Anyone using execbeat?

allenmchan · March 1, 2016, 5:13am

Been testing execbeat but cannot get it to behave.

It is running
[achan@lmc001.scl execbeat]$ ps -ef | grep -i execbeat
root 29786 15760 0 21:03 pts/0 00:00:00 sudo ./execbeat -c /etc/execbeat/execbeat.yml
root 29791 29786 0 21:03 pts/0 00:00:00 ./execbeat -c /etc/execbeat/execbeat.yml

but nothing is happening. No logs, nothing output to ES
Basically i want to send the output of rpm -qa for ES to index for software auditing purposes

execbeat:

execs:
# Each - Commands to execute.
-
# Optional cron expression, defines when to execute the command.
# Default is every 1 minute.
cron: "@every 10m"

The command to execute by Execbeat
  command: rpm

Optional arguments to be passed to the command to execute
  args: -qa

allenmchan · March 1, 2016, 6:07am

nevermind. i found the issue. The lack of logging was suspicious but ended up being the fact that i forgot to load the ES template

Topic		Replies	Views
Execbeat is not outputting ps -ef\|grep Beats	5	2655	July 5, 2017
[ANNOUNCEMENT] Execbeat 2.2.0 released Community Ecosystem	1	1067	July 5, 2017
[ANNOUNCEMENT] Execbeat 3.3.0 released Community Ecosystem	1	1510	June 23, 2020
Filebeat exec Beats filebeat	14	1504	April 5, 2017
How can i get from Execbeat if a script successfully executed Beats	2	1520	November 12, 2018

Anyone using execbeat?

The command to execute by Execbeat

Optional arguments to be passed to the command to execute

Related Topics