{"id":15505887,"url":"https://github.com/sbadia/journalbeat-deb","last_synced_at":"2026-04-18T19:31:14.576Z","repository":{"id":64305872,"uuid":"65073915","full_name":"sbadia/journalbeat-deb","owner":"sbadia","description":"Debian package for journalbeat","archived":false,"fork":false,"pushed_at":"2018-03-12T11:11:52.000Z","size":908,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-10-30T21:44:21.761Z","etag":null,"topics":["debian","journalbeat","journald","log-shipping","systemd"],"latest_commit_sha":null,"homepage":"https://github.com/mheese/journalbeat","language":"Go","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sbadia.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-08-06T08:55:31.000Z","updated_at":"2018-04-09T11:30:29.000Z","dependencies_parsed_at":"2023-01-15T10:30:57.439Z","dependency_job_id":null,"html_url":"https://github.com/sbadia/journalbeat-deb","commit_stats":null,"previous_names":[],"tags_count":12,"template":false,"template_full_name":null,"purl":"pkg:github/sbadia/journalbeat-deb","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sbadia%2Fjournalbeat-deb","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sbadia%2Fjournalbeat-deb/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sbadia%2Fjournalbeat-deb/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sbadia%2Fjournalbeat-deb/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sbadia","download_url":"https://codeload.github.com/sbadia/journalbeat-deb/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sbadia%2Fjournalbeat-deb/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31982441,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-18T17:30:12.329Z","status":"ssl_error","status_checked_at":"2026-04-18T17:29:59.069Z","response_time":103,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["debian","journalbeat","journald","log-shipping","systemd"],"created_at":"2024-10-02T09:24:48.812Z","updated_at":"2026-04-18T19:31:14.552Z","avatar_url":"https://github.com/sbadia.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Build Status](https://travis-ci.org/mheese/journalbeat.svg?branch=master)](https://travis-ci.org/mheese/journalbeat)\n\n# Journalbeat\n\nJournalbeat is the [Beat](https://www.elastic.co/products/beats) used for log\nshipping from systemd/journald based Linux systems. It follows the system journal\nvery much like `journalctl -f` and sends the data to Logstash/Elasticsearch (or\nwhatever you configured for your beat).\n\nJournalbeat is targeting pure systemd distributions like CoreOS, Atomic Host, or\nothers. There are no intentions to add support for older systems that do not use\njournald.\n\n## Use Cases and Goals\n\nBesides from the obvious use case (log shipping) the goal of this project is also\nto provide a common source for more advanced topics like:\n- FIM (File Integrity Monitoring)\n- SIEM\n- Audit Logs / Monitoring\n\nThis is all possible because of the tight integration of the Linux audit events\ninto journald. That said _journalbeat_ can only provide the data source for\nthese more advanced use cases. We need to develop additional pieces for\nmonitoring and alerting - as well as hopefully a standardized Kibana dashboard\nto cover these features.\n\n## Documentation\n\nNone so far. As of this writing, this is the first commit. There are things to\ncome. You can find a `journalbeat.yml` config file in the `etc` folder which\nshould be self-explanatory for the time being.\n\n## Install\n\nYou need to install `systemd` development packages beforehand. In a\nRHEL or Fedora environment, you need to install the `systemd-devel` package, `libsystemd-dev` in debian-based systems, et al.\n\n`go get github.com/mheese/journalbeat`\n\n**NOTE:** This is not the preferred way from Elastic on how to do it. Needs to\nbe revised (of course).\n\n## Caveats\n\nA few current caveats with journalbeat\n\n### cgo\n\nThe underlying system library [go-systemd](https://github.com/coreos/go-systemd) makes heavy usage of cgo and the final binary will be linked against all client libraries that are needed in order to interact with sd-journal. That means that\nthe resulting binary is not really Linux distribution independent (which is kind of expected in a way).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsbadia%2Fjournalbeat-deb","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsbadia%2Fjournalbeat-deb","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsbadia%2Fjournalbeat-deb/lists"}