mirror of
https://github.com/elastic/kibana.git
synced 2025-04-24 09:48:58 -04:00
# Backport This will backport the following commits from `main` to `8.3`: - [Updated tracks tutorial to support Agent (#143414)](https://github.com/elastic/kibana/pull/143414) <!--- Backport version: 8.9.7 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"James Garside","email":"james@jgarside.co.uk"},"sourceCommit":{"committedDate":"2022-11-16T21:15:55Z","message":"Updated tracks tutorial to support Agent (#143414)\n\n* Updated for Human readable dataview names\r\n\r\n* Updated tutorial to support Elastic Agent","sha":"b589297beef876dc84469c7fe328a3849e46d7cb","branchLabelMapping":{"^v8.7.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["[Deprecated-Use Team:Presentation]Team:Geo","release_note:skip","docs","v8.3.0","v8.4.0","v8.5.0","v8.7.0"],"number":143414,"url":"https://github.com/elastic/kibana/pull/143414","mergeCommit":{"message":"Updated tracks tutorial to support Agent (#143414)\n\n* Updated for Human readable dataview names\r\n\r\n* Updated tutorial to support Elastic Agent","sha":"b589297beef876dc84469c7fe328a3849e46d7cb"}},"sourceBranch":"main","suggestedTargetBranches":["8.3","8.4","8.5"],"targetPullRequestStates":[{"branch":"8.3","label":"v8.3.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.4","label":"v8.4.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.5","label":"v8.5.0","labelRegex":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v8.7.0","labelRegex":"^v8.7.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/143414","number":143414,"mergeCommit":{"message":"Updated tracks tutorial to support Agent (#143414)\n\n* Updated for Human readable dataview names\r\n\r\n* Updated tutorial to support Elastic Agent","sha":"b589297beef876dc84469c7fe328a3849e46d7cb"}}]}] BACKPORT--> Co-authored-by: James Garside <james@jgarside.co.uk>
This commit is contained in:
Kibana Machine
GitHub
parent
de73491491
commit
a4aad95aa5
1 changed files with 28 additions and 36 deletions
|
|
@ -8,7 +8,7 @@ In this tutorial, you’ll look at live urban transit data from the city of Port
|
|||
|
||||
You’ll learn to:
|
||||
|
||||
- Use {filebeat} to ingest the TriMet REST API into Elasticsearch.
|
||||
- Use {agent} to ingest the TriMet REST API into {es}.
|
||||
- Create a map with layers that visualize asset tracks and last-known locations.
|
||||
- Use symbols and colors to style data values and show which direction an asset is heading.
|
||||
- Set up tracking containment alerts to monitor moving vehicles.
|
||||
|
|
@ -23,11 +23,11 @@ image::maps/images/asset-tracking-tutorial/construction_zones.png[]
|
|||
|
||||
- If you don’t already have {kib}, set it up with https://www.elastic.co/cloud/elasticsearch-service/signup?baymax=docs-body&elektra=docs[our free trial]. Download the deployment credentials.
|
||||
- Obtain an API key for https://developer.trimet.org/[TriMet web services] at https://developer.trimet.org/appid/registration/.
|
||||
- https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-installation-configuration.html[Install Filebeat].
|
||||
- {fleet-guide}/fleet-overview.html[Fleet] is enabled on your cluster, and one or more {fleet-guide}/elastic-agent-installation.html[{agent}s] is enrolled.
|
||||
|
||||
[float]
|
||||
=== Part 1: Ingest the Portland bus data
|
||||
To get to the fun of visualizing and alerting on Portland buses, you must first create a {filebeat} input to ingest the TriMet Portland bus data into {es}.
|
||||
To get to the fun of visualizing and alerting on Portland buses, you must first add the *Custom API* integration to an Elastic Agent policy to get the TriMet Portland bus data into {es}.
|
||||
|
||||
[float]
|
||||
==== Step 1: Set up an Elasticsearch index
|
||||
|
|
@ -270,47 +270,39 @@ PUT _ingest/pipeline/tri_met_tracks
|
|||
----------------------------------
|
||||
|
||||
[float]
|
||||
==== Step 2: Start {filebeat}
|
||||
==== Step 2: Configure {agent}
|
||||
|
||||
. Replace the contents in your `filebeat.yml` file with the following:
|
||||
. From the {kib} main menu, click *Fleet*, then the *Agent policies* tab.
|
||||
|
||||
. Click the name of the agent policy where you want to add the *Custom API* integration. The configuration changes you make only apply to the policy you select.
|
||||
|
||||
. Click the name of the *Custom API* integration, or add the integration if the agent policy does not yet have it.
|
||||
|
||||
. From the *Edit Custom API integration* page, expand the *Change defaults* section.
|
||||
|
||||
. Set the *Dataset name* to *httpjson.trimet*.
|
||||
|
||||
. Set the *Ingest Pipeline* to *tri_met_pipeline*.
|
||||
|
||||
. Set the *Request URL* to *https://developer.trimet.org/ws/v2/vehicles?appID=<tri_met_app_id>*.
|
||||
|
||||
. Set *Response Split* to *target: body.resultSet.vehicle*.
|
||||
|
||||
. At the bottom of the configuration, expand *Advanced options*.
|
||||
|
||||
. Set *Processors* to:
|
||||
+
|
||||
[source,yaml]
|
||||
----------------------------------
|
||||
filebeat.inputs:
|
||||
# Fetch trimet bus data every minute.
|
||||
- type: httpjson
|
||||
interval: 1m
|
||||
request.url: "https://developer.trimet.org/ws/v2/vehicles?appID=<tri_met_app_id>"
|
||||
response.split:
|
||||
target: body.resultSet.vehicle
|
||||
processors:
|
||||
- decode_json_fields:
|
||||
fields: ["message"]
|
||||
target: "trimet"
|
||||
|
||||
pipeline: "tri_met_tracks"
|
||||
|
||||
|
||||
# ---------------------------- Elastic Cloud Output ----------------------------
|
||||
cloud.id: <cloud_id>
|
||||
cloud.auth: <username:password>
|
||||
|
||||
- decode_json_fields:
|
||||
fields: ["message"]
|
||||
target: "trimet"
|
||||
----------------------------------
|
||||
|
||||
. Replace `<tri_met_app_id>` with your TriMet application id.
|
||||
. Replace `<username:password>` with your Elastic Cloud deployment credentials.
|
||||
. Replace `<cloud_id>` with your {ece}/ece-cloud-id.html[elastic cloud id].
|
||||
. Open a terminal window, and then navigate to the {filebeat} folder.
|
||||
. In your `filebeat` folder, run {filebeat} with the edited config:
|
||||
+
|
||||
[source,bash]
|
||||
----------------------------------
|
||||
/bin/filebeat -c filebeat.yml
|
||||
----------------------------------
|
||||
. Leave everything else as defaults.
|
||||
|
||||
. Wait for {filebeat} to start shipping data to Elastic Cloud. {filebeat} should not produce any output to stdout.
|
||||
. Click *Save integration* to deploy the configuration to any {agent} with the policy assigned.
|
||||
|
||||
. Leave the terminal window open and {filebeat} running throughout this tutorial.
|
||||
|
||||
[float]
|
||||
==== Step 3: Create a data view for the tri_met_tracks {es} index
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue