diff --git a/CHANGELOG.next.asciidoc b/CHANGELOG.next.asciidoc index 462af8725a1..fcc150dec4d 100644 --- a/CHANGELOG.next.asciidoc +++ b/CHANGELOG.next.asciidoc @@ -111,6 +111,7 @@ https://github.com/elastic/beats/compare/v8.8.1\...main[Check the HEAD diff] - Fix CassandraConnectionClosures metric configuration {pull}34742[34742] - Fix event mapping implementation for statsd module {pull}36925[36925] - The region and availability_zone ecs fields nested within the cloud field. {pull}37015[37015] +- Fix CPU and memory metrics collection from privileged process on Windows {issue}17314[17314]{pull}37027[37027] *Osquerybeat* diff --git a/NOTICE.txt b/NOTICE.txt index ea5514da6eb..e651bc3488d 100644 --- a/NOTICE.txt +++ b/NOTICE.txt @@ -13026,11 +13026,11 @@ these terms. -------------------------------------------------------------------------------- Dependency : github.com/elastic/elastic-agent-system-metrics -Version: v0.7.0 +Version: v0.8.1 Licence type (autodetected): Apache-2.0 -------------------------------------------------------------------------------- -Contents of probable licence file $GOMODCACHE/github.com/elastic/elastic-agent-system-metrics@v0.7.0/LICENSE.txt: +Contents of probable licence file $GOMODCACHE/github.com/elastic/elastic-agent-system-metrics@v0.8.1/LICENSE.txt: Apache License Version 2.0, January 2004 diff --git a/go.mod b/go.mod index 55ef8b4acc5..91c1ba0f2a9 100644 --- a/go.mod +++ b/go.mod @@ -204,7 +204,7 @@ require ( github.com/elastic/elastic-agent-autodiscover v0.6.4 github.com/elastic/elastic-agent-libs v0.6.2 github.com/elastic/elastic-agent-shipper-client v0.5.1-0.20230228231646-f04347b666f3 - github.com/elastic/elastic-agent-system-metrics v0.7.0 + github.com/elastic/elastic-agent-system-metrics v0.8.1 github.com/elastic/go-elasticsearch/v8 v8.10.0 github.com/elastic/mito v1.6.0 github.com/elastic/toutoumomoma v0.0.0-20221026030040-594ef30cb640 diff --git a/go.sum b/go.sum index df5741e581b..96d4a3752ff 100644 --- a/go.sum +++ b/go.sum @@ -658,8 +658,8 @@ github.com/elastic/elastic-agent-libs v0.6.2 h1:tE5pFK4y7xm1FtXm+r+63G7STjJAaWh3 github.com/elastic/elastic-agent-libs v0.6.2/go.mod h1:o+EySawBZGeYu49shJxerg2wRCimS1dhrD4As0MS700= github.com/elastic/elastic-agent-shipper-client v0.5.1-0.20230228231646-f04347b666f3 h1:sb+25XJn/JcC9/VL8HX4r4QXSUq4uTNzGS2kxOE7u1U= github.com/elastic/elastic-agent-shipper-client v0.5.1-0.20230228231646-f04347b666f3/go.mod h1:rWarFM7qYxJKsi9WcV6ONcFjH/NA3niDNpTxO+8/GVI= -github.com/elastic/elastic-agent-system-metrics v0.7.0 h1:qDLY30UDforSd/TfHfqUDiiHSL6Nu6qLXHsKSxz4OuQ= -github.com/elastic/elastic-agent-system-metrics v0.7.0/go.mod h1:9C1UEfj0P687HAzZepHszN6zXA+2tN2Lx3Osvq1zby8= +github.com/elastic/elastic-agent-system-metrics v0.8.1 h1:eg6actuLeGJlIJFotHRdlAsz/3WhX2G8E0qI301IKBA= +github.com/elastic/elastic-agent-system-metrics v0.8.1/go.mod h1:9C1UEfj0P687HAzZepHszN6zXA+2tN2Lx3Osvq1zby8= github.com/elastic/elastic-transport-go/v8 v8.0.0-20230329154755-1a3c63de0db6/go.mod h1:87Tcz8IVNe6rVSLdBux1o/PEItLtyabHU3naC7IoqKI= github.com/elastic/elastic-transport-go/v8 v8.3.0 h1:DJGxovyQLXGr62e9nDMPSxRyWION0Bh6d9eCFBriiHo= github.com/elastic/elastic-transport-go/v8 v8.3.0/go.mod h1:87Tcz8IVNe6rVSLdBux1o/PEItLtyabHU3naC7IoqKI= diff --git a/metricbeat/module/system/test_system.py b/metricbeat/module/system/test_system.py index 039e7299a8a..9303920b897 100644 --- a/metricbeat/module/system/test_system.py +++ b/metricbeat/module/system/test_system.py @@ -111,8 +111,9 @@ # cmdline is also part of the system process fields, but it may not be present # for some kernel level processes. fd is also part of the system process, but # is not available on all OSes and requires root to read for all processes. +# num_threads may not be readable for some privileged process on Windows, # cgroup is only available on linux. -SYSTEM_PROCESS_FIELDS = ["cpu", "memory", "state", "num_threads"] +SYSTEM_PROCESS_FIELDS = ["cpu", "memory", "state"] class Test(metricbeat.BaseTest): @@ -420,6 +421,9 @@ def test_process(self): found_cmdline = False for evt in output: process = evt["system"]["process"] + # Not all process will have 'cmdline' due to permission issues, + # especially on Windows. Therefore we ensure at least some of + # them will have it. found_cmdline |= "cmdline" in process # Remove 'env' prior to checking documented fields because its keys are dynamic. @@ -430,11 +434,13 @@ def test_process(self): process.pop("cgroup", None) process.pop("fd", None) process.pop("cmdline", None) + process.pop("num_threads", None) self.assertCountEqual(SYSTEM_PROCESS_FIELDS, process.keys()) - - self.assertTrue( - found_cmdline, "cmdline not found in any process events") + # After iterating over all process, make sure at least one of them had + # the 'cmdline' set. + self.assertTrue( + found_cmdline, "cmdline not found in any process events") @unittest.skipUnless(re.match("(?i)linux|darwin|freebsd", sys.platform), "os") def test_process_unix(self): @@ -486,6 +492,7 @@ def test_process_unix(self): process.pop("cgroup", None) process.pop("cmdline", None) process.pop("fd", None) + process.pop("num_threads", None) self.assertCountEqual(SYSTEM_PROCESS_FIELDS, process.keys())