ebaa226853
* elk7: 7.11.1 -> 7.16.1 * nixosTests.elk: Improve reliability and compatibility with ELK 7.x - Use comparisons in jq instead of grepping - Match for `.hits.total.value` if version >= 7, otherwise it always passes - Make curl fail if requests fails * nixos/filebeat: Add initial module and test Filebeat is an open source file harvester, mostly used to fetch logs files and feed them into logstash. This module can be used instead of journalbeat if used with `filebeat7` and configured with the `journald` input. * python3Packages.parsedmarc.tests: Fix breakage - Don't use the deprecated elasticsearch7-oss package - Improve jq query robustness and add tracing * rl-2205: Note the addition of the filebeat service * elk6: 6.8.3 -> 6.8.21 The latest version includes a fix for CVE-2021-44228. * nixos/journalbeat: Add a loose dependency on elasticsearch Avoid unnecssary back-off when elasticsearch is running on the same host.
58 lines
1.9 KiB
Nix
58 lines
1.9 KiB
Nix
{ lib, fetchFromGitHub, elk7Version, buildGoModule, libpcap, nixosTests, systemd }:
|
|
|
|
let beat = package: extraArgs: buildGoModule (rec {
|
|
pname = package;
|
|
version = elk7Version;
|
|
|
|
src = fetchFromGitHub {
|
|
owner = "elastic";
|
|
repo = "beats";
|
|
rev = "v${version}";
|
|
sha256 = "sha256-9Jl5Xo1iKdOY9ZE5JXKSL4ee+NdsN3KCY2dDYuxlzPI=";
|
|
};
|
|
|
|
vendorSha256 = "sha256-tyxyM7RsTHTVVxc9gagPsSvFRaWGTmobKzyv9RODXBk=";
|
|
|
|
subPackages = [ package ];
|
|
|
|
meta = with lib; {
|
|
homepage = "https://www.elastic.co/products/beats";
|
|
license = licenses.asl20;
|
|
maintainers = with maintainers; [ fadenb basvandijk ];
|
|
platforms = platforms.linux;
|
|
};
|
|
} // extraArgs);
|
|
in
|
|
rec {
|
|
filebeat7 = beat "filebeat" {
|
|
meta.description = "Lightweight shipper for logfiles";
|
|
buildInputs = [ systemd ];
|
|
tags = [ "withjournald" ];
|
|
postFixup = ''
|
|
patchelf --set-rpath ${lib.makeLibraryPath [ (lib.getLib systemd) ]} "$out/bin/filebeat"
|
|
'';
|
|
};
|
|
heartbeat7 = beat "heartbeat" { meta.description = "Lightweight shipper for uptime monitoring"; };
|
|
metricbeat7 = beat "metricbeat" {
|
|
meta.description = "Lightweight shipper for metrics";
|
|
passthru.tests =
|
|
assert metricbeat7.drvPath == nixosTests.elk.ELK-7.elkPackages.metricbeat.drvPath;
|
|
{
|
|
elk = nixosTests.elk.ELK-7;
|
|
};
|
|
};
|
|
packetbeat7 = beat "packetbeat" {
|
|
buildInputs = [ libpcap ];
|
|
meta.description = "Network packet analyzer that ships data to Elasticsearch";
|
|
meta.longDescription = ''
|
|
Packetbeat is an open source network packet analyzer that ships the
|
|
data to Elasticsearch.
|
|
|
|
Think of it like a distributed real-time Wireshark with a lot more
|
|
analytics features. The Packetbeat shippers sniff the traffic between
|
|
your application processes, parse on the fly protocols like HTTP, MySQL,
|
|
PostgreSQL, Redis or Thrift and correlate the messages into transactions.
|
|
'';
|
|
};
|
|
}
|