I know it's very old, but for various legacy purposes we still have a few old Windows Server 2008 in the back of our data center, running on their last breath, meanwhile we want to monitoring a legacy App's log files, only our ES cluster is currently at 8.12.2, and attempting to use filebeat or metricbeat v.8.12.2 we get the error that kernel32.dll does support PssCaptureSnapShot. tried with monitoring disabled, but using multiline in filebeat.
So any change of using older beat version might work for this?
According to the support matrix we've tried v.7.17.22 with the same result though.
...
{"log.level":"info","@timestamp":"2024-07-02T08:33:58.741+0200","log.logger":"crawler","log.origin":{"function":"github.com/elastic/beats/v7/filebeat/beater.(*crawler).Start","file.name":"beater/crawler.go","file.line":106},"message":"Loading and starting Inputs completed. Enabled inputs: 2","service.name":"filebeat","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2024-07-02T08:33:58.741+0200","log.origin":{"function":"github.com/elastic/beats/v7/libbeat/cfgfile.(*Reloader).Run","file.name":"cfgfile/reload.go","file.line":163},"message":"Config reloader started","service.name":"filebeat","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2024-07-02T08:33:58.741+0200","log.origin":{"function":"github.com/elastic/beats/v7/libbeat/cfgfile.(*Reloader).Run","file.name":"cfgfile/reload.go","file.line":223},"message":"Loading of config files completed.","service.name":"filebeat","ecs.version":"1.6.0"}
{"log.level":"info","@timestamp":"2024-07-02T08:34:28.765+0200","log.logger":"monitoring","log.origin":{"function":"runtime.gopanic","file.name":"runtime/panic.go","file.line":884},"message":"Stopping metrics logging.","service.name":"filebeat","ecs.version":"1.6.0"}
panic: Failed to find PssCaptureSnapshot procedure in kernel32.dll: The specified procedure could not be found.
panic: Failed to find PssCaptureSnapshot procedure in kernel32.dll: The specified procedure could not be found.
goroutine 99 [running]:
golang.org/x/sys/windows.(*LazyProc).mustFind(...)
golang.org/x/sys@v0.15.0/windows/dll_windows.go:325
golang.org/x/sys/windows.(*LazyProc).Addr(...)
golang.org/x/sys@v0.15.0/windows/dll_windows.go:333
github.com/elastic/elastic-agent-system-metrics/metric/system/process.PssCaptureSnapshot(0x400?, 0x80, 0x0, 0x103?)
github.com/elastic/elastic-agent-system-metrics@v0.9.1/metric/system/process/zsyscall_windows.go:66 +0xf0
github.com/elastic/elastic-agent-system-metrics/metric/system/process.FetchNumThreads(0x292c)
github.com/elastic/elastic-agent-system-metrics@v0.9.1/metric/system/process/process_windows.go:102 +0x27b
github.com/elastic/elastic-agent-system-metrics/metric/system/process.FillMetricsRequiringMoreAccess(_, {{0xc000615b63, 0x10}, {0x471f4e8, 0x7}, {0xc00060a0d8, 0x13}, {0x1, 0x292c}, {0x1, ...}, ...})
github.com/elastic/elastic-agent-system-metrics@v0.9.1/metric/system/process/process_windows.go:163 +0x6b
github.com/elastic/elastic-agent-system-metrics/metric/system/process.(*Stats).pidFill(_, _, _)
github.com/elastic/elastic-agent-system-metrics@v0.9.1/metric/system/process/process.go:265 +0x6e5
github.com/elastic/elastic-agent-system-metrics/metric/system/process.(*Stats).GetSelf(_)
github.com/elastic/elastic-agent-system-metrics@v0.9.1/metric/system/process/process.go:158 +0x8e
github.com/elastic/elastic-agent-system-metrics/report.MemStatsReporter.func1(0x1, {0x4f9c018, 0xc000596540})
github.com/elastic/elastic-agent-system-metrics@v0.9.1/report/report.go:52 +0x1e5
github.com/elastic/elastic-agent-libs/monitoring.(*Func).Visit(0xc000e83b18?, 0xe2?, {0x4f9c018?, 0xc000596540?})
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/metrics.go:258 +0x2e
github.com/elastic/elastic-agent-libs/monitoring.(*Registry).doVisit(0xc0003f3a80, 0x1, {0x4f9c018, 0xc000596540})
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/registry.go:83 +0x1c3
github.com/elastic/elastic-agent-libs/monitoring.(*Registry).Visit(0xc000e83c28?, 0x23?, {0x4f9c018?, 0xc000596540?})
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/registry.go:65 +0x25
github.com/elastic/elastic-agent-libs/monitoring.(*Registry).doVisit(0xc0000a7000, 0x1, {0x4f9c018, 0xc000596540})
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/registry.go:83 +0x1c3
github.com/elastic/elastic-agent-libs/monitoring.(*Registry).Visit(...)
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/registry.go:65
github.com/elastic/elastic-agent-libs/monitoring.CollectFlatSnapshot(0x2a?, 0x2b?, 0x0)
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/snapshot.go:63 +0x109
github.com/elastic/beats/v7/libbeat/monitoring/report/log.makeSnapshot(...)
github.com/elastic/beats/v7/libbeat/monitoring/report/log/log.go:201
github.com/elastic/beats/v7/libbeat/monitoring/report/log.(*reporter).snapshotLoop.func1()
github.com/elastic/beats/v7/libbeat/monitoring/report/log/log.go:150 +0x113
panic({0x40f4880, 0xc0005996e0})
runtime/panic.go:884 +0x213
golang.org/x/sys/windows.(*LazyProc).mustFind(...)
golang.org/x/sys@v0.15.0/windows/dll_windows.go:325
golang.org/x/sys/windows.(*LazyProc).Addr(...)
golang.org/x/sys@v0.15.0/windows/dll_windows.go:333
github.com/elastic/elastic-agent-system-metrics/metric/system/process.PssCaptureSnapshot(0x400?, 0x80, 0x0, 0x103?)
github.com/elastic/elastic-agent-system-metrics@v0.9.1/metric/system/process/zsyscall_windows.go:66 +0xf0
github.com/elastic/elastic-agent-system-metrics/metric/system/process.FetchNumThreads(0x292c)
github.com/elastic/elastic-agent-system-metrics@v0.9.1/metric/system/process/process_windows.go:102 +0x27b
github.com/elastic/elastic-agent-system-metrics/metric/system/process.FillMetricsRequiringMoreAccess(_, {{0xc00006f2f3, 0x10}, {0x471f4e8, 0x7}, {0xc00152b398, 0x13}, {0x1, 0x292c}, {0x1, ...}, ...})
github.com/elastic/elastic-agent-system-metrics@v0.9.1/metric/system/process/process_windows.go:163 +0x6b
github.com/elastic/elastic-agent-system-metrics/metric/system/process.(*Stats).pidFill(_, _, _)
github.com/elastic/elastic-agent-system-metrics@v0.9.1/metric/system/process/process.go:265 +0x6e5
github.com/elastic/elastic-agent-system-metrics/metric/system/process.(*Stats).GetSelf(_)
github.com/elastic/elastic-agent-system-metrics@v0.9.1/metric/system/process/process.go:158 +0x8e
github.com/elastic/elastic-agent-system-metrics/report.MemStatsReporter.func1(0x1, {0x4f9c018, 0xc00102e400})
github.com/elastic/elastic-agent-system-metrics@v0.9.1/report/report.go:52 +0x1e5
github.com/elastic/elastic-agent-libs/monitoring.(*Func).Visit(0xc001677748?, 0xe2?, {0x4f9c018?, 0xc00102e400?})
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/metrics.go:258 +0x2e
github.com/elastic/elastic-agent-libs/monitoring.(*Registry).doVisit(0xc0003f3a80, 0x1, {0x4f9c018, 0xc00102e400})
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/registry.go:83 +0x1c3
github.com/elastic/elastic-agent-libs/monitoring.(*Registry).Visit(0xc001677858?, 0x23?, {0x4f9c018?, 0xc00102e400?})
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/registry.go:65 +0x25
github.com/elastic/elastic-agent-libs/monitoring.(*Registry).doVisit(0xc0000a7000, 0x1, {0x4f9c018, 0xc00102e400})
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/registry.go:83 +0x1c3
github.com/elastic/elastic-agent-libs/monitoring.(*Registry).Visit(...)
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/registry.go:65
github.com/elastic/elastic-agent-libs/monitoring.CollectFlatSnapshot(0xc001677a38?, 0xd0?, 0x0)
github.com/elastic/elastic-agent-libs@v0.7.3/monitoring/snapshot.go:63 +0x109
github.com/elastic/beats/v7/libbeat/monitoring/report/log.makeSnapshot(...)
github.com/elastic/beats/v7/libbeat/monitoring/report/log/log.go:201
github.com/elastic/beats/v7/libbeat/monitoring/report/log.(*reporter).snapshotLoop(0xc00154c2d0)
github.com/elastic/beats/v7/libbeat/monitoring/report/log/log.go:169 +0x3b5
github.com/elastic/beats/v7/libbeat/monitoring/report/log.MakeReporter.func1()
github.com/elastic/beats/v7/libbeat/monitoring/report/log/log.go:134 +0x5a
created by github.com/elastic/beats/v7/libbeat/monitoring/report/log.MakeReporter
github.com/elastic/beats/v7/libbeat/monitoring/report/log/log.go:132 +0x310
TIA