Skip to content
Merged
Show file tree
Hide file tree
Changes from 9 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,10 @@ jobs:
env: TARGETS="-C auditbeat crosscompile"
go: $GO_VERSION
stage: test
- os: linux
env: TARGETS="-C x-pack/auditbeat testsuite"
go: $GO_VERSION
stage: test

# Libbeat
- os: linux
Expand Down
10 changes: 7 additions & 3 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,15 @@ REVIEWDOG_OPTIONS?=-diff "git diff master"
REVIEWDOG_REPO=github.com/haya14busa/reviewdog/cmd/reviewdog
XPACK_SUFFIX=x-pack/

# PROJECTS_XPACK_PKG is a list of Beats that have independent packaging support
# in the x-pack directory (rather than having the OSS build produce both sets
# of artifacts). This will be removed once we complete the transition.
PROJECTS_XPACK_PKG=x-pack/auditbeat
# PROJECTS_XPACK_MAGE is a list of Beats whose primary build logic is based in
# Mage. For compatibility with CI testing these projects support a subset of the
# makefile targets. After all Beats converge to primarily using Mage we can
# remove this and treat all sub-projects the same.
PROJECTS_XPACK_MAGE=x-pack/filebeat x-pack/metricbeat
PROJECTS_XPACK_MAGE=x-pack/filebeat x-pack/metricbeat $(PROJECTS_XPACK_PKG)

# Runs complete testsuites (unit, system, integration) for all beats with coverage and race detection.
# Also it builds the docs and the generators
Expand Down Expand Up @@ -156,8 +160,8 @@ snapshot:
# Builds a release.
.PHONY: release
release: beats-dashboards
@$(foreach var,$(BEATS),$(MAKE) -C $(var) release || exit 1;)
@$(foreach var,$(BEATS), \
@$(foreach var,$(BEATS) $(PROJECTS_XPACK_PKG),$(MAKE) -C $(var) release || exit 1;)
@$(foreach var,$(BEATS) $(PROJECTS_XPACK_PKG), \
test -d $(var)/build/distributions && test -n "$$(ls $(var)/build/distributions)" || exit 0; \
mkdir -p build/distributions/$(subst $(XPACK_SUFFIX),'',$(var)) && mv -f $(var)/build/distributions/* build/distributions/$(subst $(XPACK_SUFFIX),'',$(var))/ || exit 1;)

Expand Down
5 changes: 3 additions & 2 deletions Vagrantfile
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ cmd /c mklink /d C:\\Gopath\\src\\github.com\\elastic\\beats \\\\vboxsvr\\vagran

echo "Installing gvm to manage go version"
[Net.ServicePointManager]::SecurityProtocol = "tls12"
Invoke-WebRequest -URI https://github.com/andrewkroh/gvm/releases/download/v0.0.5/gvm-windows-amd64.exe -Outfile C:\Windows\System32\gvm.exe
Invoke-WebRequest -URI https://github.com/andrewkroh/gvm/releases/download/v0.1.0/gvm-windows-amd64.exe -Outfile C:\Windows\System32\gvm.exe
C:\Windows\System32\gvm.exe --format=powershell #{GO_VERSION} | Invoke-Expression
go version

Expand Down Expand Up @@ -72,8 +72,9 @@ SCRIPT
$linuxGvmProvision = <<SCRIPT
mkdir -p ~/bin
if [ ! -e "~/bin/gvm" ]; then
curl -sL -o ~/bin/gvm https://github.com/andrewkroh/gvm/releases/download/v0.0.5/gvm-linux-amd64
curl -sL -o ~/bin/gvm https://github.com/andrewkroh/gvm/releases/download/v0.1.0/gvm-linux-amd64
chmod +x ~/bin/gvm
~/bin/gvm $GO_VERSION
echo 'export GOPATH=$HOME/go' >> ~/.bash_profile
echo 'export PATH=$HOME/bin:$GOPATH/bin:$PATH' >> ~/.bash_profile
echo 'eval "$(gvm #{GO_VERSION})"' >> ~/.bash_profile
Expand Down
21 changes: 8 additions & 13 deletions auditbeat/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,17 +1,12 @@
FROM golang:1.11.2
MAINTAINER Nicolas Ruflin <ruflin@elastic.co>

RUN set -x && \
apt-get update && \
apt-get install -y --no-install-recommends \
netcat python-pip virtualenv && \
apt-get clean
RUN \
apt-get update \
&& apt-get install -y --no-install-recommends \
python-pip \
virtualenv \
&& rm -rf /var/lib/apt/lists/*

RUN pip install --upgrade pip
RUN pip install --upgrade setuptools

# Setup work environment
ENV AUDITBEAT_PATH /go/src/github.com/elastic/beats/auditbeat

RUN mkdir -p $AUDITBEAT_PATH/build/coverage
WORKDIR $AUDITBEAT_PATH
HEALTHCHECK CMD exit 0
RUN pip install --upgrade docker-compose==1.21.0
32 changes: 4 additions & 28 deletions auditbeat/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -3,36 +3,12 @@ BEAT_TITLE=Auditbeat
SYSTEM_TESTS=true
TEST_ENVIRONMENT?=true
GOX_OS?=linux windows ## @Building List of all OS to be supported by "make crosscompile".
DEV_OS?=linux
ES_BEATS?=..
EXCLUDE_COMMON_UPDATE_TARGET=true

# Path to the libbeat Makefile
include ${ES_BEATS}/libbeat/scripts/Makefile

# Collects all dependencies and then calls update
.PHONY: collect
collect: collect-docs configs kibana

# Collects all module configs
.PHONY: configs
configs: python-env
@cat ${ES_BEATS}/auditbeat/_meta/common.p1.yml \
<(go run scripts/generate_config.go -os ${DEV_OS} -concat) \
${ES_BEATS}/auditbeat/_meta/common.p2.yml > _meta/beat.yml
@cat ${ES_BEATS}/auditbeat/_meta/common.reference.yml \
<(go run scripts/generate_config.go -os ${DEV_OS} -ref -concat) > _meta/beat.reference.yml

# Collects all module docs
.PHONY: collect-docs
collect-docs: python-env
@rm -rf docs/modules
@mkdir -p docs/modules
@go run scripts/generate_config.go -os linux
@${PYTHON_ENV}/bin/python ${ES_BEATS}/auditbeat/scripts/docs_collector.py --beat ${BEAT_NAME}

# Collects all module dashboards
.PHONY: kibana
kibana:
@-rm -rf _meta/kibana.generated
@mkdir -p _meta/kibana.generated
@-cp -pr module/*/_meta/kibana/* _meta/kibana.generated
.PHONY: update
update: mage
mage update
2 changes: 0 additions & 2 deletions auditbeat/auditbeat.reference.yml
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,6 @@ auditbeat.modules:
## Unauthorized access attempts.
#-a always,exit -F arch=b64 -S open,creat,truncate,ftruncate,openat,open_by_handle_at -F exit=-EACCES -k access
#-a always,exit -F arch=b64 -S open,creat,truncate,ftruncate,openat,open_by_handle_at -F exit=-EPERM -k access

# The file integrity module sends events when files are changed (created,
# updated, deleted). The events contain file metadata and hashes.
- module: file_integrity
Expand Down Expand Up @@ -110,7 +109,6 @@ auditbeat.modules:
# Detect changes to files included in subdirectories. Disabled by default.
recursive: false


#================================ General ======================================

# The name of the shipper that publishes the network data. It can be used to group
Expand Down
2 changes: 0 additions & 2 deletions auditbeat/auditbeat.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,6 @@ auditbeat.modules:
## Unauthorized access attempts.
#-a always,exit -F arch=b64 -S open,creat,truncate,ftruncate,openat,open_by_handle_at -F exit=-EACCES -k access
#-a always,exit -F arch=b64 -S open,creat,truncate,ftruncate,openat,open_by_handle_at -F exit=-EPERM -k access

- module: file_integrity
paths:
- /bin
Expand All @@ -48,7 +47,6 @@ auditbeat.modules:
- /etc



#==================== Elasticsearch template setting ==========================
setup.template.settings:
index.number_of_shards: 3
Expand Down
6 changes: 4 additions & 2 deletions auditbeat/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,12 @@ services:
build: ${PWD}/.
depends_on:
- proxy_dep
env_file:
- ${PWD}/build/test.env
working_dir: /go/src/github.com/elastic/beats/auditbeat
environment:
- ES_HOST=elasticsearch
- ES_PORT=9200
- ES_USER=beats
- ES_PASS=testing
- KIBANA_HOST=kibana
- KIBANA_PORT=5601
volumes:
Expand Down
5 changes: 3 additions & 2 deletions auditbeat/include/list.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading