This functionality is experimental and may be changed or removed completely in a
future release. Elastic will take a best effort approach to fix any issues, but
experimental features are not subject to the support SLA of official GA
features.
Add Host metadata
editAdd Host metadata
editThis functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.
processors: - add_host_metadata: netinfo.enabled: false
It has the following settings:
-
netinfo.enabled
- (Optional) Default false. Include IP addresses and MAC addresses as fields host.ip and host.mac
The add_host_metadata
processor annotates each event with relevant metadata from the host machine.
The fields added to the event are looking as following:
{ "host":{ "architecture":"x86_64", "name":"example-host", "id":"", "os":{ "family":"darwin", "build":"16G1212", "platform":"darwin", "version":"10.12.6" }, "ip": ["192.168.0.1", "10.0.0.1"], "mac": ["00:25:96:12:34:56", "72:00:06:ff:79:f1"] } }
The host information is refreshed every 5 minutes.