Anyone using execbeat?

allenmchan · March 1, 2016, 5:13am

Been testing execbeat but cannot get it to behave.

It is running
[achan@lmc001.scl execbeat]$ ps -ef | grep -i execbeat
root 29786 15760 0 21:03 pts/0 00:00:00 sudo ./execbeat -c /etc/execbeat/execbeat.yml
root 29791 29786 0 21:03 pts/0 00:00:00 ./execbeat -c /etc/execbeat/execbeat.yml

but nothing is happening. No logs, nothing output to ES
Basically i want to send the output of rpm -qa for ES to index for software auditing purposes

execbeat:

execs:
# Each - Commands to execute.
-
# Optional cron expression, defines when to execute the command.
# Default is every 1 minute.
cron: "@every 10m"

The command to execute by Execbeat
  command: rpm

Optional arguments to be passed to the command to execute
  args: -qa

allenmchan · March 1, 2016, 6:07am

nevermind. i found the issue. The lack of logging was suspicious but ended up being the fact that i forgot to load the ES template

Topic		Replies	Views
Execbeat is not outputting ps -ef\|grep Beats	5	2655	July 5, 2017
[ANNOUNCEMENT] Execbeat 3.0.0 released Community Ecosystem	1	1113	July 5, 2017
[ANNOUNCEMENT] Execbeat 1.0.0 released Community Ecosystem	1	1500	July 5, 2017
[ANNOUNCEMENT] Execbeat 3.0.1 released Community Ecosystem	1	1266	July 5, 2017
[ANNOUNCEMENT] Execbeat 3.2.0 released Community Ecosystem	1	1598	July 6, 2017

Anyone using execbeat?

The command to execute by Execbeat

Optional arguments to be passed to the command to execute

Related topics