Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[filebeat] First unifiedlogs implementation #41791

Merged
merged 18 commits into from
Dec 12, 2024
Merged

[filebeat] First unifiedlogs implementation #41791

merged 18 commits into from
Dec 12, 2024

Conversation

marc-gr
Copy link
Contributor

@marc-gr marc-gr commented Nov 26, 2024
edited
Loading

Proposed commit message

Adds a new input to process logs from the MacOS Unified Logs system.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works
  • I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

@marc-gr marc-gr added enhancement Team:Security-Windows Platform Windows Platform Team in Security Solution backport-8.x Automated backport to the 8.x branch with mergify labels Nov 26, 2024
@botelastic botelastic bot added needs_team Indicates that the issue/PR needs a Team:* label and removed needs_team Indicates that the issue/PR needs a Team:* label labels Nov 26, 2024
@marc-gr marc-gr force-pushed the feat/macos-ul branch 2 times, most recently from 9bd680d to 033ceaa Compare November 26, 2024 12:50
@mergify Mergify
Copy link
Contributor

mergify bot commented Dec 3, 2024

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b feat/macos-ul upstream/feat/macos-ul
git merge upstream/main
git push upstream feat/macos-ul

@cla-checker-service CLA Checker Service
Copy link

cla-checker-service bot commented Dec 5, 2024
edited
Loading

💚 CLA has been signed

@mergify Mergify
Copy link
Contributor

mergify bot commented Dec 5, 2024

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b feat/macos-ul upstream/feat/macos-ul
git merge upstream/main
git push upstream feat/macos-ul

@marc-gr marc-gr marked this pull request as ready for review December 5, 2024 20:11
@marc-gr marc-gr requested a review from a team as a code owner December 5, 2024 20:11
@marc-gr marc-gr requested a review from AndersonQ December 5, 2024 20:11
@marc-gr marc-gr requested a review from rdner December 5, 2024 20:11
@elasticmachine
Copy link
Collaborator

Pinging @elastic/sec-windows-platform (Team:Security-Windows Platform)

matthewscherer
matthewscherer approved these changes Dec 11, 2024
View reviewed changes
Copy link

@matthewscherer matthewscherer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

x-pack/filebeat/input/unifiedlogs/input_test.go
return nil
}

func TestInput(t *testing.T) {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for all the tests.

@marc-gr marc-gr merged commit f9a9b32 into elastic:main Dec 12, 2024
37 checks passed
@marc-gr marc-gr deleted the feat/macos-ul branch December 12, 2024 07:27
mergify bot pushed a commit that referenced this pull request Dec 12, 2024
@marc-gr @mergify
[filebeat] First unifiedlogs implementation (#41791)
1858c76 
* First unifiedlogs implementation

* Fix date check and accept multiple predicates

* Fix cursor and date walking

* Log stderr on error

* Add 1s tick

* Refactor to do automatic backfill

* Add docs and fix resuming from interrupted backfilling

* Fix doc config example

* Add first unit tests

* wip tests

* Add stream test

* Extract test and make input stable

* Improve docs

---------

Co-authored-by: r-ung <[email protected]>
(cherry picked from commit f9a9b32)
@mergify mergify bot mentioned this pull request Dec 12, 2024
Merged
6 tasks
marc-gr added a commit that referenced this pull request Dec 12, 2024
@mergify @marc-gr
[filebeat] First unifiedlogs implementation (#41791) (#42005)
63df576 
* First unifiedlogs implementation

* Fix date check and accept multiple predicates

* Fix cursor and date walking

* Log stderr on error

* Add 1s tick

* Refactor to do automatic backfill

* Add docs and fix resuming from interrupted backfilling

* Fix doc config example

* Add first unit tests

* wip tests

* Add stream test

* Extract test and make input stable

* Improve docs

---------

Co-authored-by: r-ung <[email protected]>
(cherry picked from commit f9a9b32)

Co-authored-by: Marc Guasch <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matthewscherer matthewscherer matthewscherer approved these changes

@rdner rdner rdner approved these changes

@AndersonQ AndersonQ Awaiting requested review from AndersonQ AndersonQ is a code owner automatically assigned from elastic/elastic-agent-data-plane

Assignees

@marc-gr marc-gr

Labels
backport-8.x Automated backport to the 8.x branch with mergify enhancement Team:Security-Windows Platform Windows Platform Team in Security Solution
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@marc-gr @elasticmachine @rdner @matthewscherer @ricardoungureanu