Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add elasticsearch/enrich metricset #14243

Merged
merged 20 commits into from
Oct 29, 2019
Merged

Conversation

ycombinator
Copy link
Contributor

@ycombinator ycombinator commented Oct 25, 2019

Resolves #14221.

This PR adds a new enrich metricset to the elasticsearch Metricbeat module. This metricset is responsible for collecting stats from the GET _enrich/_stats Elasticsearch API. It's primarily intended to be used for Stack Monitoring, i.e. with the xpack.enabled flag set to true in the elasticsearch module configuration.

Testing this PR

  1. Build Metricbeat with this PR.

    cd $GOPATH/src/github.com/elastic/beats/metricbeat
    mage build
    
  2. Enable the elasticsearch-xpack module. This module configuration contains the enrich metricset.

    ./metricbeat modules enable elasticsearch-xpack
    
  3. Run Metricbeat.

    ./metricbeat -e
    
  4. Follow the 6 steps at https://www.elastic.co/guide/en/elasticsearch/reference/7.x/ingest-enriching-data.html to ingest a document and have Elasticsearch enrich it. This will generate some enrich stats.

  5. Give the elasticsearch/enrich metricset up to 10 seconds to collect enrich stats and index them.

  6. Verify that the .monitoring-es-* indices contains enrich stats documents.

    # This will most likely return no hits, unless Metricbeat performed a collection
    # right as the enrich policy was still being executed.
    GET .monitoring-es-*/_search?q=type:enrich_executing_policy_stats&sort=timestamp:desc
    
    GET .monitoring-es-*/_search?q=type:enrich_coordinator_stats&sort=timestamp:desc
    

@elasticmachine
Copy link
Collaborator

Pinging @elastic/stack-monitoring (Stack monitoring)

@ycombinator ycombinator marked this pull request as ready for review October 28, 2019 22:54
Copy link
Contributor

@cachedout cachedout left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks really good. I have verified this functionally using the steps provided and it works as described. I have also verified by hand that the documents produced by this PR line up with the fields that we are gathering via internal collection. I reviewed the code as well and found no concerns.

@ycombinator
Copy link
Contributor Author

Travis CI is green. Jenkins CI failures are unrelated. Merging...

@ycombinator ycombinator merged commit 9b96d62 into elastic:master Oct 29, 2019
@ycombinator ycombinator deleted the mb-es-enrich branch October 29, 2019 11:56
ycombinator added a commit that referenced this pull request Oct 29, 2019
* Add `elasticsearch/enrich` metricset (#14243)

* WIP: elasticsearch/enrich metricset

* Adding non-xpack event creation

* More changes

* Adding docs.asciidoc

* Running make update

* Adding missing file

* Adding data.json

* Implement xpack.enabled: true event creation

* Adding missing import

* Remove license check as enrich is available in basic

* Skip enrich integration test against ES versions < 7.5.0

* Skip system tests for enrich metricset with ES < 7.5.0

* Adding integration test

* Updating data.json

* Adding CHANGELOG entry

* Adding system test

* Fixing up system tests

* Cleanup!

* Only try to create enrich stats if enrich feature is available

* Fixing skip logic

* Fixing up CHANGELOG
jorgemarey pushed a commit to jorgemarey/beats that referenced this pull request Jun 8, 2020
* WIP: elasticsearch/enrich metricset

* Adding non-xpack event creation

* More changes

* Adding docs.asciidoc

* Running make update

* Adding missing file

* Adding data.json

* Implement xpack.enabled: true event creation

* Adding missing import

* Remove license check as enrich is available in basic

* Skip enrich integration test against ES versions < 7.5.0

* Skip system tests for enrich metricset with ES < 7.5.0

* Adding integration test

* Updating data.json

* Adding CHANGELOG entry

* Adding system test

* Fixing up system tests

* Cleanup!

* Only try to create enrich stats if enrich feature is available

* Fixing skip logic
leweafan pushed a commit to leweafan/beats that referenced this pull request Apr 28, 2023
…4302)

* Add `elasticsearch/enrich` metricset (elastic#14243)

* WIP: elasticsearch/enrich metricset

* Adding non-xpack event creation

* More changes

* Adding docs.asciidoc

* Running make update

* Adding missing file

* Adding data.json

* Implement xpack.enabled: true event creation

* Adding missing import

* Remove license check as enrich is available in basic

* Skip enrich integration test against ES versions < 7.5.0

* Skip system tests for enrich metricset with ES < 7.5.0

* Adding integration test

* Updating data.json

* Adding CHANGELOG entry

* Adding system test

* Fixing up system tests

* Cleanup!

* Only try to create enrich stats if enrich feature is available

* Fixing skip logic

* Fixing up CHANGELOG
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Metricbeat] Elasticsearch enrichment stats API
4 participants