2023-03-02T15:31:55.130057464+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:31:55.129Z","message":"Non-zero metrics in the last 30s","component":{"binary":"filebeat","dataset":"elastic_agent.filebeat","id":"filestream-default","type":"filestream"},"log":{"source":"filestream-default"},"service.name":"filebeat","monitoring":{"ecs.version":"1.6.0","metrics":{"beat":{"cpu":{"system":{"ticks":240,"time":{"ms":20}},"total":{"ticks":1050,"time":{"ms":60},"value":1050},"user":{"ticks":810,"time":{"ms":40}}},"handles":{"limit":{"hard":1048576,"soft":1048576},"open":24},"info":{"ephemeral_id":"3779510e-bff1-4b6f-ac50-988650eb6fa4","uptime":{"ms":90059},"version":"8.6.2"},"memstats":{"gc_next":115307208,"memory_alloc":78528160,"memory_sys":4194304,"memory_total":232196104,"rss":207409152},"runtime":{"goroutines":546}},"filebeat":{"events":{"active":4104},"harvester":{"open_files":0,"running":0}},"libbeat":{"config":{"module":{"running":14}},"output":{"events":{"active":0}},"pipeline":{"clients":10,"events":{"active":4104}}},"registrar":{"states":{"current":0}},"system":{"load":{"1":1.33,"15":1.43,"5":1.34,"norm":{"1":0.665,"15":0.715,"5":0.67}}}}},"log.logger":"monitoring","log.origin":{"file.line":187,"file.name":"log/log.go"},"ecs.version":"1.6.0"}
2023-03-02T15:31:57.56932724+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:31:57.568Z","message":"add_cloud_metadata: hosting provider type not detected.","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"log.logger":"add_cloud_metadata","log.origin":{"file.line":102,"file.name":"add_cloud_metadata/add_cloud_metadata.go"},"service.name":"metricbeat","ecs.version":"1.6.0","ecs.version":"1.6.0"}
2023-03-02T15:31:57.664360193+01:00 stderr F {"log.level":"warn","@timestamp":"2023-03-02T14:31:57.663Z","message":"read token request for getting IMDSv2 token returns empty: Put \"http://169.254.169.254/latest/api/token\": context deadline exceeded (Client.Timeout exceeded while awaiting headers). No token in the metadata request will be used.","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"log.logger":"add_cloud_metadata","log.origin":{"file.line":81,"file.name":"add_cloud_metadata/provider_aws_ec2.go"},"service.name":"metricbeat","ecs.version":"1.6.0","ecs.version":"1.6.0"}
2023-03-02T15:31:57.667750671+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:31:57.665Z","message":"add_kubernetes_metadata: kubernetes env detected, with version: v1.26.0","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"log.origin":{"file.line":73,"file.name":"add_kubernetes_metadata/kubernetes.go"},"service.name":"metricbeat","ecs.version":"1.6.0","ecs.version":"1.6.0"}
2023-03-02T15:31:57.669393079+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:31:57.668Z","message":"kubernetes: Node kube-master discovered by NODE_NAME environment variable","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"log.logger":"kubernetes","log.origin":{"file.line":146,"file.name":"kubernetes/util.go"},"service.name":"metricbeat","libbeat.processor":"add_kubernetes_metadata","ecs.version":"1.6.0","ecs.version":"1.6.0"}
2023-03-02T15:31:58.347517355+01:00 stderr F {"log.level":"error","@timestamp":"2023-03-02T14:31:58.347Z","message":"W0302 14:31:58.347329 122200 reflector.go:324] k8s.io/client-go@v0.23.4/tools/cache/reflector.go:167: failed to list *v1.StorageClass: storageclasses.storage.k8s.io is forbidden: User \"system:serviceaccount:kube-system:elastic-agent\" cannot list resource \"storageclasses\" in API group \"storage.k8s.io\" at the cluster scope","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"ecs.version":"1.6.0"}
2023-03-02T15:31:58.347539176+01:00 stderr F {"log.level":"error","@timestamp":"2023-03-02T14:31:58.347Z","message":"E0302 14:31:58.347349 122200 reflector.go:138] k8s.io/client-go@v0.23.4/tools/cache/reflector.go:167: Failed to watch *v1.StorageClass: failed to list *v1.StorageClass: storageclasses.storage.k8s.io is forbidden: User \"system:serviceaccount:kube-system:elastic-agent\" cannot list resource \"storageclasses\" in API group \"storage.k8s.io\" at the cluster scope","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"ecs.version":"1.6.0"}
2023-03-02T15:31:59.758448282+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:31:59.758Z","message":"Non-zero metrics in the last 30s","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"service.name":"metricbeat","monitoring":{"ecs.version":"1.6.0","metrics":{"beat":{"cpu":{"system":{"ticks":210,"time":{"ms":90}},"total":{"ticks":1070,"time":{"ms":520},"value":1070},"user":{"ticks":860,"time":{"ms":430}}},"handles":{"limit":{"hard":1048576,"soft":1048576},"open":26},"info":{"ephemeral_id":"39c29aea-6ee8-4016-9d00-c57f842fe3f7","uptime":{"ms":60078},"version":"8.6.2"},"memstats":{"gc_next":72003128,"memory_alloc":35258432,"memory_sys":21561344,"memory_total":163202752,"rss":182067200},"runtime":{"goroutines":1092}},"libbeat":{"config":{"module":{"running":0,"starts":9}},"output":{"events":{"active":0}},"pipeline":{"clients":18,"events":{"active":415,"published":373,"retry":10,"total":374}}},"metricbeat":{"kubernetes":{"node":{"events":1,"success":1},"pod":{"events":2,"success":3},"proxy":{"events":18,"success":18},"state_daemonset":{"events":30,"success":30},"state_deployment":{"events":57,"success":57},"state_job":{"events":3,"success":3},"state_node":{"events":9,"success":9},"state_persistentvolume":{"events":6,"success":6},"state_persistentvolumeclaim":{"events":6,"success":6},"state_pod":{"events":148,"success":148},"state_service":{"events":54,"success":54},"state_statefulset":{"events":2,"success":2},"system":{"events":9,"success":9},"volume":{"events":30,"success":30}}},"system":{"load":{"1":1.3,"15":1.43,"5":1.33,"norm":{"1":0.65,"15":0.715,"5":0.665}}}}},"log.logger":"monitoring","log.origin":{"file.line":187,"file.name":"log/log.go"},"ecs.version":"1.6.0"}
2023-03-02T15:31:59.898367271+01:00 stderr F {"log.level":"error","@timestamp":"2023-03-02T14:31:59.897Z","message":"Failed to connect to backoff(elasticsearch(https://10.0.87.200:9200)): Get \"https://10.0.87.200:9200\": x509: certificate signed by unknown authority","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"log.logger":"publisher_pipeline_output","log.origin":{"file.line":150,"file.name":"pipeline/client_worker.go"},"service.name":"metricbeat","ecs.version":"1.6.0","ecs.version":"1.6.0"}
2023-03-02T15:31:59.898390704+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:31:59.897Z","message":"Attempting to reconnect to backoff(elasticsearch(https://10.0.87.200:9200)) with 5 reconnect attempt(s)","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"log.origin":{"file.line":141,"file.name":"pipeline/client_worker.go"},"service.name":"metricbeat","ecs.version":"1.6.0","log.logger":"publisher_pipeline_output","ecs.version":"1.6.0"}
2023-03-02T15:31:59.908486581+01:00 stderr F {"log.level":"error","@timestamp":"2023-03-02T14:31:59.908Z","message":"Error dialing x509: certificate signed by unknown authority","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"address":"10.0.87.200:9200","log.logger":"esclientleg","service.name":"metricbeat","network":"tcp","ecs.version":"1.6.0","log.origin":{"file.line":38,"file.name":"transport/logging.go"},"ecs.version":"1.6.0"}
2023-03-02T15:32:00.666139816+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:32:00.665Z","message":"add_cloud_metadata: hosting provider type not detected.","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"log.logger":"add_cloud_metadata","log.origin":{"file.line":102,"file.name":"add_cloud_metadata/add_cloud_metadata.go"},"service.name":"metricbeat","ecs.version":"1.6.0","ecs.version":"1.6.0"}
2023-03-02T15:32:00.674621176+01:00 stderr F {"log.level":"warn","@timestamp":"2023-03-02T14:32:00.672Z","message":"read token request for getting IMDSv2 token returns empty: Put \"http://169.254.169.254/latest/api/token\": context deadline exceeded (Client.Timeout exceeded while awaiting headers). No token in the metadata request will be used.","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"log.logger":"add_cloud_metadata","log.origin":{"file.line":81,"file.name":"add_cloud_metadata/provider_aws_ec2.go"},"service.name":"metricbeat","ecs.version":"1.6.0","ecs.version":"1.6.0"}
2023-03-02T15:32:00.678627063+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:32:00.676Z","message":"add_kubernetes_metadata: kubernetes env detected, with version: v1.26.0","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"log.origin":{"file.line":73,"file.name":"add_kubernetes_metadata/kubernetes.go"},"service.name":"metricbeat","ecs.version":"1.6.0","ecs.version":"1.6.0"}
2023-03-02T15:32:00.679242874+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:32:00.679Z","message":"kubernetes: Node kube-master discovered by NODE_NAME environment variable","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"kubernetes/metrics-default","type":"kubernetes/metrics"},"log":{"source":"kubernetes/metrics-default"},"log.origin":{"file.line":146,"file.name":"kubernetes/util.go"},"service.name":"metricbeat","libbeat.processor":"add_kubernetes_metadata","ecs.version":"1.6.0","log.logger":"kubernetes","ecs.version":"1.6.0"}
2023-03-02T15:32:01.073736918+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:32:01.073Z","message":"Non-zero metrics in the last 30s","component":{"binary":"filebeat","dataset":"elastic_agent.filebeat","id":"filestream-monitoring","type":"filestream"},"log":{"source":"filestream-monitoring"},"log.logger":"monitoring","log.origin":{"file.line":187,"file.name":"log/log.go"},"service.name":"filebeat","monitoring":{"ecs.version":"1.6.0","metrics":{"beat":{"cpu":{"system":{"ticks":730},"total":{"ticks":3440,"value":3440},"user":{"ticks":2710}},"handles":{"limit":{"hard":1048576,"soft":1048576},"open":19},"info":{"ephemeral_id":"3caa2974-0891-48da-8750-de28a8b74d8e","uptime":{"ms":5550056},"version":"8.6.2"},"memstats":{"gc_next":78652616,"memory_alloc":39544696,"memory_total":284397232,"rss":172777472},"runtime":{"goroutines":77}},"filebeat":{"events":{"active":4105},"harvester":{"open_files":0,"running":0}},"libbeat":{"config":{"module":{"running":1}},"output":{"events":{"active":0}},"pipeline":{"clients":8,"events":{"active":4105}}},"registrar":{"states":{"current":0}},"system":{"load":{"1":1.28,"15":1.43,"5":1.32,"norm":{"1":0.64,"15":0.715,"5":0.66}}}}},"ecs.version":"1.6.0"}
2023-03-02T15:32:01.164064321+01:00 stderr F {"log.level":"error","@timestamp":"2023-03-02T14:32:01.163Z","message":"Failed to connect to backoff(elasticsearch(https://10.0.87.200:9200)): Get \"https://10.0.87.200:9200\": x509: certificate signed by unknown authority","component":{"binary":"filebeat","dataset":"elastic_agent.filebeat","id":"filestream-default","type":"filestream"},"log":{"source":"filestream-default"},"service.name":"filebeat","ecs.version":"1.6.0","log.logger":"publisher_pipeline_output","log.origin":{"file.line":150,"file.name":"pipeline/client_worker.go"},"ecs.version":"1.6.0"}
2023-03-02T15:32:01.164103696+01:00 stderr F {"log.level":"info","@timestamp":"2023-03-02T14:32:01.163Z","message":"Attempting to reconnect to backoff(elasticsearch(https://10.0.87.200:9200)) with 6 reconnect attempt(s)","component":{"binary":"filebeat","dataset":"elastic_agent.filebeat","id":"filestream-default","type":"filestream"},"log":{"source":"filestream-default"},"service.name":"filebeat","ecs.version":"1.6.0","log.logger":"publisher_pipeline_output","log.origin":{"file.line":141,"file.name":"pipeline/client_worker.go"},"ecs.version":"1.6.0"}
2023-03-02T15:32:01.174090748+01:00 stderr F {"log.level":"error","@timestamp":"2023-03-02T14:32:01.173Z","message":"Error dialing x509: certificate signed by unknown authority","component":{"binary":"filebeat","dataset":"elastic_agent.filebeat","id":"filestream-default","type":"filestream"},"log":{"source":"filestream-default"},"log.logger":"esclientleg","log.origin":{"file.line":38,"file.name":"transport/logging.go"},"service.name":"filebeat","network":"tcp","address":"10.0.87.200:9200","ecs.version":"1.6.0","ecs.version":"1.6.0"}