Skip to content

Commit e16a3ac

Browse files
belimawrbelimawr
committed
Update the correct files
1 parent eb5332a commit e16a3ac

File tree

3 files changed

+17
-1
lines changed

3 files changed

+17
-1
lines changed

packages/iptables/_dev/build/docs/README.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,14 @@ traffic (allow/deny).
99
The module is by default configured to run with the `udp` input on port `9001`.
1010
However, it can also be configured to read from a file path or journald.
1111

12+
To read Journald logs from within a container, you need to use the
13+
[`elastic-agent-complete`](https://www.elastic.co/docs/reference/fleet/install-elastic-agents#elastic-agent-complete-flavor)
14+
Docker image that contains the `jouranlctl` binary. Journal files can have breaking changes making it
15+
impossible to read files generated by a newer versions of
16+
Journald. Ensure the jounral files you are reading were generated by
17+
a version equal or older than the `journalctl` shipped with the Docker
18+
image.
19+
1220
## Logs
1321

1422
### Iptables log

packages/journald/docs/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ Docker image that contains the `jouranlctl` binary. Journal files can have break
1111
impossible to read files generated by a newer versions of
1212
Journald. Ensure the jounral files you are reading were generated by
1313
a version equal or older than the `journalctl` shipped with the Docker
14-
image.x
14+
image.
1515

1616
An example event looks as follows:
1717

packages/system/_dev/build/docs/README.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,14 @@ Each data stream collects different kinds of metric data, which may require dedi
3838
to be fetched and which may vary across operating systems.
3939
Details on the permissions needed for each data stream are available in the [Metrics reference](#metrics-reference).
4040

41+
To read Journald logs from within a container, you need to use the
42+
[`elastic-agent-complete`](https://www.elastic.co/docs/reference/fleet/install-elastic-agents#elastic-agent-complete-flavor)
43+
Docker image that contains the `jouranlctl` binary. Journal files can have breaking changes making it
44+
impossible to read files generated by a newer versions of
45+
Journald. Ensure the jounral files you are reading were generated by
46+
a version equal or older than the `journalctl` shipped with the Docker
47+
image.
48+
4149
## Setup
4250

4351
For step-by-step instructions on how to set up an integration, see the

0 commit comments

Comments
 (0)