nixpkgs-suyu/pkgs/misc/logging/beats/7.x.nix
Thomas Gerbet f29911cd75 elk7: 7.17.9 -> 7.17.10
Fixes CVE-2023-31413, CVE-2023-26486 and CVE-2023-26487.

https://discuss.elastic.co/t/elastic-stack-8-7-0-7-17-10-security-updates/332327

The non official analysis-lemmagen plugin has not yet been released for ES 7.17.10.
It is marked as broken in the meantime.
2023-05-20 00:33:51 +02:00

59 lines
2 KiB
Nix

{ lib, fetchFromGitHub, elk7Version, buildGoModule, libpcap, nixosTests, systemd, config }:
let beat = package: extraArgs: buildGoModule (rec {
pname = package;
version = elk7Version;
src = fetchFromGitHub {
owner = "elastic";
repo = "beats";
rev = "v${version}";
hash = "sha256-Quq32/3NeGhrsy17GrIeBiB3LGQuMFTFl3lAyyU6GZM=";
};
vendorHash = "sha256-UJjwCRxY1rrymroBqC/SfCVM9vmnQOtLlS3OONih3kM=";
subPackages = [ package ];
meta = with lib; {
homepage = "https://www.elastic.co/products/beats";
license = licenses.asl20;
maintainers = with maintainers; [ fadenb basvandijk dfithian ];
platforms = platforms.linux;
};
} // extraArgs);
in
rec {
filebeat7 = beat "filebeat" {
meta.description = "Lightweight shipper for logfiles";
buildInputs = [ systemd ];
tags = [ "withjournald" ];
postFixup = ''
patchelf --set-rpath ${lib.makeLibraryPath [ (lib.getLib systemd) ]} "$out/bin/filebeat"
'';
};
heartbeat7 = beat "heartbeat" { meta.description = "Lightweight shipper for uptime monitoring"; };
metricbeat7 = beat "metricbeat" {
meta.description = "Lightweight shipper for metrics";
passthru.tests =
lib.optionalAttrs config.allowUnfree (
assert metricbeat7.drvPath == nixosTests.elk.unfree.ELK-7.elkPackages.metricbeat.drvPath;
{
elk = nixosTests.elk.unfree.ELK-7;
}
);
};
packetbeat7 = beat "packetbeat" {
buildInputs = [ libpcap ];
meta.description = "Network packet analyzer that ships data to Elasticsearch";
meta.longDescription = ''
Packetbeat is an open source network packet analyzer that ships the
data to Elasticsearch.
Think of it like a distributed real-time Wireshark with a lot more
analytics features. The Packetbeat shippers sniff the traffic between
your application processes, parse on the fly protocols like HTTP, MySQL,
PostgreSQL, Redis or Thrift and correlate the messages into transactions.
'';
};
}