[arch-commits] Commit in beats/trunk (3 files)

Massimiliano Torromeo mtorromeo at archlinux.org
Fri Nov 17 15:00:27 UTC 2017 

    Date: Friday, November 17, 2017 @ 15:00:26
  Author: mtorromeo
Revision: 267089

upgpkg: beats 6.0.0-1

Added:
  beats/trunk/auditbeat-tmpfile.conf
  beats/trunk/auditbeat.service
Modified:
  beats/trunk/PKGBUILD

------------------------+
 PKGBUILD               |   84 +++++++++++++++++++++++++++++------------------
 auditbeat-tmpfile.conf |    2 +
 auditbeat.service      |   11 ++++++
 3 files changed, 66 insertions(+), 31 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2017-11-17 13:15:41 UTC (rev 267088)
+++ PKGBUILD	2017-11-17 15:00:26 UTC (rev 267089)
@@ -2,8 +2,8 @@
 # Contributor: Tyler Langlois <ty |at| tjll |dot| net>
 
 pkgbase=beats
-pkgname=(filebeat packetbeat metricbeat heartbeat)
-pkgver=5.6.4
+pkgname=(filebeat packetbeat metricbeat heartbeat-elastic auditbeat)
+pkgver=6.0.0
 pkgrel=1
 pkgdesc='Data shippers for Elasticsearch'
 arch=('x86_64')
@@ -10,7 +10,7 @@
 url='https://www.elastic.co/products/beats'
 license=('APACHE')
 depends=('glibc')
-makedepends=('go-pie' 'git' 'libpcap' 'rsync')
+makedepends=('go-pie' 'git' 'libpcap' 'rsync' 'python')
 optdepends=('elasticsearch: for standalone installation'
             'python: for migration script')
 options=('!strip')
@@ -20,20 +20,24 @@
         "packetbeat.service"
         "metricbeat.service"
         "heartbeat.service"
+        "auditbeat.service"
         "filebeat-tmpfile.conf"
         "packetbeat-tmpfile.conf"
         "metricbeat-tmpfile.conf"
-        "heartbeat-tmpfile.conf")
-sha256sums=('c06f913af79bb54825483ba0ed4b31752db5784daf3717f53d83b6b12890c0a4'
+        "heartbeat-tmpfile.conf"
+        "auditbeat-tmpfile.conf")
+sha256sums=('c4a8130934eb132f637e0a76ed4d764b92e7ed469abc97587a3625a61668744e'
             '33feb3690f8b31563cc1e2da557c2aa326501ce9ccd7e0a142036902bfdb05ff'
             '4d5394cfe3299c9a6af5ac34c1ad4bcdc2e79162379cccbf00fb414eb28253c0'
             '9f4e33fc768d3500fa3428dcbfda241c6473a2cae8cc4dbadf8f61ca9f2bbec5'
             '26b123acd96808162a7f827ce6f0e9669140c2665fc28d76583a15996fbf853d'
             '212cb4ab5a02d7078025f7d1f50f48e5caa25debce0852cf68cd8f89ed0a8d09'
+            'b7f1c61950f21c7fab31166c68d4a9e5027f0c5bcc40a97913d6d89eaf643b85'
             'ec999a29bc19d1b36b84e03cbd7b00b29d3e08c97ca03043b9fd6bfbe04c5e2d'
             '3f3ead4168d5b4953cca883d8a3c4552c26a75f52cedfcf6c7785bfd7bbae3c4'
             'cb927141d3bed94cb5570789dd9fc97713e967580ee354ff393020811f087dca'
-            '9629931db8455891f0a6e9f9c91272716f2b47ec88f8a49e601423a16c7cdba5')
+            '9629931db8455891f0a6e9f9c91272716f2b47ec88f8a49e601423a16c7cdba5'
+            'dcdf1be6acda30cc3e8949b5affbc1fe7b0a1efc2a08dfe2f878d6eb6de84d38')
 
 prepare() {
     cd beats-$pkgver
@@ -56,53 +60,64 @@
 build() {
     export GOPATH="$srcdir"/gopath
     for beat in ${pkgname[@]}; do
+        beat="${beat%-elastic}"
         msg2 "Building $beat..."
         cd "$srcdir"/beats-$pkgver/$beat
         make
-        cd "$srcdir"/beats-$pkgver/libbeat/dashboards
-        make BEAT=$beat
-        mv import_dashboards import_dashboards-$beat
     done
 
+    for beat in filebeat metricbeat auditbeat; do
+        cd "$srcdir"/beats-$pkgver/$beat
+        cp _meta/fields.common.yml _meta/fields.generated.yml
+        python ../metricbeat/scripts/fields_collector.py >> _meta/fields.generated.yml
+        make kibana
+    done
+
+    for beat in heartbeat packetbeat; do
+        cd "$srcdir"/beats-$pkgver/$beat
+        make fields
+    done
+
     cd "$srcdir"/beats-$pkgver/filebeat
     make modules
+
+    mv "$srcdir"/beats-$pkgver/packetbeat/_meta/{fields,fields.generated}.yml
 }
 
 _do_package_beat() {
-    backup=(etc/$pkgname/$pkgname.yml etc/$pkgname/$pkgname.template{,-es2x,-es6x}.json)
+    _pkgname="${pkgname%-elastic}"
 
-    cd beats-$pkgver/$pkgname
-    make install-home HOME_PREFIX="$pkgdir"/usr/share/$pkgname
+    backup=(etc/$_pkgname/$_pkgname.yml)
 
-    install -dm755 "$pkgdir"/var/lib/$pkgname
+    install -dm755 "$pkgdir"/{etc,usr/share,var/lib}/$_pkgname
 
-    install -dm755 "$pkgdir"/etc/$pkgname
-    cp $pkgname.{yml,full.yml,template{,-es2x,-es6x}.json} "$pkgdir"/etc/$pkgname
+    cd beats-$pkgver/$_pkgname
+    make install-home HOME_PREFIX="$pkgdir"/usr/share/$_pkgname
 
-    install -Dm755 $pkgname \
-                   "$pkgdir"/usr/bin/$pkgname
-    install -Dm644 "$srcdir"/$pkgname.service \
-                   "$pkgdir"/usr/lib/systemd/system/$pkgname.service
-    install -Dm644 "$srcdir"/$pkgname-tmpfile.conf \
-                   "$pkgdir"/usr/lib/tmpfiles.d/$pkgname.conf
+    cp $_pkgname.{yml,reference.yml} "$pkgdir"/etc/$_pkgname
+    install -Dm644 _meta/fields.generated.yml "$pkgdir"/etc/$_pkgname/fields.yml
 
-    cd ../libbeat
-    install -Dm755 dashboards/import_dashboards-$pkgname \
-                   "$pkgdir"/usr/share/$pkgname/scripts/import_dashboards
+    install -Dm755 $_pkgname \
+                   "$pkgdir"/usr/bin/$_pkgname
+    install -Dm644 "$srcdir"/$_pkgname.service \
+                   "$pkgdir"/usr/lib/systemd/system/$_pkgname.service
+    install -Dm644 "$srcdir"/$_pkgname-tmpfile.conf \
+                   "$pkgdir"/usr/lib/tmpfiles.d/$_pkgname.conf
 }
 
 package_filebeat() {
-    pkgdesc='Collects, pre-processes, and forwards log files to remote sources'
+    pkgdesc='Sends log files to Logstash or directly to Elasticsearch'
 
     _do_package_beat
 
     cd "$srcdir"/beats-$pkgver/$pkgname
+    cp -R modules.d "$pkgdir"/etc/$pkgname/
     install -Dm644 "$srcdir"/$pkgname.sysusers \
                    "$pkgdir"/usr/lib/sysusers.d/$pkgname.conf
 }
 
 package_packetbeat() {
-    pkgdesc='Network packet analyzer that ships data to Elasticsearch'
+    pkgdesc='Analyzes network traffic and sends the data to Elasticsearch'
     depends=('libpcap')
 
     _do_package_beat
@@ -109,7 +124,7 @@
 }
 
 package_metricbeat() {
-    pkgdesc='Server monitoring agent that stores metrics in Elasticsearch'
+    pkgdesc='Server monitoring agent that sends metrics to Elasticsearch'
     conflicts=('topbeat')
     replaces=('topbeat')
 
@@ -116,10 +131,17 @@
     _do_package_beat
 }
 
-package_heartbeat() {
-    pkgdesc='Server monitoring agent that stores metrics in Elasticsearch'
-    conflicts=('topbeat')
-    replaces=('topbeat')
+package_heartbeat-elastic() {
+    pkgdesc='Ping remote services for availability and log results to Elasticsearch or send to Logstash'
+    conflicts=('heartbeat')
+    replaces=('heartbeat')
 
     _do_package_beat
 }
+
+package_auditbeat() {
+    pkgdesc='Audit the activities of users and processes on your system'
+    depends=('audit')
+
+    _do_package_beat
+}

Added: auditbeat-tmpfile.conf
===================================================================
--- auditbeat-tmpfile.conf	                        (rev 0)
+++ auditbeat-tmpfile.conf	2017-11-17 15:00:26 UTC (rev 267089)
@@ -0,0 +1,2 @@
+d /var/log/auditbeat 0755 root root -
+d /var/lib/auditbeat 0755 root root -

Added: auditbeat.service
===================================================================
--- auditbeat.service	                        (rev 0)
+++ auditbeat.service	2017-11-17 15:00:26 UTC (rev 267089)
@@ -0,0 +1,11 @@
+[Unit]
+Description=Audit agent and shipper for Elasticsearch
+Documentation=https://www.elastic.co/guide/en/beats/auditbeat/current/index.html
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/auditbeat -c /etc/auditbeat/auditbeat.yml -path.home /usr/share/auditbeat -path.config /etc/auditbeat -path.data /var/lib/auditbeat -path.logs /var/log/auditbeat
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target

More information about the arch-commits mailing list