elk7: 7.11.1 -> 7.16.1, 6.8.3 -> 6.8.21 + add filebeat module and tests #150879
Conversation
github-actions
bot
added
6.topic: nixos
github-actions
bot
added
8.has: changelog
8.has: documentation
ofborg
bot
requested review from
offlinehacker,
apeschar,
kalbasit and
basvandijk
|
I don't use es at the moment, but it looks good to me. |
- Use comparisons in jq instead of grepping - Match for `.hits.total.value` if version >= 7, otherwise it always passes - Make curl fail if requests fails
Filebeat is an open source file harvester, mostly used to fetch logs files and feed them into logstash. This module can be used instead of journalbeat if used with `filebeat7` and configured with the `journald` input.
- Don't use the deprecated elasticsearch7-oss package - Improve jq query robustness and add tracing
|
The elasticsearch plugins that had to be marked broken have now released compatible versions, so I've updated them and unmarked them. |
talyz
added
the
1.severity: security
|
I'm personally happy to merge anytime. If you want to be conservative, waiting until Monday for feedback makes sense. (I'm suggesting this because I don't think this PR will get a lot of attention, but I might be wrong). |
The latest version includes a fix for CVE-2021-44228.
Avoid unnecssary back-off when elasticsearch is running on the same host.
talyz
changed the title
ofborg
bot
added
10.rebuild-darwin: 11-100
10.rebuild-linux: 11-100
and removed
10.rebuild-darwin: 1-10
10.rebuild-linux: 1-10
labels
|
Updated ELK 6 to the latest release, too. @happysalada Sure, merging ASAP sounds good to me, since it's a critical security fix. I'll backport it to 21.11 when it's merged. |
… and tests (NixOS#150879)" This reverts commit ebaa226 which was a squash of multiple commits that shouldn't have been squashed.
|
@happysalada Did you do a "squash and merge"? All the commits were squashed, PGP signatures removed and author replaced. This messes up the history, makes backporting harder and, in this case, combined unrelated changes into one commit. I fixed it in #150979, so no worries, but if you want stuff squashed in other PRs, just tell the author :) |
|
ah my bad, by default it's a squash and merge and I didn't pay attention. Not intended, sorry for the trouble! |
|
Ah, no worries. That's a pretty strange default action, but github does weird stuff sometimes 🤷 |
|
if you choose squash and merge for someone, github will remember and set it as your default for the next one. |
|
Oh, I see. Good to know! |
… and tests (NixOS#150879)" This reverts commit ebaa226 which was a squash of multiple commits that shouldn't have been squashed.
Motivation for this change
journalbeat7package, since journalbeat has been removed from upstream.filebeatmodule to replace journalbeat's functionality. I'm currently not interested in using it myself, but I've tested basic functionality and added it to the test.elasticsearch7, lots of checks that shouldn't have passed did, because the wrong object was queried with jq.Things done
sandbox = trueset innix.conf? (See Nix manual)nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage./result/bin/)nixos/doc/manual/md-to-db.shto update generated release notes