diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc index 9a87eb1b0801..5d134840c322 100644 --- a/CHANGELOG.asciidoc +++ b/CHANGELOG.asciidoc @@ -192,6 +192,7 @@ https://github.com/elastic/beats/compare/v6.0.0-beta2...master[Check the HEAD di - Preserve runtime from container statuses in Kubernetes autodiscover {pull}6456[6456] - Experimental feature setup.template.append_fields added. {pull}6024[6024] - Add appender support to autodiscover {pull}6469[6469] +- Add add_host_metadata processor {pull}5968[5968] *Auditbeat* diff --git a/auditbeat/auditbeat.reference.yml b/auditbeat/auditbeat.reference.yml index 86cf4fa2a137..a38b6ef046f6 100644 --- a/auditbeat/auditbeat.reference.yml +++ b/auditbeat/auditbeat.reference.yml @@ -220,6 +220,7 @@ auditbeat.modules: # #processors: #- add_docker_metadata: ~ +#- add_host_metadata: ~ #============================= Elastic Cloud ================================== diff --git a/auditbeat/docs/fields.asciidoc b/auditbeat/docs/fields.asciidoc index 3d65e309b1c0..d7cfca742769 100644 --- a/auditbeat/docs/fields.asciidoc +++ b/auditbeat/docs/fields.asciidoc @@ -18,6 +18,7 @@ grouped in the following categories: * <> * <> * <> +* <> * <> -- @@ -2527,6 +2528,62 @@ type: keyword SHA512/256 hash of the file. +[[exported-fields-host-processor]] +== Host fields + +Info collected for the host machine. + + + + +[float] +=== `host.hostname` + +type: keyword + +Hostname. + + +[float] +=== `host.id` + +type: keyword + +Unique host id. + + +[float] +=== `host.architecture` + +type: keyword + +Host architecture (e.g. x86_64, arm, ppc, mips). + + +[float] +=== `host.os.platform` + +type: object + +OS platform (e.g. centos, ubuntu, windows). + + +[float] +=== `host.os.version` + +type: object + +OS version. + + +[float] +=== `host.os.family` + +type: object + +OS family (e.g. redhat, debian, freebsd, windows). + + [[exported-fields-kubernetes-processor]] == Kubernetes fields diff --git a/filebeat/docs/fields.asciidoc b/filebeat/docs/fields.asciidoc index f38d510e7d41..2c81c5d71230 100644 --- a/filebeat/docs/fields.asciidoc +++ b/filebeat/docs/fields.asciidoc @@ -17,6 +17,7 @@ grouped in the following categories: * <> * <> * <> +* <> * <> * <> * <> @@ -647,6 +648,62 @@ type: object Image labels. +[[exported-fields-host-processor]] +== Host fields + +Info collected for the host machine. + + + + +[float] +=== `host.hostname` + +type: keyword + +Hostname. + + +[float] +=== `host.id` + +type: keyword + +Unique host id. + + +[float] +=== `host.architecture` + +type: keyword + +Host architecture (e.g. x86_64, arm, ppc, mips). + + +[float] +=== `host.os.platform` + +type: object + +OS platform (e.g. centos, ubuntu, windows). + + +[float] +=== `host.os.version` + +type: object + +OS version. + + +[float] +=== `host.os.family` + +type: object + +OS family (e.g. redhat, debian, freebsd, windows). + + [[exported-fields-icinga]] == Icinga fields diff --git a/filebeat/filebeat.reference.yml b/filebeat/filebeat.reference.yml index a7d7d5dc6e21..3b9efd505c2a 100644 --- a/filebeat/filebeat.reference.yml +++ b/filebeat/filebeat.reference.yml @@ -694,6 +694,7 @@ filebeat.inputs: # #processors: #- add_docker_metadata: ~ +#- add_host_metadata: ~ #============================= Elastic Cloud ================================== diff --git a/heartbeat/docs/fields.asciidoc b/heartbeat/docs/fields.asciidoc index 0462ed381312..42a97bb5ae88 100644 --- a/heartbeat/docs/fields.asciidoc +++ b/heartbeat/docs/fields.asciidoc @@ -16,6 +16,7 @@ grouped in the following categories: * <> * <> * <> +* <> * <> * <> * <> @@ -296,6 +297,62 @@ type: object Image labels. +[[exported-fields-host-processor]] +== Host fields + +Info collected for the host machine. + + + + +[float] +=== `host.hostname` + +type: keyword + +Hostname. + + +[float] +=== `host.id` + +type: keyword + +Unique host id. + + +[float] +=== `host.architecture` + +type: keyword + +Host architecture (e.g. x86_64, arm, ppc, mips). + + +[float] +=== `host.os.platform` + +type: object + +OS platform (e.g. centos, ubuntu, windows). + + +[float] +=== `host.os.version` + +type: object + +OS version. + + +[float] +=== `host.os.family` + +type: object + +OS family (e.g. redhat, debian, freebsd, windows). + + [[exported-fields-http]] == HTTP monitor fields diff --git a/heartbeat/heartbeat.reference.yml b/heartbeat/heartbeat.reference.yml index d368a6045442..a41c2c77a943 100644 --- a/heartbeat/heartbeat.reference.yml +++ b/heartbeat/heartbeat.reference.yml @@ -329,6 +329,7 @@ heartbeat.scheduler: # #processors: #- add_docker_metadata: ~ +#- add_host_metadata: ~ #============================= Elastic Cloud ================================== diff --git a/libbeat/_meta/config.reference.yml b/libbeat/_meta/config.reference.yml index 931a430f180d..b1a896857dd7 100644 --- a/libbeat/_meta/config.reference.yml +++ b/libbeat/_meta/config.reference.yml @@ -115,6 +115,7 @@ # #processors: #- add_docker_metadata: ~ +#- add_host_metadata: ~ #============================= Elastic Cloud ================================== diff --git a/libbeat/cmd/instance/beat.go b/libbeat/cmd/instance/beat.go index c1df52914322..41fda773fdba 100644 --- a/libbeat/cmd/instance/beat.go +++ b/libbeat/cmd/instance/beat.go @@ -46,6 +46,7 @@ import ( _ "github.com/elastic/beats/libbeat/processors/actions" _ "github.com/elastic/beats/libbeat/processors/add_cloud_metadata" _ "github.com/elastic/beats/libbeat/processors/add_docker_metadata" + _ "github.com/elastic/beats/libbeat/processors/add_host_metadata" _ "github.com/elastic/beats/libbeat/processors/add_kubernetes_metadata" _ "github.com/elastic/beats/libbeat/processors/add_locale" diff --git a/libbeat/docs/processors-using.asciidoc b/libbeat/docs/processors-using.asciidoc index 9b96d837dc22..908ee30f3d0f 100644 --- a/libbeat/docs/processors-using.asciidoc +++ b/libbeat/docs/processors-using.asciidoc @@ -45,6 +45,7 @@ The supported processors are: * <> * <> * <> + * <> [[conditions]] ==== Conditions @@ -657,3 +658,31 @@ for container ID. It defaults to 4 to match `cleanup_timeout`:: (Optional) Time of inactivity to consider we can clean and forget metadata for a container, 60s by default. + + +[[add-host-metadata]] +=== Add Host metadata + +beta[] + +The `add_host_metadata` processor annotates each event with relevant metadata from the host machine. +The fields added to the event are looking as following: + +[source,json] +------------------------------------------------------------------------------- +{ + "host":{ + "architecture":"x86_64", + "hostname":"example-host", + "id":"", + "os":{ + "family":"darwin", + "build":"16G1212", + "platform":"darwin", + "version":"10.12.6" + } + } +} +------------------------------------------------------------------------------- + +NOTE: The host information is refreshed every 5 minutes. diff --git a/libbeat/processors/add_host_metadata/_meta/fields.yml b/libbeat/processors/add_host_metadata/_meta/fields.yml new file mode 100644 index 000000000000..7f4ae3a6580e --- /dev/null +++ b/libbeat/processors/add_host_metadata/_meta/fields.yml @@ -0,0 +1,34 @@ +- key: host + title: Host + description: > + Info collected for the host machine. + anchor: host-processor + fields: + - name: host + type: group + fields: + - name: hostname + type: keyword + description: > + Hostname. + - name: id + type: keyword + description: > + Unique host id. + - name: architecture + type: keyword + description: > + Host architecture (e.g. x86_64, arm, ppc, mips). + - name: os.platform + type: object + object_type: keyword + description: > + OS platform (e.g. centos, ubuntu, windows). + - name: os.version + type: object + description: > + OS version. + - name: os.family + type: object + description: > + OS family (e.g. redhat, debian, freebsd, windows). diff --git a/libbeat/processors/add_host_metadata/add_host_metadata.go b/libbeat/processors/add_host_metadata/add_host_metadata.go new file mode 100644 index 000000000000..86d28240927d --- /dev/null +++ b/libbeat/processors/add_host_metadata/add_host_metadata.go @@ -0,0 +1,80 @@ +package add_host_metadata + +import ( + "time" + + "github.com/elastic/beats/libbeat/beat" + "github.com/elastic/beats/libbeat/common" + "github.com/elastic/beats/libbeat/processors" + sysinfo "github.com/elastic/go-sysinfo" + "github.com/elastic/go-sysinfo/types" +) + +func init() { + processors.RegisterPlugin("add_host_metadata", newHostMetadataProcessor) +} + +type addHostMetadata struct { + info types.HostInfo + lastUpdate time.Time + data common.MapStr +} + +const ( + cacheExpiration = time.Minute * 5 +) + +func newHostMetadataProcessor(_ *common.Config) (processors.Processor, error) { + h, err := sysinfo.Host() + if err != nil { + return nil, err + } + p := &addHostMetadata{ + info: h.Info(), + } + return p, nil +} + +// Run enriches the given event with the host meta data +func (p *addHostMetadata) Run(event *beat.Event) (*beat.Event, error) { + p.loadData() + event.Fields.DeepUpdate(p.data) + return event, nil +} + +func (p *addHostMetadata) loadData() { + + // Check if cache is expired + if p.lastUpdate.Add(cacheExpiration).Before(time.Now()) { + p.data = common.MapStr{ + "host": common.MapStr{ + "hostname": p.info.Hostname, + "architecture": p.info.Architecture, + "os": common.MapStr{ + "platform": p.info.OS.Platform, + "version": p.info.OS.Version, + "family": p.info.OS.Family, + }, + }, + } + + // Optional params + if p.info.UniqueID != "" { + p.data.Put("host.id", p.info.UniqueID) + } + if p.info.Containerized != nil { + p.data.Put("host.containerized", *p.info.Containerized) + } + if p.info.OS.Codename != "" { + p.data.Put("host.os.codename", p.info.OS.Codename) + } + if p.info.OS.Build != "" { + p.data.Put("host.os.build", p.info.OS.Build) + } + p.lastUpdate = time.Now() + } +} + +func (p addHostMetadata) String() string { + return "add_host_metadata=[]" +} diff --git a/libbeat/processors/add_host_metadata/add_host_metadata_test.go b/libbeat/processors/add_host_metadata/add_host_metadata_test.go new file mode 100644 index 000000000000..0192f57b3253 --- /dev/null +++ b/libbeat/processors/add_host_metadata/add_host_metadata_test.go @@ -0,0 +1,34 @@ +package add_host_metadata + +import ( + "testing" + "time" + + "github.com/stretchr/testify/assert" + + "runtime" + + "github.com/elastic/beats/libbeat/beat" + "github.com/elastic/beats/libbeat/common" + "github.com/elastic/go-sysinfo/types" +) + +func TestRun(t *testing.T) { + event := &beat.Event{ + Fields: common.MapStr{}, + Timestamp: time.Now(), + } + p, err := newHostMetadataProcessor(nil) + if runtime.GOOS != "windows" && runtime.GOOS != "darwin" && runtime.GOOS != "linux" { + assert.IsType(t, types.ErrNotImplemented, err) + return + } + assert.NoError(t, err) + + newEvent, err := p.Run(event) + assert.NoError(t, err) + + v, err := newEvent.GetValue("host.os.family") + assert.NoError(t, err) + assert.NotNil(t, v) +} diff --git a/metricbeat/docs/fields.asciidoc b/metricbeat/docs/fields.asciidoc index 5d76c930efb5..87360d0316eb 100644 --- a/metricbeat/docs/fields.asciidoc +++ b/metricbeat/docs/fields.asciidoc @@ -27,6 +27,7 @@ grouped in the following categories: * <> * <> * <> +* <> * <> * <> * <> @@ -4558,6 +4559,62 @@ type: integer The average queue time in ms over the last 1024 requests. +[[exported-fields-host-processor]] +== Host fields + +Info collected for the host machine. + + + + +[float] +=== `host.hostname` + +type: keyword + +Hostname. + + +[float] +=== `host.id` + +type: keyword + +Unique host id. + + +[float] +=== `host.architecture` + +type: keyword + +Host architecture (e.g. x86_64, arm, ppc, mips). + + +[float] +=== `host.os.platform` + +type: object + +OS platform (e.g. centos, ubuntu, windows). + + +[float] +=== `host.os.version` + +type: object + +OS version. + + +[float] +=== `host.os.family` + +type: object + +OS family (e.g. redhat, debian, freebsd, windows). + + [[exported-fields-http]] == HTTP fields diff --git a/metricbeat/metricbeat.reference.yml b/metricbeat/metricbeat.reference.yml index b14d5ad3c0a6..c87c97ad7931 100644 --- a/metricbeat/metricbeat.reference.yml +++ b/metricbeat/metricbeat.reference.yml @@ -609,6 +609,7 @@ metricbeat.modules: # #processors: #- add_docker_metadata: ~ +#- add_host_metadata: ~ #============================= Elastic Cloud ================================== diff --git a/packetbeat/docs/fields.asciidoc b/packetbeat/docs/fields.asciidoc index 20edde5a3fcd..7eb924d0352e 100644 --- a/packetbeat/docs/fields.asciidoc +++ b/packetbeat/docs/fields.asciidoc @@ -20,6 +20,7 @@ grouped in the following categories: * <> * <> * <> +* <> * <> * <> * <> @@ -1823,6 +1824,62 @@ ICMP id used in ICMP based flow. optional TCP connection id +[[exported-fields-host-processor]] +== Host fields + +Info collected for the host machine. + + + + +[float] +=== `host.hostname` + +type: keyword + +Hostname. + + +[float] +=== `host.id` + +type: keyword + +Unique host id. + + +[float] +=== `host.architecture` + +type: keyword + +Host architecture (e.g. x86_64, arm, ppc, mips). + + +[float] +=== `host.os.platform` + +type: object + +OS platform (e.g. centos, ubuntu, windows). + + +[float] +=== `host.os.version` + +type: object + +OS version. + + +[float] +=== `host.os.family` + +type: object + +OS family (e.g. redhat, debian, freebsd, windows). + + [[exported-fields-http]] == HTTP fields diff --git a/packetbeat/packetbeat.reference.yml b/packetbeat/packetbeat.reference.yml index 297941639b47..ee646179737e 100644 --- a/packetbeat/packetbeat.reference.yml +++ b/packetbeat/packetbeat.reference.yml @@ -583,6 +583,7 @@ packetbeat.protocols: # #processors: #- add_docker_metadata: ~ +#- add_host_metadata: ~ #============================= Elastic Cloud ================================== diff --git a/vendor/github.com/elastic/go-sysinfo/README.md b/vendor/github.com/elastic/go-sysinfo/README.md new file mode 100644 index 000000000000..5111c7207a54 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/README.md @@ -0,0 +1,12 @@ +# go-sysinfo [WORK IN PROGRESS] + +[![Build Status](http://img.shields.io/travis/elastic/go-sysinfo.svg?style=flat-square)][travis] +[![Go Documentation](http://img.shields.io/badge/go-documentation-blue.svg?style=flat-square)][godocs] + +[travis]: http://travis-ci.org/elastic/go-sysinfo +[godocs]: http://godoc.org/github.com/elastic/go-sysinfo + +go-sysinfo is a library for collecting system information. + +This project is a work in progress. + diff --git a/vendor/github.com/elastic/go-sysinfo/internal/registry/registry.go b/vendor/github.com/elastic/go-sysinfo/internal/registry/registry.go new file mode 100644 index 000000000000..f38cfb27b5e9 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/internal/registry/registry.go @@ -0,0 +1,54 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package registry + +import ( + "github.com/pkg/errors" + + "github.com/elastic/go-sysinfo/types" +) + +var ( + hostProvider HostProvider + processProvider ProcessProvider +) + +type HostProvider interface { + Host() (types.Host, error) +} + +type ProcessProvider interface { + Process(pid int) (types.Process, error) + Processes() ([]types.Process, error) +} + +func Register(provider interface{}) { + if h, ok := provider.(HostProvider); ok { + if hostProvider != nil { + panic(errors.Errorf("HostProvider already registered: %v", hostProvider)) + } + hostProvider = h + } + + if p, ok := provider.(ProcessProvider); ok { + if processProvider != nil { + panic(errors.Errorf("ProcessProvider already registered: %v", processProvider)) + } + processProvider = p + } +} + +func GetHostProvider() HostProvider { return hostProvider } +func GetProcessProvider() ProcessProvider { return processProvider } diff --git a/vendor/github.com/elastic/go-sysinfo/providers/darwin/arch_darwin_amd64.go b/vendor/github.com/elastic/go-sysinfo/providers/darwin/arch_darwin_amd64.go new file mode 100644 index 000000000000..74720aae0d87 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/darwin/arch_darwin_amd64.go @@ -0,0 +1,32 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package darwin + +import ( + "syscall" + + "github.com/pkg/errors" +) + +const hardwareMIB = "hw.machine" + +func Architecture() (string, error) { + arch, err := syscall.Sysctl(hardwareMIB) + if err != nil { + return "", errors.Wrap(err, "failed to get architecture") + } + + return arch, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/darwin/boottime_darwin_amd64.go b/vendor/github.com/elastic/go-sysinfo/providers/darwin/boottime_darwin_amd64.go new file mode 100644 index 000000000000..fb276bb2a368 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/darwin/boottime_darwin_amd64.go @@ -0,0 +1,36 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build darwin,amd64,cgo + +package darwin + +import ( + "syscall" + "time" + + "github.com/pkg/errors" +) + +const kernBoottimeMIB = "kern.boottime" + +func BootTime() (time.Time, error) { + var tv syscall.Timeval + if err := sysctlByName(kernBoottimeMIB, &tv); err != nil { + return time.Time{}, errors.Wrap(err, "failed to get host uptime") + } + + bootTime := time.Unix(int64(tv.Sec), int64(tv.Usec)*int64(time.Microsecond)) + return bootTime, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/darwin/doc.go b/vendor/github.com/elastic/go-sysinfo/providers/darwin/doc.go new file mode 100644 index 000000000000..4be387cb01b4 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/darwin/doc.go @@ -0,0 +1,17 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package darwin implements the HostProvider and ProcessProvider interfaces +// for providing information about MacOS. +package darwin diff --git a/vendor/github.com/elastic/go-sysinfo/providers/darwin/host_darwin_amd64.go b/vendor/github.com/elastic/go-sysinfo/providers/darwin/host_darwin_amd64.go new file mode 100644 index 000000000000..9f8a3c479d10 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/darwin/host_darwin_amd64.go @@ -0,0 +1,139 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build darwin,amd64,cgo + +package darwin + +import ( + "os" + "time" + + "github.com/joeshaw/multierror" + "github.com/pkg/errors" + + "github.com/elastic/go-sysinfo/internal/registry" + "github.com/elastic/go-sysinfo/providers/shared" + "github.com/elastic/go-sysinfo/types" +) + +func init() { + registry.Register(darwinSystem{}) +} + +type darwinSystem struct{} + +func (s darwinSystem) Host() (types.Host, error) { + return newHost() +} + +type host struct { + info types.HostInfo +} + +func (h *host) Info() types.HostInfo { + return h.info +} + +func newHost() (*host, error) { + h := &host{} + r := &reader{} + r.architecture(h) + r.bootTime(h) + r.hostname(h) + r.network(h) + r.kernelVersion(h) + r.os(h) + r.time(h) + r.uniqueID(h) + return h, r.Err() +} + +type reader struct { + errs []error +} + +func (r *reader) addErr(err error) bool { + if err != nil { + if errors.Cause(err) != types.ErrNotImplemented { + r.errs = append(r.errs, err) + } + return true + } + return false +} + +func (r *reader) Err() error { + if len(r.errs) > 0 { + return &multierror.MultiError{Errors: r.errs} + } + return nil +} + +func (r *reader) architecture(h *host) { + v, err := Architecture() + if r.addErr(err) { + return + } + h.info.Architecture = v +} + +func (r *reader) bootTime(h *host) { + v, err := BootTime() + if r.addErr(err) { + return + } + h.info.BootTime = v +} + +func (r *reader) hostname(h *host) { + v, err := os.Hostname() + if r.addErr(err) { + return + } + h.info.Hostname = v +} + +func (r *reader) network(h *host) { + ips, macs, err := shared.Network() + if r.addErr(err) { + return + } + h.info.IPs = ips + h.info.MACs = macs +} + +func (r *reader) kernelVersion(h *host) { + v, err := KernelVersion() + if r.addErr(err) { + return + } + h.info.KernelVersion = v +} + +func (r *reader) os(h *host) { + v, err := OperatingSystem() + if r.addErr(err) { + return + } + h.info.OS = v +} + +func (r *reader) time(h *host) { + h.info.Timezone, h.info.TimezoneOffsetSec = time.Now().Zone() +} + +func (r *reader) uniqueID(h *host) { + // TODO: call gethostuuid(uuid [16]byte, timespec) +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/darwin/kernel_darwin_amd64.go b/vendor/github.com/elastic/go-sysinfo/providers/darwin/kernel_darwin_amd64.go new file mode 100644 index 000000000000..df56681361e6 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/darwin/kernel_darwin_amd64.go @@ -0,0 +1,32 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package darwin + +import ( + "syscall" + + "github.com/pkg/errors" +) + +const kernelReleaseMIB = "kern.osrelease" + +func KernelVersion() (string, error) { + version, err := syscall.Sysctl(kernelReleaseMIB) + if err != nil { + return "", errors.Wrap(err, "failed to get kernel version") + } + + return version, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/darwin/memory_darwin_amd64.go b/vendor/github.com/elastic/go-sysinfo/providers/darwin/memory_darwin_amd64.go new file mode 100644 index 000000000000..6fa8d1e7005e --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/darwin/memory_darwin_amd64.go @@ -0,0 +1,32 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build darwin,amd64,cgo + +package darwin + +import ( + "github.com/pkg/errors" +) + +const hwMemsizeMIB = "hw.memsize" + +func MemTotal() (uint64, error) { + var size uint64 + if err := sysctlByName(hwMemsizeMIB, &size); err != nil { + return 0, errors.Wrap(err, "failed to get mem total") + } + + return size, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/darwin/os.go b/vendor/github.com/elastic/go-sysinfo/providers/darwin/os.go new file mode 100644 index 000000000000..3df89fe2fd1c --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/darwin/os.go @@ -0,0 +1,90 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package darwin + +import ( + "io/ioutil" + "strconv" + "strings" + + "github.com/pkg/errors" + "howett.net/plist" + + "github.com/elastic/go-sysinfo/types" +) + +const ( + systemVersionPlist = "/System/Library/CoreServices/SystemVersion.plist" + + plistProductName = "ProductName" + plistProductVersion = "ProductVersion" + plistProductBuildVersion = "ProductBuildVersion" +) + +func OperatingSystem() (*types.OSInfo, error) { + data, err := ioutil.ReadFile(systemVersionPlist) + if err != nil { + return nil, errors.Wrap(err, "failed to read plist file") + } + + return getOSInfo(data) +} + +func getOSInfo(data []byte) (*types.OSInfo, error) { + attrs := map[string]string{} + if _, err := plist.Unmarshal(data, &attrs); err != nil { + return nil, errors.Wrap(err, "failed to unmarshal plist data") + } + + productName, found := attrs[plistProductName] + if !found { + return nil, errors.Errorf("plist key %v not found", plistProductName) + } + + version, found := attrs[plistProductVersion] + if !found { + return nil, errors.Errorf("plist key %v not found", plistProductVersion) + } + + build, found := attrs[plistProductBuildVersion] + if !found { + return nil, errors.Errorf("plist key %v not found", plistProductBuildVersion) + } + + var major, minor, patch int + for i, v := range strings.SplitN(version, ".", 3) { + switch i { + case 0: + major, _ = strconv.Atoi(v) + case 1: + minor, _ = strconv.Atoi(v) + case 2: + patch, _ = strconv.Atoi(v) + default: + break + } + } + + return &types.OSInfo{ + Family: "darwin", + Platform: "darwin", + Name: productName, + Version: version, + Major: major, + Minor: minor, + Patch: patch, + Build: build, + }, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/darwin/process_darwin_amd64.go b/vendor/github.com/elastic/go-sysinfo/providers/darwin/process_darwin_amd64.go new file mode 100644 index 000000000000..7f630bed38c6 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/darwin/process_darwin_amd64.go @@ -0,0 +1,199 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build darwin,amd64,cgo + +package darwin + +// #cgo LDFLAGS:-lproc +// #include +// #include +import "C" + +import ( + "bytes" + "encoding/binary" + "time" + "unsafe" + + "github.com/pkg/errors" + + "github.com/elastic/go-sysinfo/types" +) + +//go:generate sh -c "go tool cgo -godefs defs_darwin.go > ztypes_darwin_amd64.go" + +func (s darwinSystem) Processes() ([]types.Process, error) { + return nil, nil +} + +func (s darwinSystem) Process(pid int) (types.Process, error) { + p := process{pid: pid} + + return &p, nil +} + +type process struct { + pid int + cwd string + exe string + args []string + env map[string]string + task procTaskAllInfo + vnode procVnodePathInfo +} + +func (p *process) Info() (types.ProcessInfo, error) { + if err := getProcTaskAllInfo(p.pid, &p.task); err != nil { + return types.ProcessInfo{}, err + } + + if err := getProcVnodePathInfo(p.pid, &p.vnode); err != nil { + return types.ProcessInfo{}, err + } + + if err := kern_procargs(p.pid, p); err != nil { + return types.ProcessInfo{}, err + } + + return types.ProcessInfo{ + Name: int8SliceToString(p.task.Pbsd.Pbi_name[:]), + PID: p.pid, + PPID: int(p.task.Pbsd.Pbi_ppid), + CWD: int8SliceToString(p.vnode.Cdir.Path[:]), + Exe: p.exe, + Args: p.args, + StartTime: time.Unix(int64(p.task.Pbsd.Pbi_start_tvsec), + int64(p.task.Pbsd.Pbi_start_tvusec)*int64(time.Microsecond)), + }, nil +} + +func (p *process) Environment() (map[string]string, error) { + return p.env, nil +} + +func (p *process) CPUTime() types.CPUTimes { + return types.CPUTimes{ + Timestamp: time.Now(), + User: time.Duration(p.task.Ptinfo.Total_user), + System: time.Duration(p.task.Ptinfo.Total_system), + } +} + +func (p *process) Memory() types.MemoryInfo { + return types.MemoryInfo{ + Timestamp: time.Now(), + Virtual: p.task.Ptinfo.Virtual_size, + Resident: p.task.Ptinfo.Resident_size, + Metrics: map[string]uint64{ + "page_ins": uint64(p.task.Ptinfo.Pageins), + "page_faults": uint64(p.task.Ptinfo.Faults), + }, + } +} + +func getProcTaskAllInfo(pid int, info *procTaskAllInfo) error { + size := C.int(unsafe.Sizeof(*info)) + ptr := unsafe.Pointer(info) + + n := C.proc_pidinfo(C.int(pid), C.PROC_PIDTASKALLINFO, 0, ptr, size) + if n != size { + return errors.New("failed to read process info with proc_pidinfo") + } + + return nil +} + +func getProcVnodePathInfo(pid int, info *procVnodePathInfo) error { + size := C.int(unsafe.Sizeof(*info)) + ptr := unsafe.Pointer(info) + + n := C.proc_pidinfo(C.int(pid), C.PROC_PIDVNODEPATHINFO, 0, ptr, size) + if n != size { + return errors.New("failed to read vnode info with proc_pidinfo") + } + + return nil +} + +var nullTerminator = []byte{0} + +// wrapper around sysctl KERN_PROCARGS2 +// callbacks params are optional, +// up to the caller as to which pieces of data they want +func kern_procargs(pid int, p *process) error { + mib := []C.int{C.CTL_KERN, C.KERN_PROCARGS2, C.int(pid)} + var data []byte + if err := sysctl(mib, &data); err != nil { + return nil + } + buf := bytes.NewBuffer(data) + + // argc + var argc int32 + if err := binary.Read(buf, binary.LittleEndian, &argc); err != nil { + return err + } + + // exe + lines := bytes.Split(buf.Bytes(), nullTerminator) + p.exe = string(lines[0]) + lines = lines[1:] + + // skip nulls + for len(lines) > 0 { + if len(lines[0]) == 0 { + lines = lines[1:] + continue + } + break + } + + // args + for i := 0; i < int(argc); i++ { + p.args = append(p.args, string(lines[0])) + lines = lines[1:] + } + + // env vars + env := make(map[string]string, len(lines)) + for _, l := range lines { + if len(l) == 0 { + break + } + parts := bytes.SplitN(l, []byte{'='}, 2) + if len(parts) != 2 { + return errors.New("failed to parse") + } + key := string(parts[0]) + value := string(parts[1]) + env[key] = value + } + p.env = env + + return nil +} + +func int8SliceToString(s []int8) string { + buf := bytes.NewBuffer(make([]byte, len(s))) + buf.Reset() + + for _, b := range s { + if b == 0 { + break + } + buf.WriteByte(byte(b)) + } + return buf.String() +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/darwin/syscall_darwin_amd64.go b/vendor/github.com/elastic/go-sysinfo/providers/darwin/syscall_darwin_amd64.go new file mode 100644 index 000000000000..991ca3c13dfe --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/darwin/syscall_darwin_amd64.go @@ -0,0 +1,155 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build darwin,amd64,cgo + +package darwin + +// #cgo LDFLAGS:-lproc +// #include +import "C" + +import ( + "bytes" + "encoding/binary" + "sync" + "syscall" + "unsafe" +) + +// Single-word zero for use when we need a valid pointer to 0 bytes. +// See mksyscall.pl. +var _zero uintptr + +// Buffer Pool + +var bufferPool = sync.Pool{ + New: func() interface{} { + return &poolMem{ + buf: make([]byte, argMax), + } + }, +} + +type poolMem struct { + buf []byte + pool *sync.Pool +} + +func getPoolMem() *poolMem { + pm := bufferPool.Get().(*poolMem) + pm.buf = pm.buf[0:cap(pm.buf)] + pm.pool = &bufferPool + return pm +} + +func (m *poolMem) Release() { m.pool.Put(m) } + +// Common errors. + +// Do the interface allocations only once for common +// Errno values. +var ( + errEAGAIN error = syscall.EAGAIN + errEINVAL error = syscall.EINVAL + errENOENT error = syscall.ENOENT +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return nil + case syscall.EAGAIN: + return errEAGAIN + case syscall.EINVAL: + return errEINVAL + case syscall.ENOENT: + return errENOENT + } + return e +} + +func _sysctl(mib []C.int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { + var _p0 unsafe.Pointer + if len(mib) > 0 { + _p0 = unsafe.Pointer(&mib[0]) + } else { + _p0 = unsafe.Pointer(&_zero) + } + _, _, e1 := syscall.Syscall6(syscall.SYS___SYSCTL, uintptr(_p0), uintptr(len(mib)), uintptr(unsafe.Pointer(old)), uintptr(unsafe.Pointer(oldlen)), uintptr(unsafe.Pointer(new)), uintptr(newlen)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// Translate "kern.hostname" to []_C_int{0,1,2,3}. +func nametomib(name string) (mib []C.int, err error) { + const siz = unsafe.Sizeof(mib[0]) + + // NOTE(rsc): It seems strange to set the buffer to have + // size CTL_MAXNAME+2 but use only CTL_MAXNAME + // as the size. I don't know why the +2 is here, but the + // kernel uses +2 for its own implementation of this function. + // I am scared that if we don't include the +2 here, the kernel + // will silently write 2 words farther than we specify + // and we'll get memory corruption. + var buf [C.CTL_MAXNAME + 2]C.int + n := uintptr(C.CTL_MAXNAME) * siz + + p := (*byte)(unsafe.Pointer(&buf[0])) + bytes, err := syscall.ByteSliceFromString(name) + if err != nil { + return nil, err + } + + // Magic sysctl: "setting" 0.3 to a string name + // lets you read back the array of integers form. + if err = _sysctl([]C.int{0, 3}, p, &n, &bytes[0], uintptr(len(name))); err != nil { + return nil, err + } + return buf[0 : n/siz], nil +} + +func sysctl(mib []C.int, value interface{}) error { + mem := getPoolMem() + defer mem.Release() + + size := uintptr(len(mem.buf)) + if err := _sysctl(mib, &mem.buf[0], &size, nil, 0); err != nil { + return err + } + data := mem.buf[0:size] + + switch v := value.(type) { + case *[]byte: + out := make([]byte, len(data)) + copy(out, data) + *v = out + return nil + default: + return binary.Read(bytes.NewReader(data), binary.LittleEndian, v) + } +} + +func sysctlByName(name string, out interface{}) error { + mib, err := nametomib(name) + if err != nil { + return err + } + + return sysctl(mib, out) +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/darwin/ztypes_darwin_amd64.go b/vendor/github.com/elastic/go-sysinfo/providers/darwin/ztypes_darwin_amd64.go new file mode 100644 index 000000000000..21991269dc5f --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/darwin/ztypes_darwin_amd64.go @@ -0,0 +1,112 @@ +// Created by cgo -godefs - DO NOT EDIT +// cgo -godefs defs_darwin.go + +package darwin + +type processState uint32 + +const ( + stateSIDL processState = iota + 1 + stateRun + stateSleep + stateStop + stateZombie +) + +const argMax = 0x40000 + +type bsdInfo struct { + Pbi_flags uint32 + Pbi_status uint32 + Pbi_xstatus uint32 + Pbi_pid uint32 + Pbi_ppid uint32 + Pbi_uid uint32 + Pbi_gid uint32 + Pbi_ruid uint32 + Pbi_rgid uint32 + Pbi_svuid uint32 + Pbi_svgid uint32 + Rfu_1 uint32 + Pbi_comm [16]int8 + Pbi_name [32]int8 + Pbi_nfiles uint32 + Pbi_pgid uint32 + Pbi_pjobc uint32 + E_tdev uint32 + E_tpgid uint32 + Pbi_nice int32 + Pbi_start_tvsec uint64 + Pbi_start_tvusec uint64 +} + +type procTaskInfo struct { + Virtual_size uint64 + Resident_size uint64 + Total_user uint64 + Total_system uint64 + Threads_user uint64 + Threads_system uint64 + Policy int32 + Faults int32 + Pageins int32 + Cow_faults int32 + Messages_sent int32 + Messages_received int32 + Syscalls_mach int32 + Syscalls_unix int32 + Csw int32 + Threadnum int32 + Numrunning int32 + Priority int32 +} + +type procTaskAllInfo struct { + Pbsd bsdInfo + Ptinfo procTaskInfo +} + +type vinfoStat struct { + Dev uint32 + Mode uint16 + Nlink uint16 + Ino uint64 + Uid uint32 + Gid uint32 + Atime int64 + Atimensec int64 + Mtime int64 + Mtimensec int64 + Ctime int64 + Ctimensec int64 + Birthtime int64 + Birthtimensec int64 + Size int64 + Blocks int64 + Blksize int32 + Flags uint32 + Gen uint32 + Rdev uint32 + Qspare [2]int64 +} + +type fsid struct { + Val [2]int32 +} + +type vnodeInfo struct { + Stat vinfoStat + Type int32 + Pad int32 + Fsid fsid +} + +type vnodeInfoPath struct { + Vi vnodeInfo + Path [1024]int8 +} + +type procVnodePathInfo struct { + Cdir vnodeInfoPath + Rdir vnodeInfoPath +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/arch_linux.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/arch_linux.go new file mode 100644 index 000000000000..090eaf42d4ac --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/arch_linux.go @@ -0,0 +1,38 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "syscall" + + "github.com/pkg/errors" +) + +func Architecture() (string, error) { + var uname syscall.Utsname + if err := syscall.Uname(&uname); err != nil { + return "", errors.Wrap(err, "architecture") + } + + data := make([]byte, 0, len(uname.Machine)) + for _, v := range uname.Machine { + if v == 0 { + break + } + data = append(data, byte(v)) + } + + return string(data), nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/boottime_linux.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/boottime_linux.go new file mode 100644 index 000000000000..217a89be7280 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/boottime_linux.go @@ -0,0 +1,44 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "sync" + "time" + + "github.com/prometheus/procfs" +) + +var ( + bootTime time.Time + bootTimeLock sync.Mutex +) + +func BootTime() (time.Time, error) { + bootTimeLock.Lock() + defer bootTimeLock.Unlock() + + if !bootTime.IsZero() { + return bootTime, nil + } + + stat, err := procfs.NewStat() + if err != nil { + return time.Time{}, nil + } + + bootTime = time.Unix(int64(stat.BootTime), 0) + return bootTime, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/capabilities_linux.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/capabilities_linux.go new file mode 100644 index 000000000000..4d6799e994a8 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/capabilities_linux.go @@ -0,0 +1,130 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "bufio" + "bytes" + "io/ioutil" + "os" + "path/filepath" + "strconv" + + "github.com/pkg/errors" +) + +func Capabilities() ([]string, error) { + name := filepath.Join("/proc", strconv.Itoa(os.Getpid()), "status") + v, err := findValue(name, ":", "CapEff") + if err != nil { + return nil, err + } + + bitmap, err := strconv.ParseUint(v, 16, 64) + if err != nil { + return nil, errors.Wrap(err, "failed to parse CapEff value") + } + + var names []string + for i := 0; i < 64; i++ { + bit := bitmap & (1 << uint(i)) + if bit > 0 { + names = append(names, capabilityName(i)) + } + } + + return names, nil +} + +// capabilityNames is mapping of capability constant values to names. +// +// Generated with: +// curl -s https://raw.githubusercontent.com/torvalds/linux/master/include/uapi/linux/capability.h | \ +// grep -P '^#define CAP_\w+\s+\d+' | perl -pe 's/#define (\w+)\s+(\d+)/\2: "\1",/g' +var capabilityNames = map[int]string{ + 0: "cap_chown", + 1: "cap_dac_override", + 2: "cap_dac_read_search", + 3: "cap_fowner", + 4: "cap_fsetid", + 5: "cap_kill", + 6: "cap_setgid", + 7: "cap_setuid", + 8: "cap_setpcap", + 9: "cap_linux_immutable", + 10: "cap_net_bind_service", + 11: "cap_net_broadcast", + 12: "cap_net_admin", + 13: "cap_net_raw", + 14: "cap_ipc_lock", + 15: "cap_ipc_owner", + 16: "cap_sys_module", + 17: "cap_sys_rawio", + 18: "cap_sys_chroot", + 19: "cap_sys_ptrace", + 20: "cap_sys_pacct", + 21: "cap_sys_admin", + 22: "cap_sys_boot", + 23: "cap_sys_nice", + 24: "cap_sys_resource", + 25: "cap_sys_time", + 26: "cap_sys_tty_config", + 27: "cap_mknod", + 28: "cap_lease", + 29: "cap_audit_write", + 30: "cap_audit_control", + 31: "cap_setfcap", + 32: "cap_mac_override", + 33: "cap_mac_admin", + 34: "cap_syslog", + 35: "cap_wake_alarm", + 36: "cap_block_suspend", + 37: "cap_audit_read", +} + +func capabilityName(num int) string { + name, found := capabilityNames[num] + if found { + return name + } + + return strconv.Itoa(num) +} + +func findValue(filename, separator, key string) (string, error) { + content, err := ioutil.ReadFile(filename) + if err != nil { + return "", err + } + + var line []byte + sc := bufio.NewScanner(bytes.NewReader(content)) + for sc.Scan() { + if bytes.HasPrefix(sc.Bytes(), []byte(key)) { + line = sc.Bytes() + break + } + } + if len(line) == 0 { + return "", errors.Errorf("%v not found", key) + } + + parts := bytes.SplitN(line, []byte(separator), 2) + if len(parts) != 2 { + return "", errors.Errorf("unexpected line format for '%v'", string(line)) + } + + return string(bytes.TrimSpace(parts[1])), nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/container.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/container.go new file mode 100644 index 000000000000..66f98d572f49 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/container.go @@ -0,0 +1,51 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "bufio" + "bytes" + "io/ioutil" + + "github.com/pkg/errors" +) + +const procOneCgroup = "/proc/1/cgroup" + +// IsContainerized returns true if this process is containerized. +func IsContainerized() (bool, error) { + data, err := ioutil.ReadFile(procOneCgroup) + if err != nil { + return false, errors.Wrap(err, "failed to read process cgroups") + } + + return isContainerizedCgroup(data) +} + +func isContainerizedCgroup(data []byte) (bool, error) { + s := bufio.NewScanner(bytes.NewReader(data)) + for n := 0; s.Scan(); n++ { + line := s.Bytes() + if len(line) == 0 || line[len(line)-1] == '/' { + continue + } + + if bytes.HasSuffix(line, []byte("init.scope")) { + return false, nil + } + } + + return true, s.Err() +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/doc.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/doc.go new file mode 100644 index 000000000000..1f7142825ab1 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/doc.go @@ -0,0 +1,17 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package linux implements the HostProvider and ProcessProvider interfaces +// for providing information about Linux. +package linux diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/host_linux.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/host_linux.go new file mode 100644 index 000000000000..82a230332dfd --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/host_linux.go @@ -0,0 +1,153 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "os" + "time" + + "github.com/joeshaw/multierror" + "github.com/pkg/errors" + "github.com/prometheus/procfs" + + "github.com/elastic/go-sysinfo/internal/registry" + "github.com/elastic/go-sysinfo/providers/shared" + "github.com/elastic/go-sysinfo/types" +) + +func init() { + registry.Register(linuxSystem{}) +} + +type linuxSystem struct{} + +func (s linuxSystem) Host() (types.Host, error) { + return newHost() +} + +type host struct { + stat procfs.Stat + info types.HostInfo +} + +func (h *host) Info() types.HostInfo { + return h.info +} + +func newHost() (*host, error) { + stat, err := procfs.NewStat() + if err != nil { + return nil, errors.Wrap(err, "failed to read /proc/stat") + } + + h := &host{stat: stat} + r := &reader{} + r.architecture(h) + r.bootTime(h) + r.containerized(h) + r.hostname(h) + r.network(h) + r.kernelVersion(h) + r.os(h) + r.time(h) + r.uniqueID(h) + return h, r.Err() +} + +type reader struct { + errs []error +} + +func (r *reader) addErr(err error) bool { + if err != nil { + if errors.Cause(err) != types.ErrNotImplemented { + r.errs = append(r.errs, err) + } + return true + } + return false +} + +func (r *reader) Err() error { + if len(r.errs) > 0 { + return &multierror.MultiError{Errors: r.errs} + } + return nil +} + +func (r *reader) architecture(h *host) { + v, err := Architecture() + if r.addErr(err) { + return + } + h.info.Architecture = v +} + +func (r *reader) bootTime(h *host) { + h.info.BootTime = time.Unix(int64(h.stat.BootTime), 0) +} + +func (r *reader) containerized(h *host) { + v, err := IsContainerized() + if r.addErr(err) { + return + } + h.info.Containerized = &v +} + +func (r *reader) hostname(h *host) { + v, err := os.Hostname() + if r.addErr(err) { + return + } + h.info.Hostname = v +} + +func (r *reader) network(h *host) { + ips, macs, err := shared.Network() + if r.addErr(err) { + return + } + h.info.IPs = ips + h.info.MACs = macs +} + +func (r *reader) kernelVersion(h *host) { + v, err := KernelVersion() + if r.addErr(err) { + return + } + h.info.KernelVersion = v +} + +func (r *reader) os(h *host) { + v, err := OperatingSystem() + if r.addErr(err) { + return + } + h.info.OS = v +} + +func (r *reader) time(h *host) { + h.info.Timezone, h.info.TimezoneOffsetSec = time.Now().Zone() +} + +func (r *reader) uniqueID(h *host) { + v, err := MachineID() + if r.addErr(err) { + return + } + h.info.UniqueID = v +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/kernel_linux.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/kernel_linux.go new file mode 100644 index 000000000000..b2a8ed9740d6 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/kernel_linux.go @@ -0,0 +1,38 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "syscall" + + "github.com/pkg/errors" +) + +func KernelVersion() (string, error) { + var uname syscall.Utsname + if err := syscall.Uname(&uname); err != nil { + return "", errors.Wrap(err, "kernel version") + } + + data := make([]byte, 0, len(uname.Release)) + for _, v := range uname.Release { + if v == 0 { + break + } + data = append(data, byte(v)) + } + + return string(data), nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/machineid.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/machineid.go new file mode 100644 index 000000000000..4de6910200db --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/machineid.go @@ -0,0 +1,34 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "bytes" + "io/ioutil" + "os" + + "github.com/pkg/errors" + + "github.com/elastic/go-sysinfo/types" +) + +func MachineID() (string, error) { + id, err := ioutil.ReadFile("/etc/machine-id") + if os.IsNotExist(err) { + return "", types.ErrNotImplemented + } + id = bytes.TrimSpace(id) + return string(id), errors.Wrap(err, "failed to read machine-id") +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/memory_linux.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/memory_linux.go new file mode 100644 index 000000000000..8b10084a64ad --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/memory_linux.go @@ -0,0 +1,41 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "strconv" + "strings" + + "github.com/pkg/errors" +) + +func MemTotal() (uint64, error) { + v, err := findValue("/proc/meminfo", ":", "MemTotal") + if err != nil { + return 0, errors.Wrap(err, "failed to get mem total") + } + + parts := strings.Fields(v) + if len(parts) != 2 && parts[1] == "kB" { + return 0, errors.Errorf("failed to parse mem total '%v'", v) + } + + kB, err := strconv.ParseUint(parts[0], 10, 64) + if err != nil { + return 0, errors.Wrapf(err, "failed to parse mem total '%v'", parts[0]) + } + + return kB * 1024, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/os.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/os.go new file mode 100644 index 000000000000..5c4525934e07 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/os.go @@ -0,0 +1,260 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "bufio" + "bytes" + "io/ioutil" + "os" + "path/filepath" + "regexp" + "strconv" + "strings" + + "github.com/pkg/errors" + + "github.com/elastic/go-sysinfo/types" +) + +const ( + osRelease = "/etc/os-release" + lsbRelease = "/etc/lsb-release" + distribRelease = "/etc/*-release" + versionGrok = `(?P(?P[0-9]+)\.?(?P[0-9]+)?\.?(?P\w+)?)(?: \((?P\w+)\))?` +) + +var ( + // distribReleaseRegexp parses the /etc/-release file. See man lsb-release. + distribReleaseRegexp = regexp.MustCompile(`(?P[\w]+).* ` + versionGrok) + + // versionRegexp parses version numbers (e.g. 6 or 6.1 or 6.1.0 or 6.1.0_20150102). + versionRegexp = regexp.MustCompile(versionGrok) +) + +var familyMap = map[string][]string{ + "redhat": {"redhat", "fedora", "centos", "scientific", "oraclelinux", "amazon"}, + "debian": {"debian", "ubuntu"}, + "suse": {"suse", "sles", "opensuse"}, +} + +var platformToFamilyMap map[string]string + +func init() { + platformToFamilyMap = map[string]string{} + for family, platformList := range familyMap { + for _, platform := range platformList { + platformToFamilyMap[platform] = family + } + } +} + +func OperatingSystem() (*types.OSInfo, error) { + return getOSInfo("") +} + +func getOSInfo(baseDir string) (*types.OSInfo, error) { + osInfo, err := getOSRelease(baseDir) + if err != nil { + // Fallback + return findDistribRelease(baseDir) + } + + // For the redhat family, enrich version info with data from + // /etc/[distrib]-release because the minor and patch info isn't always + // present in os-release. + if osInfo.Family != "redhat" { + return osInfo, nil + } + + distInfo, err := findDistribRelease(baseDir) + if err != nil { + return osInfo, err + } + osInfo.Major = distInfo.Major + osInfo.Minor = distInfo.Minor + osInfo.Patch = distInfo.Patch + osInfo.Codename = distInfo.Codename + return osInfo, nil +} + +func getOSRelease(baseDir string) (*types.OSInfo, error) { + lsbRel, _ := ioutil.ReadFile(filepath.Join(baseDir, lsbRelease)) + + osRel, err := ioutil.ReadFile(filepath.Join(baseDir, osRelease)) + if err != nil { + return nil, err + } + if len(osRel) == 0 { + return nil, errors.Errorf("%v is empty", osRelease) + } + + return parseOSRelease(append(lsbRel, osRel...)) +} + +func parseOSRelease(content []byte) (*types.OSInfo, error) { + fields := map[string]string{} + + s := bufio.NewScanner(bytes.NewReader(content)) + for s.Scan() { + line := bytes.TrimSpace(s.Bytes()) + + // Skip blank lines and comments. + if len(line) == 0 || bytes.HasPrefix(line, []byte("#")) { + continue + } + + parts := bytes.SplitN(s.Bytes(), []byte("="), 2) + if len(parts) != 2 { + continue + } + + key := string(bytes.TrimSpace(parts[0])) + val := string(bytes.TrimSpace(parts[1])) + fields[key] = val + + // Trim quotes. + val, err := strconv.Unquote(val) + if err == nil { + fields[key] = strings.TrimSpace(val) + } + } + + if s.Err() != nil { + return nil, s.Err() + } + + return makeOSInfo(fields) +} + +func makeOSInfo(osRelease map[string]string) (*types.OSInfo, error) { + os := &types.OSInfo{ + Platform: osRelease["ID"], + Name: osRelease["NAME"], + Version: osRelease["VERSION"], + Build: osRelease["BUILD_ID"], + Codename: osRelease["VERSION_CODENAME"], + } + + if os.Codename == "" { + // Some OSes uses their own CODENAME keys (e.g UBUNTU_CODENAME) or we + // can get the DISTRIB_CODENAME value from the lsb-release data. + for k, v := range osRelease { + if strings.Contains(k, "CODENAME") { + os.Codename = v + break + } + } + } + + if os.Platform == "" { + // Fallback to the first word of the NAME field. + parts := strings.SplitN(os.Name, " ", 2) + if len(parts) > 0 { + os.Platform = strings.ToLower(parts[0]) + } + } + + if os.Version != "" { + // Try parsing info from the version. + keys := versionRegexp.SubexpNames() + for i, m := range versionRegexp.FindStringSubmatch(os.Version) { + switch keys[i] { + case "major": + os.Major, _ = strconv.Atoi(m) + case "minor": + os.Minor, _ = strconv.Atoi(m) + case "patch": + os.Patch, _ = strconv.Atoi(m) + case "codename": + if os.Codename == "" { + os.Codename = m + } + } + } + } + + os.Family = platformToFamilyMap[strings.ToLower(os.Platform)] + return os, nil +} + +func findDistribRelease(baseDir string) (*types.OSInfo, error) { + matches, err := filepath.Glob(filepath.Join(baseDir, distribRelease)) + if err != nil { + return nil, err + } + for _, path := range matches { + if strings.HasSuffix(path, osRelease) || strings.HasSuffix(path, lsbRelease) { + continue + } + + info, err := os.Lstat(path) + if err != nil || !info.Mode().IsRegular() || info.Size() == 0 { + continue + } + + return getDistribRelease(path) + } + + return nil, errors.New("no /etc/-release file found") +} + +func getDistribRelease(file string) (*types.OSInfo, error) { + data, err := ioutil.ReadFile(file) + if err != nil { + return nil, err + } + parts := bytes.SplitN(data, []byte("\n"), 2) + if len(parts) != 2 { + return nil, errors.Errorf("failed to parse %v", file) + } + + // Use distrib as platform name. + var platform string + if parts := strings.SplitN(filepath.Base(file), "-", 2); len(parts) > 0 { + platform = strings.ToLower(parts[0]) + } + + return parseDistribRelease(platform, parts[0]) +} + +func parseDistribRelease(platform string, content []byte) (*types.OSInfo, error) { + var ( + line = string(bytes.TrimSpace(content)) + keys = distribReleaseRegexp.SubexpNames() + os = &types.OSInfo{Platform: platform} + ) + + for i, m := range distribReleaseRegexp.FindStringSubmatch(line) { + switch keys[i] { + case "name": + os.Name = m + case "version": + os.Version = m + case "major": + os.Major, _ = strconv.Atoi(m) + case "minor": + os.Minor, _ = strconv.Atoi(m) + case "patch": + os.Patch, _ = strconv.Atoi(m) + case "codename": + os.Version += " (" + m + ")" + os.Codename = m + } + } + + os.Family = platformToFamilyMap[strings.ToLower(os.Platform)] + return os, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/process_linux.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/process_linux.go new file mode 100644 index 000000000000..5a9582b2583e --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/process_linux.go @@ -0,0 +1,180 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "bytes" + "fmt" + "io/ioutil" + "os" + "path/filepath" + "strconv" + "time" + + "github.com/prometheus/procfs" + + "github.com/elastic/go-sysinfo/types" +) + +const userHz = 100 + +func (s linuxSystem) Processes() ([]types.Process, error) { + procs, err := procfs.AllProcs() + if err != nil { + return nil, err + } + + processes := make([]types.Process, 0, len(procs)) + for _, proc := range procs { + processes = append(processes, &process{Proc: proc}) + } + return processes, nil +} + +func (s linuxSystem) Process(pid int) (types.Process, error) { + proc, err := procfs.NewProc(pid) + if err != nil { + return nil, err + } + + return &process{Proc: proc}, nil +} + +type process struct { + procfs.Proc + info *types.ProcessInfo +} + +func (p *process) CWD() (string, error) { + // TODO: add CWD to procfs + link := filepath.Join(procfs.DefaultMountPoint, strconv.Itoa(p.PID), "cwd") + + cwd, err := os.Readlink(link) + if os.IsNotExist(err) { + return "", nil + } + + return cwd, err +} + +func (p *process) Info() (types.ProcessInfo, error) { + if p.info != nil { + return *p.info, nil + } + + stat, err := p.NewStat() + if err != nil { + return types.ProcessInfo{}, err + } + + exe, err := p.Executable() + if err != nil { + return types.ProcessInfo{}, err + } + + args, err := p.CmdLine() + if err != nil { + return types.ProcessInfo{}, err + } + + cwd, err := p.CWD() + if err != nil { + return types.ProcessInfo{}, err + } + + bootTime, err := BootTime() + if err != nil { + return types.ProcessInfo{}, err + } + + p.info = &types.ProcessInfo{ + Name: stat.Comm, + PID: p.PID, + PPID: stat.PPID, + CWD: cwd, + Exe: exe, + Args: args, + StartTime: bootTime.Add(ticksToDuration(stat.Starttime)), + } + + return *p.info, nil +} + +func (p *process) Memory() types.MemoryInfo { + stat, err := p.NewStat() + if err != nil { + return types.MemoryInfo{} + } + + return types.MemoryInfo{ + Timestamp: time.Now(), + Resident: uint64(stat.ResidentMemory()), + Virtual: uint64(stat.VirtualMemory()), + } +} + +func (p *process) CPUTime() types.CPUTimes { + stat, err := p.NewStat() + if err != nil { + return types.CPUTimes{} + } + + fmt.Println("UTime", stat.UTime, "STime", stat.STime) + return types.CPUTimes{ + Timestamp: time.Now(), + User: ticksToDuration(uint64(stat.UTime)), + System: ticksToDuration(uint64(stat.STime)), + } +} + +func (p *process) FileDescriptors() ([]string, error) { + return p.Proc.FileDescriptorTargets() +} + +func (p *process) FileDescriptorCount() (int, error) { + return p.Proc.FileDescriptorsLen() +} + +func (p *process) Environment() (map[string]string, error) { + // TODO: add Environment to procfs + filename := filepath.Join(procfs.DefaultMountPoint, strconv.Itoa(p.PID), "environ") + content, err := ioutil.ReadFile(filename) + if err != nil { + return nil, err + } + + env := map[string]string{} + pairs := bytes.Split(content, []byte{0}) + for _, kv := range pairs { + parts := bytes.SplitN(kv, []byte{'='}, 2) + if len(parts) != 2 { + continue + } + + key := string(bytes.TrimSpace(parts[0])) + if key == "" { + continue + } + + env[key] = string(parts[1]) + } + + return env, nil +} + +func ticksToDuration(ticks uint64) time.Duration { + seconds := float64(ticks) / float64(userHz) * float64(time.Second) + return time.Duration(int64(seconds)) +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/linux/seccomp_linux.go b/vendor/github.com/elastic/go-sysinfo/providers/linux/seccomp_linux.go new file mode 100644 index 000000000000..f958a9e7f38d --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/linux/seccomp_linux.go @@ -0,0 +1,89 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package linux + +import ( + "os" + "path/filepath" + "strconv" + + "github.com/elastic/go-sysinfo/types" +) + +type SeccompMode uint8 + +const ( + SeccompModeDisabled SeccompMode = iota + SeccompModeStrict + SeccompModeFilter +) + +func (m SeccompMode) String() string { + switch m { + case SeccompModeDisabled: + return "disabled" + case SeccompModeStrict: + return "strict" + case SeccompModeFilter: + return "filter" + default: + return strconv.Itoa(int(m)) + } +} + +func Seccomp() (*types.SeccompInfo, error) { + mode, err := seccompMode() + if err != nil { + return nil, err + } + + info := &types.SeccompInfo{ + Mode: mode.String(), + } + + noNewPrivs, err := noNewPrivs() + if err == nil { + info.NoNewPrivs = &noNewPrivs + } + + return info, nil +} + +func seccompMode() (SeccompMode, error) { + v, err := findValue(statusFile(), ":", "Seccomp") + if err != nil { + return 0, err + } + + mode, err := strconv.ParseUint(v, 10, 8) + if err != nil { + return 0, err + } + + return SeccompMode(mode), nil +} + +func noNewPrivs() (bool, error) { + v, err := findValue(statusFile(), ":", "NoNewPrivs") + if err != nil { + return false, err + } + + return strconv.ParseBool(v) +} + +func statusFile() string { + return filepath.Join("/proc", strconv.Itoa(os.Getpid()), "status") +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/shared/network.go b/vendor/github.com/elastic/go-sysinfo/providers/shared/network.go new file mode 100644 index 000000000000..5034f4188371 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/shared/network.go @@ -0,0 +1,45 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package shared + +import ( + "net" +) + +func Network() (ips, macs []string, err error) { + ifcs, err := net.Interfaces() + if err != nil { + return nil, nil, err + } + + ips = make([]string, 0, len(ifcs)) + macs = make([]string, 0, len(ifcs)) + for _, ifc := range ifcs { + addrs, err := ifc.Addrs() + if err != nil { + return nil, nil, err + } + for _, addr := range addrs { + ips = append(ips, addr.String()) + } + + mac := ifc.HardwareAddr.String() + if mac != "" { + macs = append(macs, mac) + } + } + + return ips, macs, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/windows/arch_windows.go b/vendor/github.com/elastic/go-sysinfo/providers/windows/arch_windows.go new file mode 100644 index 000000000000..975d9b18aece --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/windows/arch_windows.go @@ -0,0 +1,28 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package windows + +import ( + "github.com/elastic/go-windows" +) + +func Architecture() (string, error) { + systemInfo, err := windows.GetNativeSystemInfo() + if err != nil { + return "", err + } + + return systemInfo.ProcessorArchitecture.String(), nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/windows/boottime_windows.go b/vendor/github.com/elastic/go-sysinfo/providers/windows/boottime_windows.go new file mode 100644 index 000000000000..ae4cdad0a378 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/windows/boottime_windows.go @@ -0,0 +1,36 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package windows + +import ( + "time" + + "github.com/elastic/go-windows" + "github.com/pkg/errors" +) + +func BootTime() (time.Time, error) { + msSinceBoot, err := windows.GetTickCount64() + if err != nil { + return time.Time{}, errors.Wrap(err, "failed to get boot time") + } + + // According to GetTickCount64 the resolution is limited to between 10 to 16 + // milliseconds so truncate the time as to not mislead anyone about the + // resolution. + bootTime := time.Now().Add(-1 * time.Duration(msSinceBoot) * time.Millisecond) + bootTime = bootTime.Truncate(10 * time.Millisecond) + return bootTime, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/windows/doc.go b/vendor/github.com/elastic/go-sysinfo/providers/windows/doc.go new file mode 100644 index 000000000000..ade48015fc74 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/windows/doc.go @@ -0,0 +1,17 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package windows implements the HostProvider and ProcessProvider interfaces +// for providing information about Windows. +package windows diff --git a/vendor/github.com/elastic/go-sysinfo/providers/windows/host_windows.go b/vendor/github.com/elastic/go-sysinfo/providers/windows/host_windows.go new file mode 100644 index 000000000000..fd43f16eedae --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/windows/host_windows.go @@ -0,0 +1,141 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package windows + +import ( + "os" + "time" + + "github.com/joeshaw/multierror" + "github.com/pkg/errors" + + "github.com/elastic/go-sysinfo/internal/registry" + "github.com/elastic/go-sysinfo/providers/shared" + "github.com/elastic/go-sysinfo/types" +) + +func init() { + registry.Register(windowsSystem{}) +} + +type windowsSystem struct{} + +func (s windowsSystem) Host() (types.Host, error) { + return newHost() +} + +type host struct { + info types.HostInfo +} + +func (h *host) Info() types.HostInfo { + return h.info +} + +func newHost() (*host, error) { + h := &host{} + r := &reader{} + r.architecture(h) + r.bootTime(h) + r.hostname(h) + r.network(h) + r.kernelVersion(h) + r.os(h) + r.time(h) + r.uniqueID(h) + return h, r.Err() +} + +type reader struct { + errs []error +} + +func (r *reader) addErr(err error) bool { + if err != nil { + if errors.Cause(err) != types.ErrNotImplemented { + r.errs = append(r.errs, err) + } + return true + } + return false +} + +func (r *reader) Err() error { + if len(r.errs) > 0 { + return &multierror.MultiError{Errors: r.errs} + } + return nil +} + +func (r *reader) architecture(h *host) { + v, err := Architecture() + if r.addErr(err) { + return + } + h.info.Architecture = v +} + +func (r *reader) bootTime(h *host) { + v, err := BootTime() + if r.addErr(err) { + return + } + h.info.BootTime = v +} + +func (r *reader) hostname(h *host) { + v, err := os.Hostname() + if r.addErr(err) { + return + } + h.info.Hostname = v +} + +func (r *reader) network(h *host) { + ips, macs, err := shared.Network() + if r.addErr(err) { + return + } + h.info.IPs = ips + h.info.MACs = macs +} + +func (r *reader) kernelVersion(h *host) { + v, err := KernelVersion() + if r.addErr(err) { + return + } + h.info.KernelVersion = v +} + +func (r *reader) os(h *host) { + v, err := OperatingSystem() + if r.addErr(err) { + return + } + h.info.OS = v +} + +func (r *reader) time(h *host) { + h.info.Timezone, h.info.TimezoneOffsetSec = time.Now().Zone() +} + +func (r *reader) uniqueID(h *host) { + v, err := MachineID() + if r.addErr(err) { + return + } + h.info.UniqueID = v +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/windows/kernel_windows.go b/vendor/github.com/elastic/go-sysinfo/providers/windows/kernel_windows.go new file mode 100644 index 000000000000..075733227d35 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/windows/kernel_windows.go @@ -0,0 +1,40 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package windows + +import ( + "github.com/elastic/go-windows" +) + +const windowsKernelExe = `C:\Windows\System32\ntoskrnl.exe` + +func KernelVersion() (string, error) { + versionData, err := windows.GetFileVersionInfo(windowsKernelExe) + if err != nil { + return "", err + } + + fileVersion, err := versionData.QueryValue("FileVersion") + if err == nil { + return fileVersion, nil + } + + // Make a second attempt through the fixed version info. + info, err := versionData.FixedFileInfo() + if err != nil { + return "", err + } + return info.ProductVersion(), nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/windows/machineid_windows.go b/vendor/github.com/elastic/go-sysinfo/providers/windows/machineid_windows.go new file mode 100644 index 000000000000..acdb677a265f --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/windows/machineid_windows.go @@ -0,0 +1,42 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package windows + +import ( + "github.com/pkg/errors" + "golang.org/x/sys/windows/registry" +) + +func MachineID() (string, error) { + return getMachineGUID() +} + +func getMachineGUID() (string, error) { + const key = registry.LOCAL_MACHINE + const path = `SOFTWARE\Microsoft\Cryptography` + const name = "MachineGuid" + + k, err := registry.OpenKey(key, path, registry.READ|registry.WOW64_64KEY) + if err != nil { + return "", errors.Wrapf(err, `failed to open HKLM\%v`, path) + } + + guid, _, err := k.GetStringValue(name) + if err != nil { + return "", errors.Wrapf(err, `failed to get value of HKLM\%v\%v`, path, name) + } + + return guid, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/providers/windows/os_windows.go b/vendor/github.com/elastic/go-sysinfo/providers/windows/os_windows.go new file mode 100644 index 000000000000..3ad8fb701d9d --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/providers/windows/os_windows.go @@ -0,0 +1,88 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package windows + +import ( + "fmt" + "strconv" + "strings" + + "github.com/pkg/errors" + "golang.org/x/sys/windows/registry" + + "github.com/elastic/go-sysinfo/types" +) + +func OperatingSystem() (*types.OSInfo, error) { + const key = registry.LOCAL_MACHINE + const path = `SOFTWARE\Microsoft\Windows NT\CurrentVersion` + const flags = registry.READ | registry.WOW64_64KEY + + k, err := registry.OpenKey(key, path, flags) + if err != nil { + return nil, errors.Wrapf(err, `failed to open HKLM\%v`, path) + } + + osInfo := &types.OSInfo{ + Family: "windows", + Platform: "windows", + } + name := "ProductName" + osInfo.Name, _, err = k.GetStringValue(name) + if err != nil { + return nil, errors.Wrapf(err, `failed to get value of HKLM\%v\%v`, path, name) + } + + // Newer versions (Win 10 and 2016) have CurrentMajor/CurrentMinor. + major, _, majorErr := k.GetIntegerValue("CurrentMajorVersionNumber") + minor, _, minorErr := k.GetIntegerValue("CurrentMinorVersionNumber") + if majorErr == nil && minorErr == nil { + osInfo.Major = int(major) + osInfo.Minor = int(minor) + osInfo.Version = fmt.Sprintf("%d.%d", major, minor) + } else { + name = "CurrentVersion" + osInfo.Version, _, err = k.GetStringValue(name) + if err != nil { + return nil, errors.Wrapf(err, `failed to get value of HKLM\%v\%v`, path, name) + } + parts := strings.SplitN(osInfo.Version, ".", 3) + for i, p := range parts { + switch i { + case 0: + osInfo.Major, _ = strconv.Atoi(p) + case 1: + osInfo.Major, _ = strconv.Atoi(p) + } + } + } + + name = "CurrentBuild" + osInfo.Build, _, err = k.GetStringValue(name) + if err != nil { + return nil, errors.Wrapf(err, `failed to get value of HKLM\%v\%v`, path, name) + } + + // Update Build Revision (optional) + name = "UBR" + updateBuildRevision, _, err := k.GetIntegerValue(name) + if err != nil && err != registry.ErrNotExist { + return nil, errors.Wrapf(err, `failed to get value of HKLM\%v\%v`, path, name) + } else { + osInfo.Build = fmt.Sprintf("%v.%d", osInfo.Build, updateBuildRevision) + } + + return osInfo, nil +} diff --git a/vendor/github.com/elastic/go-sysinfo/system.go b/vendor/github.com/elastic/go-sysinfo/system.go new file mode 100644 index 000000000000..13d6d89ca428 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/system.go @@ -0,0 +1,79 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package system + +import ( + "os" + "runtime" + + "github.com/elastic/go-sysinfo/internal/registry" + "github.com/elastic/go-sysinfo/types" + + // Register host and process providers. + _ "github.com/elastic/go-sysinfo/providers/darwin" + _ "github.com/elastic/go-sysinfo/providers/linux" + _ "github.com/elastic/go-sysinfo/providers/windows" +) + +// Go returns information about the Go runtime. +func Go() types.GoInfo { + return types.GoInfo{ + OS: runtime.GOOS, + Arch: runtime.GOARCH, + MaxProcs: runtime.GOMAXPROCS(0), + Version: runtime.Version(), + } +} + +// Host returns information about host on which this process is running. If +// host information collection is not implemented for this platform then +// types.ErrNotImplemented is returned. +func Host() (types.Host, error) { + provider := registry.GetHostProvider() + if provider == nil { + return nil, types.ErrNotImplemented + } + return provider.Host() +} + +// Process returns a types.Process object representing the process associated +// with the given PID. The types.Process object can be used to query information +// about the process. If process information collection is not implemented for +// this platform then types.ErrNotImplemented is returned. +func Process(pid int) (types.Process, error) { + provider := registry.GetProcessProvider() + if provider == nil { + return nil, types.ErrNotImplemented + } + return provider.Process(pid) +} + +// Processes return a list of all processes. If process information collection +// is not implemented for this platform then types.ErrNotImplemented is +// returned. +func Processes() ([]types.Process, error) { + provider := registry.GetProcessProvider() + if provider == nil { + return nil, types.ErrNotImplemented + } + return provider.Processes() +} + +// Self return a types.Process object representing this process. If process +// information collection is not implemented for this platform then +// types.ErrNotImplemented is returned. +func Self() (types.Process, error) { + return Process(os.Getpid()) +} diff --git a/vendor/github.com/elastic/go-sysinfo/types/errors.go b/vendor/github.com/elastic/go-sysinfo/types/errors.go new file mode 100644 index 000000000000..b3eda66e249e --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/types/errors.go @@ -0,0 +1,19 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package types + +import "github.com/pkg/errors" + +var ErrNotImplemented = errors.New("unimplemented") diff --git a/vendor/github.com/elastic/go-sysinfo/types/go.go b/vendor/github.com/elastic/go-sysinfo/types/go.go new file mode 100644 index 000000000000..8be4c540e884 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/types/go.go @@ -0,0 +1,22 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package types + +type GoInfo struct { + OS string `json:"os"` + Arch string `json:"arch"` + MaxProcs int `json:"max_procs"` + Version string `json:"version"` +} diff --git a/vendor/github.com/elastic/go-sysinfo/types/host.go b/vendor/github.com/elastic/go-sysinfo/types/host.go new file mode 100644 index 000000000000..cce913769f89 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/types/host.go @@ -0,0 +1,61 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package types + +import "time" + +type Host interface { + Info() HostInfo +} + +type HostInfo struct { + Architecture string `json:"architecture"` // Hardware architecture (e.g. x86_64, arm, ppc, mips). + BootTime time.Time `json:"boot_time"` // Host boot time. + Containerized *bool `json:"containerized,omitempty"` // Is the process containerized. + Hostname string `json:"hostname"` // Hostname + IPs []string `json:"ips,omitempty"` // List of all IPs. + KernelVersion string `json:"kernel_version"` // Kernel version. + MACs []string `json:"mac_addresses"` // List of MAC addresses. + OS *OSInfo `json:"os"` // OS information. + Timezone string `json:"timezone"` // System timezone. + TimezoneOffsetSec int `json:"timezone_offset_sec"` // Timezone offset (seconds from UTC). + UniqueID string `json:"id,omitempty"` // Unique ID of the host (optional). +} + +func (host HostInfo) Uptime() time.Duration { + return time.Since(host.BootTime) +} + +type OSInfo struct { + Family string `json:"family"` // OS Family (e.g. redhat, debian, freebsd, windows). + Platform string `json:"platform"` // OS platform (e.g. centos, ubuntu, windows). + Name string `json:"name"` // OS Name (e.g. Mac OS X, CentOS). + Version string `json:"version"` // OS version (e.g. 10.12.6). + Major int `json:"major"` // Major release version. + Minor int `json:"minor"` // Minor release version. + Patch int `json:"patch"` // Patch release version. + Build string `json:"build,omitempty"` // Build (e.g. 16G1114). + Codename string `json:"codename,omitempty"` // OS codename (e.g. jessie). +} + +type LoadAverager interface { + LoadAverage() LoadAverage +} + +type LoadAverage struct { + One float64 `json:"one_min"` + Five float64 `json:"five_min"` + Fifteen float64 `json:"fifteen_min"` +} diff --git a/vendor/github.com/elastic/go-sysinfo/types/process.go b/vendor/github.com/elastic/go-sysinfo/types/process.go new file mode 100644 index 000000000000..1e82ad464657 --- /dev/null +++ b/vendor/github.com/elastic/go-sysinfo/types/process.go @@ -0,0 +1,78 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package types + +import "time" + +type Process interface { + Info() (ProcessInfo, error) +} + +type ProcessInfo struct { + Name string `json:"name"` + PID int `json:"pid"` + PPID int `json:"ppid"` + CWD string `json:"cwd"` + Exe string `json:"exe"` + Args []string `json:"args"` + StartTime time.Time `json:"start_time"` +} + +type Environment interface { + Environment() (map[string]string, error) +} + +type FileDescriptor interface { + FileDescriptors() ([]string, error) + FileDescriptorCount() (int, error) +} + +type CPUTimer interface { + CPUTime() CPUTimes +} + +type Memory interface { + Memory() MemoryInfo +} + +type CPUTimes struct { + Timestamp time.Time `json:"timestamp"` // Time at which samples were collected. + User time.Duration `json:"user"` + System time.Duration `json:"system"` + Idle time.Duration `json:"idle,omitempty"` + IOWait time.Duration `json:"iowait,omitempty"` + IRQ time.Duration `json:"irq,omitempty"` + Nice time.Duration `json:"nice,omitempty"` + SoftIRQ time.Duration `json:"soft_irq,omitempty"` + Steal time.Duration `json:"steal,omitempty"` +} + +func (cpu CPUTimes) Total() time.Duration { + return cpu.User + cpu.System + cpu.Idle + cpu.IOWait + cpu.IRQ + cpu.Nice + + cpu.SoftIRQ + cpu.Steal +} + +type MemoryInfo struct { + Timestamp time.Time `json:"timestamp"` // Time at which samples were collected. + Resident uint64 `json:"resident"` + Virtual uint64 `json:"virtual"` + Metrics map[string]uint64 `json:"raw,omitempty"` // Other memory related metrics. +} + +type SeccompInfo struct { + Mode string `json:"mode"` + EffectiveCaps []string `json:"effective_capabilities"` + NoNewPrivs *bool `json:"no_new_privs"` +} diff --git a/vendor/github.com/elastic/go-windows/README.md b/vendor/github.com/elastic/go-windows/README.md new file mode 100644 index 000000000000..1140052d03cb --- /dev/null +++ b/vendor/github.com/elastic/go-windows/README.md @@ -0,0 +1,18 @@ +# go-windows + +[![Build Status](http://img.shields.io/travis/elastic/go-windows.svg?style=flat-square)][travis] +[![Build status](https://ci.appveyor.com/api/projects/status/remqhuw0jjguygc3/branch/master?svg=true)][appveyor] +[![Go Documentation](http://img.shields.io/badge/go-documentation-blue.svg?style=flat-square)][godocs] + +[travis]: http://travis-ci.org/elastic/go-windows +[appveyor]: https://ci.appveyor.com/project/elastic-beats/go-windows/branch/master +[godocs]: http://godoc.org/github.com/elastic/go-windows + +go-windows is a library for Go (golang) that provides wrappers to various +Windows APIs that are not covered by the stdlib or by +[golang.org/x/sys/windows](https://godoc.org/golang.org/x/sys/windows). + +Goals / Features + +- Does not use cgo. +- Provide abstractions to make using the APIs easier. diff --git a/vendor/github.com/elastic/go-windows/doc.go b/vendor/github.com/elastic/go-windows/doc.go new file mode 100644 index 000000000000..b06d0dd9837c --- /dev/null +++ b/vendor/github.com/elastic/go-windows/doc.go @@ -0,0 +1,20 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package windows contains various Windows system calls. +package windows + +// Use "GOOS=windows go generate -v -x" to generate the sources. +// Add -trace to enable debug prints around syscalls. +//go:generate go run $GOROOT/src/syscall/mksyscall_windows.go -systemdll=false -output zsyscall_windows.go kernel32.go version.go diff --git a/vendor/github.com/elastic/go-windows/kernel32.go b/vendor/github.com/elastic/go-windows/kernel32.go new file mode 100644 index 000000000000..9aa1d418bee4 --- /dev/null +++ b/vendor/github.com/elastic/go-windows/kernel32.go @@ -0,0 +1,156 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build windows + +package windows + +import ( + "fmt" + "syscall" + + "github.com/pkg/errors" +) + +// Syscalls +//sys _GetNativeSystemInfo(systemInfo *SystemInfo) (err error) = kernel32.GetNativeSystemInfo +//sys _GetTickCount64() (millis uint64, err error) = kernel32.GetTickCount64 + +// SystemInfo is an equivalent representation of SYSTEM_INFO in the Windows API. +// https://msdn.microsoft.com/en-us/library/ms724958%28VS.85%29.aspx?f=255&MSPPError=-2147217396 +type SystemInfo struct { + ProcessorArchitecture ProcessorArchitecture + Reserved uint16 + PageSize uint32 + MinimumApplicationAddress uintptr + MaximumApplicationAddress uintptr + ActiveProcessorMask uint64 + NumberOfProcessors uint32 + ProcessorType ProcessorType + AllocationGranularity uint32 + ProcessorLevel uint16 + ProcessorRevision uint16 +} + +// ProcessorArchitecture specifies the processor architecture that the OS requires. +type ProcessorArchitecture uint16 + +// List of processor architectures associated with SystemInfo. +const ( + ProcessorArchitectureAMD64 ProcessorArchitecture = 9 + ProcessorArchitectureARM ProcessorArchitecture = 5 + ProcessorArchitectureARM64 ProcessorArchitecture = 12 + ProcessorArchitectureIA64 ProcessorArchitecture = 6 + ProcessorArchitectureIntel ProcessorArchitecture = 0 + ProcessorArchitectureUnknown ProcessorArchitecture = 0xFFFF +) + +func (a ProcessorArchitecture) String() string { + names := map[ProcessorArchitecture]string{ + ProcessorArchitectureAMD64: "x86_64", + ProcessorArchitectureARM: "arm", + ProcessorArchitectureARM64: "arm64", + ProcessorArchitectureIA64: "ia64", + ProcessorArchitectureIntel: "x86", + } + + name, found := names[a] + if !found { + return "unknown" + } + return name +} + +// ProcessorType specifies the type of processor. +type ProcessorType uint32 + +// List of processor types associated with SystemInfo. +const ( + ProcessorTypeIntel386 ProcessorType = 386 + ProcessorTypeIntel486 ProcessorType = 486 + ProcessorTypeIntelPentium ProcessorType = 586 + ProcessorTypeIntelIA64 ProcessorType = 2200 + ProcessorTypeAMDX8664 ProcessorType = 8664 +) + +func (t ProcessorType) String() string { + names := map[ProcessorType]string{ + ProcessorTypeIntel386: "386", + ProcessorTypeIntel486: "486", + ProcessorTypeIntelPentium: "586", + ProcessorTypeIntelIA64: "ia64", + ProcessorTypeAMDX8664: "x64_64", + } + + name, found := names[t] + if !found { + return "unknown" + } + return name +} + +// GetNativeSystemInfo retrieves information about the current system to an +// application running under WOW64. If the function is called from a 64-bit +// application, it is equivalent to the GetSystemInfo function. +// https://msdn.microsoft.com/en-us/library/ms724340%28v=vs.85%29.aspx?f=255&MSPPError=-2147217396 +func GetNativeSystemInfo() (SystemInfo, error) { + var systemInfo SystemInfo + if err := _GetNativeSystemInfo(&systemInfo); err != nil { + return SystemInfo{}, errors.Wrap(err, "GetNativeSystemInfo failed") + } + return systemInfo, nil +} + +// Version identifies a Windows version by major, minor, and build number. +type Version struct { + Major int + Minor int + Build int +} + +// GetWindowsVersion returns the Windows version information. Applications not +// manifested for Windows 8.1 or Windows 10 will return the Windows 8 OS version +// value (6.2). +// +// For a table of version numbers see: +// https://msdn.microsoft.com/en-us/library/windows/desktop/ms724833(v=vs.85).aspx +func GetWindowsVersion() Version { + // https://msdn.microsoft.com/en-us/library/windows/desktop/ms724439(v=vs.85).aspx + ver, err := syscall.GetVersion() + if err != nil { + // GetVersion should never return an error. + panic(fmt.Errorf("GetVersion failed: %v", err)) + } + + return Version{ + Major: int(ver & 0xFF), + Minor: int(ver >> 8 & 0xFF), + Build: int(ver >> 16), + } +} + +// IsWindowsVistaOrGreater returns true if the Windows version is Vista or +// greater. +func (v Version) IsWindowsVistaOrGreater() bool { + // Vista is 6.0. + return v.Major >= 6 && v.Minor >= 0 +} + +// GetTickCount64 retrieves the number of milliseconds that have elapsed since +// the system was started. +// This function is available on Windows Vista and newer. +// https://msdn.microsoft.com/en-us/library/windows/desktop/ms724411(v=vs.85).aspx +func GetTickCount64() (uint64, error) { + return _GetTickCount64() +} diff --git a/vendor/github.com/elastic/go-windows/uft16.go b/vendor/github.com/elastic/go-windows/uft16.go new file mode 100644 index 000000000000..8cf14d680ef8 --- /dev/null +++ b/vendor/github.com/elastic/go-windows/uft16.go @@ -0,0 +1,65 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package windows + +import ( + "fmt" + "unicode/utf16" +) + +// UTF16BytesToString returns a string that is decoded from the UTF-16 bytes. +// The byte slice must be of even length otherwise an error will be returned. +// The integer returned is the offset to the start of the next string with +// buffer if it exists, otherwise -1 is returned. +func UTF16BytesToString(b []byte) (string, int, error) { + if len(b)%2 != 0 { + return "", 0, fmt.Errorf("slice must have an even length (length=%d)", len(b)) + } + + offset := -1 + + // Find the null terminator if it exists and re-slice the b. + if nullIndex := indexNullTerminator(b); nullIndex > -1 { + if len(b) > nullIndex+2 { + offset = nullIndex + 2 + } + + b = b[:nullIndex] + } + + s := make([]uint16, len(b)/2) + for i := range s { + s[i] = uint16(b[i*2]) + uint16(b[(i*2)+1])<<8 + } + + return string(utf16.Decode(s)), offset, nil +} + +// indexNullTerminator returns the index of a null terminator within a buffer +// containing UTF-16 encoded data. If the null terminator is not found -1 is +// returned. +func indexNullTerminator(b []byte) int { + if len(b) < 2 { + return -1 + } + + for i := 0; i < len(b); i += 2 { + if b[i] == 0 && b[i+1] == 0 { + return i + } + } + + return -1 +} diff --git a/vendor/github.com/elastic/go-windows/version.go b/vendor/github.com/elastic/go-windows/version.go new file mode 100644 index 000000000000..20fc35f24e1c --- /dev/null +++ b/vendor/github.com/elastic/go-windows/version.go @@ -0,0 +1,155 @@ +// Copyright 2018 Elasticsearch Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build windows + +package windows + +import ( + "fmt" + "unsafe" + + "github.com/pkg/errors" +) + +// Syscalls +//sys _GetFileVersionInfo(filename string, reserved uint32, dataLen uint32, data *byte) (success bool, err error) [!success] = version.GetFileVersionInfoW +//sys _GetFileVersionInfoSize(filename string, handle uintptr) (size uint32, err error) = version.GetFileVersionInfoSizeW +//sys _VerQueryValueW(data *byte, subBlock string, pBuffer *uintptr, len *uint32) (success bool, err error) [!success] = version.VerQueryValueW + +// FixedFileInfo contains version information for a file. This information is +// language and code page independent. This is an equivalent representation of +// VS_FIXEDFILEINFO. +// https://msdn.microsoft.com/en-us/library/windows/desktop/ms646997(v=vs.85).aspx +type FixedFileInfo struct { + Signature uint32 + StrucVersion uint32 + FileVersionMS uint32 + FileVersionLS uint32 + ProductVersionMS uint32 + ProductVersionLS uint32 + FileFlagsMask uint32 + FileFlags uint32 + FileOS uint32 + FileType uint32 + FileSubtype uint32 + FileDateMS uint32 + FileDateLS uint32 +} + +// ProductVersion returns the ProductVersion value in string format. +func (info FixedFileInfo) ProductVersion() string { + return fmt.Sprintf("%d.%d.%d.%d", + (info.ProductVersionMS >> 16), + (info.ProductVersionMS & 0xFFFF), + (info.ProductVersionLS >> 16), + (info.ProductVersionLS & 0xFFFF)) +} + +// FileVersion returns the FileVersion value in string format. +func (info FixedFileInfo) FileVersion() string { + return fmt.Sprintf("%d.%d.%d.%d", + (info.FileVersionMS >> 16), + (info.FileVersionMS & 0xFFFF), + (info.FileVersionLS >> 16), + (info.FileVersionLS & 0xFFFF)) +} + +// VersionData is a buffer holding the data returned by GetFileVersionInfo. +type VersionData []byte + +// QueryValue uses VerQueryValue to query version information from the a +// version-information resource. It returns responses using the first language +// and code point found in the resource. The accepted keys are listed in +// the VerQueryValue documentation (e.g. ProductVersion, FileVersion, etc.). +// https://msdn.microsoft.com/en-us/library/windows/desktop/ms647464(v=vs.85).aspx +func (d VersionData) QueryValue(key string) (string, error) { + type LangAndCodePage struct { + Language uint16 + CodePage uint16 + } + + var dataPtr uintptr + var size uint32 + if _, err := _VerQueryValueW(&d[0], `\VarFileInfo\Translation`, &dataPtr, &size); err != nil || size == 0 { + return "", errors.Wrap(err, "failed to get list of languages") + } + + offset := int(dataPtr - (uintptr)(unsafe.Pointer(&d[0]))) + if offset <= 0 || offset > len(d)-1 { + return "", errors.New("invalid address") + } + + l := *(*LangAndCodePage)(unsafe.Pointer(&d[offset])) + + subBlock := fmt.Sprintf(`\StringFileInfo\%04x%04x\%v`, l.Language, l.CodePage, key) + if _, err := _VerQueryValueW(&d[0], subBlock, &dataPtr, &size); err != nil || size == 0 { + return "", errors.Wrapf(err, "failed to query %v", subBlock) + } + + offset = int(dataPtr - (uintptr)(unsafe.Pointer(&d[0]))) + if offset <= 0 || offset > len(d)-1 { + return "", errors.New("invalid address") + } + + str, _, err := UTF16BytesToString(d[offset : offset+int(size)*2]) + if err != nil { + return "", errors.Wrap(err, "failed to decode UTF16 data") + } + + return str, nil +} + +// FixedFileInfo returns the fixed version information from a +// version-information resource. It queries the root block to get the +// VS_FIXEDFILEINFO value. +// https://msdn.microsoft.com/en-us/library/windows/desktop/ms647464(v=vs.85).aspx +func (d VersionData) FixedFileInfo() (*FixedFileInfo, error) { + if len(d) == 0 { + return nil, errors.New("use GetFileVersionInfo to initialize VersionData") + } + + var dataPtr uintptr + var size uint32 + if _, err := _VerQueryValueW(&d[0], `\`, &dataPtr, &size); err != nil { + return nil, errors.Wrap(err, "VerQueryValue failed for \\") + } + + offset := int(dataPtr - (uintptr)(unsafe.Pointer(&d[0]))) + if offset <= 0 || offset > len(d)-1 { + return nil, errors.New("invalid address") + } + + // Make a copy of the struct. + ffi := *(*FixedFileInfo)(unsafe.Pointer(&d[offset])) + + return &ffi, nil +} + +// GetFileVersionInfo retrieves version information for the specified file. +// https://msdn.microsoft.com/en-us/library/windows/desktop/ms647003(v=vs.85).aspx +func GetFileVersionInfo(filename string) (VersionData, error) { + size, err := _GetFileVersionInfoSize(filename, 0) + if err != nil { + return nil, errors.Wrap(err, "GetFileVersionInfoSize failed") + } + + data := make(VersionData, size) + _, err = _GetFileVersionInfo(filename, 0, uint32(len(data)), &data[0]) + if err != nil { + return nil, errors.Wrap(err, "GetFileVersionInfo failed") + } + + return data, nil +} diff --git a/vendor/github.com/elastic/go-windows/zsyscall_windows.go b/vendor/github.com/elastic/go-windows/zsyscall_windows.go new file mode 100644 index 000000000000..d5b2608097d2 --- /dev/null +++ b/vendor/github.com/elastic/go-windows/zsyscall_windows.go @@ -0,0 +1,137 @@ +// MACHINE GENERATED BY 'go generate' COMMAND; DO NOT EDIT + +package windows + +import ( + "syscall" + "unsafe" +) + +var _ unsafe.Pointer + +// Do the interface allocations only once for common +// Errno values. +const ( + errnoERROR_IO_PENDING = 997 +) + +var ( + errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING) +) + +// errnoErr returns common boxed Errno values, to prevent +// allocations at runtime. +func errnoErr(e syscall.Errno) error { + switch e { + case 0: + return nil + case errnoERROR_IO_PENDING: + return errERROR_IO_PENDING + } + // TODO: add more here, after collecting data on the common + // error values see on Windows. (perhaps when running + // all.bat?) + return e +} + +var ( + modkernel32 = syscall.NewLazyDLL("kernel32.dll") + modversion = syscall.NewLazyDLL("version.dll") + + procGetNativeSystemInfo = modkernel32.NewProc("GetNativeSystemInfo") + procGetTickCount64 = modkernel32.NewProc("GetTickCount64") + procGetFileVersionInfoW = modversion.NewProc("GetFileVersionInfoW") + procGetFileVersionInfoSizeW = modversion.NewProc("GetFileVersionInfoSizeW") + procVerQueryValueW = modversion.NewProc("VerQueryValueW") +) + +func _GetNativeSystemInfo(systemInfo *SystemInfo) (err error) { + r1, _, e1 := syscall.Syscall(procGetNativeSystemInfo.Addr(), 1, uintptr(unsafe.Pointer(systemInfo)), 0, 0) + if r1 == 0 { + if e1 != 0 { + err = errnoErr(e1) + } else { + err = syscall.EINVAL + } + } + return +} + +func _GetTickCount64() (millis uint64, err error) { + r0, _, e1 := syscall.Syscall(procGetTickCount64.Addr(), 0, 0, 0, 0) + millis = uint64(r0) + if millis == 0 { + if e1 != 0 { + err = errnoErr(e1) + } else { + err = syscall.EINVAL + } + } + return +} + +func _GetFileVersionInfo(filename string, reserved uint32, dataLen uint32, data *byte) (success bool, err error) { + var _p0 *uint16 + _p0, err = syscall.UTF16PtrFromString(filename) + if err != nil { + return + } + return __GetFileVersionInfo(_p0, reserved, dataLen, data) +} + +func __GetFileVersionInfo(filename *uint16, reserved uint32, dataLen uint32, data *byte) (success bool, err error) { + r0, _, e1 := syscall.Syscall6(procGetFileVersionInfoW.Addr(), 4, uintptr(unsafe.Pointer(filename)), uintptr(reserved), uintptr(dataLen), uintptr(unsafe.Pointer(data)), 0, 0) + success = r0 != 0 + if !success { + if e1 != 0 { + err = errnoErr(e1) + } else { + err = syscall.EINVAL + } + } + return +} + +func _GetFileVersionInfoSize(filename string, handle uintptr) (size uint32, err error) { + var _p0 *uint16 + _p0, err = syscall.UTF16PtrFromString(filename) + if err != nil { + return + } + return __GetFileVersionInfoSize(_p0, handle) +} + +func __GetFileVersionInfoSize(filename *uint16, handle uintptr) (size uint32, err error) { + r0, _, e1 := syscall.Syscall(procGetFileVersionInfoSizeW.Addr(), 2, uintptr(unsafe.Pointer(filename)), uintptr(handle), 0) + size = uint32(r0) + if size == 0 { + if e1 != 0 { + err = errnoErr(e1) + } else { + err = syscall.EINVAL + } + } + return +} + +func _VerQueryValueW(data *byte, subBlock string, pBuffer *uintptr, len *uint32) (success bool, err error) { + var _p0 *uint16 + _p0, err = syscall.UTF16PtrFromString(subBlock) + if err != nil { + return + } + return __VerQueryValueW(data, _p0, pBuffer, len) +} + +func __VerQueryValueW(data *byte, subBlock *uint16, pBuffer *uintptr, len *uint32) (success bool, err error) { + r0, _, e1 := syscall.Syscall6(procVerQueryValueW.Addr(), 4, uintptr(unsafe.Pointer(data)), uintptr(unsafe.Pointer(subBlock)), uintptr(unsafe.Pointer(pBuffer)), uintptr(unsafe.Pointer(len)), 0, 0) + success = r0 != 0 + if !success { + if e1 != 0 { + err = errnoErr(e1) + } else { + err = syscall.EINVAL + } + } + return +} diff --git a/vendor/vendor.json b/vendor/vendor.json index 0a02128b97d7..555b843008ad 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -500,6 +500,48 @@ "version": "v0.0.3", "versionExact": "v0.0.3" }, + { + "checksumSHA1": "IdhOS26Kl7cvP0wWAglYOlRlTok=", + "path": "github.com/elastic/go-sysinfo", + "revision": "9c842019df6fc236a6f1ef5537109ac36357dd63", + "revisionTime": "2018-03-16T07:12:44Z" + }, + { + "checksumSHA1": "jTbNB3zTWutaSKScd7UyLWt+jn0=", + "path": "github.com/elastic/go-sysinfo/internal/registry", + "revision": "9c842019df6fc236a6f1ef5537109ac36357dd63", + "revisionTime": "2018-03-16T07:12:44Z" + }, + { + "checksumSHA1": "/4zxHe2iBgWg5L9x+LOpRo0c3i0=", + "path": "github.com/elastic/go-sysinfo/providers/darwin", + "revision": "9c842019df6fc236a6f1ef5537109ac36357dd63", + "revisionTime": "2018-03-16T07:12:44Z" + }, + { + "checksumSHA1": "DZtaJU4DTt14eiDx5WXUHrmN6Kg=", + "path": "github.com/elastic/go-sysinfo/providers/linux", + "revision": "9c842019df6fc236a6f1ef5537109ac36357dd63", + "revisionTime": "2018-03-16T07:12:44Z" + }, + { + "checksumSHA1": "oX0/bPid3LuReipgLLFy5Pc7gRc=", + "path": "github.com/elastic/go-sysinfo/providers/shared", + "revision": "9c842019df6fc236a6f1ef5537109ac36357dd63", + "revisionTime": "2018-03-16T07:12:44Z" + }, + { + "checksumSHA1": "e+78LkI5GTavAzV9ySjdME4KgWk=", + "path": "github.com/elastic/go-sysinfo/providers/windows", + "revision": "9c842019df6fc236a6f1ef5537109ac36357dd63", + "revisionTime": "2018-03-16T07:12:44Z" + }, + { + "checksumSHA1": "zqbmoQ1OSDWiV/XTXzPLc/Vxcxo=", + "path": "github.com/elastic/go-sysinfo/types", + "revision": "9c842019df6fc236a6f1ef5537109ac36357dd63", + "revisionTime": "2018-03-16T07:12:44Z" + }, { "checksumSHA1": "61XUpyQ3zWnJ7Tlj0xLsHtnzwJY=", "path": "github.com/elastic/go-ucfg", @@ -538,6 +580,12 @@ "revision": "ec8488a52542c0c51e42e8ea204dcaff400bc644", "revisionTime": "2017-02-07T06:38:51Z" }, + { + "checksumSHA1": "DRu6+HSK/RVvCx0j2LdlL6vQjcA=", + "path": "github.com/elastic/go-windows", + "revision": "a8f9f07dec5f30c1e17afc9f360c0aed39225222", + "revisionTime": "2018-02-07T18:09:04Z" + }, { "checksumSHA1": "386qAesaBQFadNHu7di78fZT7xk=", "path": "github.com/elastic/gosigar", diff --git a/winlogbeat/docs/fields.asciidoc b/winlogbeat/docs/fields.asciidoc index 4fe0957a5b12..70b358e04609 100644 --- a/winlogbeat/docs/fields.asciidoc +++ b/winlogbeat/docs/fields.asciidoc @@ -17,6 +17,7 @@ grouped in the following categories: * <> * <> * <> +* <> * <> -- @@ -475,6 +476,62 @@ The raw XML representation of the event obtained from Windows. This field is onl The XML representation of the event is useful for troubleshooting purposes. The data in the fields reported by Winlogbeat can be compared to the data in the XML to diagnose problems. +[[exported-fields-host-processor]] +== Host fields + +Info collected for the host machine. + + + + +[float] +=== `host.hostname` + +type: keyword + +Hostname. + + +[float] +=== `host.id` + +type: keyword + +Unique host id. + + +[float] +=== `host.architecture` + +type: keyword + +Host architecture (e.g. x86_64, arm, ppc, mips). + + +[float] +=== `host.os.platform` + +type: object + +OS platform (e.g. centos, ubuntu, windows). + + +[float] +=== `host.os.version` + +type: object + +OS version. + + +[float] +=== `host.os.family` + +type: object + +OS family (e.g. redhat, debian, freebsd, windows). + + [[exported-fields-kubernetes-processor]] == Kubernetes fields diff --git a/winlogbeat/winlogbeat.reference.yml b/winlogbeat/winlogbeat.reference.yml index 3a8f3baa291b..4997044a8dae 100644 --- a/winlogbeat/winlogbeat.reference.yml +++ b/winlogbeat/winlogbeat.reference.yml @@ -144,6 +144,7 @@ winlogbeat.event_logs: # #processors: #- add_docker_metadata: ~ +#- add_host_metadata: ~ #============================= Elastic Cloud ==================================