From 64e6a72f19e37b2a46155ff293835e2494424655 Mon Sep 17 00:00:00 2001 From: Radovan Ondas Date: Fri, 29 Jun 2018 15:51:07 +0200 Subject: [PATCH] Add Slowlog fileset for the Elasticsearch module (#7473) This is the initial PR for slowlog indexing. --- CHANGELOG.asciidoc | 1 + filebeat/docs/fields.asciidoc | 160 ++++++++++++++++++ filebeat/filebeat.reference.yml | 6 + filebeat/include/fields.go | 2 +- .../module/elasticsearch/_meta/config.yml | 6 + .../elasticsearch/slowlog/_meta/fields.yml | 61 +++++++ .../elasticsearch/slowlog/config/slowlog.yml | 10 ++ .../slowlog/ingest/pipeline.json | 31 ++++ .../module/elasticsearch/slowlog/manifest.yml | 13 ++ .../elasticsearch/slowlog/test/test.log | 4 + .../slowlog/test/test.log-expected.json | 94 ++++++++++ filebeat/modules.d/elasticsearch.yml.disabled | 6 + 12 files changed, 393 insertions(+), 1 deletion(-) create mode 100644 filebeat/module/elasticsearch/slowlog/_meta/fields.yml create mode 100644 filebeat/module/elasticsearch/slowlog/config/slowlog.yml create mode 100644 filebeat/module/elasticsearch/slowlog/ingest/pipeline.json create mode 100644 filebeat/module/elasticsearch/slowlog/manifest.yml create mode 100644 filebeat/module/elasticsearch/slowlog/test/test.log create mode 100644 filebeat/module/elasticsearch/slowlog/test/test.log-expected.json diff --git a/CHANGELOG.asciidoc b/CHANGELOG.asciidoc index 32a0847f934..1de9491fd30 100644 --- a/CHANGELOG.asciidoc +++ b/CHANGELOG.asciidoc @@ -205,6 +205,7 @@ https://github.com/elastic/beats/compare/v6.2.3...master[Check the HEAD diff] - Converted part of pipeline from treafik/access metricSet to dissect to improve efficeny. {pull}7209[7209] - Add GC fileset to the Elasticsearch module. {pull}7305[7305] - Add Audit log fileset to the Elasticsearch module. {pull}7365[7365] +- Add Slow log fileset to the Elasticsearch module. {pull}7473[7473] *Heartbeat* diff --git a/filebeat/docs/fields.asciidoc b/filebeat/docs/fields.asciidoc index 2b2a811ca95..9f29a2b096c 100644 --- a/filebeat/docs/fields.asciidoc +++ b/filebeat/docs/fields.asciidoc @@ -976,6 +976,166 @@ type: keyword Elasticsearch component. +-- + +[float] +== slowlog fields + +Slowlog events from Elasticsearch + + +*`elasticsearch.slowlog.loglevel`*:: ++ +-- +type: keyword + +example: INFO + +Log level + +-- + +*`elasticsearch.slowlog.logger`*:: ++ +-- +type: keyword + +example: index.search.slowlog.fetch + +Logger name + +-- + +*`elasticsearch.slowlog.node_name`*:: ++ +-- +type: keyword + +example: v_VJhjV + +Name of the node + +-- + +*`elasticsearch.slowlog.index_name`*:: ++ +-- +type: keyword + +example: metricbeat-6.3.0-2018.06.26 + +Name of the index + +-- + +*`elasticsearch.slowlog.shard_id`*:: ++ +-- +type: keyword + +example: 0 + +Id of the shard + +-- + +*`elasticsearch.slowlog.took`*:: ++ +-- +type: text + +example: 300ms + +Time it took to execute the query + +-- + +*`elasticsearch.slowlog.types`*:: ++ +-- +type: keyword + +example: + +Types + +-- + +*`elasticsearch.slowlog.stats`*:: ++ +-- +type: text + +example: + +Statistics + +-- + +*`elasticsearch.slowlog.search_type`*:: ++ +-- +type: keyword + +example: QUERY_THEN_FETCH + +Please add description + +-- + +*`elasticsearch.slowlog.source_query`*:: ++ +-- +type: text + +example: {"query":{"match_all":{"boost":1.0}}} + +Slow query + +-- + +*`elasticsearch.slowlog.extra_source`*:: ++ +-- +type: text + +example: + +Extra source information + +-- + +*`elasticsearch.slowlog.took_millis`*:: ++ +-- +type: keyword + +example: 42 + +Time took in milliseconds + +-- + +*`elasticsearch.slowlog.total_hits`*:: ++ +-- +type: keyword + +example: 42 + +Total hits + +-- + +*`elasticsearch.slowlog.total_shards`*:: ++ +-- +type: keyword + +example: 22 + +Total queried shards + -- [[exported-fields-host-processor]] diff --git a/filebeat/filebeat.reference.yml b/filebeat/filebeat.reference.yml index 9aa56c1c828..f28b6f06941 100644 --- a/filebeat/filebeat.reference.yml +++ b/filebeat/filebeat.reference.yml @@ -104,6 +104,12 @@ filebeat.modules: # Filebeat will choose the paths depending on your OS. #var.paths: + slowlog: + enabled: true + # Set custom paths for the log files. If left empty, + # Filebeat will choose the paths depending on your OS. + #var.paths: + #------------------------------- Icinga Module ------------------------------- #- module: icinga # Main logs diff --git a/filebeat/include/fields.go b/filebeat/include/fields.go index 0c58c181bd8..a9fb0a7d6eb 100644 --- a/filebeat/include/fields.go +++ b/filebeat/include/fields.go @@ -31,5 +31,5 @@ func init() { // Asset returns asset data func Asset() string { - return "eJzsXd1347aVf89fgeOXzuzRaJJJm+1Oz+mpa48TtfPVsdPuPkkQCVGISYABQNvKX78HFwAJkiBFSrSdtPKTxY97fwAvgPsJfPUK3ZLdW7QmWH2FkKIqJW/RX82vmMhI0FxRzt6iP3+FEEIXnClMmUQRzzLO4D20oSSNJcJ3mKZ4nRJEGcJpisgdYQqpXU7k/CtkH3v7FRB6hRjOiGE81//C1SBP/XezJfAC4huktgQQIklYTFkCF1KeoIxIiRMi52jhPQWvUVmSkkRpgPp+xNmGJoXAmh3a0JTM9HV9Eyt0h9NCv4kKSWKgSZX+ybjyicEraMulspzs8zccWNVwzPQ9uLTSP1clHQ4t7sY1b3ea47i/40psWCJBVCEYidF6B6x4TjQbliC5k4pkiDN0v6XRtgLu9Z0oGKMsCaBRNCO/cDYAjXvyMdHcESEpZ/vB2AedWIE4w8dPCNNQSIzUlkojyvO66J79RTdFKpzlZ5aolvW3KMbK9YMgPxdUkPgtUqJwFzdcZFjVniMPOMv10DsvkkIq9OY7tUVvvv7muxn65s3bb//w9g/fzr/99s2w3gVI6N4IMrHDUA8QQSIuYnSPZdW+RqMUTmQ/l3OxpkpgsYNnTW9FWE8FIO85EeZDYRbDDyUwkzhS1fcw/dRgbGaHWj/y9U8kcmPN/FiaO7dkd89F3A+0nKsKSUQ1pvQEZZg1EBAhuKgBSAQv8n4m7/RLbgaMDEctvziOqX4Wp4iyDdcjO8IS5i/gI+dOGOys6Ag6NHYyK687TIo8KO9iB6wKmqUzbzGIeNymnnKWjKGuibRJa1ot0vVvNoi6ERO7REUpL+JqjbrQP1Eu+B2NiW6mwjFWOLxsfbB30UbwzFAqX5X6W1VTEI7jJTywdCT1kxGRkovOVUw/Ooe35o5sc2CTaM/o/egtb3WEc/SZS0m14MKaJBEWRBOcoSQiM8QFimlCFU55RDCbd2KjTCrMIrKke4bOwj6IFpcOkl5EUIajLWXNoRvisH9lKnn46/owLvaBpSdnZT+rN/OMxLTI+rl/MCRAxMYxt2oOTanaLb0lr0RQyFcES/Xqm2jPROoRQrAi0mq1o9LAobJa5npEDubG8quWUOydVw/DRc++orF8z3mSEjPSurkLkuxdar/AM/vaZwd6zKNbGD92pF+63wHi5h6SCis9/aYpifSaDcPc3NNjVm65UEuzArxFG5xK/dEwi7ZcOH6vylH+VX1Sdk0uYaHg+tA1j9s1gYg5jY+bE39k9OeCVAQRjUOzeskuCy0fozj6cgHknHZqAWhFYl3QVCHO+qB4k8GBSC5KnppWH68Ur0kqW9xqugTq1yf2YFlATxg+pdBqYa5E9gfzK0BkoZUBT1D1KteaeirZ1Nf3SqblPU4uj/8mP1izov01JpJ0M0EEhByLaEsViVQhJmhDjRx6QebJHD388bvld7+fISyyGcrzaIYymsuXbShczvMUK63SH4fk0zVyhCyGiDDF5QwV64KpYobuKYv5fQeIusVzOAZLJ8hjgzOa7o5mYcjYRgoSb7GaoZisKWYztBGErGXc11qatyDULvVwf0+l0hPa4vMrHMeCSElkm0GGo+Ma6dhssYjvsSAVsxkqZIHTdIc+nF/4GNw8clusiWBEEVnNJn/3rwXYVvdLNbiu01ZEkT+X9C+L1Ut7J6AaaDRqGsp5PMHy4PVAzmMztwVZFcdOTQ1Oml5wapU5jqZrVEWxzUxbYJP2oKbY0YVDF9dhjAw1lOG8zQkzxhX4vyZj55EM85xSYfH4RjXdpY/tBCpbkK+ha2eYlCfV1PKeJ+BfhIcJ2+f1Td3jKWV1p67fIMkLUQp/qA1Br1iPUwtYgk5fOQM1AlBABcHxHN1oiwLAuHZLY86vJU8LRVCO1RYpDhcrj6r+u+KisphWr++weJ3y5LXxQM5Tnqwaxg/fbCSpa1ye36RqnJtRh7TO0AR0guRcaOUQmigVFkoi3PQ+1v1DLd8QTRgXZInX/I68RV8f2PFWKpwNAIB0f5uP4fzupjvrIqAEwdkgERjQS1pKDUXj1dQQKEs8CU95ImfODfk7qWJeqN8hLuB/IsTv6vBywWVOIsXF3PMhjO0dyvLCxDeawmlcrnU/qy+iVJrYgBFHE2jQgOiGkmqgO+NgpVmsGjECw1wScKy6D3RFUwI+bLOomy+DXly++/zl3cX5zbvLt0gSglbwMjR99bLeM9Wdf+9OqbdaC9SydJ33N3JhPbmGX0KkQjnNCYyNHAtJzMRTOeJrY8WOKDlDVCGpuCDV+gYREEETynCKVlV0YYVeCJILIglTLt6lb1Yufk25NiG+ND3iBUugj1s+95RIouYZj4t0wLcte9K8MDhS4vgMC1eVXOxrg9nInUx5Mt/gCHxq003QliAiD0rgysFk3GWUC6p2YSju7mRQHEEn24ZPX29Ickf0G0vQtqaakSGsWGTYzMUQU3GM+j/Ko8NwjOatGV+bMPNc8ERMtzI149KWfBfz0vqYQBJo7DEF8o1wFsiE+yqT8XUEHfOg6BFxR6OaWTIibndt3raevhphLUkpuesVoG4dItGTJ7we7KpIED2/1Eh7IdoOurV367qnfrkewa6WQPvCvFxO+KYkWY5oaeY6Kntmem3juxnTUONZjgWVnjOoWko0LU9k9GwaXqc0D8h5WHO1hXgTjfXyE+G0JMtZuvNpyy0v0lhrYJAB4QwOnONoS95URsfZublyFrY27F30wa1KdT+FVUNChkfFCY2J4TqGLipsrnZ5LHCke65lpfl8engh35yyYWOn0jgcP9zcfL60fECznXuvN2GhmhqTcUWWNW9Y1zAZgBOwplSL7OIzss6qeZBzIYlYNqzmIznryQYi9zC/aokyo2CNJY0QLtTWyKPR/2zWTRBcRtSWN7n3ISutwe/f3YwHradUrRXqz2h5d3SaSKftrhrnH7+8D7PdKpUv2/7iCfgD35YHGdUkVOacSbJsZB+grgyEMZwd8UZWgs9/zePdUuvR8/VOETkUgcvYCb00AB0rsjUResUEAqXyRsQdERVsDa6r2zZEiDL6WMd73OdypMOMcWKcQm2ujTyUASwv/LWxYK/AWIrNGAc+2sanLJmjT3phsQYPoqaz9GMtkua1dymWikaSYBFtUZ4WCWU2Uc9LSuQCLnRPEzCHdTe4OcGPbbFt7o9Vc41JNlVrq5ZiFgeaGV46/A6Iida7Wrf75WxAN6CQorzdSa1MWKZNqH4w5ife7oqesToCENBu5gBW8tgDirLHA6VpHwIqxyraPt7XA/KH4AqoBUNglYvwxVbwIIUDxG4IXt6c4YegPQBLM9m1D9HyyYfBOHRPPR5GoTtQACf/pA5SQniHin7MGvM94YvPkGyqdRXdVwlWWyJIrFVmEmtL1IQXrJHgXIJNiqH1yBAftPS06B2yFGk7mjLC1BN+vJJntzBFvGBK7JZU8pAGOxGwC8MFLa4/BVRZVPOHGPunE0dC+DLntKXSjOgiPXqpKmKjV6RYwY9uTCYf8JG/m2HSSAZrIomo2j0yDs2igaLlMPDzytEh/oIr6yZw/hnjJzB0R/kHfNfZkI4YYEOU7kCg7YZSK+ncRxGBS2FaGJV/okqhBsdFK3Zg+63LU9BMukdHGDxm9CQJifs7JKdh58RhprB17aHFZZibmpSb2oITsotZLbJU53fwt7bBp1zwuIi8+q9aPzvfYxFTFfuuR7jQ4Xk0Hkfwx2lrDeo44PlylA13RTrGaIwnsjnSG9xRj1vSpHXUu/iIOeY9ZcWD4Q9ed/RRG9NpWhb7CYJiHhUZYXpcaT0DrUmEC1n/2mpLdubhHcMZjWARucNih9Y7S74qExzu54y4iJeNMpOB4tPH1FMb03iJi9ZQ2UP/ykzIlDX996AcprFlvrg0/kzn+AWrBEJ7SPEWUaABVMNQGbmfGioj9yXUuddri0uXYwH4Q2AFjgjaFJBL6yjzqpX6klUqqbAxBbVD0RazhEj0IqW37eV6TSKe6dEoOFcvuz+YHOuc2/u9JJFgdkz/xabFqj9YhXWOFqrxoZCiBOGQbq5b0Phg651PLNgESX4uCGt5i45ZSvyB6chb12mHczKKDliRjQsgAlXe6P9YSh5R0A/uqdr6Yc0Q2/ZyPURBuWxFa4O0H5M4VSQ7ynsNBKC6m/V1kH5sPBv9lssEYjGNsCLShk7hFi/KPDTFFU6buNp2AOQW2aeoRL8QwV+BKfwnhG1+Ed+gr1FGMJO2uNukBwqpgGiH3H09vnWGJhYJrJhuSrRVzhFO0854yXhegsgiVV6KiOOBXsjCRBW5QBtM00KQjun0eX0UK6P4zLXmofX6VYtkj+/85Kt4Kuu3hghybrrAPIlTwIdjGJ48OX7/dHlyrK1E/BHjmUy16x2WU+2ZKnMjZBk12aDhBlJnSoaeLQ63fvpMDcZjEhLbGrGzpvTpt84ab5TxjLO75T//tv3pn80HuuWtKr/YtcKCbSDwVD351iVMuvRSRWJYW9TMbM+Qc6HvIZovNzRVRHSD12+NRw7c9xpsAN9VZFsLbYsV4lFUCEhSw4yzXcYLuTTpMcuYMEriWSMfZKkXN7jceMr8TATWVutMT6PMJAsHr7nXFM5yvUgtbYLFDImCLbFHyP42L3R3Xp3/+G40n29/P/4L7HHlpYQ0Pzx60b5jZAajL++ub9D554V7+aUvJeV7JgEtIvSuWrerx7RBx0j6cgYzW7qEoqIXxlMTaeVN/6ZSFtYp51h1911F5+B+sy7CvSLoeRMbOeztTusG/M3/vJl/890f59/Mf/8mDLmhYVXpopRFNMdNV20baPkkeqHNGv36SzNkzABoDIturMtyYI3v3MbeLl1Y/fnRvGKQajkiDyQqejszSgupiHibcUYVF68zTFvN2Q+1EHQvTpB+wmJYbNGPXxadoF4vH3Ic3b6WJCoEVbvXS6+7hzs9Kx0JZGvwBOlkcUQvXqQEi+tI8DT9Yt4e34eW7XLN491erPqhSiWzkyfdIMK0Ct6DVL8Yxlbzw5fmSrtid5LlXxCtJt2RpTWsqyKRpSRROH9sk3J8gF8CKjpguvnbPz+Ysi9U5NraliTiLJYzhCXChjxlCTIC2ucgMc55uQR7eSkVzwH/pNC/x2KNE+L2NDDDGthaM12zNY2z7ehwKCme55QlyxL01EhvNAbF+a22vg0qC7QXmLcjVh3CQQGM7y8gVAFhC5wEis9NUuDjSHPEs5yzSYNvdTO7ZFAaFTSiLMGeNbGACx1mhLnZbz+UFMOdM8pwiMm6OCps0pXKbRsC9EeFaBvFSxN8oWtbQifRPWzV5j4R7INgYNrg2d7IbaOYZAJwoY2tzqDXzmbojHFFI6L/81xG+uc9Foyy5AwFso7OIkGhTuHsuWO8VQojbW/MMZ2QafInGfsPlzHQF4r2zijTiZnlcJK0/zBJcws5lf4qvrgenkOxWFyX+wR0bhpBaffmMQOyJVo80JOXcGkIBxRtGYVv0qKtm6q4ZF/h1qk2qsb254KI3dLUoTwOf+BgK13AFMaso+gn5yKsqB8WXncAwD3XZzX+qmv5HqHE8abKFtw3Wp6tDuu56+ZksV5KhVUxuGRuKHNZrA3hHu73lH37Znr+/zJbzKG9/J3LC1wSrRSKKQYl+EcoQxlNU9rvJ6EqGJA6drmgyrpoMYsRLffm7Zkn7MI1PRbfU2yXsVoVfbkLFYHgamM78xDU5yx5jTi/pRP3UGNfJsMCSRPhK6My/ctL4/yAiZDBnp1bgmM72fdj+I2W4wJs18u/KuhmNulGfqrnnbqetzjV857qeU/1vKd63lM976metwnmVM/7K8+RPWWBnup5fRyBet7Jyni7fMbj63if2wkG3Cd2T1rme72Tz+sut9wnbrtlvrftz+nGOAUKamyf2yErCJacLfOtwHJiF46FoOkjQ78zVlI8hisS4mh5nrp4QM55GlgZTtpX+XfSvk7a17+Z9uWOw8GbWz978O/6d0fmAdyrdpwIHlRjyaHjUweP3G/BgHU77Q7W/Jp71A/s4JvuDelTe+JYm1dot5gqQftf518+NhO0h2WXuC2YQzyfZwOWR8iLvSgTk1xHUzg0m7IE+r9raxzcKk85tPF/w3fYEBwFATZwmGo5RegG9oOgrEfeBqxfgW5B00w7jV4y21f09RPaK62o76MNhIXQB0Mb5VhUde8aXTecTZE2x+s0WKCAvUhT1z3Nr+kma7rGzJ+tzYWO6drc7M/1Limi3+yEPWn1wN9Nn4UrCFA9HXREBdL+2awQwgT0YEv7jQXSaSk2NxoxrFvndqGucziro6qkwtIvRnaXOoTK3e4XK48umlywLND3HtB6NxyzK5Nr3hhv0bRrakfUVw+MEKM+ZeJIO7FUJRq7zs1MwXPEhbGjYfub9zz5/U/m8a5MyMfbqowLu8Tcl3W5jXLsvvqtiT7cwrNl8ZoX9rAxc/iy28etAqh7dw+8lCdLaMfw0b4H4y3Z2Q3C0oKY6hmY6Dw7vGejRZny+yNn+TaJ08g6jawnH1ndo2o8ui/4HsVFlpcxTXfCWJtJmXkAvqiJXXu1Q+aBQR/vwBYHx0iMd8q/YfAWLVheKDlDV7DhhZyhT4XSV7RMXfCYRF31oJzfLilbmlTNIMbxrt93ULoNxbNQBmxLb5xTcEhiqMPFMGtlPDwaLGDWh8p+zhwL3JE4O16iryGtrNrBy4NkduYsRNuPFwS0DC5Sx61fr/5cR1aDZHLf7bHMBkpgQev7x6rGGWcJj9eeZmyvDC/L+aBfuPzr/tKcihcaU55TV189bo+9l2kg1NqFIIRiT4XYPuFsbYgcWrxLP9qidrlriut3VO1BdFUwqMvHKYqwIgkX9BcjjPvAXXz68OH84+VIiKw1ogcoPuRB7YVDGVWYxSmVirBRoEJkhygZ1gfT677yZjE3Nnfy59QbmR921/94P3xcalbwSn1kDt562LFHh9bSdQBAPSN2+uSIOpDxORJP6Sk3Kt5yso21zyGx27T8D/P/nr+Z1TZ7tRoljeewKax5zgbvZbkrrf9mi0PgpGy3bzjtCLTvCQfYGtaehvabGs8dD5jQiNwjy5rDKFEOJI8PaKhhZjb4hVJpe0SlBgJFiN1lIeOZQdmH3SvL2Tk9rN1X6NoguRXQH5I20Nq0awIgph5UTwhzSaKgGB663Q9sjgNqdYVG6/Czo7b8SXl0+yh4cQYbJmulto75HlPl7YytAejZZ02qRAbYQrxF1WjJVB7VXsHvJVQQTTT11otsNHUkiCoEq9T2nsEDaPSkSBmZ8pSFBiIZYTYMUNcqeAyYgtEHb41U+Jawao5bXb+7Qd7R5T3g4NZ4/jB/9pCd9HyLajdItLgshdxyt/oeSyh78PS9j/r3OH0PXjlQ33Ps0TH6XgAAepZDcA2QYw6/XWoDISgCWAg8UuDOmXnLbLinOXgLDZGw0z7Vc5Zm6k7AsHuJRzzLONOTIWVRWsRkhtZE0phI74SaFseK/KzGynwrU1opUUpvCVr976srLu6xiEms/1vN0TUhCKfSbC++KvtkFUpPe8R04vaxwd4u6HmxTmnUWrDriOErrkznw0HUjFcvtvhVvYQFcel2VmsO6LoWh6B3WLU1hxCQNkcA1qmv/Wo3UDjl8dbYng5D/s1VX58OQ/63KZ4+HYZ8Kp4+FU+fiqdPxdOn4ukWmFP5zql851S+89ss33GXW46jR6mirvxGz34m8jsDAGL/L8g8mRtIM+T2ce04b226M4A/l3E8whTdUCLQi8+Lyw6+U54GbKOSjm1XrU15vM5krC8qJ+0+9tMHFI3IObrWJcylc247p/Anc6XDLWzdseQh50JVnv2VpbPqL2uruKHj09nN6YHHDVHwe27CbbKnE2ZECb16qqEDdXqHmr/e2fhb87Rwd3BWh0MgdPLNEaCuuECURYJkhCltDmKFZyjD4hYSXLUCY1Jcy30PcRy3Ak3I7AGY8TsS+yfBcgatPYN3zmbozD5zNtMvnEmGc7nlqmOj6S2XalmNrmm/hDdXufkcIsq1bR+tlFvLn0qXYdte8z5qrS9NdyWh7urxgtEHiJdONBX9WA+OWekCGfIDu0hSFtl85ZxH2zn60R0vHPEsL5QLDK3+4sXSIp4WWdc2kzglLMYi2Jji4K9jcy0FsTpwmThmlMTqzBeaEYjeGo3bjnf7ycpIWc6lSgSpp0d9NhdH50hV7x0YOKuhQYenNtaBPPVJ7V3d4P5+NUlSNCO/cHbAie3uTZd8AGyfJhPLV6fC80fbN+kd9xdn7VPKelOiXJJ8i2zplsQKr9tbflQ8s53JAR7NMkh5WPLX1fnN+fupU7/iUBZ3XxJLhefbr+dfj4Jz6dKz+QbhsSkLFd/rd+/fXdyg/0JXXz59gG8o/zQKxz/s5vBYgQrwXDlxdrYWJK4d+vBF/+6Yo+Fef9WlI4eevZbXgC1ny4GT5XQm2o2Xblmd3W5QmThYV3rR1GVUmmKdv9v6e44uamrjKsNSEbGaoZVM8R3R/0RbmsYr9EKvzF8ur16ff7pC99rOZQmCey9nId10pRUJyki6Gp5pOlVFW6tZUGSoG3NHxJpLaJc5qWUFevHKns7SgfVRBmOL6oTJqdcu+xQyJYS2wsidO/vViMAdxQgjRtQ9F7eewT5Uq4iyMfkFg5KwsgyzuDzgsn/BmE92SMAP0FUsQVSVBwdaDFb/NbigPisS/ZVQk84e1azRs1jdkgnPNtJcb8mubpK5DvBPH+0wlcWU+yBAQqpICr1ISnRP1bYDVITTVEOyK5oJRHhL2jVcGG53GAIH2hsld3RMpl4IAuo9HF1tp7Q33lNWPADVqpDoyQsz4OxpHFeoNJ7+TX46zjsYmNwOvqIDuOaCJwJnh+sHBzOedL75XE04Dhj4yqTb4Wg/oOlXykHlWccVUYA7p6of8E7Sh1QhiRQPBDt8vlI20xAOjm7akSjNEXiRXo2ur3/Q7abMoJLDQot9ZeYDTGLdMQ3GTbXq7DyKSK6Mn/EKziK3bsYFu8Mpjc/m3jMBHhnBTCKMZAGZwJsiNezmFQX7jP0wNp3BZjq5otsy0htgYaPSJb4mvaqJWCmS5QptsbQHqzf7uTe7ckSXNjI5bcJks3NzLKVeNM+gR01W7C3ZnXWhagXYnRAGbgyCWu0U3Ci1qfeXXoEz3I6Plhqb4HlO4nbm8cT4dM9Waqz9xFr95Tlh5sCjLCMxxYqkO4eqC3Rg79/e3I4xgGEH4KO6VNKEYVWItsAPwlG+Xrp4LTCTeX1Ldl2MQ3kcfXPdAECjszlWdkjrUTTvSHo3f1OndYQTO7pTO0Ykd+wPzw8K0I9K8RiWNvB4yKhqyRkanFXxaLAM297e2p8SMxm6/Ykxg1JjhiTHjOivfQkyYR2piPkjKklGNSqLP11sXXNdOWtxpOLUyGIxf6UjGDSRj59uIOBXxJyIdhbloOm4llugqUVYmlVBky0t3X6dRLWOOB7I/ebm/7x1qMaRdtn73jp5f6AeFNnNBmMqSKS42B0BIpg6Xn4nwfmB6q/CIiHKWgbccz40Acp7qqJtIErtbemRhVaUYV3VcIyB605D2DPgNG4chw3ERx1zlvGBwy444Q/qqKp2ak0oS0zeRKfQtEznwQpeH/vFZafuNDlD+Ig9HLehJPIBdPV7aMPT2MvUYOQeGtipkm5JYF/aAcxissFFqgyBHnZBEYceeBYZd5yfXMh9XUX3EgB5BJnrBFA5iQLsPS/oY+2vYUh7HtJndkpaPE/ulhzC95Eck4NYt0RvCg/kEM5P6IO0EQclMNnQWy/kcGOujMt1si/t36ut4oeOCTIE+aFn2RDAQTlmS4DgB5+osL1TwTqVgJ9KwE8l4CF0pxJwdCoBP5WAs1MJ+KkEfDCsUwn4qQT8VAJ+KgE/lYCfSsBboH7FJeD1vgCDbAlyM6G54+2PaTjIIPuN4EwRFndb5oc5gfxR43jAMA/bXDi61SC6zN09GMKOAVGe1WLJ26CZM4EpOFTMVoFf/X8AAAD//+Nw3Wo=" + return "eJzsXVtz47ixft9fgfJLZk5pNJ7Lzsk6ValMfNlVMreMPclJzU5JEAlRWJMAFwBta1P576fQAHgFKVKix7uJ/GTx0v0BbDQaje7GN0/QNdmcoCXB6huEFFUxOUF/Nr9CIgNBU0U5O0F//AYhhE45U5gyiQKeJJzBe2hFSRxKhG8wjfEyJogyhOMYkRvCFFKblMjpN8g+dvINEHqCGE6IYTzV/8JVL0/9d7Um8ALiK6TWBBAiSVhIWQQXYh6hhEiJIyKnaFZ6Cl6jMiclidIA9f2AsxWNMoE1O7SiMZno6/omVugGx5l+E2WShECTKv2TcVUmBq+gNZfKcrLPX3FgVcEx0ffg0kL/XOR0OLS4Hde02WmO4/aOy7FhiQRRmWAkRMsNsOIp0WxYhORGKpIgztDtmgbrAnip70TGGGWRB42iCfmFsx5o3JP3ieaGCEk52w7GPujECsQZPn5EmIZCQqTWVBpRnlZF9+hPuilS4SQ9skS1rJ+gECvXD4L8nFFBwhOkROYurrhIsKo8R+5wkuqh9zqLMqnQ81dqjZ4fP3s1Qc+en7z49uTbF9MXL573612AhG6NIBM7DPUAESTgIkS3WBbtqzVK4Uh2c3ktllQJLDbwrOmtAGtVAPKeEmE+FGYh/FACM4kDVXwP0081xkY7VPqRL38igRtr5sfc3Lkmm1suwm6gua7KJBHFmNIKyjCrISBCcFEBEAmepd1MzvVLTgMGhqOWXxyGVD+LY0TZiuuRHWAJ+gv4yKkTBqsVHUGHxiqz/LrDpMidKl1sgVVAs3SmDQYBD5vUY86iIdQ1kSZpTatBuvrNelE3YmKnqCDmWVjMUaf6J0oFv6Eh0c1UOMQK+6ett/YuWgmeGEr5q1J/q0IF4TCcwwNzR1I/GRApuWidxfSjU3hr6sjWBzYJtozed6XprYpwij5wKakWXJiTJMKCaIITFAVkgrhAIY2owjEPCGbTVmyUSYVZQOZ0y9CZ2QfR7MxB0pMISnCwpqw+dH0cts9MOY/yvN6Pi31gXpKzvJ/V82lCQpol3dzfGhIgYsOYWzOHxlRt5qUpL0eQyScES/XkWbBFkZYIIZgRaTHbUWngUFlMcx0iB7ox/6o5FHvnyV1/0bOvaCzfcx7FxIy0du6CRFun2o/wzLb22YEe8uAaxo8d6Wfut4e4uYekwkqr3zgmgZ6zYZibe3rMyjUXam5mgBO0wrHUHw2zYM2F4/ckH+XfVJWya3IOC3nnhzY9bucEIqY03E8nfmL054wUBBENfVo9Z5f4po9BHMtyAeScdWoBaENimdFYIc66oJSUwY5ITnOemlYXrxgvSSwb3Cq2BOq2J7ZgmUFPGD650GphLkT2B/PLQ2SmjYGSoOpZrqF6CtnU17dKpuU9TC73/yY/2GVF82uMJOlGQXiEHItgTRUJVCZGaEOFHHpEptEU3f3+1fzVywnCIpmgNA0mKKGpfNyEwuU0jbHSJv1+SN5fIkfIYggIU1xOULbMmMom6JaykN+2gKiueHbHYOl4eaxwQuPN3iwMGdtIQcI1VhMUkiXFbIJWgpClDLtaS9MGhMqlDu5vqFRaoc0+PMFhKIiURDYZJDjYr5GOzRqL8BYLUjCboExmOI436O3r0zIGp0eusyURjCgiC23y1/I1D9vifm4GV23agigq65LuabF4aasCqoBGg9RQysMRpodSD6Q8NLrNyyrbVzXVOGl6XtUqUxyM16iCYpOZXoGN2oOaYksX9p1c+zEy1FCC0yYnzBhX4P8ajV2JpJ/nmAZLiW9QsV262I5gsnn5GrpWw8Q8KlTLGx6BfxEeJmyb1zd2j8eUVZ265QZJnolc+H1t8HrFOpxawBJs+sIZqBGAASoIDqfoSq8oAIxrtzTL+aXkcaYISrFaI8XhYuFR1X8XXBQrpsXTGyyexjx6ajyQ05hHi9rih69WklQtrpLfpGic06h9WmdoAjpBUi60cQhNlAoLJRGuex+r/qGGb4hGjAsyx0t+Q07Q8Y4db6XCrQEAkO5v8zGc3910Z1UElCA46SUCPXpJS6mhaLyaGgJlUUnCYx7JiXND/k6qkGfqd4gL+J8I8bsqvFRwmZJAcTEt+RCG9g5laWb2N+rCaVyuVT9rWUSpNHsDRhzNRoMGRFeUFAPdLQ4WmsWitkdgmEsCjlX3gS5oTMCHbSZ182XQo7PzDx/PT19fnZ+dIEkIWsDL0PTF42rPFHf+szul2motUPPcdd7dyJn15Bp+EZEKpTQlMDZSLCQxiqdwxFfGih1RcoKoQlJxQYr5DXZABI0owzFaFLsLC/RIkFQQSZhy+136ZuHi15QrCvGx6ZHSZgn0ccPnHhNJ1DThYRb3+LZ5T5oXeu+UOD79tqtyLva13mzkRsY8mq5wAD618RS0JYjInRK4cDAZdxnlgqqNH4q7OxoUR9DJtuHT1RuS3BD9xhysrbE0MmwrZgk2uhj2VByj7o9y7zAco2lD4+slzDQVPBLjzUz1fWlLvo15vvoYQRJoWGIK5GvbWSAT7quMxtcRdMy9okfEDQ0qy5IB+3aX5m3r6asQ1pIUk5tOAWq3ISKtPOF1b1cFgmj9UiFd2qJtoVt5t2p76perO9jFFGhfmObTCV/lJPMRLY2uo7JD0+s1vtOYhhpPUiyoLDmDiqlE0yqJjNam/nlK84CYhyVXa9hvoqGefgIc52Q5izdl2nLNszjUFhhEQLgFB05xsCbPi0XH0Wtz5ci/2rB30Vs3K1X9FNYM8S08Ck5oyB6uY+h2hc3VNo8FDnTPNVZpZT4dvFB5OWW3jZ1J43D8cHX14czyAct2Wnq9DgtVzJiEKzKveMPahkkPnIA1plpkZx+QdVZNvZwzScS8tmrek7NWNrBzD/pVS5QZBUssaYBwptZGHo39Z6NuvOASota8zr0LWb4a/P78ajhorVK1Vag/o+Xd0mkiHre7Kpw/fXzjZ7tWKp03/cUj8Ae+DQ8yqkioTDmTZF6LPkBtEQhDODvitaiEMv8lDzdzbUdPlxtFZF8ELmLH91IPdCxLlkToGRMI5MYbETdEFLA1uLZuWxEh8t3HKt79Ppcj7WeMI+MUanKtxaH0YHlanhsz9gQWS6EZ48BHr/Epi6bovZ5Y7IIHUdNZ+rEGSfPaeYylooEkWARrlMZZRJkN1CsFJXIBF9rVBOiw9gbXFfzQFtvmfiqaa5ZkY7W2aClmoaeZ/qmj3AEh0XZX43a3nPXoBuQzlNcbqY0Jy7QOtbwZ8xNvdkXHWB0ACGjXYwALeewARdn9gdK0dwGVYhWs7+/rAfldcHnMgj6w8kn4dC24l8IOYtcHL69r+D5od8BSD3btQjT/6sNgGLqvPR4GodtRAEf/pA5SRHiLib7PHPM94bMPEGyqbRXdVxFWayJIqE1mEuqVqNlesIsE5xKsU/TNR4Z4r6mnQW+XqUivoykjTH3Fj5fzbBemgGdMic2cSu6zYEcCdmq4oNnle48piyr+ELP+acURET5POW2YNAO6SI9eqrLQ2BUxVvCjHZOJB7zn72aY1ILB6kgCqjb3jEOzqKFoOAzKceVoF3/BhXUTOP+M8RMYuoP8A2XXWZ+O6LGGyN2BQNsNpUbQeRlFAC6FcWEU/okihBocF429A9tvbZ6CetA92mPBY0ZPFJGwu0NS6ndO7LYUtq49NDvzc1OjclNrcEK2MavsLFX57fyt7eZTKniYBaX8r0o/O99jFlIVll2PcKHF82g8juCP06s1yOOA5/NR1t8V6RijIZ7I+kivcUcdbkkT1lHt4j10zBvKsjvDH7zu6J1eTMdxnuwnCAp5kCWE6XGl7Qy0JAHOZPVrqzXZmIc3DCc0gEnkBosNWm4s+SJNsL+fM+AinNfSTHqKTxfTktkYh3OcNYbKFvoXRiFTVvffg3EYh5b57Mz4M53jF1YlsLWHFG8QBRpA1Q+VkduxoTJym0OdlnptduZiLAC/D6zAAUGrDGJpHWVetFJfskYlFXZPQW1QsMYsIhI9iul1c7pekoAnejQKztXj9g8mhzrntn4vSSQsO8b/YuNi1R+swDpFM1X7UEhRgrDPNtctqH2w5aZMzNsESX7OCGt4i/aZSsoD05G3rtMW52QQ7DAjGxdAAKa8sf+xlDygYB/cUrUub2v62Dan6z4Gylljt9ZL+z6JU0WSvbzXQACyu1lXB+nHhrPRb7lIIBbSACsi7dYp3OJZHoemuMJxHVdzHQCxRfYpKtEvRPAnsBT+A8I2voiv0DFKCGbSJneb8EAhFRBtkbvj4a0zNLGIYMZ0KtFmOQc4jlv3S4bzEkRmsSqFiDge6JHMzK4iF2iFaZwJ0qJOH9ZHsTCGz1RbHtquXzRIdvjOD76Kr7X6rSCCmJs2MF/FKVCGYxgePDnl/mnz5Ni1EimPmNKSqXK9ZeVUeaaI3PCtjOpsUP8FUmtIhtYWu69+upYajIfEJ7YVYkd16dNvHdXeyPczjm7mf//L+qe/1x9ol7ci/WLT2BZsAoGnqsG3LmDShZcqEsLcoiamPEPKhb6HaDpf0VgR0Q5evzUcOXDfumAD+C4j267Q1lghHgSZgCA1zDjbJDyTcxMeMw8JoySc1OJB5npyg8u1p8zPSGC9ap1oNcpMsLD3mntN4STVk9TcBlhMkMjYHJcI2d/mhfbOq/If3o3m823vx3/AelyVQkLqHx49at4xMoPRx/PLK/T6w8y9/LgsJfl7JgAtIPSmmLeLx/SCjpH48QQ0WzyHpKJHxlMTaONN/6ZSZtYp51i1911BZ+d+sy7CrSJY8ibWYtibndYO+Nl3z6fPXv1++mz68rkfcs3CKsJFKQtoiuuu2ibQ/En0SC9r9OuPzZAxA6A2LNqxzvOBNbxza7Vd2rCW9aN5xSDVckTuSJB1dmYQZ1IRcZJwRhUXTxNMG83ZDjUTdCtOkH7CQphs0aePs1ZQT+d3KQ6un0oSZIKqzdN5qbv7Oz0LGwlkq7eCdLI4oBdPY4LFZSB4HH80bw/vQ8t2vuThZitW/VBhklnlSVeIMG2CdyDVL/qxVfzw+XKlmbE7yvQviDaTbsjcLqyLJJG5JIE/fmwVc7yDXwIyOkDd/OXvb03aF8pSvdqWJOAslBOEJcKGPGURMgLa5SAxznk5h/XyXCqeAv5RoX+PxRJHxNU0MMMa2NplumZrGmfb0eJQUjxNKYvmOeixkV5pDIrza736Nqgs0E5gpYpYVQg7bWB8fwpbFbBtgSNP8rkJCrwfaQ54knI26uZbdZmdM/C0K+a31T2Kqra4NPedCxIGwnl95eH+Cj3x+fnxs98/OX715Pl3V8+OT45fnTx7OfnuxYsvn2fvLt6jL58pC8nd1JCYWhDTnzMiNl/QZ2uJf0GfE6IEDZYEqyevpi+mx0803enxq+nzV18+H38Bufn8cvptIr9M4Mc8oXFM5eeX8FuPrzVV8vOz716++FZf2qREfv4yMaVp4B+AALbb5799Ov/4z/nVD+fv5hfnV6c/5DTkGotQfn6mn4cs2s//+vEI0P54dPKvH48SrIL1HMex+bnkXKofj06eTY///e9/f5kcbZWbpniUNpCa+8PVb/SG2/yJqmYuvobu8+q9NtEqcY1qa5oGz8gGgbdx9X7iFVFVmdmOxb/Wq8J517nK27LG2wYAGjIEAbzQBqFDpIfBAqGc1xzTVVCzPBkJHm6DdDyMsR5nHUxBoVOV63Rr/wAMGDNtMF4cHyfSB6W2x5/j0IO5C4i+38ZsYF9rddHB6lJhRUEpDuHX0q6SSmpn+SEmWEJdvPL1FuZ1xTaw8aDy5vDtuvog5rfdH3iA0hzQXZD+Oa9UN/DBO9eP2baUfd0jfLDSxLNtXMCgoAyZp42B04Lg5fOBo9LNdl0YwPbTD43J1EyPW9nqb09JaHRRG4DnXQCsS5QGlEW45AudwYUWJ6i52e39zCmi/d2eIVlmewV9tCWi2YYA/UEBZrXU620fdws8/XdpCwBIdAuFZp2BCVWcDEwb+rM17qyWCjsCOF9ZziPotaMJOmJc0YDo/8pKYIKObrFglEVHyBMzfRQIClmWRw8doVYkYNBmWbHxhEyTP8jYf7mMgbcja9Z1G0/MLIeDpP2XSZqbyKksz+Kzy/4RoLPZZV7lqLXkFaXtpe96xHo2eKCvnoCuIeyQcm7cVaOmnF8VqbHb0s4Pmd0VtrDmmZss2vvhDxxsni448jFrSVlOufC7GXcLDnQAYHOxy+f9q65EcA8FGq6KXIdto+XBssgfOutfZsu5VFhlvRP++zKX2dIQ7uB+S9mL5+Pz/4cpkIu28ncbdrCh0ggAHWNQwu5OzdfQ8iWo8obT7DtdUGU3mDELEc1PFujQE3biGh9LeZ/bTmOVGkB5DU0CoWG1w1h8UB+yYEfA+TUduYdqVSUNCyRNfFIeU9I9vdROPxoJGVQcXxMcWmXfjeE3WkwEYLte/lVBN9qkHfmhGsnY1UiyQzWSQzWSQzWSQzWSQzWSQzWSOphDNZJfeYbPIYflUI2kjMNTjWS0IiRtPuPhVUge2gkG3Ed2T1rmW72TD+sut9xHbrtlvrXtD+nGOGwUVNg+tENWECw5m6drgeXILhwLQdNHhn7rXkl2H65I2EdL09jtB6Scx56Z4WB95X8H6+tgff2HWV/uMD+8ui5HD/5V/26JPIB7Rb0s7zF7lhzaP3Rwz2pRBqw7J6C35Vc/YadnB1+1H6cT2/NSm7x8te6KmNt/vP74rp5e1i+6xB0g4eP5MOXj7iGr5zQPTHIdTSWyNZh0/7cV9sON5NpdG/8XfIMNwUEQoPzUWNMpQldQzYqyDnnrMX95ugWNo3ZqvWSKb3X1E9oqrajro/WEhdBbQxulWBRVezS6djirLK6P13GwQPmdLI5d99S/plPWdIlZWVubCy3q2tzsjvXOKaLfrMIeNffxr6bP/PmPqJYEM6JZfpoJYTb04ECelQXSulKsl0kzrBunjqK2U8SLgzalwrJcSsVdahEqd7tbrEp00eiCZYG+KQGtdsM+NSVd84Z4i8adU1t2ffXA8DHqMib2XCfmpkStZu7ElGsJuDDraCje94ZHL38yj7dFQt5foVUu7BRzm1cVqRWT6co+H+nDzUprWbzkmT0qNWPMVICFKrQFQN27W+DFPJpDO/qP9i0Yr8nGljeNM2KyZ0DRldbhHWWimwnSgwdck8RhZB1G1lcfWe2jaji6j/gWhVmS5nua7nzUJpM88gB8USO79spZ14ZBF+9GRu1+EmMLvhS8T9CMpZmSE3QB5brkBL3PlL6iZeqUhyRoq2bB+fWcMl8S6e6u33NIvIbSH1DExKbeOKdgn8BQh4th1oh4uDdYwKwLlf2cKRa4JXB2uERfQlhZUX+0BMnUFc9E04/nBTT3TlL7zV9P/lhFVoFkYt+XmxJmz4TW9Y81jRPOIh4uS5axvdI/LeetfuHsz9tTcwpeaEh6TtV8LXG770rsnq3WNgQ+FFsyxLYJZ+M4B9/knfvRZpXL23K4/Y6qLYguMgZVhXCMAqxIxAX9xQjjNnCn79++ff3ubCBE1hjRPQwfcqe2wqGMKszCmEpF2CBQPrJ9jAzrg+l0X5W0mBubG/lzXBqZbzeXf3vTf1xqVvBKdWT2PjjBsUe75tK1AEAdI3b84IgqkOExEl/TU25MvHp9l92n3dcQ2G1a/u30f6fPJ5VS9daipOEUStqb5+zmvcxr6pffbHAwVcIrZy27U09oy0b7lu0Am8Pa0dDupcZD7weMuIjcIsuawyBR9gSP92ioYWaOJ4BUaXvAdl7bpz0tZDgzSPuwlT7dOqeDtfsKbcc7NDb0+4QNNEqOjgDE5INqhTCVJPCK4a7FCqHOCpjVBRptw0/2KlgY8+D6XvDiBI570EZtFfMtpqp0rocGoLXPkhSBDHAASoOqsZKp3Ku9gt9KyCAaSfVWk2w0dSSIygQrzPaOwQNotFKkjIx5RlQNkQww6weobRbcB0zG6F1pjlT4mrBCxy0uz6+Ku4sucM0qVf2i5fLiVS3KY8yeL2pZo9lZLuSWu7X3WETZXcnee6d/D7P34JUd7T3HHu1j73kAoAc5wt8A2efo/rleIHhFAAuBBwrca2beMuWCNYfSREMknBNEtc7STN35XfYklIAnCWdaGVIWxFlIJmhJJA2JLJ2v1+BYkJ9UWJlvZVIrJYrpNUGL/3tywcUtFiEJ9X+LKbokBOFYmsNRFnmfLHzhafcYTnzaCCUuneGSZsuYBo0Ju4oYvuLCdP4UzVaI8eLFBr+il7AgLtzOWs0eW9fiEPQGq6bl4APS5AjAWu21X20BhUMcb4XtQ4ZUP3QM8W80+/rBinAckqfHTp7+dEiePiRPH5KnD8nTh+TpQ/J0HcwhfeeQvnNI3/ltpu+4yw3H0b1kURd+o+H7hCOHz50bALD3/4hMo6mBNEGujmvLabHNU4t3XQF+yPfxCFN0RYlAjz7Mzlr4qhG9pXZX0rFty7XJDwccjfVp4aTdxn78DUUjco6udQlz6Zzbzin8XubnLXiIWncsuUu5UIVnf2HpLLrT2gpuaP9wdnP28X5DFPyeK3+b7NnK5mwVSVTfgTq+Q60839n9tzVWRS3B0rGfLQ4B37l9e4C64AJRFgiSEKb0chArPEEJFtcQ4KoNGBPimtc9xGHY2GhCpgZgwm9IWD7HnjNo7RG8czRBR/aZo4l+4UgynMo1Vy2Fptdcqnkxusb9EiVd5fQ57ChXyj5aKbcrfypdhG1zznunrb443uSE2rPHM0bvYL90JFX0qbo5ZqULZKi8sYskZYGNV055sJ6iT9JuogY8STPlNoYWfyrtpQU8zpK2MpM4JizEwtuYbOevY2MtBbE2cB44ZozE4sQ6mhDYvTUWtx3v9pPlO2UplyoSpBoe9cFcHBwjVby348ZZBQ3aPbSxCuS+oxvrO3dt3eD+fjVBUjQhv3DWeexuO6tfrPbK2X6dSKyyOeXXH03fZOmw4jBpnrHaGRLlguQbZHO3JFZ42Sz5UTqzbGNigAez9FLuF/x18frq9ZuxQ79CXxR3VxBL+XSy6fEgOGcuPJuvEB4aslDwvTx/c356hf4HXXx8/xa+ofzDIBx/s8XhsQIT4KFi4qy2FiSsHPrwUf9u0dFwrzvr0pFDD57La8Dm2rKnshxviXZVCrecnbnZ1KAy+2Bt4UVjp1FpilX+rvT3FJ1WzMZFgqUiYjFBCxnjG6L/CdY0DhfokZ6ZP55dPH39/gLd6nUuixDcezzx2aYLbUhQRuJF/0jTsTLaGs2CJEPdmBsillxCu8xJLQuwixf2dJYWrPcyGBtURwxOvXTRpxApIfQqjNy4k+uNCNxQjDBiRN1ycV1asPe1KoJkSHxBryCsJMEszI/n7p4wpqMdEvADdBWL2o7IdLggPysQ3ZlQo2qPQmt0TFbXZMSzjTTXa7KpLslcB5TPTm9ZKosx6yBAQKqIsgROOr6lat0CKsBxrCHZGc1sRJSmtEu40H/dYQjsuN7IuaN9IvV8EFBXqF6m1mOuN95Qlt0B1SKR6KsnZmCJwNuYo9J4uov8tJx30DO4HXxFO3BNBY8ETna3D3ZmPKq++VAoHAcMfGXSVTjaDmj8mbJXetZ+SRTgzinyBwqHoAkVkkhxz2ZHma+U9TCEnXc37UiU5gi8QM9Gl5c/6HZTZk9977e12JVm3mNJrDumxrhuVh29DgKSKuNnvMA0zt2MM3aDYxoeTUvPeHgkBDOJMJIZRAKvstiwmxYU7DP2w9hwBhvp5JJu851eDwu7K53jq9MrmoiVIkmq0BpLtIKH6/3cGV05oEtrkZw2YLLeuSmWUk+aR9CjJir2mmyO2lA1NtidEHpu9IJaVAqupdpU+0vPwAlu7o/mFpvgaUrCZuTxyPh0zxZmrP3E2vzlKWHmwKMkISHFisQbh6oNtKf2b2dsxxDAUAF4ry6VNGJYZaIp8L1w5K/nLl4LzEReX5NNG2NfHEeXrusBaHA0x8IOaT2Kpi1B7+Zv7LAOf2BHe2jHgOCO7dvzvTboB4V49AsbuD9kVDXkDPWOqrg3WIZtZ29tD4kZDd32wJheoTF9gmMG9Ne2ABm/jZSF/B6NJGMa5cmfbm9dc1241eJAw6kWxWL+ckcwWCLv3l/Bhl8WciKaUZS91HEltkBTC7A0s4Imm690u20S1TjiuCf3q6t/luahCkfatt4vzZO3O9pBgS02GFJBAsXFZg8Q3tDx/DsJznc0fxUWEVF2ZcBLzoc6QHlLVbD27FKXSnokvhmlX1fVHGPgutMQtgw4jRuH/gXivY45y3jHYedV+L06qsidWhLKIhM30So0jaVzbwOvi/3srNV2Gp0hfMQOjmtfEHkPuvo9tOJxWIrUYOQWGthqkq6Jpy5tD2YhWeEsVoZABzuviEMPPIiMO85fXcjLtoruJQByDzLXCqBwEnnYl7yg91Vfw5AueUgf2Clp8Xx1t2QfvvfkmOzFuiF6Y3gg+3D+ij5Iu+OgBCYrel3acrgyV4bFOtmXttdqK/ihfTYZvPzQgxQEcFD2KQng/eAjJba3GliHFPBDCvghBdyH7pACjg4p4IcUcHZIAT+kgPeGdUgBP6SAH1LADynghxTwQwp4A9SvOAW82hewIJuD3Iy43CnVxzQcpJf9SnCmCAvbV+a7OYHKo8bxgGHuX3Ph4FqDaFvubsHgdwyI/KwWS95umrklMAWHiikV+M3/BwAA//+Kb0Qw" } diff --git a/filebeat/module/elasticsearch/_meta/config.yml b/filebeat/module/elasticsearch/_meta/config.yml index 98942fa5404..af0d2fdcfc0 100644 --- a/filebeat/module/elasticsearch/_meta/config.yml +++ b/filebeat/module/elasticsearch/_meta/config.yml @@ -18,3 +18,9 @@ # Set custom paths for the log files. If left empty, # Filebeat will choose the paths depending on your OS. #var.paths: + + slowlog: + enabled: true + # Set custom paths for the log files. If left empty, + # Filebeat will choose the paths depending on your OS. + #var.paths: diff --git a/filebeat/module/elasticsearch/slowlog/_meta/fields.yml b/filebeat/module/elasticsearch/slowlog/_meta/fields.yml new file mode 100644 index 00000000000..78a4f491cc4 --- /dev/null +++ b/filebeat/module/elasticsearch/slowlog/_meta/fields.yml @@ -0,0 +1,61 @@ +- name: slowlog + description: "Slowlog events from Elasticsearch" + example: "[2018-06-29T10:06:14,933][INFO ][index.search.slowlog.query] [v_VJhjV] [metricbeat-6.3.0-2018.06.26][0] took[4.5ms], took_millis[4], total_hits[19435], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[1], source[{\"query\":{\"match_all\":{\"boost\":1.0}}}]," + type: group + fields: + - name: loglevel + description: "Log level" + example: "INFO" + type: keyword + - name: logger + description: "Logger name" + example: "index.search.slowlog.fetch" + type: keyword + - name: node_name + description: "Name of the node" + example: "v_VJhjV" + type: keyword + - name: index_name + description: "Name of the index" + example: "metricbeat-6.3.0-2018.06.26" + type: keyword + - name: shard_id + description: "Id of the shard" + example: "0" + type: keyword + - name: took + description: "Time it took to execute the query" + example: "300ms" + type: text + - name: types + description: "Types" + example: "" + type: keyword + - name: stats + description: "Statistics" + example: "" + type: text + - name: search_type + description: Please add description + example: "QUERY_THEN_FETCH" + type: keyword + - name: source_query + description: "Slow query" + example: "{\"query\":{\"match_all\":{\"boost\":1.0}}}" + type: text + - name: extra_source + description: "Extra source information" + example: "" + type: text + - name: took_millis + description: "Time took in milliseconds" + example: 42 + type: keyword + - name: total_hits + description: "Total hits" + example: 42 + type: keyword + - name: total_shards + description: "Total queried shards" + example: 22 + type: keyword diff --git a/filebeat/module/elasticsearch/slowlog/config/slowlog.yml b/filebeat/module/elasticsearch/slowlog/config/slowlog.yml new file mode 100644 index 00000000000..8d9139a7115 --- /dev/null +++ b/filebeat/module/elasticsearch/slowlog/config/slowlog.yml @@ -0,0 +1,10 @@ +type: log +paths: +{{ range $i, $path := .paths }} + - {{$path}} +{{ end }} +exclude_files: [".gz$"] + +fields: + service.name: "elasticsearch" +fields_under_root: true diff --git a/filebeat/module/elasticsearch/slowlog/ingest/pipeline.json b/filebeat/module/elasticsearch/slowlog/ingest/pipeline.json new file mode 100644 index 00000000000..bb3a45d9cbf --- /dev/null +++ b/filebeat/module/elasticsearch/slowlog/ingest/pipeline.json @@ -0,0 +1,31 @@ +{ + "description": "Pipeline for parsing elasticsearch slowlog logs", + "processors": [ + { + "rename": { + "field": "@timestamp", + "target_field": "event.created" + } + }, + { + "grok": { + "field": "message", + "patterns": [ + "\\[%{TIMESTAMP_ISO8601:elasticsearch.slowlog.timestamp}\\]\\[%{WORD:elasticsearch.slowlog.loglevel}(\\s*)?\\](\\s*)?\\[%{DATA:elasticsearch.slowlog.logger}\\]\\s*\\[%{WORD:elasticsearch.slowlog.node_name}\\]\\s*\\[%{DATA:elasticsearch.slowlog.index_name}\\]\\[%{DATA:elasticsearch.slowlog.shard_id}\\]\\s*took\\[%{DATA:elasticsearch.slowlog.took}\\],\\s*took_millis\\[%{NUMBER:elasticsearch.slowlog.took_millis:int}\\],\\s*total_hits\\[%{NUMBER:elasticsearch.slowlog.total_hits:int}\\],\\s*types\\[%{DATA:elasticsearch.slowlog.types}\\],\\s*stats\\[%{DATA:elasticsearch.slowlog.stats}\\],\\s*search_type\\[%{DATA:elasticsearch.slowlog.search_type}\\],\\s*total_shards\\[%{NUMBER:elasticsearch.slowlog.total_shards:int}\\],\\s*source\\[%{GREEDYDATA:elasticsearch.slowlog.source_query}\\],(\\s*)?(extra_source\\[%{DATA:elasticsearch.slowlog.extra_source}\\])?,?" + ] + } + }, + { + "rename": { + "field": "elasticsearch.slowlog.timestamp", + "target_field": "@timestamp" + } + } + ], + "on_failure" : [{ + "set" : { + "field" : "error.message", + "value" : "{{ _ingest.on_failure_message }}" + } + }] +} diff --git a/filebeat/module/elasticsearch/slowlog/manifest.yml b/filebeat/module/elasticsearch/slowlog/manifest.yml new file mode 100644 index 00000000000..3183cf9742e --- /dev/null +++ b/filebeat/module/elasticsearch/slowlog/manifest.yml @@ -0,0 +1,13 @@ +module_version: 1.0 + +var: + - name: paths + default: + - /var/log/elasticsearch/*_index_search_slowlog.log + os.darwin: + - /usr/local/elasticsearch/*_index_search_slowlog.log + os.windows: + - c:/ProgramData/Elastic/Elasticsearch/logs/*_index_search_slowlog.log + +ingest_pipeline: ingest/pipeline.json +input: config/slowlog.yml diff --git a/filebeat/module/elasticsearch/slowlog/test/test.log b/filebeat/module/elasticsearch/slowlog/test/test.log new file mode 100644 index 00000000000..f5b2a75fea5 --- /dev/null +++ b/filebeat/module/elasticsearch/slowlog/test/test.log @@ -0,0 +1,4 @@ +[2018-06-29T10:06:14,933][INFO ][index.search.slowlog.query] [v_VJhjV] [metricbeat-6.3.0-2018.06.26][0] took[4.5ms], took_millis[4], total_hits[19435], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[1], source[{"query":{"match_all":{"boost":1.0}}}], +[2018-06-29T10:06:14,943][INFO ][index.search.slowlog.fetch] [v_VJhjV] [metricbeat-6.3.0-2018.06.26][0] took[10.8ms], took_millis[10], total_hits[19435], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[1], source[{"query":{"match_all":{"boost":1.0}}}], +[2018-06-29T09:01:01,821][INFO ][index.search.slowlog.query] [v_VJhjV] [metricbeat-6.3.0-2018.06.26][0] took[124.3ms], took_millis[124], total_hits[0], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[1], source[{"size":500,"query":{"match_none":{"boost":1.0}},"version":true,"_source":{"includes":[],"excludes":[]},"stored_fields":"*","docvalue_fields":["@timestamp","ceph.monitor_health.last_updated","docker.container.created","docker.healthcheck.event.end_date","docker.healthcheck.event.start_date","docker.image.created","kubernetes.container.start_time","kubernetes.event.metadata.timestamp.created","kubernetes.node.start_time","kubernetes.pod.start_time","kubernetes.system.start_time","mongodb.status.background_flushing.last_finished","mongodb.status.local_time","php_fpm.pool.start_time","postgresql.activity.backend_start","postgresql.activity.query_start","postgresql.activity.state_change","postgresql.activity.transaction_start","postgresql.bgwriter.stats_reset","postgresql.database.stats_reset","system.process.cpu.start_time"],"script_fields":{},"sort":[{"@timestamp":{"order":"desc","unmapped_type":"boolean"}}],"aggregations":{"2":{"date_histogram":{"field":"@timestamp","time_zone":"Europe/Berlin","interval":"30s","offset":0,"order":{"_key":"asc"},"keyed":false,"min_doc_count":1}}},"highlight":{"pre_tags":["@kibana-highlighted-field@"],"post_tags":["@/kibana-highlighted-field@"],"fragment_size":2147483647,"fields":{"*":{}}}}], +[2018-06-29T09:01:01,827][INFO ][index.search.slowlog.fetch] [v_VJhjV] [metricbeat-6.3.0-2018.06.26][0] took[7.2ms], took_millis[7], total_hits[0], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[1], source[{"size":500,"query":{"match_none":{"boost":1.0}},"version":true,"_source":{"includes":[],"excludes":[]},"stored_fields":"*","docvalue_fields":["@timestamp","ceph.monitor_health.last_updated","docker.container.created","docker.healthcheck.event.end_date","docker.healthcheck.event.start_date","docker.image.created","kubernetes.container.start_time","kubernetes.event.metadata.timestamp.created","kubernetes.node.start_time","kubernetes.pod.start_time","kubernetes.system.start_time","mongodb.status.background_flushing.last_finished","mongodb.status.local_time","php_fpm.pool.start_time","postgresql.activity.backend_start","postgresql.activity.query_start","postgresql.activity.state_change","postgresql.activity.transaction_start","postgresql.bgwriter.stats_reset","postgresql.database.stats_reset","system.process.cpu.start_time"],"script_fields":{},"sort":[{"@timestamp":{"order":"desc","unmapped_type":"boolean"}}],"aggregations":{"2":{"date_histogram":{"field":"@timestamp","time_zone":"Europe/Berlin","interval":"30s","offset":0,"order":{"_key":"asc"},"keyed":false,"min_doc_count":1}}},"highlight":{"pre_tags":["@kibana-highlighted-field@"],"post_tags":["@/kibana-highlighted-field@"],"fragment_size":2147483647,"fields":{"*":{}}}}], diff --git a/filebeat/module/elasticsearch/slowlog/test/test.log-expected.json b/filebeat/module/elasticsearch/slowlog/test/test.log-expected.json new file mode 100644 index 00000000000..419a67c46b6 --- /dev/null +++ b/filebeat/module/elasticsearch/slowlog/test/test.log-expected.json @@ -0,0 +1,94 @@ +[ + { + "@timestamp": "2018-06-29T10:06:14,933", + "elasticsearch.slowlog.index_name": "metricbeat-6.3.0-2018.06.26", + "elasticsearch.slowlog.logger": "index.search.slowlog.query", + "elasticsearch.slowlog.loglevel": "INFO", + "elasticsearch.slowlog.node_name": "v_VJhjV", + "elasticsearch.slowlog.search_type": "QUERY_THEN_FETCH", + "elasticsearch.slowlog.shard_id": "0", + "elasticsearch.slowlog.source_query": "{\"query\":{\"match_all\":{\"boost\":1.0}}}", + "elasticsearch.slowlog.stats": "", + "elasticsearch.slowlog.took": "4.5ms", + "elasticsearch.slowlog.took_millis": 4, + "elasticsearch.slowlog.total_hits": 19435, + "elasticsearch.slowlog.total_shards": 1, + "elasticsearch.slowlog.types": "", + "fileset.module": "elasticsearch", + "fileset.name": "slowlog", + "input.type": "log", + "message": "[2018-06-29T10:06:14,933][INFO ][index.search.slowlog.query] [v_VJhjV] [metricbeat-6.3.0-2018.06.26][0] took[4.5ms], took_millis[4], total_hits[19435], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[1], source[{\"query\":{\"match_all\":{\"boost\":1.0}}}],", + "offset": 0, + "prospector.type": "log", + "service.name": "elasticsearch" + }, + { + "@timestamp": "2018-06-29T10:06:14,943", + "elasticsearch.slowlog.index_name": "metricbeat-6.3.0-2018.06.26", + "elasticsearch.slowlog.logger": "index.search.slowlog.fetch", + "elasticsearch.slowlog.loglevel": "INFO", + "elasticsearch.slowlog.node_name": "v_VJhjV", + "elasticsearch.slowlog.search_type": "QUERY_THEN_FETCH", + "elasticsearch.slowlog.shard_id": "0", + "elasticsearch.slowlog.source_query": "{\"query\":{\"match_all\":{\"boost\":1.0}}}", + "elasticsearch.slowlog.stats": "", + "elasticsearch.slowlog.took": "10.8ms", + "elasticsearch.slowlog.took_millis": 10, + "elasticsearch.slowlog.total_hits": 19435, + "elasticsearch.slowlog.total_shards": 1, + "elasticsearch.slowlog.types": "", + "fileset.module": "elasticsearch", + "fileset.name": "slowlog", + "input.type": "log", + "message": "[2018-06-29T10:06:14,943][INFO ][index.search.slowlog.fetch] [v_VJhjV] [metricbeat-6.3.0-2018.06.26][0] took[10.8ms], took_millis[10], total_hits[19435], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[1], source[{\"query\":{\"match_all\":{\"boost\":1.0}}}],", + "offset": 265, + "prospector.type": "log", + "service.name": "elasticsearch" + }, + { + "@timestamp": "2018-06-29T09:01:01,821", + "elasticsearch.slowlog.index_name": "metricbeat-6.3.0-2018.06.26", + "elasticsearch.slowlog.logger": "index.search.slowlog.query", + "elasticsearch.slowlog.loglevel": "INFO", + "elasticsearch.slowlog.node_name": "v_VJhjV", + "elasticsearch.slowlog.search_type": "QUERY_THEN_FETCH", + "elasticsearch.slowlog.shard_id": "0", + "elasticsearch.slowlog.source_query": "{\"size\":500,\"query\":{\"match_none\":{\"boost\":1.0}},\"version\":true,\"_source\":{\"includes\":[],\"excludes\":[]},\"stored_fields\":\"*\",\"docvalue_fields\":[\"@timestamp\",\"ceph.monitor_health.last_updated\",\"docker.container.created\",\"docker.healthcheck.event.end_date\",\"docker.healthcheck.event.start_date\",\"docker.image.created\",\"kubernetes.container.start_time\",\"kubernetes.event.metadata.timestamp.created\",\"kubernetes.node.start_time\",\"kubernetes.pod.start_time\",\"kubernetes.system.start_time\",\"mongodb.status.background_flushing.last_finished\",\"mongodb.status.local_time\",\"php_fpm.pool.start_time\",\"postgresql.activity.backend_start\",\"postgresql.activity.query_start\",\"postgresql.activity.state_change\",\"postgresql.activity.transaction_start\",\"postgresql.bgwriter.stats_reset\",\"postgresql.database.stats_reset\",\"system.process.cpu.start_time\"],\"script_fields\":{},\"sort\":[{\"@timestamp\":{\"order\":\"desc\",\"unmapped_type\":\"boolean\"}}],\"aggregations\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"time_zone\":\"Europe/Berlin\",\"interval\":\"30s\",\"offset\":0,\"order\":{\"_key\":\"asc\"},\"keyed\":false,\"min_doc_count\":1}}},\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fragment_size\":2147483647,\"fields\":{\"*\":{}}}}", + "elasticsearch.slowlog.stats": "", + "elasticsearch.slowlog.took": "124.3ms", + "elasticsearch.slowlog.took_millis": 124, + "elasticsearch.slowlog.total_hits": 0, + "elasticsearch.slowlog.total_shards": 1, + "elasticsearch.slowlog.types": "", + "fileset.module": "elasticsearch", + "fileset.name": "slowlog", + "input.type": "log", + "message": "[2018-06-29T09:01:01,821][INFO ][index.search.slowlog.query] [v_VJhjV] [metricbeat-6.3.0-2018.06.26][0] took[124.3ms], took_millis[124], total_hits[0], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[1], source[{\"size\":500,\"query\":{\"match_none\":{\"boost\":1.0}},\"version\":true,\"_source\":{\"includes\":[],\"excludes\":[]},\"stored_fields\":\"*\",\"docvalue_fields\":[\"@timestamp\",\"ceph.monitor_health.last_updated\",\"docker.container.created\",\"docker.healthcheck.event.end_date\",\"docker.healthcheck.event.start_date\",\"docker.image.created\",\"kubernetes.container.start_time\",\"kubernetes.event.metadata.timestamp.created\",\"kubernetes.node.start_time\",\"kubernetes.pod.start_time\",\"kubernetes.system.start_time\",\"mongodb.status.background_flushing.last_finished\",\"mongodb.status.local_time\",\"php_fpm.pool.start_time\",\"postgresql.activity.backend_start\",\"postgresql.activity.query_start\",\"postgresql.activity.state_change\",\"postgresql.activity.transaction_start\",\"postgresql.bgwriter.stats_reset\",\"postgresql.database.stats_reset\",\"system.process.cpu.start_time\"],\"script_fields\":{},\"sort\":[{\"@timestamp\":{\"order\":\"desc\",\"unmapped_type\":\"boolean\"}}],\"aggregations\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"time_zone\":\"Europe/Berlin\",\"interval\":\"30s\",\"offset\":0,\"order\":{\"_key\":\"asc\"},\"keyed\":false,\"min_doc_count\":1}}},\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fragment_size\":2147483647,\"fields\":{\"*\":{}}}}],", + "offset": 532, + "prospector.type": "log", + "service.name": "elasticsearch" + }, + { + "@timestamp": "2018-06-29T09:01:01,827", + "elasticsearch.slowlog.index_name": "metricbeat-6.3.0-2018.06.26", + "elasticsearch.slowlog.logger": "index.search.slowlog.fetch", + "elasticsearch.slowlog.loglevel": "INFO", + "elasticsearch.slowlog.node_name": "v_VJhjV", + "elasticsearch.slowlog.search_type": "QUERY_THEN_FETCH", + "elasticsearch.slowlog.shard_id": "0", + "elasticsearch.slowlog.source_query": "{\"size\":500,\"query\":{\"match_none\":{\"boost\":1.0}},\"version\":true,\"_source\":{\"includes\":[],\"excludes\":[]},\"stored_fields\":\"*\",\"docvalue_fields\":[\"@timestamp\",\"ceph.monitor_health.last_updated\",\"docker.container.created\",\"docker.healthcheck.event.end_date\",\"docker.healthcheck.event.start_date\",\"docker.image.created\",\"kubernetes.container.start_time\",\"kubernetes.event.metadata.timestamp.created\",\"kubernetes.node.start_time\",\"kubernetes.pod.start_time\",\"kubernetes.system.start_time\",\"mongodb.status.background_flushing.last_finished\",\"mongodb.status.local_time\",\"php_fpm.pool.start_time\",\"postgresql.activity.backend_start\",\"postgresql.activity.query_start\",\"postgresql.activity.state_change\",\"postgresql.activity.transaction_start\",\"postgresql.bgwriter.stats_reset\",\"postgresql.database.stats_reset\",\"system.process.cpu.start_time\"],\"script_fields\":{},\"sort\":[{\"@timestamp\":{\"order\":\"desc\",\"unmapped_type\":\"boolean\"}}],\"aggregations\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"time_zone\":\"Europe/Berlin\",\"interval\":\"30s\",\"offset\":0,\"order\":{\"_key\":\"asc\"},\"keyed\":false,\"min_doc_count\":1}}},\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fragment_size\":2147483647,\"fields\":{\"*\":{}}}}", + "elasticsearch.slowlog.stats": "", + "elasticsearch.slowlog.took": "7.2ms", + "elasticsearch.slowlog.took_millis": 7, + "elasticsearch.slowlog.total_hits": 0, + "elasticsearch.slowlog.total_shards": 1, + "elasticsearch.slowlog.types": "", + "fileset.module": "elasticsearch", + "fileset.name": "slowlog", + "input.type": "log", + "message": "[2018-06-29T09:01:01,827][INFO ][index.search.slowlog.fetch] [v_VJhjV] [metricbeat-6.3.0-2018.06.26][0] took[7.2ms], took_millis[7], total_hits[0], types[], stats[], search_type[QUERY_THEN_FETCH], total_shards[1], source[{\"size\":500,\"query\":{\"match_none\":{\"boost\":1.0}},\"version\":true,\"_source\":{\"includes\":[],\"excludes\":[]},\"stored_fields\":\"*\",\"docvalue_fields\":[\"@timestamp\",\"ceph.monitor_health.last_updated\",\"docker.container.created\",\"docker.healthcheck.event.end_date\",\"docker.healthcheck.event.start_date\",\"docker.image.created\",\"kubernetes.container.start_time\",\"kubernetes.event.metadata.timestamp.created\",\"kubernetes.node.start_time\",\"kubernetes.pod.start_time\",\"kubernetes.system.start_time\",\"mongodb.status.background_flushing.last_finished\",\"mongodb.status.local_time\",\"php_fpm.pool.start_time\",\"postgresql.activity.backend_start\",\"postgresql.activity.query_start\",\"postgresql.activity.state_change\",\"postgresql.activity.transaction_start\",\"postgresql.bgwriter.stats_reset\",\"postgresql.database.stats_reset\",\"system.process.cpu.start_time\"],\"script_fields\":{},\"sort\":[{\"@timestamp\":{\"order\":\"desc\",\"unmapped_type\":\"boolean\"}}],\"aggregations\":{\"2\":{\"date_histogram\":{\"field\":\"@timestamp\",\"time_zone\":\"Europe/Berlin\",\"interval\":\"30s\",\"offset\":0,\"order\":{\"_key\":\"asc\"},\"keyed\":false,\"min_doc_count\":1}}},\"highlight\":{\"pre_tags\":[\"@kibana-highlighted-field@\"],\"post_tags\":[\"@/kibana-highlighted-field@\"],\"fragment_size\":2147483647,\"fields\":{\"*\":{}}}}],", + "offset": 1999, + "prospector.type": "log", + "service.name": "elasticsearch" + } +] \ No newline at end of file diff --git a/filebeat/modules.d/elasticsearch.yml.disabled b/filebeat/modules.d/elasticsearch.yml.disabled index 98942fa5404..af0d2fdcfc0 100644 --- a/filebeat/modules.d/elasticsearch.yml.disabled +++ b/filebeat/modules.d/elasticsearch.yml.disabled @@ -18,3 +18,9 @@ # Set custom paths for the log files. If left empty, # Filebeat will choose the paths depending on your OS. #var.paths: + + slowlog: + enabled: true + # Set custom paths for the log files. If left empty, + # Filebeat will choose the paths depending on your OS. + #var.paths: