Add Host metadata

edit

This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features.

processors:
- add_host_metadata:
    netinfo.enabled: false

It has the following settings:

netinfo.enabled
(Optional) Default false. Include IP addresses and MAC addresses as fields host.ip and host.mac

The add_host_metadata processor annotates each event with relevant metadata from the host machine. The fields added to the event are looking as following:

{
   "host":{
      "architecture":"x86_64",
      "name":"example-host",
      "id":"",
      "os":{
         "family":"darwin",
         "build":"16G1212",
         "platform":"darwin",
         "version":"10.12.6"
      },
      "ip": ["192.168.0.1", "10.0.0.1"],
      "mac": ["00:25:96:12:34:56", "72:00:06:ff:79:f1"]
   }
}

The host information is refreshed every 5 minutes.