[arch-commits] Commit in beats/trunk (3 files)
Massimiliano Torromeo
mtorromeo at archlinux.org
Fri Nov 17 15:00:27 UTC 2017
Date: Friday, November 17, 2017 @ 15:00:26
Author: mtorromeo
Revision: 267089
upgpkg: beats 6.0.0-1
Added:
beats/trunk/auditbeat-tmpfile.conf
beats/trunk/auditbeat.service
Modified:
beats/trunk/PKGBUILD
------------------------+
PKGBUILD | 84 +++++++++++++++++++++++++++++------------------
auditbeat-tmpfile.conf | 2 +
auditbeat.service | 11 ++++++
3 files changed, 66 insertions(+), 31 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-11-17 13:15:41 UTC (rev 267088)
+++ PKGBUILD 2017-11-17 15:00:26 UTC (rev 267089)
@@ -2,8 +2,8 @@
# Contributor: Tyler Langlois <ty |at| tjll |dot| net>
pkgbase=beats
-pkgname=(filebeat packetbeat metricbeat heartbeat)
-pkgver=5.6.4
+pkgname=(filebeat packetbeat metricbeat heartbeat-elastic auditbeat)
+pkgver=6.0.0
pkgrel=1
pkgdesc='Data shippers for Elasticsearch'
arch=('x86_64')
@@ -10,7 +10,7 @@
url='https://www.elastic.co/products/beats'
license=('APACHE')
depends=('glibc')
-makedepends=('go-pie' 'git' 'libpcap' 'rsync')
+makedepends=('go-pie' 'git' 'libpcap' 'rsync' 'python')
optdepends=('elasticsearch: for standalone installation'
'python: for migration script')
options=('!strip')
@@ -20,20 +20,24 @@
"packetbeat.service"
"metricbeat.service"
"heartbeat.service"
+ "auditbeat.service"
"filebeat-tmpfile.conf"
"packetbeat-tmpfile.conf"
"metricbeat-tmpfile.conf"
- "heartbeat-tmpfile.conf")
-sha256sums=('c06f913af79bb54825483ba0ed4b31752db5784daf3717f53d83b6b12890c0a4'
+ "heartbeat-tmpfile.conf"
+ "auditbeat-tmpfile.conf")
+sha256sums=('c4a8130934eb132f637e0a76ed4d764b92e7ed469abc97587a3625a61668744e'
'33feb3690f8b31563cc1e2da557c2aa326501ce9ccd7e0a142036902bfdb05ff'
'4d5394cfe3299c9a6af5ac34c1ad4bcdc2e79162379cccbf00fb414eb28253c0'
'9f4e33fc768d3500fa3428dcbfda241c6473a2cae8cc4dbadf8f61ca9f2bbec5'
'26b123acd96808162a7f827ce6f0e9669140c2665fc28d76583a15996fbf853d'
'212cb4ab5a02d7078025f7d1f50f48e5caa25debce0852cf68cd8f89ed0a8d09'
+ 'b7f1c61950f21c7fab31166c68d4a9e5027f0c5bcc40a97913d6d89eaf643b85'
'ec999a29bc19d1b36b84e03cbd7b00b29d3e08c97ca03043b9fd6bfbe04c5e2d'
'3f3ead4168d5b4953cca883d8a3c4552c26a75f52cedfcf6c7785bfd7bbae3c4'
'cb927141d3bed94cb5570789dd9fc97713e967580ee354ff393020811f087dca'
- '9629931db8455891f0a6e9f9c91272716f2b47ec88f8a49e601423a16c7cdba5')
+ '9629931db8455891f0a6e9f9c91272716f2b47ec88f8a49e601423a16c7cdba5'
+ 'dcdf1be6acda30cc3e8949b5affbc1fe7b0a1efc2a08dfe2f878d6eb6de84d38')
prepare() {
cd beats-$pkgver
@@ -56,53 +60,64 @@
build() {
export GOPATH="$srcdir"/gopath
for beat in ${pkgname[@]}; do
+ beat="${beat%-elastic}"
msg2 "Building $beat..."
cd "$srcdir"/beats-$pkgver/$beat
make
- cd "$srcdir"/beats-$pkgver/libbeat/dashboards
- make BEAT=$beat
- mv import_dashboards import_dashboards-$beat
done
+ for beat in filebeat metricbeat auditbeat; do
+ cd "$srcdir"/beats-$pkgver/$beat
+ cp _meta/fields.common.yml _meta/fields.generated.yml
+ python ../metricbeat/scripts/fields_collector.py >> _meta/fields.generated.yml
+ make kibana
+ done
+
+ for beat in heartbeat packetbeat; do
+ cd "$srcdir"/beats-$pkgver/$beat
+ make fields
+ done
+
cd "$srcdir"/beats-$pkgver/filebeat
make modules
+
+ mv "$srcdir"/beats-$pkgver/packetbeat/_meta/{fields,fields.generated}.yml
}
_do_package_beat() {
- backup=(etc/$pkgname/$pkgname.yml etc/$pkgname/$pkgname.template{,-es2x,-es6x}.json)
+ _pkgname="${pkgname%-elastic}"
- cd beats-$pkgver/$pkgname
- make install-home HOME_PREFIX="$pkgdir"/usr/share/$pkgname
+ backup=(etc/$_pkgname/$_pkgname.yml)
- install -dm755 "$pkgdir"/var/lib/$pkgname
+ install -dm755 "$pkgdir"/{etc,usr/share,var/lib}/$_pkgname
- install -dm755 "$pkgdir"/etc/$pkgname
- cp $pkgname.{yml,full.yml,template{,-es2x,-es6x}.json} "$pkgdir"/etc/$pkgname
+ cd beats-$pkgver/$_pkgname
+ make install-home HOME_PREFIX="$pkgdir"/usr/share/$_pkgname
- install -Dm755 $pkgname \
- "$pkgdir"/usr/bin/$pkgname
- install -Dm644 "$srcdir"/$pkgname.service \
- "$pkgdir"/usr/lib/systemd/system/$pkgname.service
- install -Dm644 "$srcdir"/$pkgname-tmpfile.conf \
- "$pkgdir"/usr/lib/tmpfiles.d/$pkgname.conf
+ cp $_pkgname.{yml,reference.yml} "$pkgdir"/etc/$_pkgname
+ install -Dm644 _meta/fields.generated.yml "$pkgdir"/etc/$_pkgname/fields.yml
- cd ../libbeat
- install -Dm755 dashboards/import_dashboards-$pkgname \
- "$pkgdir"/usr/share/$pkgname/scripts/import_dashboards
+ install -Dm755 $_pkgname \
+ "$pkgdir"/usr/bin/$_pkgname
+ install -Dm644 "$srcdir"/$_pkgname.service \
+ "$pkgdir"/usr/lib/systemd/system/$_pkgname.service
+ install -Dm644 "$srcdir"/$_pkgname-tmpfile.conf \
+ "$pkgdir"/usr/lib/tmpfiles.d/$_pkgname.conf
}
package_filebeat() {
- pkgdesc='Collects, pre-processes, and forwards log files to remote sources'
+ pkgdesc='Sends log files to Logstash or directly to Elasticsearch'
_do_package_beat
cd "$srcdir"/beats-$pkgver/$pkgname
+ cp -R modules.d "$pkgdir"/etc/$pkgname/
install -Dm644 "$srcdir"/$pkgname.sysusers \
"$pkgdir"/usr/lib/sysusers.d/$pkgname.conf
}
package_packetbeat() {
- pkgdesc='Network packet analyzer that ships data to Elasticsearch'
+ pkgdesc='Analyzes network traffic and sends the data to Elasticsearch'
depends=('libpcap')
_do_package_beat
@@ -109,7 +124,7 @@
}
package_metricbeat() {
- pkgdesc='Server monitoring agent that stores metrics in Elasticsearch'
+ pkgdesc='Server monitoring agent that sends metrics to Elasticsearch'
conflicts=('topbeat')
replaces=('topbeat')
@@ -116,10 +131,17 @@
_do_package_beat
}
-package_heartbeat() {
- pkgdesc='Server monitoring agent that stores metrics in Elasticsearch'
- conflicts=('topbeat')
- replaces=('topbeat')
+package_heartbeat-elastic() {
+ pkgdesc='Ping remote services for availability and log results to Elasticsearch or send to Logstash'
+ conflicts=('heartbeat')
+ replaces=('heartbeat')
_do_package_beat
}
+
+package_auditbeat() {
+ pkgdesc='Audit the activities of users and processes on your system'
+ depends=('audit')
+
+ _do_package_beat
+}
Added: auditbeat-tmpfile.conf
===================================================================
--- auditbeat-tmpfile.conf (rev 0)
+++ auditbeat-tmpfile.conf 2017-11-17 15:00:26 UTC (rev 267089)
@@ -0,0 +1,2 @@
+d /var/log/auditbeat 0755 root root -
+d /var/lib/auditbeat 0755 root root -
Added: auditbeat.service
===================================================================
--- auditbeat.service (rev 0)
+++ auditbeat.service 2017-11-17 15:00:26 UTC (rev 267089)
@@ -0,0 +1,11 @@
+[Unit]
+Description=Audit agent and shipper for Elasticsearch
+Documentation=https://www.elastic.co/guide/en/beats/auditbeat/current/index.html
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/auditbeat -c /etc/auditbeat/auditbeat.yml -path.home /usr/share/auditbeat -path.config /etc/auditbeat -path.data /var/lib/auditbeat -path.logs /var/log/auditbeat
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
More information about the arch-commits
mailing list