API tools faq
paste
heydilip

Metricbeat-error

heydilip
Mar 6th, 2018
90
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 53.76 KB | None | 0 0
raw download clone embed print report
  1. "state": "running",
  2. "memory": {
  3. "size": 19501056,
  4. "rss": {
  5. "bytes": 23101440,
  6. "pct": 0.0013
  7. },
  8. "share": 0
  9. },
  10. "cpu": {
  11. "start_time": "2018-02-19T04:01:51.265Z",
  12. "total": {
  13. "norm": {
  14. "pct": 0
  15. },
  16. "pct": 0
  17. }
  18. },
  19. "ppid": 508
  20. }
  21. },
  22. "metricset": {
  23. "name": "process",
  24. "rtt": 93750,
  25. "module": "system"
  26. },
  27. "beat": {
  28. "name": "pon258",
  29. "hostname": "pon258",
  30. "version": "6.0.0"
  31. }
  32. }
  33. 2018/02/22 16:09:55.457465 processor.go:262: DBG Publish event: {
  34. "@timestamp": "2018-02-22T16:09:55.348Z",
  35. "@metadata": {
  36. "beat": "metricbeat",
  37. "type": "doc",
  38. "version": "6.0.0"
  39. },
  40. "system": {
  41. "process": {
  42. "pid": 752,
  43. "ppid": 556,
  44. "pgid": 0,
  45. "state": "running",
  46. "username": "NT AUTHORITY\\SYSTEM",
  47. "memory": {
  48. "size": 2949120,
  49. "rss": {
  50. "bytes": 5894144,
  51. "pct": 0.0003
  52. },
  53. "share": 0
  54. },
  55. "name": "vmacthlp.exe",
  56. "cpu": {
  57. "total": {
  58. "pct": 0,
  59. "norm": {
  60. "pct": 0
  61. }
  62. },
  63. "start_time": "2018-02-19T04:01:51.390Z"
  64. }
  65. }
  66. },
  67. "metricset": {
  68. "name": "process",
  69. "rtt": 93750,
  70. "module": "system"
  71. },
  72. "beat": {
  73. "hostname": "pon258",
  74. "version": "6.0.0",
  75. "name": "pon258"
  76. }
  77. }
  78. 2018/02/22 16:09:55.457465 processor.go:262: DBG Publish event: {
  79. "@timestamp": "2018-02-22T16:09:55.348Z",
  80. "@metadata": {
  81. "beat": "metricbeat",
  82. "type": "doc",
  83. "version": "6.0.0"
  84. },
  85. "metricset": {
  86. "rtt": 109375,
  87. "module": "system",
  88. "name": "process"
  89. },
  90. "beat": {
  91. "name": "pon258",
  92. "hostname": "pon258",
  93. "version": "6.0.0"
  94. },
  95. "system": {
  96. "process": {
  97. "username": "NT AUTHORITY\\SYSTEM",
  98. "pgid": 0,
  99. "name": "svchost.exe",
  100. "state": "running",
  101. "memory": {
  102. "size": 3149824,
  103. "rss": {
  104. "bytes": 6762496,
  105. "pct": 0.0004
  106. },
  107. "share": 0
  108. },
  109. "cpu": {
  110. "total": {
  111. "pct": 0,
  112. "norm": {
  113. "pct": 0
  114. }
  115. },
  116. "start_time": "2018-02-19T04:01:51.437Z"
  117. },
  118. "pid": 808,
  119. "ppid": 556
  120. }
  121. }
  122. }
  123. 2018/02/22 16:09:55.473090 processor.go:262: DBG Publish event: {
  124. "@timestamp": "2018-02-22T16:09:55.348Z",
  125. "@metadata": {
  126. "beat": "metricbeat",
  127. "type": "doc",
  128. "version": "6.0.0"
  129. },
  130. "system": {
  131. "process": {
  132. "cpu": {
  133. "total": {
  134. "pct": 0,
  135. "norm": {
  136. "pct": 0
  137. }
  138. },
  139. "start_time": "2018-02-19T04:01:51.640Z"
  140. },
  141. "pid": 908,
  142. "ppid": 556,
  143. "pgid": 0,
  144. "state": "running",
  145. "username": "NT AUTHORITY\\SYSTEM",
  146. "memory": {
  147. "size": 218714112,
  148. "rss": {
  149. "bytes": 235208704,
  150. "pct": 0.0137
  151. },
  152. "share": 0
  153. },
  154. "name": "svchost.exe"
  155. }
  156. },
  157. "metricset": {
  158. "module": "system",
  159. "name": "process",
  160. "rtt": 109375
  161. },
  162. "beat": {
  163. "hostname": "pon258",
  164. "version": "6.0.0",
  165. "name": "pon258"
  166. }
  167. }
  168. 2018/02/22 16:09:55.473090 processor.go:262: DBG Publish event: {
  169. "@timestamp": "2018-02-22T16:09:55.348Z",
  170. "@metadata": {
  171. "beat": "metricbeat",
  172. "type": "doc",
  173. "version": "6.0.0"
  174. },
  175. "system": {
  176. "process": {
  177. "memory": {
  178. "share": 0,
  179. "size": 11702272,
  180. "rss": {
  181. "bytes": 17047552,
  182. "pct": 0.001
  183. }
  184. },
  185. "username": "NT AUTHORITY\\SYSTEM",
  186. "cpu": {
  187. "total": {
  188. "pct": 0,
  189. "norm": {
  190. "pct": 0
  191. }
  192. },
  193. "start_time": "2018-02-19T04:01:57.796Z"
  194. },
  195. "pid": 1136,
  196. "ppid": 556,
  197. "pgid": 0,
  198. "name": "spoolsv.exe",
  199. "state": "running"
  200. }
  201. },
  202. "metricset": {
  203. "module": "system",
  204. "name": "process",
  205. "rtt": 109375
  206. },
  207. "beat": {
  208. "name": "pon258",
  209. "hostname": "pon258",
  210. "version": "6.0.0"
  211. }
  212. }
  213. 2018/02/22 16:09:55.473090 processor.go:262: DBG Publish event: {
  214. "@timestamp": "2018-02-22T16:09:55.348Z",
  215. "@metadata": {
  216. "beat": "metricbeat",
  217. "type": "doc",
  218. "version": "6.0.0"
  219. },
  220. "metricset": {
  221. "rtt": 125000,
  222. "module": "system",
  223. "name": "process"
  224. },
  225. "system": {
  226. "process": {
  227. "pgid": 0,
  228. "name": "VProSvc.exe",
  229. "state": "running",
  230. "ppid": 556,
  231. "username": "NT AUTHORITY\\SYSTEM",
  232. "memory": {
  233. "rss": {
  234. "bytes": 9662464,
  235. "pct": 0.0006
  236. },
  237. "share": 0,
  238. "size": 24129536
  239. },
  240. "cpu": {
  241. "total": {
  242. "pct": 0,
  243. "norm": {
  244. "pct": 0
  245. }
  246. },
  247. "start_time": "2018-02-19T04:01:57.937Z"
  248. },
  249. "pid": 1268
  250. }
  251. },
  252. "beat": {
  253. "version": "6.0.0",
  254. "name": "pon258",
  255. "hostname": "pon258"
  256. }
  257. }
  258. 2018/02/22 16:09:55.488715 processor.go:262: DBG Publish event: {
  259. "@timestamp": "2018-02-22T16:09:55.348Z",
  260. "@metadata": {
  261. "beat": "metricbeat",
  262. "type": "doc",
  263. "version": "6.0.0"
  264. },
  265. "system": {
  266. "process": {
  267. "pid": 4112,
  268. "pgid": 0,
  269. "name": "ChristiesAppraisalsManagement.exe",
  270. "username": "CHRISTIES\\crepp",
  271. "memory": {
  272. "size": 236867584,
  273. "rss": {
  274. "pct": 0.0154,
  275. "bytes": 265142272
  276. },
  277. "share": 0
  278. },
  279. "cpu": {
  280. "total": {
  281. "norm": {
  282. "pct": 0
  283. },
  284. "pct": 0
  285. },
  286. "start_time": "2018-02-22T09:33:52.815Z"
  287. },
  288. "state": "running",
  289. "ppid": 7280
  290. }
  291. },
  292. "metricset": {
  293. "module": "system",
  294. "name": "process",
  295. "rtt": 125000
  296. },
  297. "beat": {
  298. "name": "pon258",
  299. "hostname": "pon258",
  300. "version": "6.0.0"
  301. }
  302. }
  303. 2018/02/22 16:09:55.488715 processor.go:262: DBG Publish event: {
  304. "@timestamp": "2018-02-22T16:09:55.348Z",
  305. "@metadata": {
  306. "beat": "metricbeat",
  307. "type": "doc",
  308. "version": "6.0.0"
  309. },
  310. "system": {
  311. "process": {
  312. "username": "NT AUTHORITY\\SYSTEM",
  313. "cpu": {
  314. "start_time": "2018-02-19T04:31:56.782Z",
  315. "total": {
  316. "pct": 0,
  317. "norm": {
  318. "pct": 0
  319. }
  320. }
  321. },
  322. "pid": 3232,
  323. "pgid": 0,
  324. "name": "CcmExec.exe",
  325. "state": "running",
  326. "memory": {
  327. "share": 0,
  328. "size": 31961088,
  329. "rss": {
  330. "bytes": 59658240,
  331. "pct": 0.0035
  332. }
  333. },
  334. "ppid": 556
  335. }
  336. },
  337. "metricset": {
  338. "module": "system",
  339. "name": "process",
  340. "rtt": 125000
  341. },
  342. "beat": {
  343. "name": "pon258",
  344. "hostname": "pon258",
  345. "version": "6.0.0"
  346. }
  347. }
  348. 2018/02/22 16:09:55.488715 processor.go:262: DBG Publish event: {
  349. "@timestamp": "2018-02-22T16:09:55.348Z",
  350. "@metadata": {
  351. "beat": "metricbeat",
  352. "type": "doc",
  353. "version": "6.0.0"
  354. },
  355. "system": {
  356. "process": {
  357. "cpu": {
  358. "total": {
  359. "pct": 0,
  360. "norm": {
  361. "pct": 0
  362. }
  363. },
  364. "start_time": "2018-02-19T04:02:04.296Z"
  365. },
  366. "pid": 2488,
  367. "name": "beremote.exe",
  368. "username": "NT AUTHORITY\\SYSTEM",
  369. "memory": {
  370. "size": 37179392,
  371. "rss": {
  372. "pct": 0.0032,
  373. "bytes": 55414784
  374. },
  375. "share": 0
  376. },
  377. "ppid": 556,
  378. "pgid": 0,
  379. "state": "running"
  380. }
  381. },
  382. "metricset": {
  383. "module": "system",
  384. "name": "process",
  385. "rtt": 140625
  386. },
  387. "beat": {
  388. "version": "6.0.0",
  389. "name": "pon258",
  390. "hostname": "pon258"
  391. }
  392. }
  393. 2018/02/22 16:09:55.519965 processor.go:262: DBG Publish event: {
  394. "@timestamp": "2018-02-22T16:09:55.348Z",
  395. "@metadata": {
  396. "beat": "metricbeat",
  397. "type": "doc",
  398. "version": "6.0.0"
  399. },
  400. "beat": {
  401. "name": "pon258",
  402. "hostname": "pon258",
  403. "version": "6.0.0"
  404. },
  405. "system": {
  406. "process": {
  407. "ppid": 2860,
  408. "pgid": 0,
  409. "state": "running",
  410. "username": "NT AUTHORITY\\NETWORK SERVICE",
  411. "memory": {
  412. "share": 0,
  413. "size": 46141440,
  414. "rss": {
  415. "bytes": 53858304,
  416. "pct": 0.0031
  417. }
  418. },
  419. "cpu": {
  420. "total": {
  421. "pct": 0,
  422. "norm": {
  423. "pct": 0
  424. }
  425. },
  426. "start_time": "2018-02-22T16:07:52.863Z"
  427. },
  428. "pid": 788,
  429. "name": "w3wp.exe"
  430. }
  431. },
  432. "metricset": {
  433. "module": "system",
  434. "name": "process",
  435. "rtt": 140625
  436. }
  437. }
  438. 2018/02/22 16:09:55.535590 processor.go:262: DBG Publish event: {
  439. "@timestamp": "2018-02-22T16:09:55.348Z",
  440. "@metadata": {
  441. "beat": "metricbeat",
  442. "type": "doc",
  443. "version": "6.0.0"
  444. },
  445. "system": {
  446. "process": {
  447. "cpu": {
  448. "total": {
  449. "pct": 0,
  450. "norm": {
  451. "pct": 0
  452. }
  453. },
  454. "start_time": "2018-02-19T04:02:02.781Z"
  455. },
  456. "ppid": 556,
  457. "pgid": 0,
  458. "state": "running",
  459. "username": "NT AUTHORITY\\SYSTEM",
  460. "name": "vmware-converter-a.exe",
  461. "memory": {
  462. "size": 32411648,
  463. "rss": {
  464. "pct": 0.0026,
  465. "bytes": 45416448
  466. },
  467. "share": 0
  468. },
  469. "pid": 2320
  470. }
  471. },
  472. "metricset": {
  473. "rtt": 140625,
  474. "module": "system",
  475. "name": "process"
  476. },
  477. "beat": {
  478. "name": "pon258",
  479. "hostname": "pon258",
  480. "version": "6.0.0"
  481. }
  482. }
  483. 2018/02/22 16:09:55.535590 processor.go:262: DBG Publish event: {
  484. "@timestamp": "2018-02-22T16:09:55.348Z",
  485. "@metadata": {
  486. "beat": "metricbeat",
  487. "type": "doc",
  488. "version": "6.0.0"
  489. },
  490. "system": {
  491. "process": {
  492. "memory": {
  493. "size": 60563456,
  494. "rss": {
  495. "bytes": 37138432,
  496. "pct": 0.0022
  497. },
  498. "share": 0
  499. },
  500. "pid": 1552,
  501. "name": "HealthService.exe",
  502. "state": "running",
  503. "username": "NT AUTHORITY\\SYSTEM",
  504. "cpu": {
  505. "total": {
  506. "pct": 0,
  507. "norm": {
  508. "pct": 0
  509. }
  510. },
  511. "start_time": "2018-02-19T04:01:59.078Z"
  512. },
  513. "ppid": 556,
  514. "pgid": 0
  515. }
  516. },
  517. "metricset": {
  518. "module": "system",
  519. "name": "process",
  520. "rtt": 171875
  521. },
  522. "beat": {
  523. "name": "pon258",
  524. "hostname": "pon258",
  525. "version": "6.0.0"
  526. }
  527. }
  528. 2018/02/22 16:09:55.535590 processor.go:262: DBG Publish event: {
  529. "@timestamp": "2018-02-22T16:09:55.348Z",
  530. "@metadata": {
  531. "beat": "metricbeat",
  532. "type": "doc",
  533. "version": "6.0.0"
  534. },
  535. "system": {
  536. "process": {
  537. "state": "running",
  538. "username": "NT AUTHORITY\\SYSTEM",
  539. "memory": {
  540. "rss": {
  541. "bytes": 36696064,
  542. "pct": 0.0021
  543. },
  544. "share": 0,
  545. "size": 92635136
  546. },
  547. "pid": 1920,
  548. "ppid": 556,
  549. "pgid": 0,
  550. "name": "metricbeat.exe",
  551. "cpu": {
  552. "total": {
  553. "norm": {
  554. "pct": 0
  555. },
  556. "pct": 0
  557. },
  558. "start_time": "2018-02-19T04:01:59.218Z"
  559. }
  560. }
  561. },
  562. "metricset": {
  563. "module": "system",
  564. "name": "process",
  565. "rtt": 187500
  566. },
  567. "beat": {
  568. "name": "pon258",
  569. "hostname": "pon258",
  570. "version": "6.0.0"
  571. }
  572. }
  573. 2018/02/22 16:09:55.551215 processor.go:262: DBG Publish event: {
  574. "@timestamp": "2018-02-22T16:09:55.348Z",
  575. "@metadata": {
  576. "beat": "metricbeat",
  577. "type": "doc",
  578. "version": "6.0.0"
  579. },
  580. "system": {
  581. "process": {
  582. "ppid": 9060,
  583. "username": "CHRISTIES\\ynilajkar",
  584. "memory": {
  585. "size": 90963968,
  586. "rss": {
  587. "bytes": 31174656,
  588. "pct": 0.0018
  589. },
  590. "share": 0
  591. },
  592. "cpu": {
  593. "total": {
  594. "pct": 0,
  595. "norm": {
  596. "pct": 0
  597. }
  598. },
  599. "start_time": "2018-02-22T16:08:45.316Z"
  600. },
  601. "pid": 7092,
  602. "pgid": 0,
  603. "name": "metricbeat.exe",
  604. "state": "running"
  605. }
  606. },
  607. "metricset": {
  608. "rtt": 187500,
  609. "module": "system",
  610. "name": "process"
  611. },
  612. "beat": {
  613. "name": "pon258",
  614. "hostname": "pon258",
  615. "version": "6.0.0"
  616. }
  617. }
  618. 2018/02/22 16:09:55.723090 async.go:143: DBG 20 events out of 20 events sent to logstash. Continue sending
  619. 2018/02/22 16:09:55.801215 logger.go:29: DBG ackloop: receive ack [3: 0, 20]
  620. 2018/02/22 16:09:55.801215 logger.go:29: DBG broker ACK events: count=20, start-seq=5, end-seq=24
  621. 2018/02/22 16:09:55.801215 logger.go:18: DBG ackloop: return ack to broker loop:20
  622. 2018/02/22 16:09:55.801215 logger.go:18: DBG ackloop: done send ack
  623. 2018/02/22 16:10:16.457465 metrics.go:39: INFO Non-zero metrics in the last 30s: beat.memstats.gc_next=7345472 beat.memstats.memory_alloc=3691024 beat.memstats.memory_total=11669192 libbeat.config.module.running=2 libbeat.config.module.starts=2 libbeat.config.reloads=1 libbeat.output.events.acked=26
  624. libbeat.output.events.batches=4 libbeat.output.events.total=26 libbeat.output.read.bytes=24 libbeat.output.write.bytes=3257 libbeat.pipeline.clients=2 libbeat.pipeline.events.active=0 libbeat.pipeline.events.published=26 libbeat.pipeline.events.retry=2 libbeat.pipeline.events.total=26 libbeat.pipel
  625. ine.queue.acked=26 metricbeat.system.cpu.events=1 metricbeat.system.cpu.success=1 metricbeat.system.diskio.events=1 metricbeat.system.diskio.success=1 metricbeat.system.filesystem.events=1 metricbeat.system.filesystem.success=1 metricbeat.system.fsstat.events=1 metricbeat.system.fsstat.success=1 met
  626. ricbeat.system.memory.events=1 metricbeat.system.memory.success=1 metricbeat.system.network.events=2 metricbeat.system.network.success=2 metricbeat.system.process.events=18 metricbeat.system.process.success=18 metricbeat.system.process_summary.events=1 metricbeat.system.process_summary.success=1
  627. 2018/02/22 16:10:46.457465 metrics.go:39: INFO Non-zero metrics in the last 30s: beat.memstats.gc_next=7345472 beat.memstats.memory_alloc=3735152 beat.memstats.memory_total=11713320 libbeat.config.module.running=2 libbeat.pipeline.clients=2 libbeat.pipeline.events.active=0
  628. 2018/02/22 16:10:46.519965 reload.go:152: DBG Scan for new config files
  629. 2018/02/22 16:10:46.519965 cfgfile.go:143: DBG Load config from file: C:\metricbeat\modules.d\system.yml
  630. 2018/02/22 16:10:46.519965 reload.go:171: DBG Number of module configs found: 2
  631. 2018/02/22 16:10:46.519965 reload.go:199: DBG Remove module from stoplist: 10310018093630389728
  632. 2018/02/22 16:10:46.519965 reload.go:199: DBG Remove module from stoplist: 17766349570693032427
  633. 2018/02/22 16:11:16.457465 metrics.go:39: INFO Non-zero metrics in the last 30s: beat.memstats.gc_next=7345472 beat.memstats.memory_alloc=3810320 beat.memstats.memory_total=11788488 libbeat.config.module.running=2 libbeat.config.reloads=1 libbeat.pipeline.clients=2 libbeat.pipeline.events.active=0
  634. 2018/02/22 16:11:46.457465 metrics.go:39: INFO Non-zero metrics in the last 30s: beat.memstats.gc_next=7345472 beat.memstats.memory_alloc=3819728 beat.memstats.memory_total=11797896 libbeat.config.module.running=2 libbeat.pipeline.clients=2 libbeat.pipeline.events.active=0
  635. 2018/02/22 16:11:46.519965 reload.go:152: DBG Scan for new config files
  636. 2018/02/22 16:11:46.519965 cfgfile.go:143: DBG Load config from file: C:\metricbeat\modules.d\system.yml
  637. 2018/02/22 16:11:46.519965 reload.go:171: DBG Number of module configs found: 2
  638. 2018/02/22 16:11:46.519965 reload.go:199: DBG Remove module from stoplist: 10310018093630389728
  639. 2018/02/22 16:11:46.519965 reload.go:199: DBG Remove module from stoplist: 17766349570693032427
  640. 2018/02/22 16:11:51.519965 filesystem.go:57: DBG error getting filesystem stats for 'A:\': GetDiskFreeSpaceEx failed: The device is not ready.
  641. 2018/02/22 16:11:51.519965 filesystem.go:57: DBG error getting filesystem stats for 'D:\': GetDiskFreeSpaceEx failed: The device is not ready.
  642. 2018/02/22 16:11:51.519965 processor.go:262: DBG Publish event: {
  643. "@timestamp": "2018-02-22T16:11:50.519Z",
  644. "@metadata": {
  645. "beat": "metricbeat",
  646. "type": "doc",
  647. "version": "6.0.0"
  648. },
  649. "metricset": {
  650. "rtt": 1000000,
  651. "module": "system",
  652. "name": "filesystem"
  653. },
  654. "system": {
  655. "filesystem": {
  656. "type": "fixed",
  657. "free": 95943278592,
  658. "available": 95943278592,
  659. "total": 146682146816,
  660. "files": 0,
  661. "free_files": 0,
  662. "used": {
  663. "pct": 0.3459,
  664. "bytes": 50738868224
  665. },
  666. "mount_point": "C:\\",
  667. "device_name": "C:\\"
  668. }
  669. },
  670. "beat": {
  671. "name": "pon258",
  672. "hostname": "pon258",
  673. "version": "6.0.0"
  674. }
  675. }
  676. 2018/02/22 16:11:51.519965 fsstat.go:61: DBG error fetching filesystem stats for 'A:\': GetDiskFreeSpaceEx failed: The device is not ready.
  677. 2018/02/22 16:11:51.519965 fsstat.go:64: DBG filesystem: C:\ total=146682146816, used=50738868224, free=95943278592
  678. 2018/02/22 16:11:51.519965 fsstat.go:61: DBG error fetching filesystem stats for 'D:\': GetDiskFreeSpaceEx failed: The device is not ready.
  679. 2018/02/22 16:11:51.519965 processor.go:262: DBG Publish event: {
  680. "@timestamp": "2018-02-22T16:11:50.519Z",
  681. "@metadata": {
  682. "beat": "metricbeat",
  683. "type": "doc",
  684. "version": "6.0.0"
  685. },
  686. "system": {
  687. "fsstat": {
  688. "total_files": 0,
  689. "total_size": {
  690. "used": 50738868224,
  691. "total": 146682146816,
  692. "free": 95943278592
  693. },
  694. "count": 1
  695. }
  696. },
  697. "metricset": {
  698. "rtt": 1000000,
  699. "module": "system",
  700. "name": "fsstat"
  701. },
  702. "beat": {
  703. "name": "pon258",
  704. "hostname": "pon258",
  705. "version": "6.0.0"
  706. }
  707. }
  708. 2018/02/22 16:11:51.613715 processor.go:262: DBG Publish event: {
  709. "@timestamp": "2018-02-22T16:11:51.613Z",
  710. "@metadata": {
  711. "beat": "metricbeat",
  712. "type": "doc",
  713. "version": "6.0.0"
  714. },
  715. "system": {
  716. "memory": {
  717. "total": 17179041792,
  718. "used": {
  719. "pct": 0.1866,
  720. "bytes": 3205341184
  721. },
  722. "free": 13973700608,
  723. "actual": {
  724. "free": 13973700608,
  725. "used": {
  726. "bytes": 3205341184,
  727. "pct": 0.1866
  728. }
  729. },
  730. "swap": {
  731. "total": 42306588672,
  732. "used": {
  733. "bytes": 2630193152,
  734. "pct": 0.0622
  735. },
  736. "free": 39676395520
  737. }
  738. }
  739. },
  740. "metricset": {
  741. "module": "system",
  742. "name": "memory"
  743. },
  744. "beat": {
  745. "name": "pon258",
  746. "hostname": "pon258",
  747. "version": "6.0.0"
  748. }
  749. }
  750. 2018/02/22 16:11:52.160590 processor.go:262: DBG Publish event: {
  751. "@timestamp": "2018-02-22T16:11:52.129Z",
  752. "@metadata": {
  753. "beat": "metricbeat",
  754. "type": "doc",
  755. "version": "6.0.0"
  756. },
  757. "system": {
  758. "diskio": {
  759. "io": {
  760. "time": 0
  761. },
  762. "name": "C:",
  763. "read": {
  764. "count": 0,
  765. "time": 0,
  766. "bytes": 0
  767. },
  768. "write": {
  769. "bytes": 0,
  770. "count": 0,
  771. "time": 0
  772. }
  773. }
  774. },
  775. "metricset": {
  776. "rtt": 31250,
  777. "module": "system",
  778. "name": "diskio"
  779. },
  780. "beat": {
  781. "name": "pon258",
  782. "hostname": "pon258",
  783. "version": "6.0.0"
  784. }
  785. }
  786. 2018/02/22 16:11:52.519965 async.go:143: DBG 4 events out of 4 events sent to logstash. Continue sending
  787. 2018/02/22 16:11:52.598090 logger.go:29: DBG ackloop: receive ack [4: 0, 4]
  788. 2018/02/22 16:11:52.598090 logger.go:29: DBG broker ACK events: count=2, start-seq=25, end-seq=26
  789. 2018/02/22 16:11:52.598090 logger.go:29: DBG broker ACK events: count=2, start-seq=3, end-seq=4
  790. 2018/02/22 16:11:52.598090 logger.go:18: DBG ackloop: return ack to broker loop:4
  791. 2018/02/22 16:11:52.598090 logger.go:18: DBG ackloop: done send ack
  792. 2018/02/22 16:11:52.973090 processor.go:262: DBG Publish event: {
  793. "@timestamp": "2018-02-22T16:11:52.973Z",
  794. "@metadata": {
  795. "beat": "metricbeat",
  796. "type": "doc",
  797. "version": "6.0.0"
  798. },
  799. "system": {
  800. "network": {
  801. "out": {
  802. "errors": 0,
  803. "dropped": 0,
  804. "packets": 29649506,
  805. "bytes": 481574526
  806. },
  807. "name": "Local Area Connection 3",
  808. "in": {
  809. "errors": 0,
  810. "dropped": 0,
  811. "bytes": 2504200646,
  812. "packets": 41463734
  813. }
  814. }
  815. },
  816. "metricset": {
  817. "module": "system",
  818. "name": "network"
  819. },
  820. "beat": {
  821. "name": "pon258",
  822. "hostname": "pon258",
  823. "version": "6.0.0"
  824. }
  825. }
  826. 2018/02/22 16:11:52.973090 processor.go:262: DBG Publish event: {
  827. "@timestamp": "2018-02-22T16:11:52.973Z",
  828. "@metadata": {
  829. "beat": "metricbeat",
  830. "type": "doc",
  831. "version": "6.0.0"
  832. },
  833. "system": {
  834. "network": {
  835. "name": "MS TCP Loopback interface",
  836. "in": {
  837. "bytes": 456166,
  838. "packets": 4636,
  839. "errors": 0,
  840. "dropped": 0
  841. },
  842. "out": {
  843. "errors": 0,
  844. "dropped": 0,
  845. "packets": 4636,
  846. "bytes": 456166
  847. }
  848. }
  849. },
  850. "metricset": {
  851. "module": "system",
  852. "name": "network"
  853. },
  854. "beat": {
  855. "name": "pon258",
  856. "hostname": "pon258",
  857. "version": "6.0.0"
  858. }
  859. }
  860. 2018/02/22 16:11:53.988715 async.go:143: DBG 2 events out of 2 events sent to logstash. Continue sending
  861. 2018/02/22 16:11:54.051215 logger.go:29: DBG ackloop: receive ack [5: 0, 2]
  862. 2018/02/22 16:11:54.051215 logger.go:29: DBG broker ACK events: count=2, start-seq=27, end-seq=28
  863. 2018/02/22 16:11:54.051215 logger.go:18: DBG ackloop: return ack to broker loop:2
  864. 2018/02/22 16:11:54.051215 logger.go:18: DBG ackloop: done send ack
  865. 2018/02/22 16:11:54.723090 processor.go:262: DBG Publish event: {
  866. "@timestamp": "2018-02-22T16:11:54.723Z",
  867. "@metadata": {
  868. "beat": "metricbeat",
  869. "type": "doc",
  870. "version": "6.0.0"
  871. },
  872. "system": {
  873. "cpu": {
  874. "steal": {
  875. "pct": 0
  876. },
  877. "user": {
  878. "pct": 0.1245
  879. },
  880. "cores": 4,
  881. "softirq": {
  882. "pct": 0
  883. },
  884. "total": {
  885. "pct": 0.331
  886. },
  887. "idle": {
  888. "pct": 3.669
  889. },
  890. "irq": {
  891. "pct": 0
  892. },
  893. "nice": {
  894. "pct": 0
  895. },
  896. "system": {
  897. "pct": 0.2064
  898. },
  899. "iowait": {
  900. "pct": 0
  901. }
  902. }
  903. },
  904. "metricset": {
  905. "module": "system",
  906. "name": "cpu"
  907. },
  908. "beat": {
  909. "name": "pon258",
  910. "hostname": "pon258",
  911. "version": "6.0.0"
  912. }
  913. }
  914. 2018/02/22 16:11:55.285590 processor.go:262: DBG Publish event: {
  915. "@timestamp": "2018-02-22T16:11:55.238Z",
  916. "@metadata": {
  917. "beat": "metricbeat",
  918. "type": "doc",
  919. "version": "6.0.0"
  920. },
  921. "metricset": {
  922. "namespace": "process.summary",
  923. "module": "system",
  924. "name": "process_summary",
  925. "rtt": 46875
  926. },
  927. "system": {
  928. "process": {
  929. "summary": {
  930. "stopped": 0,
  931. "zombie": 0,
  932. "unknown": 63,
  933. "total": 137,
  934. "sleeping": 0,
  935. "running": 74,
  936. "idle": 0
  937. }
  938. }
  939. },
  940. "beat": {
  941. "hostname": "pon258",
  942. "version": "6.0.0",
  943. "name": "pon258"
  944. }
  945. }
  946. 2018/02/22 16:11:55.551215 helper.go:371: DBG Skip process pid=0: error getting process state for pid=0: getProcName failed: OpenProcess failed for pid=0: The parameter is incorrect.; getProcStatus failed: OpenProcess failed for pid=0: The parameter is incorrect.; getParentPid failed: OpenProcess fa
  947. iled for pid=0: The parameter is incorrect.; getProcCredName failed: OpenProcess failed for pid=0: The parameter is incorrect.
  948. 2018/02/22 16:11:55.551215 helper.go:371: DBG Skip process pid=4: error getting process state for pid=4: getProcName failed: GetProcessImageFileName failed for pid=4: GetProcessImageFileName failed: invalid argument; getProcCredName failed: OpenProcessToken failed for pid=4: Access is denied.
  949. 2018/02/22 16:11:55.551215 helper.go:371: DBG Skip process pid=864: error getting process state for pid=864: getProcCredName failed: OpenProcessToken failed for pid=864: Access is denied.
  950. 2018/02/22 16:11:55.551215 helper.go:371: DBG Skip process pid=952: error getting process state for pid=952: getProcCredName failed: OpenProcessToken failed for pid=952: Access is denied.
  951. 2018/02/22 16:11:55.551215 helper.go:371: DBG Skip process pid=992: error getting process state for pid=992: getProcCredName failed: OpenProcessToken failed for pid=992: Access is denied.
  952. 2018/02/22 16:11:55.551215 helper.go:371: DBG Skip process pid=1176: error getting process state for pid=1176: getProcCredName failed: OpenProcessToken failed for pid=1176: Access is denied.
  953. 2018/02/22 16:11:55.551215 helper.go:371: DBG Skip process pid=1360: error getting process state for pid=1360: getProcCredName failed: OpenProcessToken failed for pid=1360: Access is denied.
  954. 2018/02/22 16:11:55.551215 helper.go:371: DBG Skip process pid=1396: error getting process state for pid=1396: getProcCredName failed: OpenProcessToken failed for pid=1396: Access is denied.
  955. 2018/02/22 16:11:55.551215 helper.go:371: DBG Skip process pid=1492: error getting process state for pid=1492: getProcCredName failed: OpenProcessToken failed for pid=1492: Access is denied.
  956. 2018/02/22 16:11:55.551215 helper.go:371: DBG Skip process pid=2100: error getting process state for pid=2100: getProcCredName failed: OpenProcessToken failed for pid=2100: Access is denied.
  957. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=2628: error getting process state for pid=2628: getProcCredName failed: OpenProcessToken failed for pid=2628: Access is denied.
  958. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=2648: error getting process state for pid=2648: getProcCredName failed: OpenProcessToken failed for pid=2648: Access is denied.
  959. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=2676: error getting process state for pid=2676: getProcCredName failed: OpenProcessToken failed for pid=2676: Access is denied.
  960. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=2712: error getting process state for pid=2712: getProcCredName failed: OpenProcessToken failed for pid=2712: Access is denied.
  961. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=2736: error getting process state for pid=2736: getProcCredName failed: OpenProcessToken failed for pid=2736: Access is denied.
  962. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=688: error getting process state for pid=688: getProcCredName failed: OpenProcessToken failed for pid=688: Access is denied.
  963. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=3140: error getting process state for pid=3140: getProcCredName failed: OpenProcessToken failed for pid=3140: Access is denied.
  964. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=3552: error getting process state for pid=3552: getProcCredName failed: OpenProcessToken failed for pid=3552: Access is denied.
  965. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=3856: error getting process state for pid=3856: getProcCredName failed: OpenProcessToken failed for pid=3856: Access is denied.
  966. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=4448: error getting process state for pid=4448: getProcCredName failed: OpenProcessToken failed for pid=4448: Access is denied.
  967. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=4104: error getting process state for pid=4104: getProcCredName failed: OpenProcessToken failed for pid=4104: Access is denied.
  968. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=4532: error getting process state for pid=4532: getProcCredName failed: OpenProcessToken failed for pid=4532: Access is denied.
  969. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=9052: error getting process state for pid=9052: getProcCredName failed: OpenProcessToken failed for pid=9052: Access is denied.
  970. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=7472: error getting process state for pid=7472: getProcCredName failed: OpenProcessToken failed for pid=7472: Access is denied.
  971. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=3956: error getting process state for pid=3956: getProcCredName failed: OpenProcessToken failed for pid=3956: Access is denied.
  972. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=8236: error getting process state for pid=8236: getProcCredName failed: OpenProcessToken failed for pid=8236: Access is denied.
  973. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=8508: error getting process state for pid=8508: getProcCredName failed: OpenProcessToken failed for pid=8508: Access is denied.
  974. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=6864: error getting process state for pid=6864: getProcCredName failed: OpenProcessToken failed for pid=6864: Access is denied.
  975. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=4384: error getting process state for pid=4384: getProcCredName failed: OpenProcessToken failed for pid=4384: Access is denied.
  976. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=6836: error getting process state for pid=6836: getProcCredName failed: OpenProcessToken failed for pid=6836: Access is denied.
  977. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=3448: error getting process state for pid=3448: getProcCredName failed: OpenProcessToken failed for pid=3448: Access is denied.
  978. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=9100: error getting process state for pid=9100: getProcCredName failed: OpenProcessToken failed for pid=9100: Access is denied.
  979. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=7636: error getting process state for pid=7636: getProcCredName failed: OpenProcessToken failed for pid=7636: Access is denied.
  980. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=6716: error getting process state for pid=6716: getProcCredName failed: OpenProcessToken failed for pid=6716: Access is denied.
  981. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=10164: error getting process state for pid=10164: getProcCredName failed: OpenProcessToken failed for pid=10164: Access is denied.
  982. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=1548: error getting process state for pid=1548: getProcCredName failed: OpenProcessToken failed for pid=1548: Access is denied.
  983. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=6740: error getting process state for pid=6740: getProcCredName failed: OpenProcessToken failed for pid=6740: Access is denied.
  984. 2018/02/22 16:11:55.566840 helper.go:371: DBG Skip process pid=4440: error getting process state for pid=4440: getProcCredName failed: OpenProcessToken failed for pid=4440: Access is denied.
  985. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=8468: error getting process state for pid=8468: getProcCredName failed: OpenProcessToken failed for pid=8468: Access is denied.
  986. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=9024: error getting process state for pid=9024: getProcCredName failed: OpenProcessToken failed for pid=9024: Access is denied.
  987. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=9664: error getting process state for pid=9664: getProcCredName failed: OpenProcessToken failed for pid=9664: Access is denied.
  988. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=4524: error getting process state for pid=4524: getProcCredName failed: OpenProcessToken failed for pid=4524: Access is denied.
  989. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=9812: error getting process state for pid=9812: getProcCredName failed: OpenProcessToken failed for pid=9812: Access is denied.
  990. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=6348: error getting process state for pid=6348: getProcCredName failed: OpenProcessToken failed for pid=6348: Access is denied.
  991. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=5932: error getting process state for pid=5932: getProcCredName failed: OpenProcessToken failed for pid=5932: Access is denied.
  992. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=4260: error getting process state for pid=4260: getProcCredName failed: OpenProcessToken failed for pid=4260: Access is denied.
  993. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=4680: error getting process state for pid=4680: getProcCredName failed: OpenProcessToken failed for pid=4680: Access is denied.
  994. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=3928: error getting process state for pid=3928: getProcCredName failed: OpenProcessToken failed for pid=3928: Access is denied.
  995. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=8656: error getting process state for pid=8656: getProcCredName failed: OpenProcessToken failed for pid=8656: Access is denied.
  996. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=9128: error getting process state for pid=9128: getProcCredName failed: OpenProcessToken failed for pid=9128: Access is denied.
  997. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=4120: error getting process state for pid=4120: getProcCredName failed: OpenProcessToken failed for pid=4120: Access is denied.
  998. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=6808: error getting process state for pid=6808: getProcCredName failed: OpenProcessToken failed for pid=6808: Access is denied.
  999. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=804: error getting process state for pid=804: getProcCredName failed: OpenProcessToken failed for pid=804: Access is denied.
  1000. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=1228: error getting process state for pid=1228: getProcCredName failed: OpenProcessToken failed for pid=1228: Access is denied.
  1001. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=9864: error getting process state for pid=9864: getProcCredName failed: OpenProcessToken failed for pid=9864: Access is denied.
  1002. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=3432: error getting process state for pid=3432: getProcCredName failed: OpenProcessToken failed for pid=3432: Access is denied.
  1003. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=1144: error getting process state for pid=1144: getProcCredName failed: OpenProcessToken failed for pid=1144: Access is denied.
  1004. 2018/02/22 16:11:55.582465 helper.go:371: DBG Skip process pid=648: error getting process state for pid=648: getProcCredName failed: OpenProcessToken failed for pid=648: Access is denied.
  1005. 2018/02/22 16:11:55.598090 helper.go:371: DBG Skip process pid=4352: error getting process state for pid=4352: getProcCredName failed: OpenProcessToken failed for pid=4352: Access is denied.
  1006. 2018/02/22 16:11:55.598090 helper.go:371: DBG Skip process pid=8500: error getting process state for pid=8500: getProcCredName failed: OpenProcessToken failed for pid=8500: Access is denied.
  1007. 2018/02/22 16:11:55.676215 helper.go:371: DBG Skip process pid=5220: error getting process state for pid=5220: getProcCredName failed: OpenProcessToken failed for pid=5220: Access is denied.
  1008. 2018/02/22 16:11:55.676215 helper.go:371: DBG Skip process pid=9384: error getting process state for pid=9384: getProcCredName failed: OpenProcessToken failed for pid=9384: Access is denied.
  1009. 2018/02/22 16:11:55.676215 helper.go:371: DBG Skip process pid=4696: error getting process state for pid=4696: getProcCredName failed: OpenProcessToken failed for pid=4696: Access is denied.
  1010. 2018/02/22 16:11:55.691840 helper.go:391: DBG Filtered top processes down to 17 processes
  1011. 2018/02/22 16:11:55.691840 processor.go:262: DBG Publish event: {
  1012. "@timestamp": "2018-02-22T16:11:55.535Z",
  1013. "@metadata": {
  1014. "beat": "metricbeat",
  1015. "type": "doc",
  1016. "version": "6.0.0"
  1017. },
  1018. "metricset": {
  1019. "module": "system",
  1020. "name": "process",
  1021. "rtt": 156250
  1022. },
  1023. "beat": {
  1024. "version": "6.0.0",
  1025. "name": "pon258",
  1026. "hostname": "pon258"
  1027. },
  1028. "system": {
  1029. "process": {
  1030. "username": "NT AUTHORITY\\SYSTEM",
  1031. "memory": {
  1032. "share": 0,
  1033. "size": 217784320,
  1034. "rss": {
  1035. "pct": 0.0137,
  1036. "bytes": 234643456
  1037. }
  1038. },
  1039. "cpu": {
  1040. "total": {
  1041. "norm": {
  1042. "pct": 0.0024
  1043. },
  1044. "pct": 0.0095
  1045. },
  1046. "start_time": "2018-02-19T04:01:51.640Z"
  1047. },
  1048. "pgid": 0,
  1049. "name": "svchost.exe",
  1050. "pid": 908,
  1051. "ppid": 556,
  1052. "state": "running"
  1053. }
  1054. }
  1055. }
  1056. 2018/02/22 16:11:55.691840 processor.go:262: DBG Publish event: {
  1057. "@timestamp": "2018-02-22T16:11:55.535Z",
  1058. "@metadata": {
  1059. "beat": "metricbeat",
  1060. "type": "doc",
  1061. "version": "6.0.0"
  1062. },
  1063. "system": {
  1064. "process": {
  1065. "username": "NT AUTHORITY\\SYSTEM",
  1066. "memory": {
  1067. "size": 15237120,
  1068. "rss": {
  1069. "bytes": 11087872,
  1070. "pct": 0.0006
  1071. },
  1072. "share": 0
  1073. },
  1074. "cpu": {
  1075. "total": {
  1076. "pct": 0.0043,
  1077. "norm": {
  1078. "pct": 0.0011
  1079. }
  1080. },
  1081. "start_time": "2018-02-22T09:00:26.018Z"
  1082. },
  1083. "ppid": 432,
  1084. "pgid": 0,
  1085. "state": "running",
  1086. "name": "winlogon.exe",
  1087. "pid": 6184
  1088. }
  1089. },
  1090. "metricset": {
  1091. "rtt": 156250,
  1092. "module": "system",
  1093. "name": "process"
  1094. },
  1095. "beat": {
  1096. "name": "pon258",
  1097. "hostname": "pon258",
  1098. "version": "6.0.0"
  1099. }
  1100. }
  1101. 2018/02/22 16:11:55.691840 processor.go:262: DBG Publish event: {
  1102. "@timestamp": "2018-02-22T16:11:55.535Z",
  1103. "@metadata": {
  1104. "beat": "metricbeat",
  1105. "type": "doc",
  1106. "version": "6.0.0"
  1107. },
  1108. "system": {
  1109. "process": {
  1110. "ppid": 432,
  1111. "name": "winlogon.exe",
  1112. "username": "NT AUTHORITY\\SYSTEM",
  1113. "memory": {
  1114. "share": 0,
  1115. "size": 15392768,
  1116. "rss": {
  1117. "bytes": 10620928,
  1118. "pct": 0.0006
  1119. }
  1120. },
  1121. "cpu": {
  1122. "total": {
  1123. "pct": 0.0036,
  1124. "norm": {
  1125. "pct": 0.0009
  1126. }
  1127. },
  1128. "start_time": "2018-02-22T09:33:07.065Z"
  1129. },
  1130. "pid": 6880,
  1131. "pgid": 0,
  1132. "state": "running"
  1133. }
  1134. },
  1135. "metricset": {
  1136. "module": "system",
  1137. "name": "process",
  1138. "rtt": 156250
  1139. },
  1140. "beat": {
  1141. "version": "6.0.0",
  1142. "name": "pon258",
  1143. "hostname": "pon258"
  1144. }
  1145. }
  1146. 2018/02/22 16:11:55.707465 processor.go:262: DBG Publish event: {
  1147. "@timestamp": "2018-02-22T16:11:55.535Z",
  1148. "@metadata": {
  1149. "beat": "metricbeat",
  1150. "type": "doc",
  1151. "version": "6.0.0"
  1152. },
  1153. "metricset": {
  1154. "name": "process",
  1155. "rtt": 156250,
  1156. "module": "system"
  1157. },
  1158. "system": {
  1159. "process": {
  1160. "username": "NT AUTHORITY\\SYSTEM",
  1161. "cpu": {
  1162. "start_time": "2018-02-22T14:13:02.535Z",
  1163. "total": {
  1164. "norm": {
  1165. "pct": 0.0007
  1166. },
  1167. "pct": 0.0026
  1168. }
  1169. },
  1170. "pid": 1196,
  1171. "ppid": 432,
  1172. "pgid": 0,
  1173. "name": "winlogon.exe",
  1174. "state": "running",
  1175. "memory": {
  1176. "rss": {
  1177. "bytes": 11235328,
  1178. "pct": 0.0007
  1179. },
  1180. "share": 0,
  1181. "size": 15253504
  1182. }
  1183. }
  1184. },
  1185. "beat": {
  1186. "version": "6.0.0",
  1187. "name": "pon258",
  1188. "hostname": "pon258"
  1189. }
  1190. }
  1191. 2018/02/22 16:11:55.707465 processor.go:262: DBG Publish event: {
  1192. "@timestamp": "2018-02-22T16:11:55.535Z",
  1193. "@metadata": {
  1194. "beat": "metricbeat",
  1195. "type": "doc",
  1196. "version": "6.0.0"
  1197. },
  1198. "system": {
  1199. "process": {
  1200. "cpu": {
  1201. "total": {
  1202. "pct": 0.0022,
  1203. "norm": {
  1204. "pct": 0.0006
  1205. }
  1206. },
  1207. "start_time": "2018-02-19T04:01:51.265Z"
  1208. },
  1209. "pid": 568,
  1210. "ppid": 508,
  1211. "pgid": 0,
  1212. "username": "NT AUTHORITY\\SYSTEM",
  1213. "name": "lsass.exe",
  1214. "state": "running",
  1215. "memory": {
  1216. "size": 19484672,
  1217. "rss": {
  1218. "pct": 0.0013,
  1219. "bytes": 23089152
  1220. },
  1221. "share": 0
  1222. }
  1223. }
  1224. },
  1225. "metricset": {
  1226. "rtt": 156250,
  1227. "module": "system",
  1228. "name": "process"
  1229. },
  1230. "beat": {
  1231. "name": "pon258",
  1232. "hostname": "pon258",
  1233. "version": "6.0.0"
  1234. }
  1235. }
  1236. 2018/02/22 16:11:55.707465 processor.go:262: DBG Publish event: {
  1237. "@timestamp": "2018-02-22T16:11:55.535Z",
  1238. "@metadata": {
  1239. "beat": "metricbeat",
  1240. "type": "doc",
  1241. "version": "6.0.0"
  1242. },
  1243. "system": {
  1244. "process": {
  1245. "name": "HealthService.exe",
  1246. "memory": {
  1247. "share": 0,
  1248. "size": 60641280,
  1249. "rss": {
  1250. "pct": 0.0013,
  1251. "bytes": 22597632
  1252. }
  1253. },
  1254. "cpu": {
  1255. "total": {
  1256. "norm": {
  1257. "pct": 0.0006
  1258. },
  1259. "pct": 0.0022
  1260. },
  1261. "start_time": "2018-02-19T04:01:59.078Z"
  1262. },
  1263. "pid": 1552,
  1264. "ppid": 556,
  1265. "pgid": 0,
  1266. "username": "NT AUTHORITY\\SYSTEM",
  1267. "state": "running"
  1268. }
  1269. },
  1270. "metricset": {
  1271. "module": "system",
  1272. "name": "process",
  1273. "rtt": 171875
  1274. },
  1275. "beat": {
  1276. "name": "pon258",
  1277. "hostname": "pon258",
  1278. "version": "6.0.0"
  1279. }
  1280. }
  1281. 2018/02/22 16:11:55.707465 processor.go:262: DBG Publish event: {
  1282. "@timestamp": "2018-02-22T16:11:55.535Z",
  1283. "@metadata": {
  1284. "beat": "metricbeat",
  1285. "type": "doc",
  1286. "version": "6.0.0"
  1287. },
  1288. "system": {
  1289. "process": {
  1290. "pgid": 0,
  1291. "name": "csrss.exe",
  1292. "state": "running",
  1293. "pid": 9840,
  1294. "ppid": 432,
  1295. "username": "NT AUTHORITY\\SYSTEM",
  1296. "memory": {
  1297. "rss": {
  1298. "bytes": 7168000,
  1299. "pct": 0.0004
  1300. },
  1301. "share": 0,
  1302. "size": 3932160
  1303. },
  1304. "cpu": {
  1305. "total": {
  1306. "pct": 0.0022,
  1307. "norm": {
  1308. "pct": 0.0006
  1309. }
  1310. },
  1311. "start_time": "2018-02-22T16:07:22.926Z"
  1312. }
  1313. }
  1314. },
  1315. "metricset": {
  1316. "rtt": 171875,
  1317. "module": "system",
  1318. "name": "process"
  1319. },
  1320. "beat": {
  1321. "name": "pon258",
  1322. "hostname": "pon258",
  1323. "version": "6.0.0"
  1324. }
  1325. }
  1326. 2018/02/22 16:11:55.723090 processor.go:262: DBG Publish event: {
  1327. "@timestamp": "2018-02-22T16:11:55.535Z",
  1328. "@metadata": {
  1329. "beat": "metricbeat",
  1330. "type": "doc",
  1331. "version": "6.0.0"
  1332. },
  1333. "beat": {
  1334. "name": "pon258",
  1335. "hostname": "pon258",
  1336. "version": "6.0.0"
  1337. },
  1338. "metricset": {
  1339. "module": "system",
  1340. "name": "process",
  1341. "rtt": 171875
  1342. },
  1343. "system": {
  1344. "process": {
  1345. "memory": {
  1346. "rss": {
  1347. "bytes": 10903552,
  1348. "pct": 0.0006
  1349. },
  1350. "share": 0,
  1351. "size": 15192064
  1352. },
  1353. "ppid": 432,
  1354. "state": "running",
  1355. "name": "winlogon.exe",
  1356. "username": "NT AUTHORITY\\SYSTEM",
  1357. "cpu": {
  1358. "total": {
  1359. "pct": 0.0018,
  1360. "norm": {
  1361. "pct": 0.0005
  1362. }
  1363. },
  1364. "start_time": "2018-02-22T13:46:30.988Z"
  1365. },
  1366. "pid": 1324,
  1367. "pgid": 0
  1368. }
  1369. }
  1370. }
  1371. 2018/02/22 16:11:55.723090 async.go:143: DBG 9 events out of 9 events sent to logstash. Continue sending
  1372. 2018/02/22 16:11:55.723090 processor.go:262: DBG Publish event: {
  1373. "@timestamp": "2018-02-22T16:11:55.535Z",
  1374. "@metadata": {
  1375. "beat": "metricbeat",
  1376. "type": "doc",
  1377. "version": "6.0.0"
  1378. },
  1379. "system": {
  1380. "process": {
  1381. "ppid": 556,
  1382. "pgid": 0,
  1383. "name": "CcmExec.exe",
  1384. "username": "NT AUTHORITY\\SYSTEM",
  1385. "pid": 3232,
  1386. "state": "running",
  1387. "memory": {
  1388. "share": 0,
  1389. "size": 31883264,
  1390. "rss": {
  1391. "bytes": 59596800,
  1392. "pct": 0.0035
  1393. }
  1394. },
  1395. "cpu": {
  1396. "total": {
  1397. "pct": 0.0018,
  1398. "norm": {
  1399. "pct": 0.0005
  1400. }
  1401. },
  1402. "start_time": "2018-02-19T04:31:56.782Z"
  1403. }
  1404. }
  1405. },
  1406. "metricset": {
  1407. "module": "system",
  1408. "name": "process",
  1409. "rtt": 171875
  1410. },
  1411. "beat": {
  1412. "name": "pon258",
  1413. "hostname": "pon258",
  1414. "version": "6.0.0"
  1415. }
  1416. }
  1417. 2018/02/22 16:11:55.723090 processor.go:262: DBG Publish event: {
  1418. "@timestamp": "2018-02-22T16:11:55.535Z",
  1419. "@metadata": {
  1420. "beat": "metricbeat",
  1421. "type": "doc",
  1422. "version": "6.0.0"
  1423. },
  1424. "system": {
  1425. "process": {
  1426. "cpu": {
  1427. "total": {
  1428. "norm": {
  1429. "pct": 0.0004
  1430. },
  1431. "pct": 0.0017
  1432. },
  1433. "start_time": "2018-02-22T09:33:52.815Z"
  1434. },
  1435. "pgid": 0,
  1436. "name": "ChristiesAppraisalsManagement.exe",
  1437. "memory": {
  1438. "size": 236867584,
  1439. "rss": {
  1440. "bytes": 265142272,
  1441. "pct": 0.0154
  1442. },
  1443. "share": 0
  1444. },
  1445. "pid": 4112,
  1446. "ppid": 7280,
  1447. "state": "running",
  1448. "username": "CHRISTIES\\crepp"
  1449. }
  1450. },
  1451. "metricset": {
  1452. "module": "system",
  1453. "name": "process",
  1454. "rtt": 187500
  1455. },
  1456. "beat": {
  1457. "name": "pon258",
  1458. "hostname": "pon258",
  1459. "version": "6.0.0"
  1460. }
  1461. }
  1462. 2018/02/22 16:11:55.738715 processor.go:262: DBG Publish event: {
  1463. "@timestamp": "2018-02-22T16:11:55.535Z",
  1464. "@metadata": {
  1465. "beat": "metricbeat",
  1466. "type": "doc",
  1467. "version": "6.0.0"
  1468. },
  1469. "metricset": {
  1470. "rtt": 187500,
  1471. "module": "system",
  1472. "name": "process"
  1473. },
  1474. "beat": {
  1475. "name": "pon258",
  1476. "hostname": "pon258",
  1477. "version": "6.0.0"
  1478. },
  1479. "system": {
  1480. "process": {
  1481. "memory": {
  1482. "rss": {
  1483. "pct": 0.0046,
  1484. "bytes": 79101952
  1485. },
  1486. "share": 0,
  1487. "size": 9310208
  1488. },
  1489. "cpu": {
  1490. "start_time": "2018-02-19T04:01:51.250Z",
  1491. "total": {
  1492. "pct": 0.0014,
  1493. "norm": {
  1494. "pct": 0.0004
  1495. }
  1496. }
  1497. },
  1498. "pid": 556,
  1499. "ppid": 508,
  1500. "state": "running",
  1501. "username": "NT AUTHORITY\\SYSTEM",
  1502. "pgid": 0,
  1503. "name": "services.exe"
  1504. }
  1505. }
  1506. }
  1507. 2018/02/22 16:11:55.738715 processor.go:262: DBG Publish event: {
  1508. "@timestamp": "2018-02-22T16:11:55.535Z",
  1509. "@metadata": {
  1510. "beat": "metricbeat",
  1511. "type": "doc",
  1512. "version": "6.0.0"
  1513. },
  1514. "system": {
  1515. "process": {
  1516. "state": "running",
  1517. "cpu": {
  1518. "total": {
  1519. "norm": {
  1520. "pct": 0
  1521. },
  1522. "pct": 0
  1523. },
  1524. "start_time": "2018-02-19T04:02:04.296Z"
  1525. },
  1526. "pid": 2488,
  1527. "ppid": 556,
  1528. "pgid": 0,
  1529. "memory": {
  1530. "share": 0,
  1531. "size": 37179392,
  1532. "rss": {
  1533. "pct": 0.0032,
  1534. "bytes": 55414784
  1535. }
  1536. },
  1537. "name": "beremote.exe",
  1538. "username": "NT AUTHORITY\\SYSTEM"
  1539. }
  1540. },
  1541. "metricset": {
  1542. "module": "system",
  1543. "name": "process",
  1544. "rtt": 187500
  1545. },
  1546. "beat": {
  1547. "name": "pon258",
  1548. "hostname": "pon258",
  1549. "version": "6.0.0"
  1550. }
  1551. }
  1552. 2018/02/22 16:11:55.738715 processor.go:262: DBG Publish event: {
  1553. "@timestamp": "2018-02-22T16:11:55.535Z",
  1554. "@metadata": {
  1555. "beat": "metricbeat",
  1556. "type": "doc",
  1557. "version": "6.0.0"
  1558. },
  1559. "system": {
  1560. "process": {
  1561. "pgid": 0,
  1562. "pid": 788,
  1563. "ppid": 2860,
  1564. "name": "w3wp.exe",
  1565. "state": "running",
  1566. "username": "NT AUTHORITY\\NETWORK SERVICE",
  1567. "memory": {
  1568. "size": 46096384,
  1569. "rss": {
  1570. "bytes": 53833728,
  1571. "pct": 0.0031
  1572. },
  1573. "share": 0
  1574. },
  1575. "cpu": {
  1576. "start_time": "2018-02-22T16:07:52.863Z",
  1577. "total": {
  1578. "pct": 0,
  1579. "norm": {
  1580. "pct": 0
  1581. }
  1582. }
  1583. }
  1584. }
  1585. },
  1586. "metricset": {
  1587. "module": "system",
  1588. "name": "process",
  1589. "rtt": 203125
  1590. },
  1591. "beat": {
  1592. "name": "pon258",
  1593. "hostname": "pon258",
  1594. "version": "6.0.0"
  1595. }
  1596. }
  1597. 2018/02/22 16:11:55.738715 processor.go:262: DBG Publish event: {
  1598. "@timestamp": "2018-02-22T16:11:55.535Z",
  1599. "@metadata": {
  1600. "beat": "metricbeat",
  1601. "type": "doc",
  1602. "version": "6.0.0"
  1603. },
  1604. "system": {
  1605. "process": {
  1606. "name": "vmware-converter-a.exe",
  1607. "state": "running",
  1608. "username": "NT AUTHORITY\\SYSTEM",
  1609. "cpu": {
  1610. "total": {
  1611. "pct": 0,
  1612. "norm": {
  1613. "pct": 0
  1614. }
  1615. },
  1616. "start_time": "2018-02-19T04:02:02.781Z"
  1617. },
  1618. "ppid": 556,
  1619. "pgid": 0,
  1620. "pid": 2320,
  1621. "memory": {
  1622. "size": 32411648,
  1623. "rss": {
  1624. "bytes": 45416448,
  1625. "pct": 0.0026
  1626. },
  1627. "share": 0
  1628. }
  1629. }
  1630. },
  1631. "metricset": {
  1632. "module": "system",
  1633. "name": "process",
  1634. "rtt": 203125
  1635. },
  1636. "beat": {
  1637. "name": "pon258",
  1638. "hostname": "pon258",
  1639. "version": "6.0.0"
  1640. }
  1641. }
  1642. 2018/02/22 16:11:55.754340 processor.go:262: DBG Publish event: {
  1643. "@timestamp": "2018-02-22T16:11:55.535Z",
  1644. "@metadata": {
  1645. "beat": "metricbeat",
  1646. "type": "doc",
  1647. "version": "6.0.0"
  1648. },
  1649. "metricset": {
  1650. "module": "system",
  1651. "name": "process",
  1652. "rtt": 203125
  1653. },
  1654. "system": {
  1655. "process": {
  1656. "state": "running",
  1657. "username": "NT AUTHORITY\\SYSTEM",
  1658. "pid": 1920,
  1659. "name": "metricbeat.exe",
  1660. "memory": {
  1661. "size": 92635136,
  1662. "rss": {
  1663. "bytes": 36761600,
  1664. "pct": 0.0021
  1665. },
  1666. "share": 0
  1667. },
  1668. "cpu": {
  1669. "total": {
  1670. "pct": 0.0008,
  1671. "norm": {
  1672. "pct": 0.0002
  1673. }
  1674. },
  1675. "start_time": "2018-02-19T04:01:59.218Z"
  1676. },
  1677. "ppid": 556,
  1678. "pgid": 0
  1679. }
  1680. },
  1681. "beat": {
  1682. "name": "pon258",
  1683. "hostname": "pon258",
  1684. "version": "6.0.0"
  1685. }
  1686. }
  1687. 2018/02/22 16:11:55.754340 processor.go:262: DBG Publish event: {
  1688. "@timestamp": "2018-02-22T16:11:55.535Z",
  1689. "@metadata": {
  1690. "beat": "metricbeat",
  1691. "type": "doc",
  1692. "version": "6.0.0"
  1693. },
  1694. "system": {
  1695. "process": {
  1696. "pid": 7092,
  1697. "pgid": 0,
  1698. "username": "CHRISTIES\\ynilajkar",
  1699. "memory": {
  1700. "size": 91029504,
  1701. "rss": {
  1702. "pct": 0.002,
  1703. "bytes": 34689024
  1704. },
  1705. "share": 0
  1706. },
  1707. "ppid": 9060,
  1708. "name": "metricbeat.exe",
  1709. "state": "running",
  1710. "cpu": {
  1711. "total": {
  1712. "pct": 0.001,
  1713. "norm": {
  1714. "pct": 0.0003
  1715. }
  1716. },
  1717. "start_time": "2018-02-22T16:08:45.316Z"
  1718. }
  1719. }
  1720. },
  1721. "metricset": {
  1722. "module": "system",
  1723. "name": "process",
  1724. "rtt": 203125
  1725. },
  1726. "beat": {
  1727. "hostname": "pon258",
  1728. "version": "6.0.0",
  1729. "name": "pon258"
  1730. }
  1731. }
  1732. 2018/02/22 16:11:55.754340 processor.go:262: DBG Publish event: {
  1733. "@timestamp": "2018-02-22T16:11:55.535Z",
  1734. "@metadata": {
  1735. "beat": "metricbeat",
  1736. "type": "doc",
  1737. "version": "6.0.0"
  1738. },
  1739. "system": {
  1740. "process": {
  1741. "pgid": 0,
  1742. "name": "wmiprvse.exe",
  1743. "username": "NT AUTHORITY\\SYSTEM",
  1744. "ppid": 808,
  1745. "pid": 4436,
  1746. "state": "running",
  1747. "memory": {
  1748. "share": 0,
  1749. "size": 21291008,
  1750. "rss": {
  1751. "bytes": 29478912,
  1752. "pct": 0.0017
  1753. }
  1754. },
  1755. "cpu": {
  1756. "total": {
  1757. "pct": 0,
  1758. "norm": {
  1759. "pct": 0
  1760. }
  1761. },
  1762. "start_time": "2018-02-19T11:35:46.055Z"
  1763. }
  1764. }
  1765. },
  1766. "metricset": {
  1767. "name": "process",
  1768. "rtt": 218750,
  1769. "module": "system"
  1770. },
  1771. "beat": {
  1772. "name": "pon258",
  1773. "hostname": "pon258",
  1774. "version": "6.0.0"
  1775. }
  1776. }
  1777. 2018/02/22 16:11:55.801215 logger.go:29: DBG ackloop: receive ack [6: 0, 9]
  1778. 2018/02/22 16:11:55.801215 logger.go:29: DBG broker ACK events: count=9, start-seq=29, end-seq=37
  1779. 2018/02/22 16:11:55.801215 logger.go:18: DBG ackloop: return ack to broker loop:9
  1780. 2018/02/22 16:11:55.801215 logger.go:18: DBG ackloop: done send ack
  1781. 2018/02/22 16:11:56.723090 async.go:143: DBG 10 events out of 10 events sent to logstash. Continue sending
  1782. 2018/02/22 16:11:56.801215 logger.go:29: DBG ackloop: receive ack [7: 0, 10]
  1783. 2018/02/22 16:11:56.801215 logger.go:29: DBG broker ACK events: count=10, start-seq=38, end-seq=47
  1784. 2018/02/22 16:11:56.801215 logger.go:18: DBG ackloop: return ack to broker loop:10
  1785. 2018/02/22 16:11:56.801215 logger.go:18: DBG ackloop: done send ack
  1786. 2018/02/22 16:12:03.238715 service.go:33: DBG Received sigterm/sigint, stopping
  1787. 2018/02/22 16:12:03.238715 service.go:39: DBG Received svc stop/shutdown request
  1788. 2018/02/22 16:12:03.238715 reload.go:148: INFO Dynamic config reloader stopped
  1789. 2018/02/22 16:12:03.238715 metrics.go:51: INFO Total non-zero values: beat.memstats.gc_next=4747648 beat.memstats.memory_alloc=4024800 beat.memstats.memory_total=19046064 libbeat.config.module.running=2 libbeat.config.module.starts=2 libbeat.config.reloads=3 libbeat.output.events.acked=51 libbeat.o
  1790. utput.events.batches=8 libbeat.output.events.total=51 libbeat.output.read.bytes=48 libbeat.output.type=logstash libbeat.output.write.bytes=6743 libbeat.pipeline.clients=2 libbeat.pipeline.events.active=0 libbeat.pipeline.events.published=51 libbeat.pipeline.events.retry=2 libbeat.pipeline.events.tot
  1791. al=51 libbeat.pipeline.queue.acked=51 metricbeat.system.cpu.events=2 metricbeat.system.cpu.success=2 metricbeat.system.diskio.events=2 metricbeat.system.diskio.success=2 metricbeat.system.filesystem.events=2 metricbeat.system.filesystem.success=2 metricbeat.system.fsstat.events=2 metricbeat.system.f
  1792. sstat.success=2 metricbeat.system.memory.events=2 metricbeat.system.memory.success=2 metricbeat.system.network.events=4 metricbeat.system.network.success=4 metricbeat.system.process.events=35 metricbeat.system.process.success=35 metricbeat.system.process_summary.events=2 metricbeat.system.process_su
  1793. mmary.success=2
  1794. 2018/02/22 16:12:03.238715 metrics.go:52: INFO Uptime: 3m17.890625s
  1795. 2018/02/22 16:12:03.238715 beat.go:268: INFO metricbeat stopped.
  1796.  
  1797. C:\metricbeat>hostname
  1798. pon258
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!