Hi everyone!!!
I'm trying to use metricbeat in order to check system processes status, but i can't understand how to configure metricbeat.yml.
I'm working on a linux system.
This is my actual config:
metricbeat.modules:
- module: system
metricsets:
- process # Per process metrics
enabled: true
period: 10s
processes: ['.*']
process.cgroups.enabled: true
setup.dashboards.enabled: true
output.logstash:
hosts: ['logstash:5044']
ssl.certificate_authorities:
- /cert/MyRootCA.pem
ssl.certificate: "/cert/metricbeat.pem"
ssl.key: "/cert/metricbeat-key.pem"
As for my docker-compose.yml
metricbeat:
image: docker.elastic.co/beats/metricbeat:7.1.1
container_name: metricbeat
volumes:
- /proc:/hostfs/proc:ro
- /sys/fs/cgroup:/hostfs/sys/fs/cgroup:ro
- /:/hostfs:ro
- /var/run/docker.sock:/var/run/docker.sock:ro
- ./metricbeat/metricbeat.yml:/usr/share/metricbeat/metricbeat.yml
- ./cert/metricbeat.pem:/cert/metricbeat.pem:ro
- ./cert/metricbeat-key.pem:/cert/metricbeat-key.pem:ro
- ./cert/MyRootCA.pem:/cert/MyRootCA.pem:ro
networks:
- esnet
depends_on:
- logstash
user: root
When i access on kibana i can see metricbeats logs but it seems like it's monitoring itself .. if i search for running system.process.state.keyword i can only see this value: /usr/share/metricbeat/metricbeat
What is happening? Can anyone help?
Thank you,
EF