diff --git a/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml b/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml index 85cd00d2c9..467be5bc4f 100644 --- a/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml +++ b/deploy/helm/elastic-agent/examples/kubernetes-hints-autodiscover/rendered/manifest.yaml @@ -564,6 +564,7 @@ stringData: providers: kubernetes: hints: + default_container_logs: false enabled: true node: ${NODE_NAME} scope: node @@ -1081,7 +1082,7 @@ spec: labels: name: agent-pernode-example annotations: - checksum/config: 0df24cb5f7362916ba8cb10621b123918f22f52a7ce9f0b0514c5983de6d06f3 + checksum/config: daca0d998edb3afa587d96e69b0833f6919ca6ba72f58f3a1f83b22d7e5ffaf6 spec: automountServiceAccountToken: true containers: diff --git a/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml b/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml index 420873a6c7..421adc78ff 100644 --- a/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml +++ b/deploy/helm/elastic-agent/examples/multiple-integrations/rendered/manifest.yaml @@ -590,6 +590,7 @@ stringData: providers: kubernetes: hints: + default_container_logs: false enabled: true node: ${NODE_NAME} scope: node @@ -1107,7 +1108,7 @@ spec: labels: name: agent-pernode-example annotations: - checksum/config: 0df24cb5f7362916ba8cb10621b123918f22f52a7ce9f0b0514c5983de6d06f3 + checksum/config: daca0d998edb3afa587d96e69b0833f6919ca6ba72f58f3a1f83b22d7e5ffaf6 spec: automountServiceAccountToken: true containers: diff --git a/deploy/helm/elastic-agent/templates/integrations/_kubernetes/_preset_pernode.tpl b/deploy/helm/elastic-agent/templates/integrations/_kubernetes/_preset_pernode.tpl index 3feb3f9f60..26a29356f4 100644 --- a/deploy/helm/elastic-agent/templates/integrations/_kubernetes/_preset_pernode.tpl +++ b/deploy/helm/elastic-agent/templates/integrations/_kubernetes/_preset_pernode.tpl @@ -65,6 +65,11 @@ providers: kubernetes: hints: enabled: true +{{- if (eq $.Values.kubernetes.containers.logs.enabled false) }} + default_container_logs: true +{{- else }} + default_container_logs: false +{{- end }} {{- end -}} {{- define "elasticagent.kubernetes.pernode.preset.tolerations" -}} diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/activemq.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/activemq.yml index 742df26fed..705f3370e7 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/activemq.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/activemq.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.activemq.audit.enabled} == true or ${kubernetes.hints.activemq.enabled} == true + id: filestream-activemq-audit-${kubernetes.hints.container_id} data_stream: dataset: activemq.audit type: logs @@ -27,6 +28,7 @@ inputs: - forwarded - activemq-audit - condition: ${kubernetes.hints.activemq.log.enabled} == true or ${kubernetes.hints.activemq.enabled} == true + id: filestream-activemq-log-${kubernetes.hints.container_id} data_stream: dataset: activemq.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/apache.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/apache.yml index 3520dca77f..26de98f64c 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/apache.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/apache.yml @@ -103,6 +103,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.apache.access.enabled} == true or ${kubernetes.hints.apache.enabled} == true + id: filestream-apache-access-${kubernetes.hints.container_id} data_stream: dataset: apache.access type: logs @@ -124,6 +125,7 @@ inputs: tags: - apache-access - condition: ${kubernetes.hints.apache.error.enabled} == true or ${kubernetes.hints.apache.enabled} == true + id: filestream-apache-error-${kubernetes.hints.container_id} data_stream: dataset: apache.error type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cassandra.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cassandra.yml index 5d15a8122e..8eef2d1978 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/cassandra.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/cassandra.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.cassandra.log.enabled} == true or ${kubernetes.hints.cassandra.enabled} == true + id: filestream-cassandra-log-${kubernetes.hints.container_id} data_stream: dataset: cassandra.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml index e4c87ed361..4f02183a9a 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/cef.yml @@ -26,6 +26,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.cef.log.enabled} == true or ${kubernetes.hints.cef.enabled} == true + id: filestream-cef-log-${kubernetes.hints.container_id} data_stream: dataset: cef.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/checkpoint.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/checkpoint.yml index 155b98f869..3685cdc69e 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/checkpoint.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/checkpoint.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.checkpoint.firewall.enabled} == true or ${kubernetes.hints.checkpoint.enabled} == true + id: filestream-checkpoint-firewall-${kubernetes.hints.container_id} data_stream: dataset: checkpoint.firewall type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cockroachdb.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cockroachdb.yml index c26e8512a1..e9dfc83eb0 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/cockroachdb.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/cockroachdb.yml @@ -28,6 +28,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.cockroachdb.container_logs.enabled} == true + id: filestream-cockroachdb-logs-${kubernetes.hints.container_id} data_stream: dataset: cockroachdb.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/container_logs.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/container_logs.yml index b5fae6c8f5..568b6e7ec7 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/container_logs.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/container_logs.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.container_logs.enabled} == true + id: hints-filestream-container-logs-${kubernetes.hints.container_id} data_stream: dataset: kubernetes.container_logs type: logs @@ -17,4 +18,4 @@ inputs: prospector: scanner: symlinks: true - data_stream.namespace: default \ No newline at end of file + data_stream.namespace: default diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/crowdstrike.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/crowdstrike.yml index 1f1319c5ce..8699b4d636 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/crowdstrike.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/crowdstrike.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.crowdstrike.falcon.enabled} == true or ${kubernetes.hints.crowdstrike.enabled} == true + id: filestream-crowdstrike-falcon-${kubernetes.hints.container_id} data_stream: dataset: crowdstrike.falcon type: logs @@ -32,6 +33,7 @@ inputs: - forwarded - crowdstrike-falcon - condition: ${kubernetes.hints.crowdstrike.fdr.enabled} == true or ${kubernetes.hints.crowdstrike.enabled} == true + id: filestream-crowdstrike-fdr-${kubernetes.hints.container_id} data_stream: dataset: crowdstrike.fdr type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/cyberarkpas.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/cyberarkpas.yml index a9adaaf36a..3363ddf1cd 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/cyberarkpas.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/cyberarkpas.yml @@ -39,6 +39,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.cyberarkpas.audit.enabled} == true and ${kubernetes.hints.cyberarkpas.enabled} == true + id: filestream-cyberarkpas-audit-${kubernetes.hints.container_id} data_stream: dataset: cyberarkpas.audit type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/elasticsearch.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/elasticsearch.yml index bc00a23cc4..7f4cab7fd2 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/elasticsearch.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/elasticsearch.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.elasticsearch.audit.enabled} == true or ${kubernetes.hints.elasticsearch.enabled} == true + id: filestream-elasticsearch-audit-${kubernetes.hints.container_id} data_stream: dataset: elasticsearch.audit type: logs @@ -49,6 +50,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.elasticsearch.deprecation.enabled} == true or ${kubernetes.hints.elasticsearch.enabled} == true + id: filestream-elasticsearch-deprecation-${kubernetes.hints.container_id} data_stream: dataset: elasticsearch.deprecation type: logs @@ -70,6 +72,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.elasticsearch.gc.enabled} == true or ${kubernetes.hints.elasticsearch.enabled} == true + id: filestream-elasticsearch-gc-${kubernetes.hints.container_id} data_stream: dataset: elasticsearch.gc type: logs @@ -103,6 +106,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.elasticsearch.server.enabled} == true or ${kubernetes.hints.elasticsearch.enabled} == true + id: filestream-elasticsearch-server-${kubernetes.hints.container_id} data_stream: dataset: elasticsearch.server type: logs @@ -125,6 +129,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.elasticsearch.slowlog.enabled} == true or ${kubernetes.hints.elasticsearch.enabled} == true + id: filestream-elasticsearch-slowlog-${kubernetes.hints.container_id} data_stream: dataset: elasticsearch.slowlog type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/endpoint.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/endpoint.yml index ffd93d407f..23f5ae65dc 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/endpoint.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/endpoint.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.endpoint.container_logs.enabled} == true + id: filestream-endpoint-logs-${kubernetes.hints.container_id} data_stream: dataset: endpoint.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/fireeye.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/fireeye.yml index 5ce213a2ff..68084abfc7 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/fireeye.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/fireeye.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.fireeye.nx.enabled} == true or ${kubernetes.hints.fireeye.enabled} == true + id: filestream-fireeye-nx-${kubernetes.hints.container_id} data_stream: dataset: fireeye.nx type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/haproxy.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/haproxy.yml index be3b22b57a..07cee4332d 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/haproxy.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/haproxy.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.haproxy.log.enabled} == true or ${kubernetes.hints.haproxy.enabled} == true + id: filestream-haproxy-log-${kubernetes.hints.container_id} data_stream: dataset: haproxy.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/hashicorp_vault.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/hashicorp_vault.yml index cc2249d1b6..508250817f 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/hashicorp_vault.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/hashicorp_vault.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.hashicorp_vault.audit.enabled} == true or ${kubernetes.hints.hashicorp_vault.enabled} == true + id: filestream-hashicorp_vault-audit-${kubernetes.hints.container_id} data_stream: dataset: hashicorp_vault.audit type: logs @@ -26,6 +27,7 @@ inputs: tags: - hashicorp-vault-audit - condition: ${kubernetes.hints.hashicorp_vault.log.enabled} == true or ${kubernetes.hints.hashicorp_vault.enabled} == true + id: filestream-hashicorp_vault-log-${kubernetes.hints.container_id} data_stream: dataset: hashicorp_vault.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/hid_bravura_monitor.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/hid_bravura_monitor.yml index 92907934bc..baa241dc5b 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/hid_bravura_monitor.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/hid_bravura_monitor.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.hid_bravura_monitor.log.enabled} == true or ${kubernetes.hints.hid_bravura_monitor.enabled} == true + id: filestream-hid_bravura_monitor-log-${kubernetes.hints.container_id} data_stream: dataset: hid_bravura_monitor.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/iis.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/iis.yml index 7708e49d3e..7e5998e836 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/iis.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/iis.yml @@ -32,6 +32,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.iis.access.enabled} == true or ${kubernetes.hints.iis.enabled} == true + id: filestream-iis-access-${kubernetes.hints.container_id} data_stream: dataset: iis.access type: logs @@ -56,6 +57,7 @@ inputs: tags: - iis-access - condition: ${kubernetes.hints.iis.error.enabled} == true or ${kubernetes.hints.iis.enabled} == true + id: filestream-iis-error-${kubernetes.hints.container_id} data_stream: dataset: iis.error type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/infoblox_nios.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/infoblox_nios.yml index 98c63da565..e1091058ce 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/infoblox_nios.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/infoblox_nios.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.infoblox_nios.log.enabled} == true or ${kubernetes.hints.infoblox_nios.enabled} == true + id: filestream-infoblox_nios-log-${kubernetes.hints.container_id} data_stream: dataset: infoblox_nios.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/iptables.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/iptables.yml index 4455b0bcb2..bbc5d7f607 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/iptables.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/iptables.yml @@ -21,6 +21,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.iptables.log.enabled} == true and ${kubernetes.hints.iptables.enabled} == true + id: filestream-iptables-log-${kubernetes.hints.container_id} data_stream: dataset: iptables.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/kafka.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/kafka.yml index 3532eba99f..57ab4d3d52 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/kafka.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/kafka.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.kafka.log.enabled} == true or ${kubernetes.hints.kafka.enabled} == true + id: filestream-kafka-log-${kubernetes.hints.container_id} data_stream: dataset: kafka.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/keycloak.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/keycloak.yml index b9b3778058..b0e434c6a7 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/keycloak.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/keycloak.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.keycloak.log.enabled} == true or ${kubernetes.hints.keycloak.enabled} == true + id: filestream-keycloak-log-${kubernetes.hints.container_id} data_stream: dataset: keycloak.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/kibana.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/kibana.yml index bf5e5e3346..a2c61085f7 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/kibana.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/kibana.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.kibana.audit.enabled} == true or ${kubernetes.hints.kibana.enabled} == true + id: filestream-kibana-audit-${kubernetes.hints.container_id} data_stream: dataset: kibana.audit type: logs @@ -24,6 +25,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.kibana.log.enabled} == true or ${kubernetes.hints.kibana.enabled} == true + id: filestream-kibana-log-${kubernetes.hints.container_id} data_stream: dataset: kibana.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/log.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/log.yml index 2c5f213609..308a8ef5f6 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/log.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/log.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.log.container_logs.enabled} == true + id: filestream-log-${kubernetes.hints.container_id} data_stream: dataset: log.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/logstash.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/logstash.yml index 7b889c42cf..71eb8daa36 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/logstash.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/logstash.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.logstash.log.enabled} == true or ${kubernetes.hints.logstash.enabled} == true + id: filestream-logstash-log-${kubernetes.hints.container_id} data_stream: dataset: logstash.log type: logs @@ -34,6 +35,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.logstash.slowlog.enabled} == true or ${kubernetes.hints.logstash.enabled} == true + id: filestream-logstash-slowlog-${kubernetes.hints.container_id} data_stream: dataset: logstash.slowlog type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/mattermost.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/mattermost.yml index 10b0529342..47c9deac4f 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/mattermost.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/mattermost.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.mattermost.audit.enabled} == true or ${kubernetes.hints.mattermost.enabled} == true + id: filestream-mattermost-audit-${kubernetes.hints.container_id} data_stream: dataset: mattermost.audit type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/microsoft_sqlserver.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/microsoft_sqlserver.yml index 0a5ab1ef6c..533288fabf 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/microsoft_sqlserver.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/microsoft_sqlserver.yml @@ -18,6 +18,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.microsoft_sqlserver.log.enabled} == true or ${kubernetes.hints.microsoft_sqlserver.enabled} == true + id: filestream-microsoft_sqlserver-log-${kubernetes.hints.container_id} data_stream: dataset: microsoft_sqlserver.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/mimecast.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/mimecast.yml index 1e029fbba3..cfac8191fc 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/mimecast.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/mimecast.yml @@ -1073,6 +1073,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.mimecast.container_logs.enabled} == true + id: filestream-mimecast-logs-${kubernetes.hints.container_id} data_stream: dataset: mimecast.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/modsecurity.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/modsecurity.yml index cc55ebbcf7..ea42ac0534 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/modsecurity.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/modsecurity.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.modsecurity.auditlog.enabled} == true or ${kubernetes.hints.modsecurity.enabled} == true + id: filestream-modsecurity-auditlog-${kubernetes.hints.container_id} data_stream: dataset: modsecurity.auditlog type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/mongodb.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/mongodb.yml index b0bd0b0724..81f765e08a 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/mongodb.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/mongodb.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.mongodb.log.enabled} == true or ${kubernetes.hints.mongodb.enabled} == true + id: filestream-mongodb-log-${kubernetes.hints.container_id} data_stream: dataset: mongodb.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql.yml index b21edd7426..f4694996e7 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.mysql.error.enabled} == true or ${kubernetes.hints.mysql.enabled} == true + id: filestream-mysql-error-${kubernetes.hints.container_id} data_stream: dataset: mysql.error type: logs @@ -30,6 +31,7 @@ inputs: enabled: true symlinks: true - condition: ${kubernetes.hints.mysql.slowlog.enabled} == true or ${kubernetes.hints.mysql.enabled} == true + id: filestream-mysql-slowlog-${kubernetes.hints.container_id} data_stream: dataset: mysql.slowlog type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql_enterprise.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql_enterprise.yml index e3aca3b5b7..474a22d755 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql_enterprise.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/mysql_enterprise.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.mysql_enterprise.audit.enabled} == true or ${kubernetes.hints.mysql_enterprise.enabled} == true + id: filestream-mysql_enterprise-audit-${kubernetes.hints.container_id} data_stream: dataset: mysql_enterprise.audit type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/nats.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/nats.yml index c75da28956..fb5ed78e74 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/nats.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/nats.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.nats.log.enabled} == true or ${kubernetes.hints.nats.enabled} == true + id: filestream-nats-log-${kubernetes.hints.container_id} data_stream: dataset: nats.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/netflow.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/netflow.yml index b43760795e..e3b8d52c52 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/netflow.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/netflow.yml @@ -32,6 +32,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.netflow.container_logs.enabled} == true + id: filestream-netflow-logs-${kubernetes.hints.container_id} data_stream: dataset: netflow.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx.yml index 930171a10d..302b90fe4f 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.nginx.access.enabled} == true or ${kubernetes.hints.nginx.enabled} == true + id: filestream-nginx-access-${kubernetes.hints.container_id} data_stream: dataset: nginx.access type: logs @@ -29,6 +30,7 @@ inputs: tags: - nginx-access - condition: ${kubernetes.hints.nginx.error.enabled} == true or ${kubernetes.hints.nginx.enabled} == true + id: filestream-nginx-error-${kubernetes.hints.container_id} data_stream: dataset: nginx.error type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx_ingress_controller.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx_ingress_controller.yml index f3f3941190..d09cb07c4b 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx_ingress_controller.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/nginx_ingress_controller.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.nginx_ingress_controller.access.enabled} == true or ${kubernetes.hints.nginx_ingress_controller.enabled} == true + id: filestream-nginx_ingress_controller-access-${kubernetes.hints.container_id} data_stream: dataset: nginx_ingress_controller.access type: logs @@ -22,6 +23,7 @@ inputs: tags: - nginx-ingress-controller-access - condition: ${kubernetes.hints.nginx_ingress_controller.error.enabled} == true or ${kubernetes.hints.nginx_ingress_controller.enabled} == true + id: filestream-nginx_ingress_controller-error-${kubernetes.hints.container_id} data_stream: dataset: nginx_ingress_controller.error type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/oracle.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/oracle.yml index e5dac21fdf..f4f78a64c8 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/oracle.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/oracle.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.oracle.database_audit.enabled} == true or ${kubernetes.hints.oracle.enabled} == true + id: filestream-oracle-audit-${kubernetes.hints.container_id} data_stream: dataset: oracle.database_audit type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/panw.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/panw.yml index 76bf639656..9f7fab7503 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/panw.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/panw.yml @@ -78,6 +78,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.panw.panos.enabled} == true or ${kubernetes.hints.panw.enabled} == true + id: filestream-panw-panos-${kubernetes.hints.container_id} data_stream: dataset: panw.panos type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/panw_cortex_xdr.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/panw_cortex_xdr.yml index b5aa8858c7..5ef73bbc1c 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/panw_cortex_xdr.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/panw_cortex_xdr.yml @@ -74,6 +74,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.panw_cortex_xdr.container_logs.enabled} == true + id: filestream-panw_cortex_xdr-logs-${kubernetes.hints.container_id} data_stream: dataset: panw_cortex_xdr.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/pfsense.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/pfsense.yml index f21316d758..ff46d3658d 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/pfsense.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/pfsense.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.pfsense.container_logs.enabled} == true + id: filestream-pfsense-logs-${kubernetes.hints.container_id} data_stream: dataset: pfsense.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/postgresql.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/postgresql.yml index 8099386204..444a71aa78 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/postgresql.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/postgresql.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.postgresql.log.enabled} == true or ${kubernetes.hints.postgresql.enabled} == true + id: filestream-postgresql-log-${kubernetes.hints.container_id} data_stream: dataset: postgresql.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/prometheus.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/prometheus.yml index 43c1ade916..8b146c45e8 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/prometheus.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/prometheus.yml @@ -72,6 +72,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.prometheus.container_logs.enabled} == true + id: filestream-prometheus-logs-${kubernetes.hints.container_id} data_stream: dataset: prometheus.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/qnap_nas.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/qnap_nas.yml index 792f25ecc2..26f6815ae9 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/qnap_nas.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/qnap_nas.yml @@ -45,6 +45,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.qnap_nas.container_logs.enabled} == true + id: filestream-qnap_nas-logs-${kubernetes.hints.container_id} data_stream: dataset: qnap_nas.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/rabbitmq.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/rabbitmq.yml index 075f51fdb1..57781776de 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/rabbitmq.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/rabbitmq.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.rabbitmq.log.enabled} == true or ${kubernetes.hints.rabbitmq.enabled} == true + id: filestream-rabbitmq-log-${kubernetes.hints.container_id} data_stream: dataset: rabbitmq.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/redis.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/redis.yml index a1321a6880..be47c78ebd 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/redis.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/redis.yml @@ -66,6 +66,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.redis.log.enabled} == true or ${kubernetes.hints.redis.enabled} == true + id: filestream-redis-log-${kubernetes.hints.container_id} data_stream: dataset: redis.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/santa.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/santa.yml index ca4282d703..50073bc9d0 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/santa.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/santa.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.santa.log.enabled} == true or ${kubernetes.hints.santa.enabled} == true + id: filestream-santa-log-${kubernetes.hints.container_id} data_stream: dataset: santa.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/security_detection_engine.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/security_detection_engine.yml index 7368820519..d7093d6794 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/security_detection_engine.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/security_detection_engine.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.security_detection_engine.container_logs.enabled} == true + id: filestream-security_detection_engine-logs-${kubernetes.hints.container_id} data_stream: dataset: security_detection_engine.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/sentinel_one.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/sentinel_one.yml index 7e7c6e3de8..665f98dfad 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/sentinel_one.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/sentinel_one.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.sentinel_one.container_logs.enabled} == true + id: filestream-sentinel_one-logs-${kubernetes.hints.container_id} data_stream: dataset: sentinel_one.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/snort.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/snort.yml index f08e0fb0c6..a0356ad68a 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/snort.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/snort.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.snort.log.enabled} == true or ${kubernetes.hints.snort.enabled} == true + id: filestream-snort-log-${kubernetes.hints.container_id} data_stream: dataset: snort.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/snyk.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/snyk.yml index 990c39b9f1..6b177c3f01 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/snyk.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/snyk.yml @@ -123,6 +123,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.snyk.container_logs.enabled} == true + id: filestream-snyk-logs-${kubernetes.hints.container_id} data_stream: dataset: snyk.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/stan.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/stan.yml index 39de591c93..73d7d36a08 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/stan.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/stan.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.stan.log.enabled} == true or ${kubernetes.hints.stan.enabled} == true + id: filestream-stan-log-${kubernetes.hints.container_id} data_stream: dataset: stan.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/suricata.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/suricata.yml index a25c2eb659..7aa83d832f 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/suricata.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/suricata.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.suricata.eve.enabled} == true or ${kubernetes.hints.suricata.enabled} == true + id: filestream-suricata-eve-${kubernetes.hints.container_id} data_stream: dataset: suricata.eve type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/symantec_endpoint.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/symantec_endpoint.yml index 83e8671e3b..e63c9dd5a2 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/symantec_endpoint.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/symantec_endpoint.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.symantec_endpoint.log.enabled} == true and ${kubernetes.hints.symantec_endpoint.enabled} == true + id: filestream-symantec_endpoint-log-${kubernetes.hints.container_id} data_stream: dataset: symantec_endpoint.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/synthetics.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/synthetics.yml index 5127a4ba11..a55075a4b9 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/synthetics.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/synthetics.yml @@ -117,6 +117,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.synthetics.container_logs.enabled} == true + id: filestream-synthetics-logs-${kubernetes.hints.container_id} data_stream: dataset: synthetics.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/tcp.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/tcp.yml index 80f4f2062c..17cfec417a 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/tcp.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/tcp.yml @@ -17,6 +17,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.tcp.container_logs.enabled} == true + id: filestream-tcp-${kubernetes.hints.container_id} data_stream: dataset: tcp.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/tomcat.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/tomcat.yml index 4b9422213e..bff621cec9 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/tomcat.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/tomcat.yml @@ -5531,6 +5531,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.tomcat.log.enabled} == true and ${kubernetes.hints.tomcat.enabled} == true + id: filestream-tomcat-log-${kubernetes.hints.container_id} data_stream: dataset: tomcat.log type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/traefik.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/traefik.yml index b485c4cbed..9095672680 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/traefik.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/traefik.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.traefik.access.enabled} == true or ${kubernetes.hints.traefik.enabled} == true + id: filestream-traefik-access-${kubernetes.hints.container_id} data_stream: dataset: traefik.access type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/udp.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/udp.yml index 1204c4e7e9..453d0c3a48 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/udp.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/udp.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.udp.container_logs.enabled} == true + id: filestream-udp-logs-${kubernetes.hints.container_id} data_stream: dataset: udp.container_logs type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/zeek.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/zeek.yml index eac5df1c51..cc75cc08e5 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/zeek.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/zeek.yml @@ -5,6 +5,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.zeek.capture_loss.enabled} == true or ${kubernetes.hints.zeek.enabled} == true + id: filestream-zeek-loss-${kubernetes.hints.container_id} data_stream: dataset: zeek.capture_loss type: logs diff --git a/deploy/kubernetes/elastic-agent-standalone/templates.d/zookeeper.yml b/deploy/kubernetes/elastic-agent-standalone/templates.d/zookeeper.yml index fa7f8e54e7..dfe324275c 100644 --- a/deploy/kubernetes/elastic-agent-standalone/templates.d/zookeeper.yml +++ b/deploy/kubernetes/elastic-agent-standalone/templates.d/zookeeper.yml @@ -38,6 +38,7 @@ inputs: use_output: default streams: - condition: ${kubernetes.hints.zookeeper.container_logs.enabled} == true + id: filestream-zookeeper-logs-${kubernetes.hints.container_id} data_stream: dataset: zookeeper.container_logs type: logs