From cef4c5b011241480377eb40a9fae6b3393255708 Mon Sep 17 00:00:00 2001
From: Craig MacKenzie <craig.mackenzie@elastic.co>
Date: Mon, 28 Oct 2024 18:17:11 -0400
Subject: [PATCH] =?UTF-8?q?[8.16]=20Revert=20"[filebeat][winlog]=20impleme?=
 =?UTF-8?q?nt=20status=20reporter=20for=20winlog=20input=E2=80=A6=20(#4146?=
 =?UTF-8?q?8)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Revert "[filebeat][winlog] implement status reporter for winlog input (#40163)"

This reverts commit 5e4e7e5d772525363fd87d57cc777871831caf5f.

* Remove changelog entry.

(cherry picked from commit 05125a9adacff06eb99d57cd1687a6a8a83d0d68)
---
 CHANGELOG.next.asciidoc        |  8 ++++++--
 filebeat/input/winlog/input.go | 25 +++++--------------------
 2 files changed, 11 insertions(+), 22 deletions(-)

diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc
index d75849ed5476..1c5bf82c4fcc 100644
--- a/CHANGELOG.next.asciidoc
+++ b/CHANGELOG.next.asciidoc
@@ -37,8 +37,7 @@ https://github.com/elastic/beats/compare/v8.8.1\...main[Check the HEAD diff]
 - Fix high IO and handling of a corrupted registry log file. {pull}35893[35893]
 - Enable file ingestion to report detailed status to Elastic Agent {pull}40075[40075]
 - Filebeat, when running with Elastic-Agent, reports status for Filestream input. {pull}40121[40121]
-- Implement Elastic Agent status and health reporting for Winlog Filebeat input. {pull}40163[40163]
-- Fix filestream's registry GC: registry entries will never be removed if clean_inactive is set to "-1". {pull}40258[40258]
+- Fix filestream's registry GC: registry entries will never be removed if clean_inactive is set to s"-1". {pull}40258[40258]
 - Added `ignore_empty_values` flag in `decode_cef` Filebeat processor. {pull}40268[40268]
 - Added support for hyphens in extension keys in `decode_cef` Filebeat processor. {pull}40427[40427]
 - Journald: removed configuration options `include_matches.or`, `include_matches.and`, `backoff`, `max_backoff`, `cursor_seek_fallback`. {pull}40061[40061]
@@ -352,6 +351,11 @@ https://github.com/elastic/beats/compare/v8.8.1\...main[Check the HEAD diff]
 - Add SSL support for aerospike module {pull}38126[38126]
 - Add `use_kubeadm` config option in kubernetes module in order to toggle kubeadm-config api requests {pull}40086[40086]
 - Log the total time taken for GCP `ListTimeSeries` and `AggregatedList` requests {pull}40661[40661]
+- Add metrics related to triggered alarms in all the vSphere metricsets. {pull}40714[40714] {pull}40876[40876]
+- Add new metricset datastorecluster for vSphere module. {pull}40634[40634]
+- Add support for new metrics in datastorecluster metricset. {pull}40694[40694]
+- Add metrics related to alert in all the vSphere metricsets. {pull}40714[40714]
+- Add new metrics fot datastore and minor changes to overall vSphere metrics {pull}40766[40766]
 - Add new metrics for the vSphere Host metricset. {pull}40429[40429]
 - Add new metrics for the vSphere Datastore metricset. {pull}40441[40441]
 - Add new metricset cluster for the vSphere module. {pull}40536[40536]
diff --git a/filebeat/input/winlog/input.go b/filebeat/input/winlog/input.go
index 945dd0e34765..ab925cbdd3c6 100644
--- a/filebeat/input/winlog/input.go
+++ b/filebeat/input/winlog/input.go
@@ -26,7 +26,6 @@ import (
 	input "github.com/elastic/beats/v7/filebeat/input/v2"
 	cursor "github.com/elastic/beats/v7/filebeat/input/v2/input-cursor"
 	"github.com/elastic/beats/v7/libbeat/feature"
-	"github.com/elastic/beats/v7/libbeat/management/status"
 	"github.com/elastic/elastic-agent-libs/logp"
 	"github.com/elastic/go-concert/ctxtool"
 	"github.com/elastic/go-concert/timed"
@@ -40,10 +39,6 @@ type eventlogRunner struct{}
 
 const pluginName = "winlog"
 
-const channelNotFoundError = "Encountered channel not found error when opening Windows Event Log"
-const eventLogReadingError = "Error occurred while reading from Windows Event Log"
-const resetError = "Error resetting Windows Event Log handle"
-
 // Plugin create a stateful input Plugin collecting logs from Windows Event Logs.
 func Plugin(log *logp.Logger, store cursor.StateStore) input.Plugin {
 	return input.Plugin{
@@ -104,7 +99,6 @@ func (eventlogRunner) Run(
 
 	// Flag used to detect repeat "channel not found" errors, eliminating log spam.
 	channelNotFoundErrDetected := false
-	ctx.UpdateStatus(status.Running, "")
 
 runLoop:
 	for {
@@ -115,9 +109,6 @@ runLoop:
 
 		evtCheckpoint := initCheckpoint(log, cursor)
 		openErr := api.Open(evtCheckpoint)
-		// Mark the input running.
-		// Status will be changed to "Degraded" if any error are encountered during opening/reading
-		ctx.UpdateStatus(status.Running, "")
 
 		switch {
 		case eventlog.IsRecoverable(openErr):
@@ -126,16 +117,14 @@ runLoop:
 			continue
 		case !api.IsFile() && eventlog.IsChannelNotFound(openErr):
 			if !channelNotFoundErrDetected {
-				log.Errorw(channelNotFoundError, "error", openErr)
+				log.Errorw("Encountered channel not found error when opening Windows Event Log", "error", openErr)
 			} else {
-				log.Debugw(channelNotFoundError, "error", openErr)
+				log.Debugw("Encountered channel not found error when opening Windows Event Log", "error", openErr)
 			}
-			ctx.UpdateStatus(status.Degraded, fmt.Sprintf("%s: %v", channelNotFoundError, openErr))
 			channelNotFoundErrDetected = true
 			_ = timed.Wait(cancelCtx, 5*time.Second)
 			continue
 		case openErr != nil:
-			ctx.UpdateStatus(status.Degraded, fmt.Sprintf("failed to open Windows Event Log channel %q: %v", api.Channel(), openErr))
 			return fmt.Errorf("failed to open Windows Event Log channel %q: %w", api.Channel(), openErr)
 		}
 		channelNotFoundErrDetected = false
@@ -148,16 +137,14 @@ runLoop:
 			if eventlog.IsRecoverable(err) {
 				log.Errorw("Encountered recoverable error when reading from Windows Event Log", "error", err)
 				if resetErr := api.Reset(); resetErr != nil {
-					log.Errorw(resetError, "error", resetErr)
-					ctx.UpdateStatus(status.Degraded, fmt.Sprintf("%s: %v", resetError, resetErr))
+					log.Errorw("Error resetting Windows Event Log handle", "error", resetErr)
 				}
 				continue runLoop
 			}
 			if !api.IsFile() && eventlog.IsChannelNotFound(err) {
 				log.Errorw("Encountered channel not found error when reading from Windows Event Log", "error", err)
 				if resetErr := api.Reset(); resetErr != nil {
-					log.Errorw(resetError, "error", resetErr)
-					ctx.UpdateStatus(status.Degraded, fmt.Sprintf("%s: %v", resetError, resetErr))
+					log.Errorw("Error resetting Windows Event Log handle", "error", resetErr)
 				}
 				continue runLoop
 			}
@@ -173,8 +160,7 @@ runLoop:
 					return nil
 				}
 
-				log.Errorw(eventLogReadingError, "error", err)
-				ctx.UpdateStatus(status.Degraded, fmt.Sprintf("%s: %v", eventLogReadingError, err))
+				log.Errorw("Error occurred while reading from Windows Event Log", "error", err)
 				return err
 			}
 			if len(records) == 0 {
@@ -187,7 +173,6 @@ runLoop:
 				if err := publisher.Publish(event, record.Offset); err != nil {
 					// Publisher indicates disconnect when returning an error.
 					// stop trying to publish records and quit
-					ctx.UpdateStatus(status.Degraded, fmt.Sprintf("Error occurred while publishing from winlog: %v", err))
 					return err
 				}
 			}