This functionality is in beta and is subject to change. The design and
code is considered to be less mature than official GA features. Elastic will
take a best effort approach to fix any issues, but beta features are not
subject to the support SLA of official GA features.
Add Host metadata
editAdd Host metadata
editThis functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.
The add_host_metadata
processor annotates each event with relevant metadata from the host machine.
The fields added to the event are looking as following:
{ "host":{ "architecture":"x86_64", "name":"example-host", "id":"", "os":{ "family":"darwin", "build":"16G1212", "platform":"darwin", "version":"10.12.6" }, "ip": ["192.168.0.1", "10.0.0.1"], "mac": ["00:25:96:12:34:56", "72:00:06:ff:79:f1"] } }
The host information is refreshed every 5 minutes.