-a83e-25b8612d00cc", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/manifest.yml new file mode 100644 index 0000000000000..920a2b4adf7a5 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.0/manifest.yml @@ -0,0 +1,59 @@ +format_version: 1.0.0 +name: mysql +title: MySQL +version: 0.1.0 +license: basic +description: MySQL Integration +type: integration +categories: +- logs +- metrics +release: beta +removable: true +requirement: + kibana: + versions: '>=7.3.1 <8.0.0' + elasticsearch: + versions: '>7.0.1' +screenshots: +- src: /img/kibana-mysql.png + title: kibana mysql + size: 1227x1026 + type: image/png +- src: /img/metricbeat-mysql.png + title: metricbeat mysql + size: 2562x2540 + type: image/png +icons: +- src: /img/logo_mysql.svg + title: logo mysql + size: 32x32 + type: image/svg+xml +datasources: +- name: mysql + title: MySQL logs and metrics + description: Collect logs and metrics from MySQL instances + inputs: + - type: logs + title: Collect logs from MySQL hosts + description: Collecting MySQL error and slowlog logs + - type: mysql/metrics + title: Collect metrics from MySQL hosts + description: Collecting MySQL status and galera_status metrics + vars: + - name: hosts + type: text + title: MySQL DSN + multi: true + required: true + show_user: true + default: + - tcp(127.0.0.1:3306)/ + - name: username + type: text + title: Username + default: root + - name: password + type: password + title: Password + default: test diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..364aa85f53ee1 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/agent/stream/stream.yml.hbs @@ -0,0 +1,12 @@ +paths: +{{#each paths}} + - {{this}} +{{/each}} +exclude_files: [".gz$"] +multiline: + # Consider lines without timestamp part of the previous message + pattern: '^([0-9]{4}-[0-9]{2}-[0-9]{2}|[0-9]{6})' + negate: true + match: after +processors: +- add_locale: ~ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/elasticsearch/ingest-pipeline/default.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/elasticsearch/ingest-pipeline/default.yml new file mode 100644 index 0000000000000..9362ef4c089c2 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/elasticsearch/ingest-pipeline/default.yml @@ -0,0 +1,71 @@ +--- +description: Pipeline for parsing MySQL error logs +processors: +- grok: + field: message + patterns: + - '%{MYSQLDATETIME}%{SPACE}(%{NUMBER:mysql.thread_id:long}%{SPACE})?(\[%{DATA:log.level}\]%{SPACE})?%{GREEDYMULTILINE:message}' + - '%{GREEDYDATA:message}' + ignore_missing: true + pattern_definitions: + LOCALDATETIME: (?:%{YEAR}-%{MONTHNUM}-%{MONTHDAY}|%{NUMBER})%{SPACE}%{TIME} + MYSQLDATETIME: (?:%{LOCALDATETIME:_tmp.local_timestamp}|%{TIMESTAMP_ISO8601:_tmp.timestamp}) + GREEDYMULTILINE: |- + (.| + )+ +- grok: + field: message + patterns: + - '(\[%{DATA:event.code}\])%{SPACE}(\[%{DATA:event.provider}\])%{SPACE}%{GREEDYMULTILINE}' + - '%{GREEDYDATA}' + ignore_missing: true + ignore_failure: true + pattern_definitions: + GREEDYMULTILINE: |- + (.| + )+ +- rename: + field: '@timestamp' + target_field: event.created +- date: + if: ctx._tmp?.local_timestamp != null && ctx.event?.timezone == null + field: _tmp.local_timestamp + formats: + - yyMMdd H:m:s + - yyMMdd H:m:s + - yyyy-MM-dd H:m:s + - yyyy-MM-dd H:m:s +- date: + if: ctx._tmp?.local_timestamp != null && ctx.event?.timezone != null + field: _tmp.local_timestamp + timezone: '{{ event.timezone }}' + formats: + - yyMMdd H:m:s + - yyMMdd H:m:s + - yyyy-MM-dd H:m:s + - yyyy-MM-dd H:m:s +- date: + if: ctx._tmp?.timestamp != null + field: _tmp.timestamp + formats: + - ISO8601 +- remove: + field: _tmp + ignore_missing: true +- set: + field: event.kind + value: event +- append: + field: event.category + value: database +- append: + field: event.type + value: info +- append: + field: event.type + value: error + if: "ctx?.log?.level != null && ctx.log.level.toLowerCase() == 'error'" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/ecs.yml new file mode 100644 index 0000000000000..42840dcb48820 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/ecs.yml @@ -0,0 +1,20 @@ +- name: message + level: core + type: text + description: |- + For log events the message field contains the log message, optimized for viewing in a log viewer. + For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. + If multiple messages exist, they can be combined into one message. +- name: log + title: Log + group: 2 + type: group + fields: + - name: level + level: core + type: keyword + description: |- + Original log level of the log event. + If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). + Some examples are `warn`, `err`, `i`, `informational`. + ignore_above: 1024 diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/fields.yml new file mode 100644 index 0000000000000..6f5883d4d12a4 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/fields.yml @@ -0,0 +1,23 @@ +- name: mysql.error + type: group +- name: event.code + type: keyword + description: Identification code for this event +- name: event.provider + type: keyword + description: Source of the event (e.g. Server) +- name: event.created + type: date + description: Date/time when the event was first read by an agent, or by your pipeline. +- name: event.timezone + type: keyword + description: Time zone information +- name: event.kind + type: keyword + description: Event kind (e.g. event) +- name: event.category + type: keyword + description: Event category (e.g. database) +- name: event.type + type: keyword + description: Event severity (e.g. info, error) diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/package-fields.yml new file mode 100644 index 0000000000000..a35a72d6dd7f3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/fields/package-fields.yml @@ -0,0 +1,7 @@ +- name: mysql + type: group + fields: + - name: thread_id + type: long + description: | + The connection or thread ID for the query. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/manifest.yml new file mode 100644 index 0000000000000..573ebb5975053 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/error/manifest.yml @@ -0,0 +1,23 @@ +title: MySQL error logs +type: logs +release: beta +streams: +- input: logs + vars: + - name: paths + type: text + title: Error log paths + multi: true + required: true + show_user: true + default: + - /var/log/mysql/error.log* + - /var/log/mysqld.log* + os.darwin: + default: + - /usr/local/var/mysql/localhost.localdomain.err* + os.windows: + default: + - c:/programdata/MySQL/MySQL Server*/error.log* + title: MySQL error logs + description: Collect MySQL error logs diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..cd1e5c57c2c9a --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/agent/stream/stream.yml.hbs @@ -0,0 +1,15 @@ +metricsets: ["galera_status"] +hosts: +{{#each hosts}} + - {{this}} +{{/each}} +{{#if password}} +password: {{password}} +{{/if}} +period: {{period}} +{{#if raw}} +raw: {{raw}} +{{/if}} +{{#if username}} +username: {{username}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/fields/fields.yml new file mode 100644 index 0000000000000..56458b40882b3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/fields/fields.yml @@ -0,0 +1,201 @@ +- name: mysql.galera_status + type: group + release: beta + fields: + - name: apply + type: group + fields: + - name: oooe + type: double + description: | + How often applier started write-set applying out-of-order (parallelization efficiency). + - name: oool + type: double + description: | + How often write-set was so slow to apply that write-set with higher seqno's were applied earlier. Values closer to 0 refer to a greater gap between slow and fast write-sets. + - name: window + type: double + description: | + Average distance between highest and lowest concurrently applied seqno. + - name: cert + type: group + fields: + - name: deps_distance + type: double + description: | + Average distance between highest and lowest seqno value that can be possibly applied in parallel (potential degree of parallelization). + - name: index_size + type: long + description: | + The number of entries in the certification index. + - name: interval + type: double + description: | + Average number of transactions received while a transaction replicates. + - name: cluster + type: group + fields: + - name: conf_id + type: long + description: | + Total number of cluster membership changes happened. + - name: size + type: long + description: | + Current number of members in the cluster. + - name: status + type: keyword + description: | + Status of this cluster component. That is, whether the node is part of a PRIMARY or NON_PRIMARY component. + - name: commit + type: group + fields: + - name: oooe + type: double + description: | + How often a transaction was committed out of order. + - name: window + type: long + description: | + Average distance between highest and lowest concurrently committed seqno. + - name: connected + type: keyword + description: | + If the value is OFF, the node has not yet connected to any of the cluster components. This may be due to misconfiguration. Check the error log for proper diagnostics. + - name: evs + type: group + fields: + - name: evict + type: keyword + description: | + Lists the UUID's of all nodes evicted from the cluster. Evicted nodes cannot rejoin the cluster until you restart their mysqld processes. + - name: state + type: keyword + description: | + Shows the internal state of the EVS Protocol. + - name: flow_ctl + type: group + fields: + - name: paused + type: double + description: | + The fraction of time since the last FLUSH STATUS command that replication was paused due to flow control. In other words, how much the slave lag is slowing down the cluster. + - name: paused_ns + type: long + description: | + The total time spent in a paused state measured in nanoseconds. + - name: recv + type: long + description: | + Returns the number of FC_PAUSE events the node has received, including those the node has sent. Unlike most status variables, the counter for this one does not reset every time you run the query. + - name: sent + type: long + description: | + Returns the number of FC_PAUSE events the node has sent. Unlike most status variables, the counter for this one does not reset every time you run the query. + - name: last_committed + type: long + description: | + The sequence number, or seqno, of the last committed transaction. + - name: local + type: group + fields: + - name: bf_aborts + type: long + description: | + Total number of local transactions that were aborted by slave transactions while in execution. + - name: cert_failures + type: long + description: | + Total number of local transactions that failed certification test. + - name: commits + type: long + description: | + Total number of local transactions committed. + - name: recv + type: group + fields: + - name: queue + type: long + description: | + Current (instantaneous) length of the recv queue. + - name: queue_avg + type: double + description: | + Recv queue length averaged over interval since the last FLUSH STATUS command. Values considerably larger than 0.0 mean that the node cannot apply write-sets as fast as they are received and will generate a lot of replication throttling. + - name: queue_max + type: long + description: | + The maximum length of the recv queue since the last FLUSH STATUS command. + - name: queue_min + type: long + description: | + The minimum length of the recv queue since the last FLUSH STATUS command. + - name: replays + type: long + description: | + Total number of transaction replays due to asymmetric lock granularity. + - name: send + type: group + fields: + - name: queue + type: long + description: | + Current (instantaneous) length of the send queue. + - name: queue_avg + type: double + description: | + Send queue length averaged over time since the last FLUSH STATUS command. Values considerably larger than 0.0 indicate replication throttling or network throughput issue. + - name: queue_max + type: long + description: | + The maximum length of the send queue since the last FLUSH STATUS command. + - name: queue_min + type: long + description: | + The minimum length of the send queue since the last FLUSH STATUS command. + - name: state + type: keyword + description: | + Internal Galera Cluster FSM state number. + - name: ready + type: keyword + description: | + Whether the server is ready to accept queries. + - name: received + type: group + fields: + - name: count + type: long + description: | + Total number of write-sets received from other nodes. + - name: bytes + type: long + description: | + Total size of write-sets received from other nodes. + - name: repl + type: group + fields: + - name: data_bytes + type: long + description: | + Total size of data replicated. + - name: keys + type: long + description: | + Total number of keys replicated. + - name: keys_bytes + type: long + description: | + Total size of keys replicated. + - name: other_bytes + type: long + description: | + Total size of other bits replicated. + - name: count + type: long + description: | + Total number of write-sets replicated (sent to other nodes). + - name: bytes + type: long + description: | + Total size of write-sets replicated. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/fields/package-fields.yml new file mode 100644 index 0000000000000..57436911ee58b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: mysql + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/manifest.yml new file mode 100644 index 0000000000000..6829901e7a94f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/galera_status/manifest.yml @@ -0,0 +1,22 @@ +title: MySQL galera_status metrics +type: metrics +release: beta +streams: +- input: mysql/metrics + enabled: false + vars: + - name: period + type: text + title: Period + required: true + show_user: true + default: 10s + - name: raw + type: bool + title: Raw + description: > + When enabled, in addition to the existing data structure, all fields available from the mysql service through + "SHOW /*!50002 GLOBAL */ STATUS;" will be added to the event. + default: false + title: MySQL galera_status metrics + description: Collect MySQL galera_status metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..ac9eba50f6952 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/agent/stream/stream.yml.hbs @@ -0,0 +1,10 @@ +paths: +{{#each paths}} + - {{this}} +{{/each}} +exclude_files: ['.gz$'] +multiline: + pattern: '^(# User@Host: |# Time: )' + negate: true + match: after +exclude_lines: ['^[\/\w\.]+, Version: .* started with:.*', '^# Time:.*'] # Exclude the header and time diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/elasticsearch/ingest-pipeline/default.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/elasticsearch/ingest-pipeline/default.json new file mode 100644 index 0000000000000..93ce577a3304d --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/elasticsearch/ingest-pipeline/default.json @@ -0,0 +1,86 @@ +{ + "description": "Pipeline for parsing MySQL slow logs.", + "processors": [{ + "grok": { + "field": "message", + "patterns":[ + "^# User@Host: %{USER:user.name}(\\[%{USER:mysql.slowlog.current_user}\\])? @ %{HOSTNAME:source.domain}? \\[%{IP:source.ip}?\\]%{METRICSPACE}(Id:%{SPACE}%{NUMBER:mysql.thread_id:long}%{METRICSPACE})?(Thread_id:%{SPACE}%{NUMBER:mysql.thread_id}%{METRICSPACE})?(Schema:%{SPACE}%{WORD:mysql.slowlog.schema}?%{METRICSPACE})?(Last_errno: %{NUMBER:mysql.slowlog.last_errno:long}%{METRICSPACE})?(Killed: %{NUMBER:mysql.slowlog.killed:long}%{METRICSPACE})?(QC_hit: %{WORD:mysql.slowlog.query_cache_hit}%{METRICSPACE})?(Query_time: %{NUMBER:temp.duration:float}%{METRICSPACE})?(Lock_time: %{NUMBER:mysql.slowlog.lock_time.sec:float}%{METRICSPACE})?(Rows_sent: %{NUMBER:mysql.slowlog.rows_sent:long}%{METRICSPACE})?(Rows_examined: %{NUMBER:mysql.slowlog.rows_examined:long}%{METRICSPACE})?(Rows_affected: %{NUMBER:mysql.slowlog.rows_affected:long}%{METRICSPACE})?(Thread_id: %{NUMBER:mysql.thread_id}%{METRICSPACE})?(Errno: %{NUMBER:mysql.slowlog.last_errno:long}%{METRICSPACE})?(Killed: %{NUMBER:mysql.slowlog.killed:long}%{METRICSPACE})?(Bytes_received: %{NUMBER:mysql.slowlog.bytes_received:long}%{METRICSPACE})?(Bytes_sent: %{NUMBER:mysql.slowlog.bytes_sent:long}%{METRICSPACE})?(Read_first: %{NUMBER:mysql.slowlog.read_first:long}%{METRICSPACE})?(Read_last: %{NUMBER:mysql.slowlog.read_last:long}%{METRICSPACE})?(Read_key: %{NUMBER:mysql.slowlog.read_key:long}%{METRICSPACE})?(Read_next: %{NUMBER:mysql.slowlog.read_next:long}%{METRICSPACE})?(Read_prev: %{NUMBER:mysql.slowlog.read_prev:long}%{METRICSPACE})?(Read_rnd: %{NUMBER:mysql.slowlog.read_rnd:long}%{METRICSPACE})?(Read_rnd_next: %{NUMBER:mysql.slowlog.read_rnd_next:long}%{METRICSPACE})?(Sort_merge_passes: %{NUMBER:mysql.slowlog.sort_merge_passes:long}%{METRICSPACE})?(Sort_range_count: %{NUMBER:mysql.slowlog.sort_range_count:long}%{METRICSPACE})?(Sort_rows: %{NUMBER:mysql.slowlog.sort_rows:long}%{METRICSPACE})?(Sort_scan_count: %{NUMBER:mysql.slowlog.sort_scan_count:long}%{METRICSPACE})?(Created_tmp_disk_tables: %{NUMBER:mysql.slowlog.tmp_disk_tables:long}%{METRICSPACE})?(Created_tmp_tables: %{NUMBER:mysql.slowlog.tmp_tables:long}%{METRICSPACE})?(Tmp_tables: %{NUMBER:mysql.slowlog.tmp_tables:long}%{METRICSPACE})?(Tmp_disk_tables: %{NUMBER:mysql.slowlog.tmp_disk_tables}%{METRICSPACE})?(Tmp_table_sizes: %{NUMBER:mysql.slowlog.tmp_table_sizes:long}%{METRICSPACE})?(Start: %{TIMESTAMP_ISO8601:event.start}%{METRICSPACE})?(End: %{TIMESTAMP_ISO8601:event.end}%{METRICSPACE})?(InnoDB_trx_id: %{WORD:mysql.slowlog.innodb.trx_id}%{METRICSPACE})?(QC_Hit: %{WORD:mysql.slowlog.query_cache_hit}%{METRICSPACE})?(Full_scan: %{WORD:mysql.slowlog.full_scan}%{METRICSPACE})?(Full_join: %{WORD:mysql.slowlog.full_join}%{METRICSPACE})?(Tmp_table: %{WORD:mysql.slowlog.tmp_table}%{METRICSPACE})?(Tmp_table_on_disk: %{WORD:mysql.slowlog.tmp_table_on_disk}%{METRICSPACE})?(Filesort: %{WORD:mysql.slowlog.filesort}%{METRICSPACE})?(Filesort_on_disk: %{WORD:mysql.slowlog.filesort_on_disk}%{METRICSPACE})?(Merge_passes: %{NUMBER:mysql.slowlog.merge_passes:long}%{METRICSPACE})?(Priority_queue: %{WORD:mysql.slowlog.priority_queue}%{METRICSPACE})?(No InnoDB statistics available for this query%{METRICSPACE})?(InnoDB_IO_r_ops: %{NUMBER:mysql.slowlog.innodb.io_r_ops:long}%{METRICSPACE})?(InnoDB_IO_r_bytes: %{NUMBER:mysql.slowlog.innodb.io_r_bytes:long}%{METRICSPACE})?(InnoDB_IO_r_wait: %{NUMBER:mysql.slowlog.innodb.io_r_wait.sec:float}%{METRICSPACE})?(InnoDB_rec_lock_wait: %{NUMBER:mysql.slowlog.innodb.rec_lock_wait.sec:float}%{METRICSPACE})?(InnoDB_queue_wait: %{NUMBER:mysql.slowlog.innodb.queue_wait.sec:float}%{METRICSPACE})?(InnoDB_pages_distinct: %{NUMBER:mysql.slowlog.innodb.pages_distinct:long}%{METRICSPACE})?(Log_slow_rate_type: %{WORD:mysql.slowlog.log_slow_rate_type}%{METRICSPACE})?(Log_slow_rate_limit: %{NUMBER:mysql.slowlog.log_slow_rate_limit:long}%{METRICSPACE})?%{EXPLAIN}(use %{WORD:mysql.slowlog.schema};\n)?SET timestamp=%{NUMBER:mysql.slowlog.timestamp:long};\n%{GREEDYMULTILINE:mysql.slowlog.query}" + ], + "pattern_definitions" : { + "GREEDYMULTILINE": "(.|\n)*", + "METRICSPACE": "([ #\n]*)", + "EXPLAIN": "(# explain:.*\n|#\\s*\n)*" + }, + "ignore_missing": true + } + }, { + "remove":{ + "field": "message" + } + }, { + "script": { + "lang": "painless", + "source": "for (field in params.fields) { def v = ctx.mysql.slowlog.get(field); if (v != null) { ctx.mysql.slowlog.put(field, params.mapping.get(v)) } }", + "params": { + "mapping": { + "Yes": true, + "No": false + }, + "fields": [ + "query_cache_hit", + "tmp_table", + "tmp_table_on_disk", + "filesort", + "filesort_on_disk", + "priority_queue", + "full_scan", + "full_join" + ] + } + } + }, { + "script": { + "lang": "painless", + "source": "ctx.event.duration = Math.round(ctx.temp.duration * 1000000) * 1000", + "if": "ctx.temp?.duration != null" + } + }, { + "remove": { + "field": "temp.duration", + "ignore_missing": true + } + }, { + "date": { + "field": "mysql.slowlog.timestamp", + "target_field": "@timestamp", + "formats": ["UNIX"], + "ignore_failure": true + } + }, { + "remove":{ + "field": "mysql.slowlog.timestamp", + "ignore_missing": true + } + }, { + "set":{ + "field": "event.kind", + "value": "event" + } + }, { + "append":{ + "field": "event.category", + "value": "database" + } + }, { + "append":{ + "field": "event.type", + "value": "info" + } + }], + "on_failure" : [{ + "set" : { + "field" : "error.message", + "value" : "{{ _ingest.on_failure_message }}" + } + }] +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/ecs.yml new file mode 100644 index 0000000000000..ba864aa07fb41 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/ecs.yml @@ -0,0 +1,29 @@ +- name: source + title: Source + group: 2 + type: group + fields: + - name: domain + level: core + type: keyword + description: Source domain. + ignore_above: 1024 + - name: ip + level: core + type: ip + description: IP address of the source (IPv4 or IPv6). +- name: user + title: User + group: 2 + type: group + fields: + - name: name + level: core + type: keyword + description: Short name or login of the user. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/fields.yml new file mode 100644 index 0000000000000..681c9d98d9343 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/fields.yml @@ -0,0 +1,180 @@ +- name: mysql.slowlog + type: group + fields: + - name: lock_time.sec + type: float + description: | + The amount of time the query waited for the lock to be available. The value is in seconds, as a floating point number. + - name: rows_sent + type: long + description: | + The number of rows returned by the query. + - name: rows_examined + type: long + description: | + The number of rows scanned by the query. + - name: rows_affected + type: long + description: | + The number of rows modified by the query. + - name: bytes_sent + type: long + format: bytes + description: | + The number of bytes sent to client. + - name: bytes_received + type: long + format: bytes + description: | + The number of bytes received from client. + - name: query + type: keyword + description: | + The slow query. + - name: schema + type: keyword + description: | + The schema where the slow query was executed. + - name: current_user + type: keyword + description: | + Current authenticated user, used to determine access privileges. Can differ from the value for user. + - name: last_errno + type: keyword + description: | + Last SQL error seen. + - name: killed + type: keyword + description: | + Code of the reason if the query was killed. + - name: query_cache_hit + type: boolean + description: | + Whether the query cache was hit. + - name: tmp_table + type: boolean + description: | + Whether a temporary table was used to resolve the query. + - name: tmp_table_on_disk + type: boolean + description: | + Whether the query needed temporary tables on disk. + - name: tmp_tables + type: long + description: | + Number of temporary tables created for this query + - name: tmp_disk_tables + type: long + description: | + Number of temporary tables created on disk for this query. + - name: tmp_table_sizes + type: long + format: bytes + description: Size of temporary tables created for this query. + - name: filesort + type: boolean + description: | + Whether filesort optimization was used. + - name: filesort_on_disk + type: boolean + description: | + Whether filesort optimization was used and it needed temporary tables on disk. + - name: priority_queue + type: boolean + description: | + Whether a priority queue was used for filesort. + - name: full_scan + type: boolean + description: | + Whether a full table scan was needed for the slow query. + - name: full_join + type: boolean + description: | + Whether a full join was needed for the slow query (no indexes were used for joins). + - name: merge_passes + type: long + description: | + Number of merge passes executed for the query. + - name: sort_merge_passes + type: long + description: | + Number of merge passes that the sort algorithm has had to do. + - name: sort_range_count + type: long + description: "Number of sorts that were done using ranges. \n" + - name: sort_rows + type: long + description: | + Number of sorted rows. + - name: sort_scan_count + type: long + description: | + Number of sorts that were done by scanning the table. + - name: log_slow_rate_type + type: keyword + description: | + Type of slow log rate limit, it can be `session` if the rate limit is applied per session, or `query` if it applies per query. + - name: log_slow_rate_limit + type: keyword + description: | + Slow log rate limit, a value of 100 means that one in a hundred queries or sessions are being logged. + - name: read_first + type: long + description: | + The number of times the first entry in an index was read. + - name: read_last + type: long + description: | + The number of times the last key in an index was read. + - name: read_key + type: long + description: | + The number of requests to read a row based on a key. + - name: read_next + type: long + description: | + The number of requests to read the next row in key order. + - name: read_prev + type: long + description: | + The number of requests to read the previous row in key order. + - name: read_rnd + type: long + description: "The number of requests to read a row based on a fixed position. + \n" + - name: read_rnd_next + type: long + description: | + The number of requests to read the next row in the data file. + - name: innodb + type: group + fields: + - name: trx_id + type: keyword + description: | + Transaction ID + - name: io_r_ops + type: long + description: | + Number of page read operations. + - name: io_r_bytes + type: long + format: bytes + description: | + Bytes read during page read operations. + - name: io_r_wait.sec + type: long + description: | + How long it took to read all needed data from storage. + - name: rec_lock_wait.sec + type: long + description: | + How long the query waited for locks. + - name: queue_wait.sec + type: long + description: | + How long the query waited to enter the InnoDB queue and to be executed once in the queue. + - name: pages_distinct + type: long + description: | + Approximated count of pages accessed to execute the query. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/package-fields.yml new file mode 100644 index 0000000000000..a35a72d6dd7f3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/fields/package-fields.yml @@ -0,0 +1,7 @@ +- name: mysql + type: group + fields: + - name: thread_id + type: long + description: | + The connection or thread ID for the query. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/manifest.yml new file mode 100644 index 0000000000000..b0ef940e3ecfd --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/slowlog/manifest.yml @@ -0,0 +1,22 @@ +title: MySQL slowlog logs +type: logs +release: beta +streams: +- input: logs + vars: + - name: paths + type: text + title: Slowlog paths + multi: true + required: true + show_user: true + default: + - /var/log/mysql/mysql-slow.log* + os.darwin: + default: + - /usr/local/var/mysql/localhost-slow.log* + os.windows: + default: + - c:/programdata/MySQL/MySQL Server*/mysql-slow.log* + title: MySQL slowlog logs + description: Collect MySQL slowlog logs diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..8cb5142b3d30d --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/agent/stream/stream.yml.hbs @@ -0,0 +1,15 @@ +metricsets: ["status"] +hosts: +{{#each hosts}} + - {{this}} +{{/each}} +{{#if password}} +password: {{password}} +{{/if}} +period: {{period}} +{{#if raw}} +raw: {{raw}} +{{/if}} +{{#if username}} +username: {{username}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/fields/fields.yml new file mode 100644 index 0000000000000..901a3728b252e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/fields/fields.yml @@ -0,0 +1,282 @@ +- name: mysql.status + type: group + release: ga + fields: + - name: aborted + type: group + fields: + - name: clients + type: long + description: | + The number of connections that were aborted because the client died without closing the connection properly. + - name: connects + type: long + description: | + The number of failed attempts to connect to the MySQL server. + - name: binlog + type: group + fields: + - name: cache.disk_use + type: long + - name: cache.use + type: long + - name: bytes + type: group + fields: + - name: received + type: long + format: bytes + description: | + The number of bytes received from all clients. + - name: sent + type: long + format: bytes + description: | + The number of bytes sent to all clients. + - name: threads + type: group + fields: + - name: cached + type: long + description: | + The number of cached threads. + - name: created + type: long + description: | + The number of created threads. + - name: connected + type: long + description: | + The number of connected threads. + - name: running + type: long + description: | + The number of running threads. + - name: connections + type: long + - name: created + type: group + fields: + - name: tmp.disk_tables + type: long + - name: tmp.files + type: long + - name: tmp.tables + type: long + - name: delayed + type: group + fields: + - name: errors + type: long + - name: insert_threads + type: long + - name: writes + type: long + - name: flush_commands + type: long + - name: max_used_connections + type: long + - name: open + type: group + fields: + - name: files + type: long + - name: streams + type: long + - name: tables + type: long + - name: opened_tables + type: long + - name: command + type: group + fields: + - name: delete + type: long + description: | + The number of DELETE queries since startup. + - name: insert + type: long + description: | + The number of INSERT queries since startup. + - name: select + type: long + description: | + The number of SELECT queries since startup. + - name: update + type: long + description: | + The number of UPDATE queries since startup. + - name: queries + type: long + description: | + The number of statements executed by the server. This variable includes statements executed within stored programs, unlike the Questions variable. It does not count COM_PING or COM_STATISTICS commands. + - name: questions + type: long + description: | + The number of statements executed by the server. This includes only statements sent to the server by clients and not statements executed within stored programs, unlike the Queries variable. This variable does not count COM_PING, COM_STATISTICS, COM_STMT_PREPARE, COM_STMT_CLOSE, or COM_STMT_RESET commands. + - name: handler + type: group + fields: + - name: commit + type: long + description: | + The number of internal COMMIT statements. + - name: delete + type: long + description: | + The number of times that rows have been deleted from tables. + - name: external_lock + type: long + description: | + The server increments this variable for each call to its external_lock() function, which generally occurs at the beginning and end of access to a table instance. + - name: mrr_init + type: long + description: | + The number of times the server uses a storage engine's own Multi-Range Read implementation for table access. + - name: prepare + type: long + description: | + A counter for the prepare phase of two-phase commit operations. + - name: read + type: group + fields: + - name: first + type: long + description: | + The number of times the first entry in an index was read. + - name: key + type: long + description: | + The number of requests to read a row based on a key. + - name: last + type: long + description: "The number of requests to read the last key in an index. \n" + - name: next + type: long + description: | + The number of requests to read the next row in key order. + - name: prev + type: long + description: | + The number of requests to read the previous row in key order. + - name: rnd + type: long + description: "The number of requests to read a row based on a fixed position. + \n" + - name: rnd_next + type: long + description: "The number of requests to read the next row in the data file. + \n" + - name: rollback + type: long + description: | + The number of requests for a storage engine to perform a rollback operation. + - name: savepoint + type: long + description: | + The number of requests for a storage engine to place a savepoint. + - name: savepoint_rollback + type: long + description: | + The number of requests for a storage engine to roll back to a savepoint. + - name: update + type: long + description: | + The number of requests to update a row in a table. + - name: write + type: long + description: | + The number of requests to insert a row in a table. + - name: innodb + type: group + fields: + - name: buffer_pool + type: group + fields: + - name: dump_status + type: long + description: | + The progress of an operation to record the pages held in the InnoDB buffer pool, triggered by the setting of innodb_buffer_pool_dump_at_shutdown or innodb_buffer_pool_dump_now. + - name: load_status + type: long + description: | + The progress of an operation to warm up the InnoDB buffer pool by reading in a set of pages corresponding to an earlier point in time, triggered by the setting of innodb_buffer_pool_load_at_startup or innodb_buffer_pool_load_now. + - name: bytes + type: group + fields: + - name: data + type: long + description: "The total number of bytes in the InnoDB buffer pool containing + data. \n" + - name: dirty + type: long + description: | + The total current number of bytes held in dirty pages in the InnoDB buffer pool. + - name: pages + type: group + fields: + - name: data + type: long + description: | + he number of pages in the InnoDB buffer pool containing data. + - name: dirty + type: long + description: | + The current number of dirty pages in the InnoDB buffer pool. + - name: flushed + type: long + description: | + The number of requests to flush pages from the InnoDB buffer pool. + - name: free + type: long + description: | + The number of free pages in the InnoDB buffer pool. + - name: latched + type: long + description: | + The number of latched pages in the InnoDB buffer pool. + - name: misc + type: long + description: | + The number of pages in the InnoDB buffer pool that are busy because they have been allocated for administrative overhead, such as row locks or the adaptive hash index. + - name: total + type: long + description: | + The total size of the InnoDB buffer pool, in pages. + - name: read + type: group + fields: + - name: ahead + type: long + description: | + The number of pages read into the InnoDB buffer pool by the read-ahead background thread. + - name: ahead_evicted + type: long + description: | + The number of pages read into the InnoDB buffer pool by the read-ahead background thread that were subsequently evicted without having been accessed by queries. + - name: ahead_rnd + type: long + description: | + The number of "random" read-aheads initiated by InnoDB. + - name: requests + type: long + description: | + The number of logical read requests. + - name: pool + type: group + fields: + - name: reads + type: long + description: | + The number of logical reads that InnoDB could not satisfy from the buffer pool, and had to read directly from disk. + - name: resize_status + type: long + description: | + The status of an operation to resize the InnoDB buffer pool dynamically, triggered by setting the innodb_buffer_pool_size parameter dynamically. + - name: wait_free + type: long + description: | + Normally, writes to the InnoDB buffer pool happen in the background. When InnoDB needs to read or create a page and no clean pages are available, InnoDB flushes some dirty pages first and waits for that operation to finish. This counter counts instances of these waits. + - name: write_requests + type: long + description: The number of writes done to the InnoDB buffer pool. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/fields/package-fields.yml new file mode 100644 index 0000000000000..57436911ee58b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: mysql + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/manifest.yml new file mode 100644 index 0000000000000..b9175fe7c0696 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/dataset/status/manifest.yml @@ -0,0 +1,21 @@ +title: MySQL status metrics +type: metrics +release: beta +streams: +- input: mysql/metrics + vars: + - name: period + type: text + title: Period + required: true + show_user: true + default: 10s + - name: raw + type: bool + title: Raw + description: > + When enabled, in addition to the existing data structure, all fields available from the mysql service through + "SHOW /*!50002 GLOBAL */ STATUS;" will be added to the event. + default: false + title: MySQL status metrics + description: Collect MySQL status metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/docs/README.md b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/docs/README.md new file mode 100644 index 0000000000000..68dac87331be2 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/docs/README.md @@ -0,0 +1,465 @@ +# MySQL Integration + +This integration periodically fetches logs and metrics from [https://www.mysql.com/](MySQL) servers. + +## Compatibility + +The `error` and `slowlog` datasets were tested with logs from MySQL 5.5, 5.7 and 8.0, MariaDB 10.1, 10.2 and 10.3, and Percona 5.7 and 8.0. + +The `galera_status` and `status` datasets were tested with MySQL and Percona 5.7 and 8.0 and are expected to work with all +versions >= 5.7.0. It is also tested with MariaDB 10.2, 10.3 and 10.4. + +## Logs + +### error + +The `error` dataset collects the MySQL error logs. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| event.category | Event category (e.g. database) | keyword | +| event.code | Identification code for this event | keyword | +| event.created | Date/time when the event was first read by an agent, or by your pipeline. | date | +| event.kind | Event kind (e.g. event) | keyword | +| event.provider | Source of the event (e.g. Server) | keyword | +| event.timezone | Time zone information | keyword | +| event.type | Event severity (e.g. info, error) | keyword | +| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | +| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | text | +| mysql.thread_id | The connection or thread ID for the query. | long | + + +### slowlog + +The `slowlog` dataset collects the MySQL slow logs. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| mysql.slowlog.bytes_received | The number of bytes received from client. | long | +| mysql.slowlog.bytes_sent | The number of bytes sent to client. | long | +| mysql.slowlog.current_user | Current authenticated user, used to determine access privileges. Can differ from the value for user. | keyword | +| mysql.slowlog.filesort | Whether filesort optimization was used. | boolean | +| mysql.slowlog.filesort_on_disk | Whether filesort optimization was used and it needed temporary tables on disk. | boolean | +| mysql.slowlog.full_join | Whether a full join was needed for the slow query (no indexes were used for joins). | boolean | +| mysql.slowlog.full_scan | Whether a full table scan was needed for the slow query. | boolean | +| mysql.slowlog.innodb.io_r_bytes | Bytes read during page read operations. | long | +| mysql.slowlog.innodb.io_r_ops | Number of page read operations. | long | +| mysql.slowlog.innodb.io_r_wait.sec | How long it took to read all needed data from storage. | long | +| mysql.slowlog.innodb.pages_distinct | Approximated count of pages accessed to execute the query. | long | +| mysql.slowlog.innodb.queue_wait.sec | How long the query waited to enter the InnoDB queue and to be executed once in the queue. | long | +| mysql.slowlog.innodb.rec_lock_wait.sec | How long the query waited for locks. | long | +| mysql.slowlog.innodb.trx_id | Transaction ID | keyword | +| mysql.slowlog.killed | Code of the reason if the query was killed. | keyword | +| mysql.slowlog.last_errno | Last SQL error seen. | keyword | +| mysql.slowlog.lock_time.sec | The amount of time the query waited for the lock to be available. The value is in seconds, as a floating point number. | float | +| mysql.slowlog.log_slow_rate_limit | Slow log rate limit, a value of 100 means that one in a hundred queries or sessions are being logged. | keyword | +| mysql.slowlog.log_slow_rate_type | Type of slow log rate limit, it can be `session` if the rate limit is applied per session, or `query` if it applies per query. | keyword | +| mysql.slowlog.merge_passes | Number of merge passes executed for the query. | long | +| mysql.slowlog.priority_queue | Whether a priority queue was used for filesort. | boolean | +| mysql.slowlog.query | The slow query. | keyword | +| mysql.slowlog.query_cache_hit | Whether the query cache was hit. | boolean | +| mysql.slowlog.read_first | The number of times the first entry in an index was read. | long | +| mysql.slowlog.read_key | The number of requests to read a row based on a key. | long | +| mysql.slowlog.read_last | The number of times the last key in an index was read. | long | +| mysql.slowlog.read_next | The number of requests to read the next row in key order. | long | +| mysql.slowlog.read_prev | The number of requests to read the previous row in key order. | long | +| mysql.slowlog.read_rnd | The number of requests to read a row based on a fixed position. | long | +| mysql.slowlog.read_rnd_next | The number of requests to read the next row in the data file. | long | +| mysql.slowlog.rows_affected | The number of rows modified by the query. | long | +| mysql.slowlog.rows_examined | The number of rows scanned by the query. | long | +| mysql.slowlog.rows_sent | The number of rows returned by the query. | long | +| mysql.slowlog.schema | The schema where the slow query was executed. | keyword | +| mysql.slowlog.sort_merge_passes | Number of merge passes that the sort algorithm has had to do. | long | +| mysql.slowlog.sort_range_count | Number of sorts that were done using ranges. | long | +| mysql.slowlog.sort_rows | Number of sorted rows. | long | +| mysql.slowlog.sort_scan_count | Number of sorts that were done by scanning the table. | long | +| mysql.slowlog.tmp_disk_tables | Number of temporary tables created on disk for this query. | long | +| mysql.slowlog.tmp_table | Whether a temporary table was used to resolve the query. | boolean | +| mysql.slowlog.tmp_table_on_disk | Whether the query needed temporary tables on disk. | boolean | +| mysql.slowlog.tmp_table_sizes | Size of temporary tables created for this query. | long | +| mysql.slowlog.tmp_tables | Number of temporary tables created for this query | long | +| mysql.thread_id | The connection or thread ID for the query. | long | +| source.domain | Source domain. | keyword | +| source.ip | IP address of the source (IPv4 or IPv6). | ip | +| user.name | Short name or login of the user. | keyword | + + +## Metrics + +### galera_status + +The `galera_status` dataset periodically fetches metrics from [http://galeracluster.com/](Galera)-MySQL cluster servers. + +An example event for `galera_status` looks as following: + +```$json +{ + "@timestamp":"2020-04-20T12:33:24.613Z", + "mysql":{ + "galera_status":{ + "apply":{ + "oooe":0, + "oool":0, + "window":1 + }, + "connected":"ON", + "flow_ctl":{ + "recv":0, + "sent":0, + "paused":0, + "paused_ns":0 + }, + "ready":"ON", + "received":{ + "count":173, + "bytes":152425 + }, + "local":{ + "state":"Synced", + "bf_aborts":0, + "cert_failures":0, + "commits":1325, + "recv":{ + "queue_max":2, + "queue_min":0, + "queue":0, + "queue_avg":0.011561 + }, + "replays":0, + "send":{ + "queue_min":0, + "queue":0, + "queue_avg":0, + "queue_max":1 + } + }, + "evs":{ + "evict":"", + "state":"OPERATIONAL" + }, + "repl":{ + "bytes":1689804, + "data_bytes":1540647, + "keys":4170, + "keys_bytes":63973, + "other_bytes":0, + "count":1331 + }, + "commit":{ + "oooe":0, + "window":1 + }, + "cluster":{ + "conf_id":930, + "size":3, + "status":"Primary" + }, + "last_committed":23944, + "cert":{ + "deps_distance":43.524557, + "index_size":22, + "interval":0 + } + } + }, + "fields":{ + "stream":{ + "type":"metrics", + "dataset":"mysql.galera_status", + "namespace":"default" + } + }, + "ecs":{ + "version":"1.5.0" + }, + "agent":{ + "hostname":"MacBook-Elastic.local", + "id":"ede0be38-46a9-4ffc-8f1e-2ff9195193b6", + "version":"8.0.0", + "type":"metricbeat", + "ephemeral_id":"4c773a2e-16d5-4d86-be49-cfb3573f4f4f" + }, + "event":{ + "dataset":"mysql.galera_status", + "module":"mysql", + "duration":3275482 + }, + "metricset":{ + "name":"galera_status", + "period":10000 + }, + "service":{ + "address":"127.0.0.1:3306", + "type":"mysql" + } +} +``` + +The fields reported are: + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| mysql.galera_status.apply.oooe | How often applier started write-set applying out-of-order (parallelization efficiency). | double | +| mysql.galera_status.apply.oool | How often write-set was so slow to apply that write-set with higher seqno's were applied earlier. Values closer to 0 refer to a greater gap between slow and fast write-sets. | double | +| mysql.galera_status.apply.window | Average distance between highest and lowest concurrently applied seqno. | double | +| mysql.galera_status.cert.deps_distance | Average distance between highest and lowest seqno value that can be possibly applied in parallel (potential degree of parallelization). | double | +| mysql.galera_status.cert.index_size | The number of entries in the certification index. | long | +| mysql.galera_status.cert.interval | Average number of transactions received while a transaction replicates. | double | +| mysql.galera_status.cluster.conf_id | Total number of cluster membership changes happened. | long | +| mysql.galera_status.cluster.size | Current number of members in the cluster. | long | +| mysql.galera_status.cluster.status | Status of this cluster component. That is, whether the node is part of a PRIMARY or NON_PRIMARY component. | keyword | +| mysql.galera_status.commit.oooe | How often a transaction was committed out of order. | double | +| mysql.galera_status.commit.window | Average distance between highest and lowest concurrently committed seqno. | long | +| mysql.galera_status.connected | If the value is OFF, the node has not yet connected to any of the cluster components. This may be due to misconfiguration. Check the error log for proper diagnostics. | keyword | +| mysql.galera_status.evs.evict | Lists the UUID's of all nodes evicted from the cluster. Evicted nodes cannot rejoin the cluster until you restart their mysqld processes. | keyword | +| mysql.galera_status.evs.state | Shows the internal state of the EVS Protocol. | keyword | +| mysql.galera_status.flow_ctl.paused | The fraction of time since the last FLUSH STATUS command that replication was paused due to flow control. In other words, how much the slave lag is slowing down the cluster. | double | +| mysql.galera_status.flow_ctl.paused_ns | The total time spent in a paused state measured in nanoseconds. | long | +| mysql.galera_status.flow_ctl.recv | Returns the number of FC_PAUSE events the node has received, including those the node has sent. Unlike most status variables, the counter for this one does not reset every time you run the query. | long | +| mysql.galera_status.flow_ctl.sent | Returns the number of FC_PAUSE events the node has sent. Unlike most status variables, the counter for this one does not reset every time you run the query. | long | +| mysql.galera_status.last_committed | The sequence number, or seqno, of the last committed transaction. | long | +| mysql.galera_status.local.bf_aborts | Total number of local transactions that were aborted by slave transactions while in execution. | long | +| mysql.galera_status.local.cert_failures | Total number of local transactions that failed certification test. | long | +| mysql.galera_status.local.commits | Total number of local transactions committed. | long | +| mysql.galera_status.local.recv.queue | Current (instantaneous) length of the recv queue. | long | +| mysql.galera_status.local.recv.queue_avg | Recv queue length averaged over interval since the last FLUSH STATUS command. Values considerably larger than 0.0 mean that the node cannot apply write-sets as fast as they are received and will generate a lot of replication throttling. | double | +| mysql.galera_status.local.recv.queue_max | The maximum length of the recv queue since the last FLUSH STATUS command. | long | +| mysql.galera_status.local.recv.queue_min | The minimum length of the recv queue since the last FLUSH STATUS command. | long | +| mysql.galera_status.local.replays | Total number of transaction replays due to asymmetric lock granularity. | long | +| mysql.galera_status.local.send.queue | Current (instantaneous) length of the send queue. | long | +| mysql.galera_status.local.send.queue_avg | Send queue length averaged over time since the last FLUSH STATUS command. Values considerably larger than 0.0 indicate replication throttling or network throughput issue. | double | +| mysql.galera_status.local.send.queue_max | The maximum length of the send queue since the last FLUSH STATUS command. | long | +| mysql.galera_status.local.send.queue_min | The minimum length of the send queue since the last FLUSH STATUS command. | long | +| mysql.galera_status.local.state | Internal Galera Cluster FSM state number. | keyword | +| mysql.galera_status.ready | Whether the server is ready to accept queries. | keyword | +| mysql.galera_status.received.bytes | Total size of write-sets received from other nodes. | long | +| mysql.galera_status.received.count | Total number of write-sets received from other nodes. | long | +| mysql.galera_status.repl.bytes | Total size of write-sets replicated. | long | +| mysql.galera_status.repl.count | Total number of write-sets replicated (sent to other nodes). | long | +| mysql.galera_status.repl.data_bytes | Total size of data replicated. | long | +| mysql.galera_status.repl.keys | Total number of keys replicated. | long | +| mysql.galera_status.repl.keys_bytes | Total size of keys replicated. | long | +| mysql.galera_status.repl.other_bytes | Total size of other bits replicated. | long | + + +### status + +The MySQL `status` dataset collects data from MySQL by running a `SHOW GLOBAL STATUS;` SQL query. This query returns a large number of metrics. + +An example event for `status` looks as following: + +```$json +{ + "@timestamp":"2020-04-20T12:32:54.614Z", + "mysql":{ + "status":{ + "max_used_connections":3, + "queries":479, + "handler":{ + "prepare":0, + "savepoint":0, + "update":0, + "delete":0, + "read":{ + "rnd_next":59604, + "first":8, + "key":6, + "last":0, + "next":1, + "prev":0, + "rnd":0 + }, + "rollback":0, + "write":0, + "commit":5, + "savepoint_rollback":0, + "external_lock":552, + "mrr_init":0 + }, + "aborted":{ + "clients":0, + "connects":0 + }, + "threads":{ + "running":2, + "cached":1, + "created":3, + "connected":2 + }, + "flush_commands":1, + "created":{ + "tmp":{ + "disk_tables":0, + "files":6, + "tables":0 + } + }, + "connections":159, + "command":{ + "insert":0, + "select":155, + "update":0, + "delete":0 + }, + "opened_tables":122, + "binlog":{ + "cache":{ + "use":0, + "disk_use":0 + } + }, + "delayed":{ + "writes":0, + "errors":0, + "insert_threads":0 + }, + "questions":479, + "innodb":{ + "buffer_pool":{ + "read":{ + "ahead_rnd":0, + "requests":1488, + "ahead":0, + "ahead_evicted":0 + }, + "pool":{ + "wait_free":0, + "reads":405 + }, + "write_requests":325, + "bytes":{ + "data":7176192, + "dirty":0 + }, + "pages":{ + "dirty":0, + "flushed":36, + "free":7753, + "misc":0, + "total":8191, + "data":438 + } + } + }, + "bytes":{ + "received":38468, + "sent":1622162 + }, + "open":{ + "streams":0, + "tables":115, + "files":14 + } + } + }, + "event":{ + "dataset":"mysql.status", + "module":"mysql", + "duration":4708776 + }, + "metricset":{ + "name":"status", + "period":10000 + }, + "fields":{ + "stream":{ + "type":"metrics", + "dataset":"mysql.status", + "namespace":"default" + } + }, + "ecs":{ + "version":"1.5.0" + }, + "agent":{ + "id":"ede0be38-46a9-4ffc-8f1e-2ff9195193b6", + "version":"8.0.0", + "type":"metricbeat", + "ephemeral_id":"4c773a2e-16d5-4d86-be49-cfb3573f4f4f", + "hostname":"MacBook-Elastic.local" + }, + "service":{ + "address":"127.0.0.1:3306", + "type":"mysql" + } +} +``` + +The fields reported are: + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| mysql.status.aborted.clients | The number of connections that were aborted because the client died without closing the connection properly. | long | +| mysql.status.aborted.connects | The number of failed attempts to connect to the MySQL server. | long | +| mysql.status.binlog.cache.disk_use | | long | +| mysql.status.binlog.cache.use | | long | +| mysql.status.bytes.received | The number of bytes received from all clients. | long | +| mysql.status.bytes.sent | The number of bytes sent to all clients. | long | +| mysql.status.command.delete | The number of DELETE queries since startup. | long | +| mysql.status.command.insert | The number of INSERT queries since startup. | long | +| mysql.status.command.select | The number of SELECT queries since startup. | long | +| mysql.status.command.update | The number of UPDATE queries since startup. | long | +| mysql.status.connections | | long | +| mysql.status.created.tmp.disk_tables | | long | +| mysql.status.created.tmp.files | | long | +| mysql.status.created.tmp.tables | | long | +| mysql.status.delayed.errors | | long | +| mysql.status.delayed.insert_threads | | long | +| mysql.status.delayed.writes | | long | +| mysql.status.flush_commands | | long | +| mysql.status.handler.commit | The number of internal COMMIT statements. | long | +| mysql.status.handler.delete | The number of times that rows have been deleted from tables. | long | +| mysql.status.handler.external_lock | The server increments this variable for each call to its external_lock() function, which generally occurs at the beginning and end of access to a table instance. | long | +| mysql.status.handler.mrr_init | The number of times the server uses a storage engine's own Multi-Range Read implementation for table access. | long | +| mysql.status.handler.prepare | A counter for the prepare phase of two-phase commit operations. | long | +| mysql.status.handler.read.first | The number of times the first entry in an index was read. | long | +| mysql.status.handler.read.key | The number of requests to read a row based on a key. | long | +| mysql.status.handler.read.last | The number of requests to read the last key in an index. | long | +| mysql.status.handler.read.next | The number of requests to read the next row in key order. | long | +| mysql.status.handler.read.prev | The number of requests to read the previous row in key order. | long | +| mysql.status.handler.read.rnd | The number of requests to read a row based on a fixed position. | long | +| mysql.status.handler.read.rnd_next | The number of requests to read the next row in the data file. | long | +| mysql.status.handler.rollback | The number of requests for a storage engine to perform a rollback operation. | long | +| mysql.status.handler.savepoint | The number of requests for a storage engine to place a savepoint. | long | +| mysql.status.handler.savepoint_rollback | The number of requests for a storage engine to roll back to a savepoint. | long | +| mysql.status.handler.update | The number of requests to update a row in a table. | long | +| mysql.status.handler.write | The number of requests to insert a row in a table. | long | +| mysql.status.innodb.buffer_pool.bytes.data | The total number of bytes in the InnoDB buffer pool containing data. | long | +| mysql.status.innodb.buffer_pool.bytes.dirty | The total current number of bytes held in dirty pages in the InnoDB buffer pool. | long | +| mysql.status.innodb.buffer_pool.dump_status | The progress of an operation to record the pages held in the InnoDB buffer pool, triggered by the setting of innodb_buffer_pool_dump_at_shutdown or innodb_buffer_pool_dump_now. | long | +| mysql.status.innodb.buffer_pool.load_status | The progress of an operation to warm up the InnoDB buffer pool by reading in a set of pages corresponding to an earlier point in time, triggered by the setting of innodb_buffer_pool_load_at_startup or innodb_buffer_pool_load_now. | long | +| mysql.status.innodb.buffer_pool.pages.data | he number of pages in the InnoDB buffer pool containing data. | long | +| mysql.status.innodb.buffer_pool.pages.dirty | The current number of dirty pages in the InnoDB buffer pool. | long | +| mysql.status.innodb.buffer_pool.pages.flushed | The number of requests to flush pages from the InnoDB buffer pool. | long | +| mysql.status.innodb.buffer_pool.pages.free | The number of free pages in the InnoDB buffer pool. | long | +| mysql.status.innodb.buffer_pool.pages.latched | The number of latched pages in the InnoDB buffer pool. | long | +| mysql.status.innodb.buffer_pool.pages.misc | The number of pages in the InnoDB buffer pool that are busy because they have been allocated for administrative overhead, such as row locks or the adaptive hash index. | long | +| mysql.status.innodb.buffer_pool.pages.total | The total size of the InnoDB buffer pool, in pages. | long | +| mysql.status.innodb.buffer_pool.pool.reads | The number of logical reads that InnoDB could not satisfy from the buffer pool, and had to read directly from disk. | long | +| mysql.status.innodb.buffer_pool.pool.resize_status | The status of an operation to resize the InnoDB buffer pool dynamically, triggered by setting the innodb_buffer_pool_size parameter dynamically. | long | +| mysql.status.innodb.buffer_pool.pool.wait_free | Normally, writes to the InnoDB buffer pool happen in the background. When InnoDB needs to read or create a page and no clean pages are available, InnoDB flushes some dirty pages first and waits for that operation to finish. This counter counts instances of these waits. | long | +| mysql.status.innodb.buffer_pool.read.ahead | The number of pages read into the InnoDB buffer pool by the read-ahead background thread. | long | +| mysql.status.innodb.buffer_pool.read.ahead_evicted | The number of pages read into the InnoDB buffer pool by the read-ahead background thread that were subsequently evicted without having been accessed by queries. | long | +| mysql.status.innodb.buffer_pool.read.ahead_rnd | The number of "random" read-aheads initiated by InnoDB. | long | +| mysql.status.innodb.buffer_pool.read.requests | The number of logical read requests. | long | +| mysql.status.innodb.buffer_pool.write_requests | The number of writes done to the InnoDB buffer pool. | long | +| mysql.status.max_used_connections | | long | +| mysql.status.open.files | | long | +| mysql.status.open.streams | | long | +| mysql.status.open.tables | | long | +| mysql.status.opened_tables | | long | +| mysql.status.queries | The number of statements executed by the server. This variable includes statements executed within stored programs, unlike the Questions variable. It does not count COM_PING or COM_STATISTICS commands. | long | +| mysql.status.questions | The number of statements executed by the server. This includes only statements sent to the server by clients and not statements executed within stored programs, unlike the Queries variable. This variable does not count COM_PING, COM_STATISTICS, COM_STMT_PREPARE, COM_STMT_CLOSE, or COM_STMT_RESET commands. | long | +| mysql.status.threads.cached | The number of cached threads. | long | +| mysql.status.threads.connected | The number of connected threads. | long | +| mysql.status.threads.created | The number of created threads. | long | +| mysql.status.threads.running | The number of running threads. | long | + diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/img/kibana-mysql.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/img/kibana-mysql.png new file mode 100644 index 0000000000000..13c5ea4d276fc Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/img/kibana-mysql.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/img/logo_mysql.svg b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/img/logo_mysql.svg new file mode 100644 index 0000000000000..cfe6cbb664e7f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/img/logo_mysql.svg @@ -0,0 +1,6 @@ + + + + + + diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/img/metricbeat-mysql.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/img/metricbeat-mysql.png new file mode 100644 index 0000000000000..ee6ec195d46b1 Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/img/metricbeat-mysql.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/dashboard/57b3fb50-6309-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/dashboard/57b3fb50-6309-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..b8f8ed341b729 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/dashboard/57b3fb50-6309-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,81 @@ +{ + "attributes": { + "description": "Overview of MySQL server", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false,\"useMargins\":true}", + "panelsJSON": "[{\"embeddableConfig\":{\"title\":\"Open Tables, Files, Streams\"},\"gridData\":{\"h\":15,\"i\":\"14\",\"w\":24,\"x\":24,\"y\":38},\"panelIndex\":\"14\",\"panelRefName\":\"panel_0\",\"title\":\"Open Tables, Files, Streams\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Rate of Questions\"},\"gridData\":{\"h\":12,\"i\":\"050b110b-0b4d-404a-86c0-fa97f7eed2a0\",\"w\":16,\"x\":0,\"y\":0},\"panelIndex\":\"050b110b-0b4d-404a-86c0-fa97f7eed2a0\",\"panelRefName\":\"panel_1\",\"title\":\"Rate of Questions\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Rate of SELECT statements\"},\"gridData\":{\"h\":12,\"i\":\"988a61d7-ac3e-481e-a6ae-aa75aaa32a3a\",\"w\":16,\"x\":16,\"y\":0},\"panelIndex\":\"988a61d7-ac3e-481e-a6ae-aa75aaa32a3a\",\"panelRefName\":\"panel_2\",\"title\":\"Rate of SELECT statements\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Rate of INSERT, UPDATE, DELETE\"},\"gridData\":{\"h\":12,\"i\":\"a1f8fa38-a62f-4e05-adde-e995dae9ad83\",\"w\":16,\"x\":32,\"y\":0},\"panelIndex\":\"a1f8fa38-a62f-4e05-adde-e995dae9ad83\",\"panelRefName\":\"panel_3\",\"title\":\"Rate of INSERT, UPDATE, DELETE\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Connected Threads\"},\"gridData\":{\"h\":12,\"i\":\"d126fb61-605f-43af-b5d5-3fa3c128f726\",\"w\":6,\"x\":0,\"y\":12},\"panelIndex\":\"d126fb61-605f-43af-b5d5-3fa3c128f726\",\"panelRefName\":\"panel_4\",\"title\":\"Connected Threads\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Connections\"},\"gridData\":{\"h\":12,\"i\":\"59586d96-3abd-48a3-a258-cfd620826ec2\",\"w\":14,\"x\":6,\"y\":12},\"panelIndex\":\"59586d96-3abd-48a3-a258-cfd620826ec2\",\"panelRefName\":\"panel_5\",\"title\":\"Connections\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Aborted Connections Rate\"},\"gridData\":{\"h\":12,\"i\":\"dd0cf202-fe22-4daf-8f25-09c64d412bf3\",\"w\":14,\"x\":20,\"y\":12},\"panelIndex\":\"dd0cf202-fe22-4daf-8f25-09c64d412bf3\",\"panelRefName\":\"panel_6\",\"title\":\"Aborted Connections Rate\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Thread Activity\"},\"gridData\":{\"h\":12,\"i\":\"ead16a55-a2d3-49ae-a09b-a0b03560e9a0\",\"w\":14,\"x\":34,\"y\":12},\"panelIndex\":\"ead16a55-a2d3-49ae-a09b-a0b03560e9a0\",\"panelRefName\":\"panel_7\",\"title\":\"Thread Activity\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Buffer Pool Pages\"},\"gridData\":{\"h\":14,\"i\":\"24fc2926-610d-4910-8f3e-eb63ca69788c\",\"w\":15,\"x\":0,\"y\":24},\"panelIndex\":\"24fc2926-610d-4910-8f3e-eb63ca69788c\",\"panelRefName\":\"panel_8\",\"title\":\"Buffer Pool Pages\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Buffer Pool Utilization\"},\"gridData\":{\"h\":14,\"i\":\"33c10c95-be67-492e-afb5-863f375cffc2\",\"w\":16,\"x\":15,\"y\":24},\"panelIndex\":\"33c10c95-be67-492e-afb5-863f375cffc2\",\"panelRefName\":\"panel_9\",\"title\":\"Buffer Pool Utilization\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Network Traffic\"},\"gridData\":{\"h\":15,\"i\":\"3cd58868-0d03-4715-9ecc-9fba3cde47c1\",\"w\":24,\"x\":0,\"y\":38},\"panelIndex\":\"3cd58868-0d03-4715-9ecc-9fba3cde47c1\",\"panelRefName\":\"panel_10\",\"title\":\"Network Traffic\",\"version\":\"7.3.1\"},{\"embeddableConfig\":{\"title\":\"Buffer Pool Efficiency\"},\"gridData\":{\"h\":14,\"i\":\"d35d7c5e-8832-40e2-8c77-953ad320c853\",\"w\":17,\"x\":31,\"y\":24},\"panelIndex\":\"d35d7c5e-8832-40e2-8c77-953ad320c853\",\"panelRefName\":\"panel_11\",\"title\":\"Buffer Pool Efficiency\",\"version\":\"7.3.1\"}]", + "timeRestore": false, + "title": "[Metrics MySQL] Database Overview", + "version": 1 + }, + "id": "57b3fb50-6309-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "dashboard": "7.3.0" + }, + "references": [ + { + "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "4fa69a10-630b-11ea-a83e-25b8612d00cc", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "7ea77d30-630a-11ea-a83e-25b8612d00cc", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "779ee920-6309-11ea-a83e-25b8612d00cc", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "fc6b5a40-630d-11ea-a83e-25b8612d00cc", + "name": "panel_4", + "type": "visualization" + }, + { + "id": "493e8460-630d-11ea-a83e-25b8612d00cc", + "name": "panel_5", + "type": "visualization" + }, + { + "id": "bf60bc10-639b-11ea-a83e-25b8612d00cc", + "name": "panel_6", + "type": "visualization" + }, + { + "id": "822df290-630f-11ea-a83e-25b8612d00cc", + "name": "panel_7", + "type": "visualization" + }, + { + "id": "98c7bca0-63a2-11ea-a83e-25b8612d00cc", + "name": "panel_8", + "type": "visualization" + }, + { + "id": "96d46630-63a4-11ea-a83e-25b8612d00cc", + "name": "panel_9", + "type": "visualization" + }, + { + "id": "c8661020-6310-11ea-a83e-25b8612d00cc", + "name": "panel_10", + "type": "visualization" + }, + { + "id": "a1e00160-63a4-11ea-a83e-25b8612d00cc", + "name": "panel_11", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/dashboard/Logs-MySQL-Dashboard-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/dashboard/Logs-MySQL-Dashboard-ecs.json new file mode 100644 index 0000000000000..6d654423633b9 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/dashboard/Logs-MySQL-Dashboard-ecs.json @@ -0,0 +1,51 @@ +{ + "attributes": { + "description": "Overview dashboard for the Logs MySQL integration", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":16,\"i\":\"1\",\"w\":24,\"x\":0,\"y\":28},\"panelIndex\":\"1\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"2\",\"w\":24,\"x\":0,\"y\":0},\"panelIndex\":\"2\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"3\",\"w\":24,\"x\":24,\"y\":0},\"panelIndex\":\"3\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"columns\":[\"log.level\",\"message\"],\"sort\":[\"@timestamp\",\"desc\"]},\"gridData\":{\"h\":20,\"i\":\"4\",\"w\":24,\"x\":24,\"y\":28},\"panelIndex\":\"4\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":16,\"i\":\"5\",\"w\":24,\"x\":24,\"y\":12},\"panelIndex\":\"5\",\"panelRefName\":\"panel_4\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":16,\"i\":\"6\",\"w\":24,\"x\":0,\"y\":12},\"panelIndex\":\"6\",\"panelRefName\":\"panel_5\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Logs MySQL] Overview ECS", + "version": 1 + }, + "id": "Logs-MySQL-Dashboard-ecs", + "migrationVersion": { + "dashboard": "7.3.0" + }, + "references": [ + { + "id": "MySQL-slowest-queries-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "MySQL-Slow-queries-over-time-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "MySQL-error-logs-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "Logs-MySQL-error-log-ecs", + "name": "panel_3", + "type": "search" + }, + { + "id": "MySQL-Error-logs-levels-ecs", + "name": "panel_4", + "type": "visualization" + }, + { + "id": "MySQL-Slow-logs-by-count-ecs", + "name": "panel_5", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/search/Logs-MySQL-Slow-log-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/search/Logs-MySQL-Slow-log-ecs.json new file mode 100644 index 0000000000000..15e829c5e2fbe --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/search/Logs-MySQL-Slow-log-ecs.json @@ -0,0 +1,42 @@ +{ + "attributes": { + "columns": [ + "_source" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\",\"key\":\"query\",\"negate\":false,\"type\":\"custom\",\"value\":\"{\\\"prefix\\\":{\\\"stream.dataset\\\":\\\"mysql.\\\"}}\"},\"query\":{\"prefix\":{\"stream.dataset\":\"mysql.\"}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\",\"key\":\"fileset.name\",\"negate\":false,\"params\":{\"query\":\"slowlog\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"slowlog\"},\"query\":{\"match\":{\"fileset.name\":{\"query\":\"slowlog\",\"type\":\"phrase\"}}}}],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Slow logs [Logs MySQL] ECS", + "version": 1 + }, + "id": "Logs-MySQL-Slow-log-ecs", + "migrationVersion": { + "search": "7.4.0" + }, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/search/Logs-MySQL-error-log-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/search/Logs-MySQL-error-log-ecs.json new file mode 100644 index 0000000000000..5a4df000e0ec7 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/search/Logs-MySQL-error-log-ecs.json @@ -0,0 +1,43 @@ +{ + "attributes": { + "columns": [ + "log.level", + "message" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\",\"key\":\"query\",\"negate\":false,\"type\":\"custom\",\"value\":\"{\\\"prefix\\\":{\\\"stream.dataset\\\":\\\"mysql.\\\"}}\"},\"query\":{\"prefix\":{\"stream.dataset\":\"mysql.\"}}},{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index\",\"key\":\"fileset.name\",\"negate\":false,\"params\":{\"query\":\"error\",\"type\":\"phrase\"},\"type\":\"phrase\",\"value\":\"error\"},\"query\":{\"match\":{\"fileset.name\":{\"query\":\"error\",\"type\":\"phrase\"}}}}],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Error logs [Logs MySQL] ECS", + "version": 1 + }, + "id": "Logs-MySQL-error-log-ecs", + "migrationVersion": { + "search": "7.4.0" + }, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + }, + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[1].meta.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/493e8460-630d-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/493e8460-630d-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..bf6c85f46c457 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/493e8460-630d-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Connections [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(198,135,31,1)\",\"fill\":\"0.2\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Connection rate\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.connections\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"max\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"id\":\"caee3e70-630c-11ea-99e6-b5eed31db613\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"caee3e70-630c-11ea-99e6-b5eed31db613\",\"id\":\"d4eb4fd0-630c-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(115,216,255,0.89)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"fe9af660-630b-11ea-99e6-b5eed31db613\",\"label\":\"Connected\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.threads.connected\",\"id\":\"fe9af661-630b-11ea-99e6-b5eed31db613\",\"type\":\"max\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":\"0\",\"formatter\":\"number\",\"id\":\"e3d46bf0-630f-11ea-99e6-b5eed31db613\",\"label\":\"Max Used Connections\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.max_used_connections\",\"id\":\"e3d46bf1-630f-11ea-99e6-b5eed31db613\",\"type\":\"avg\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Connections [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "493e8460-630d-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/4fa69a10-630b-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/4fa69a10-630b-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..40be0ec9bd246 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/4fa69a10-630b-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Question rates [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"id\":\"d61928d0-6309-11ea-99e6-b5eed31db613\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"right\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(252,220,0,1)\",\"fill\":\"0.3\",\"formatter\":\"'0.0a'\",\"id\":\"3c2a2a40-f1f4-11e7-a752-236fe3270d99\",\"label\":\"SELECT\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.questions\",\"id\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"id\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"id\":\"82f59710-6309-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":0,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Question rates [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "4fa69a10-630b-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/779ee920-6309-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/779ee920-6309-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..2359ab6835486 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/779ee920-6309-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Insert, Update, Delete rates [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"id\":\"d61928d0-6309-11ea-99e6-b5eed31db613\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(104,204,202,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"3c2a2a40-f1f4-11e7-a752-236fe3270d99\",\"label\":\"INSERT\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.command.insert\",\"id\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"id\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"id\":\"82f59710-6309-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(252,220,0,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"485ce050-f1f4-11e7-a752-236fe3270d99\",\"label\":\"UPDATE\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.command.update\",\"id\":\"485ce051-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"485ce051-f1f4-11e7-a752-236fe3270d99\",\"id\":\"485ce052-f1f4-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"485ce052-f1f4-11e7-a752-236fe3270d99\",\"id\":\"a4092660-6309-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(244,78,59,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"543a4a70-f1f4-11e7-a752-236fe3270d99\",\"label\":\"DELETE\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.command.delete\",\"id\":\"543a4a71-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"543a4a71-f1f4-11e7-a752-236fe3270d99\",\"id\":\"543a4a72-f1f4-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"543a4a72-f1f4-11e7-a752-236fe3270d99\",\"id\":\"bae29b50-6309-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Insert, Update, Delete rates [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "779ee920-6309-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/7ea77d30-630a-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/7ea77d30-630a-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..e052d8ce47b7b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/7ea77d30-630a-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "SELECT rates [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"id\":\"d61928d0-6309-11ea-99e6-b5eed31db613\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"right\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,156,224,1)\",\"fill\":\"0.3\",\"formatter\":\"'0.0a'\",\"id\":\"3c2a2a40-f1f4-11e7-a752-236fe3270d99\",\"label\":\"SELECT\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.command.select\",\"id\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"id\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"3c2a2a42-f1f4-11e7-a752-236fe3270d99\",\"id\":\"82f59710-6309-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":0,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"SELECT rates [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "7ea77d30-630a-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/822df290-630f-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/822df290-630f-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..5086f0eb2a553 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/822df290-630f-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Thread Activity [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(226,115,0,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Avg Threads Running\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.threads.running\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(22,165,165,1)\",\"fill\":\"0\",\"formatter\":\"number\",\"id\":\"895f0820-630e-11ea-99e6-b5eed31db613\",\"label\":\"Peak Threads Running\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.threads.running\",\"id\":\"895f0821-630e-11ea-99e6-b5eed31db613\",\"type\":\"max\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(77,77,77,1)\",\"fill\":\"0\",\"formatter\":\"number\",\"id\":\"f8752460-630e-11ea-99e6-b5eed31db613\",\"label\":\"Peak Threads Connected\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.threads.connected\",\"id\":\"f8752461-630e-11ea-99e6-b5eed31db613\",\"type\":\"max\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Thread Activity [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "822df290-630f-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/96d46630-63a4-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/96d46630-63a4-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..c1aa15d01c46a --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/96d46630-63a4-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Buffer Pool Utilization [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_min\":0,\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"background_color_rules\":[{\"id\":\"0f20fa60-63a3-11ea-90a2-c51229c5db5f\"}],\"bar_color_rules\":[{\"id\":\"0e1ecca0-63a3-11ea-90a2-c51229c5db5f\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"filter\":{\"language\":\"kuery\",\"query\":\"\"},\"gauge_color_rules\":[{\"id\":\"07c08ce0-63a3-11ea-90a2-c51229c5db5f\"}],\"gauge_inner_width\":10,\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"515b9dd0-639f-11ea-96d8-1943b9bb65d9\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(226,115,0,1)\",\"fill\":\"0.1\",\"formatter\":\"percent\",\"id\":\"256f1f40-63a3-11ea-90a2-c51229c5db5f\",\"label\":\"Utilization\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.innodb.buffer_pool.pages.total\",\"id\":\"256f1f41-63a3-11ea-90a2-c51229c5db5f\",\"type\":\"max\"},{\"field\":\"mysql.status.innodb.buffer_pool.pages.free\",\"id\":\"256f1f43-63a3-11ea-90a2-c51229c5db5f\",\"type\":\"max\"},{\"id\":\"256f1f45-63a3-11ea-90a2-c51229c5db5f\",\"script\":\"params.total != null \\u0026\\u0026 params.total \\u003e 0 ? (params.total - params.free)/params.total : null\",\"type\":\"calculation\",\"variables\":[{\"field\":\"256f1f41-63a3-11ea-90a2-c51229c5db5f\",\"id\":\"256f1f42-63a3-11ea-90a2-c51229c5db5f\",\"name\":\"total\"},{\"field\":\"256f1f43-63a3-11ea-90a2-c51229c5db5f\",\"id\":\"256f1f44-63a3-11ea-90a2-c51229c5db5f\",\"name\":\"free\"}]}],\"point_size\":\"2\",\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Buffer Pool Utilization [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "96d46630-63a4-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/98c7bca0-63a2-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/98c7bca0-63a2-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..a5db66cf3ddd6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/98c7bca0-63a2-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Buffer Pool Pages [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_min\":0,\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"filter\":{\"language\":\"kuery\",\"query\":\"\"},\"id\":\"515b9dd0-639f-11ea-96d8-1943b9bb65d9\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":\"0\",\"formatter\":\"'0.0a'\",\"id\":\"37f2d600-63a0-11ea-90a2-c51229c5db5f\",\"label\":\"Buffer Pool Pages Data\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.innodb.buffer_pool.pages.data\",\"id\":\"37f2d601-63a0-11ea-90a2-c51229c5db5f\",\"type\":\"avg\"}],\"point_size\":1,\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(22,165,165,1)\",\"fill\":\"0\",\"formatter\":\"'0.0a'\",\"id\":\"57ae9d80-63a0-11ea-90a2-c51229c5db5f\",\"label\":\"Buffer Pool Pages Free\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.innodb.buffer_pool.pages.free\",\"id\":\"57ae9d81-63a0-11ea-90a2-c51229c5db5f\",\"type\":\"avg\"}],\"point_size\":1,\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(102,102,102,1)\",\"fill\":\"0\",\"formatter\":\"'0.0a'\",\"id\":\"c86cc470-63a0-11ea-90a2-c51229c5db5f\",\"label\":\"Buffer Pool Pages Total\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.innodb.buffer_pool.pages.total\",\"id\":\"c86ceb80-63a0-11ea-90a2-c51229c5db5f\",\"type\":\"avg\"}],\"point_size\":1,\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Buffer Pool Pages [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "98c7bca0-63a2-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-Error-logs-levels-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-Error-logs-levels-ecs.json new file mode 100644 index 0000000000000..63c0ce73520e6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-Error-logs-levels-ecs.json @@ -0,0 +1,25 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Error logs levels breakdown [Logs MySQL] ECS", + "uiStateJSON": "{\"vis\":{\"colors\":{\"ERROR\":\"#E24D42\",\"Note\":\"#9AC48A\",\"Warning\":\"#F9934E\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"log.level\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":false,\"legendPosition\":\"bottom\",\"shareYAxis\":true,\"type\":\"pie\"},\"title\":\"Error logs levels breakdown [Logs MySQL] ECS\",\"type\":\"pie\"}" + }, + "id": "MySQL-Error-logs-levels-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [ + { + "id": "Logs-MySQL-error-log-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-Slow-logs-by-count-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-Slow-logs-by-count-ecs.json new file mode 100644 index 0000000000000..2f75b28c63a6f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-Slow-logs-by-count-ecs.json @@ -0,0 +1,25 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Slow logs breakdown [Logs MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"mysql.slowlog.query\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":false,\"legendPosition\":\"bottom\",\"shareYAxis\":true,\"type\":\"pie\"},\"title\":\"Slow logs breakdown [Logs MySQL] ECS\",\"type\":\"pie\"}" + }, + "id": "MySQL-Slow-logs-by-count-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [ + { + "id": "Logs-MySQL-Slow-log-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-Slow-queries-over-time-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-Slow-queries-over-time-ecs.json new file mode 100644 index 0000000000000..6ab5d262c8d6f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-Slow-queries-over-time-ecs.json @@ -0,0 +1,25 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Slow queries over time [Logs MySQL] ECS", + "uiStateJSON": "{\"vis\":{\"colors\":{\"Slow queries\":\"#EF843C\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Slow queries\"},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"}],\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"@timestamp per 30 seconds\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Slow queries\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Slow queries\"},\"type\":\"value\"}],\"yAxis\":{}},\"title\":\"Slow queries over time [Logs MySQL] ECS\",\"type\":\"histogram\"}" + }, + "id": "MySQL-Slow-queries-over-time-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [ + { + "id": "Logs-MySQL-Slow-log-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-error-logs-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-error-logs-ecs.json new file mode 100644 index 0000000000000..23e89c43a7440 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-error-logs-ecs.json @@ -0,0 +1,25 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Error logs over time [Logs MySQL] ECS", + "uiStateJSON": "{\"vis\":{\"colors\":{\"Count\":\"#447EBC\",\"Error logs\":\"#1F78C1\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Error logs\"},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"}],\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"categoryAxes\":[{\"id\":\"CategoryAxis-1\",\"labels\":{\"show\":true,\"truncate\":100},\"position\":\"bottom\",\"scale\":{\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"@timestamp per 30 seconds\"},\"type\":\"category\"}],\"defaultYExtents\":false,\"grid\":{\"categoryLines\":false,\"style\":{\"color\":\"#eee\"}},\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"seriesParams\":[{\"data\":{\"id\":\"1\",\"label\":\"Error logs\"},\"drawLinesBetweenPoints\":true,\"mode\":\"stacked\",\"show\":\"true\",\"showCircles\":true,\"type\":\"histogram\",\"valueAxis\":\"ValueAxis-1\"}],\"setYExtents\":false,\"shareYAxis\":true,\"times\":[],\"type\":\"histogram\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"filter\":false,\"rotate\":0,\"show\":true,\"truncate\":100},\"name\":\"LeftAxis-1\",\"position\":\"left\",\"scale\":{\"mode\":\"normal\",\"type\":\"linear\"},\"show\":true,\"style\":{},\"title\":{\"text\":\"Error logs\"},\"type\":\"value\"}],\"yAxis\":{}},\"title\":\"Error logs over time [Logs MySQL] ECS\",\"type\":\"histogram\"}" + }, + "id": "MySQL-error-logs-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [ + { + "id": "Logs-MySQL-error-log-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-slowest-queries-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-slowest-queries-ecs.json new file mode 100644 index 0000000000000..12ed95c167142 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/MySQL-slowest-queries-ecs.json @@ -0,0 +1,25 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Top slowest queries [Logs MySQL] ECS", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Query time\",\"field\":\"event.duration\"},\"schema\":\"metric\",\"type\":\"max\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"Query\",\"field\":\"mysql.slowlog.query\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"customLabel\":\"User\",\"field\":\"user.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"}],\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"Top slowest queries [Logs MySQL] ECS\",\"type\":\"table\"}" + }, + "id": "MySQL-slowest-queries-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [ + { + "id": "Logs-MySQL-Slow-log-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/a1e00160-63a4-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/a1e00160-63a4-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..60baeb67d8ad3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/a1e00160-63a4-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Buffer Pool Efficiency [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_min\":0,\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"background_color_rules\":[{\"id\":\"0f20fa60-63a3-11ea-90a2-c51229c5db5f\"}],\"bar_color_rules\":[{\"id\":\"0e1ecca0-63a3-11ea-90a2-c51229c5db5f\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"filter\":{\"language\":\"kuery\",\"query\":\"\"},\"gauge_color_rules\":[{\"id\":\"07c08ce0-63a3-11ea-90a2-c51229c5db5f\"}],\"gauge_inner_width\":10,\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"515b9dd0-639f-11ea-96d8-1943b9bb65d9\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(87,177,211,1)\",\"fill\":\"0.1\",\"formatter\":\"number\",\"hidden\":false,\"id\":\"a397d570-63a2-11ea-90a2-c51229c5db5f\",\"label\":\"Effeciency (lower is better)\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.innodb.buffer_pool.pool.reads\",\"id\":\"a397d571-63a2-11ea-90a2-c51229c5db5f\",\"type\":\"max\"},{\"field\":\"mysql.status.innodb.buffer_pool.read.requests\",\"id\":\"ad177970-63a2-11ea-90a2-c51229c5db5f\",\"type\":\"max\"},{\"id\":\"af58ddf0-63a2-11ea-90a2-c51229c5db5f\",\"script\":\"params.pool_read_requests != null \\u0026\\u0026 params.pool_read_requests \\u003e 0 ? (params.pool_reads/params.pool_read_requests) * 100: null\",\"type\":\"calculation\",\"variables\":[{\"field\":\"a397d571-63a2-11ea-90a2-c51229c5db5f\",\"id\":\"b1b6cb20-63a2-11ea-90a2-c51229c5db5f\",\"name\":\"pool_reads\"},{\"field\":\"ad177970-63a2-11ea-90a2-c51229c5db5f\",\"id\":\"c3fe5be0-63a2-11ea-90a2-c51229c5db5f\",\"name\":\"pool_read_requests\"}]}],\"point_size\":\"2\",\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Buffer Pool Efficiency [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "a1e00160-63a4-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs.json new file mode 100644 index 0000000000000..e0b45ee0f417e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Open tables, files, streams [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(22,165,165,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Open Tables\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.open.tables\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(252,196,0,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"615a2400-6312-11ea-99e6-b5eed31db613\",\"label\":\"Open Files\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.open.files\",\"id\":\"615a2401-6312-11ea-99e6-b5eed31db613\",\"type\":\"avg\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(226,115,0,1)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"15d7bcd0-6313-11ea-99e6-b5eed31db613\",\"label\":\"Open Streams\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.open.streams\",\"id\":\"15d7bcd1-6313-11ea-99e6-b5eed31db613\",\"type\":\"avg\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Open tables, files, streams [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "aaa326b0-f1f5-11e7-85ab-594b1652e0d1-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/bf60bc10-639b-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/bf60bc10-639b-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..6bbad70bddc97 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/bf60bc10-639b-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Aborted Connections Rate [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"id\":\"d61928d0-6309-11ea-99e6-b5eed31db613\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(176,188,0,1)\",\"fill\":\"0.3\",\"formatter\":\"'0.0a'\",\"id\":\"3c2a2a40-f1f4-11e7-a752-236fe3270d99\",\"label\":\"Aborted Connections\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.aborted.clients\",\"id\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"3c2a2a41-f1f4-11e7-a752-236fe3270d99\",\"id\":\"6d053540-639b-11ea-83d6-4f7a6fe5aed4\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"6d053540-639b-11ea-83d6-4f7a6fe5aed4\",\"id\":\"7548afc0-639b-11ea-83d6-4f7a6fe5aed4\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(251,158,0,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"d6572ee0-639b-11ea-83d6-4f7a6fe5aed4\",\"label\":\"Failed Attempts to Connect \",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.aborted.connects\",\"id\":\"d6572ee1-639b-11ea-83d6-4f7a6fe5aed4\",\"type\":\"max\"},{\"field\":\"d6572ee1-639b-11ea-83d6-4f7a6fe5aed4\",\"id\":\"e4a63540-639b-11ea-83d6-4f7a6fe5aed4\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"id\":\"ec492a00-639b-11ea-83d6-4f7a6fe5aed4\",\"type\":\"positive_only\"}],\"point_size\":1,\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Aborted Connections Rate [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "bf60bc10-639b-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/c8661020-6310-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/c8661020-6310-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..05b0372ab0f1a --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/c8661020-6310-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Network Traffic [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,98,177,1)\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"2b1c2390-f1f7-11e7-a752-236fe3270d99\",\"label\":\"Received bytes\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.bytes.received\",\"id\":\"2b1c2391-f1f7-11e7-a752-236fe3270d99\",\"type\":\"max\"},{\"field\":\"2b1c2391-f1f7-11e7-a752-236fe3270d99\",\"id\":\"2b1c2392-f1f7-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"2b1c2392-f1f7-11e7-a752-236fe3270d99\",\"id\":\"788d3c90-6310-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"},{\"id\":\"88f8e160-6310-11ea-99e6-b5eed31db613\",\"script\":\"params.received != null \\u0026\\u0026 params.received \\u003e 0 ? params.received * -1 : null\",\"type\":\"calculation\",\"variables\":[{\"field\":\"788d3c90-6310-11ea-99e6-b5eed31db613\",\"id\":\"8beb4660-6310-11ea-99e6-b5eed31db613\",\"name\":\"received\"}]}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Sent bytes\",\"line_width\":1,\"metrics\":[{\"field\":\"mysql.status.bytes.sent\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"max\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"id\":\"23cfda50-f1f7-11e7-a752-236fe3270d99\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"23cfda50-f1f7-11e7-a752-236fe3270d99\",\"id\":\"ad26a900-6310-11ea-99e6-b5eed31db613\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Network Traffic [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "c8661020-6310-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/fc6b5a40-630d-11ea-a83e-25b8612d00cc.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/fc6b5a40-630d-11ea-a83e-25b8612d00cc.json new file mode 100644 index 0000000000000..e393a8cebe4b6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/kibana/visualization/fc6b5a40-630d-11ea-a83e-25b8612d00cc.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Connected Threads [Metrics MySQL] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"background_color_rules\":[{\"id\":\"d5fcf170-630d-11ea-99e6-b5eed31db613\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"gauge_color_rules\":[{\"id\":\"f1321f60-630d-11ea-99e6-b5eed31db613\"}],\"gauge_inner_width\":10,\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(115,216,255,0.89)\",\"fill\":\"0.3\",\"formatter\":\"number\",\"id\":\"fe9af660-630b-11ea-99e6-b5eed31db613\",\"label\":\"Connections\",\"line_width\":\"2\",\"metrics\":[{\"field\":\"mysql.status.threads.connected\",\"id\":\"fe9af661-630b-11ea-99e6-b5eed31db613\",\"type\":\"max\"}],\"point_size\":\"0\",\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"gauge\"},\"title\":\"Connected Threads [Metrics MySQL] ECS\",\"type\":\"metrics\"}" + }, + "id": "fc6b5a40-630d-11ea-a83e-25b8612d00cc", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/manifest.yml new file mode 100644 index 0000000000000..732e73555baa4 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/mysql/0.1.1/manifest.yml @@ -0,0 +1,59 @@ +format_version: 1.0.0 +name: mysql +title: MySQL +version: 0.1.1 +license: basic +description: MySQL Integration +type: integration +categories: +- logs +- metrics +release: beta +removable: true +requirement: + kibana: + versions: '>=7.3.1 <8.0.0' + elasticsearch: + versions: '>7.0.1' +screenshots: +- src: /img/kibana-mysql.png + title: kibana mysql + size: 1227x1026 + type: image/png +- src: /img/metricbeat-mysql.png + title: metricbeat mysql + size: 2562x2540 + type: image/png +icons: +- src: /img/logo_mysql.svg + title: logo mysql + size: 32x32 + type: image/svg+xml +datasources: +- name: mysql + title: MySQL logs and metrics + description: Collect logs and metrics from MySQL instances + inputs: + - type: logs + title: Collect logs from MySQL hosts + description: Collecting MySQL error and slowlog logs + - type: mysql/metrics + title: Collect metrics from MySQL hosts + description: Collecting MySQL status and galera_status metrics + vars: + - name: hosts + type: text + title: MySQL DSN + multi: true + required: true + show_user: true + default: + - tcp(127.0.0.1:3306)/ + - name: username + type: text + title: Username + default: root + - name: password + type: password + title: Password + default: test diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..d0d5ed877c78e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/agent/stream/stream.yml.hbs @@ -0,0 +1,7 @@ +paths: +{{#each paths}} + - {{this}} +{{/each}} +exclude_files: [".gz$"] +processors: +- add_locale: ~ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/elasticsearch/ingest-pipeline/default.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/elasticsearch/ingest-pipeline/default.yml new file mode 100644 index 0000000000000..9de5d5e7c4b65 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/elasticsearch/ingest-pipeline/default.yml @@ -0,0 +1,168 @@ +--- +description: Pipeline for parsing Nginx access logs. Requires the geoip and user_agent + plugins. +processors: +- grok: + field: message + patterns: + - (%{NGINX_HOST} )?"?(?:%{NGINX_ADDRESS_LIST:nginx.access.remote_ip_list}|%{NOTSPACE:source.address}) + - (-|%{DATA:user.name}) \[%{HTTPDATE:nginx.access.time}\] "%{DATA:nginx.access.info}" + %{NUMBER:http.response.status_code:long} %{NUMBER:http.response.body.bytes:long} + "(-|%{DATA:http.request.referrer})" "(-|%{DATA:user_agent.original})" + pattern_definitions: + NGINX_HOST: (?:%{IP:destination.ip}|%{NGINX_NOTSEPARATOR:destination.domain})(:%{NUMBER:destination.port})? + NGINX_NOTSEPARATOR: "[^\t ,:]+" + NGINX_ADDRESS_LIST: (?:%{IP}|%{WORD})("?,?\s*(?:%{IP}|%{WORD}))* + ignore_missing: true +- grok: + field: nginx.access.info + patterns: + - '%{WORD:http.request.method} %{DATA:url.original} HTTP/%{NUMBER:http.version}' + - "" + ignore_missing: true +- remove: + field: nginx.access.info +- split: + field: nginx.access.remote_ip_list + separator: '"?,?\s+' + ignore_missing: true +- split: + field: nginx.access.origin + separator: '"?,?\s+' + ignore_missing: true +- set: + field: source.address + if: ctx.source?.address == null + value: "" +- script: + if: ctx.nginx?.access?.remote_ip_list != null && ctx.nginx.access.remote_ip_list.length > 0 + lang: painless + source: >- + boolean isPrivate(def dot, def ip) { + try { + StringTokenizer tok = new StringTokenizer(ip, dot); + int firstByte = Integer.parseInt(tok.nextToken()); + int secondByte = Integer.parseInt(tok.nextToken()); + if (firstByte == 10) { + return true; + } + if (firstByte == 192 && secondByte == 168) { + return true; + } + if (firstByte == 172 && secondByte >= 16 && secondByte <= 31) { + return true; + } + if (firstByte == 127) { + return true; + } + return false; + } + catch (Exception e) { + return false; + } + } + try { + ctx.source.address = null; + if (ctx.nginx.access.remote_ip_list == null) { + return; + } + def found = false; + for (def item : ctx.nginx.access.remote_ip_list) { + if (!isPrivate(params.dot, item)) { + ctx.source.address = item; + found = true; + break; + } + } + if (!found) { + ctx.source.address = ctx.nginx.access.remote_ip_list[0]; + } + } + catch (Exception e) { + ctx.source.address = null; + } + params: + dot: . +- remove: + field: source.address + if: ctx.source.address == null +- grok: + field: source.address + patterns: + - ^%{IP:source.ip}$ + ignore_failure: true +- remove: + field: message +- rename: + field: '@timestamp' + target_field: event.created +- date: + field: nginx.access.time + target_field: '@timestamp' + formats: + - dd/MMM/yyyy:H:m:s Z + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- remove: + field: nginx.access.time +- user_agent: + field: user_agent.original + ignore_missing: true +- geoip: + field: source.ip + target_field: source.geo + ignore_missing: true +- geoip: + database_file: GeoLite2-ASN.mmdb + field: source.ip + target_field: source.as + properties: + - asn + - organization_name + ignore_missing: true +- rename: + field: source.as.asn + target_field: source.as.number + ignore_missing: true +- rename: + field: source.as.organization_name + target_field: source.as.organization.name + ignore_missing: true +- set: + field: event.kind + value: event +- append: + field: event.category + value: web +- append: + field: event.type + value: access +- set: + field: event.outcome + value: success + if: "ctx?.http?.response?.status_code != null && ctx.http.response.status_code < 400" +- set: + field: event.outcome + value: failure + if: "ctx?.http?.response?.status_code != null && ctx.http.response.status_code >= 400" +- lowercase: + field: http.request.method + ignore_missing: true +- append: + field: related.ip + value: "{{source.ip}}" + if: "ctx?.source?.ip != null" +- append: + field: related.ip + value: "{{destination.ip}}" + if: "ctx?.destination?.ip != null" +- append: + field: related.user + value: "{{user.name}}" + if: "ctx?.user?.name != null" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/ecs.yml new file mode 100644 index 0000000000000..98ad5bf38ce13 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/ecs.yml @@ -0,0 +1,133 @@ +- name: http + title: HTTP + group: 2 + type: group + fields: + - name: request.method + level: extended + type: keyword + description: |- + HTTP request method. + The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". + ignore_above: 1024 + - name: request.referrer + level: extended + type: keyword + description: Referrer for this HTTP request. + ignore_above: 1024 + - name: response.body.bytes + level: extended + type: long + format: bytes + description: Size in bytes of the response body. + - name: response.status_code + level: extended + type: long + format: string + description: HTTP response status code. + - name: version + level: extended + type: keyword + description: HTTP version. + ignore_above: 1024 +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 + - name: geo.continent_name + level: core + type: keyword + description: Name of the continent. + ignore_above: 1024 + - name: geo.country_iso_code + level: core + type: keyword + description: Country ISO code. + ignore_above: 1024 + - name: geo.location + level: core + type: geo_point + description: Longitude and latitude. + - name: geo.region_iso_code + level: core + type: keyword + description: Region ISO code. + ignore_above: 1024 + - name: geo.region_name + level: core + type: keyword + description: Region name. + ignore_above: 1024 +- name: url + title: URL + group: 2 + type: group + fields: + - name: original + level: extended + type: keyword + description: |- + Unmodified original url as seen in the event source. + Note that in network monitoring, the observed URL may be a full URL, whereas in access logs, the URL is often just represented as a path. + This field is meant to represent the URL as it was observed, complete or not. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false +- name: user + title: User + group: 2 + type: group + fields: + - name: name + level: core + type: keyword + description: Short name or login of the user. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false +- name: user_agent + title: User agent + group: 2 + type: group + fields: + - name: device.name + level: extended + type: keyword + description: Name of the device. + ignore_above: 1024 + - name: name + level: extended + type: keyword + description: Name of the user agent. + ignore_above: 1024 + - name: original + level: extended + type: keyword + description: Unparsed user_agent string. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + - name: os.name + level: extended + type: keyword + description: Operating system name, without the version. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/fields.yml new file mode 100644 index 0000000000000..8e9190cfe8485 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/fields.yml @@ -0,0 +1,11 @@ +- name: nginx.access + type: group + fields: + - name: remote_ip_list + type: array + description: | + An array of remote IP addresses. It is a list because it is common to include, besides the client IP address, IP addresses from headers like `X-Forwarded-For`. Real source IP is restored to `source.ip`. + - name: user_agent + type: group + - name: geoip + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/package-fields.yml new file mode 100644 index 0000000000000..1f8692738cce8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: nginx + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/manifest.yml new file mode 100644 index 0000000000000..bf0ac1dd526c8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/access/manifest.yml @@ -0,0 +1,23 @@ +title: Nginx access logs +type: logs +release: beta +streams: +- input: logs + vars: + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/nginx/access.log* + os: + darwin: + default: + - /usr/local/var/log/nginx/access.log* + windows: + default: + - c:/programdata/nginx/logs/*access.log* + title: Nginx access logs + description: Collect Nginx access logs diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..85ff82a8eccae --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/agent/stream/stream.yml.hbs @@ -0,0 +1,11 @@ +paths: +{{#each paths}} + - {{this}} +{{/each}} +exclude_files: [".gz$"] +multiline: + pattern: '^\d{4}\/\d{2}\/\d{2} ' + negate: true + match: after +processors: +- add_locale: ~ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/elasticsearch/ingest-pipeline/default.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/elasticsearch/ingest-pipeline/default.yml new file mode 100644 index 0000000000000..96b46eb9c98c6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/elasticsearch/ingest-pipeline/default.yml @@ -0,0 +1,52 @@ +--- +description: Pipeline for parsing the Nginx error logs +processors: +- grok: + field: message + patterns: + - '%{DATA:nginx.error.time} \[%{DATA:log.level}\] %{NUMBER:process.pid:long}#%{NUMBER:process.thread.id:long}: + (\*%{NUMBER:nginx.error.connection_id:long} )?%{GREEDYMULTILINE:message}' + pattern_definitions: + GREEDYMULTILINE: |- + (.| + | )* + ignore_missing: true +- rename: + field: '@timestamp' + target_field: event.created +- date: + if: ctx.event.timezone == null + field: nginx.error.time + target_field: '@timestamp' + formats: + - yyyy/MM/dd H:m:s + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- date: + if: ctx.event.timezone != null + field: nginx.error.time + target_field: '@timestamp' + formats: + - yyyy/MM/dd H:m:s + timezone: '{{ event.timezone }}' + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- remove: + field: nginx.error.time +- set: + field: event.kind + value: event +- append: + field: event.category + value: web +- append: + field: event.type + value: error +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/ecs.yml new file mode 100644 index 0000000000000..8cca86575b7ed --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/ecs.yml @@ -0,0 +1,35 @@ +- name: message + level: core + type: text + description: |- + For log events the message field contains the log message, optimized for viewing in a log viewer. + For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. + If multiple messages exist, they can be combined into one message. +- name: log + title: Log + group: 2 + type: group + fields: + - name: level + level: core + type: keyword + description: |- + Original log level of the log event. + If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). + Some examples are `warn`, `err`, `i`, `informational`. + ignore_above: 1024 +- name: process + title: Process + group: 2 + type: group + fields: + - name: pid + level: core + type: long + format: string + description: Process id. + - name: thread.id + level: extended + type: long + format: string + description: Thread ID. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/fields.yml new file mode 100644 index 0000000000000..34112d2ea67a8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/fields.yml @@ -0,0 +1,7 @@ +- name: nginx.error + type: group + fields: + - name: connection_id + type: long + description: | + Connection identifier. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/package-fields.yml new file mode 100644 index 0000000000000..1f8692738cce8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: nginx + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/manifest.yml new file mode 100644 index 0000000000000..c0dc1753f1120 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/error/manifest.yml @@ -0,0 +1,23 @@ +title: Nginx error logs +type: logs +release: beta +streams: +- input: logs + vars: + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/nginx/error.log* + os: + darwin: + default: + - /usr/local/var/log/nginx/error.log* + windows: + default: + - c:/programdata/nginx/logs/error.log* + title: Nginx error logs + description: Collect Nginx error logs diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..8a1b413517e72 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/agent/stream/stream.yml.hbs @@ -0,0 +1,7 @@ +paths: +{{#each paths}} + - {{this}} +{{/each}} +exclude_files: [".gz$"] +processors: + - add_locale: ~ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/elasticsearch/ingest-pipeline/default.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/elasticsearch/ingest-pipeline/default.yml new file mode 100644 index 0000000000000..abf54fcd2ca79 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/elasticsearch/ingest-pipeline/default.yml @@ -0,0 +1,173 @@ +--- +description: Pipeline for parsing Nginx ingress controller access logs. Requires the + geoip and user_agent plugins. +processors: +- grok: + field: message + patterns: + - (%{NGINX_HOST} )?"?(?:%{NGINX_ADDRESS_LIST:nginx.ingress_controller.remote_ip_list}|%{NOTSPACE:source.address}) + - (-|%{DATA:user.name}) \[%{HTTPDATE:nginx.ingress_controller.time}\] "%{DATA:nginx.ingress_controller.info}" + %{NUMBER:http.response.status_code:long} %{NUMBER:http.response.body.bytes:long} + "(-|%{DATA:http.request.referrer})" "(-|%{DATA:user_agent.original})" %{NUMBER:nginx.ingress_controller.http.request.length:long} + %{NUMBER:nginx.ingress_controller.http.request.time:double} \[%{DATA:nginx.ingress_controller.upstream.name}\] + \[%{DATA:nginx.ingress_controller.upstream.alternative_name}\] (%{UPSTREAM_ADDRESS}|-) + (%{NUMBER:nginx.ingress_controller.upstream.response.length:long}|-) (%{NUMBER:nginx.ingress_controller.upstream.response.time:double}|-) + (%{NUMBER:nginx.ingress_controller.upstream.response.status_code:long}|-) %{GREEDYDATA:nginx.ingress_controller.http.request.id} + pattern_definitions: + NGINX_HOST: (?:%{IP:destination.ip}|%{NGINX_NOTSEPARATOR:destination.domain})(:%{NUMBER:destination.port})? + NGINX_NOTSEPARATOR: "[^\t ,:]+" + NGINX_ADDRESS_LIST: (?:%{IP}|%{WORD})("?,?\s*(?:%{IP}|%{WORD}))* + UPSTREAM_ADDRESS: '%{IP:nginx.ingress_controller.upstream.ip}(:%{NUMBER:nginx.ingress_controller.upstream.port})?' + ignore_missing: true +- grok: + field: nginx.ingress_controller.info + patterns: + - '%{WORD:http.request.method} %{DATA:url.original} HTTP/%{NUMBER:http.version}' + - "" + ignore_missing: true +- remove: + field: nginx.ingress_controller.info +- split: + field: nginx.ingress_controller.remote_ip_list + separator: '"?,?\s+' + ignore_missing: true +- split: + field: nginx.ingress_controller.origin + separator: '"?,?\s+' + ignore_missing: true +- set: + field: source.address + if: ctx.source?.address == null + value: "" +- script: + if: ctx.nginx?.access?.remote_ip_list != null && ctx.nginx.ingress_controller.remote_ip_list.length > 0 + lang: painless + source: >- + boolean isPrivate(def dot, def ip) { + try { + StringTokenizer tok = new StringTokenizer(ip, dot); + int firstByte = Integer.parseInt(tok.nextToken()); + int secondByte = Integer.parseInt(tok.nextToken()); + if (firstByte == 10) { + return true; + } + if (firstByte == 192 && secondByte == 168) { + return true; + } + if (firstByte == 172 && secondByte >= 16 && secondByte <= 31) { + return true; + } + if (firstByte == 127) { + return true; + } + return false; + } + catch (Exception e) { + return false; + } + } + try { + ctx.source.address = null; + if (ctx.nginx.ingress_controller.remote_ip_list == null) { + return; + } + def found = false; + for (def item : ctx.nginx.ingress_controller.remote_ip_list) { + if (!isPrivate(params.dot, item)) { + ctx.source.address = item; + found = true; + break; + } + } + if (!found) { + ctx.source.address = ctx.nginx.ingress_controller.remote_ip_list[0]; + } + } + catch (Exception e) { + ctx.source.address = null; + } + params: + dot: . +- remove: + field: source.address + if: ctx.source.address == null +- grok: + field: source.address + patterns: + - ^%{IP:source.ip}$ + ignore_failure: true +- remove: + field: message +- rename: + field: '@timestamp' + target_field: event.created +- date: + field: nginx.ingress_controller.time + target_field: '@timestamp' + formats: + - dd/MMM/yyyy:H:m:s Z + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- remove: + field: nginx.ingress_controller.time +- user_agent: + field: user_agent.original + ignore_missing: true +- geoip: + field: source.ip + target_field: source.geo + ignore_missing: true +- geoip: + database_file: GeoLite2-ASN.mmdb + field: source.ip + target_field: source.as + properties: + - asn + - organization_name + ignore_missing: true +- rename: + field: source.as.asn + target_field: source.as.number + ignore_missing: true +- rename: + field: source.as.organization_name + target_field: source.as.organization.name + ignore_missing: true +- set: + field: event.kind + value: event +- append: + field: event.category + value: web +- append: + field: event.type + value: info +- set: + field: event.outcome + value: success + if: "ctx?.http?.response?.status_code != null && ctx.http.response.status_code < 400" +- set: + field: event.outcome + value: failure + if: "ctx?.http?.response?.status_code != null && ctx.http.response.status_code >= 400" +- lowercase: + field: http.request.method + ignore_missing: true +- append: + field: related.ip + value: "{{source.ip}}" + if: "ctx?.source?.ip != null" +- append: + field: related.ip + value: "{{destination.ip}}" + if: "ctx?.destination?.ip != null" +- append: + field: related.user + value: "{{user.name}}" + if: "ctx?.user?.name != null" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/ecs.yml new file mode 100644 index 0000000000000..98ad5bf38ce13 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/ecs.yml @@ -0,0 +1,133 @@ +- name: http + title: HTTP + group: 2 + type: group + fields: + - name: request.method + level: extended + type: keyword + description: |- + HTTP request method. + The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". + ignore_above: 1024 + - name: request.referrer + level: extended + type: keyword + description: Referrer for this HTTP request. + ignore_above: 1024 + - name: response.body.bytes + level: extended + type: long + format: bytes + description: Size in bytes of the response body. + - name: response.status_code + level: extended + type: long + format: string + description: HTTP response status code. + - name: version + level: extended + type: keyword + description: HTTP version. + ignore_above: 1024 +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 + - name: geo.continent_name + level: core + type: keyword + description: Name of the continent. + ignore_above: 1024 + - name: geo.country_iso_code + level: core + type: keyword + description: Country ISO code. + ignore_above: 1024 + - name: geo.location + level: core + type: geo_point + description: Longitude and latitude. + - name: geo.region_iso_code + level: core + type: keyword + description: Region ISO code. + ignore_above: 1024 + - name: geo.region_name + level: core + type: keyword + description: Region name. + ignore_above: 1024 +- name: url + title: URL + group: 2 + type: group + fields: + - name: original + level: extended + type: keyword + description: |- + Unmodified original url as seen in the event source. + Note that in network monitoring, the observed URL may be a full URL, whereas in access logs, the URL is often just represented as a path. + This field is meant to represent the URL as it was observed, complete or not. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false +- name: user + title: User + group: 2 + type: group + fields: + - name: name + level: core + type: keyword + description: Short name or login of the user. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false +- name: user_agent + title: User agent + group: 2 + type: group + fields: + - name: device.name + level: extended + type: keyword + description: Name of the device. + ignore_above: 1024 + - name: name + level: extended + type: keyword + description: Name of the user agent. + ignore_above: 1024 + - name: original + level: extended + type: keyword + description: Unparsed user_agent string. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + - name: os.name + level: extended + type: keyword + description: Operating system name, without the version. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/fields.yml new file mode 100644 index 0000000000000..ac486d5f62aa0 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/fields.yml @@ -0,0 +1,55 @@ +- name: nginx.ingress_controller + type: group + fields: + - name: remote_ip_list + type: array + description: | + An array of remote IP addresses. It is a list because it is common to include, besides the client IP address, IP addresses from headers like `X-Forwarded-For`. Real source IP is restored to `source.ip`. + - name: http.request.length + type: long + format: bytes + description: | + The request length (including request line, header, and request body) + - name: http.request.time + type: double + format: duration + description: | + Time elapsed since the first bytes were read from the client + - name: upstream.name + type: text + description: | + The name of the upstream. + - name: upstream.alternative_name + type: text + description: | + The name of the alternative upstream. + - name: upstream.response.length + type: long + format: bytes + description: | + The length of the response obtained from the upstream server + - name: upstream.response.time + type: double + format: duration + description: | + The time spent on receiving the response from the upstream server as seconds with millisecond resolution + - name: upstream.response.status_code + type: long + description: | + The status code of the response obtained from the upstream server + - name: http.request.id + type: text + description: | + The randomly generated ID of the request + - name: upstream.ip + type: ip + description: | + The IP address of the upstream server. If several servers were contacted during request processing, their addresses are separated by commas. + - name: upstream.port + type: long + description: | + The port of the upstream server. + - name: user_agent + type: group + - name: geoip + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/package-fields.yml new file mode 100644 index 0000000000000..1f8692738cce8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: nginx + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/manifest.yml new file mode 100644 index 0000000000000..a3c059ab02a00 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/ingress_controller/manifest.yml @@ -0,0 +1,24 @@ +title: Nginx ingress_controller logs +type: logs +release: beta +streams: +- input: logs + enabled: false + vars: + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/nginx/ingress.log* + os: + darwin: + default: + - /usr/local/var/log/nginx/ingress.log* + windows: + default: + - c:/programdata/nginx/logs/*ingress.log* + title: Nginx ingress controller logs + description: Collect Nginx ingress controller logs diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..18aabf7beea3f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/agent/stream/stream.yml.hbs @@ -0,0 +1,9 @@ +metricsets: ["stubstatus"] +hosts: +{{#each hosts}} + - {{this}} +{{/each}} +period: {{period}} +{{#if server_status_path}} +server_status_path: {{server_status_path}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/fields/fields.yml new file mode 100644 index 0000000000000..decf65b7e7964 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/fields/fields.yml @@ -0,0 +1,44 @@ +- name: nginx.stubstatus + type: group + release: ga + fields: + - name: hostname + type: keyword + description: | + Nginx hostname. + - name: active + type: long + description: | + The current number of active client connections including Waiting connections. + - name: accepts + type: long + description: | + The total number of accepted client connections. + - name: handled + type: long + description: | + The total number of handled client connections. + - name: dropped + type: long + description: | + The total number of dropped client connections. + - name: requests + type: long + description: | + The total number of client requests. + - name: current + type: long + description: | + The current number of client requests. + - name: reading + type: long + description: | + The current number of connections where Nginx is reading the request header. + - name: writing + type: long + description: | + The current number of connections where Nginx is writing the response back to the client. + - name: waiting + type: long + description: | + The current number of idle client connections waiting for a request. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/fields/package-fields.yml new file mode 100644 index 0000000000000..1f8692738cce8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: nginx + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/manifest.yml new file mode 100644 index 0000000000000..6a85c662b769a --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/dataset/stubstatus/manifest.yml @@ -0,0 +1,22 @@ +title: Nginx stubstatus metrics +type: metrics +release: beta +streams: +- input: nginx/metrics + vars: + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 10s + - name: server_status_path + type: text + title: Server Status Path + multi: false + required: true + show_user: false + default: /nginx_status + title: Nginx stub status metrics + description: Collect Nginx stub status metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/docs/README.md b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/docs/README.md new file mode 100644 index 0000000000000..c17b47ced0c03 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/docs/README.md @@ -0,0 +1,179 @@ +# Nginx Integration + +This integration periodically fetches metrics from [https://nginx.org/](Nginx) servers. It can parse access and error +logs created by the HTTP server. + +## Compatibility + +The Nginx `stubstatus` metrics was tested with Nginx 1.9 and are expected to work with all version >= 1.9. +The logs were tested with version 1.10. +On Windows, the module was tested with Nginx installed from the Chocolatey repository. + +## Logs + +**Timezone support** + +This datasource parses logs that don’t contain timezone information. For these logs, the Elastic Agent reads the local +timezone and uses it when parsing to convert the timestamp to UTC. The timezone to be used for parsing is included +in the event in the `event.timezone` field. + +To disable this conversion, the event.timezone field can be removed with the drop_fields processor. + +If logs are originated from systems or applications with a different timezone to the local one, the `event.timezone` +field can be overwritten with the original timezone using the add_fields processor. + +### Access Logs + +Access logs collects the nginx access logs. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| http.request.method | HTTP request method. The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". | keyword | +| http.request.referrer | Referrer for this HTTP request. | keyword | +| http.response.body.bytes | Size in bytes of the response body. | long | +| http.response.status_code | HTTP response status code. | long | +| http.version | HTTP version. | keyword | +| nginx.access.remote_ip_list | An array of remote IP addresses. It is a list because it is common to include, besides the client IP address, IP addresses from headers like `X-Forwarded-For`. Real source IP is restored to `source.ip`. | array | +| source.geo.city_name | City name. | keyword | +| source.geo.continent_name | Name of the continent. | keyword | +| source.geo.country_iso_code | Country ISO code. | keyword | +| source.geo.location | Longitude and latitude. | geo_point | +| source.geo.region_iso_code | Region ISO code. | keyword | +| source.geo.region_name | Region name. | keyword | +| url.original | Unmodified original url as seen in the event source. Note that in network monitoring, the observed URL may be a full URL, whereas in access logs, the URL is often just represented as a path. This field is meant to represent the URL as it was observed, complete or not. | keyword | +| user.name | Short name or login of the user. | keyword | +| user_agent.device.name | Name of the device. | keyword | +| user_agent.name | Name of the user agent. | keyword | +| user_agent.original | Unparsed user_agent string. | keyword | +| user_agent.os.name | Operating system name, without the version. | keyword | + + +### Error Logs + +Error logs collects the nginx error logs. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | +| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | text | +| nginx.error.connection_id | Connection identifier. | long | +| process.pid | Process id. | long | +| process.thread.id | Thread ID. | long | + + +### Ingress Controller Logs + +Error logs collects the ingress controller logs. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| http.request.method | HTTP request method. The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". | keyword | +| http.request.referrer | Referrer for this HTTP request. | keyword | +| http.response.body.bytes | Size in bytes of the response body. | long | +| http.response.status_code | HTTP response status code. | long | +| http.version | HTTP version. | keyword | +| nginx.ingress_controller.http.request.id | The randomly generated ID of the request | text | +| nginx.ingress_controller.http.request.length | The request length (including request line, header, and request body) | long | +| nginx.ingress_controller.http.request.time | Time elapsed since the first bytes were read from the client | double | +| nginx.ingress_controller.remote_ip_list | An array of remote IP addresses. It is a list because it is common to include, besides the client IP address, IP addresses from headers like `X-Forwarded-For`. Real source IP is restored to `source.ip`. | array | +| nginx.ingress_controller.upstream.alternative_name | The name of the alternative upstream. | text | +| nginx.ingress_controller.upstream.ip | The IP address of the upstream server. If several servers were contacted during request processing, their addresses are separated by commas. | ip | +| nginx.ingress_controller.upstream.name | The name of the upstream. | text | +| nginx.ingress_controller.upstream.port | The port of the upstream server. | long | +| nginx.ingress_controller.upstream.response.length | The length of the response obtained from the upstream server | long | +| nginx.ingress_controller.upstream.response.status_code | The status code of the response obtained from the upstream server | long | +| nginx.ingress_controller.upstream.response.time | The time spent on receiving the response from the upstream server as seconds with millisecond resolution | double | +| source.geo.city_name | City name. | keyword | +| source.geo.continent_name | Name of the continent. | keyword | +| source.geo.country_iso_code | Country ISO code. | keyword | +| source.geo.location | Longitude and latitude. | geo_point | +| source.geo.region_iso_code | Region ISO code. | keyword | +| source.geo.region_name | Region name. | keyword | +| url.original | Unmodified original url as seen in the event source. Note that in network monitoring, the observed URL may be a full URL, whereas in access logs, the URL is often just represented as a path. This field is meant to represent the URL as it was observed, complete or not. | keyword | +| user.name | Short name or login of the user. | keyword | +| user_agent.device.name | Name of the device. | keyword | +| user_agent.name | Name of the user agent. | keyword | +| user_agent.original | Unparsed user_agent string. | keyword | +| user_agent.os.name | Operating system name, without the version. | keyword | + + +## Metrics + +### Stub Status Metrics + +The Nginx stubstatus stream collects data from the Nginx `ngx_http_stub_status` module. It scrapes the server status +data from the web page generated by ngx_http_stub_status. + +This is a default stream. If the host datasource is unconfigured, this stream is enabled by default. + +An example event for nginx looks as following: + +```$json +{ + "@timestamp":"2020-04-28T11:07:58.223Z", + "service":{ + "type":"nginx", + "address":"127.0.0.1:8081" + }, + "nginx":{ + "stubstatus":{ + "waiting":0, + "hostname":"127.0.0.1:8081", + "dropped":0, + "writing":1, + "handled":7339, + "requests":7411, + "reading":0, + "accepts":7339, + "current":10, + "active":1 + } + }, + "stream":{ + "namespace":"default", + "type":"metrics", + "dataset":"nginx.stubstatus" + }, + "ecs":{ + "version":"1.5.0" + }, + "agent":{ + "type":"metricbeat", + "ephemeral_id":"8eb07b4f-df58-4794-8e00-60f1443f33b6", + "hostname":"MacBook-Elastic.local", + "id":"e47f6e4d-5277-46f3-801d-221c7584c604", + "version":"8.0.0" + }, + "event":{ + "module":"nginx", + "duration":1112095, + "dataset":"nginx.stubstatus" + }, + "metricset":{ + "period":10000, + "name":"stubstatus" + } +} +``` + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| nginx.stubstatus.accepts | The total number of accepted client connections. | long | +| nginx.stubstatus.active | The current number of active client connections including Waiting connections. | long | +| nginx.stubstatus.current | The current number of client requests. | long | +| nginx.stubstatus.dropped | The total number of dropped client connections. | long | +| nginx.stubstatus.handled | The total number of handled client connections. | long | +| nginx.stubstatus.hostname | Nginx hostname. | keyword | +| nginx.stubstatus.reading | The current number of connections where Nginx is reading the request header. | long | +| nginx.stubstatus.requests | The total number of client requests. | long | +| nginx.stubstatus.waiting | The current number of idle client connections waiting for a request. | long | +| nginx.stubstatus.writing | The current number of connections where Nginx is writing the response back to the client. | long | + diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/img/kibana-nginx.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/img/kibana-nginx.png new file mode 100644 index 0000000000000..fa7b847b70544 Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/img/kibana-nginx.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/img/logo_nginx.svg b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/img/logo_nginx.svg new file mode 100644 index 0000000000000..49ac842a8e367 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/img/logo_nginx.svg @@ -0,0 +1,6 @@ + + + + + + diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/img/metricbeat-nginx.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/img/metricbeat-nginx.png new file mode 100644 index 0000000000000..a1315ea1945a2 Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/img/metricbeat-nginx.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/dashboard/023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/dashboard/023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..7a7d0beed03bf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/dashboard/023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,43 @@ +{ + "attributes": { + "description": "Overview dashboard for the Nginx integration (metrics)", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":true}", + "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"1\",\"w\":24,\"x\":24,\"y\":0},\"panelIndex\":\"1\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"2\",\"w\":24,\"x\":24,\"y\":12},\"panelIndex\":\"2\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"3\",\"w\":24,\"x\":0,\"y\":12},\"panelIndex\":\"3\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"4\",\"w\":24,\"x\":0,\"y\":0},\"panelIndex\":\"4\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"5\",\"w\":48,\"x\":0,\"y\":24},\"panelIndex\":\"5\",\"panelRefName\":\"panel_4\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Metrics Nginx] Overview ECS", + "version": 1 + }, + "id": "023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs", + "references": [ + { + "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", + "name": "panel_4", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..650d66f70947f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,38 @@ +{ + "attributes": { + "description": "Dashboard for the Nginx integration (logs)", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{\"columns\":[\"log.level\",\"message\"],\"sort\":[\"@timestamp\",\"desc\"]},\"gridData\":{\"h\":12,\"i\":\"11\",\"w\":48,\"x\":0,\"y\":16},\"panelIndex\":\"11\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"columns\":[\"url.original\",\"http.request.method\",\"http.response.status_code\",\"http.response.body.bytes\"],\"sort\":[\"@timestamp\",\"desc\"]},\"gridData\":{\"h\":28,\"i\":\"16\",\"w\":48,\"x\":0,\"y\":28},\"panelIndex\":\"16\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"18\",\"w\":48,\"x\":0,\"y\":4},\"panelIndex\":\"18\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":4,\"i\":\"19\",\"w\":48,\"x\":0,\"y\":0},\"panelIndex\":\"19\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Logs Nginx] Access and error logs ECS", + "version": 1 + }, + "id": "046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs", + "references": [ + { + "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_0", + "type": "search" + }, + { + "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_1", + "type": "search" + }, + { + "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_3", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..c6398f8b584f6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,58 @@ +{ + "attributes": { + "description": "Dashboard for the Nginx integration (logs)", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"3\",\"w\":12,\"x\":36,\"y\":44},\"panelIndex\":\"3\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":12,\"i\":\"4\",\"w\":12,\"x\":24,\"y\":44},\"panelIndex\":\"4\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"mapBounds\":{\"bottom_right\":{\"lat\":-7.362466865535738,\"lon\":245.39062500000003},\"top_left\":{\"lat\":77.07878389624943,\"lon\":-245.74218750000003}},\"mapCenter\":[50.51342652633956,-0.17578125],\"mapCollar\":{\"bottom_right\":{\"lat\":-49.583095,\"lon\":180},\"top_left\":{\"lat\":90,\"lon\":-180},\"zoom\":2},\"mapZoom\":2},\"gridData\":{\"h\":16,\"i\":\"8\",\"w\":48,\"x\":0,\"y\":4},\"panelIndex\":\"8\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"13\",\"w\":48,\"x\":0,\"y\":20},\"panelIndex\":\"13\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"14\",\"w\":24,\"x\":24,\"y\":32},\"panelIndex\":\"14\",\"panelRefName\":\"panel_4\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"15\",\"w\":24,\"x\":0,\"y\":32},\"panelIndex\":\"15\",\"panelRefName\":\"panel_5\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"16\",\"w\":24,\"x\":0,\"y\":44},\"panelIndex\":\"16\",\"panelRefName\":\"panel_6\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":4,\"i\":\"17\",\"w\":48,\"x\":0,\"y\":0},\"panelIndex\":\"17\",\"panelRefName\":\"panel_7\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Logs Nginx] Overview ECS", + "version": 1 + }, + "id": "55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs", + "references": [ + { + "id": "Nginx-Access-Browsers-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "Nginx-Access-OSes-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "Nginx-Access-Map-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_4", + "type": "visualization" + }, + { + "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_5", + "type": "visualization" + }, + { + "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_6", + "type": "visualization" + }, + { + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_7", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/search/6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/search/6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..3a9bcfd6fc01c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/search/6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,32 @@ +{ + "attributes": { + "columns": [ + "url.original", + "http.request.method", + "http.response.status_code", + "http.response.body.bytes" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"(stream.dataset:nginx.access OR stream.dataset:nginx.error OR stream.dataset:nginx.ingress_controller) AND url.original:*\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Nginx access logs [Logs Nginx] ECS", + "version": 1 + }, + "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/search/9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/search/9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..1d4ae525cc22e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/search/9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,30 @@ +{ + "attributes": { + "columns": [ + "log.level", + "message" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"(stream.dataset:nginx.access OR stream.dataset:nginx.error OR stream.dataset:nginx.ingress_controller) AND message:*\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Nginx error logs [Logs Nginx] ECS", + "version": 1 + }, + "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/search/Logs-Nginx-module-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/search/Logs-Nginx-module-ecs.json new file mode 100644 index 0000000000000..eb128568f9ab6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/search/Logs-Nginx-module-ecs.json @@ -0,0 +1,33 @@ +{ + "attributes": { + "columns": [ + "url.original", + "http.request.method", + "http.response.status_code", + "http.request.referrer", + "http.response.body.bytes" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"(stream.dataset:nginx.access OR stream.dataset:nginx.error OR stream.dataset:nginx.ingress_controller)\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Nginx logs [Logs Nginx] ECS", + "version": 1 + }, + "id": "Logs-Nginx-integration-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..ec74d6a972cee --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Data Volume [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":{\"language\":\"lucene\",\"query\":\"stream.dataset:nginx.access\"},\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"logs-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"\",\"line_width\":1,\"metrics\":[{\"field\":\"http.response.body.bytes\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"sum\"}],\"point_size\":1,\"seperate_axis\":0,\"split_filters\":[{\"color\":\"#68BC00\",\"filter\":{\"language\":\"lucene\",\"query\":\"http.response.status_code:[200 TO 299]\"},\"id\":\"7c343c20-a29e-11e7-a062-a1c3587f4874\",\"label\":\"200s\"}],\"split_mode\":\"everything\",\"stacked\":\"none\",\"terms_field\":null}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Data Volume [Logs Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..a8c924c48417e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Access logs over time [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"annotations\":[{\"color\":\"#F00\",\"icon\":\"fa-tag\",\"id\":\"970b1420-a1f3-11e7-a062-a1c3587f4874\",\"ignore_global_filters\":1,\"ignore_panel_filters\":1,\"index_pattern\":\"logs-*\",\"time_field\":\"@timestamp\"}],\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"background_color_rules\":[{\"id\":\"3189aa80-a1f3-11e7-a062-a1c3587f4874\"}],\"filter\":{\"language\":\"lucene\",\"query\":\"stream.dataset:nginx.access\"},\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"logs-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Access logs\",\"line_width\":1,\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"point_size\":1,\"seperate_axis\":0,\"split_filters\":[{\"color\":\"#68BC00\",\"id\":\"1db649a0-a1f3-11e7-a062-a1c3587f4874\"}],\"split_mode\":\"everything\",\"stacked\":\"none\",\"terms_field\":\"url.original\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Access logs over time [Logs Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..d6b2df4ff9511 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Errors over time [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":{\"language\":\"lucene\",\"query\":\"stream.dataset:nginx.error\"},\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"logs-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"bar\",\"color\":\"rgba(211,49,21,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"line_width\":1,\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"log.level\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Errors over time [Logs Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..f1a50e20139ec --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Active connections [Metrics Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.active\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Active connections [Metrics Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..7180191880db8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Request Rate [Metrics Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Request rate\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.requests\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"id\":\"396ec980-f1a1-11e7-95d0-8ddf041d42a2\",\"type\":\"derivative\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Request Rate [Metrics Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..30538e43cb02b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Top pages [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"bar_color_rules\":[{\"id\":\"6252c320-a1f5-11e7-92ba-5d0b8663aece\"}],\"filter\":{\"language\":\"lucene\",\"query\":\"stream.dataset:nginx.access\"},\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"logs-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"line_width\":1,\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"url.original\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"value_template\":\"\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"top_n\"},\"title\":\"Top pages [Logs Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..7dad713995215 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Dashboards [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"fontSize\":12,\"markdown\":\"[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs)\"},\"title\":\"Dashboards [Logs Nginx] ECS\",\"type\":\"markdown\"}" + }, + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/Nginx-Access-Browsers-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/Nginx-Access-Browsers-ecs.json new file mode 100644 index 0000000000000..7e4389ba227c7 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/Nginx-Access-Browsers-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Browsers breakdown [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"user_agent.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"user_agent.version\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"bottom\",\"shareYAxis\":true},\"title\":\"Nginx Access Browsers ECS\",\"type\":\"pie\"}" + }, + "id": "Nginx-Access-Browsers-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/Nginx-Access-Map-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/Nginx-Access-Map-ecs.json new file mode 100644 index 0000000000000..99dccc657e06b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/Nginx-Access-Map-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Access Map [Logs Nginx] ECS", + "uiStateJSON": "{\"mapCenter\":[12.039320557540572,-0.17578125]}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"autoPrecision\":true,\"field\":\"source.geo.location\"},\"schema\":\"segment\",\"type\":\"geohash_grid\"}],\"listeners\":{},\"params\":{\"addTooltip\":true,\"heatBlur\":15,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatNormalizeData\":true,\"heatRadius\":25,\"isDesaturated\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[15,5],\"mapType\":\"Scaled Circle Markers\",\"mapZoom\":2,\"wms\":{\"enabled\":false,\"options\":{\"attribution\":\"Maps provided by USGS\",\"format\":\"image/png\",\"layers\":\"0\",\"styles\":\"\",\"transparent\":true,\"version\":\"1.3.0\"},\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\"}},\"title\":\"Nginx Access Map ECS\",\"type\":\"tile_map\"}" + }, + "id": "Nginx-Access-Map-ecs", + "references": [ + { + "id": "Logs-Nginx-integration-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/Nginx-Access-OSes-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/Nginx-Access-OSes-ecs.json new file mode 100644 index 0000000000000..07da5b0c8fe39 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/Nginx-Access-OSes-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Operating systems breakdown [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"user_agent.os.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"user_agent.os.version\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"bottom\",\"shareYAxis\":true},\"title\":\"Nginx Access OSes ECS\",\"type\":\"pie\"}" + }, + "id": "Nginx-Access-OSes-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..eda6a5f0d3b9e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Accepts and Handled Rate [Metrics Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"annotations\":[{\"color\":\"#F00\",\"icon\":\"fa-tag\",\"id\":\"8644f980-f1a3-11e7-95d0-8ddf041d42a2\",\"ignore_global_filters\":1,\"ignore_panel_filters\":1,\"index_pattern\":\"*\",\"time_field\":\"@timestamp\"}],\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":\"0.5\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Accepts rate\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.accepts\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"id\":\"396ec980-f1a1-11e7-95d0-8ddf041d42a2\",\"type\":\"derivative\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,156,224,1)\",\"fill\":\"0.9\",\"formatter\":\"number\",\"id\":\"56dd33b0-f1a3-11e7-95d0-8ddf041d42a2\",\"label\":\"Handled rate\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.handled\",\"id\":\"56dd33b1-f1a3-11e7-95d0-8ddf041d42a2\",\"type\":\"avg\"},{\"field\":\"56dd33b1-f1a3-11e7-95d0-8ddf041d42a2\",\"id\":\"56dd33b2-f1a3-11e7-95d0-8ddf041d42a2\",\"type\":\"derivative\",\"unit\":\"\"}],\"point_size\":\"3\",\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Accepts and Handled Rate [Metrics Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..72f39b1b8700f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Response codes over time [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":{\"language\":\"lucene\",\"query\":\"stream.dataset:nginx.access\"},\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"logs-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"bar\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"\",\"line_width\":1,\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"point_size\":1,\"seperate_axis\":0,\"split_filters\":[{\"color\":\"#68BC00\",\"filter\":{\"language\":\"lucene\",\"query\":\"http.response.status_code:[200 TO 299]\"},\"id\":\"5acdc750-a29d-11e7-a062-a1c3587f4874\",\"label\":\"200s\"},{\"color\":\"rgba(252,196,0,1)\",\"filter\":{\"language\":\"lucene\",\"query\":\"http.response.status_code:[300 TO 399]\"},\"id\":\"6efd2ae0-a29d-11e7-a062-a1c3587f4874\",\"label\":\"300s\"},{\"color\":\"rgba(211,49,21,1)\",\"filter\":{\"language\":\"lucene\",\"query\":\"http.response.status_code:[400 TO 499]\"},\"id\":\"76089a90-a29d-11e7-a062-a1c3587f4874\",\"label\":\"400s\"},{\"color\":\"rgba(171,20,158,1)\",\"filter\":{\"language\":\"lucene\",\"query\":\"http.response.status_code:[500 TO 599]\"},\"id\":\"7c7929d0-a29d-11e7-a062-a1c3587f4874\",\"label\":\"500s\"}],\"split_mode\":\"filters\",\"stacked\":\"stacked\",\"terms_field\":\"http.response.status_code\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Response codes over time [Logs Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..67b9d1243bf6c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Drops Rate [Metrics Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(188,0,65,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Drops rate\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.dropped\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"id\":\"396ec980-f1a1-11e7-95d0-8ddf041d42a2\",\"type\":\"derivative\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Drops Rate [Metrics Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..819f3288bd11d --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/kibana/visualization/dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Reading / Writing / Waiting Rates [Metrics Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Reading\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.reading\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,156,224,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"b1773680-f1a4-11e7-95d0-8ddf041d42a2\",\"label\":\"Writing\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.writing\",\"id\":\"b1773681-f1a4-11e7-95d0-8ddf041d42a2\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(252,220,0,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"b68aa6c0-f1a4-11e7-95d0-8ddf041d42a2\",\"label\":\"Waiting\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.waiting\",\"id\":\"b68aa6c1-f1a4-11e7-95d0-8ddf041d42a2\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Reading / Writing / Waiting Rates [Metrics Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/manifest.yml new file mode 100644 index 0000000000000..4f7353e96088f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.0/manifest.yml @@ -0,0 +1,51 @@ +format_version: 1.0.0 +name: nginx +title: Nginx +version: 0.1.0 +license: basic +description: Nginx Integration +type: integration +categories: +- logs +- metrics +release: beta +removable: true +requirement: + kibana: + versions: '>=7.3.0 <8.0.0' + elasticsearch: + versions: '>7.0.1' +screenshots: +- src: /img/kibana-nginx.png + title: kibana nginx + size: 1218x1266 + type: image/png +- src: /img/metricbeat-nginx.png + title: metricbeat nginx + size: 2560x2100 + type: image/png +icons: +- src: /img/logo_nginx.svg + title: logo nginx + size: 32x32 + type: image/svg+xml +datasources: +- name: nginx + title: Nginx logs and metrics + description: Collect logs and metrics from Nginx instances + inputs: + - type: logs + title: Collect logs from Nginx instances + description: Collecting Nginx access, error and ingress controller logs + - type: nginx/metrics + vars: + - name: hosts + type: text + title: Hosts + multi: true + required: true + show_user: true + default: + - http://127.0.0.1 + title: Collect metrics from Nginx instances + description: Collecting Nginx stub status metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..d0d5ed877c78e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/agent/stream/stream.yml.hbs @@ -0,0 +1,7 @@ +paths: +{{#each paths}} + - {{this}} +{{/each}} +exclude_files: [".gz$"] +processors: +- add_locale: ~ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/elasticsearch/ingest-pipeline/default.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/elasticsearch/ingest-pipeline/default.yml new file mode 100644 index 0000000000000..9de5d5e7c4b65 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/elasticsearch/ingest-pipeline/default.yml @@ -0,0 +1,168 @@ +--- +description: Pipeline for parsing Nginx access logs. Requires the geoip and user_agent + plugins. +processors: +- grok: + field: message + patterns: + - (%{NGINX_HOST} )?"?(?:%{NGINX_ADDRESS_LIST:nginx.access.remote_ip_list}|%{NOTSPACE:source.address}) + - (-|%{DATA:user.name}) \[%{HTTPDATE:nginx.access.time}\] "%{DATA:nginx.access.info}" + %{NUMBER:http.response.status_code:long} %{NUMBER:http.response.body.bytes:long} + "(-|%{DATA:http.request.referrer})" "(-|%{DATA:user_agent.original})" + pattern_definitions: + NGINX_HOST: (?:%{IP:destination.ip}|%{NGINX_NOTSEPARATOR:destination.domain})(:%{NUMBER:destination.port})? + NGINX_NOTSEPARATOR: "[^\t ,:]+" + NGINX_ADDRESS_LIST: (?:%{IP}|%{WORD})("?,?\s*(?:%{IP}|%{WORD}))* + ignore_missing: true +- grok: + field: nginx.access.info + patterns: + - '%{WORD:http.request.method} %{DATA:url.original} HTTP/%{NUMBER:http.version}' + - "" + ignore_missing: true +- remove: + field: nginx.access.info +- split: + field: nginx.access.remote_ip_list + separator: '"?,?\s+' + ignore_missing: true +- split: + field: nginx.access.origin + separator: '"?,?\s+' + ignore_missing: true +- set: + field: source.address + if: ctx.source?.address == null + value: "" +- script: + if: ctx.nginx?.access?.remote_ip_list != null && ctx.nginx.access.remote_ip_list.length > 0 + lang: painless + source: >- + boolean isPrivate(def dot, def ip) { + try { + StringTokenizer tok = new StringTokenizer(ip, dot); + int firstByte = Integer.parseInt(tok.nextToken()); + int secondByte = Integer.parseInt(tok.nextToken()); + if (firstByte == 10) { + return true; + } + if (firstByte == 192 && secondByte == 168) { + return true; + } + if (firstByte == 172 && secondByte >= 16 && secondByte <= 31) { + return true; + } + if (firstByte == 127) { + return true; + } + return false; + } + catch (Exception e) { + return false; + } + } + try { + ctx.source.address = null; + if (ctx.nginx.access.remote_ip_list == null) { + return; + } + def found = false; + for (def item : ctx.nginx.access.remote_ip_list) { + if (!isPrivate(params.dot, item)) { + ctx.source.address = item; + found = true; + break; + } + } + if (!found) { + ctx.source.address = ctx.nginx.access.remote_ip_list[0]; + } + } + catch (Exception e) { + ctx.source.address = null; + } + params: + dot: . +- remove: + field: source.address + if: ctx.source.address == null +- grok: + field: source.address + patterns: + - ^%{IP:source.ip}$ + ignore_failure: true +- remove: + field: message +- rename: + field: '@timestamp' + target_field: event.created +- date: + field: nginx.access.time + target_field: '@timestamp' + formats: + - dd/MMM/yyyy:H:m:s Z + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- remove: + field: nginx.access.time +- user_agent: + field: user_agent.original + ignore_missing: true +- geoip: + field: source.ip + target_field: source.geo + ignore_missing: true +- geoip: + database_file: GeoLite2-ASN.mmdb + field: source.ip + target_field: source.as + properties: + - asn + - organization_name + ignore_missing: true +- rename: + field: source.as.asn + target_field: source.as.number + ignore_missing: true +- rename: + field: source.as.organization_name + target_field: source.as.organization.name + ignore_missing: true +- set: + field: event.kind + value: event +- append: + field: event.category + value: web +- append: + field: event.type + value: access +- set: + field: event.outcome + value: success + if: "ctx?.http?.response?.status_code != null && ctx.http.response.status_code < 400" +- set: + field: event.outcome + value: failure + if: "ctx?.http?.response?.status_code != null && ctx.http.response.status_code >= 400" +- lowercase: + field: http.request.method + ignore_missing: true +- append: + field: related.ip + value: "{{source.ip}}" + if: "ctx?.source?.ip != null" +- append: + field: related.ip + value: "{{destination.ip}}" + if: "ctx?.destination?.ip != null" +- append: + field: related.user + value: "{{user.name}}" + if: "ctx?.user?.name != null" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/ecs.yml new file mode 100644 index 0000000000000..98ad5bf38ce13 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/ecs.yml @@ -0,0 +1,133 @@ +- name: http + title: HTTP + group: 2 + type: group + fields: + - name: request.method + level: extended + type: keyword + description: |- + HTTP request method. + The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". + ignore_above: 1024 + - name: request.referrer + level: extended + type: keyword + description: Referrer for this HTTP request. + ignore_above: 1024 + - name: response.body.bytes + level: extended + type: long + format: bytes + description: Size in bytes of the response body. + - name: response.status_code + level: extended + type: long + format: string + description: HTTP response status code. + - name: version + level: extended + type: keyword + description: HTTP version. + ignore_above: 1024 +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 + - name: geo.continent_name + level: core + type: keyword + description: Name of the continent. + ignore_above: 1024 + - name: geo.country_iso_code + level: core + type: keyword + description: Country ISO code. + ignore_above: 1024 + - name: geo.location + level: core + type: geo_point + description: Longitude and latitude. + - name: geo.region_iso_code + level: core + type: keyword + description: Region ISO code. + ignore_above: 1024 + - name: geo.region_name + level: core + type: keyword + description: Region name. + ignore_above: 1024 +- name: url + title: URL + group: 2 + type: group + fields: + - name: original + level: extended + type: keyword + description: |- + Unmodified original url as seen in the event source. + Note that in network monitoring, the observed URL may be a full URL, whereas in access logs, the URL is often just represented as a path. + This field is meant to represent the URL as it was observed, complete or not. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false +- name: user + title: User + group: 2 + type: group + fields: + - name: name + level: core + type: keyword + description: Short name or login of the user. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false +- name: user_agent + title: User agent + group: 2 + type: group + fields: + - name: device.name + level: extended + type: keyword + description: Name of the device. + ignore_above: 1024 + - name: name + level: extended + type: keyword + description: Name of the user agent. + ignore_above: 1024 + - name: original + level: extended + type: keyword + description: Unparsed user_agent string. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + - name: os.name + level: extended + type: keyword + description: Operating system name, without the version. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/fields.yml new file mode 100644 index 0000000000000..8e9190cfe8485 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/fields.yml @@ -0,0 +1,11 @@ +- name: nginx.access + type: group + fields: + - name: remote_ip_list + type: array + description: | + An array of remote IP addresses. It is a list because it is common to include, besides the client IP address, IP addresses from headers like `X-Forwarded-For`. Real source IP is restored to `source.ip`. + - name: user_agent + type: group + - name: geoip + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/package-fields.yml new file mode 100644 index 0000000000000..1f8692738cce8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: nginx + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/manifest.yml new file mode 100644 index 0000000000000..bf0ac1dd526c8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/access/manifest.yml @@ -0,0 +1,23 @@ +title: Nginx access logs +type: logs +release: beta +streams: +- input: logs + vars: + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/nginx/access.log* + os: + darwin: + default: + - /usr/local/var/log/nginx/access.log* + windows: + default: + - c:/programdata/nginx/logs/*access.log* + title: Nginx access logs + description: Collect Nginx access logs diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..85ff82a8eccae --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/agent/stream/stream.yml.hbs @@ -0,0 +1,11 @@ +paths: +{{#each paths}} + - {{this}} +{{/each}} +exclude_files: [".gz$"] +multiline: + pattern: '^\d{4}\/\d{2}\/\d{2} ' + negate: true + match: after +processors: +- add_locale: ~ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/elasticsearch/ingest-pipeline/default.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/elasticsearch/ingest-pipeline/default.yml new file mode 100644 index 0000000000000..96b46eb9c98c6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/elasticsearch/ingest-pipeline/default.yml @@ -0,0 +1,52 @@ +--- +description: Pipeline for parsing the Nginx error logs +processors: +- grok: + field: message + patterns: + - '%{DATA:nginx.error.time} \[%{DATA:log.level}\] %{NUMBER:process.pid:long}#%{NUMBER:process.thread.id:long}: + (\*%{NUMBER:nginx.error.connection_id:long} )?%{GREEDYMULTILINE:message}' + pattern_definitions: + GREEDYMULTILINE: |- + (.| + | )* + ignore_missing: true +- rename: + field: '@timestamp' + target_field: event.created +- date: + if: ctx.event.timezone == null + field: nginx.error.time + target_field: '@timestamp' + formats: + - yyyy/MM/dd H:m:s + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- date: + if: ctx.event.timezone != null + field: nginx.error.time + target_field: '@timestamp' + formats: + - yyyy/MM/dd H:m:s + timezone: '{{ event.timezone }}' + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- remove: + field: nginx.error.time +- set: + field: event.kind + value: event +- append: + field: event.category + value: web +- append: + field: event.type + value: error +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/ecs.yml new file mode 100644 index 0000000000000..8cca86575b7ed --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/ecs.yml @@ -0,0 +1,35 @@ +- name: message + level: core + type: text + description: |- + For log events the message field contains the log message, optimized for viewing in a log viewer. + For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. + If multiple messages exist, they can be combined into one message. +- name: log + title: Log + group: 2 + type: group + fields: + - name: level + level: core + type: keyword + description: |- + Original log level of the log event. + If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). + Some examples are `warn`, `err`, `i`, `informational`. + ignore_above: 1024 +- name: process + title: Process + group: 2 + type: group + fields: + - name: pid + level: core + type: long + format: string + description: Process id. + - name: thread.id + level: extended + type: long + format: string + description: Thread ID. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/fields.yml new file mode 100644 index 0000000000000..34112d2ea67a8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/fields.yml @@ -0,0 +1,7 @@ +- name: nginx.error + type: group + fields: + - name: connection_id + type: long + description: | + Connection identifier. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/package-fields.yml new file mode 100644 index 0000000000000..1f8692738cce8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: nginx + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/manifest.yml new file mode 100644 index 0000000000000..c0dc1753f1120 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/error/manifest.yml @@ -0,0 +1,23 @@ +title: Nginx error logs +type: logs +release: beta +streams: +- input: logs + vars: + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/nginx/error.log* + os: + darwin: + default: + - /usr/local/var/log/nginx/error.log* + windows: + default: + - c:/programdata/nginx/logs/error.log* + title: Nginx error logs + description: Collect Nginx error logs diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..8a1b413517e72 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/agent/stream/stream.yml.hbs @@ -0,0 +1,7 @@ +paths: +{{#each paths}} + - {{this}} +{{/each}} +exclude_files: [".gz$"] +processors: + - add_locale: ~ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/elasticsearch/ingest-pipeline/default.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/elasticsearch/ingest-pipeline/default.yml new file mode 100644 index 0000000000000..abf54fcd2ca79 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/elasticsearch/ingest-pipeline/default.yml @@ -0,0 +1,173 @@ +--- +description: Pipeline for parsing Nginx ingress controller access logs. Requires the + geoip and user_agent plugins. +processors: +- grok: + field: message + patterns: + - (%{NGINX_HOST} )?"?(?:%{NGINX_ADDRESS_LIST:nginx.ingress_controller.remote_ip_list}|%{NOTSPACE:source.address}) + - (-|%{DATA:user.name}) \[%{HTTPDATE:nginx.ingress_controller.time}\] "%{DATA:nginx.ingress_controller.info}" + %{NUMBER:http.response.status_code:long} %{NUMBER:http.response.body.bytes:long} + "(-|%{DATA:http.request.referrer})" "(-|%{DATA:user_agent.original})" %{NUMBER:nginx.ingress_controller.http.request.length:long} + %{NUMBER:nginx.ingress_controller.http.request.time:double} \[%{DATA:nginx.ingress_controller.upstream.name}\] + \[%{DATA:nginx.ingress_controller.upstream.alternative_name}\] (%{UPSTREAM_ADDRESS}|-) + (%{NUMBER:nginx.ingress_controller.upstream.response.length:long}|-) (%{NUMBER:nginx.ingress_controller.upstream.response.time:double}|-) + (%{NUMBER:nginx.ingress_controller.upstream.response.status_code:long}|-) %{GREEDYDATA:nginx.ingress_controller.http.request.id} + pattern_definitions: + NGINX_HOST: (?:%{IP:destination.ip}|%{NGINX_NOTSEPARATOR:destination.domain})(:%{NUMBER:destination.port})? + NGINX_NOTSEPARATOR: "[^\t ,:]+" + NGINX_ADDRESS_LIST: (?:%{IP}|%{WORD})("?,?\s*(?:%{IP}|%{WORD}))* + UPSTREAM_ADDRESS: '%{IP:nginx.ingress_controller.upstream.ip}(:%{NUMBER:nginx.ingress_controller.upstream.port})?' + ignore_missing: true +- grok: + field: nginx.ingress_controller.info + patterns: + - '%{WORD:http.request.method} %{DATA:url.original} HTTP/%{NUMBER:http.version}' + - "" + ignore_missing: true +- remove: + field: nginx.ingress_controller.info +- split: + field: nginx.ingress_controller.remote_ip_list + separator: '"?,?\s+' + ignore_missing: true +- split: + field: nginx.ingress_controller.origin + separator: '"?,?\s+' + ignore_missing: true +- set: + field: source.address + if: ctx.source?.address == null + value: "" +- script: + if: ctx.nginx?.access?.remote_ip_list != null && ctx.nginx.ingress_controller.remote_ip_list.length > 0 + lang: painless + source: >- + boolean isPrivate(def dot, def ip) { + try { + StringTokenizer tok = new StringTokenizer(ip, dot); + int firstByte = Integer.parseInt(tok.nextToken()); + int secondByte = Integer.parseInt(tok.nextToken()); + if (firstByte == 10) { + return true; + } + if (firstByte == 192 && secondByte == 168) { + return true; + } + if (firstByte == 172 && secondByte >= 16 && secondByte <= 31) { + return true; + } + if (firstByte == 127) { + return true; + } + return false; + } + catch (Exception e) { + return false; + } + } + try { + ctx.source.address = null; + if (ctx.nginx.ingress_controller.remote_ip_list == null) { + return; + } + def found = false; + for (def item : ctx.nginx.ingress_controller.remote_ip_list) { + if (!isPrivate(params.dot, item)) { + ctx.source.address = item; + found = true; + break; + } + } + if (!found) { + ctx.source.address = ctx.nginx.ingress_controller.remote_ip_list[0]; + } + } + catch (Exception e) { + ctx.source.address = null; + } + params: + dot: . +- remove: + field: source.address + if: ctx.source.address == null +- grok: + field: source.address + patterns: + - ^%{IP:source.ip}$ + ignore_failure: true +- remove: + field: message +- rename: + field: '@timestamp' + target_field: event.created +- date: + field: nginx.ingress_controller.time + target_field: '@timestamp' + formats: + - dd/MMM/yyyy:H:m:s Z + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- remove: + field: nginx.ingress_controller.time +- user_agent: + field: user_agent.original + ignore_missing: true +- geoip: + field: source.ip + target_field: source.geo + ignore_missing: true +- geoip: + database_file: GeoLite2-ASN.mmdb + field: source.ip + target_field: source.as + properties: + - asn + - organization_name + ignore_missing: true +- rename: + field: source.as.asn + target_field: source.as.number + ignore_missing: true +- rename: + field: source.as.organization_name + target_field: source.as.organization.name + ignore_missing: true +- set: + field: event.kind + value: event +- append: + field: event.category + value: web +- append: + field: event.type + value: info +- set: + field: event.outcome + value: success + if: "ctx?.http?.response?.status_code != null && ctx.http.response.status_code < 400" +- set: + field: event.outcome + value: failure + if: "ctx?.http?.response?.status_code != null && ctx.http.response.status_code >= 400" +- lowercase: + field: http.request.method + ignore_missing: true +- append: + field: related.ip + value: "{{source.ip}}" + if: "ctx?.source?.ip != null" +- append: + field: related.ip + value: "{{destination.ip}}" + if: "ctx?.destination?.ip != null" +- append: + field: related.user + value: "{{user.name}}" + if: "ctx?.user?.name != null" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/ecs.yml new file mode 100644 index 0000000000000..98ad5bf38ce13 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/ecs.yml @@ -0,0 +1,133 @@ +- name: http + title: HTTP + group: 2 + type: group + fields: + - name: request.method + level: extended + type: keyword + description: |- + HTTP request method. + The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". + ignore_above: 1024 + - name: request.referrer + level: extended + type: keyword + description: Referrer for this HTTP request. + ignore_above: 1024 + - name: response.body.bytes + level: extended + type: long + format: bytes + description: Size in bytes of the response body. + - name: response.status_code + level: extended + type: long + format: string + description: HTTP response status code. + - name: version + level: extended + type: keyword + description: HTTP version. + ignore_above: 1024 +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 + - name: geo.continent_name + level: core + type: keyword + description: Name of the continent. + ignore_above: 1024 + - name: geo.country_iso_code + level: core + type: keyword + description: Country ISO code. + ignore_above: 1024 + - name: geo.location + level: core + type: geo_point + description: Longitude and latitude. + - name: geo.region_iso_code + level: core + type: keyword + description: Region ISO code. + ignore_above: 1024 + - name: geo.region_name + level: core + type: keyword + description: Region name. + ignore_above: 1024 +- name: url + title: URL + group: 2 + type: group + fields: + - name: original + level: extended + type: keyword + description: |- + Unmodified original url as seen in the event source. + Note that in network monitoring, the observed URL may be a full URL, whereas in access logs, the URL is often just represented as a path. + This field is meant to represent the URL as it was observed, complete or not. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false +- name: user + title: User + group: 2 + type: group + fields: + - name: name + level: core + type: keyword + description: Short name or login of the user. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false +- name: user_agent + title: User agent + group: 2 + type: group + fields: + - name: device.name + level: extended + type: keyword + description: Name of the device. + ignore_above: 1024 + - name: name + level: extended + type: keyword + description: Name of the user agent. + ignore_above: 1024 + - name: original + level: extended + type: keyword + description: Unparsed user_agent string. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + - name: os.name + level: extended + type: keyword + description: Operating system name, without the version. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/fields.yml new file mode 100644 index 0000000000000..ac486d5f62aa0 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/fields.yml @@ -0,0 +1,55 @@ +- name: nginx.ingress_controller + type: group + fields: + - name: remote_ip_list + type: array + description: | + An array of remote IP addresses. It is a list because it is common to include, besides the client IP address, IP addresses from headers like `X-Forwarded-For`. Real source IP is restored to `source.ip`. + - name: http.request.length + type: long + format: bytes + description: | + The request length (including request line, header, and request body) + - name: http.request.time + type: double + format: duration + description: | + Time elapsed since the first bytes were read from the client + - name: upstream.name + type: text + description: | + The name of the upstream. + - name: upstream.alternative_name + type: text + description: | + The name of the alternative upstream. + - name: upstream.response.length + type: long + format: bytes + description: | + The length of the response obtained from the upstream server + - name: upstream.response.time + type: double + format: duration + description: | + The time spent on receiving the response from the upstream server as seconds with millisecond resolution + - name: upstream.response.status_code + type: long + description: | + The status code of the response obtained from the upstream server + - name: http.request.id + type: text + description: | + The randomly generated ID of the request + - name: upstream.ip + type: ip + description: | + The IP address of the upstream server. If several servers were contacted during request processing, their addresses are separated by commas. + - name: upstream.port + type: long + description: | + The port of the upstream server. + - name: user_agent + type: group + - name: geoip + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/package-fields.yml new file mode 100644 index 0000000000000..1f8692738cce8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: nginx + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/manifest.yml new file mode 100644 index 0000000000000..a3c059ab02a00 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/ingress_controller/manifest.yml @@ -0,0 +1,24 @@ +title: Nginx ingress_controller logs +type: logs +release: beta +streams: +- input: logs + enabled: false + vars: + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/nginx/ingress.log* + os: + darwin: + default: + - /usr/local/var/log/nginx/ingress.log* + windows: + default: + - c:/programdata/nginx/logs/*ingress.log* + title: Nginx ingress controller logs + description: Collect Nginx ingress controller logs diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..18aabf7beea3f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/agent/stream/stream.yml.hbs @@ -0,0 +1,9 @@ +metricsets: ["stubstatus"] +hosts: +{{#each hosts}} + - {{this}} +{{/each}} +period: {{period}} +{{#if server_status_path}} +server_status_path: {{server_status_path}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/fields/fields.yml new file mode 100644 index 0000000000000..decf65b7e7964 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/fields/fields.yml @@ -0,0 +1,44 @@ +- name: nginx.stubstatus + type: group + release: ga + fields: + - name: hostname + type: keyword + description: | + Nginx hostname. + - name: active + type: long + description: | + The current number of active client connections including Waiting connections. + - name: accepts + type: long + description: | + The total number of accepted client connections. + - name: handled + type: long + description: | + The total number of handled client connections. + - name: dropped + type: long + description: | + The total number of dropped client connections. + - name: requests + type: long + description: | + The total number of client requests. + - name: current + type: long + description: | + The current number of client requests. + - name: reading + type: long + description: | + The current number of connections where Nginx is reading the request header. + - name: writing + type: long + description: | + The current number of connections where Nginx is writing the response back to the client. + - name: waiting + type: long + description: | + The current number of idle client connections waiting for a request. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/fields/package-fields.yml new file mode 100644 index 0000000000000..1f8692738cce8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: nginx + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/manifest.yml new file mode 100644 index 0000000000000..6a85c662b769a --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/dataset/stubstatus/manifest.yml @@ -0,0 +1,22 @@ +title: Nginx stubstatus metrics +type: metrics +release: beta +streams: +- input: nginx/metrics + vars: + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 10s + - name: server_status_path + type: text + title: Server Status Path + multi: false + required: true + show_user: false + default: /nginx_status + title: Nginx stub status metrics + description: Collect Nginx stub status metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/docs/README.md b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/docs/README.md new file mode 100644 index 0000000000000..c17b47ced0c03 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/docs/README.md @@ -0,0 +1,179 @@ +# Nginx Integration + +This integration periodically fetches metrics from [https://nginx.org/](Nginx) servers. It can parse access and error +logs created by the HTTP server. + +## Compatibility + +The Nginx `stubstatus` metrics was tested with Nginx 1.9 and are expected to work with all version >= 1.9. +The logs were tested with version 1.10. +On Windows, the module was tested with Nginx installed from the Chocolatey repository. + +## Logs + +**Timezone support** + +This datasource parses logs that don’t contain timezone information. For these logs, the Elastic Agent reads the local +timezone and uses it when parsing to convert the timestamp to UTC. The timezone to be used for parsing is included +in the event in the `event.timezone` field. + +To disable this conversion, the event.timezone field can be removed with the drop_fields processor. + +If logs are originated from systems or applications with a different timezone to the local one, the `event.timezone` +field can be overwritten with the original timezone using the add_fields processor. + +### Access Logs + +Access logs collects the nginx access logs. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| http.request.method | HTTP request method. The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". | keyword | +| http.request.referrer | Referrer for this HTTP request. | keyword | +| http.response.body.bytes | Size in bytes of the response body. | long | +| http.response.status_code | HTTP response status code. | long | +| http.version | HTTP version. | keyword | +| nginx.access.remote_ip_list | An array of remote IP addresses. It is a list because it is common to include, besides the client IP address, IP addresses from headers like `X-Forwarded-For`. Real source IP is restored to `source.ip`. | array | +| source.geo.city_name | City name. | keyword | +| source.geo.continent_name | Name of the continent. | keyword | +| source.geo.country_iso_code | Country ISO code. | keyword | +| source.geo.location | Longitude and latitude. | geo_point | +| source.geo.region_iso_code | Region ISO code. | keyword | +| source.geo.region_name | Region name. | keyword | +| url.original | Unmodified original url as seen in the event source. Note that in network monitoring, the observed URL may be a full URL, whereas in access logs, the URL is often just represented as a path. This field is meant to represent the URL as it was observed, complete or not. | keyword | +| user.name | Short name or login of the user. | keyword | +| user_agent.device.name | Name of the device. | keyword | +| user_agent.name | Name of the user agent. | keyword | +| user_agent.original | Unparsed user_agent string. | keyword | +| user_agent.os.name | Operating system name, without the version. | keyword | + + +### Error Logs + +Error logs collects the nginx error logs. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| log.level | Original log level of the log event. If the source of the event provides a log level or textual severity, this is the one that goes in `log.level`. If your source doesn't specify one, you may put your event transport's severity here (e.g. Syslog severity). Some examples are `warn`, `err`, `i`, `informational`. | keyword | +| message | For log events the message field contains the log message, optimized for viewing in a log viewer. For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. If multiple messages exist, they can be combined into one message. | text | +| nginx.error.connection_id | Connection identifier. | long | +| process.pid | Process id. | long | +| process.thread.id | Thread ID. | long | + + +### Ingress Controller Logs + +Error logs collects the ingress controller logs. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| http.request.method | HTTP request method. The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". | keyword | +| http.request.referrer | Referrer for this HTTP request. | keyword | +| http.response.body.bytes | Size in bytes of the response body. | long | +| http.response.status_code | HTTP response status code. | long | +| http.version | HTTP version. | keyword | +| nginx.ingress_controller.http.request.id | The randomly generated ID of the request | text | +| nginx.ingress_controller.http.request.length | The request length (including request line, header, and request body) | long | +| nginx.ingress_controller.http.request.time | Time elapsed since the first bytes were read from the client | double | +| nginx.ingress_controller.remote_ip_list | An array of remote IP addresses. It is a list because it is common to include, besides the client IP address, IP addresses from headers like `X-Forwarded-For`. Real source IP is restored to `source.ip`. | array | +| nginx.ingress_controller.upstream.alternative_name | The name of the alternative upstream. | text | +| nginx.ingress_controller.upstream.ip | The IP address of the upstream server. If several servers were contacted during request processing, their addresses are separated by commas. | ip | +| nginx.ingress_controller.upstream.name | The name of the upstream. | text | +| nginx.ingress_controller.upstream.port | The port of the upstream server. | long | +| nginx.ingress_controller.upstream.response.length | The length of the response obtained from the upstream server | long | +| nginx.ingress_controller.upstream.response.status_code | The status code of the response obtained from the upstream server | long | +| nginx.ingress_controller.upstream.response.time | The time spent on receiving the response from the upstream server as seconds with millisecond resolution | double | +| source.geo.city_name | City name. | keyword | +| source.geo.continent_name | Name of the continent. | keyword | +| source.geo.country_iso_code | Country ISO code. | keyword | +| source.geo.location | Longitude and latitude. | geo_point | +| source.geo.region_iso_code | Region ISO code. | keyword | +| source.geo.region_name | Region name. | keyword | +| url.original | Unmodified original url as seen in the event source. Note that in network monitoring, the observed URL may be a full URL, whereas in access logs, the URL is often just represented as a path. This field is meant to represent the URL as it was observed, complete or not. | keyword | +| user.name | Short name or login of the user. | keyword | +| user_agent.device.name | Name of the device. | keyword | +| user_agent.name | Name of the user agent. | keyword | +| user_agent.original | Unparsed user_agent string. | keyword | +| user_agent.os.name | Operating system name, without the version. | keyword | + + +## Metrics + +### Stub Status Metrics + +The Nginx stubstatus stream collects data from the Nginx `ngx_http_stub_status` module. It scrapes the server status +data from the web page generated by ngx_http_stub_status. + +This is a default stream. If the host datasource is unconfigured, this stream is enabled by default. + +An example event for nginx looks as following: + +```$json +{ + "@timestamp":"2020-04-28T11:07:58.223Z", + "service":{ + "type":"nginx", + "address":"127.0.0.1:8081" + }, + "nginx":{ + "stubstatus":{ + "waiting":0, + "hostname":"127.0.0.1:8081", + "dropped":0, + "writing":1, + "handled":7339, + "requests":7411, + "reading":0, + "accepts":7339, + "current":10, + "active":1 + } + }, + "stream":{ + "namespace":"default", + "type":"metrics", + "dataset":"nginx.stubstatus" + }, + "ecs":{ + "version":"1.5.0" + }, + "agent":{ + "type":"metricbeat", + "ephemeral_id":"8eb07b4f-df58-4794-8e00-60f1443f33b6", + "hostname":"MacBook-Elastic.local", + "id":"e47f6e4d-5277-46f3-801d-221c7584c604", + "version":"8.0.0" + }, + "event":{ + "module":"nginx", + "duration":1112095, + "dataset":"nginx.stubstatus" + }, + "metricset":{ + "period":10000, + "name":"stubstatus" + } +} +``` + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| nginx.stubstatus.accepts | The total number of accepted client connections. | long | +| nginx.stubstatus.active | The current number of active client connections including Waiting connections. | long | +| nginx.stubstatus.current | The current number of client requests. | long | +| nginx.stubstatus.dropped | The total number of dropped client connections. | long | +| nginx.stubstatus.handled | The total number of handled client connections. | long | +| nginx.stubstatus.hostname | Nginx hostname. | keyword | +| nginx.stubstatus.reading | The current number of connections where Nginx is reading the request header. | long | +| nginx.stubstatus.requests | The total number of client requests. | long | +| nginx.stubstatus.waiting | The current number of idle client connections waiting for a request. | long | +| nginx.stubstatus.writing | The current number of connections where Nginx is writing the response back to the client. | long | + diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/img/kibana-nginx.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/img/kibana-nginx.png new file mode 100644 index 0000000000000..fa7b847b70544 Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/img/kibana-nginx.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/img/logo_nginx.svg b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/img/logo_nginx.svg new file mode 100644 index 0000000000000..49ac842a8e367 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/img/logo_nginx.svg @@ -0,0 +1,6 @@ + + + + + + diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/img/metricbeat-nginx.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/img/metricbeat-nginx.png new file mode 100644 index 0000000000000..a1315ea1945a2 Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/img/metricbeat-nginx.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/dashboard/023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/dashboard/023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..f92acbcfcb095 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/dashboard/023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,46 @@ +{ + "attributes": { + "description": "Overview dashboard for the Nginx integration in Metrics", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false,\"hidePanelTitles\":false,\"useMargins\":true}", + "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"1\",\"w\":24,\"x\":24,\"y\":0},\"panelIndex\":\"1\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"2\",\"w\":24,\"x\":24,\"y\":12},\"panelIndex\":\"2\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"3\",\"w\":24,\"x\":0,\"y\":12},\"panelIndex\":\"3\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"4\",\"w\":24,\"x\":0,\"y\":0},\"panelIndex\":\"4\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"5\",\"w\":48,\"x\":0,\"y\":24},\"panelIndex\":\"5\",\"panelRefName\":\"panel_4\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Metrics Nginx] Overview ECS", + "version": 1 + }, + "id": "023d2930-f1a5-11e7-a9ef-93c69af7b129-ecs", + "migrationVersion": { + "dashboard": "7.3.0" + }, + "references": [ + { + "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", + "name": "panel_4", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..264b668f833d2 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,41 @@ +{ + "attributes": { + "description": "Dashboard for the Logs Nginx integration", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{\"columns\":[\"log.level\",\"message\"],\"sort\":[\"@timestamp\",\"desc\"]},\"gridData\":{\"h\":12,\"i\":\"11\",\"w\":48,\"x\":0,\"y\":16},\"panelIndex\":\"11\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"columns\":[\"url.original\",\"http.request.method\",\"http.response.status_code\",\"http.response.body.bytes\"],\"sort\":[\"@timestamp\",\"desc\"]},\"gridData\":{\"h\":28,\"i\":\"16\",\"w\":48,\"x\":0,\"y\":28},\"panelIndex\":\"16\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"18\",\"w\":48,\"x\":0,\"y\":4},\"panelIndex\":\"18\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":4,\"i\":\"19\",\"w\":48,\"x\":0,\"y\":0},\"panelIndex\":\"19\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Logs Nginx] Access and error logs ECS", + "version": 1 + }, + "id": "046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs", + "migrationVersion": { + "dashboard": "7.3.0" + }, + "references": [ + { + "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_0", + "type": "search" + }, + { + "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_1", + "type": "search" + }, + { + "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_3", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..596cb714fa171 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,61 @@ +{ + "attributes": { + "description": "Dashboard for the Logs Nginx integration", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"3\",\"w\":12,\"x\":36,\"y\":44},\"panelIndex\":\"3\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"vis\":{\"legendOpen\":true}},\"gridData\":{\"h\":12,\"i\":\"4\",\"w\":12,\"x\":24,\"y\":44},\"panelIndex\":\"4\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"mapBounds\":{\"bottom_right\":{\"lat\":-7.362466865535738,\"lon\":245.39062500000003},\"top_left\":{\"lat\":77.07878389624943,\"lon\":-245.74218750000003}},\"mapCenter\":[50.51342652633956,-0.17578125],\"mapCollar\":{\"bottom_right\":{\"lat\":-49.583095,\"lon\":180},\"top_left\":{\"lat\":90,\"lon\":-180},\"zoom\":2},\"mapZoom\":2},\"gridData\":{\"h\":16,\"i\":\"8\",\"w\":48,\"x\":0,\"y\":4},\"panelIndex\":\"8\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"13\",\"w\":48,\"x\":0,\"y\":20},\"panelIndex\":\"13\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"14\",\"w\":24,\"x\":24,\"y\":32},\"panelIndex\":\"14\",\"panelRefName\":\"panel_4\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"15\",\"w\":24,\"x\":0,\"y\":32},\"panelIndex\":\"15\",\"panelRefName\":\"panel_5\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"16\",\"w\":24,\"x\":0,\"y\":44},\"panelIndex\":\"16\",\"panelRefName\":\"panel_6\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":4,\"i\":\"17\",\"w\":48,\"x\":0,\"y\":0},\"panelIndex\":\"17\",\"panelRefName\":\"panel_7\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Logs Nginx] Overview ECS", + "version": 1 + }, + "id": "55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs", + "migrationVersion": { + "dashboard": "7.3.0" + }, + "references": [ + { + "id": "Nginx-Access-Browsers-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "Nginx-Access-OSes-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "Nginx-Access-Map-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_4", + "type": "visualization" + }, + { + "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_5", + "type": "visualization" + }, + { + "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_6", + "type": "visualization" + }, + { + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", + "name": "panel_7", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..9b98028609b95 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,35 @@ +{ + "attributes": { + "columns": [ + "url.original", + "http.request.method", + "http.response.status_code", + "http.response.body.bytes" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"(stream.dataset:nginx.access OR stream.dataset:nginx.error OR stream.dataset:nginx.ingress_controller) AND url.original:*\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Nginx access logs [Logs Nginx] ECS", + "version": 1 + }, + "id": "6d9e66d0-a1f0-11e7-928f-5dbe6f6f5519-ecs", + "migrationVersion": { + "search": "7.4.0" + }, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..777f13bb9aea3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,33 @@ +{ + "attributes": { + "columns": [ + "log.level", + "message" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"(stream.dataset:nginx.access OR stream.dataset:nginx.error OR stream.dataset:nginx.ingress_controller) AND message:*\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Nginx error logs [Logs Nginx] ECS", + "version": 1 + }, + "id": "9eb25600-a1f0-11e7-928f-5dbe6f6f5519-ecs", + "migrationVersion": { + "search": "7.4.0" + }, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/Filebeat-Nginx-module-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/Filebeat-Nginx-module-ecs.json new file mode 100644 index 0000000000000..eb128568f9ab6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/Filebeat-Nginx-module-ecs.json @@ -0,0 +1,33 @@ +{ + "attributes": { + "columns": [ + "url.original", + "http.request.method", + "http.response.status_code", + "http.request.referrer", + "http.response.body.bytes" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"(stream.dataset:nginx.access OR stream.dataset:nginx.error OR stream.dataset:nginx.ingress_controller)\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Nginx logs [Logs Nginx] ECS", + "version": 1 + }, + "id": "Logs-Nginx-integration-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/Logs-Nginx-integration-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/Logs-Nginx-integration-ecs.json new file mode 100644 index 0000000000000..f9ff88a183280 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/search/Logs-Nginx-integration-ecs.json @@ -0,0 +1,36 @@ +{ + "attributes": { + "columns": [ + "url.original", + "http.request.method", + "http.response.status_code", + "http.request.referrer", + "http.response.body.bytes" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"(stream.dataset:nginx.access OR stream.dataset:nginx.error OR stream.dataset:nginx.ingress_controller)\"},\"version\":true}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Nginx logs [Logs Nginx] ECS", + "version": 1 + }, + "id": "Logs-Nginx-integration-ecs", + "migrationVersion": { + "search": "7.4.0" + }, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..03716e943b416 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Data Volume [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":{\"language\":\"lucene\",\"query\":\"stream.dataset:nginx.access\"},\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"logs-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"\",\"line_width\":1,\"metrics\":[{\"field\":\"http.response.body.bytes\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"sum\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_filters\":[{\"color\":\"#68BC00\",\"filter\":{\"language\":\"lucene\",\"query\":\"http.response.status_code:[200 TO 299]\"},\"id\":\"7c343c20-a29e-11e7-a062-a1c3587f4874\",\"label\":\"200s\"}],\"split_mode\":\"everything\",\"stacked\":\"none\",\"terms_field\":null}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Data Volume [Logs Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "0dd6f320-a29f-11e7-928f-5dbe6f6f5519-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..81a32dc039987 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Access logs over time [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"annotations\":[{\"color\":\"#F00\",\"icon\":\"fa-tag\",\"id\":\"970b1420-a1f3-11e7-a062-a1c3587f4874\",\"ignore_global_filters\":1,\"ignore_panel_filters\":1,\"index_pattern\":\"logs-*\",\"time_field\":\"@timestamp\"}],\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"background_color_rules\":[{\"id\":\"3189aa80-a1f3-11e7-a062-a1c3587f4874\"}],\"filter\":{\"language\":\"lucene\",\"query\":\"stream.dataset:nginx.access\"},\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"logs-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Access logs\",\"line_width\":1,\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_filters\":[{\"color\":\"#68BC00\",\"id\":\"1db649a0-a1f3-11e7-a062-a1c3587f4874\"}],\"split_mode\":\"everything\",\"stacked\":\"none\",\"terms_field\":\"url.original\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Access logs over time [Logs Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "1cfb1a80-a1f4-11e7-928f-5dbe6f6f5519-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..f499b4f4ee67c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Errors over time [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":{\"language\":\"lucene\",\"query\":\"stream.dataset:nginx.error\"},\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"logs-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"bar\",\"color\":\"rgba(211,49,21,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"line_width\":1,\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"log.level\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Errors over time [Logs Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "46322e50-a1f6-11e7-928f-5dbe6f6f5519-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..e21343c154211 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Active connections [Metrics Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.active\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Active connections [Metrics Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "47a8e0f0-f1a4-11e7-a9ef-93c69af7b129-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..569b0948da006 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Request Rate [Metrics Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Request rate\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.requests\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"id\":\"396ec980-f1a1-11e7-95d0-8ddf041d42a2\",\"type\":\"derivative\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Request Rate [Metrics Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "555df8a0-f1a1-11e7-a9ef-93c69af7b129-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..f5819ad4e3658 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Top pages [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"bar_color_rules\":[{\"id\":\"6252c320-a1f5-11e7-92ba-5d0b8663aece\"}],\"filter\":{\"language\":\"lucene\",\"query\":\"stream.dataset:nginx.access\"},\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"logs-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"line_width\":1,\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"url.original\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"value_template\":\"\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"top_n\"},\"title\":\"Top pages [Logs Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "9184fa00-a1f5-11e7-928f-5dbe6f6f5519-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..7bcc5d3acbf9c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Dashboards [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"fontSize\":12,\"markdown\":\"[Nginx logs overview](#/dashboard/55a9e6e0-a29e-11e7-928f-5dbe6f6f5519-ecs) | [Nginx access and error logs](#/dashboard/046212a0-a2a1-11e7-928f-5dbe6f6f5519-ecs)\"},\"title\":\"Dashboards [Logs Nginx] ECS\",\"type\":\"markdown\"}" + }, + "id": "97109780-a2a5-11e7-928f-5dbe6f6f5519-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/Nginx-Access-Browsers-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/Nginx-Access-Browsers-ecs.json new file mode 100644 index 0000000000000..af558f615137e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/Nginx-Access-Browsers-ecs.json @@ -0,0 +1,24 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Browsers breakdown [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"user_agent.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"user_agent.version\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"bottom\",\"shareYAxis\":true},\"title\":\"Nginx Access Browsers ECS\",\"type\":\"pie\"}" + }, + "id": "Nginx-Access-Browsers-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/Nginx-Access-Map-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/Nginx-Access-Map-ecs.json new file mode 100644 index 0000000000000..1b42b3ecf57ae --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/Nginx-Access-Map-ecs.json @@ -0,0 +1,25 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Access Map [Logs Nginx] ECS", + "uiStateJSON": "{\"mapCenter\":[12.039320557540572,-0.17578125]}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"autoPrecision\":true,\"field\":\"source.geo.location\"},\"schema\":\"segment\",\"type\":\"geohash_grid\"}],\"listeners\":{},\"params\":{\"addTooltip\":true,\"heatBlur\":15,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatNormalizeData\":true,\"heatRadius\":25,\"isDesaturated\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[15,5],\"mapType\":\"Scaled Circle Markers\",\"mapZoom\":2,\"wms\":{\"enabled\":false,\"options\":{\"attribution\":\"Maps provided by USGS\",\"format\":\"image/png\",\"layers\":\"0\",\"styles\":\"\",\"transparent\":true,\"version\":\"1.3.0\"},\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\"}},\"title\":\"Nginx Access Map ECS\",\"type\":\"tile_map\"}" + }, + "id": "Nginx-Access-Map-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [ + { + "id": "Logs-Nginx-integration-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/Nginx-Access-OSes-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/Nginx-Access-OSes-ecs.json new file mode 100644 index 0000000000000..46661d87fa8bf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/Nginx-Access-OSes-ecs.json @@ -0,0 +1,24 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Operating systems breakdown [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"user_agent.os.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"user_agent.os.version\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"bottom\",\"shareYAxis\":true},\"title\":\"Nginx Access OSes ECS\",\"type\":\"pie\"}" + }, + "id": "Nginx-Access-OSes-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..cb1135ee5bc4b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Accepts and Handled Rate [Metrics Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"annotations\":[{\"color\":\"#F00\",\"icon\":\"fa-tag\",\"id\":\"8644f980-f1a3-11e7-95d0-8ddf041d42a2\",\"ignore_global_filters\":1,\"ignore_panel_filters\":1,\"index_pattern\":\"*\",\"time_field\":\"@timestamp\"}],\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":\"0.5\",\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Accepts rate\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.accepts\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"id\":\"396ec980-f1a1-11e7-95d0-8ddf041d42a2\",\"type\":\"derivative\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,156,224,1)\",\"fill\":\"0.9\",\"formatter\":\"number\",\"id\":\"56dd33b0-f1a3-11e7-95d0-8ddf041d42a2\",\"label\":\"Handled rate\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.handled\",\"id\":\"56dd33b1-f1a3-11e7-95d0-8ddf041d42a2\",\"type\":\"avg\"},{\"field\":\"56dd33b1-f1a3-11e7-95d0-8ddf041d42a2\",\"id\":\"56dd33b2-f1a3-11e7-95d0-8ddf041d42a2\",\"type\":\"derivative\",\"unit\":\"\"}],\"point_size\":\"3\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Accepts and Handled Rate [Metrics Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "a1d92240-f1a1-11e7-a9ef-93c69af7b129-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs.json new file mode 100644 index 0000000000000..98bf00ea4879a --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Response codes over time [Logs Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":{\"language\":\"lucene\",\"query\":\"stream.dataset:nginx.access\"},\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"logs-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"bar\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"\",\"line_width\":1,\"metrics\":[{\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"count\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_filters\":[{\"color\":\"#68BC00\",\"filter\":{\"language\":\"lucene\",\"query\":\"http.response.status_code:[200 TO 299]\"},\"id\":\"5acdc750-a29d-11e7-a062-a1c3587f4874\",\"label\":\"200s\"},{\"color\":\"rgba(252,196,0,1)\",\"filter\":{\"language\":\"lucene\",\"query\":\"http.response.status_code:[300 TO 399]\"},\"id\":\"6efd2ae0-a29d-11e7-a062-a1c3587f4874\",\"label\":\"300s\"},{\"color\":\"rgba(211,49,21,1)\",\"filter\":{\"language\":\"lucene\",\"query\":\"http.response.status_code:[400 TO 499]\"},\"id\":\"76089a90-a29d-11e7-a062-a1c3587f4874\",\"label\":\"400s\"},{\"color\":\"rgba(171,20,158,1)\",\"filter\":{\"language\":\"lucene\",\"query\":\"http.response.status_code:[500 TO 599]\"},\"id\":\"7c7929d0-a29d-11e7-a062-a1c3587f4874\",\"label\":\"500s\"}],\"split_mode\":\"filters\",\"stacked\":\"stacked\",\"terms_field\":\"http.response.status_code\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Response codes over time [Logs Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "b70b1b20-a1f4-11e7-928f-5dbe6f6f5519-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..d190695c484f3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Drops Rate [Metrics Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(188,0,65,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Drops rate\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.dropped\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"},{\"field\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"id\":\"396ec980-f1a1-11e7-95d0-8ddf041d42a2\",\"type\":\"derivative\",\"unit\":\"\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Drops Rate [Metrics Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "d763a570-f1a1-11e7-a9ef-93c69af7b129-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs.json new file mode 100644 index 0000000000000..879c4b4d354e8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/kibana/visualization/dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs.json @@ -0,0 +1,18 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Reading / Writing / Waiting Rates [Metrics Nginx] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"legend_position\":\"bottom\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"Reading\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.reading\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,156,224,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"b1773680-f1a4-11e7-95d0-8ddf041d42a2\",\"label\":\"Writing\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.writing\",\"id\":\"b1773681-f1a4-11e7-95d0-8ddf041d42a2\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(252,220,0,1)\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"b68aa6c0-f1a4-11e7-95d0-8ddf041d42a2\",\"label\":\"Waiting\",\"line_width\":1,\"metrics\":[{\"field\":\"nginx.stubstatus.waiting\",\"id\":\"b68aa6c1-f1a4-11e7-95d0-8ddf041d42a2\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Reading / Writing / Waiting Rates [Metrics Nginx] ECS\",\"type\":\"metrics\"}" + }, + "id": "dcbffe30-f1a4-11e7-a9ef-93c69af7b129-ecs", + "migrationVersion": { + "visualization": "7.8.0" + }, + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/manifest.yml new file mode 100644 index 0000000000000..d615878ab69fb --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/nginx/0.1.1/manifest.yml @@ -0,0 +1,51 @@ +format_version: 1.0.0 +name: nginx +title: Nginx +version: 0.1.1 +license: basic +description: Nginx Integration +type: integration +categories: +- logs +- metrics +release: beta +removable: true +requirement: + kibana: + versions: '>=7.3.0 <8.0.0' + elasticsearch: + versions: '>7.0.1' +screenshots: +- src: /img/kibana-nginx.png + title: kibana nginx + size: 1218x1266 + type: image/png +- src: /img/metricbeat-nginx.png + title: metricbeat nginx + size: 2560x2100 + type: image/png +icons: +- src: /img/logo_nginx.svg + title: logo nginx + size: 32x32 + type: image/svg+xml +datasources: +- name: nginx + title: Nginx logs and metrics + description: Collect logs and metrics from Nginx instances + inputs: + - type: logs + title: Collect logs from Nginx instances + description: Collecting Nginx access, error and ingress controller logs + - type: nginx/metrics + vars: + - name: hosts + type: text + title: Hosts + multi: true + required: true + show_user: true + default: + - http://127.0.0.1 + title: Collect metrics from Nginx instances + description: Collecting Nginx stub status metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/agent/stream/log.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/agent/stream/log.yml.hbs new file mode 100644 index 0000000000000..58c96859c0b07 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/agent/stream/log.yml.hbs @@ -0,0 +1,14 @@ +paths: +{{#each paths as |path i|}} + - {{path}} +{{/each}} +exclude_files: [".gz$"] +multiline: + pattern: "^\\s" + match: after +processors: + - add_locale: ~ + - add_fields: + target: '' + fields: + ecs.version: 1.5.0 \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/elasticsearch/ingest-pipeline/default.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/elasticsearch/ingest-pipeline/default.json new file mode 100644 index 0000000000000..8df0a77e58261 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/elasticsearch/ingest-pipeline/default.json @@ -0,0 +1,121 @@ +{ + "description": "Pipeline for parsing system authorisation/secure logs", + "processors": [ + { + "grok": { + "field": "message", + "ignore_missing": true, + "pattern_definitions" : { + "GREEDYMULTILINE" : "(.|\n)*", + "TIMESTAMP": "(?:%{TIMESTAMP_ISO8601}|%{SYSLOGTIMESTAMP})" + }, + "patterns": [ + "%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\\[%{POSINT:process.pid:long}\\])?: %{DATA:system.auth.ssh.event} %{DATA:system.auth.ssh.method} for (invalid user )?%{DATA:user.name} from %{IPORHOST:source.ip} port %{NUMBER:source.port:long} ssh2(: %{GREEDYDATA:system.auth.ssh.signature})?", + "%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\\[%{POSINT:process.pid:long}\\])?: %{DATA:system.auth.ssh.event} user %{DATA:user.name} from %{IPORHOST:source.ip}", + "%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\\[%{POSINT:process.pid:long}\\])?: Did not receive identification string from %{IPORHOST:system.auth.ssh.dropped_ip}", + "%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\\[%{POSINT:process.pid:long}\\])?: \\s*%{DATA:user.name} :( %{DATA:system.auth.sudo.error} ;)? TTY=%{DATA:system.auth.sudo.tty} ; PWD=%{DATA:system.auth.sudo.pwd} ; USER=%{DATA:system.auth.sudo.user} ; COMMAND=%{GREEDYDATA:system.auth.sudo.command}", + "%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\\[%{POSINT:process.pid:long}\\])?: new group: name=%{DATA:group.name}, GID=%{NUMBER:group.id}", + "%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\\[%{POSINT:process.pid:long}\\])?: new user: name=%{DATA:user.name}, UID=%{NUMBER:user.id}, GID=%{NUMBER:group.id}, home=%{DATA:system.auth.useradd.home}, shell=%{DATA:system.auth.useradd.shell}$", + "%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname}? %{DATA:process.name}(?:\\[%{POSINT:process.pid:long}\\])?: %{GREEDYMULTILINE:system.auth.message}" + ] + } + }, + { + "remove": { + "field": "message" + } + }, + { + "rename": { + "field": "system.auth.message", + "target_field": "message", + "ignore_missing": true + } + }, + { + "set": { + "field": "source.ip", + "value": "{{system.auth.ssh.dropped_ip}}", + "if": "ctx.containsKey('system') && ctx.system.containsKey('auth') && ctx.system.auth.containsKey('ssh') && ctx.system.auth.ssh.containsKey('dropped_ip')" + } + }, + { + "date": { + "if": "ctx.event.timezone == null", + "field": "system.auth.timestamp", + "target_field": "@timestamp", + "formats": [ + "MMM d HH:mm:ss", + "MMM dd HH:mm:ss", + "ISO8601" + ], + "on_failure": [{"append": {"field": "error.message", "value": "{{ _ingest.on_failure_message }}"}}] + } + }, + { + "date": { + "if": "ctx.event.timezone != null", + "field": "system.auth.timestamp", + "target_field": "@timestamp", + "formats": [ + "MMM d HH:mm:ss", + "MMM dd HH:mm:ss", + "ISO8601" + ], + "timezone": "{{ event.timezone }}", + "on_failure": [{"append": {"field": "error.message", "value": "{{ _ingest.on_failure_message }}"}}] + } + }, + { + "remove": { + "field": "system.auth.timestamp" + } + }, + { + "geoip": { + "field": "source.ip", + "target_field": "source.geo", + "ignore_failure": true + } + }, + { + "geoip": { + "database_file": "GeoLite2-ASN.mmdb", + "field": "source.ip", + "target_field": "source.as", + "properties": [ + "asn", + "organization_name" + ], + "ignore_missing": true + } + }, + { + "rename": { + "field": "source.as.asn", + "target_field": "source.as.number", + "ignore_missing": true + } + }, + { + "rename": { + "field": "source.as.organization_name", + "target_field": "source.as.organization.name", + "ignore_missing": true + } + }, + { + "script": { + "lang": "painless", + "ignore_failure": true, + "source": "if (ctx.system.auth.ssh.event == \"Accepted\") { if (!ctx.containsKey(\"event\")) { ctx.event = [:]; } ctx.event.type = \"authentication_success\"; ctx.event.category = \"authentication\"; ctx.event.action = \"ssh_login\"; ctx.event.outcome = \"success\"; } else if (ctx.system.auth.ssh.event == \"Invalid\" || ctx.system.auth.ssh.event == \"Failed\") { if (!ctx.containsKey(\"event\")) { ctx.event = [:]; } ctx.event.type = \"authentication_failure\"; ctx.event.category = \"authentication\"; ctx.event.action = \"ssh_login\"; ctx.event.outcome = \"failure\"; }" + } + } + ], + "on_failure" : [{ + "set" : { + "field" : "error.message", + "value" : "{{ _ingest.on_failure_message }}" + } + }] +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/elasticsearch/ingest-pipeline/default.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/elasticsearch/ingest-pipeline/default.yml new file mode 100644 index 0000000000000..9f7c43959dcaa --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/elasticsearch/ingest-pipeline/default.yml @@ -0,0 +1,146 @@ +--- +description: Pipeline for parsing system authorisation/secure logs +processors: +- grok: + field: message + ignore_missing: true + pattern_definitions: + GREEDYMULTILINE: |- + (.| + )* + TIMESTAMP: (?:%{TIMESTAMP_ISO8601}|%{SYSLOGTIMESTAMP}) + patterns: + - '%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\[%{POSINT:process.pid:long}\])?: + %{DATA:system.auth.ssh.event} %{DATA:system.auth.ssh.method} for (invalid user + )?%{DATA:user.name} from %{IPORHOST:source.ip} port %{NUMBER:source.port:long} + ssh2(: %{GREEDYDATA:system.auth.ssh.signature})?' + - '%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\[%{POSINT:process.pid:long}\])?: + %{DATA:system.auth.ssh.event} user %{DATA:user.name} from %{IPORHOST:source.ip}' + - '%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\[%{POSINT:process.pid:long}\])?: + Did not receive identification string from %{IPORHOST:system.auth.ssh.dropped_ip}' + - '%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\[%{POSINT:process.pid:long}\])?: + \s*%{DATA:user.name} :( %{DATA:system.auth.sudo.error} ;)? TTY=%{DATA:system.auth.sudo.tty} + ; PWD=%{DATA:system.auth.sudo.pwd} ; USER=%{DATA:system.auth.sudo.user} ; COMMAND=%{GREEDYDATA:system.auth.sudo.command}' + - '%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\[%{POSINT:process.pid:long}\])?: + new group: name=%{DATA:group.name}, GID=%{NUMBER:group.id}' + - '%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\[%{POSINT:process.pid:long}\])?: + new user: name=%{DATA:user.name}, UID=%{NUMBER:user.id}, GID=%{NUMBER:group.id}, + home=%{DATA:system.auth.useradd.home}, shell=%{DATA:system.auth.useradd.shell}$' + - '%{TIMESTAMP:system.auth.timestamp} %{SYSLOGHOST:host.hostname}? %{DATA:process.name}(?:\[%{POSINT:process.pid:long}\])?: + %{GREEDYMULTILINE:system.auth.message}' +- remove: + field: message +- rename: + field: system.auth.message + target_field: message + ignore_missing: true +- set: + field: source.ip + value: '{{system.auth.ssh.dropped_ip}}' + if: "ctx?.system?.auth?.ssh?.dropped_ip != null" +- date: + if: ctx.event.timezone == null + field: system.auth.timestamp + target_field: '@timestamp' + formats: + - MMM d HH:mm:ss + - MMM dd HH:mm:ss + - ISO8601 + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- date: + if: ctx.event.timezone != null + field: system.auth.timestamp + target_field: '@timestamp' + formats: + - MMM d HH:mm:ss + - MMM dd HH:mm:ss + - ISO8601 + timezone: '{{ event.timezone }}' + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- remove: + field: system.auth.timestamp +- geoip: + field: source.ip + target_field: source.geo + ignore_failure: true +- geoip: + database_file: GeoLite2-ASN.mmdb + field: source.ip + target_field: source.as + properties: + - asn + - organization_name + ignore_missing: true +- rename: + field: source.as.asn + target_field: source.as.number + ignore_missing: true +- rename: + field: source.as.organization_name + target_field: source.as.organization.name + ignore_missing: true +- set: + field: event.kind + value: event +- script: + lang: painless + ignore_failure: true + source: >- + if (ctx.system.auth.ssh.event == "Accepted") { + ctx.event.type = ["authentication_success", "info"]; + ctx.event.category = ["authentication"]; + ctx.event.action = "ssh_login"; + ctx.event.outcome = "success"; + } else if (ctx.system.auth.ssh.event == "Invalid" || ctx.system.auth.ssh.event == "Failed") { + ctx.event.type = ["authentication_failure", "info"]; + ctx.event.category = ["authentication"]; + ctx.event.action = "ssh_login"; + ctx.event.outcome = "failure"; + } + +- append: + field: event.category + value: iam + if: "ctx?.process?.name != null && ['groupadd', 'groupdel', 'groupmod', 'useradd', 'userdel', 'usermod'].contains(ctx.process.name)" +- set: + field: event.outcome + value: success + if: "ctx?.process?.name != null && ['groupadd', 'groupdel', 'groupmod', 'useradd', 'userdel', 'usermod'].contains(ctx.process.name)" +- append: + field: event.type + value: user + if: "ctx?.process?.name != null && ['useradd', 'userdel', 'usermod'].contains(ctx.process.name)" +- append: + field: event.type + value: group + if: "ctx?.process?.name != null && ['groupadd', 'groupdel', 'groupmod'].contains(ctx.process.name)" +- append: + field: event.type + value: creation + if: "ctx?.process?.name != null && ['useradd', 'groupadd'].contains(ctx.process.name)" +- append: + field: event.type + value: deletion + if: "ctx?.process?.name != null && ['userdel', 'groupdel'].contains(ctx.process.name)" +- append: + field: event.type + value: change + if: "ctx?.process?.name != null && ['usermod', 'groupmod'].contains(ctx.process.name)" +- append: + field: related.user + value: "{{user.name}}" + if: "ctx?.user?.name != null" +- append: + field: related.ip + value: "{{source.ip}}" + if: "ctx?.source?.ip != null" +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/ecs.yml new file mode 100644 index 0000000000000..ef5fa4fca6025 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/ecs.yml @@ -0,0 +1,128 @@ +- name: '@timestamp' + level: core + required: true + type: date + description: |- + Date/time when the event originated. + This is the date/time extracted from the event, typically representing when the event was generated by the source. + If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. + Required field for all events. +- name: message + level: core + type: text + description: |- + For log events the message field contains the log message, optimized for viewing in a log viewer. + For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. + If multiple messages exist, they can be combined into one message. +- name: group + title: Group + group: 2 + type: group + fields: + - name: id + level: extended + type: keyword + description: Unique identifier for the group on the system/platform. + ignore_above: 1024 + - name: name + level: extended + type: keyword + description: Name of the group. + ignore_above: 1024 +- name: host + title: Host + group: 2 + type: group + fields: + - name: hostname + level: core + type: keyword + description: |- + Hostname of the host. + It normally contains what the `hostname` command returns on the host machine. + ignore_above: 1024 +- name: process + title: Process + group: 2 + type: group + fields: + - name: name + level: extended + type: keyword + description: |- + Process name. + Sometimes called program name or similar. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false + - name: pid + level: core + type: long + format: string + description: Process id. +- name: source + title: Source + group: 2 + type: group + fields: + - name: geo.city_name + level: core + type: keyword + description: City name. + ignore_above: 1024 + - name: geo.continent_name + level: core + type: keyword + description: Name of the continent. + ignore_above: 1024 + - name: geo.country_iso_code + level: core + type: keyword + description: Country ISO code. + ignore_above: 1024 + - name: geo.location + level: core + type: geo_point + description: Longitude and latitude. + - name: geo.region_iso_code + level: core + type: keyword + description: Region ISO code. + ignore_above: 1024 + - name: geo.region_name + level: core + type: keyword + description: Region name. + ignore_above: 1024 + - name: ip + level: core + type: ip + description: IP address of the source (IPv4 or IPv6). + - name: port + level: core + type: long + format: string + description: Port of the source. +- name: user + title: User + group: 2 + type: group + fields: + - name: id + level: core + type: keyword + description: Unique identifier of the user. + ignore_above: 1024 + - name: name + level: core + type: keyword + description: Short name or login of the user. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/fields.yml new file mode 100644 index 0000000000000..759d50887f48e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/fields.yml @@ -0,0 +1,58 @@ +- name: system.auth + type: group + fields: + - name: ssh + type: group + fields: + - name: method + type: keyword + description: | + The SSH authentication method. Can be one of "password" or "publickey". + - name: signature + type: keyword + description: | + The signature of the client public key. + - name: dropped_ip + type: ip + description: | + The client IP from SSH connections that are open and immediately dropped. + - name: event + type: keyword + description: | + The SSH event as found in the logs (Accepted, Invalid, Failed, etc.) + - name: geoip + type: group + - name: sudo + type: group + fields: + - name: error + type: keyword + description: | + The error message in case the sudo command failed. + - name: tty + type: keyword + description: | + The TTY where the sudo command is executed. + - name: pwd + type: keyword + description: | + The current directory where the sudo command is executed. + - name: user + type: keyword + description: | + The target user to which the sudo command is switching. + - name: command + type: keyword + description: | + The command executed via sudo. + - name: useradd + type: group + fields: + - name: home + type: keyword + description: The home folder for the new user. + - name: shell + type: keyword + description: The default shell for the new user. + - name: groupadd + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/manifest.yml new file mode 100644 index 0000000000000..4f0e0a6269600 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/auth/manifest.yml @@ -0,0 +1,24 @@ +title: System auth logs +release: experimental +type: logs +streams: +- input: logs + vars: + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/auth.log* + - /var/log/secure* + os: + darwin: + default: + - /var/log/secure.log* + windows: + default: [] + template_path: log.yml.hbs + title: System auth logs (log) + description: Collect System auth logs using log input diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..54fb6d64258a8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/agent/stream/stream.yml.hbs @@ -0,0 +1,4 @@ +metricsets: ["core"] +{{#if core.metrics}} +core.metrics: {{core.metrics}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/fields/fields.yml new file mode 100644 index 0000000000000..55a8f3191a118 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/fields/fields.yml @@ -0,0 +1,80 @@ +- name: system.core + type: group + release: ga + fields: + - name: id + type: long + description: | + CPU Core number. + - name: user.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in user space. + - name: user.ticks + type: long + description: | + The amount of CPU time spent in user space. + - name: system.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in kernel space. + - name: system.ticks + type: long + description: | + The amount of CPU time spent in kernel space. + - name: nice.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent on low-priority processes. + - name: nice.ticks + type: long + description: | + The amount of CPU time spent on low-priority processes. + - name: idle.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent idle. + - name: idle.ticks + type: long + description: | + The amount of CPU time spent idle. + - name: iowait.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in wait (on disk). + - name: iowait.ticks + type: long + description: | + The amount of CPU time spent in wait (on disk). + - name: irq.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent servicing and handling hardware interrupts. + - name: irq.ticks + type: long + description: | + The amount of CPU time spent servicing and handling hardware interrupts. + - name: softirq.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent servicing and handling software interrupts. + - name: softirq.ticks + type: long + description: | + The amount of CPU time spent servicing and handling software interrupts. + - name: steal.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in involuntary wait by the virtual CPU while the hypervisor was servicing another processor. Available only on Unix. + - name: steal.ticks + type: long + description: | + The amount of CPU time spent in involuntary wait by the virtual CPU while the hypervisor was servicing another processor. Available only on Unix. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/manifest.yml new file mode 100644 index 0000000000000..18500832d1528 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/core/manifest.yml @@ -0,0 +1,16 @@ +title: System core metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: core.metrics + type: text + title: Core Metrics + multi: true + required: true + show_user: true + default: + - percentages + title: System core metrics + description: Collect System core metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..675d42079e825 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/agent/stream/stream.yml.hbs @@ -0,0 +1,17 @@ +metricsets: ["cpu"] +{{#if core.metrics}} +core.metrics: {{core.metrics}} +{{/if}} +{{#if cpu.metrics}} +cpu.metrics: {{cpu.metrics}} +{{/if}} +period: {{period}} +{{#if process.include_top_n.by_cpu}} +process.include_top_n.by_cpu: {{process.include_top_n.by_cpu}} +{{/if}} +{{#if process.include_top_n.by_memory}} +process.include_top_n.by_memory: {{process.include_top_n.by_memory}} +{{/if}} +{{#if processes}} +processes: {{processes}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/fields/fields.yml new file mode 100644 index 0000000000000..001db35375a19 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/fields/fields.yml @@ -0,0 +1,130 @@ +- name: system.cpu + type: group + release: ga + fields: + - name: cores + type: long + description: | + The number of CPU cores present on the host. The non-normalized percentages will have a maximum value of `100% * cores`. The normalized percentages already take this value into account and have a maximum value of 100%. + - name: user.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in user space. On multi-core systems, you can have percentages that are greater than 100%. For example, if 3 cores are at 60% use, then the `system.cpu.user.pct` will be 180%. + - name: system.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in kernel space. + - name: nice.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent on low-priority processes. + - name: idle.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent idle. + - name: iowait.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in wait (on disk). + - name: irq.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent servicing and handling hardware interrupts. + - name: softirq.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent servicing and handling software interrupts. + - name: steal.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in involuntary wait by the virtual CPU while the hypervisor was servicing another processor. Available only on Unix. + - name: total.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in states other than Idle and IOWait. + - name: user.norm.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in user space. + - name: system.norm.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in kernel space. + - name: nice.norm.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent on low-priority processes. + - name: idle.norm.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent idle. + - name: iowait.norm.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in wait (on disk). + - name: irq.norm.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent servicing and handling hardware interrupts. + - name: softirq.norm.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent servicing and handling software interrupts. + - name: steal.norm.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent in involuntary wait by the virtual CPU while the hypervisor was servicing another processor. Available only on Unix. + - name: total.norm.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time in states other than Idle and IOWait, normalised by the number of cores. + - name: user.ticks + type: long + description: | + The amount of CPU time spent in user space. + - name: system.ticks + type: long + description: | + The amount of CPU time spent in kernel space. + - name: nice.ticks + type: long + description: | + The amount of CPU time spent on low-priority processes. + - name: idle.ticks + type: long + description: | + The amount of CPU time spent idle. + - name: iowait.ticks + type: long + description: | + The amount of CPU time spent in wait (on disk). + - name: irq.ticks + type: long + description: | + The amount of CPU time spent servicing and handling hardware interrupts. + - name: softirq.ticks + type: long + description: | + The amount of CPU time spent servicing and handling software interrupts. + - name: steal.ticks + type: long + description: | + The amount of CPU time spent in involuntary wait by the virtual CPU while the hypervisor was servicing another processor. Available only on Unix. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/manifest.yml new file mode 100644 index 0000000000000..7532c89a051e3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/cpu/manifest.yml @@ -0,0 +1,54 @@ +title: System cpu metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: core.metrics + type: text + title: Core Metrics + multi: true + required: true + show_user: true + default: + - percentages + - name: cpu.metrics + type: text + title: Cpu Metrics + multi: true + required: true + show_user: true + default: + - percentages + - normalized_percentages + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 10s + - name: process.include_top_n.by_cpu + type: integer + title: Process Include Top N By Cpu + multi: false + required: true + show_user: true + default: 5 + - name: process.include_top_n.by_memory + type: integer + title: Process Include Top N By Memory + multi: false + required: true + show_user: true + default: 5 + - name: processes + type: text + title: Processes + multi: true + required: true + show_user: true + default: + - .* + title: System cpu metrics + description: Collect System cpu metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..5af9cd487429e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/agent/stream/stream.yml.hbs @@ -0,0 +1 @@ +metricsets: ["diskio"] diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/fields/fields.yml new file mode 100644 index 0000000000000..b241da592a5bd --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/fields/fields.yml @@ -0,0 +1,96 @@ +- name: system.diskio + type: group + release: ga + fields: + - name: name + type: keyword + description: | + The disk name. + - name: serial_number + type: keyword + description: | + The disk's serial number. This may not be provided by all operating systems. + - name: read.count + type: long + description: | + The total number of reads completed successfully. + - name: write.count + type: long + description: | + The total number of writes completed successfully. + - name: read.bytes + type: long + format: bytes + description: | + The total number of bytes read successfully. On Linux this is the number of sectors read multiplied by an assumed sector size of 512. + - name: write.bytes + type: long + format: bytes + description: | + The total number of bytes written successfully. On Linux this is the number of sectors written multiplied by an assumed sector size of 512. + - name: read.time + type: long + description: | + The total number of milliseconds spent by all reads. + - name: write.time + type: long + description: | + The total number of milliseconds spent by all writes. + - name: io.time + type: long + description: | + The total number of of milliseconds spent doing I/Os. + - name: iostat.read.request.merges_per_sec + type: float + description: | + The number of read requests merged per second that were queued to the device. + - name: iostat.write.request.merges_per_sec + type: float + description: | + The number of write requests merged per second that were queued to the device. + - name: iostat.read.request.per_sec + type: float + description: | + The number of read requests that were issued to the device per second + - name: iostat.write.request.per_sec + type: float + description: | + The number of write requests that were issued to the device per second + - name: iostat.read.per_sec.bytes + type: float + format: bytes + description: | + The number of Bytes read from the device per second. + - name: iostat.read.await + type: float + description: | + The average time spent for read requests issued to the device to be served. + - name: iostat.write.per_sec.bytes + type: float + format: bytes + description: | + The number of Bytes write from the device per second. + - name: iostat.write.await + type: float + description: | + The average time spent for write requests issued to the device to be served. + - name: iostat.request.avg_size + type: float + description: | + The average size (in bytes) of the requests that were issued to the device. + - name: iostat.queue.avg_size + type: float + description: | + The average queue length of the requests that were issued to the device. + - name: iostat.await + type: float + description: | + The average time spent for requests issued to the device to be served. + - name: iostat.service_time + type: float + description: | + The average service time (in milliseconds) for I/O requests that were issued to the device. + - name: iostat.busy + type: float + description: | + Percentage of CPU time during which I/O requests were issued to the device (bandwidth utilization for the device). Device saturation occurs when this value is close to 100%. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/manifest.yml new file mode 100644 index 0000000000000..3d7a9fc704dd0 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/diskio/manifest.yml @@ -0,0 +1,7 @@ +title: System diskio metrics +release: experimental +type: metrics +streams: +- input: system/metrics + title: System diskio metrics + description: Collect System diskio metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..2b170b5dafd30 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/agent/stream/stream.yml.hbs @@ -0,0 +1 @@ +metricsets: ["entropy"] diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/fields/fields.yml new file mode 100644 index 0000000000000..289ab2b996b45 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/fields/fields.yml @@ -0,0 +1,13 @@ +- name: system.entropy + type: group + release: ga + fields: + - name: available_bits + type: long + description: | + The available bits of entropy + - name: pct + type: scaled_float + format: percent + description: | + The percentage of available entropy, relative to the pool size of 4096 diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/manifest.yml new file mode 100644 index 0000000000000..a0a7cf75a9e12 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/entropy/manifest.yml @@ -0,0 +1,7 @@ +title: System entropy metrics +release: experimental +type: metrics +streams: +- input: system/metrics + title: System entropy metrics + description: Collect System entropy metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..527eb4100f770 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/agent/stream/stream.yml.hbs @@ -0,0 +1,5 @@ +metricsets: ["filesystem"] +period: {{period}} +{{#if processors}} +processors: {{processors}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/fields/fields.yml new file mode 100644 index 0000000000000..c4f16b8c22e70 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/fields/fields.yml @@ -0,0 +1,49 @@ +- name: system.filesystem + type: group + release: ga + fields: + - name: available + type: long + format: bytes + description: | + The disk space available to an unprivileged user in bytes. + - name: device_name + type: keyword + description: | + The disk name. For example: `/dev/disk1` + - name: type + type: keyword + description: | + The disk type. For example: `ext4` + - name: mount_point + type: keyword + description: | + The mounting point. For example: `/` + - name: files + type: long + description: | + The total number of file nodes in the file system. + - name: free + type: long + format: bytes + description: | + The disk space available in bytes. + - name: free_files + type: long + description: | + The number of free file nodes in the file system. + - name: total + type: long + format: bytes + description: | + The total disk space in bytes. + - name: used.bytes + type: long + format: bytes + description: | + The used disk space in bytes. + - name: used.pct + type: scaled_float + format: percent + description: | + The percentage of used disk space. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/manifest.yml new file mode 100644 index 0000000000000..076a6905bfe6a --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/filesystem/manifest.yml @@ -0,0 +1,24 @@ +title: System filesystem metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 1m + - name: processors + type: yaml + title: Processors + multi: false + required: true + show_user: true + default: | + - drop_event.when.regexp: + system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/) + title: System filesystem metrics + description: Collect System filesystem metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..c40ddb1f6aa87 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/agent/stream/stream.yml.hbs @@ -0,0 +1,5 @@ +metricsets: ["fsstat"] +period: {{period}} +{{#if processors}} +processors: {{processors}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/fields/fields.yml new file mode 100644 index 0000000000000..7926f431debc1 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/fields/fields.yml @@ -0,0 +1,29 @@ +- name: system.fsstat + type: group + release: ga + fields: + - name: count + type: long + description: Number of file systems found. + - name: total_files + type: long + description: Total number of files. + - name: total_size + type: group + format: bytes + fields: + - name: free + type: long + format: bytes + description: | + Total free space. + - name: used + type: long + format: bytes + description: | + Total used space. + - name: total + type: long + format: bytes + description: | + Total space (used plus free). diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/manifest.yml new file mode 100644 index 0000000000000..8a28756bb81ef --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/fsstat/manifest.yml @@ -0,0 +1,24 @@ +title: System fsstat metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 1m + - name: processors + type: yaml + title: Processors + multi: false + required: true + show_user: true + default: | + - drop_event.when.regexp: + system.filesystem.mount_point: ^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/) + title: System fsstat metrics + description: Collect System fsstat metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..c53995fbb9729 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/agent/stream/stream.yml.hbs @@ -0,0 +1,17 @@ +metricsets: ["load"] +{{#if core.metrics}} +core.metrics: {{core.metrics}} +{{/if}} +{{#if cpu.metrics}} +cpu.metrics: {{cpu.metrics}} +{{/if}} +period: {{period}} +{{#if process.include_top_n.by_cpu}} +process.include_top_n.by_cpu: {{process.include_top_n.by_cpu}} +{{/if}} +{{#if process.include_top_n.by_memory}} +process.include_top_n.by_memory: {{process.include_top_n.by_memory}} +{{/if}} +{{#if processes}} +processes: {{processes}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/fields/fields.yml new file mode 100644 index 0000000000000..bd54d65c5c38f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/fields/fields.yml @@ -0,0 +1,32 @@ +- name: system.load + type: group + release: ga + fields: + - name: "1" + type: scaled_float + description: | + Load average for the last minute. + - name: "5" + type: scaled_float + description: | + Load average for the last 5 minutes. + - name: "15" + type: scaled_float + description: | + Load average for the last 15 minutes. + - name: norm.1 + type: scaled_float + description: | + Load for the last minute divided by the number of cores. + - name: norm.5 + type: scaled_float + description: | + Load for the last 5 minutes divided by the number of cores. + - name: norm.15 + type: scaled_float + description: | + Load for the last 15 minutes divided by the number of cores. + - name: cores + type: long + description: | + The number of CPU cores present on the host. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/manifest.yml new file mode 100644 index 0000000000000..fd1c930db1e86 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/load/manifest.yml @@ -0,0 +1,54 @@ +title: System load metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: core.metrics + type: text + title: Core Metrics + multi: true + required: true + show_user: true + default: + - percentages + - name: cpu.metrics + type: text + title: Cpu Metrics + multi: true + required: true + show_user: true + default: + - percentages + - normalized_percentages + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 10s + - name: process.include_top_n.by_cpu + type: integer + title: Process Include Top N By Cpu + multi: false + required: true + show_user: true + default: 5 + - name: process.include_top_n.by_memory + type: integer + title: Process Include Top N By Memory + multi: false + required: true + show_user: true + default: 5 + - name: processes + type: text + title: Processes + multi: true + required: true + show_user: true + default: + - .* + title: System load metrics + description: Collect System load metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..38a00a0f03f85 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/agent/stream/stream.yml.hbs @@ -0,0 +1,17 @@ +metricsets: ["memory"] +{{#if core.metrics}} +core.metrics: {{core.metrics}} +{{/if}} +{{#if cpu.metrics}} +cpu.metrics: {{cpu.metrics}} +{{/if}} +period: {{period}} +{{#if process.include_top_n.by_cpu}} +process.include_top_n.by_cpu: {{process.include_top_n.by_cpu}} +{{/if}} +{{#if process.include_top_n.by_memory}} +process.include_top_n.by_memory: {{process.include_top_n.by_memory}} +{{/if}} +{{#if processes}} +processes: {{processes}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/fields/fields.yml new file mode 100644 index 0000000000000..0598b4df3b1d5 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/fields/fields.yml @@ -0,0 +1,157 @@ +- name: system.memory + type: group + release: ga + fields: + - name: total + type: long + format: bytes + description: | + Total memory. + - name: used.bytes + type: long + format: bytes + description: | + Used memory. + - name: free + type: long + format: bytes + description: | + The total amount of free memory in bytes. This value does not include memory consumed by system caches and buffers (see system.memory.actual.free). + - name: used.pct + type: scaled_float + format: percent + description: | + The percentage of used memory. + - name: actual + type: group + fields: + - name: used.bytes + type: long + format: bytes + description: | + Actual used memory in bytes. It represents the difference between the total and the available memory. The available memory depends on the OS. For more details, please check `system.actual.free`. + - name: free + type: long + format: bytes + description: | + Actual free memory in bytes. It is calculated based on the OS. On Linux this value will be MemAvailable from /proc/meminfo, or calculated from free memory plus caches and buffers if /proc/meminfo is not available. On OSX it is a sum of free memory and the inactive memory. On Windows, it is equal to `system.memory.free`. + - name: used.pct + type: scaled_float + format: percent + description: | + The percentage of actual used memory. + - name: swap + type: group + fields: + - name: total + type: long + format: bytes + description: | + Total swap memory. + - name: used.bytes + type: long + format: bytes + description: | + Used swap memory. + - name: free + type: long + format: bytes + description: | + Available swap memory. + - name: out.pages + type: long + description: count of pages swapped out + - name: in.pages + type: long + description: count of pages swapped in + - name: readahead.pages + type: long + description: swap readahead pages + - name: readahead.cached + type: long + description: swap readahead cache hits + - name: used.pct + type: scaled_float + format: percent + description: | + The percentage of used swap memory. + - name: page_stats + type: group + fields: + - name: pgscan_kswapd.pages + type: long + format: number + description: pages scanned by kswapd + - name: pgscan_direct.pages + type: long + format: number + description: pages scanned directly + - name: pgfree.pages + type: long + format: number + description: pages freed by the system + - name: pgsteal_kswapd.pages + type: long + format: number + description: number of pages reclaimed by kswapd + - name: pgsteal_direct.pages + type: long + format: number + description: number of pages reclaimed directly + - name: direct_efficiency.pct + type: scaled_float + format: percent + description: direct reclaim efficiency percentage. A lower percentage indicates + the system is struggling to reclaim memory. + - name: kswapd_efficiency.pct + type: scaled_float + format: percent + description: kswapd reclaim efficiency percentage. A lower percentage indicates + the system is struggling to reclaim memory. + - name: hugepages + type: group + fields: + - name: total + type: long + format: number + description: | + Number of huge pages in the pool. + - name: used.bytes + type: long + format: bytes + description: | + Memory used in allocated huge pages. + - name: used.pct + type: long + format: percent + description: | + Percentage of huge pages used. + - name: free + type: long + format: number + description: | + Number of available huge pages in the pool. + - name: reserved + type: long + format: number + description: | + Number of reserved but not allocated huge pages in the pool. + - name: surplus + type: long + format: number + description: | + Number of overcommited huge pages. + - name: default_size + type: long + format: bytes + description: | + Default size for huge pages. + - name: swap.out + type: group + fields: + - name: pages + type: long + description: pages swapped out + - name: fallback + type: long + description: Count of huge pages that must be split before swapout diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/manifest.yml new file mode 100644 index 0000000000000..04996a8256ece --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/memory/manifest.yml @@ -0,0 +1,54 @@ +title: System memory metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: core.metrics + type: text + title: Core Metrics + multi: true + required: true + show_user: true + default: + - percentages + - name: cpu.metrics + type: text + title: Cpu Metrics + multi: true + required: true + show_user: true + default: + - percentages + - normalized_percentages + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 10s + - name: process.include_top_n.by_cpu + type: integer + title: Process Include Top N By Cpu + multi: false + required: true + show_user: true + default: 5 + - name: process.include_top_n.by_memory + type: integer + title: Process Include Top N By Memory + multi: false + required: true + show_user: true + default: 5 + - name: processes + type: text + title: Processes + multi: true + required: true + show_user: true + default: + - .* + title: System memory metrics + description: Collect System memory metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..25d93853bae11 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/agent/stream/stream.yml.hbs @@ -0,0 +1,17 @@ +metricsets: ["network"] +{{#if core.metrics}} +core.metrics: {{core.metrics}} +{{/if}} +{{#if cpu.metrics}} +cpu.metrics: {{cpu.metrics}} +{{/if}} +period: {{period}} +{{#if process.include_top_n.by_cpu}} +process.include_top_n.by_cpu: {{process.include_top_n.by_cpu}} +{{/if}} +{{#if process.include_top_n.by_memory}} +process.include_top_n.by_memory: {{process.include_top_n.by_memory}} +{{/if}} +{{#if processes}} +processes: {{processes}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/fields/fields.yml new file mode 100644 index 0000000000000..5792bbc3e9230 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/fields/fields.yml @@ -0,0 +1,42 @@ +- name: system.network + type: group + release: ga + fields: + - name: name + type: keyword + description: | + The network interface name. + - name: out.bytes + type: long + format: bytes + description: | + The number of bytes sent. + - name: in.bytes + type: long + format: bytes + description: | + The number of bytes received. + - name: out.packets + type: long + description: | + The number of packets sent. + - name: in.packets + type: long + description: | + The number or packets received. + - name: in.errors + type: long + description: | + The number of errors while receiving. + - name: out.errors + type: long + description: | + The number of errors while sending. + - name: in.dropped + type: long + description: | + The number of incoming packets that were dropped. + - name: out.dropped + type: long + description: | + The number of outgoing packets that were dropped. This value is always 0 on Darwin and BSD because it is not reported by the operating system. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/manifest.yml new file mode 100644 index 0000000000000..7732451312db0 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network/manifest.yml @@ -0,0 +1,54 @@ +title: System network metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: core.metrics + type: text + title: Core Metrics + multi: true + required: true + show_user: true + default: + - percentages + - name: cpu.metrics + type: text + title: Cpu Metrics + multi: true + required: true + show_user: true + default: + - percentages + - normalized_percentages + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 10s + - name: process.include_top_n.by_cpu + type: integer + title: Process Include Top N By Cpu + multi: false + required: true + show_user: true + default: 5 + - name: process.include_top_n.by_memory + type: integer + title: Process Include Top N By Memory + multi: false + required: true + show_user: true + default: 5 + - name: processes + type: text + title: Processes + multi: true + required: true + show_user: true + default: + - .* + title: System network metrics + description: Collect System network metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..6a9d6534986b1 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/agent/stream/stream.yml.hbs @@ -0,0 +1 @@ +metricsets: ["network_summary"] diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/fields/fields.yml new file mode 100644 index 0000000000000..c4714dfede5cc --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/fields/fields.yml @@ -0,0 +1,24 @@ +- name: system.network_summary + type: group + release: beta + fields: + - name: ip.* + type: object + description: | + IP counters + - name: tcp.* + type: object + description: | + TCP counters + - name: udp.* + type: object + description: | + UDP counters + - name: udp_lite.* + type: object + description: | + UDP Lite counters + - name: icmp.* + type: object + description: | + ICMP counters diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/manifest.yml new file mode 100644 index 0000000000000..7aa17bded79ba --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/network_summary/manifest.yml @@ -0,0 +1,7 @@ +title: System network_summary metrics +release: experimental +type: metrics +streams: +- input: system/metrics + title: System network_summary metrics + description: Collect System network_summary metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..b6e6fb6ece812 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/agent/stream/stream.yml.hbs @@ -0,0 +1,17 @@ +metricsets: ["process"] +{{#if core.metrics}} +core.metrics: {{core.metrics}} +{{/if}} +{{#if cpu.metrics}} +cpu.metrics: {{cpu.metrics}} +{{/if}} +period: {{period}} +{{#if process.include_top_n.by_cpu}} +process.include_top_n.by_cpu: {{process.include_top_n.by_cpu}} +{{/if}} +{{#if process.include_top_n.by_memory}} +process.include_top_n.by_memory: {{process.include_top_n.by_memory}} +{{/if}} +{{#if processes}} +processes: {{processes}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/ecs.yml new file mode 100644 index 0000000000000..228df6f086d8b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/ecs.yml @@ -0,0 +1,57 @@ +- name: process + title: Process + group: 2 + type: group + fields: + - name: name + level: extended + type: keyword + description: |- + Process name. + Sometimes called program name or similar. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false + - name: pgid + level: extended + type: long + format: string + description: Identifier of the group of processes the process belongs to. + - name: pid + level: core + type: long + format: string + description: Process id. + - name: ppid + level: extended + type: long + format: string + description: Parent process' pid. + - name: working_directory + level: extended + type: keyword + description: The working directory of the process. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false +- name: user + title: User + group: 2 + type: group + fields: + - name: name + level: core + type: keyword + description: Short name or login of the user. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/fields.yml new file mode 100644 index 0000000000000..bdefa2742522b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/fields.yml @@ -0,0 +1,343 @@ +- name: system.process + type: group + release: ga + fields: + - name: state + type: keyword + description: | + The process state. For example: "running". + - name: cmdline + type: keyword + description: | + The full command-line used to start the process, including the arguments separated by space. + ignore_above: 2048 + - name: env + type: object + description: | + The environment variables used to start the process. The data is available on FreeBSD, Linux, and OS X. + - name: cpu + type: group + fields: + - name: user.ticks + type: long + description: | + The amount of CPU time the process spent in user space. + - name: total.value + type: long + description: | + The value of CPU usage since starting the process. + - name: total.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent by the process since the last update. Its value is similar to the %CPU value of the process displayed by the top command on Unix systems. + - name: total.norm.pct + type: scaled_float + format: percent + description: | + The percentage of CPU time spent by the process since the last event. This value is normalized by the number of CPU cores and it ranges from 0 to 100%. + - name: system.ticks + type: long + description: | + The amount of CPU time the process spent in kernel space. + - name: total.ticks + type: long + description: | + The total CPU time spent by the process. + - name: start_time + type: date + description: | + The time when the process was started. + - name: memory + type: group + fields: + - name: size + type: long + format: bytes + description: | + The total virtual memory the process has. On Windows this represents the Commit Charge (the total amount of memory that the memory manager has committed for a running process) value in bytes for this process. + - name: rss.bytes + type: long + format: bytes + description: | + The Resident Set Size. The amount of memory the process occupied in main memory (RAM). On Windows this represents the current working set size, in bytes. + - name: rss.pct + type: scaled_float + format: percent + description: | + The percentage of memory the process occupied in main memory (RAM). + - name: share + type: long + format: bytes + description: | + The shared memory the process uses. + - name: fd + type: group + fields: + - name: open + type: long + description: The number of file descriptors open by the process. + - name: limit.soft + type: long + description: | + The soft limit on the number of file descriptors opened by the process. The soft limit can be changed by the process at any time. + - name: limit.hard + type: long + description: | + The hard limit on the number of file descriptors opened by the process. The hard limit can only be raised by root. + - name: cgroup + type: group + fields: + - name: id + type: keyword + description: | + The ID common to all cgroups associated with this task. If there isn't a common ID used by all cgroups this field will be absent. + - name: path + type: keyword + description: | + The path to the cgroup relative to the cgroup subsystem's mountpoint. If there isn't a common path used by all cgroups this field will be absent. + - name: cpu + type: group + fields: + - name: id + type: keyword + description: ID of the cgroup. + - name: path + type: keyword + description: | + Path to the cgroup relative to the cgroup subsystem's mountpoint. + - name: cfs.period.us + type: long + description: | + Period of time in microseconds for how regularly a cgroup's access to CPU resources should be reallocated. + - name: cfs.quota.us + type: long + description: | + Total amount of time in microseconds for which all tasks in a cgroup can run during one period (as defined by cfs.period.us). + - name: cfs.shares + type: long + description: | + An integer value that specifies a relative share of CPU time available to the tasks in a cgroup. The value specified in the cpu.shares file must be 2 or higher. + - name: rt.period.us + type: long + description: | + Period of time in microseconds for how regularly a cgroup's access to CPU resources is reallocated. + - name: rt.runtime.us + type: long + description: | + Period of time in microseconds for the longest continuous period in which the tasks in a cgroup have access to CPU resources. + - name: stats.periods + type: long + description: | + Number of period intervals (as specified in cpu.cfs.period.us) that have elapsed. + - name: stats.throttled.periods + type: long + description: | + Number of times tasks in a cgroup have been throttled (that is, not allowed to run because they have exhausted all of the available time as specified by their quota). + - name: stats.throttled.ns + type: long + description: | + The total time duration (in nanoseconds) for which tasks in a cgroup have been throttled. + - name: cpuacct + type: group + fields: + - name: id + type: keyword + description: ID of the cgroup. + - name: path + type: keyword + description: | + Path to the cgroup relative to the cgroup subsystem's mountpoint. + - name: total.ns + type: long + description: | + Total CPU time in nanoseconds consumed by all tasks in the cgroup. + - name: stats.user.ns + type: long + description: CPU time consumed by tasks in user mode. + - name: stats.system.ns + type: long + description: CPU time consumed by tasks in user (kernel) mode. + - name: percpu + type: object + description: | + CPU time (in nanoseconds) consumed on each CPU by all tasks in this cgroup. + - name: memory + type: group + fields: + - name: id + type: keyword + description: ID of the cgroup. + - name: path + type: keyword + description: | + Path to the cgroup relative to the cgroup subsystem's mountpoint. + - name: mem.usage.bytes + type: long + format: bytes + description: | + Total memory usage by processes in the cgroup (in bytes). + - name: mem.usage.max.bytes + type: long + format: bytes + description: | + The maximum memory used by processes in the cgroup (in bytes). + - name: mem.limit.bytes + type: long + format: bytes + description: | + The maximum amount of user memory in bytes (including file cache) that tasks in the cgroup are allowed to use. + - name: mem.failures + type: long + description: | + The number of times that the memory limit (mem.limit.bytes) was reached. + - name: memsw.usage.bytes + type: long + format: bytes + description: | + The sum of current memory usage plus swap space used by processes in the cgroup (in bytes). + - name: memsw.usage.max.bytes + type: long + format: bytes + description: | + The maximum amount of memory and swap space used by processes in the cgroup (in bytes). + - name: memsw.limit.bytes + type: long + format: bytes + description: | + The maximum amount for the sum of memory and swap usage that tasks in the cgroup are allowed to use. + - name: memsw.failures + type: long + description: | + The number of times that the memory plus swap space limit (memsw.limit.bytes) was reached. + - name: kmem.usage.bytes + type: long + format: bytes + description: | + Total kernel memory usage by processes in the cgroup (in bytes). + - name: kmem.usage.max.bytes + type: long + format: bytes + description: | + The maximum kernel memory used by processes in the cgroup (in bytes). + - name: kmem.limit.bytes + type: long + format: bytes + description: | + The maximum amount of kernel memory that tasks in the cgroup are allowed to use. + - name: kmem.failures + type: long + description: | + The number of times that the memory limit (kmem.limit.bytes) was reached. + - name: kmem_tcp.usage.bytes + type: long + format: bytes + description: | + Total memory usage for TCP buffers in bytes. + - name: kmem_tcp.usage.max.bytes + type: long + format: bytes + description: | + The maximum memory used for TCP buffers by processes in the cgroup (in bytes). + - name: kmem_tcp.limit.bytes + type: long + format: bytes + description: | + The maximum amount of memory for TCP buffers that tasks in the cgroup are allowed to use. + - name: kmem_tcp.failures + type: long + description: | + The number of times that the memory limit (kmem_tcp.limit.bytes) was reached. + - name: stats.active_anon.bytes + type: long + format: bytes + description: | + Anonymous and swap cache on active least-recently-used (LRU) list, including tmpfs (shmem), in bytes. + - name: stats.active_file.bytes + type: long + format: bytes + description: File-backed memory on active LRU list, in bytes. + - name: stats.cache.bytes + type: long + format: bytes + description: Page cache, including tmpfs (shmem), in bytes. + - name: stats.hierarchical_memory_limit.bytes + type: long + format: bytes + description: | + Memory limit for the hierarchy that contains the memory cgroup, in bytes. + - name: stats.hierarchical_memsw_limit.bytes + type: long + format: bytes + description: | + Memory plus swap limit for the hierarchy that contains the memory cgroup, in bytes. + - name: stats.inactive_anon.bytes + type: long + format: bytes + description: | + Anonymous and swap cache on inactive LRU list, including tmpfs (shmem), in bytes + - name: stats.inactive_file.bytes + type: long + format: bytes + description: | + File-backed memory on inactive LRU list, in bytes. + - name: stats.mapped_file.bytes + type: long + format: bytes + description: | + Size of memory-mapped mapped files, including tmpfs (shmem), in bytes. + - name: stats.page_faults + type: long + description: | + Number of times that a process in the cgroup triggered a page fault. + - name: stats.major_page_faults + type: long + description: | + Number of times that a process in the cgroup triggered a major fault. "Major" faults happen when the kernel actually has to read the data from disk. + - name: stats.pages_in + type: long + description: | + Number of pages paged into memory. This is a counter. + - name: stats.pages_out + type: long + description: | + Number of pages paged out of memory. This is a counter. + - name: stats.rss.bytes + type: long + format: bytes + description: | + Anonymous and swap cache (includes transparent hugepages), not including tmpfs (shmem), in bytes. + - name: stats.rss_huge.bytes + type: long + format: bytes + description: | + Number of bytes of anonymous transparent hugepages. + - name: stats.swap.bytes + type: long + format: bytes + description: | + Swap usage, in bytes. + - name: stats.unevictable.bytes + type: long + format: bytes + description: | + Memory that cannot be reclaimed, in bytes. + - name: blkio + type: group + fields: + - name: id + type: keyword + description: ID of the cgroup. + - name: path + type: keyword + description: | + Path to the cgroup relative to the cgroup subsystems mountpoint. + - name: total.bytes + type: long + format: bytes + description: | + Total number of bytes transferred to and from all block devices by processes in the cgroup. + - name: total.ios + type: long + description: | + Total number of I/O operations performed on all devices by processes in the cgroup as seen by the throttling policy. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/manifest.yml new file mode 100644 index 0000000000000..726fcc1bc0201 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process/manifest.yml @@ -0,0 +1,54 @@ +title: System process metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: core.metrics + type: text + title: Core Metrics + multi: true + required: true + show_user: true + default: + - percentages + - name: cpu.metrics + type: text + title: Cpu Metrics + multi: true + required: true + show_user: true + default: + - percentages + - normalized_percentages + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 10s + - name: process.include_top_n.by_cpu + type: integer + title: Process Include Top N By Cpu + multi: false + required: true + show_user: true + default: 5 + - name: process.include_top_n.by_memory + type: integer + title: Process Include Top N By Memory + multi: false + required: true + show_user: true + default: 5 + - name: processes + type: text + title: Processes + multi: true + required: true + show_user: true + default: + - .* + title: System process metrics + description: Collect System process metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..807de6cb438c8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/agent/stream/stream.yml.hbs @@ -0,0 +1,17 @@ +metricsets: ["process_summary"] +{{#if core.metrics}} +core.metrics: {{core.metrics}} +{{/if}} +{{#if cpu.metrics}} +cpu.metrics: {{cpu.metrics}} +{{/if}} +period: {{period}} +{{#if process.include_top_n.by_cpu}} +process.include_top_n.by_cpu: {{process.include_top_n.by_cpu}} +{{/if}} +{{#if process.include_top_n.by_memory}} +process.include_top_n.by_memory: {{process.include_top_n.by_memory}} +{{/if}} +{{#if processes}} +processes: {{processes}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/fields/fields.yml new file mode 100644 index 0000000000000..3ba34f85162cc --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/fields/fields.yml @@ -0,0 +1,37 @@ +- name: system.process.summary + title: Process Summary + type: group + release: ga + fields: + - name: total + type: long + description: | + Total number of processes on this host. + - name: running + type: long + description: | + Number of running processes on this host. + - name: idle + type: long + description: | + Number of idle processes on this host. + - name: sleeping + type: long + description: | + Number of sleeping processes on this host. + - name: stopped + type: long + description: | + Number of stopped processes on this host. + - name: zombie + type: long + description: | + Number of zombie processes on this host. + - name: dead + type: long + description: | + Number of dead processes on this host. It's very unlikely that it will appear but in some special situations it may happen. + - name: unknown + type: long + description: | + Number of processes for which the state couldn't be retrieved or is unknown. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/manifest.yml new file mode 100644 index 0000000000000..bf2765f2488c7 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/process_summary/manifest.yml @@ -0,0 +1,54 @@ +title: System process_summary metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: core.metrics + type: text + title: Core Metrics + multi: true + required: true + show_user: true + default: + - percentages + - name: cpu.metrics + type: text + title: Cpu Metrics + multi: true + required: true + show_user: true + default: + - percentages + - normalized_percentages + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 10s + - name: process.include_top_n.by_cpu + type: integer + title: Process Include Top N By Cpu + multi: false + required: true + show_user: true + default: 5 + - name: process.include_top_n.by_memory + type: integer + title: Process Include Top N By Memory + multi: false + required: true + show_user: true + default: 5 + - name: processes + type: text + title: Processes + multi: true + required: true + show_user: true + default: + - .* + title: System process_summary metrics + description: Collect System process_summary metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..f5b19aaa24535 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/agent/stream/stream.yml.hbs @@ -0,0 +1 @@ +metricsets: ["raid"] diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/fields/fields.yml new file mode 100644 index 0000000000000..3cb4957034c15 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/fields/fields.yml @@ -0,0 +1,47 @@ +- name: system.raid + type: group + release: ga + fields: + - name: name + type: keyword + description: | + Name of the device. + - name: status + type: keyword + description: | + activity-state of the device. + - name: level + type: keyword + description: | + The raid level of the device + - name: sync_action + type: keyword + description: "Current sync action, if the RAID array is redundant \n" + - name: disks.active + type: long + description: | + Number of active disks. + - name: disks.total + type: long + description: | + Total number of disks the device consists of. + - name: disks.spare + type: long + description: | + Number of spared disks. + - name: disks.failed + type: long + description: | + Number of failed disks. + - name: disks.states.* + type: object + description: | + map of raw disk states + - name: blocks.total + type: long + description: | + Number of blocks the device holds, in 1024-byte blocks. + - name: blocks.synced + type: long + description: | + Number of blocks on the device that are in sync, in 1024-byte blocks. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/manifest.yml new file mode 100644 index 0000000000000..352db097036a6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/raid/manifest.yml @@ -0,0 +1,7 @@ +title: System raid metrics +release: experimental +type: metrics +streams: +- input: system/metrics + title: System raid metrics + description: Collect System raid metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..57b853f151827 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/agent/stream/stream.yml.hbs @@ -0,0 +1 @@ +metricsets: ["service"] diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/fields/fields.yml new file mode 100644 index 0000000000000..0908fcf811793 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/fields/fields.yml @@ -0,0 +1,52 @@ +- name: system.service + type: group + release: beta + fields: + - name: name + type: keyword + description: The name of the service + - name: load_state + type: keyword + description: The load state of the service + - name: state + type: keyword + description: The activity state of the service + - name: sub_state + type: keyword + description: The sub-state of the service + - name: state_since + type: date + description: The timestamp of the last state change. If the service is active + and running, this is its uptime. + - name: exec_code + type: keyword + description: The SIGCHLD code from the service's main process + - name: resources + type: group + fields: + - name: cpu.usage.ns + type: long + description: CPU usage in nanoseconds + - name: memory.usage.bytes + type: long + description: memory usage in bytes + - name: tasks.count + type: long + description: number of tasks associated with the service + - name: network + type: group + fields: + - name: in.bytes + type: long + format: bytes + description: bytes in + - name: in.packets + type: long + format: bytes + description: packets in + - name: out.packets + type: long + description: packets out + - name: out.bytes + type: long + description: bytes out diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/manifest.yml new file mode 100644 index 0000000000000..8d680ce4c7ec8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/service/manifest.yml @@ -0,0 +1,7 @@ +title: System service metrics +release: experimental +type: metrics +streams: +- input: system/metrics + title: System service metrics + description: Collect System service metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..d93dfa0c4a0d9 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/agent/stream/stream.yml.hbs @@ -0,0 +1 @@ +metricsets: ["socket"] diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/ecs.yml new file mode 100644 index 0000000000000..668d407ee4817 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/ecs.yml @@ -0,0 +1,79 @@ +- name: network + title: Network + group: 2 + type: group + fields: + - name: direction + level: core + type: keyword + description: |- + Direction of the network traffic. + Recommended values are: + * inbound + * outbound + * internal + * external + * unknown + + When mapping events from a host-based monitoring context, populate this field from the host's point of view. + When mapping events from a network or perimeter-based monitoring context, populate this field from the point of view of your network perimeter. + ignore_above: 1024 + - name: type + level: core + type: keyword + description: |- + In the OSI Model this would be the Network Layer. ipv4, ipv6, ipsec, pim, etc + The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". + ignore_above: 1024 +- name: process + title: Process + group: 2 + type: group + fields: + - name: executable + level: extended + type: keyword + description: Absolute path to the process executable. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false + - name: name + level: extended + type: keyword + description: |- + Process name. + Sometimes called program name or similar. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false + - name: pid + level: core + type: long + format: string + description: Process id. +- name: user + title: User + group: 2 + type: group + fields: + - name: full_name + level: extended + type: keyword + description: User's full name, if available. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false + - name: id + level: core + type: keyword + description: Unique identifier of the user. + ignore_above: 1024 diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/fields.yml new file mode 100644 index 0000000000000..9ee7f89bd2541 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/fields.yml @@ -0,0 +1,36 @@ +- name: system.socket + type: group + release: ga + fields: + - name: local.ip + type: ip + description: | + Local IP address. This can be an IPv4 or IPv6 address. + - name: local.port + type: long + description: | + Local port. + - name: remote.ip + type: ip + description: | + Remote IP address. This can be an IPv4 or IPv6 address. + - name: remote.port + type: long + description: | + Remote port. + - name: remote.host + type: keyword + description: | + PTR record associated with the remote IP. It is obtained via reverse IP lookup. + - name: remote.etld_plus_one + type: keyword + description: | + The effective top-level domain (eTLD) of the remote host plus one more label. For example, the eTLD+1 for "foo.bar.golang.org." is "golang.org.". The data for determining the eTLD comes from an embedded copy of the data from http://publicsuffix.org. + - name: remote.host_error + type: keyword + description: | + Error describing the cause of the reverse lookup failure. + - name: process.cmdline + type: keyword + description: | + Full command line diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/manifest.yml new file mode 100644 index 0000000000000..3ad6d2eced272 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket/manifest.yml @@ -0,0 +1,7 @@ +title: System socket metrics +release: experimental +type: metrics +streams: +- input: system/metrics + title: System socket metrics + description: Collect System socket metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..5e84600fc9c21 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/agent/stream/stream.yml.hbs @@ -0,0 +1,17 @@ +metricsets: ["socket_summary"] +{{#if core.metrics}} +core.metrics: {{core.metrics}} +{{/if}} +{{#if cpu.metrics}} +cpu.metrics: {{cpu.metrics}} +{{/if}} +period: {{period}} +{{#if process.include_top_n.by_cpu}} +process.include_top_n.by_cpu: {{process.include_top_n.by_cpu}} +{{/if}} +{{#if process.include_top_n.by_memory}} +process.include_top_n.by_memory: {{process.include_top_n.by_memory}} +{{/if}} +{{#if processes}} +processes: {{processes}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/fields/fields.yml new file mode 100644 index 0000000000000..8be788dc6e8eb --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/fields/fields.yml @@ -0,0 +1,92 @@ +- name: system.socket.summary + title: Socket summary + type: group + release: ga + fields: + - name: all + type: group + fields: + - name: count + type: integer + description: | + All open connections + - name: listening + type: integer + description: | + All listening ports + - name: tcp + type: group + fields: + - name: memory + type: integer + format: bytes + description: "Memory used by TCP sockets in bytes, based on number of allocated + pages and system page size. Corresponds to limits set in /proc/sys/net/ipv4/tcp_mem. + Only available on Linux. \n" + - name: all + type: group + fields: + - name: orphan + type: integer + description: | + A count of all orphaned tcp sockets. Only available on Linux. + - name: count + type: integer + description: | + All open TCP connections + - name: listening + type: integer + description: | + All TCP listening ports + - name: established + type: integer + description: | + Number of established TCP connections + - name: close_wait + type: integer + description: | + Number of TCP connections in _close_wait_ state + - name: time_wait + type: integer + description: | + Number of TCP connections in _time_wait_ state + - name: syn_sent + type: integer + description: | + Number of TCP connections in _syn_sent_ state + - name: syn_recv + type: integer + description: | + Number of TCP connections in _syn_recv_ state + - name: fin_wait1 + type: integer + description: | + Number of TCP connections in _fin_wait1_ state + - name: fin_wait2 + type: integer + description: | + Number of TCP connections in _fin_wait2_ state + - name: last_ack + type: integer + description: | + Number of TCP connections in _last_ack_ state + - name: closing + type: integer + description: | + Number of TCP connections in _closing_ state + - name: udp + type: group + fields: + - name: memory + type: integer + format: bytes + description: "Memory used by UDP sockets in bytes, based on number of allocated + pages and system page size. Corresponds to limits set in /proc/sys/net/ipv4/udp_mem. + Only available on Linux. \n" + - name: all + type: group + fields: + - name: count + type: integer + description: | + All open UDP connections diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/manifest.yml new file mode 100644 index 0000000000000..027a9ed979fd2 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/socket_summary/manifest.yml @@ -0,0 +1,54 @@ +title: System socket_summary metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: core.metrics + type: text + title: Core Metrics + multi: true + required: true + show_user: true + default: + - percentages + - name: cpu.metrics + type: text + title: Cpu Metrics + multi: true + required: true + show_user: true + default: + - percentages + - normalized_percentages + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 10s + - name: process.include_top_n.by_cpu + type: integer + title: Process Include Top N By Cpu + multi: false + required: true + show_user: true + default: 5 + - name: process.include_top_n.by_memory + type: integer + title: Process Include Top N By Memory + multi: false + required: true + show_user: true + default: 5 + - name: processes + type: text + title: Processes + multi: true + required: true + show_user: true + default: + - .* + title: System socket_summary metrics + description: Collect System socket_summary metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/agent/stream/log.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/agent/stream/log.yml.hbs new file mode 100644 index 0000000000000..58c96859c0b07 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/agent/stream/log.yml.hbs @@ -0,0 +1,14 @@ +paths: +{{#each paths as |path i|}} + - {{path}} +{{/each}} +exclude_files: [".gz$"] +multiline: + pattern: "^\\s" + match: after +processors: + - add_locale: ~ + - add_fields: + target: '' + fields: + ecs.version: 1.5.0 \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/elasticsearch/ingest-pipeline/default.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/elasticsearch/ingest-pipeline/default.json new file mode 100644 index 0000000000000..0c614b8a95757 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/elasticsearch/ingest-pipeline/default.json @@ -0,0 +1,71 @@ +{ + "description": "Pipeline for parsing Syslog messages.", + "processors": [ + { + "grok": { + "field": "message", + "patterns": [ + "%{SYSLOGTIMESTAMP:system.syslog.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\\[%{POSINT:process.pid:long}\\])?: %{GREEDYMULTILINE:system.syslog.message}", + "%{SYSLOGTIMESTAMP:system.syslog.timestamp} %{GREEDYMULTILINE:system.syslog.message}", + "%{TIMESTAMP_ISO8601:system.syslog.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\\[%{POSINT:process.pid:long}\\])?: %{GREEDYMULTILINE:system.syslog.message}" + ], + "pattern_definitions" : { + "GREEDYMULTILINE" : "(.|\n)*" + }, + "ignore_missing": true + } + }, + { + "remove": { + "field": "message" + } + }, + { + "rename": { + "field": "system.syslog.message", + "target_field": "message", + "ignore_missing": true + } + }, + { + "date": { + "if": "ctx.event.timezone == null", + "field": "system.syslog.timestamp", + "target_field": "@timestamp", + "formats": [ + "MMM d HH:mm:ss", + "MMM dd HH:mm:ss", + "MMM d HH:mm:ss", + "ISO8601" + ], + "on_failure": [{"append": {"field": "error.message", "value": "{{ _ingest.on_failure_message }}"}}] + } + }, + { + "date": { + "if": "ctx.event.timezone != null", + "field": "system.syslog.timestamp", + "target_field": "@timestamp", + "formats": [ + "MMM d HH:mm:ss", + "MMM dd HH:mm:ss", + "MMM d HH:mm:ss", + "ISO8601" + ], + "timezone": "{{ event.timezone }}", + "on_failure": [{"append": {"field": "error.message", "value": "{{ _ingest.on_failure_message }}"}}] + } + }, + { + "remove": { + "field": "system.syslog.timestamp" + } + } + ], + "on_failure" : [{ + "set" : { + "field" : "error.message", + "value" : "{{ _ingest.on_failure_message }}" + } + }] +} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/elasticsearch/ingest-pipeline/default.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/elasticsearch/ingest-pipeline/default.yml new file mode 100644 index 0000000000000..0385fc138f19b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/elasticsearch/ingest-pipeline/default.yml @@ -0,0 +1,58 @@ +--- +description: Pipeline for parsing Syslog messages. +processors: +- grok: + field: message + patterns: + - '%{SYSLOGTIMESTAMP:system.syslog.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\[%{POSINT:process.pid:long}\])?: + %{GREEDYMULTILINE:system.syslog.message}' + - '%{SYSLOGTIMESTAMP:system.syslog.timestamp} %{GREEDYMULTILINE:system.syslog.message}' + - '%{TIMESTAMP_ISO8601:system.syslog.timestamp} %{SYSLOGHOST:host.hostname} %{DATA:process.name}(?:\[%{POSINT:process.pid:long}\])?: + %{GREEDYMULTILINE:system.syslog.message}' + pattern_definitions: + GREEDYMULTILINE: |- + (.| + )* + ignore_missing: true +- remove: + field: message +- rename: + field: system.syslog.message + target_field: message + ignore_missing: true +- date: + if: ctx.event.timezone == null + field: system.syslog.timestamp + target_field: '@timestamp' + formats: + - MMM d HH:mm:ss + - MMM dd HH:mm:ss + - MMM d HH:mm:ss + - ISO8601 + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- date: + if: ctx.event.timezone != null + field: system.syslog.timestamp + target_field: '@timestamp' + formats: + - MMM d HH:mm:ss + - MMM dd HH:mm:ss + - MMM d HH:mm:ss + - ISO8601 + timezone: '{{ event.timezone }}' + on_failure: + - append: + field: error.message + value: '{{ _ingest.on_failure_message }}' +- remove: + field: system.syslog.timestamp +- set: + field: event.type + value: event +on_failure: +- set: + field: error.message + value: '{{ _ingest.on_failure_message }}' diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/ecs.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/ecs.yml new file mode 100644 index 0000000000000..4f0129730232d --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/ecs.yml @@ -0,0 +1,50 @@ +- name: '@timestamp' + level: core + required: true + type: date + description: |- + Date/time when the event originated. + This is the date/time extracted from the event, typically representing when the event was generated by the source. + If the event source has no original timestamp, this value is typically populated by the first time the event was received by the pipeline. + Required field for all events. +- name: message + level: core + type: text + description: |- + For log events the message field contains the log message, optimized for viewing in a log viewer. + For structured logs without an original message field, other fields can be concatenated to form a human-readable summary of the event. + If multiple messages exist, they can be combined into one message. +- name: host + title: Host + group: 2 + type: group + fields: + - name: hostname + level: core + type: keyword + description: |- + Hostname of the host. + It normally contains what the `hostname` command returns on the host machine. + ignore_above: 1024 +- name: process + title: Process + group: 2 + type: group + fields: + - name: name + level: extended + type: keyword + description: |- + Process name. + Sometimes called program name or similar. + ignore_above: 1024 + multi_fields: + - name: text + type: text + norms: false + default_field: false + - name: pid + level: core + type: long + format: string + description: Process id. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/fields.yml new file mode 100644 index 0000000000000..f93368693085b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/fields.yml @@ -0,0 +1,2 @@ +- name: system.syslog + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/manifest.yml new file mode 100644 index 0000000000000..8cde242dde854 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/syslog/manifest.yml @@ -0,0 +1,24 @@ +title: System syslog logs +release: experimental +type: logs +streams: +- input: logs + vars: + - name: paths + type: text + title: Paths + multi: true + required: true + show_user: true + default: + - /var/log/messages* + - /var/log/syslog* + os: + darwin: + default: + - /var/log/system.log* + windows: + default: [] + template_path: log.yml.hbs + title: System syslog logs (log) + description: Collect System syslog logs using log input diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..cd579caf84284 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/agent/stream/stream.yml.hbs @@ -0,0 +1,11 @@ +metricsets: ["uptime"] +{{#if core.metrics}} +core.metrics: {{core.metrics}} +{{/if}} +{{#if cpu.metrics}} +cpu.metrics: {{cpu.metrics}} +{{/if}} +period: {{period}} +{{#if processes}} +processes: {{processes}} +{{/if}} diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/fields/fields.yml new file mode 100644 index 0000000000000..27e07516628b4 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/fields/fields.yml @@ -0,0 +1,9 @@ +- name: system.uptime + type: group + release: ga + fields: + - name: duration.ms + type: long + format: duration + description: | + The OS uptime in milliseconds. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/manifest.yml new file mode 100644 index 0000000000000..5a0e0b7d598b6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/uptime/manifest.yml @@ -0,0 +1,40 @@ +title: System uptime metrics +release: experimental +type: metrics +streams: +- input: system/metrics + vars: + - name: core.metrics + type: text + title: Core Metrics + multi: true + required: true + show_user: true + default: + - percentages + - name: cpu.metrics + type: text + title: Cpu Metrics + multi: true + required: true + show_user: true + default: + - percentages + - normalized_percentages + - name: period + type: text + title: Period + multi: false + required: true + show_user: true + default: 10s + - name: processes + type: text + title: Processes + multi: true + required: true + show_user: true + default: + - .* + title: System uptime metrics + description: Collect System uptime metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..0a772dc2d47f4 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/agent/stream/stream.yml.hbs @@ -0,0 +1 @@ +metricsets: ["users"] diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/fields/fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/fields/fields.yml new file mode 100644 index 0000000000000..a156b1fe55274 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/fields/fields.yml @@ -0,0 +1,44 @@ +- name: system.users + type: group + release: beta + fields: + - name: id + type: keyword + description: | + The ID of the session + - name: seat + type: keyword + description: | + An associated logind seat + - name: path + type: keyword + description: | + The DBus object path of the session + - name: type + type: keyword + description: | + The type of the user session + - name: service + type: keyword + description: | + A session associated with the service + - name: remote + type: boolean + description: | + A bool indicating a remote session + - name: state + type: keyword + description: | + The current state of the session + - name: scope + type: keyword + description: | + The associated systemd scope + - name: leader + type: long + description: | + The root PID of the session + - name: remote_host + type: keyword + description: | + A remote host address for the session diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/fields/package-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/fields/package-fields.yml new file mode 100644 index 0000000000000..1ebd34f71e2db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/fields/package-fields.yml @@ -0,0 +1,2 @@ +- name: system + type: group diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/manifest.yml new file mode 100644 index 0000000000000..9ba7b5c2c121b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/dataset/users/manifest.yml @@ -0,0 +1,7 @@ +title: System users metrics +release: experimental +type: metrics +streams: +- input: system/metrics + title: System users metrics + description: Collect System users metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/docs/README.md b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/docs/README.md new file mode 100644 index 0000000000000..c328a02e794e9 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/docs/README.md @@ -0,0 +1,620 @@ +# System Integration + +The System module allows you to monitor your servers. Because the System module +always applies to the local server, the `hosts` config option is not needed. + +The default metricsets are `cpu`, `load`, `memory`, `network`, `process`, and +`process_summary`. To disable a default metricset, comment it out in the +`modules.d/system.yml` configuration file. If _all_ metricsets are commented out +and the System module is enabled, {beatname_uc} uses the default metricsets. + +Note that certain metricsets may access `/proc` to gather process information, +and the resulting `ptrace_may_access()` call by the kernel to check for +permissions can be blocked by +https://gitlab.com/apparmor/apparmor/wikis/TechnicalDoc_Proc_and_ptrace[AppArmor +and other LSM software], even though the System module doesn't use `ptrace` +directly. + +## Compatibility + +The System metricsets collect different kinds of metric data, which may require dedicated permissions +to be fetched and which may vary across operating systems. + +## Metrics + +### Core + +The System `core` metricset provides usage statistics for each CPU core. + +This metricset is available on: + +- FreeBSD +- Linux +- macOS +- OpenBSD +- Windows + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.core.id | CPU Core number. | long | +| system.core.idle.pct | The percentage of CPU time spent idle. | scaled_float | +| system.core.idle.ticks | The amount of CPU time spent idle. | long | +| system.core.iowait.pct | The percentage of CPU time spent in wait (on disk). | scaled_float | +| system.core.iowait.ticks | The amount of CPU time spent in wait (on disk). | long | +| system.core.irq.pct | The percentage of CPU time spent servicing and handling hardware interrupts. | scaled_float | +| system.core.irq.ticks | The amount of CPU time spent servicing and handling hardware interrupts. | long | +| system.core.nice.pct | The percentage of CPU time spent on low-priority processes. | scaled_float | +| system.core.nice.ticks | The amount of CPU time spent on low-priority processes. | long | +| system.core.softirq.pct | The percentage of CPU time spent servicing and handling software interrupts. | scaled_float | +| system.core.softirq.ticks | The amount of CPU time spent servicing and handling software interrupts. | long | +| system.core.steal.pct | The percentage of CPU time spent in involuntary wait by the virtual CPU while the hypervisor was servicing another processor. Available only on Unix. | scaled_float | +| system.core.steal.ticks | The amount of CPU time spent in involuntary wait by the virtual CPU while the hypervisor was servicing another processor. Available only on Unix. | long | +| system.core.system.pct | The percentage of CPU time spent in kernel space. | scaled_float | +| system.core.system.ticks | The amount of CPU time spent in kernel space. | long | +| system.core.user.pct | The percentage of CPU time spent in user space. | scaled_float | +| system.core.user.ticks | The amount of CPU time spent in user space. | long | + + + +### CPU + +The System `cpu` metricset provides CPU statistics. + +This metricset is available on: + +- FreeBSD +- Linux +- macOS +- OpenBSD +- Windows + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.cpu.cores | The number of CPU cores present on the host. The non-normalized percentages will have a maximum value of `100% * cores`. The normalized percentages already take this value into account and have a maximum value of 100%. | long | +| system.cpu.idle.norm.pct | The percentage of CPU time spent idle. | scaled_float | +| system.cpu.idle.pct | The percentage of CPU time spent idle. | scaled_float | +| system.cpu.idle.ticks | The amount of CPU time spent idle. | long | +| system.cpu.iowait.norm.pct | The percentage of CPU time spent in wait (on disk). | scaled_float | +| system.cpu.iowait.pct | The percentage of CPU time spent in wait (on disk). | scaled_float | +| system.cpu.iowait.ticks | The amount of CPU time spent in wait (on disk). | long | +| system.cpu.irq.norm.pct | The percentage of CPU time spent servicing and handling hardware interrupts. | scaled_float | +| system.cpu.irq.pct | The percentage of CPU time spent servicing and handling hardware interrupts. | scaled_float | +| system.cpu.irq.ticks | The amount of CPU time spent servicing and handling hardware interrupts. | long | +| system.cpu.nice.norm.pct | The percentage of CPU time spent on low-priority processes. | scaled_float | +| system.cpu.nice.pct | The percentage of CPU time spent on low-priority processes. | scaled_float | +| system.cpu.nice.ticks | The amount of CPU time spent on low-priority processes. | long | +| system.cpu.softirq.norm.pct | The percentage of CPU time spent servicing and handling software interrupts. | scaled_float | +| system.cpu.softirq.pct | The percentage of CPU time spent servicing and handling software interrupts. | scaled_float | +| system.cpu.softirq.ticks | The amount of CPU time spent servicing and handling software interrupts. | long | +| system.cpu.steal.norm.pct | The percentage of CPU time spent in involuntary wait by the virtual CPU while the hypervisor was servicing another processor. Available only on Unix. | scaled_float | +| system.cpu.steal.pct | The percentage of CPU time spent in involuntary wait by the virtual CPU while the hypervisor was servicing another processor. Available only on Unix. | scaled_float | +| system.cpu.steal.ticks | The amount of CPU time spent in involuntary wait by the virtual CPU while the hypervisor was servicing another processor. Available only on Unix. | long | +| system.cpu.system.norm.pct | The percentage of CPU time spent in kernel space. | scaled_float | +| system.cpu.system.pct | The percentage of CPU time spent in kernel space. | scaled_float | +| system.cpu.system.ticks | The amount of CPU time spent in kernel space. | long | +| system.cpu.total.norm.pct | The percentage of CPU time in states other than Idle and IOWait, normalised by the number of cores. | scaled_float | +| system.cpu.total.pct | The percentage of CPU time spent in states other than Idle and IOWait. | scaled_float | +| system.cpu.user.norm.pct | The percentage of CPU time spent in user space. | scaled_float | +| system.cpu.user.pct | The percentage of CPU time spent in user space. On multi-core systems, you can have percentages that are greater than 100%. For example, if 3 cores are at 60% use, then the `system.cpu.user.pct` will be 180%. | scaled_float | +| system.cpu.user.ticks | The amount of CPU time spent in user space. | long | + + +### Diskio + +The System `diskio` metricset provides disk IO metrics collected from the +operating system. One event is created for each disk mounted on the system. + +This metricset is available on: + +- Linux +- macOS (requires 10.10+) +- Windows +- FreeBSD (amd64) + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.diskio.io.time | The total number of of milliseconds spent doing I/Os. | long | +| system.diskio.iostat.await | The average time spent for requests issued to the device to be served. | float | +| system.diskio.iostat.busy | Percentage of CPU time during which I/O requests were issued to the device (bandwidth utilization for the device). Device saturation occurs when this value is close to 100%. | float | +| system.diskio.iostat.queue.avg_size | The average queue length of the requests that were issued to the device. | float | +| system.diskio.iostat.read.await | The average time spent for read requests issued to the device to be served. | float | +| system.diskio.iostat.read.per_sec.bytes | The number of Bytes read from the device per second. | float | +| system.diskio.iostat.read.request.merges_per_sec | The number of read requests merged per second that were queued to the device. | float | +| system.diskio.iostat.read.request.per_sec | The number of read requests that were issued to the device per second | float | +| system.diskio.iostat.request.avg_size | The average size (in bytes) of the requests that were issued to the device. | float | +| system.diskio.iostat.service_time | The average service time (in milliseconds) for I/O requests that were issued to the device. | float | +| system.diskio.iostat.write.await | The average time spent for write requests issued to the device to be served. | float | +| system.diskio.iostat.write.per_sec.bytes | The number of Bytes write from the device per second. | float | +| system.diskio.iostat.write.request.merges_per_sec | The number of write requests merged per second that were queued to the device. | float | +| system.diskio.iostat.write.request.per_sec | The number of write requests that were issued to the device per second | float | +| system.diskio.name | The disk name. | keyword | +| system.diskio.read.bytes | The total number of bytes read successfully. On Linux this is the number of sectors read multiplied by an assumed sector size of 512. | long | +| system.diskio.read.count | The total number of reads completed successfully. | long | +| system.diskio.read.time | The total number of milliseconds spent by all reads. | long | +| system.diskio.serial_number | The disk's serial number. This may not be provided by all operating systems. | keyword | +| system.diskio.write.bytes | The total number of bytes written successfully. On Linux this is the number of sectors written multiplied by an assumed sector size of 512. | long | +| system.diskio.write.count | The total number of writes completed successfully. | long | +| system.diskio.write.time | The total number of milliseconds spent by all writes. | long | + + +### Entropy + +This is the entropy metricset of the module system. +It collects the amount of available entropy in bits. On kernel versions greater than 2.6, +entropy will be out of a total pool size of 4096. + +This Metricset is available on: + +- linux + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.entropy.available_bits | The available bits of entropy | long | +| system.entropy.pct | The percentage of available entropy, relative to the pool size of 4096 | scaled_float | + + +### Filesystem + +The System `filesystem` metricset provides file system statistics. For each file +system, one document is provided. + +This metricset is available on: + +- FreeBSD +- Linux +- macOS +- OpenBSD +- Windows + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.filesystem.available | The disk space available to an unprivileged user in bytes. | long | +| system.filesystem.device_name | The disk name. For example: `/dev/disk1` | keyword | +| system.filesystem.files | The total number of file nodes in the file system. | long | +| system.filesystem.free | The disk space available in bytes. | long | +| system.filesystem.free_files | The number of free file nodes in the file system. | long | +| system.filesystem.mount_point | The mounting point. For example: `/` | keyword | +| system.filesystem.total | The total disk space in bytes. | long | +| system.filesystem.type | The disk type. For example: `ext4` | keyword | +| system.filesystem.used.bytes | The used disk space in bytes. | long | +| system.filesystem.used.pct | The percentage of used disk space. | scaled_float | + + +### Fsstat + +The System `fsstat` metricset provides overall file system statistics. + +This metricset is available on: + +- FreeBSD +- Linux +- macOS +- OpenBSD +- Windows + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.fsstat.count | Number of file systems found. | long | +| system.fsstat.total_files | Total number of files. | long | +| system.fsstat.total_size.free | Total free space. | long | +| system.fsstat.total_size.total | Total space (used plus free). | long | +| system.fsstat.total_size.used | Total used space. | long | + + +### Load + +The System `load` metricset provides load statistics. + +This metricset is available on: + +- FreeBSD +- Linux +- macOS +- OpenBSD + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.load.1 | Load average for the last minute. | scaled_float | +| system.load.15 | Load average for the last 15 minutes. | scaled_float | +| system.load.5 | Load average for the last 5 minutes. | scaled_float | +| system.load.cores | The number of CPU cores present on the host. | long | +| system.load.norm.1 | Load for the last minute divided by the number of cores. | scaled_float | +| system.load.norm.15 | Load for the last 15 minutes divided by the number of cores. | scaled_float | +| system.load.norm.5 | Load for the last 5 minutes divided by the number of cores. | scaled_float | + + +### Memory + +The System `memory` metricset provides memory statistics. + +This metricset is available on: + +- FreeBSD +- Linux +- macOS +- OpenBSD +- Windows + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.memory.actual.free | Actual free memory in bytes. It is calculated based on the OS. On Linux this value will be MemAvailable from /proc/meminfo, or calculated from free memory plus caches and buffers if /proc/meminfo is not available. On OSX it is a sum of free memory and the inactive memory. On Windows, it is equal to `system.memory.free`. | long | +| system.memory.actual.used.bytes | Actual used memory in bytes. It represents the difference between the total and the available memory. The available memory depends on the OS. For more details, please check `system.actual.free`. | long | +| system.memory.actual.used.pct | The percentage of actual used memory. | scaled_float | +| system.memory.free | The total amount of free memory in bytes. This value does not include memory consumed by system caches and buffers (see system.memory.actual.free). | long | +| system.memory.hugepages.default_size | Default size for huge pages. | long | +| system.memory.hugepages.free | Number of available huge pages in the pool. | long | +| system.memory.hugepages.reserved | Number of reserved but not allocated huge pages in the pool. | long | +| system.memory.hugepages.surplus | Number of overcommited huge pages. | long | +| system.memory.hugepages.swap.out.fallback | Count of huge pages that must be split before swapout | long | +| system.memory.hugepages.swap.out.pages | pages swapped out | long | +| system.memory.hugepages.total | Number of huge pages in the pool. | long | +| system.memory.hugepages.used.bytes | Memory used in allocated huge pages. | long | +| system.memory.hugepages.used.pct | Percentage of huge pages used. | long | +| system.memory.page_stats.direct_efficiency.pct | direct reclaim efficiency percentage. A lower percentage indicates the system is struggling to reclaim memory. | scaled_float | +| system.memory.page_stats.kswapd_efficiency.pct | kswapd reclaim efficiency percentage. A lower percentage indicates the system is struggling to reclaim memory. | scaled_float | +| system.memory.page_stats.pgfree.pages | pages freed by the system | long | +| system.memory.page_stats.pgscan_direct.pages | pages scanned directly | long | +| system.memory.page_stats.pgscan_kswapd.pages | pages scanned by kswapd | long | +| system.memory.page_stats.pgsteal_direct.pages | number of pages reclaimed directly | long | +| system.memory.page_stats.pgsteal_kswapd.pages | number of pages reclaimed by kswapd | long | +| system.memory.swap.free | Available swap memory. | long | +| system.memory.swap.in.pages | count of pages swapped in | long | +| system.memory.swap.out.pages | count of pages swapped out | long | +| system.memory.swap.readahead.cached | swap readahead cache hits | long | +| system.memory.swap.readahead.pages | swap readahead pages | long | +| system.memory.swap.total | Total swap memory. | long | +| system.memory.swap.used.bytes | Used swap memory. | long | +| system.memory.swap.used.pct | The percentage of used swap memory. | scaled_float | +| system.memory.total | Total memory. | long | +| system.memory.used.bytes | Used memory. | long | +| system.memory.used.pct | The percentage of used memory. | scaled_float | + + +### Network + +The System `network` metricset provides network IO metrics collected from the +operating system. One event is created for each network interface. + +This metricset is available on: + +- FreeBSD +- Linux +- macOS +- Windows + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.network.in.bytes | The number of bytes received. | long | +| system.network.in.dropped | The number of incoming packets that were dropped. | long | +| system.network.in.errors | The number of errors while receiving. | long | +| system.network.in.packets | The number or packets received. | long | +| system.network.name | The network interface name. | keyword | +| system.network.out.bytes | The number of bytes sent. | long | +| system.network.out.dropped | The number of outgoing packets that were dropped. This value is always 0 on Darwin and BSD because it is not reported by the operating system. | long | +| system.network.out.errors | The number of errors while sending. | long | +| system.network.out.packets | The number of packets sent. | long | + + +### Network_summary + +The System `network_summary` metricset provides network IO metrics collected from the +operating system. These events are global and sorted by protocol. + +This metricset is available on: + +- Linux + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.network_summary.icmp.* | ICMP counters | object | +| system.network_summary.ip.* | IP counters | object | +| system.network_summary.tcp.* | TCP counters | object | +| system.network_summary.udp.* | UDP counters | object | +| system.network_summary.udp_lite.* | UDP Lite counters | object | + + +### Process + +The System `process` metricset provides process statistics. One document is +provided for each process. + +This metricset is available on: + +- FreeBSD +- Linux +- macOS +- Windows + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| process.name | Process name. Sometimes called program name or similar. | keyword | +| process.pgid | Identifier of the group of processes the process belongs to. | long | +| process.pid | Process id. | long | +| process.ppid | Parent process' pid. | long | +| process.working_directory | The working directory of the process. | keyword | +| system.process.cgroup.blkio.id | ID of the cgroup. | keyword | +| system.process.cgroup.blkio.path | Path to the cgroup relative to the cgroup subsystems mountpoint. | keyword | +| system.process.cgroup.blkio.total.bytes | Total number of bytes transferred to and from all block devices by processes in the cgroup. | long | +| system.process.cgroup.blkio.total.ios | Total number of I/O operations performed on all devices by processes in the cgroup as seen by the throttling policy. | long | +| system.process.cgroup.cpu.cfs.period.us | Period of time in microseconds for how regularly a cgroup's access to CPU resources should be reallocated. | long | +| system.process.cgroup.cpu.cfs.quota.us | Total amount of time in microseconds for which all tasks in a cgroup can run during one period (as defined by cfs.period.us). | long | +| system.process.cgroup.cpu.cfs.shares | An integer value that specifies a relative share of CPU time available to the tasks in a cgroup. The value specified in the cpu.shares file must be 2 or higher. | long | +| system.process.cgroup.cpu.id | ID of the cgroup. | keyword | +| system.process.cgroup.cpu.path | Path to the cgroup relative to the cgroup subsystem's mountpoint. | keyword | +| system.process.cgroup.cpu.rt.period.us | Period of time in microseconds for how regularly a cgroup's access to CPU resources is reallocated. | long | +| system.process.cgroup.cpu.rt.runtime.us | Period of time in microseconds for the longest continuous period in which the tasks in a cgroup have access to CPU resources. | long | +| system.process.cgroup.cpu.stats.periods | Number of period intervals (as specified in cpu.cfs.period.us) that have elapsed. | long | +| system.process.cgroup.cpu.stats.throttled.ns | The total time duration (in nanoseconds) for which tasks in a cgroup have been throttled. | long | +| system.process.cgroup.cpu.stats.throttled.periods | Number of times tasks in a cgroup have been throttled (that is, not allowed to run because they have exhausted all of the available time as specified by their quota). | long | +| system.process.cgroup.cpuacct.id | ID of the cgroup. | keyword | +| system.process.cgroup.cpuacct.path | Path to the cgroup relative to the cgroup subsystem's mountpoint. | keyword | +| system.process.cgroup.cpuacct.percpu | CPU time (in nanoseconds) consumed on each CPU by all tasks in this cgroup. | object | +| system.process.cgroup.cpuacct.stats.system.ns | CPU time consumed by tasks in user (kernel) mode. | long | +| system.process.cgroup.cpuacct.stats.user.ns | CPU time consumed by tasks in user mode. | long | +| system.process.cgroup.cpuacct.total.ns | Total CPU time in nanoseconds consumed by all tasks in the cgroup. | long | +| system.process.cgroup.id | The ID common to all cgroups associated with this task. If there isn't a common ID used by all cgroups this field will be absent. | keyword | +| system.process.cgroup.memory.id | ID of the cgroup. | keyword | +| system.process.cgroup.memory.kmem.failures | The number of times that the memory limit (kmem.limit.bytes) was reached. | long | +| system.process.cgroup.memory.kmem.limit.bytes | The maximum amount of kernel memory that tasks in the cgroup are allowed to use. | long | +| system.process.cgroup.memory.kmem.usage.bytes | Total kernel memory usage by processes in the cgroup (in bytes). | long | +| system.process.cgroup.memory.kmem.usage.max.bytes | The maximum kernel memory used by processes in the cgroup (in bytes). | long | +| system.process.cgroup.memory.kmem_tcp.failures | The number of times that the memory limit (kmem_tcp.limit.bytes) was reached. | long | +| system.process.cgroup.memory.kmem_tcp.limit.bytes | The maximum amount of memory for TCP buffers that tasks in the cgroup are allowed to use. | long | +| system.process.cgroup.memory.kmem_tcp.usage.bytes | Total memory usage for TCP buffers in bytes. | long | +| system.process.cgroup.memory.kmem_tcp.usage.max.bytes | The maximum memory used for TCP buffers by processes in the cgroup (in bytes). | long | +| system.process.cgroup.memory.mem.failures | The number of times that the memory limit (mem.limit.bytes) was reached. | long | +| system.process.cgroup.memory.mem.limit.bytes | The maximum amount of user memory in bytes (including file cache) that tasks in the cgroup are allowed to use. | long | +| system.process.cgroup.memory.mem.usage.bytes | Total memory usage by processes in the cgroup (in bytes). | long | +| system.process.cgroup.memory.mem.usage.max.bytes | The maximum memory used by processes in the cgroup (in bytes). | long | +| system.process.cgroup.memory.memsw.failures | The number of times that the memory plus swap space limit (memsw.limit.bytes) was reached. | long | +| system.process.cgroup.memory.memsw.limit.bytes | The maximum amount for the sum of memory and swap usage that tasks in the cgroup are allowed to use. | long | +| system.process.cgroup.memory.memsw.usage.bytes | The sum of current memory usage plus swap space used by processes in the cgroup (in bytes). | long | +| system.process.cgroup.memory.memsw.usage.max.bytes | The maximum amount of memory and swap space used by processes in the cgroup (in bytes). | long | +| system.process.cgroup.memory.path | Path to the cgroup relative to the cgroup subsystem's mountpoint. | keyword | +| system.process.cgroup.memory.stats.active_anon.bytes | Anonymous and swap cache on active least-recently-used (LRU) list, including tmpfs (shmem), in bytes. | long | +| system.process.cgroup.memory.stats.active_file.bytes | File-backed memory on active LRU list, in bytes. | long | +| system.process.cgroup.memory.stats.cache.bytes | Page cache, including tmpfs (shmem), in bytes. | long | +| system.process.cgroup.memory.stats.hierarchical_memory_limit.bytes | Memory limit for the hierarchy that contains the memory cgroup, in bytes. | long | +| system.process.cgroup.memory.stats.hierarchical_memsw_limit.bytes | Memory plus swap limit for the hierarchy that contains the memory cgroup, in bytes. | long | +| system.process.cgroup.memory.stats.inactive_anon.bytes | Anonymous and swap cache on inactive LRU list, including tmpfs (shmem), in bytes | long | +| system.process.cgroup.memory.stats.inactive_file.bytes | File-backed memory on inactive LRU list, in bytes. | long | +| system.process.cgroup.memory.stats.major_page_faults | Number of times that a process in the cgroup triggered a major fault. "Major" faults happen when the kernel actually has to read the data from disk. | long | +| system.process.cgroup.memory.stats.mapped_file.bytes | Size of memory-mapped mapped files, including tmpfs (shmem), in bytes. | long | +| system.process.cgroup.memory.stats.page_faults | Number of times that a process in the cgroup triggered a page fault. | long | +| system.process.cgroup.memory.stats.pages_in | Number of pages paged into memory. This is a counter. | long | +| system.process.cgroup.memory.stats.pages_out | Number of pages paged out of memory. This is a counter. | long | +| system.process.cgroup.memory.stats.rss.bytes | Anonymous and swap cache (includes transparent hugepages), not including tmpfs (shmem), in bytes. | long | +| system.process.cgroup.memory.stats.rss_huge.bytes | Number of bytes of anonymous transparent hugepages. | long | +| system.process.cgroup.memory.stats.swap.bytes | Swap usage, in bytes. | long | +| system.process.cgroup.memory.stats.unevictable.bytes | Memory that cannot be reclaimed, in bytes. | long | +| system.process.cgroup.path | The path to the cgroup relative to the cgroup subsystem's mountpoint. If there isn't a common path used by all cgroups this field will be absent. | keyword | +| system.process.cmdline | The full command-line used to start the process, including the arguments separated by space. | keyword | +| system.process.cpu.start_time | The time when the process was started. | date | +| system.process.cpu.system.ticks | The amount of CPU time the process spent in kernel space. | long | +| system.process.cpu.total.norm.pct | The percentage of CPU time spent by the process since the last event. This value is normalized by the number of CPU cores and it ranges from 0 to 100%. | scaled_float | +| system.process.cpu.total.pct | The percentage of CPU time spent by the process since the last update. Its value is similar to the %CPU value of the process displayed by the top command on Unix systems. | scaled_float | +| system.process.cpu.total.ticks | The total CPU time spent by the process. | long | +| system.process.cpu.total.value | The value of CPU usage since starting the process. | long | +| system.process.cpu.user.ticks | The amount of CPU time the process spent in user space. | long | +| system.process.env | The environment variables used to start the process. The data is available on FreeBSD, Linux, and OS X. | object | +| system.process.fd.limit.hard | The hard limit on the number of file descriptors opened by the process. The hard limit can only be raised by root. | long | +| system.process.fd.limit.soft | The soft limit on the number of file descriptors opened by the process. The soft limit can be changed by the process at any time. | long | +| system.process.fd.open | The number of file descriptors open by the process. | long | +| system.process.memory.rss.bytes | The Resident Set Size. The amount of memory the process occupied in main memory (RAM). On Windows this represents the current working set size, in bytes. | long | +| system.process.memory.rss.pct | The percentage of memory the process occupied in main memory (RAM). | scaled_float | +| system.process.memory.share | The shared memory the process uses. | long | +| system.process.memory.size | The total virtual memory the process has. On Windows this represents the Commit Charge (the total amount of memory that the memory manager has committed for a running process) value in bytes for this process. | long | +| system.process.state | The process state. For example: "running". | keyword | +| user.name | Short name or login of the user. | keyword | + + +### Process_summary + +The `process_summary` metricset collects high level statistics about the running +processes. + +This metricset is available on: + +- FreeBSD +- Linux +- macOS +- Windows + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.process.summary.dead | Number of dead processes on this host. It's very unlikely that it will appear but in some special situations it may happen. | long | +| system.process.summary.idle | Number of idle processes on this host. | long | +| system.process.summary.running | Number of running processes on this host. | long | +| system.process.summary.sleeping | Number of sleeping processes on this host. | long | +| system.process.summary.stopped | Number of stopped processes on this host. | long | +| system.process.summary.total | Total number of processes on this host. | long | +| system.process.summary.unknown | Number of processes for which the state couldn't be retrieved or is unknown. | long | +| system.process.summary.zombie | Number of zombie processes on this host. | long | + + +### raid + +This is the raid metricset of the module system. It collects stats about the raid. + +This metricset is available on: + +- Linux + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.raid.blocks.synced | Number of blocks on the device that are in sync, in 1024-byte blocks. | long | +| system.raid.blocks.total | Number of blocks the device holds, in 1024-byte blocks. | long | +| system.raid.disks.active | Number of active disks. | long | +| system.raid.disks.failed | Number of failed disks. | long | +| system.raid.disks.spare | Number of spared disks. | long | +| system.raid.disks.states.* | map of raw disk states | object | +| system.raid.disks.total | Total number of disks the device consists of. | long | +| system.raid.level | The raid level of the device | keyword | +| system.raid.name | Name of the device. | keyword | +| system.raid.status | activity-state of the device. | keyword | +| system.raid.sync_action | Current sync action, if the RAID array is redundant | keyword | + + +### Service + +The `service` metricset reports on the status of systemd services. + +This metricset is available on: + +- Linux + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.service.exec_code | The SIGCHLD code from the service's main process | keyword | +| system.service.load_state | The load state of the service | keyword | +| system.service.name | The name of the service | keyword | +| system.service.resources.cpu.usage.ns | CPU usage in nanoseconds | long | +| system.service.resources.memory.usage.bytes | memory usage in bytes | long | +| system.service.resources.network.in.bytes | bytes in | long | +| system.service.resources.network.in.packets | packets in | long | +| system.service.resources.network.out.bytes | bytes out | long | +| system.service.resources.network.out.packets | packets out | long | +| system.service.resources.tasks.count | number of tasks associated with the service | long | +| system.service.state | The activity state of the service | keyword | +| system.service.state_since | The timestamp of the last state change. If the service is active and running, this is its uptime. | date | +| system.service.sub_state | The sub-state of the service | keyword | + + +### Socket + +This metricset is available on Linux only and requires kernel 2.6.14 or newer. + +The system `socket` metricset reports an event for each new TCP socket that it +sees. It does this by polling the kernel periodically to get a dump of all +sockets. You set the polling interval by configuring the `period` option. +Specifying a short polling interval with this metricset is important to avoid +missing short-lived connections. + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| network.direction | Direction of the network traffic. Recommended values are: * inbound * outbound * internal * external * unknown When mapping events from a host-based monitoring context, populate this field from the host's point of view. When mapping events from a network or perimeter-based monitoring context, populate this field from the point of view of your network perimeter. | keyword | +| network.type | In the OSI Model this would be the Network Layer. ipv4, ipv6, ipsec, pim, etc The field value must be normalized to lowercase for querying. See the documentation section "Implementing ECS". | keyword | +| process.executable | Absolute path to the process executable. | keyword | +| process.name | Process name. Sometimes called program name or similar. | keyword | +| process.pid | Process id. | long | +| system.socket.local.ip | Local IP address. This can be an IPv4 or IPv6 address. | ip | +| system.socket.local.port | Local port. | long | +| system.socket.process.cmdline | Full command line | keyword | +| system.socket.remote.etld_plus_one | The effective top-level domain (eTLD) of the remote host plus one more label. For example, the eTLD+1 for "foo.bar.golang.org." is "golang.org.". The data for determining the eTLD comes from an embedded copy of the data from http://publicsuffix.org. | keyword | +| system.socket.remote.host | PTR record associated with the remote IP. It is obtained via reverse IP lookup. | keyword | +| system.socket.remote.host_error | Error describing the cause of the reverse lookup failure. | keyword | +| system.socket.remote.ip | Remote IP address. This can be an IPv4 or IPv6 address. | ip | +| system.socket.remote.port | Remote port. | long | +| user.full_name | User's full name, if available. | keyword | +| user.id | Unique identifier of the user. | keyword | + + +### Socket_summary + +The System `socket_summary` metricset provides the summary of open network +sockets in the host system. + +It collects a summary of metrics with the count of existing TCP and UDP +connections and the count of listening ports. + +This metricset is available on: + +- FreeBSD +- Linux +- macOS +- Windows + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.socket.summary.all.count | All open connections | integer | +| system.socket.summary.all.listening | All listening ports | integer | +| system.socket.summary.tcp.all.close_wait | Number of TCP connections in _close_wait_ state | integer | +| system.socket.summary.tcp.all.closing | Number of TCP connections in _closing_ state | integer | +| system.socket.summary.tcp.all.count | All open TCP connections | integer | +| system.socket.summary.tcp.all.established | Number of established TCP connections | integer | +| system.socket.summary.tcp.all.fin_wait1 | Number of TCP connections in _fin_wait1_ state | integer | +| system.socket.summary.tcp.all.fin_wait2 | Number of TCP connections in _fin_wait2_ state | integer | +| system.socket.summary.tcp.all.last_ack | Number of TCP connections in _last_ack_ state | integer | +| system.socket.summary.tcp.all.listening | All TCP listening ports | integer | +| system.socket.summary.tcp.all.orphan | A count of all orphaned tcp sockets. Only available on Linux. | integer | +| system.socket.summary.tcp.all.syn_recv | Number of TCP connections in _syn_recv_ state | integer | +| system.socket.summary.tcp.all.syn_sent | Number of TCP connections in _syn_sent_ state | integer | +| system.socket.summary.tcp.all.time_wait | Number of TCP connections in _time_wait_ state | integer | +| system.socket.summary.tcp.memory | Memory used by TCP sockets in bytes, based on number of allocated pages and system page size. Corresponds to limits set in /proc/sys/net/ipv4/tcp_mem. Only available on Linux. | integer | +| system.socket.summary.udp.all.count | All open UDP connections | integer | +| system.socket.summary.udp.memory | Memory used by UDP sockets in bytes, based on number of allocated pages and system page size. Corresponds to limits set in /proc/sys/net/ipv4/udp_mem. Only available on Linux. | integer | + + +### Uptime + +The System `uptime` metricset provides the uptime of the host operating system. + +This metricset is available on: + +- Linux +- macOS +- OpenBSD +- FreeBSD +- Windows + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.uptime.duration.ms | The OS uptime in milliseconds. | long | + + +### Users + +The system/users metricset reports logged in users and associated sessions via dbus and logind, which is a systemd component. By default, the metricset will look in `/var/run/dbus/` for a system socket, although a new path can be selected with `DBUS_SYSTEM_BUS_ADDRESS`. + +This metricset is available on: + +- Linux + +**Exported fields** + +| Field | Description | Type | +|---|---|---| +| system.users.id | The ID of the session | keyword | +| system.users.leader | The root PID of the session | long | +| system.users.path | The DBus object path of the session | keyword | +| system.users.remote | A bool indicating a remote session | boolean | +| system.users.remote_host | A remote host address for the session | keyword | +| system.users.scope | The associated systemd scope | keyword | +| system.users.seat | An associated logind seat | keyword | +| system.users.service | A session associated with the service | keyword | +| system.users.state | The current state of the session | keyword | +| system.users.type | The type of the user session | keyword | diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/kibana-system.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/kibana-system.png new file mode 100644 index 0000000000000..8741a5662417f Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/kibana-system.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/metricbeat-services-host.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/metricbeat-services-host.png new file mode 100644 index 0000000000000..bc8d1814f8ba6 Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/metricbeat-services-host.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/metricbeat_system_dashboard.png b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/metricbeat_system_dashboard.png new file mode 100644 index 0000000000000..2ff6ad8bd0224 Binary files /dev/null and b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/metricbeat_system_dashboard.png differ diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/system.svg b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/system.svg new file mode 100644 index 0000000000000..0aba96275e24e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/img/system.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs.json new file mode 100644 index 0000000000000..45e78441e9d3c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs.json @@ -0,0 +1,53 @@ +{ + "attributes": { + "description": "New users and groups dashboard for the System integration in Logs", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":12,\"i\":\"1\",\"w\":24,\"x\":0,\"y\":4},\"panelIndex\":\"1\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"2\",\"w\":24,\"x\":24,\"y\":4},\"panelIndex\":\"2\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"3\",\"w\":24,\"x\":0,\"y\":16},\"panelIndex\":\"3\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"4\",\"w\":24,\"x\":24,\"y\":16},\"panelIndex\":\"4\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":12,\"i\":\"5\",\"w\":24,\"x\":0,\"y\":28},\"panelIndex\":\"5\",\"panelRefName\":\"panel_4\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"6\",\"w\":24,\"x\":24,\"y\":28},\"panelIndex\":\"6\",\"panelRefName\":\"panel_5\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":4,\"i\":\"7\",\"w\":48,\"x\":0,\"y\":0},\"panelIndex\":\"7\",\"panelRefName\":\"panel_6\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Logs System] New users and groups ECS", + "version": 1 + }, + "id": "0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs", + "references": [ + { + "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "e121b140-fa78-11e6-a1df-a78bd7504d38-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "12667040-fa80-11e6-a1df-a78bd7504d38-ecs", + "name": "panel_4", + "type": "visualization" + }, + { + "id": "346bb290-fa80-11e6-a1df-a78bd7504d38-ecs", + "name": "panel_5", + "type": "visualization" + }, + { + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", + "name": "panel_6", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs.json new file mode 100644 index 0000000000000..c6f2417b73a4c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs.json @@ -0,0 +1,38 @@ +{ + "attributes": { + "description": "Sudo commands dashboard from the Logs System integration", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":16,\"i\":\"1\",\"w\":48,\"x\":0,\"y\":20},\"panelIndex\":\"1\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"2\",\"w\":48,\"x\":0,\"y\":36},\"panelIndex\":\"2\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":16,\"i\":\"3\",\"w\":48,\"x\":0,\"y\":4},\"panelIndex\":\"3\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":4,\"i\":\"4\",\"w\":48,\"x\":0,\"y\":0},\"panelIndex\":\"4\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Logs System] Sudo commands ECS", + "version": 1 + }, + "id": "277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs", + "references": [ + { + "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", + "name": "panel_3", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs.json new file mode 100644 index 0000000000000..7d92b6a0ea752 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs.json @@ -0,0 +1,48 @@ +{ + "attributes": { + "description": "SSH dashboard for the System integration in Logs", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"1\",\"w\":48,\"x\":0,\"y\":16},\"panelIndex\":\"1\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":12,\"i\":\"2\",\"w\":48,\"x\":0,\"y\":4},\"panelIndex\":\"2\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":16,\"i\":\"3\",\"w\":24,\"x\":0,\"y\":28},\"panelIndex\":\"3\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"mapBounds\":{\"bottom_right\":{\"lat\":10.31491928581316,\"lon\":74.53125},\"top_left\":{\"lat\":60.50052541051131,\"lon\":-27.94921875}},\"mapCenter\":[39.774769485295465,23.203125],\"mapCollar\":{\"bottom_right\":{\"lat\":-14.777884999999998,\"lon\":125.771485},\"top_left\":{\"lat\":85.593335,\"lon\":-79.189455},\"zoom\":3},\"mapZoom\":3},\"gridData\":{\"h\":16,\"i\":\"4\",\"w\":24,\"x\":24,\"y\":28},\"panelIndex\":\"4\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"columns\":[\"system.auth.ssh.event\",\"system.auth.ssh.method\",\"user.name\",\"source.ip\",\"source.geo.country_iso_code\"],\"sort\":[\"@timestamp\",\"desc\"]},\"gridData\":{\"h\":12,\"i\":\"5\",\"w\":48,\"x\":0,\"y\":44},\"panelIndex\":\"5\",\"panelRefName\":\"panel_4\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":4,\"i\":\"6\",\"w\":48,\"x\":0,\"y\":0},\"panelIndex\":\"6\",\"panelRefName\":\"panel_5\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Logs System] SSH login attempts ECS", + "version": 1 + }, + "id": "5517a150-f9ce-11e6-8115-a7c18106d86a-ecs", + "references": [ + { + "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "62439dc0-f9c9-11e6-a747-6121780e0414-ecs", + "name": "panel_4", + "type": "search" + }, + { + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", + "name": "panel_5", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs.json new file mode 100644 index 0000000000000..c6b20d3720ab5 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs.json @@ -0,0 +1,133 @@ +{ + "attributes": { + "description": "Overview of host metrics", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"host.name:\\\"CHANGEME_HOSTNAME\\\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"1\",\"w\":24,\"x\":0,\"y\":55},\"panelIndex\":\"1\",\"panelRefName\":\"panel_0\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"2\",\"w\":24,\"x\":24,\"y\":25},\"panelIndex\":\"2\",\"panelRefName\":\"panel_1\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"3\",\"w\":24,\"x\":24,\"y\":55},\"panelIndex\":\"3\",\"panelRefName\":\"panel_2\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"4\",\"w\":24,\"x\":0,\"y\":40},\"panelIndex\":\"4\",\"panelRefName\":\"panel_3\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"5\",\"w\":24,\"x\":24,\"y\":70},\"panelIndex\":\"5\",\"panelRefName\":\"panel_4\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"6\",\"w\":24,\"x\":0,\"y\":70},\"panelIndex\":\"6\",\"panelRefName\":\"panel_5\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"7\",\"w\":24,\"x\":0,\"y\":25},\"panelIndex\":\"7\",\"panelRefName\":\"panel_6\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"8\",\"w\":24,\"x\":24,\"y\":40},\"panelIndex\":\"8\",\"panelRefName\":\"panel_7\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":10,\"i\":\"9\",\"w\":8,\"x\":16,\"y\":5},\"panelIndex\":\"9\",\"panelRefName\":\"panel_8\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":10,\"i\":\"10\",\"w\":8,\"x\":0,\"y\":5},\"panelIndex\":\"10\",\"panelRefName\":\"panel_9\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":10,\"i\":\"11\",\"w\":8,\"x\":8,\"y\":5},\"panelIndex\":\"11\",\"panelRefName\":\"panel_10\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":10,\"i\":\"12\",\"w\":8,\"x\":24,\"y\":5},\"panelIndex\":\"12\",\"panelRefName\":\"panel_11\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":10,\"i\":\"13\",\"w\":8,\"x\":32,\"y\":5},\"panelIndex\":\"13\",\"panelRefName\":\"panel_12\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":10,\"i\":\"14\",\"w\":16,\"x\":32,\"y\":15},\"panelIndex\":\"14\",\"panelRefName\":\"panel_13\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":5,\"i\":\"16\",\"w\":24,\"x\":0,\"y\":0},\"panelIndex\":\"16\",\"panelRefName\":\"panel_14\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":10,\"i\":\"21\",\"w\":8,\"x\":0,\"y\":15},\"panelIndex\":\"21\",\"panelRefName\":\"panel_15\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":10,\"i\":\"22\",\"w\":8,\"x\":8,\"y\":15},\"panelIndex\":\"22\",\"panelRefName\":\"panel_16\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":10,\"i\":\"23\",\"w\":8,\"x\":24,\"y\":15},\"panelIndex\":\"23\",\"panelRefName\":\"panel_17\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":10,\"i\":\"25\",\"w\":8,\"x\":40,\"y\":5},\"panelIndex\":\"25\",\"panelRefName\":\"panel_18\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"27\",\"w\":24,\"x\":0,\"y\":85},\"panelIndex\":\"27\",\"panelRefName\":\"panel_19\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":15,\"i\":\"28\",\"w\":24,\"x\":24,\"y\":85},\"panelIndex\":\"28\",\"panelRefName\":\"panel_20\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"gridData\":{\"h\":10,\"i\":\"29\",\"w\":8,\"x\":16,\"y\":15},\"panelIndex\":\"29\",\"panelRefName\":\"panel_21\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":5,\"i\":\"30\",\"w\":24,\"x\":24,\"y\":0},\"panelIndex\":\"30\",\"panelRefName\":\"panel_22\",\"version\":\"7.6.0\"}]", + "timeRestore": false, + "title": "[Metrics System] Host overview ECS", + "version": 1 + }, + "id": "79ffd6e0-faa0-11e6-947f-177f697178b8-ecs", + "references": [ + { + "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "4d546850-1b15-11e7-b09e-037021c4f8df-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "089b85d0-1b16-11e7-b09e-037021c4f8df-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs", + "name": "panel_4", + "type": "visualization" + }, + { + "id": "2e224660-1b19-11e7-b09e-037021c4f8df-ecs", + "name": "panel_5", + "type": "visualization" + }, + { + "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs", + "name": "panel_6", + "type": "visualization" + }, + { + "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs", + "name": "panel_7", + "type": "visualization" + }, + { + "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "name": "panel_8", + "type": "visualization" + }, + { + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "name": "panel_9", + "type": "visualization" + }, + { + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "name": "panel_10", + "type": "visualization" + }, + { + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", + "name": "panel_11", + "type": "visualization" + }, + { + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", + "name": "panel_12", + "type": "visualization" + }, + { + "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs", + "name": "panel_13", + "type": "visualization" + }, + { + "id": "System-Navigation-ecs", + "name": "panel_14", + "type": "visualization" + }, + { + "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs", + "name": "panel_15", + "type": "visualization" + }, + { + "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs", + "name": "panel_16", + "type": "visualization" + }, + { + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", + "name": "panel_17", + "type": "visualization" + }, + { + "id": "96976150-4d5d-11e7-aa29-87a97a796de6-ecs", + "name": "panel_18", + "type": "visualization" + }, + { + "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs", + "name": "panel_19", + "type": "visualization" + }, + { + "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs", + "name": "panel_20", + "type": "visualization" + }, + { + "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs", + "name": "panel_21", + "type": "visualization" + }, + { + "id": "3d65d450-a9c3-11e7-af20-67db8aecb295-ecs", + "name": "panel_22", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/CPU-slash-Memory-per-container-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/CPU-slash-Memory-per-container-ecs.json new file mode 100644 index 0000000000000..50ddc7c2b5421 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/CPU-slash-Memory-per-container-ecs.json @@ -0,0 +1,38 @@ +{ + "attributes": { + "description": "Overview of container metrics", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":12,\"i\":\"2\",\"w\":48,\"x\":0,\"y\":4},\"panelIndex\":\"2\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":4,\"i\":\"3\",\"w\":48,\"x\":0,\"y\":0},\"panelIndex\":\"3\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":12,\"i\":\"4\",\"w\":48,\"x\":0,\"y\":16},\"panelIndex\":\"4\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}},\"gridData\":{\"h\":16,\"i\":\"5\",\"w\":48,\"x\":0,\"y\":28},\"panelIndex\":\"5\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Metrics System] Containers overview ECS", + "version": 1 + }, + "id": "CPU-slash-Memory-per-container-ecs", + "references": [ + { + "id": "Container-CPU-usage-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "System-Navigation-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "Container-Memory-stats-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "Container-Block-IO-ecs", + "name": "panel_3", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/Filebeat-syslog-dashboard-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/Filebeat-syslog-dashboard-ecs.json new file mode 100644 index 0000000000000..84fd9c5e15921 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/Filebeat-syslog-dashboard-ecs.json @@ -0,0 +1,38 @@ +{ + "attributes": { + "description": "Syslog dashboard from the Logs System integration", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":16,\"i\":\"1\",\"w\":32,\"x\":0,\"y\":4},\"panelIndex\":\"1\",\"panelRefName\":\"panel_0\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":16,\"i\":\"2\",\"w\":16,\"x\":32,\"y\":4},\"panelIndex\":\"2\",\"panelRefName\":\"panel_1\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{\"columns\":[\"host.hostname\",\"process.name\",\"message\"],\"sort\":[\"@timestamp\",\"desc\"]},\"gridData\":{\"h\":28,\"i\":\"3\",\"w\":48,\"x\":0,\"y\":20},\"panelIndex\":\"3\",\"panelRefName\":\"panel_2\",\"version\":\"7.3.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":4,\"i\":\"4\",\"w\":48,\"x\":0,\"y\":0},\"panelIndex\":\"4\",\"panelRefName\":\"panel_3\",\"version\":\"7.3.0\"}]", + "timeRestore": false, + "title": "[Logs System] Syslog dashboard ECS", + "version": 1 + }, + "id": "Logs-syslog-dashboard-ecs", + "references": [ + { + "id": "Syslog-events-by-hostname-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "Syslog-hostnames-and-processes-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "Syslog-system-logs-ecs", + "name": "panel_2", + "type": "search" + }, + { + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", + "name": "panel_3", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/Metricbeat-system-overview-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/Metricbeat-system-overview-ecs.json new file mode 100644 index 0000000000000..09d1f206c49b5 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/Metricbeat-system-overview-ecs.json @@ -0,0 +1,68 @@ +{ + "attributes": { + "description": "Overview of system metrics", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"query\":{\"language\":\"kuery\",\"query\":\"\"},\"version\":true}" + }, + "optionsJSON": "{\"darkTheme\":false}", + "panelsJSON": "[{\"embeddableConfig\":{},\"gridData\":{\"h\":4,\"i\":\"9\",\"w\":48,\"x\":0,\"y\":0},\"panelIndex\":\"9\",\"panelRefName\":\"panel_0\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"gridData\":{\"h\":8,\"i\":\"11\",\"w\":8,\"x\":0,\"y\":4},\"panelIndex\":\"11\",\"panelRefName\":\"panel_1\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"gridData\":{\"h\":20,\"i\":\"12\",\"w\":24,\"x\":24,\"y\":12},\"panelIndex\":\"12\",\"panelRefName\":\"panel_2\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":20,\"i\":\"13\",\"w\":24,\"x\":0,\"y\":12},\"panelIndex\":\"13\",\"panelRefName\":\"panel_3\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0% - 15%\":\"rgb(247,252,245)\",\"15% - 30%\":\"rgb(199,233,192)\",\"30% - 45%\":\"rgb(116,196,118)\",\"45% - 60%\":\"rgb(35,139,69)\"}}},\"gridData\":{\"h\":24,\"i\":\"14\",\"w\":48,\"x\":0,\"y\":32},\"panelIndex\":\"14\",\"panelRefName\":\"panel_4\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}},\"gridData\":{\"h\":8,\"i\":\"16\",\"w\":8,\"x\":32,\"y\":4},\"panelIndex\":\"16\",\"panelRefName\":\"panel_5\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"17\",\"w\":8,\"x\":40,\"y\":4},\"panelIndex\":\"17\",\"panelRefName\":\"panel_6\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"18\",\"w\":8,\"x\":24,\"y\":4},\"panelIndex\":\"18\",\"panelRefName\":\"panel_7\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"19\",\"w\":8,\"x\":16,\"y\":4},\"panelIndex\":\"19\",\"panelRefName\":\"panel_8\",\"version\":\"7.6.0\"},{\"embeddableConfig\":{},\"gridData\":{\"h\":8,\"i\":\"20\",\"w\":8,\"x\":8,\"y\":4},\"panelIndex\":\"20\",\"panelRefName\":\"panel_9\",\"version\":\"7.6.0\"}]", + "timeRestore": false, + "title": "[Metrics System] Overview ECS", + "version": 1 + }, + "id": "Metrics-system-overview-ecs", + "references": [ + { + "id": "System-Navigation-ecs", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "855899e0-1b1c-11e7-b09e-037021c4f8df-ecs", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs", + "name": "panel_4", + "type": "visualization" + }, + { + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", + "name": "panel_5", + "type": "visualization" + }, + { + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", + "name": "panel_6", + "type": "visualization" + }, + { + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", + "name": "panel_7", + "type": "visualization" + }, + { + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "name": "panel_8", + "type": "visualization" + }, + { + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "name": "panel_9", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/c431f410-f9ac-11e9-90e8-1fb18e796788.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/c431f410-f9ac-11e9-90e8-1fb18e796788.json new file mode 100644 index 0000000000000..5975f94fcbacb --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/dashboard/c431f410-f9ac-11e9-90e8-1fb18e796788.json @@ -0,0 +1,53 @@ +{ + "attributes": { + "description": "Overview of services on an individual host.", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "optionsJSON": "{\"hidePanelTitles\":false,\"useMargins\":true}", + "panelsJSON": "[{\"embeddableConfig\":{\"title\":\"Running Services\"},\"gridData\":{\"h\":11,\"i\":\"023b7623-9610-47ee-a10c-64ee8d2ccfa1\",\"w\":14,\"x\":0,\"y\":0},\"panelIndex\":\"023b7623-9610-47ee-a10c-64ee8d2ccfa1\",\"panelRefName\":\"panel_0\",\"title\":\"Running Services\",\"version\":\"7.4.0\"},{\"embeddableConfig\":{\"title\":\"Service States\"},\"gridData\":{\"h\":11,\"i\":\"40ebab84-f48f-4060-a7af-3ffdf833ad3a\",\"w\":12,\"x\":14,\"y\":0},\"panelIndex\":\"40ebab84-f48f-4060-a7af-3ffdf833ad3a\",\"panelRefName\":\"panel_1\",\"title\":\"Service States\",\"version\":\"7.4.0\"},{\"embeddableConfig\":{\"title\":\"Service Sub-State\"},\"gridData\":{\"h\":11,\"i\":\"0ad1caa8-2a3f-4429-9631-42d1c57a9e64\",\"w\":12,\"x\":26,\"y\":0},\"panelIndex\":\"0ad1caa8-2a3f-4429-9631-42d1c57a9e64\",\"panelRefName\":\"panel_2\",\"title\":\"Service Sub-State\",\"version\":\"7.4.0\"},{\"embeddableConfig\":{\"title\":\"Return Codes Of Exited Services\"},\"gridData\":{\"h\":11,\"i\":\"9e37921b-da6f-464d-9683-5c9bd550640b\",\"w\":10,\"x\":38,\"y\":0},\"panelIndex\":\"9e37921b-da6f-464d-9683-5c9bd550640b\",\"panelRefName\":\"panel_3\",\"title\":\"Return Codes Of Exited Services\",\"version\":\"7.4.0\"},{\"embeddableConfig\":{\"title\":\"Top Services By Memory Usage\"},\"gridData\":{\"h\":11,\"i\":\"e3ec1fe3-a03a-466e-8bc2-69136e3e6302\",\"w\":24,\"x\":0,\"y\":11},\"panelIndex\":\"e3ec1fe3-a03a-466e-8bc2-69136e3e6302\",\"panelRefName\":\"panel_4\",\"title\":\"Top Services By Memory Usage\",\"version\":\"7.4.0\"},{\"embeddableConfig\":{\"title\":\"Top Services By Task Count\"},\"gridData\":{\"h\":11,\"i\":\"cc928f52-22c9-402d-a7a1-4f32720a4290\",\"w\":24,\"x\":24,\"y\":11},\"panelIndex\":\"cc928f52-22c9-402d-a7a1-4f32720a4290\",\"panelRefName\":\"panel_5\",\"title\":\"Top Services By Task Count\",\"version\":\"7.4.0\"},{\"embeddableConfig\":{\"title\":\"Service Memory Use Over Time\"},\"gridData\":{\"h\":14,\"i\":\"c83f16cd-286f-411b-bae9-bade176a8db2\",\"w\":48,\"x\":0,\"y\":22},\"panelIndex\":\"c83f16cd-286f-411b-bae9-bade176a8db2\",\"panelRefName\":\"panel_6\",\"title\":\"Service Memory Use Over Time\",\"version\":\"7.4.0\"}]", + "timeRestore": false, + "title": "[Metrics System] Host Services Overview", + "version": 1 + }, + "id": "c431f410-f9ac-11e9-90e8-1fb18e796788", + "references": [ + { + "id": "a30871f0-f98f-11e9-90e8-1fb18e796788", + "name": "panel_0", + "type": "visualization" + }, + { + "id": "bb3a8720-f991-11e9-90e8-1fb18e796788", + "name": "panel_1", + "type": "visualization" + }, + { + "id": "e6e639e0-f992-11e9-90e8-1fb18e796788", + "name": "panel_2", + "type": "visualization" + }, + { + "id": "9c69cad0-f9b0-11e9-90e8-1fb18e796788", + "name": "panel_3", + "type": "visualization" + }, + { + "id": "8c071e20-f999-11e9-90e8-1fb18e796788", + "name": "panel_4", + "type": "visualization" + }, + { + "id": "4b254630-f998-11e9-90e8-1fb18e796788", + "name": "panel_5", + "type": "visualization" + }, + { + "id": "d3f51850-f9b6-11e9-90e8-1fb18e796788", + "name": "panel_6", + "type": "visualization" + } + ], + "type": "dashboard" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/62439dc0-f9c9-11e6-a747-6121780e0414-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/62439dc0-f9c9-11e6-a747-6121780e0414-ecs.json new file mode 100644 index 0000000000000..ef1b9d0a30a7e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/62439dc0-f9c9-11e6-a747-6121780e0414-ecs.json @@ -0,0 +1,33 @@ +{ + "attributes": { + "columns": [ + "system.auth.ssh.event", + "system.auth.ssh.method", + "user.name", + "source.ip", + "source.geo.country_iso_code" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"stream.dataset:system.auth AND system.auth.ssh.event:*\"}}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "SSH login attempts [Logs System] ECS", + "version": 1 + }, + "id": "62439dc0-f9c9-11e6-a747-6121780e0414-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs.json new file mode 100644 index 0000000000000..89e2ad2867975 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs.json @@ -0,0 +1,33 @@ +{ + "attributes": { + "columns": [ + "user.name", + "user.id", + "group.id", + "system.auth.useradd.home", + "system.auth.useradd.shell" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"system.auth.useradd:*\"}}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "useradd logs [Logs System] ECS", + "version": 1 + }, + "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/Syslog-system-logs-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/Syslog-system-logs-ecs.json new file mode 100644 index 0000000000000..9b444352475ae --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/Syslog-system-logs-ecs.json @@ -0,0 +1,31 @@ +{ + "attributes": { + "columns": [ + "host.hostname", + "process.name", + "message" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlight\":{\"fields\":{\"*\":{}},\"fragment_size\":2147483647,\"post_tags\":[\"@/kibana-highlighted-field@\"],\"pre_tags\":[\"@kibana-highlighted-field@\"],\"require_field_match\":false},\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"stream.dataset:system.syslog\"}}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Syslog logs [Logs System] ECS", + "version": 1 + }, + "id": "Syslog-system-logs-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs.json new file mode 100644 index 0000000000000..94c481e26b064 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs.json @@ -0,0 +1,32 @@ +{ + "attributes": { + "columns": [ + "user.name", + "system.auth.sudo.user", + "system.auth.sudo.pwd", + "system.auth.sudo.command" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"system.auth.sudo:*\"}}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "Sudo commands [Logs System] ECS", + "version": 1 + }, + "id": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs.json new file mode 100644 index 0000000000000..ce4fa961fde62 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/search/eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs.json @@ -0,0 +1,30 @@ +{ + "attributes": { + "columns": [ + "group.name", + "group.id" + ], + "description": "", + "hits": 0, + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"system.auth.groupadd:*\"}}" + }, + "sort": [ + [ + "@timestamp", + "desc" + ] + ], + "title": "groupadd logs [Logs System] ECS", + "version": 1 + }, + "id": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "search" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/089b85d0-1b16-11e7-b09e-037021c4f8df-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/089b85d0-1b16-11e7-b09e-037021c4f8df-ecs.json new file mode 100644 index 0000000000000..f83205573c4a3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/089b85d0-1b16-11e7-b09e-037021c4f8df-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Network Traffic (Bytes) [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"listeners\":{},\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":{\"language\":\"lucene\",\"query\":\"-system.network.name:l*\"},\"id\":\"da1046f0-faa0-11e6-86b1-cd7735ff7e23\",\"index_pattern\":\"*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,156,224,1)\",\"fill\":\"1\",\"formatter\":\"bytes\",\"id\":\"da1046f1-faa0-11e6-86b1-cd7735ff7e23\",\"label\":\"Inbound \",\"line_width\":\"0\",\"metrics\":[{\"field\":\"system.network.in.bytes\",\"id\":\"da1046f2-faa0-11e6-86b1-cd7735ff7e23\",\"type\":\"max\"},{\"field\":\"da1046f2-faa0-11e6-86b1-cd7735ff7e23\",\"id\":\"f41f9280-faa0-11e6-86b1-cd7735ff7e23\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"f41f9280-faa0-11e6-86b1-cd7735ff7e23\",\"id\":\"a87398e0-1b93-11e7-8ada-3df93aab833e\",\"type\":\"positive_only\",\"unit\":\"\"},{\"function\":\"sum\",\"id\":\"2d533df0-2c2d-11e7-be71-3162da85303f\",\"type\":\"series_agg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.network.name\",\"value_template\":\"{{value}}/s\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(250,40,255,1)\",\"fill\":\"1\",\"formatter\":\"bytes\",\"id\":\"fbbd5720-faa0-11e6-86b1-cd7735ff7e23\",\"label\":\"Outbound \",\"line_width\":\"0\",\"metrics\":[{\"field\":\"system.network.out.bytes\",\"id\":\"fbbd7e30-faa0-11e6-86b1-cd7735ff7e23\",\"type\":\"max\"},{\"field\":\"fbbd7e30-faa0-11e6-86b1-cd7735ff7e23\",\"id\":\"fbbd7e31-faa0-11e6-86b1-cd7735ff7e23\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"id\":\"17e597a0-faa1-11e6-86b1-cd7735ff7e23\",\"script\":\"params.rate != null \\u0026\\u0026 params.rate \\u003e 0 ? params.rate * -1 : null\",\"type\":\"calculation\",\"variables\":[{\"field\":\"fbbd7e31-faa0-11e6-86b1-cd7735ff7e23\",\"id\":\"1940bad0-faa1-11e6-86b1-cd7735ff7e23\",\"name\":\"rate\"}]},{\"function\":\"sum\",\"id\":\"533da9b0-2c2d-11e7-be71-3162da85303f\",\"type\":\"series_agg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.network.name\",\"value_template\":\"{{value}}/s\"}],\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Mericbeat: Network Traffic (Bytes) ECS\",\"type\":\"metrics\"}" + }, + "id": "089b85d0-1b16-11e7-b09e-037021c4f8df-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/12667040-fa80-11e6-a1df-a78bd7504d38-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/12667040-fa80-11e6-a1df-a78bd7504d38-ecs.json new file mode 100644 index 0000000000000..9bd0dde663e34 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/12667040-fa80-11e6-a1df-a78bd7504d38-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "New groups [Logs System] ECS", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"group.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"group.id\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"New groups ECS\",\"type\":\"table\"}" + }, + "id": "12667040-fa80-11e6-a1df-a78bd7504d38-ecs", + "references": [ + { + "id": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs.json new file mode 100644 index 0000000000000..73992a2062788 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Swap usage [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":\"\",\"gauge_color_rules\":[{\"gauge\":\"rgba(104,188,0,1)\",\"id\":\"d17c1e90-4d59-11e7-aee5-fdc812cc3bec\",\"operator\":\"gte\",\"value\":0},{\"gauge\":\"rgba(251,158,0,1)\",\"id\":\"fc1d3490-4d59-11e7-aee5-fdc812cc3bec\",\"operator\":\"gte\",\"value\":0.7},{\"gauge\":\"rgba(211,49,21,1)\",\"id\":\"0e204240-4d5a-11e7-aee5-fdc812cc3bec\",\"operator\":\"gte\",\"value\":0.85}],\"gauge_inner_width\":10,\"gauge_max\":\"\",\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"cee2fd20-4d59-11e7-aee5-fdc812cc3bec\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"percent\",\"id\":\"cee2fd21-4d59-11e7-aee5-fdc812cc3bec\",\"label\":\"Swap usage\",\"line_width\":1,\"metrics\":[{\"field\":\"system.memory.swap.used.pct\",\"id\":\"cee2fd22-4d59-11e7-aee5-fdc812cc3bec\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"gauge\"},\"title\":\"Swap usage [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "19e123b0-4d5a-11e7-aee5-fdc812cc3bec-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/1aae9140-1b93-11e7-8ada-3df93aab833e-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/1aae9140-1b93-11e7-8ada-3df93aab833e-ecs.json new file mode 100644 index 0000000000000..d82cffb4b5efc --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/1aae9140-1b93-11e7-8ada-3df93aab833e-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Outbound Traffic [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"background_color_rules\":[{\"id\":\"0e346760-1b92-11e7-bec4-a5e9ec5cab8b\"}],\"filter\":{\"language\":\"lucene\",\"query\":\"-system.network.name:l*\"},\"id\":\"0c761590-1b92-11e7-bec4-a5e9ec5cab8b\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"0c761591-1b92-11e7-bec4-a5e9ec5cab8b\",\"label\":\"Outbound Traffic\",\"line_width\":1,\"metrics\":[{\"field\":\"system.network.out.bytes\",\"id\":\"0c761592-1b92-11e7-bec4-a5e9ec5cab8b\",\"type\":\"max\"},{\"field\":\"0c761592-1b92-11e7-bec4-a5e9ec5cab8b\",\"id\":\"1d659060-1b92-11e7-bec4-a5e9ec5cab8b\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"1d659060-1b92-11e7-bec4-a5e9ec5cab8b\",\"id\":\"f2074f70-1b92-11e7-a416-41f5ccdba2e6\",\"type\":\"positive_only\",\"unit\":\"\"},{\"function\":\"sum\",\"id\":\"a1737470-2c55-11e7-a0ad-277ce466684d\",\"type\":\"series_agg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.network.name\",\"value_template\":\"{{value}}/s\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"37f70440-1b92-11e7-bec4-a5e9ec5cab8b\",\"label\":\"Total Transferred\",\"line_width\":1,\"metrics\":[{\"field\":\"system.network.out.bytes\",\"id\":\"37f72b50-1b92-11e7-bec4-a5e9ec5cab8b\",\"type\":\"max\"},{\"field\":\"37f72b50-1b92-11e7-bec4-a5e9ec5cab8b\",\"id\":\"37f72b51-1b92-11e7-bec4-a5e9ec5cab8b\",\"type\":\"derivative\",\"unit\":\"\"},{\"field\":\"37f72b51-1b92-11e7-bec4-a5e9ec5cab8b\",\"id\":\"f9da2dd0-1b92-11e7-a416-41f5ccdba2e6\",\"type\":\"positive_only\",\"unit\":\"\"},{\"field\":\"f9da2dd0-1b92-11e7-a416-41f5ccdba2e6\",\"function\":\"overall_sum\",\"id\":\"3e63c2f0-1b92-11e7-bec4-a5e9ec5cab8b\",\"sigma\":\"\",\"type\":\"series_agg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.network.name\",\"value_template\":\"{{value}}\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"metric\"},\"title\":\"Outbound Traffic [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "1aae9140-1b93-11e7-8ada-3df93aab833e-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs.json new file mode 100644 index 0000000000000..6e216233c7fde --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Load Gauge [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"background_color_rules\":[{\"id\":\"feefabd0-1b90-11e7-bec4-a5e9ec5cab8b\"}],\"gauge_color_rules\":[{\"id\":\"ffd94880-1b90-11e7-bec4-a5e9ec5cab8b\"}],\"gauge_inner_width\":10,\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"fdcc6180-1b90-11e7-bec4-a5e9ec5cab8b\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"fdcc6181-1b90-11e7-bec4-a5e9ec5cab8b\",\"label\":\"5m Load\",\"line_width\":1,\"metrics\":[{\"field\":\"system.load.5\",\"id\":\"fdcc6182-1b90-11e7-bec4-a5e9ec5cab8b\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"gauge\"},\"title\":\"Load Gauge [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "26732e20-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/2e224660-1b19-11e7-b09e-037021c4f8df-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/2e224660-1b19-11e7-b09e-037021c4f8df-ecs.json new file mode 100644 index 0000000000000..173ff2d672080 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/2e224660-1b19-11e7-b09e-037021c4f8df-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Processes By Memory [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"bar_color_rules\":[{\"bar_color\":\"rgba(104,188,0,1)\",\"id\":\"efb9b660-1b18-11e7-b09e-037021c4f8df\",\"operator\":\"gte\",\"value\":0},{\"bar_color\":\"rgba(254,146,0,1)\",\"id\":\"17fcb820-1b19-11e7-b09e-037021c4f8df\",\"operator\":\"gte\",\"value\":0.7},{\"bar_color\":\"rgba(211,49,21,1)\",\"id\":\"1dd61070-1b19-11e7-b09e-037021c4f8df\",\"operator\":\"gte\",\"value\":0.85}],\"drilldown_url\":\"\",\"filter\":\"\",\"id\":\"edfceb30-1b18-11e7-b09e-037021c4f8df\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"percent\",\"id\":\"edfceb31-1b18-11e7-b09e-037021c4f8df\",\"line_width\":1,\"metrics\":[{\"field\":\"system.process.memory.rss.pct\",\"id\":\"edfceb32-1b18-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"process.name\",\"terms_order_by\":\"edfceb32-1b18-11e7-b09e-037021c4f8df\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"top_n\"},\"title\":\"Processes By Memory [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "2e224660-1b19-11e7-b09e-037021c4f8df-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs.json new file mode 100644 index 0000000000000..7c295d325e7fe --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Dashboards [Logs System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"fontSize\":12,\"markdown\":\"[Syslog](#/dashboard/Logs-syslog-dashboard-ecs) | [Sudo commands](#/dashboard/277876d0-fa2c-11e6-bbd3-29c986c96e5a-ecs) | [SSH logins](#/dashboard/5517a150-f9ce-11e6-8115-a7c18106d86a-ecs) | [New users and groups](#/dashboard/0d3f2380-fa78-11e6-ae9b-81e5311e8cab-ecs)\"},\"title\":\"Dashboards [Logs System] ECS\",\"type\":\"markdown\"}" + }, + "id": "327417e0-8462-11e7-bab8-bd2f0fb42c54-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs.json new file mode 100644 index 0000000000000..76ed3a9120c38 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"system.auth.ssh.event:Failed OR system.auth.ssh.event:Invalid\"}}" + }, + "title": "SSH users of failed login attempts [Logs System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"user.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":50},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"maxFontSize\":72,\"minFontSize\":18,\"orientation\":\"single\",\"scale\":\"linear\"},\"title\":\"SSH users of failed login attempts ECS\",\"type\":\"tagcloud\"}" + }, + "id": "341ffe70-f9ce-11e6-8115-a7c18106d86a-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/346bb290-fa80-11e6-a1df-a78bd7504d38-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/346bb290-fa80-11e6-a1df-a78bd7504d38-ecs.json new file mode 100644 index 0000000000000..3ceece6e3af7a --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/346bb290-fa80-11e6-a1df-a78bd7504d38-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "New groups over time [Logs System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"group.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"group\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"legendPosition\":\"bottom\",\"mode\":\"stacked\",\"scale\":\"linear\",\"setYExtents\":false,\"times\":[]},\"title\":\"New groups over time ECS\",\"type\":\"histogram\"}" + }, + "id": "346bb290-fa80-11e6-a1df-a78bd7504d38-ecs", + "references": [ + { + "id": "eb0039f0-fa7f-11e6-a1df-a78bd7504d38-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs.json new file mode 100644 index 0000000000000..7370f60255b8b --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Disk Usage [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"bar_color\":\"rgba(104,188,0,1)\",\"id\":\"bf525310-1b95-11e7-8ada-3df93aab833e\",\"operator\":\"gte\",\"value\":0},{\"bar_color\":\"rgba(254,146,0,1)\",\"id\":\"125fc4c0-1b96-11e7-8ada-3df93aab833e\",\"operator\":\"gte\",\"value\":0.7},{\"bar_color\":\"rgba(211,49,21,1)\",\"id\":\"1a5c7240-1b96-11e7-8ada-3df93aab833e\",\"operator\":\"gte\",\"value\":0.85}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"drilldown_url\":\"\",\"filter\":{\"language\":\"lucene\",\"query\":\"-system.filesystem.mount_point:\\\\/run* AND -system.filesystem.mount_point:\\\\/sys* AND -system.filesystem.mount_point:\\\\/dev* AND -system.filesystem.mount_point:\\\\/proc* AND -system.filesystem.mount_point:\\\\/var* AND -system.filesystem.mount_point:\\\\/boot\"},\"id\":\"9f7e48a0-1b95-11e7-8ada-3df93aab833e\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"percent\",\"id\":\"9f7e48a1-1b95-11e7-8ada-3df93aab833e\",\"line_width\":1,\"metrics\":[{\"agg_with\":\"avg\",\"field\":\"system.filesystem.used.pct\",\"id\":\"9f7e48a2-1b95-11e7-8ada-3df93aab833e\",\"order\":\"desc\",\"order_by\":\"@timestamp\",\"size\":1,\"type\":\"top_hit\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.filesystem.mount_point\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"time_range_mode\":\"entire_time_range\",\"type\":\"top_n\"},\"title\":\"Disk Usage [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "34f97ee0-1b96-11e7-8ada-3df93aab833e-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs.json new file mode 100644 index 0000000000000..14d2795a3dbf9 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"system.auth.ssh.event:Failed OR system.auth.ssh.event:Invalid\"}}" + }, + "title": "SSH failed login attempts source locations [Logs System] ECS", + "uiStateJSON": "{\"mapCenter\":[17.602139123350838,69.697265625],\"mapZoom\":2}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"autoPrecision\":true,\"field\":\"source.geo.location\",\"precision\":2},\"schema\":\"segment\",\"type\":\"geohash_grid\"}],\"listeners\":{},\"params\":{\"addTooltip\":true,\"heatBlur\":15,\"heatMaxZoom\":16,\"heatMinOpacity\":0.1,\"heatNormalizeData\":true,\"heatRadius\":25,\"isDesaturated\":true,\"legendPosition\":\"bottomright\",\"mapCenter\":[15,5],\"mapType\":\"Shaded Circle Markers\",\"mapZoom\":2,\"wms\":{\"enabled\":false,\"options\":{\"attribution\":\"Maps provided by USGS\",\"format\":\"image/png\",\"layers\":\"0\",\"styles\":\"\",\"transparent\":true,\"version\":\"1.3.0\"},\"url\":\"https://basemap.nationalmap.gov/arcgis/services/USGSTopo/MapServer/WMSServer\"}},\"title\":\"SSH failed login attempts source locations ECS\",\"type\":\"tile_map\"}" + }, + "id": "3cec3eb0-f9d3-11e6-8a3e-2b904044ea1d-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/3d65d450-a9c3-11e7-af20-67db8aecb295-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/3d65d450-a9c3-11e7-af20-67db8aecb295-ecs.json new file mode 100644 index 0000000000000..b96a35c612266 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/3d65d450-a9c3-11e7-af20-67db8aecb295-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{}" + }, + "title": "Tip [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"fontSize\":12,\"markdown\":\"**TIP:** To select another host, go to the [System Overview](#/dashboard/Metrics-system-overview-ecs) dashboard and double-click a host name.\"},\"title\":\"Tip [Metrics System] ECS\",\"type\":\"markdown\"}" + }, + "id": "3d65d450-a9c3-11e7-af20-67db8aecb295-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/4b254630-f998-11e9-90e8-1fb18e796788.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/4b254630-f998-11e9-90e8-1fb18e796788.json new file mode 100644 index 0000000000000..75512e1e84c34 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/4b254630-f998-11e9-90e8-1fb18e796788.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Top Services By Task Count [Metrics System]", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"id\":\"3aeae000-f997-11e9-ac67-272468589910\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"metrics-*\",\"interval\":\"\",\"isModelInvalid\":false,\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"hidden\":false,\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"\",\"line_width\":1,\"metrics\":[{\"field\":\"system.service.resources.tasks.count\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":1,\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.service.name\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"\",\"type\":\"top_n\"},\"title\":\"Top Services By Task Count [Metrics System]\",\"type\":\"metrics\"}" + }, + "id": "4b254630-f998-11e9-90e8-1fb18e796788", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/4d546850-1b15-11e7-b09e-037021c4f8df-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/4d546850-1b15-11e7-b09e-037021c4f8df-ecs.json new file mode 100644 index 0000000000000..7526c965500bb --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/4d546850-1b15-11e7-b09e-037021c4f8df-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "System Load [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"f6264ad0-1b14-11e7-b09e-037021c4f8df\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(115,216,255,1)\",\"fill\":\"0\",\"formatter\":\"number\",\"id\":\"f62671e0-1b14-11e7-b09e-037021c4f8df\",\"label\":\"1m\",\"line_width\":\"3\",\"metrics\":[{\"field\":\"system.load.1\",\"id\":\"f62671e1-1b14-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,156,224,1)\",\"fill\":\"0\",\"formatter\":\"number\",\"id\":\"1c324850-1b15-11e7-b09e-037021c4f8df\",\"label\":\"5m\",\"line_width\":\"3\",\"metrics\":[{\"field\":\"system.load.5\",\"id\":\"1c324851-1b15-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,98,177,1)\",\"fill\":\"0\",\"formatter\":\"number\",\"id\":\"3287e740-1b15-11e7-b09e-037021c4f8df\",\"label\":\"15m\",\"line_width\":\"3\",\"metrics\":[{\"field\":\"system.load.15\",\"id\":\"32880e50-1b15-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"System Load [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "4d546850-1b15-11e7-b09e-037021c4f8df-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs.json new file mode 100644 index 0000000000000..0769373782fbb --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Disk IO (Bytes) [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":\"\",\"id\":\"d3c67db0-1b1a-11e7-b09e-037021c4f8df\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(22,165,165,1)\",\"fill\":\"1\",\"formatter\":\"bytes\",\"id\":\"d3c67db1-1b1a-11e7-b09e-037021c4f8df\",\"label\":\"reads\",\"line_width\":1,\"metrics\":[{\"field\":\"system.diskio.read.bytes\",\"id\":\"d3c67db2-1b1a-11e7-b09e-037021c4f8df\",\"type\":\"max\"},{\"field\":\"d3c67db2-1b1a-11e7-b09e-037021c4f8df\",\"id\":\"f55b9910-1b1a-11e7-b09e-037021c4f8df\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"f55b9910-1b1a-11e7-b09e-037021c4f8df\",\"id\":\"dcbbb100-1b93-11e7-8ada-3df93aab833e\",\"type\":\"positive_only\",\"unit\":\"\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"value_template\":\"{{value}}/s\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(251,158,0,1)\",\"fill\":\"1\",\"formatter\":\"bytes\",\"id\":\"144124d0-1b1b-11e7-b09e-037021c4f8df\",\"label\":\"writes\",\"line_width\":1,\"metrics\":[{\"field\":\"system.diskio.write.bytes\",\"id\":\"144124d1-1b1b-11e7-b09e-037021c4f8df\",\"type\":\"max\"},{\"field\":\"144124d1-1b1b-11e7-b09e-037021c4f8df\",\"id\":\"144124d2-1b1b-11e7-b09e-037021c4f8df\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"id\":\"144124d4-1b1b-11e7-b09e-037021c4f8df\",\"script\":\"params.rate \\u003e 0 ? params.rate * -1 : 0\",\"type\":\"calculation\",\"variables\":[{\"field\":\"144124d2-1b1b-11e7-b09e-037021c4f8df\",\"id\":\"144124d3-1b1b-11e7-b09e-037021c4f8df\",\"name\":\"rate\"}]}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\",\"value_template\":\"{{value}}/s\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Disk IO (Bytes) [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "4e4bb1e0-1b1b-11e7-b09e-037021c4f8df-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs.json new file mode 100644 index 0000000000000..a9abfcef925f1 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"system.auth.sudo.error:*\"}}" + }, + "title": "Sudo errors [Logs System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"system.auth.sudo.error\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"group\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"setYExtents\":false,\"times\":[]},\"title\":\"Sudo errors ECS\",\"type\":\"histogram\"}" + }, + "id": "51164310-fa2b-11e6-bbd3-29c986c96e5a-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs.json new file mode 100644 index 0000000000000..c0d2fd2e3ab9e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Inbound Traffic [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"background_color_rules\":[{\"id\":\"0e346760-1b92-11e7-bec4-a5e9ec5cab8b\"}],\"filter\":{\"language\":\"lucene\",\"query\":\"-system.network.name:l*\"},\"id\":\"0c761590-1b92-11e7-bec4-a5e9ec5cab8b\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"0c761591-1b92-11e7-bec4-a5e9ec5cab8b\",\"label\":\"Inbound Traffic\",\"line_width\":1,\"metrics\":[{\"field\":\"system.network.in.bytes\",\"id\":\"0c761592-1b92-11e7-bec4-a5e9ec5cab8b\",\"type\":\"max\"},{\"field\":\"0c761592-1b92-11e7-bec4-a5e9ec5cab8b\",\"id\":\"1d659060-1b92-11e7-bec4-a5e9ec5cab8b\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"1d659060-1b92-11e7-bec4-a5e9ec5cab8b\",\"id\":\"f2074f70-1b92-11e7-a416-41f5ccdba2e6\",\"type\":\"positive_only\",\"unit\":\"\"},{\"function\":\"sum\",\"id\":\"c40e18f0-2c55-11e7-a0ad-277ce466684d\",\"type\":\"series_agg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.network.name\",\"value_template\":\"{{value}}/s\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"37f70440-1b92-11e7-bec4-a5e9ec5cab8b\",\"label\":\"Total Transferred\",\"line_width\":1,\"metrics\":[{\"field\":\"system.network.in.bytes\",\"id\":\"37f72b50-1b92-11e7-bec4-a5e9ec5cab8b\",\"type\":\"max\"},{\"field\":\"37f72b50-1b92-11e7-bec4-a5e9ec5cab8b\",\"id\":\"37f72b51-1b92-11e7-bec4-a5e9ec5cab8b\",\"type\":\"derivative\",\"unit\":\"\"},{\"field\":\"37f72b51-1b92-11e7-bec4-a5e9ec5cab8b\",\"id\":\"f9da2dd0-1b92-11e7-a416-41f5ccdba2e6\",\"type\":\"positive_only\",\"unit\":\"\"},{\"field\":\"f9da2dd0-1b92-11e7-a416-41f5ccdba2e6\",\"function\":\"overall_sum\",\"id\":\"3e63c2f0-1b92-11e7-bec4-a5e9ec5cab8b\",\"sigma\":\"\",\"type\":\"series_agg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.network.name\",\"value_template\":\"{{value}}\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"metric\"},\"title\":\"Inbound Traffic [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "522ee670-1b92-11e7-bec4-a5e9ec5cab8b-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs.json new file mode 100644 index 0000000000000..4e68c3e1d5fb3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Number of processes [Metrics System] ECS", + "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Processes\",\"field\":\"process.pid\"},\"schema\":\"metric\",\"type\":\"cardinality\"}],\"listeners\":{},\"params\":{\"addLegend\":false,\"addTooltip\":true,\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":true},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":60,\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"type\":\"gauge\"},\"title\":\"Number of processes ECS\",\"type\":\"metric\"}" + }, + "id": "590a60f0-5d87-11e7-8884-1bb4c3b890e4-ecs", + "references": [ + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs.json new file mode 100644 index 0000000000000..8234df2802cde --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Sudo commands by user [Logs System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"user.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"group\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"setYExtents\":false,\"times\":[]},\"title\":\"Sudo commands by user ECS\",\"type\":\"histogram\"}" + }, + "id": "5c7af030-fa2a-11e6-bbd3-29c986c96e5a-ecs", + "references": [ + { + "id": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs.json new file mode 100644 index 0000000000000..bf4a9959da90e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "New users over time [Logs System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"user.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"group\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"legendPosition\":\"bottom\",\"mode\":\"stacked\",\"scale\":\"linear\",\"setYExtents\":false,\"times\":[]},\"title\":\"New users over time ECS\",\"type\":\"histogram\"}" + }, + "id": "5dd15c00-fa78-11e6-ae9b-81e5311e8cab-ecs", + "references": [ + { + "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs.json new file mode 100644 index 0000000000000..11220465bb3db --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Network Traffic (Packets) [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"listeners\":{},\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":{\"language\":\"lucene\",\"query\":\"-system.network.name:l*\"},\"id\":\"da1046f0-faa0-11e6-86b1-cd7735ff7e23\",\"index_pattern\":\"*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,156,224,1)\",\"fill\":\"1\",\"formatter\":\"0.[00]a\",\"id\":\"da1046f1-faa0-11e6-86b1-cd7735ff7e23\",\"label\":\"Inbound\",\"line_width\":\"0\",\"metrics\":[{\"field\":\"system.network.in.packets\",\"id\":\"da1046f2-faa0-11e6-86b1-cd7735ff7e23\",\"type\":\"max\"},{\"field\":\"da1046f2-faa0-11e6-86b1-cd7735ff7e23\",\"id\":\"f41f9280-faa0-11e6-86b1-cd7735ff7e23\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"field\":\"f41f9280-faa0-11e6-86b1-cd7735ff7e23\",\"id\":\"c0da3d80-1b93-11e7-8ada-3df93aab833e\",\"type\":\"positive_only\",\"unit\":\"\"},{\"function\":\"sum\",\"id\":\"ecaad010-2c2c-11e7-be71-3162da85303f\",\"type\":\"series_agg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.network.name\",\"value_template\":\"{{value}}/s\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(250,40,255,1)\",\"fill\":\"1\",\"formatter\":\"0.[00]a\",\"id\":\"fbbd5720-faa0-11e6-86b1-cd7735ff7e23\",\"label\":\"Outbound\",\"line_width\":\"0\",\"metrics\":[{\"field\":\"system.network.out.packets\",\"id\":\"fbbd7e30-faa0-11e6-86b1-cd7735ff7e23\",\"type\":\"max\"},{\"field\":\"fbbd7e30-faa0-11e6-86b1-cd7735ff7e23\",\"id\":\"fbbd7e31-faa0-11e6-86b1-cd7735ff7e23\",\"type\":\"derivative\",\"unit\":\"1s\"},{\"id\":\"17e597a0-faa1-11e6-86b1-cd7735ff7e23\",\"script\":\"params.rate != null \\u0026\\u0026 params.rate \\u003e 0 ? params.rate * -1 : null\",\"type\":\"calculation\",\"variables\":[{\"field\":\"fbbd7e31-faa0-11e6-86b1-cd7735ff7e23\",\"id\":\"1940bad0-faa1-11e6-86b1-cd7735ff7e23\",\"name\":\"rate\"}]},{\"function\":\"sum\",\"id\":\"fe5fbdc0-2c2c-11e7-be71-3162da85303f\",\"type\":\"series_agg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.network.name\",\"value_template\":\"{{value}}/s\"}],\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Mericbeat: Network Traffic (Packets) ECS\",\"type\":\"metrics\"}" + }, + "id": "6b7b9a40-faa1-11e6-86b1-cd7735ff7e23-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs.json new file mode 100644 index 0000000000000..6669b8bc91864 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\"}" + }, + "title": "SSH login attempts [Logs System] ECS", + "uiStateJSON": "{\"vis\":{\"colors\":{\"Accepted\":\"#3F6833\",\"Failed\":\"#F9934E\",\"Invalid\":\"#447EBC\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"system.auth.ssh.event\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"group\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"setYExtents\":false,\"times\":[]},\"title\":\"SSH login attempts ECS\",\"type\":\"histogram\"}" + }, + "id": "78b74f30-f9cd-11e6-8115-a7c18106d86a-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs.json new file mode 100644 index 0000000000000..8b54395df2771 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Hosts histogram by CPU usage [Metrics System] ECS", + "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0% - 5%\":\"rgb(247,252,245)\",\"10% - 15%\":\"rgb(116,196,118)\",\"15% - 20%\":\"rgb(35,139,69)\",\"5% - 10%\":\"rgb(199,233,192)\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"CPU usage\",\"field\":\"system.cpu.user.pct\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"customLabel\":\"Hosts\",\"field\":\"host.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":20},\"schema\":\"group\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"colorSchema\":\"Greens\",\"colorsNumber\":4,\"colorsRange\":[],\"enableHover\":false,\"invertColors\":false,\"legendPosition\":\"right\",\"percentageMode\":false,\"setColorRange\":false,\"times\":[],\"type\":\"heatmap\",\"valueAxes\":[{\"id\":\"ValueAxis-1\",\"labels\":{\"color\":\"#555\",\"rotate\":0,\"show\":false},\"scale\":{\"defaultYExtents\":false,\"type\":\"linear\"},\"show\":false,\"type\":\"value\"}]},\"title\":\"Hosts histogram by CPU usage [Metrics System] ECS\",\"type\":\"heatmap\"}" + }, + "id": "7cdb1330-4d1a-11e7-a196-69b9a7a020a9-ecs", + "references": [ + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs.json new file mode 100644 index 0000000000000..008d498c1caf4 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Disk used [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"logs-*\",\"default_timefield\":\"@timestamp\",\"filter\":\"\",\"gauge_color_rules\":[{\"gauge\":\"rgba(104,188,0,1)\",\"id\":\"51921d10-4d1d-11e7-b5f2-2b7c1895bf32\",\"operator\":\"gte\",\"value\":0},{\"gauge\":\"rgba(251,158,0,1)\",\"id\":\"f26de750-4d54-11e7-b5f2-2b7c1895bf32\",\"operator\":\"gte\",\"value\":0.7},{\"gauge\":\"rgba(211,49,21,1)\",\"id\":\"fa31d190-4d54-11e7-b5f2-2b7c1895bf32\",\"operator\":\"gte\",\"value\":0.85}],\"gauge_inner_width\":10,\"gauge_max\":\"1\",\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"4e4dc780-4d1d-11e7-b5f2-2b7c1895bf32\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"isModelInvalid\":false,\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"percent\",\"id\":\"4e4dee90-4d1d-11e7-b5f2-2b7c1895bf32\",\"label\":\"Disk used\",\"line_width\":1,\"metrics\":[{\"agg_with\":\"avg\",\"field\":\"system.fsstat.total_size.used\",\"id\":\"4e4dee91-4d1d-11e7-b5f2-2b7c1895bf32\",\"order\":\"desc\",\"order_by\":\"@timestamp\",\"size\":1,\"type\":\"top_hit\"},{\"agg_with\":\"avg\",\"field\":\"system.fsstat.total_size.total\",\"id\":\"57c96ee0-4d54-11e7-b5f2-2b7c1895bf32\",\"order\":\"desc\",\"order_by\":\"@timestamp\",\"size\":1,\"type\":\"top_hit\"},{\"id\":\"6304cca0-4d54-11e7-b5f2-2b7c1895bf32\",\"script\":\"params.used/params.total \",\"type\":\"math\",\"variables\":[{\"field\":\"4e4dee91-4d1d-11e7-b5f2-2b7c1895bf32\",\"id\":\"6da10430-4d54-11e7-b5f2-2b7c1895bf32\",\"name\":\"used\"},{\"field\":\"57c96ee0-4d54-11e7-b5f2-2b7c1895bf32\",\"id\":\"73b8c510-4d54-11e7-b5f2-2b7c1895bf32\",\"name\":\"total\"}]}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"time_range_mode\":\"entire_time_range\",\"type\":\"gauge\"},\"title\":\"Disk used [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "825fdb80-4d1d-11e7-b5f2-2b7c1895bf32-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs.json new file mode 100644 index 0000000000000..b6f1189fb1b40 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "CPU Usage Gauge [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":\"\",\"gauge_color_rules\":[{\"gauge\":\"rgba(104,188,0,1)\",\"id\":\"4ef2c3b0-1b91-11e7-bec4-a5e9ec5cab8b\",\"operator\":\"gte\",\"value\":0},{\"gauge\":\"rgba(254,146,0,1)\",\"id\":\"e6561ae0-1b91-11e7-bec4-a5e9ec5cab8b\",\"operator\":\"gte\",\"value\":0.7},{\"gauge\":\"rgba(211,49,21,1)\",\"id\":\"ec655040-1b91-11e7-bec4-a5e9ec5cab8b\",\"operator\":\"gte\",\"value\":0.85}],\"gauge_inner_width\":10,\"gauge_max\":\"1\",\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"4c9e2550-1b91-11e7-bec4-a5e9ec5cab8b\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"percent\",\"id\":\"4c9e2551-1b91-11e7-bec4-a5e9ec5cab8b\",\"label\":\"CPU Usage\",\"line_width\":1,\"metrics\":[{\"field\":\"system.cpu.user.pct\",\"id\":\"4c9e2552-1b91-11e7-bec4-a5e9ec5cab8b\",\"type\":\"avg\"},{\"field\":\"system.cpu.system.pct\",\"id\":\"225c2140-5fd7-11e7-a63a-a937b7c1a7e1\",\"type\":\"avg\"},{\"field\":\"system.cpu.cores\",\"id\":\"837a30c0-5fd7-11e7-a63a-a937b7c1a7e1\",\"type\":\"avg\"},{\"id\":\"587aa510-1b91-11e7-bec4-a5e9ec5cab8b\",\"script\":\"params.n \\u003e 0 ? (params.user+params.system)/params.n : null\",\"type\":\"calculation\",\"variables\":[{\"field\":\"4c9e2552-1b91-11e7-bec4-a5e9ec5cab8b\",\"id\":\"5a19af10-1b91-11e7-bec4-a5e9ec5cab8b\",\"name\":\"user\"},{\"field\":\"225c2140-5fd7-11e7-a63a-a937b7c1a7e1\",\"id\":\"32b54f80-5fd7-11e7-a63a-a937b7c1a7e1\",\"name\":\"system\"},{\"field\":\"837a30c0-5fd7-11e7-a63a-a937b7c1a7e1\",\"id\":\"8ba6eef0-5fd7-11e7-a63a-a937b7c1a7e1\",\"name\":\"n\"}]}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"gauge\"},\"title\":\"CPU Usage Gauge [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "83e12df0-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/855899e0-1b1c-11e7-b09e-037021c4f8df-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/855899e0-1b1c-11e7-b09e-037021c4f8df-ecs.json new file mode 100644 index 0000000000000..2c627f92901a9 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/855899e0-1b1c-11e7-b09e-037021c4f8df-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Top Hosts By CPU (Realtime) [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"bar_color_rules\":[{\"bar_color\":\"rgba(104,188,0,1)\",\"id\":\"33349dd0-1b1c-11e7-b09e-037021c4f8df\",\"operator\":\"gte\",\"value\":0},{\"bar_color\":\"rgba(254,146,0,1)\",\"id\":\"997dc440-1b1c-11e7-b09e-037021c4f8df\",\"operator\":\"gte\",\"value\":0.6},{\"bar_color\":\"rgba(211,49,21,1)\",\"id\":\"a10d7f20-1b1c-11e7-b09e-037021c4f8df\",\"operator\":\"gte\",\"value\":0.85}],\"drilldown_url\":\"../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs?_a=(query:(language:kuery,query:'host.name:\\\"{{key}}\\\"'))\",\"filter\":\"\",\"id\":\"31e5afa0-1b1c-11e7-b09e-037021c4f8df\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"percent\",\"id\":\"31e5afa1-1b1c-11e7-b09e-037021c4f8df\",\"line_width\":1,\"metrics\":[{\"field\":\"system.cpu.user.pct\",\"id\":\"31e5afa2-1b1c-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"host.name\",\"terms_order_by\":\"31e5afa2-1b1c-11e7-b09e-037021c4f8df\",\"terms_size\":\"10\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"top_n\"},\"title\":\"Top Hosts By CPU (Realtime) [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "855899e0-1b1c-11e7-b09e-037021c4f8df-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/8c071e20-f999-11e9-90e8-1fb18e796788.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/8c071e20-f999-11e9-90e8-1fb18e796788.json new file mode 100644 index 0000000000000..57160184b7c89 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/8c071e20-f999-11e9-90e8-1fb18e796788.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Top Services By Memory Usage [Metrics System]", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"bar_color_rules\":[{\"id\":\"5af08c50-f998-11e9-ac67-272468589910\"}],\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"\",\"interval\":\"\",\"isModelInvalid\":false,\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"line_width\":1,\"metrics\":[{\"field\":\"system.service.resources.memory.usage.bytes\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":1,\"separate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.service.name\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"\",\"type\":\"top_n\"},\"title\":\"Top Services By Memory Usage [Metrics System]\",\"type\":\"metrics\"}" + }, + "id": "8c071e20-f999-11e9-90e8-1fb18e796788", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/96976150-4d5d-11e7-aa29-87a97a796de6-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/96976150-4d5d-11e7-aa29-87a97a796de6-ecs.json new file mode 100644 index 0000000000000..1e57a8ba2d0ea --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/96976150-4d5d-11e7-aa29-87a97a796de6-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Packetloss [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"background_color_rules\":[{\"id\":\"6ba9b1f0-4d5d-11e7-aa29-87a97a796de6\"}],\"id\":\"6984af10-4d5d-11e7-aa29-87a97a796de6\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"6984af11-4d5d-11e7-aa29-87a97a796de6\",\"label\":\"In Packetloss\",\"line_width\":1,\"metrics\":[{\"field\":\"system.network.in.dropped\",\"id\":\"6984af12-4d5d-11e7-aa29-87a97a796de6\",\"type\":\"max\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"number\",\"id\":\"ac2e6b30-4d5d-11e7-aa29-87a97a796de6\",\"label\":\"Out Packetloss\",\"line_width\":1,\"metrics\":[{\"field\":\"system.network.out.dropped\",\"id\":\"ac2e6b31-4d5d-11e7-aa29-87a97a796de6\",\"type\":\"max\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"metric\"},\"title\":\"Packetloss [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "96976150-4d5d-11e7-aa29-87a97a796de6-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs.json new file mode 100644 index 0000000000000..ef3010d1e74c1 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Interfaces by Incoming traffic [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"bar_color_rules\":[{\"id\":\"44596d40-4d60-11e7-9a4c-ed99bbcaa42b\"}],\"id\":\"42ceae90-4d60-11e7-9a4c-ed99bbcaa42b\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"42ced5a0-4d60-11e7-9a4c-ed99bbcaa42b\",\"label\":\"Interfaces by Incoming traffic\",\"line_width\":1,\"metrics\":[{\"field\":\"system.network.in.bytes\",\"id\":\"42ced5a1-4d60-11e7-9a4c-ed99bbcaa42b\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.network.name\",\"terms_order_by\":\"42ced5a1-4d60-11e7-9a4c-ed99bbcaa42b\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"top_n\"},\"title\":\"Interfaces by Incoming traffic [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "99381c80-4d60-11e7-9a4c-ed99bbcaa42b-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/9c69cad0-f9b0-11e9-90e8-1fb18e796788.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/9c69cad0-f9b0-11e9-90e8-1fb18e796788.json new file mode 100644 index 0000000000000..2c5ca0866ef03 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/9c69cad0-f9b0-11e9-90e8-1fb18e796788.json @@ -0,0 +1,26 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[{\"$state\":{\"store\":\"appState\"},\"meta\":{\"alias\":null,\"disabled\":false,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index\",\"key\":\"metricset.name\",\"negate\":false,\"params\":{\"query\":\"service\"},\"type\":\"phrase\",\"value\":\"service\"},\"query\":{\"match\":{\"metricset.name\":{\"query\":\"service\",\"type\":\"phrase\"}}}}],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Return Codes Of Exited Services [Metrics System]", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Return Codes Of Exited Services [Metrics Services]\"},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"process.exit_code\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"dimensions\":{\"buckets\":[{\"accessor\":0,\"aggType\":\"terms\",\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"number\",\"missingBucketLabel\":\"Missing\",\"otherBucketLabel\":\"Other\"}},\"params\":{}}],\"metric\":{\"accessor\":1,\"aggType\":\"count\",\"format\":{\"id\":\"number\"},\"params\":{}}},\"isDonut\":true,\"labels\":{\"last_level\":true,\"show\":false,\"truncate\":100,\"values\":true},\"legendPosition\":\"right\",\"type\":\"pie\"},\"title\":\"Return Codes Of Exited Services [Metrics System]\",\"type\":\"pie\"}" + }, + "id": "9c69cad0-f9b0-11e9-90e8-1fb18e796788", + "references": [ + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + }, + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.filter[0].meta.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Container-Block-IO-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Container-Block-IO-ecs.json new file mode 100644 index 0000000000000..beb7930492798 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Container-Block-IO-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Container Block IO [Metrics System] ECS", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Total\",\"field\":\"system.process.cgroup.blkio.total.bytes\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"I/O\",\"field\":\"system.process.cgroup.blkio.total.ios\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"customLabel\":\"Container ID\",\"field\":\"system.process.cgroup.id\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"4\",\"params\":{\"customLabel\":\"Process name\",\"field\":\"process.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"}],\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"Container Block IO [Metrics System] ECS\",\"type\":\"table\"}" + }, + "id": "Container-Block-IO-ecs", + "references": [ + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Container-CPU-usage-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Container-CPU-usage-ecs.json new file mode 100644 index 0000000000000..c9faaf9de37a0 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Container-CPU-usage-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Container CPU usage [Metrics System] ECS", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"CPU user\",\"field\":\"system.process.cgroup.cpuacct.stats.user.ns\"},\"schema\":\"metric\",\"type\":\"max\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"CPU quota\",\"field\":\"system.process.cgroup.cpu.cfs.quota.us\"},\"schema\":\"metric\",\"type\":\"max\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"customLabel\":\"Container ID\",\"field\":\"system.process.cgroup.id\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"4\",\"params\":{\"customLabel\":\"CPU throttling\",\"field\":\"system.process.cgroup.cpu.stats.throttled.ns\"},\"schema\":\"metric\",\"type\":\"max\"},{\"enabled\":true,\"id\":\"5\",\"params\":{\"customLabel\":\"CPU kernel\",\"field\":\"system.process.cgroup.cpuacct.stats.system.ns\"},\"schema\":\"metric\",\"type\":\"max\"},{\"enabled\":true,\"id\":\"6\",\"params\":{\"customLabel\":\"Process name\",\"field\":\"process.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"}],\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"Container CPU usage [Metrics System] ECS\",\"type\":\"table\"}" + }, + "id": "Container-CPU-usage-ecs", + "references": [ + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Container-Memory-stats-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Container-Memory-stats-ecs.json new file mode 100644 index 0000000000000..0c4d3137a81f1 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Container-Memory-stats-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Container Memory stats [Metrics System] ECS", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"13\",\"params\":{\"customLabel\":\"Usage\",\"field\":\"system.process.cgroup.memory.mem.usage.bytes\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"14\",\"params\":{\"customLabel\":\"Max usage\",\"field\":\"system.process.cgroup.memory.mem.usage.max.bytes\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Page faults\",\"field\":\"system.process.cgroup.memory.stats.page_faults\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"Pages in memory\",\"field\":\"system.process.cgroup.memory.stats.pages_in\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"customLabel\":\"Pages out of memory\",\"field\":\"system.process.cgroup.memory.stats.pages_out\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"4\",\"params\":{\"customLabel\":\"Container ID\",\"field\":\"system.process.cgroup.id\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":50},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"5\",\"params\":{\"customLabel\":\"Inactive files\",\"field\":\"system.process.cgroup.memory.stats.inactive_file.bytes\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"6\",\"params\":{\"customLabel\":\"# Major page faults\",\"field\":\"system.process.cgroup.memory.stats.major_page_faults\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"8\",\"params\":{\"customLabel\":\"Process name\",\"field\":\"process.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"12\",\"params\":{\"customLabel\":\"Failures\",\"field\":\"system.process.cgroup.memory.mem.failures\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"10\",\"params\":{\"customLabel\":\"TCP buffers\",\"field\":\"system.process.cgroup.memory.kmem_tcp.usage.bytes\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"11\",\"params\":{\"customLabel\":\"Huge pages\",\"field\":\"system.process.cgroup.memory.stats.rss_huge.bytes\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"7\",\"params\":{\"customLabel\":\"Swap caches\",\"field\":\"system.process.cgroup.memory.stats.rss.bytes\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"15\",\"params\":{\"customLabel\":\"Swap usage\",\"field\":\"system.process.cgroup.memory.stats.swap.bytes\"},\"schema\":\"metric\",\"type\":\"avg\"},{\"enabled\":true,\"id\":\"16\",\"params\":{\"customLabel\":\"Block I/O\",\"field\":\"system.process.cgroup.blkio.total.ios\"},\"schema\":\"metric\",\"type\":\"avg\"}],\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"Container Memory stats [Metrics System] ECS\",\"type\":\"table\"}" + }, + "id": "Container-Memory-stats-ecs", + "references": [ + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Syslog-events-by-hostname-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Syslog-events-by-hostname-ecs.json new file mode 100644 index 0000000000000..f57b8417fc12f --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Syslog-events-by-hostname-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Syslog events by hostname [Logs System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"host.hostname\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"group\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"setYExtents\":false,\"shareYAxis\":true,\"times\":[],\"yAxis\":{}},\"title\":\"Syslog events by hostname ECS\",\"type\":\"histogram\"}" + }, + "id": "Syslog-events-by-hostname-ecs", + "references": [ + { + "id": "Syslog-system-logs-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Syslog-hostnames-and-processes-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Syslog-hostnames-and-processes-ecs.json new file mode 100644 index 0000000000000..3d426129f045e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/Syslog-hostnames-and-processes-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Syslog hostnames and processes [Logs System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"host.hostname\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"process.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":true,\"legendPosition\":\"bottom\",\"shareYAxis\":true},\"title\":\"Syslog hostnames and processes ECS\",\"type\":\"pie\"}" + }, + "id": "Syslog-hostnames-and-processes-ecs", + "references": [ + { + "id": "Syslog-system-logs-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/System-Navigation-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/System-Navigation-ecs.json new file mode 100644 index 0000000000000..e140a3707fabf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/System-Navigation-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "System Navigation [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"fontSize\":12,\"markdown\":\"[System Overview](#/dashboard/Metrics-system-overview-ecs) | [Host Overview](#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs) |\\n[Containers overview](#/dashboard/CPU-slash-Memory-per-container-ecs)\"},\"title\":\"System Navigation [Metrics System] ECS\",\"type\":\"markdown\"}" + }, + "id": "System-Navigation-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/a30871f0-f98f-11e9-90e8-1fb18e796788.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/a30871f0-f98f-11e9-90e8-1fb18e796788.json new file mode 100644 index 0000000000000..2d2029b8133cf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/a30871f0-f98f-11e9-90e8-1fb18e796788.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Running Services [Metrics System]", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Running Services [Metrics Services]\",\"field\":\"system.service.name\"},\"schema\":\"metric\",\"type\":\"cardinality\"}],\"params\":{\"addLegend\":false,\"addTooltip\":true,\"dimensions\":{\"metrics\":[{\"accessor\":0,\"format\":{\"id\":\"number\",\"params\":{}},\"type\":\"vis_dimension\"}]},\"metric\":{\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":10000,\"type\":\"range\"}],\"invertColors\":false,\"labels\":{\"show\":true},\"metricColorMode\":\"None\",\"percentageMode\":false,\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":60,\"labelColor\":false,\"subText\":\"\"},\"useRanges\":false},\"type\":\"metric\"},\"title\":\"Running Services [Metrics System]\",\"type\":\"metric\"}" + }, + "id": "a30871f0-f98f-11e9-90e8-1fb18e796788", + "references": [ + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs.json new file mode 100644 index 0000000000000..ec3061459c197 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "CPU Usage [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"80a04950-1b19-11e7-b09e-037021c4f8df\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":\"1\",\"formatter\":\"percent\",\"id\":\"80a04951-1b19-11e7-b09e-037021c4f8df\",\"label\":\"user\",\"line_width\":1,\"metrics\":[{\"field\":\"system.cpu.user.pct\",\"id\":\"80a04952-1b19-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"stacked\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(211,49,21,1)\",\"fill\":\"1\",\"formatter\":\"percent\",\"id\":\"993acf30-1b19-11e7-b09e-037021c4f8df\",\"label\":\"system\",\"line_width\":1,\"metrics\":[{\"field\":\"system.cpu.system.pct\",\"id\":\"993acf31-1b19-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"stacked\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(123,100,255,1)\",\"fill\":\"1\",\"formatter\":\"percent\",\"id\":\"65ca35e0-1b1a-11e7-b09e-037021c4f8df\",\"label\":\"nice\",\"line_width\":1,\"metrics\":[{\"field\":\"system.cpu.nice.pct\",\"id\":\"65ca5cf0-1b1a-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"stacked\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(226,115,0,1)\",\"fill\":\"1\",\"formatter\":\"percent\",\"id\":\"741b5f20-1b1a-11e7-b09e-037021c4f8df\",\"label\":\"irq\",\"line_width\":1,\"metrics\":[{\"field\":\"system.cpu.irq.pct\",\"id\":\"741b5f21-1b1a-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"stacked\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(176,188,0,1)\",\"fill\":\"1\",\"formatter\":\"percent\",\"id\":\"2efc5d40-1b1a-11e7-b09e-037021c4f8df\",\"label\":\"softirq\",\"line_width\":1,\"metrics\":[{\"field\":\"system.cpu.softirq.pct\",\"id\":\"2efc5d41-1b1a-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"stacked\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(15,20,25,1)\",\"fill\":\"1\",\"formatter\":\"percent\",\"id\":\"ae644a30-1b19-11e7-b09e-037021c4f8df\",\"label\":\"iowait\",\"line_width\":1,\"metrics\":[{\"field\":\"system.cpu.iowait.pct\",\"id\":\"ae644a31-1b19-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"stacked\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"CPU Usage [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "ab2d1e90-1b1a-11e7-b09e-037021c4f8df-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/bb3a8720-f991-11e9-90e8-1fb18e796788.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/bb3a8720-f991-11e9-90e8-1fb18e796788.json new file mode 100644 index 0000000000000..05fc707a332c6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/bb3a8720-f991-11e9-90e8-1fb18e796788.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Service States [Metrics System]", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Service States [Metrics Services]\"},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"system.service.state\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"dimensions\":{\"buckets\":[{\"accessor\":0,\"aggType\":\"terms\",\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"missingBucketLabel\":\"Missing\",\"otherBucketLabel\":\"Other\"}},\"params\":{}}],\"metric\":{\"accessor\":1,\"aggType\":\"count\",\"format\":{\"id\":\"number\"},\"params\":{}}},\"isDonut\":true,\"labels\":{\"last_level\":true,\"show\":false,\"truncate\":100,\"values\":true},\"legendPosition\":\"right\",\"type\":\"pie\"},\"title\":\"Service States [Metrics System]\",\"type\":\"pie\"}" + }, + "id": "bb3a8720-f991-11e9-90e8-1fb18e796788", + "references": [ + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs.json new file mode 100644 index 0000000000000..a08f3df019155 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Memory Usage [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"id\":\"32f46f40-1b16-11e7-b09e-037021c4f8df\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(211,49,21,1)\",\"fill\":\"1\",\"formatter\":\"bytes\",\"id\":\"4ff61fd0-1b16-11e7-b09e-037021c4f8df\",\"label\":\"Used\",\"line_width\":1,\"metrics\":[{\"field\":\"system.memory.actual.used.bytes\",\"id\":\"4ff61fd1-1b16-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"stacked\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(0,156,224,1)\",\"fill\":\"1\",\"formatter\":\"bytes\",\"id\":\"753a6080-1b16-11e7-b09e-037021c4f8df\",\"label\":\"Cache\",\"line_width\":1,\"metrics\":[{\"field\":\"system.memory.actual.used.bytes\",\"id\":\"753a6081-1b16-11e7-b09e-037021c4f8df\",\"type\":\"avg\"},{\"field\":\"system.memory.used.bytes\",\"id\":\"7c9d3f00-1b16-11e7-b09e-037021c4f8df\",\"type\":\"avg\"},{\"id\":\"869cc160-1b16-11e7-b09e-037021c4f8df\",\"script\":\"params.actual != null \\u0026\\u0026 params.used != null ? params.used - params.actual : null\",\"type\":\"calculation\",\"variables\":[{\"field\":\"753a6081-1b16-11e7-b09e-037021c4f8df\",\"id\":\"890f9620-1b16-11e7-b09e-037021c4f8df\",\"name\":\"actual\"},{\"field\":\"7c9d3f00-1b16-11e7-b09e-037021c4f8df\",\"id\":\"8f3ab7f0-1b16-11e7-b09e-037021c4f8df\",\"name\":\"used\"}]}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"stacked\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":\"1\",\"formatter\":\"bytes\",\"id\":\"32f46f41-1b16-11e7-b09e-037021c4f8df\",\"label\":\"Free\",\"line_width\":1,\"metrics\":[{\"field\":\"system.memory.free\",\"id\":\"32f46f42-1b16-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":\"0\",\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"stacked\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"timeseries\"},\"title\":\"Memory Usage [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "bfa5e400-1b16-11e7-b09e-037021c4f8df-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs.json new file mode 100644 index 0000000000000..64bb3f0e590af --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Interfaces by Outgoing traffic [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"bar_color_rules\":[{\"id\":\"9db20be0-4d60-11e7-9a4c-ed99bbcaa42b\"}],\"id\":\"9cdba910-4d60-11e7-9a4c-ed99bbcaa42b\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"9cdba911-4d60-11e7-9a4c-ed99bbcaa42b\",\"label\":\"Interfaces by Outgoing traffic\",\"line_width\":1,\"metrics\":[{\"field\":\"system.network.out.bytes\",\"id\":\"9cdba912-4d60-11e7-9a4c-ed99bbcaa42b\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.network.name\",\"terms_order_by\":\"9cdba912-4d60-11e7-9a4c-ed99bbcaa42b\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"top_n\"},\"title\":\"Interfaces by Outgoing traffic [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "c5e3cf90-4d60-11e7-9a4c-ed99bbcaa42b-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs.json new file mode 100644 index 0000000000000..3d21d34450f8c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Number of hosts [Metrics System] ECS", + "uiStateJSON": "{\"vis\":{\"defaultColors\":{\"0 - 100\":\"rgb(0,104,55)\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Number of hosts\",\"field\":\"host.name\"},\"schema\":\"metric\",\"type\":\"cardinality\"}],\"params\":{\"addLegend\":false,\"addTooltip\":true,\"gauge\":{\"autoExtend\":false,\"backStyle\":\"Full\",\"colorSchema\":\"Green to Red\",\"colorsRange\":[{\"from\":0,\"to\":100}],\"gaugeColorMode\":\"None\",\"gaugeStyle\":\"Full\",\"gaugeType\":\"Metric\",\"invertColors\":false,\"labels\":{\"color\":\"black\",\"show\":false},\"orientation\":\"vertical\",\"percentageMode\":false,\"scale\":{\"color\":\"#333\",\"labels\":false,\"show\":false,\"width\":2},\"style\":{\"bgColor\":false,\"bgFill\":\"#000\",\"fontSize\":\"63\",\"labelColor\":false,\"subText\":\"\"},\"type\":\"simple\",\"useRange\":false,\"verticalSplit\":false},\"type\":\"gauge\"},\"title\":\"Number of hosts [Metrics System] ECS\",\"type\":\"metric\"}" + }, + "id": "c6f2ffd0-4d17-11e7-a196-69b9a7a020a9-ecs", + "references": [ + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs.json new file mode 100644 index 0000000000000..520cb07a5afbd --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"highlightAll\":true,\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"system.auth.ssh.event:Accepted\"}}" + }, + "title": "Successful SSH logins [Logs System] ECS", + "uiStateJSON": "{\"vis\":{\"colors\":{\"Accepted\":\"#3F6833\",\"Failed\":\"#F9934E\",\"Invalid\":\"#447EBC\",\"password\":\"#BF1B00\",\"publickey\":\"#629E51\"}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"extended_bounds\":{},\"field\":\"@timestamp\",\"interval\":\"auto\",\"min_doc_count\":1},\"schema\":\"segment\",\"type\":\"date_histogram\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"system.auth.ssh.method\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"group\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTimeMarker\":false,\"addTooltip\":true,\"defaultYExtents\":false,\"legendPosition\":\"right\",\"mode\":\"stacked\",\"scale\":\"linear\",\"setYExtents\":false,\"times\":[]},\"title\":\"Successful SSH logins ECS\",\"type\":\"histogram\"}" + }, + "id": "d16bb400-f9cc-11e6-8115-a7c18106d86a-ecs", + "references": [ + { + "id": "logs-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs.json new file mode 100644 index 0000000000000..abb1a523230f6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Memory usage vs total [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"listeners\":{},\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"background_color_rules\":[{\"id\":\"6f7618b0-4d5c-11e7-aa29-87a97a796de6\"}],\"id\":\"6bc65720-4d5c-11e7-aa29-87a97a796de6\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"6bc65721-4d5c-11e7-aa29-87a97a796de6\",\"label\":\"Memory usage\",\"line_width\":1,\"metrics\":[{\"field\":\"system.memory.actual.used.bytes\",\"id\":\"6bc65722-4d5c-11e7-aa29-87a97a796de6\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"},{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"bytes\",\"id\":\"b8fe6820-4d5c-11e7-aa29-87a97a796de6\",\"label\":\"Total Memory\",\"line_width\":1,\"metrics\":[{\"field\":\"system.memory.total\",\"id\":\"b8fe6821-4d5c-11e7-aa29-87a97a796de6\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"metric\"},\"title\":\"Memory usage vs total ECS\",\"type\":\"metrics\"}" + }, + "id": "d2e80340-4d5c-11e7-aa29-87a97a796de6-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs.json new file mode 100644 index 0000000000000..275aa75674bf2 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Memory Usage Gauge [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"filter\":\"\",\"gauge_color_rules\":[{\"gauge\":\"rgba(104,188,0,1)\",\"id\":\"a0d522e0-1b91-11e7-bec4-a5e9ec5cab8b\",\"operator\":\"gte\",\"value\":0},{\"gauge\":\"rgba(254,146,0,1)\",\"id\":\"b45ad8f0-1b91-11e7-bec4-a5e9ec5cab8b\",\"operator\":\"gte\",\"value\":0.7},{\"gauge\":\"rgba(211,49,21,1)\",\"id\":\"c06e9550-1b91-11e7-bec4-a5e9ec5cab8b\",\"operator\":\"gte\",\"value\":0.85}],\"gauge_inner_width\":10,\"gauge_max\":\"1\",\"gauge_style\":\"half\",\"gauge_width\":10,\"id\":\"9f51b730-1b91-11e7-bec4-a5e9ec5cab8b\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"percent\",\"id\":\"9f51b731-1b91-11e7-bec4-a5e9ec5cab8b\",\"label\":\"Memory Usage\",\"line_width\":1,\"metrics\":[{\"field\":\"system.memory.actual.used.pct\",\"id\":\"9f51b732-1b91-11e7-bec4-a5e9ec5cab8b\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"everything\",\"stacked\":\"none\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"gauge\"},\"title\":\"Memory Usage Gauge [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "d3166e80-1b91-11e7-bec4-a5e9ec5cab8b-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d3f51850-f9b6-11e9-90e8-1fb18e796788.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d3f51850-f9b6-11e9-90e8-1fb18e796788.json new file mode 100644 index 0000000000000..f8621f5850a43 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d3f51850-f9b6-11e9-90e8-1fb18e796788.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Service Memory Use Over Time [Metrics System]", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"axis_scale\":\"normal\",\"default_index_pattern\":\"metrics-*\",\"default_timefield\":\"@timestamp\",\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"index_pattern\":\"\",\"interval\":\"\",\"isModelInvalid\":false,\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"rgba(244,78,59,1)\",\"fill\":\"0\",\"formatter\":\"bytes\",\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"label\":\"\",\"line_width\":1,\"metrics\":[{\"field\":\"system.service.resources.memory.usage.bytes\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"avg\"}],\"point_size\":1,\"separate_axis\":0,\"split_color_mode\":\"rainbow\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"system.service.name\",\"terms_order_by\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"terms_size\":\"5\",\"type\":\"timeseries\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"\",\"type\":\"timeseries\"},\"title\":\"Service Memory Use Over Time [Metrics System]\",\"type\":\"metrics\"}" + }, + "id": "d3f51850-f9b6-11e9-90e8-1fb18e796788", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs.json new file mode 100644 index 0000000000000..5597f58994424 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "New users by home directory [Logs System] ECS", + "uiStateJSON": "{\"vis\":{\"colors\":{\"/bin/bash\":\"#E24D42\",\"/bin/false\":\"#508642\",\"/nonexistent\":\"#629E51\",\"/sbin/nologin\":\"#7EB26D\"},\"legendOpen\":true}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"system.auth.useradd.home\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"user.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":false,\"legendPosition\":\"right\"},\"title\":\"New users by home directory ECS\",\"type\":\"pie\"}" + }, + "id": "d56ee420-fa79-11e6-a1df-a78bd7504d38-ecs", + "references": [ + { + "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs.json new file mode 100644 index 0000000000000..cdb2747399c8e --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "Top sudo commands [Logs System] ECS", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"system.auth.sudo.command\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"user.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"Top sudo commands ECS\",\"type\":\"table\"}" + }, + "id": "dc589770-fa2b-11e6-bbd3-29c986c96e5a-ecs", + "references": [ + { + "id": "b6f321e0-fa25-11e6-bbd3-29c986c96e5a-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs.json new file mode 100644 index 0000000000000..e830011f93834 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Top Processes By CPU [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"bar_color_rules\":[{\"bar_color\":\"rgba(104,188,0,1)\",\"id\":\"60e11be0-1b18-11e7-b09e-037021c4f8df\",\"operator\":\"gte\",\"value\":0}],\"drilldown_url\":\"\",\"filter\":\"\",\"id\":\"5f5b8d50-1b18-11e7-b09e-037021c4f8df\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"percent\",\"id\":\"5f5b8d51-1b18-11e7-b09e-037021c4f8df\",\"line_width\":1,\"metrics\":[{\"field\":\"system.process.cpu.total.pct\",\"id\":\"5f5b8d52-1b18-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"process.name\",\"terms_order_by\":\"5f5b8d52-1b18-11e7-b09e-037021c4f8df\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"top_n\"},\"title\":\"Top Processes By CPU [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "e0f001c0-1b18-11e7-b09e-037021c4f8df-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/e121b140-fa78-11e6-a1df-a78bd7504d38-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/e121b140-fa78-11e6-a1df-a78bd7504d38-ecs.json new file mode 100644 index 0000000000000..7495ac546129d --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/e121b140-fa78-11e6-a1df-a78bd7504d38-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "New users by shell [Logs System] ECS", + "uiStateJSON": "{\"vis\":{\"colors\":{\"/bin/bash\":\"#E24D42\",\"/bin/false\":\"#508642\",\"/sbin/nologin\":\"#7EB26D\"},\"legendOpen\":true}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"system.auth.useradd.shell\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"field\":\"user.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"addLegend\":true,\"addTooltip\":true,\"isDonut\":false,\"legendPosition\":\"right\"},\"title\":\"New users by shell ECS\",\"type\":\"pie\"}" + }, + "id": "e121b140-fa78-11e6-a1df-a78bd7504d38-ecs", + "references": [ + { + "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/e6e639e0-f992-11e9-90e8-1fb18e796788.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/e6e639e0-f992-11e9-90e8-1fb18e796788.json new file mode 100644 index 0000000000000..45f8d0b295388 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/e6e639e0-f992-11e9-90e8-1fb18e796788.json @@ -0,0 +1,21 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"indexRefName\":\"kibanaSavedObjectMeta.searchSourceJSON.index\",\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Service Sub-State [Metrics System]", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{\"customLabel\":\"Service Sub-State [Metrics Services]\"},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"field\":\"system.service.sub_state\",\"missingBucket\":false,\"missingBucketLabel\":\"Missing\",\"order\":\"desc\",\"orderBy\":\"1\",\"otherBucket\":false,\"otherBucketLabel\":\"Other\",\"size\":5},\"schema\":\"segment\",\"type\":\"terms\"}],\"params\":{\"addLegend\":true,\"addTooltip\":true,\"dimensions\":{\"buckets\":[{\"accessor\":0,\"aggType\":\"terms\",\"format\":{\"id\":\"terms\",\"params\":{\"id\":\"string\",\"missingBucketLabel\":\"Missing\",\"otherBucketLabel\":\"Other\"}},\"params\":{}}],\"metric\":{\"accessor\":1,\"aggType\":\"count\",\"format\":{\"id\":\"number\"},\"params\":{}}},\"isDonut\":true,\"labels\":{\"last_level\":true,\"show\":false,\"truncate\":100,\"values\":true},\"legendPosition\":\"right\",\"type\":\"pie\"},\"title\":\"Service Sub-State [Metrics System]\",\"type\":\"pie\"}" + }, + "id": "e6e639e0-f992-11e9-90e8-1fb18e796788", + "references": [ + { + "id": "metrics-*", + "name": "kibanaSavedObjectMeta.searchSourceJSON.index", + "type": "index-pattern" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs.json new file mode 100644 index 0000000000000..7af9300ba48e3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs.json @@ -0,0 +1,22 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[]}" + }, + "savedSearchRefName": "search_0", + "title": "New users [Logs System] ECS", + "uiStateJSON": "{\"vis\":{\"params\":{\"sort\":{\"columnIndex\":null,\"direction\":null}}}}", + "version": 1, + "visState": "{\"aggs\":[{\"enabled\":true,\"id\":\"1\",\"params\":{},\"schema\":\"metric\",\"type\":\"count\"},{\"enabled\":true,\"id\":\"2\",\"params\":{\"customLabel\":\"Host\",\"field\":\"host.hostname\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"3\",\"params\":{\"customLabel\":\"User\",\"field\":\"user.name\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"4\",\"params\":{\"customLabel\":\"UID\",\"field\":\"user.id\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"5\",\"params\":{\"customLabel\":\"GID\",\"field\":\"group.id\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"6\",\"params\":{\"customLabel\":\"Home\",\"field\":\"system.auth.useradd.home\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"},{\"enabled\":true,\"id\":\"7\",\"params\":{\"customLabel\":\"Shell\",\"field\":\"system.auth.useradd.shell\",\"order\":\"desc\",\"orderBy\":\"1\",\"size\":5},\"schema\":\"bucket\",\"type\":\"terms\"}],\"listeners\":{},\"params\":{\"perPage\":10,\"showMeticsAtAllLevels\":false,\"showPartialRows\":false,\"showTotal\":false,\"sort\":{\"columnIndex\":null,\"direction\":null},\"totalFunc\":\"sum\"},\"title\":\"New users ECS\",\"type\":\"table\"}" + }, + "id": "f398d2f0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "references": [ + { + "id": "8030c1b0-fa77-11e6-ae9b-81e5311e8cab-ecs", + "name": "search_0", + "type": "search" + } + ], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs.json b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs.json new file mode 100644 index 0000000000000..ae4834208216d --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/kibana/visualization/fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs.json @@ -0,0 +1,15 @@ +{ + "attributes": { + "description": "", + "kibanaSavedObjectMeta": { + "searchSourceJSON": "{\"filter\":[],\"query\":{\"language\":\"kuery\",\"query\":\"\"}}" + }, + "title": "Top Hosts By Memory (Realtime) [Metrics System] ECS", + "uiStateJSON": "{}", + "version": 1, + "visState": "{\"aggs\":[],\"params\":{\"axis_formatter\":\"number\",\"axis_position\":\"left\",\"bar_color_rules\":[{\"bar_color\":\"rgba(104,188,0,1)\",\"id\":\"33349dd0-1b1c-11e7-b09e-037021c4f8df\",\"operator\":\"gte\",\"value\":0},{\"bar_color\":\"rgba(254,146,0,1)\",\"id\":\"997dc440-1b1c-11e7-b09e-037021c4f8df\",\"operator\":\"gte\",\"value\":0.6},{\"bar_color\":\"rgba(211,49,21,1)\",\"id\":\"a10d7f20-1b1c-11e7-b09e-037021c4f8df\",\"operator\":\"gte\",\"value\":0.85}],\"drilldown_url\":\"../app/kibana#/dashboard/79ffd6e0-faa0-11e6-947f-177f697178b8-ecs?_a=(query:(language:kuery,query:'host.name:\\\"{{key}}\\\"'))\",\"filter\":\"\",\"id\":\"31e5afa0-1b1c-11e7-b09e-037021c4f8df\",\"index_pattern\":\"metrics-*\",\"interval\":\"auto\",\"series\":[{\"axis_position\":\"right\",\"chart_type\":\"line\",\"color\":\"#68BC00\",\"fill\":0.5,\"formatter\":\"percent\",\"id\":\"31e5afa1-1b1c-11e7-b09e-037021c4f8df\",\"line_width\":1,\"metrics\":[{\"field\":\"system.memory.actual.used.pct\",\"id\":\"31e5afa2-1b1c-11e7-b09e-037021c4f8df\",\"type\":\"avg\"}],\"point_size\":1,\"seperate_axis\":0,\"split_color_mode\":\"gradient\",\"split_mode\":\"terms\",\"stacked\":\"none\",\"terms_field\":\"host.name\",\"terms_order_by\":\"31e5afa2-1b1c-11e7-b09e-037021c4f8df\",\"terms_size\":\"10\"}],\"show_grid\":1,\"show_legend\":1,\"time_field\":\"@timestamp\",\"type\":\"top_n\"},\"title\":\"Top Hosts By Memory (Realtime) [Metrics System] ECS\",\"type\":\"metrics\"}" + }, + "id": "fe064790-1b1f-11e7-bec4-a5e9ec5cab8b-ecs", + "references": [], + "type": "visualization" +} \ No newline at end of file diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/manifest.yml new file mode 100644 index 0000000000000..4073974439a60 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/system/0.1.0/manifest.yml @@ -0,0 +1,43 @@ +format_version: 1.0.0 +name: system +title: System +version: 0.1.0 +license: basic +description: System Integration +type: integration +categories: +- logs +- metrics +release: beta +removable: false +screenshots: +- src: /img/kibana-system.png + title: kibana system + size: 1220x852 + type: image/png +- src: /img/metricbeat_system_dashboard.png + title: metricbeat system dashboard + size: 2097x1933 + type: image/png +- src: /img/metricbeat-services-host.png + title: metricbeat services host + size: 5006x2260 + type: image/png +icons: +- src: /img/system.svg + title: system + size: 1000x1000 + type: image/svg+xml +datasources: +- name: system + title: System logs and metrics + description: Collect logs and metrics from System instances + inputs: + - type: logs + title: Collect logs from System instances + description: Collecting System auth and syslog logs + - type: system/metrics + title: Collect metrics from System instances + description: Collecting System core, cpu, diskio, entropy, filesystem, fsstat, + load, memory, network, network_summary, process, process_summary, raid, service, + socket, socket_summary, uptime and users metrics diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/agent/stream/stream.yml.hbs b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/agent/stream/stream.yml.hbs new file mode 100644 index 0000000000000..e69de29bb2d1d diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-entry.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-entry.yml new file mode 100644 index 0000000000000..0c7ccd9b3d021 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-entry.yml @@ -0,0 +1,113 @@ +--- +description: Pipeline for normalizing Kubernetes CoreDNS logs. +processors: + - pipeline: + if: ctx.message.charAt(0) == (char)("{") + name: '{{IngestPipeline "pipeline-json" }}' + - pipeline: + if: ctx.message.charAt(0) != (char)("{") + name: '{{IngestPipeline "pipeline-plaintext" }}' + - script: + lang: painless + source: > + ctx.event.created = ctx['@timestamp']; + ctx['@timestamp'] = ctx['timestamp']; + ctx.remove('timestamp'); + ignore_failure: true + - script: + lang: painless + if: ctx.temp?.source != null + source: > + ctx['source'] = new HashMap(); + if (ctx.temp.source.charAt(0) == (char)("[")) { + def p = ctx.temp.source.indexOf (']'); + def l = ctx.temp.source.length(); + ctx.source.address = ctx.temp.source.substring(1, p); + ctx.source.port = ctx.temp.source.substring(p+2, l); + } else { + def p = ctx.temp.source.indexOf(':'); + def l = ctx.temp.source.length(); + ctx.source.address = ctx.temp.source.substring(0, p); + ctx.source.port = ctx.temp.source.substring(p+1, l); + } + ctx.remove('temp'); + - set: + field: source.ip + value: "{{source.address}}" + if: ctx.source?.address != null + - convert: + field: source.port + type: integer + - convert: + field: coredns.duration + type: double + - convert: + field: coredns.query.size + type: long + - convert: + field: coredns.response.size + type: long + - convert: + field: coredns.dnssec_ok + type: boolean + - uppercase: + field: dns.header_flags + - split: + field: dns.header_flags + separator: "," + - append: + if: ctx.coredns?.dnssec_ok + field: dns.header_flags + value: DO + - script: + lang: painless + source: ctx.event.duration = Math.round(ctx.coredns.duration * params.scale); + params: + scale: 1000000000 + if: ctx.coredns?.duration != null + - remove: + field: + - coredns.duration + ignore_missing: true + # The following copies values from dns namespace (ECS) to the coredns + # namespace to avoid introducing breaking change. This should be removed + # for 8.0.0. Additionally coredns.dnssec_ok can be removed. + - set: + if: ctx.dns?.id != null + field: coredns.id + value: '{{dns.id}}' + - set: + if: ctx.dns?.question?.class != null + field: coredns.query.class + value: '{{dns.question.class}}' + - set: + if: ctx.dns?.question?.name != null + field: coredns.query.name + value: '{{dns.question.name}}' + - set: + if: ctx.dns?.question?.type != null + field: coredns.query.type + value: '{{dns.question.type}}' + - set: + if: ctx.dns?.response_code != null + field: coredns.response.code + value: '{{dns.response_code}}' + - script: + if: ctx.dns?.header_flags != null + lang: painless + source: > + ctx.coredns.response.flags = ctx.dns.header_flags; + # Right trim the trailing dot from domain names. + - script: + if: ctx.dns?.question?.name != null + lang: painless + source: > + def q = ctx.dns.question.name; + def end = q.length() - 1; + if (q.charAt(end) == (char) '.') { + ctx.dns.question.name = q.substring(0, end); + } +on_failure: + - set: + field: error.message + value: "{{ _ingest.on_failure_message }}" diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-json.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-json.yml new file mode 100644 index 0000000000000..0b89ab35252c6 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-json.yml @@ -0,0 +1,32 @@ +--- +description: Pipeline for dissecting CoreDNS JSON logs. +processors: + - rename: + field: message + target_field: event.original + ignore_failure: true + - json: + field: event.original + target_field: json + - dissect: + field: json.message + pattern: '%{timestamp} [%{log.level}] %{temp.source} - %{dns.id} "%{dns.question.type} + %{dns.question.class} %{dns.question.name} %{network.transport} %{coredns.query.size} + %{coredns.dnssec_ok} %{?bufsize}" %{dns.response_code} %{dns.header_flags} + %{coredns.response.size} %{coredns.duration}s' + - rename: + field: json.message + target_field: message + ignore_failure: true + - rename: + field: json.kubernetes + target_field: kubernetes + ignore_failure: true + - remove: + field: + - json + ignore_failure: true +on_failure: + - set: + field: error.message + value: "{{ _ingest.on_failure_message }}" diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-plaintext.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-plaintext.yml new file mode 100644 index 0000000000000..fcec1fffdc1ab --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/elasticsearch/ingest-pipeline/pipeline-plaintext.yml @@ -0,0 +1,13 @@ +--- +description: Pipeline for dissecting CoreDNS plaintext logs. +processors: + - dissect: + field: message + pattern: '%{timestamp} [%{log.level}] %{temp.source} - %{dns.id} "%{dns.question.type} + %{dns.question.class} %{dns.question.name} %{network.transport} %{coredns.query.size} + %{coredns.dnssec_ok} %{?bufsize}" %{dns.response_code} %{dns.header_flags} + %{coredns.response.size} %{coredns.duration}s' +on_failure: + - set: + field: error.message + value: "{{ _ingest.on_failure_message }}" diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/fields/base-fields.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/fields/base-fields.yml new file mode 100644 index 0000000000000..9b614721122b8 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/fields/base-fields.yml @@ -0,0 +1,17 @@ + +- name: stream.type + type: constant_keyword + description: > + Stream type +- name: stream.dataset + type: constant_keyword + description: > + Stream dataset. +- name: stream.namespace + type: constant_keyword + description: > + Stream namespace. +- name: "@timestamp" + type: date + description: > + Event timestamp. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/manifest.yml new file mode 100644 index 0000000000000..ef1a9e062334c --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/dataset/log/manifest.yml @@ -0,0 +1,14 @@ +title: Log Yaml pipeline + +type: logs + +ingest_pipeline: pipeline-entry + +streams: + - input: logs + title: Yamlpipline example logs + description: Yamlpipeline example + vars: + - name: paths + required: true + default: diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/docs/README.md b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/docs/README.md new file mode 100644 index 0000000000000..d20d875fd3caf --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/docs/README.md @@ -0,0 +1,3 @@ +# YAML Pipeline + +Example package with a yaml pipeline. diff --git a/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/manifest.yml b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/manifest.yml new file mode 100644 index 0000000000000..cf1e31095c5d3 --- /dev/null +++ b/x-pack/test/epm_api_integration/apis/fixtures/registry/public/package/yamlpipeline/1.0.0/manifest.yml @@ -0,0 +1,20 @@ +format_version: 1.0.0 + +name: yamlpipeline +title: Yaml Pipeline package +description: > + This package contains a yaml pipeline. +version: 1.0.0 +categories: [logs] +release: beta + +license: basic +type: integration + +requirement: + elasticsearch: + version.min: 7.0.0 + +# No icons +icons: + diff --git a/x-pack/test/epm_api_integration/apis/index.js b/x-pack/test/epm_api_integration/apis/index.js index cfdfd5baf1e59..84a4aa6aa6e7b 100644 --- a/x-pack/test/epm_api_integration/apis/index.js +++ b/x-pack/test/epm_api_integration/apis/index.js @@ -8,8 +8,9 @@ export default function({ loadTestFile }) { describe('EPM Endpoints', function() { this.tags('ciGroup7'); loadTestFile(require.resolve('./list')); - loadTestFile(require.resolve('./file')); - loadTestFile(require.resolve('./template')); - loadTestFile(require.resolve('./ilm')); + //loadTestFile(require.resolve('./file')); + // temporarily disabled, see https://github.com/elastic/kibana/issues/67943 + // loadTestFile(require.resolve('./template')); + //loadTestFile(require.resolve('./ilm')); }); } diff --git a/x-pack/test/epm_api_integration/apis/list.ts b/x-pack/test/epm_api_integration/apis/list.ts index d0d921af6016b..422e4cb025286 100644 --- a/x-pack/test/epm_api_integration/apis/list.ts +++ b/x-pack/test/epm_api_integration/apis/list.ts @@ -5,53 +5,11 @@ */ import expect from '@kbn/expect'; -import ServerMock from 'mock-http-server'; import { FtrProviderContext } from '../../api_integration/ftr_provider_context'; export default function({ getService }: FtrProviderContext) { describe('list', () => { - const server = new ServerMock({ host: 'localhost', port: 6666 }); - beforeEach(() => { - server.start(() => {}); - }); - afterEach(() => { - server.stop(() => {}); - }); it('lists all packages from the registry', async () => { - const searchResponse = [ - { - description: 'First integration package', - download: '/package/first-1.0.1.tar.gz', - name: 'first', - title: 'First', - type: 'integration', - version: '1.0.1', - }, - { - description: 'Second integration package', - download: '/package/second-2.0.4.tar.gz', - icons: [ - { - src: '/package/second-2.0.4/img/icon.svg', - type: 'image/svg+xml', - }, - ], - name: 'second', - title: 'Second', - type: 'integration', - version: '2.0.4', - }, - ]; - server.on({ - method: 'GET', - path: '/search', - reply: { - status: 200, - headers: { 'content-type': 'application/json' }, - body: JSON.stringify(searchResponse), - }, - }); - const supertest = getService('supertest'); const fetchPackageList = async () => { const response = await supertest @@ -62,63 +20,82 @@ export default function({ getService }: FtrProviderContext) { }; const listResponse = await fetchPackageList(); - expect(listResponse.response.length).to.be(2); - expect(listResponse.response[0]).to.eql({ ...searchResponse[0], status: 'not_installed' }); - expect(listResponse.response[1]).to.eql({ ...searchResponse[1], status: 'not_installed' }); + expect(listResponse.response.length).to.be(4); + expect(listResponse).to.eql(registryListResponse); }); + }); +} - it('sorts the packages even if the registry sends them unsorted', async () => { - const searchResponse = [ +// This corresponds to the packages in fixtures/registry/public/package +// and illustrates how tests with registry packages are set up. +// Once we have more test cases this might be too cumbersome and not +// relevant enough to keep up-to-date. +const registryListResponse = { + response: [ + { + description: 'MySQL Integration', + download: '/epr/mysql/mysql-0.1.1.tar.gz', + icons: [ { - description: 'BBB integration package', - download: '/package/bbb-1.0.1.tar.gz', - name: 'bbb', - title: 'BBB', - type: 'integration', - version: '1.0.1', + src: '/package/mysql/0.1.1/img/logo_mysql.svg', + title: 'logo mysql', + size: '32x32', + type: 'image/svg+xml', }, + ], + name: 'mysql', + path: '/package/mysql/0.1.1', + title: 'MySQL', + type: 'integration', + version: '0.1.1', + status: 'not_installed', + }, + { + description: 'Nginx Integration', + download: '/epr/nginx/nginx-0.1.1.tar.gz', + icons: [ { - description: 'CCC integration package', - download: '/package/ccc-2.0.4.tar.gz', - name: 'ccc', - title: 'CCC', - type: 'integration', - version: '2.0.4', + src: '/package/nginx/0.1.1/img/logo_nginx.svg', + title: 'logo nginx', + size: '32x32', + type: 'image/svg+xml', }, + ], + name: 'nginx', + path: '/package/nginx/0.1.1', + title: 'Nginx', + type: 'integration', + version: '0.1.1', + status: 'not_installed', + }, + { + description: 'System Integration', + download: '/epr/system/system-0.1.0.tar.gz', + icons: [ { - description: 'AAA integration package', - download: '/package/aaa-0.0.1.tar.gz', - name: 'aaa', - title: 'AAA', - type: 'integration', - version: '0.0.1', + src: '/package/system/0.1.0/img/system.svg', + title: 'system', + size: '1000x1000', + type: 'image/svg+xml', }, - ]; - server.on({ - method: 'GET', - path: '/search', - reply: { - status: 200, - headers: { 'content-type': 'application/json' }, - body: JSON.stringify(searchResponse), - }, - }); - - const supertest = getService('supertest'); - const fetchPackageList = async () => { - const response = await supertest - .get('/api/ingest_manager/epm/packages') - .set('kbn-xsrf', 'xxx') - .expect(200); - return response.body; - }; - - const listResponse = await fetchPackageList(); - - expect(listResponse.response.length).to.be(3); - expect(listResponse.response[0].name).to.eql('aaa'); - expect(listResponse.response[1].name).to.eql('bbb'); - expect(listResponse.response[2].name).to.eql('ccc'); - }); - }); -} + ], + name: 'system', + path: '/package/system/0.1.0', + title: 'System', + type: 'integration', + version: '0.1.0', + status: 'not_installed', + }, + { + description: 'This package contains a yaml pipeline.\n', + download: '/epr/yamlpipeline/yamlpipeline-1.0.0.tar.gz', + name: 'yamlpipeline', + path: '/package/yamlpipeline/1.0.0', + title: 'Yaml Pipeline package', + type: 'integration', + version: '1.0.0', + status: 'not_installed', + }, + ], + success: true, +}; diff --git a/x-pack/test/epm_api_integration/config.ts b/x-pack/test/epm_api_integration/config.ts index b04bc76ccb315..439c107367015 100644 --- a/x-pack/test/epm_api_integration/config.ts +++ b/x-pack/test/epm_api_integration/config.ts @@ -4,14 +4,35 @@ * you may not use this file except in compliance with the Elastic License. */ +import path from 'path'; + import { FtrConfigProviderContext } from '@kbn/test/types/ftr'; +import { defineDockerServersConfig } from '@kbn/test'; export default async function({ readConfigFile }: FtrConfigProviderContext) { const xPackAPITestsConfig = await readConfigFile(require.resolve('../api_integration/config.js')); - return { testFiles: [require.resolve('./apis')], servers: xPackAPITestsConfig.get('servers'), + dockerServers: defineDockerServersConfig( + process.env.INGEST_MANAGEMENT_PACKAGE_REGISTRY_PORT + ? { + registry: { + image: 'docker.elastic.co/package-registry/package-registry:master', + portInContainer: 8080, + port: process.env.INGEST_MANAGEMENT_PACKAGE_REGISTRY_PORT, + waitForLogLine: 'package manifests loaded into memory', + args: [ + '-v', + `${path.join( + path.dirname(__filename), + './apis/fixtures/registry/public' + )}:/registry/public`, + ], + }, + } + : {} + ), services: { supertest: xPackAPITestsConfig.get('services.supertest'), es: xPackAPITestsConfig.get('services.es'), @@ -28,7 +49,7 @@ export default async function({ readConfigFile }: FtrConfigProviderContext) { ...xPackAPITestsConfig.get('kbnTestServer'), serverArgs: [ ...xPackAPITestsConfig.get('kbnTestServer.serverArgs'), - '--xpack.ingestManager.epm.registryUrl=http://localhost:6666', + `--xpack.ingestManager.epm.registryUrl=http://localhost:${process.env.INGEST_MANAGEMENT_PACKAGE_REGISTRY_PORT}`, ], }, }; diff --git a/x-pack/test/functional/config.js b/x-pack/test/functional/config.js index 47ca6849932b9..91f99c2abf6b9 100644 --- a/x-pack/test/functional/config.js +++ b/x-pack/test/functional/config.js @@ -6,9 +6,6 @@ import { resolve } from 'path'; -import { defineDockerServersConfig } from '@kbn/test'; -import { first, tap } from 'rxjs/operators'; - import { services } from './services'; import { pageObjects } from './page_objects'; @@ -70,30 +67,6 @@ export default async function({ readConfigFile }) { servers: kibanaFunctionalConfig.get('servers'), - dockerServers: defineDockerServersConfig( - process.env.FLEET_PACKAGE_REGISTRY_PORT - ? { - helloWorld: { - image: 'docker.elastic.co/package-registry/package-registry:master', - portInContainer: 8080, - port: process.env.FLEET_PACKAGE_REGISTRY_PORT, - waitForLogLine: 'package manifests loaded into memory', - async waitFor(server, logLine$) { - await logLine$ - .pipe( - first(line => line.includes('Package registry started')), - tap(line => { - console.log(`waitFor found log line "${line}"`); - console.log('marking server ready', server); - }) - ) - .toPromise(); - }, - }, - } - : {} - ), - esTestCluster: { license: 'trial', from: 'snapshot', @@ -114,8 +87,6 @@ export default async function({ readConfigFile }) { '--xpack.security.encryptionKey="wuGNaIhoMpk5sO4UBxgr3NyW1sFcLgIf"', // server restarts should not invalidate active sessions '--xpack.encryptedSavedObjects.encryptionKey="DkdXazszSCYexXqz4YktBGHCRkV6hyNK"', '--timelion.ui.enabled=true', - `--xpack.ingestManager.enabled=true`, - `--xpack.ingestManager.epm.registryUrl=http://localhost:${process.env.FLEET_PACKAGE_REGISTRY_PORT}`, ], }, uiSettings: {