The company IT wants to reduce the number of agents.
So is there any way to put the fuctions of winlogbeat and filebeat together?
Thanks!
If you modify their source code you can do anything, but otherwise no. The whole point of Beats is that they're lightweight shippers with very few dependencies.
1 Like
@xiaozhuqq48 It was requested by others in the past to have all the beats in one binary. Can you share some more details on why your IT wants to reduce the number of agents?
1 Like
hi, because there are already a few agents of different kinds on the computer , like security, update, or other monitors( zabbix, nagios).
It's hard for operation team to maintain the agent assets management, if the product environment has thousands of computers.
Sometimes it will prolong the debug process of the product failure, because the environment seems to be complicated, and the operations of agents will take more time.
So when it comes to a single scene, like log collection, the operation team hope it's one agent to solve all the log collection problem.
By assets do you refer to config files? So 1 binary with 2 config files would not work in your case? As far as I understand number of processes is not a concern. The reason I ask all these questions is for us to better understand what the problems are.
For the management of the servers: I assume your team uses something like puppet / chef / ... to deploy the servers? Did you build your own module(s) for filebeat?
No ,the company is traditional, and not big. So we are running without puppet / chef /... and i'm a little unfamiliar with building our own modules. could you give me some hint like blog to show how to build a beat with filebeat and winlogbeat?
No ,the company is traditional, and not big. So we are running without puppet / chef /...
Everyone should be running a configuration management system like Puppet or Chef. It's not something just for the big and non-traditional companies. Building and maintaining a special beat with the functionalities of both Winlogbeat and Filebeat is a lot of work. I strongly advise you against it.
and i'm a little unfamiliar with building our own modules. could you give me some hint like blog to show how to build a beat with filebeat and winlogbeat?
https://www.elastic.co/guide/en/beats/libbeat/current/new-beat.html
Thanks.