Update docs

elastic · Jul 21, 2022 · 1ed712e · 1ed712e
1 parent 864e651
commit 1ed712e
Show file tree

Hide file tree

Showing 3 changed files with 120 additions and 1 deletion.
diff --git a/packages/gcp/changelog.yml b/packages/gcp/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.3.0"
+  changes:
+    - description: Add GCP Cutom Metricset
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/3794
 - version: "2.2.0"
   changes:
     - description: Remove fields duplicated in ECS fields

diff --git a/packages/gcp/docs/metrics.md b/packages/gcp/docs/metrics.md
@@ -0,0 +1,104 @@
+# Custom Metrics
+
+Create custom metrics queries for additional data besides the compute, storage, gke, loadbalancing... as shown [here](https://www.elastic.co/guide/en/beats/metricbeat/current/metricbeat-metricset-gcp-metrics.html).
+
+## Metrics
+
+This is the `metrics` dataset.
+
+An example event for `metrics` looks as following:
+
+```json
+{
+    "@timestamp": "2017-10-12T08:05:34.853Z",
+    "cloud": {
+        "account": {
+            "id": "elastic-observability",
+            "name": "elastic-observability"
+        },
+        "instance": {
+            "id": "4049989596327614796",
+            "name": "nchaulet-loadtest-horde-master"
+        },
+        "machine": {
+            "type": "n1-standard-8"
+        },
+        "provider": "gcp"
+    },
+    "cloud.availability_zone": "us-central1-a",
+    "cloud.region": "us-central1",
+    "event": {
+        "dataset": "gcp.metrics",
+        "duration": 115000,
+        "module": "gcp"
+    },
+    "gcp": {
+        "labels": {},
+        "metrics": {
+            "instance": {
+                "uptime_total": {
+                    "value": 791820
+                }
+            }
+        }
+    },
+    "host": {
+        "id": "4049989596327614796",
+        "name": "nchaulet-loadtest-horde-master"
+    },
+    "metricset": {
+        "name": "metrics",
+        "period": 10000
+    },
+    "service": {
+        "type": "gcp"
+    }
+}
+```
+
+**Exported fields**
+
+| Field | Description | Type |
+|---|---|---|
+| @timestamp | Event timestamp. | date |
+| cloud | Fields related to the cloud or infrastructure the events are coming from. | group |
+| cloud.account.id | The cloud account or organization id used to identify different entities in a multi-tenant environment. Examples: AWS account id, Google Cloud ORG Id, or other unique identifier. | keyword |
+| cloud.account.name | The cloud account name or alias used to identify different entities in a multi-tenant environment. Examples: AWS account name, Google Cloud ORG display name. | keyword |
+| cloud.availability_zone | Availability zone in which this host, resource, or service is located. | keyword |
+| cloud.image.id | Image ID for the cloud instance. | keyword |
+| cloud.instance.id | Instance ID of the host machine. | keyword |
+| cloud.instance.name | Instance name of the host machine. | keyword |
+| cloud.machine.type | Machine type of the host machine. | keyword |
+| cloud.project.id | Name of the project in Google Cloud. | keyword |
+| cloud.provider | Name of the cloud provider. Example values are aws, azure, gcp, or digitalocean. | keyword |
+| cloud.region | Region in which this host is running. | keyword |
+| container.id | Unique container id. | keyword |
+| container.image.name | Name of the image the container was built on. | keyword |
+| container.labels | Image labels. | object |
+| container.name | Container name. | keyword |
+| data_stream.dataset | Data stream dataset. | constant_keyword |
+| data_stream.namespace | Data stream namespace. | constant_keyword |
+| data_stream.type | Data stream type. | constant_keyword |
+| ecs.version | ECS version this event conforms to. `ecs.version` is a required field and must exist in all events. When querying across multiple indices -- which may conform to slightly different ECS versions -- this field lets integrations adjust to the schema version of the events. | keyword |
+| error | These fields can represent errors of any kind. Use them for errors that happen while fetching events or in cases where the event itself contains an error. | group |
+| error.message | Error message. | match_only_text |
+| event.dataset | Event dataset | constant_keyword |
+| event.module | Event module | constant_keyword |
+| host.architecture | Operating system architecture. | keyword |
+| host.containerized | If the host is a container. | boolean |
+| host.domain | Name of the domain of which the host is a member. For example, on Windows this could be the host's Active Directory domain or NetBIOS domain name. For Linux this could be the domain of the host's LDAP provider. | keyword |
+| host.hostname | Hostname of the host. It normally contains what the `hostname` command returns on the host machine. | keyword |
+| host.id | Unique host id. As hostname is not always unique, use values that are meaningful in your environment. Example: The current usage of `beat.name`. | keyword |
+| host.ip | Host ip addresses. | ip |
+| host.mac | Host mac addresses. | keyword |
+| host.name | Name of the host. It can contain what `hostname` returns on Unix systems, the fully qualified domain name, or a name specified by the user. The sender decides which value to use. | keyword |
+| host.os.build | OS build information. | keyword |
+| host.os.codename | OS codename, if any. | keyword |
+| host.os.family | OS family (such as redhat, debian, freebsd, windows). | keyword |
+| host.os.kernel | Operating system kernel version as a raw string. | keyword |
+| host.os.name | Operating system name, without the version. | keyword |
+| host.os.name.text | Multi-field of `host.os.name`. | text |
+| host.os.platform | Operating system platform (such centos, ubuntu, windows). | keyword |
+| host.os.version | Operating system version as a raw string. | keyword |
+| host.type | Type of host. For Cloud providers this can be the machine type like `t2.medium`. If vm, this could be the container, for example, or other information meaningful in your environment. | keyword |
+| service.type | The type of the service data is collected from. The type can be used to group and correlate logs and metrics from one service type. Example: If logs or metrics are collected from Elasticsearch, `service.type` would be `elasticsearch`. | keyword |
diff --git a/packages/gcp/manifest.yml b/packages/gcp/manifest.yml
@@ -1,6 +1,6 @@
 name: gcp
 title: Google Cloud Platform
-version: "2.2.0"
+version: "2.3.0"
 release: ga
 description: Collect logs from Google Cloud Platform with Elastic Agent.
 type: integration
@@ -133,5 +133,15 @@ policy_templates:
         title: Collect GCP Firestore Metrics
         description: Collect GCP Firestore Metrics
         input_group: metrics
+  - name: metrics
+    title: Google Cloud Platform (GCP) Custom metrics
+    description: Collect Custom metrics from Google Cloud Platform (GCP) with Elastic Agent
+    data_streams:
+      - metrics
+    inputs:
+      - type: gcp/metrics
+        title: Collect GCP Custom Metrics
+        description: Collect GCP Custom Metrics
+        input_group: metrics
 owner:
   github: elastic/security-external-integrations