For confirmed bugs, please report:
- Version: originally identified on 5186feb but confirmed on latest master d00c2fe.
- Operating System: linux
- Steps to Reproduce:
- Checkout and build x-pack auditbeat.
- Using the default configuration run
./auditbeat run -d '*' -e until it has gone through the set up process and is reporting events.
- Cancel the process with ^C.
- List installed probes.
# perf probe --list
auditbeat_22327:inet_csk_accept_ret (on inet_csk_accept%return with sock laddr lport raddr rport famil
auditbeat_22327:sys_execve_ret (on __x64_sys_execve%return with retval)
auditbeat_22327:tcp4_connect_out (on tcp_v4_connect%return with retval)
auditbeat_22327:tcp6_connect_out (on tcp_v6_connect%return with retval)
This is not the complete set of probes that are installed, so it seems that just these are missed during unload.
Found during exploration of #17165.
/cc @adriansr
For confirmed bugs, please report:
./auditbeat run -d '*' -euntil it has gone through the set up process and is reporting events.This is not the complete set of probes that are installed, so it seems that just these are missed during unload.
Found during exploration of #17165.
/cc @adriansr