Skip to content

Commit

Permalink
Setprocess.name on syslog journald (#41354)
Browse files Browse the repository at this point in the history
This PR adds the missing process.name field to System module, Syslog fileset
  • Loading branch information
belimawr authored Oct 23, 2024
1 parent 1aa9ef6 commit d2796da
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 1 deletion.
6 changes: 5 additions & 1 deletion filebeat/module/system/syslog/ingest/journald.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,11 @@ processors:
copy_from: _ingest.timestamp
- set:
field: "process.pid"
value: '{{ journald.pid }}'
value: "{{ journald.pid }}"
- set:
field: "process.name"
value: "{{ journald.process.name }}"
ignore_failure: true
- set:
field: event.kind
value: event
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
],
"process.args_count": 1,
"process.command_line": "/sbin/init",
"process.name": "systemd",
"process.pid": "1",
"related.hosts": [
"vagrant-debian-12"
Expand All @@ -36,6 +37,7 @@
"log.syslog.facility.code": 0,
"log.syslog.priority": 6,
"message": "Console: switching to colour frame buffer device 160x50",
"process.name": "",
"process.pid": "",
"related.hosts": [
"vagrant-debian-12"
Expand All @@ -54,6 +56,7 @@
"log.syslog.facility.code": 0,
"log.syslog.priority": 6,
"message": "thermal_sys: Registered thermal governor 'power_allocator'",
"process.name": "",
"process.pid": "",
"related.hosts": [
"bookworm"
Expand Down

0 comments on commit d2796da

Please sign in to comment.