elastic · ycombinator · Aug 7, 2025 · Aug 5, 2025 · Aug 5, 2025 · Aug 6, 2025
@@ -661,11 +661,11 @@ SOFTWARE
 
 --------------------------------------------------------------------------------
 Dependency : github.com/elastic/elastic-agent-libs
-Version: v0.21.4
+Version: v0.21.6
 Licence type (autodetected): Apache-2.0
 --------------------------------------------------------------------------------
 
-Contents of probable licence file $GOMODCACHE/github.com/elastic/[email protected].4/LICENSE:
+Contents of probable licence file $GOMODCACHE/github.com/elastic/[email protected].6/LICENSE:
 
                                  Apache License
                            Version 2.0, January 2004

@@ -661,11 +661,11 @@ SOFTWARE
 
 --------------------------------------------------------------------------------
 Dependency : github.com/elastic/elastic-agent-libs
-Version: v0.21.4
+Version: v0.21.6
 Licence type (autodetected): Apache-2.0
 --------------------------------------------------------------------------------
 
-Contents of probable licence file $GOMODCACHE/github.com/elastic/[email protected].4/LICENSE:
+Contents of probable licence file $GOMODCACHE/github.com/elastic/[email protected].6/LICENSE:
 
                                  Apache License
                            Version 2.0, January 2004

@@ -8,7 +8,7 @@ require (
 	github.com/dgraph-io/ristretto v0.2.0
 	github.com/docker/go-units v0.5.0
 	github.com/elastic/elastic-agent-client/v7 v7.17.2
-	github.com/elastic/elastic-agent-libs v0.21.4
+	github.com/elastic/elastic-agent-libs v0.21.6
 	github.com/elastic/elastic-agent-system-metrics v0.11.18
 	github.com/elastic/go-elasticsearch/v8 v8.19.0
 	github.com/elastic/go-ucfg v0.8.8

@@ -35,8 +35,8 @@ github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkp
 github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
 github.com/elastic/elastic-agent-client/v7 v7.17.2 h1:Cl2TeABqWZgW40t5fchGWT/sRk4MDDLWA0d8iHHOxLA=
 github.com/elastic/elastic-agent-client/v7 v7.17.2/go.mod h1:5irRFqp6HLqtu1S+OeY0jg8x7K6PLL+DW+PwVk1vJnk=
-github.com/elastic/elastic-agent-libs v0.21.4 h1:Xf7zeJ2hiyt13VRhyH22/nsDmlY8/TEfFb36X9uvw34=
-github.com/elastic/elastic-agent-libs v0.21.4/go.mod h1:xSeIP3NtOIT4N2pPS4EyURmS1Q8mK0lWZ8Wd1Du6q3w=
+github.com/elastic/elastic-agent-libs v0.21.6 h1:hvBAi4KHaYf4hn+rTc9m6A35eZjqb1uoE2exklIdWm0=
+github.com/elastic/elastic-agent-libs v0.21.6/go.mod h1:xSeIP3NtOIT4N2pPS4EyURmS1Q8mK0lWZ8Wd1Du6q3w=
 github.com/elastic/elastic-agent-system-metrics v0.11.18 h1:MuFLvHc3kQN/59+3KmRWhOUoXkL5PDzxEbdYbARGexA=
 github.com/elastic/elastic-agent-system-metrics v0.11.18/go.mod h1:qiZC5p1hd8te4XVnhh7FkXdcYhxFnl5i9GJpROtf6zo=
 github.com/elastic/elastic-transport-go/v8 v8.7.0 h1:OgTneVuXP2uip4BA658Xi6Hfw+PeIOod2rY3GVMGoVE=

@@ -11,7 +11,7 @@ import (
 	"time"
 
 	"github.com/elastic/fleet-server/v7/internal/pkg/es"
-	"github.com/elastic/fleet-server/v7/internal/pkg/logger"
+	"github.com/elastic/fleet-server/v7/internal/pkg/logger/ecs"
 	"github.com/elastic/fleet-server/v7/internal/pkg/model"
 	"github.com/elastic/fleet-server/v7/internal/pkg/monitor"
 	"github.com/elastic/fleet-server/v7/internal/pkg/sqn"
@@ -84,7 +84,7 @@ func (d *Dispatcher) Subscribe(log zerolog.Logger, agentID string, seqNo sqn.Seq
 	sz := len(d.subs)
 	d.mx.Unlock()
 
-	log.Trace().Str(logger.AgentID, agentID).Int("sz", sz).Msg("Subscribed to action dispatcher")
+	log.Trace().Str(ecs.AgentID, agentID).Int("sz", sz).Msg("Subscribed to action dispatcher")
 
 	return &sub
 }
@@ -101,7 +101,7 @@ func (d *Dispatcher) Unsubscribe(log zerolog.Logger, sub *Sub) {
 	sz := len(d.subs)
 	d.mx.Unlock()
 
-	log.Trace().Str(logger.AgentID, sub.agentID).Int("sz", sz).Msg("Unsubscribed from action dispatcher")
+	log.Trace().Str(ecs.AgentID, sub.agentID).Int("sz", sz).Msg("Unsubscribed from action dispatcher")
 }
 
 // process gathers actions from the monitor and dispatches them to the corresponding subscriptions.
@@ -167,7 +167,7 @@ func (d *Dispatcher) getSub(agentID string) (Sub, bool) {
 func (d *Dispatcher) dispatch(ctx context.Context, agentID string, acdocs []model.Action) {
 	sub, ok := d.getSub(agentID)
 	if !ok {
-		zerolog.Ctx(ctx).Debug().Str(logger.AgentID, agentID).Msg("Agent is not currently connected. Not dispatching actions.")
+		zerolog.Ctx(ctx).Debug().Str(ecs.AgentID, agentID).Msg("Agent is not currently connected. Not dispatching actions.")
 		return
 	}
 	select {

@@ -24,23 +24,23 @@ import (
 	"github.com/elastic/fleet-server/v7/internal/pkg/file/uploader"
 	"github.com/elastic/fleet-server/v7/internal/pkg/limit"
 	"github.com/elastic/fleet-server/v7/internal/pkg/logger"
-
+	"github.com/elastic/fleet-server/v7/internal/pkg/logger/ecs"
 	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/hlog"
 )
 
 // Alias logger constants
 const (
-	ECSHTTPRequestID         = logger.ECSHTTPRequestID
-	ECSEventDuration         = logger.ECSEventDuration
-	ECSHTTPResponseCode      = logger.ECSHTTPResponseCode
-	ECSHTTPResponseBodyBytes = logger.ECSHTTPResponseBodyBytes
+	ECSHTTPRequestID         = ecs.HTTPRequestID
+	ECSEventDuration         = ecs.EventDuration
+	ECSHTTPResponseCode      = ecs.HTTPResponseCode
+	ECSHTTPResponseBodyBytes = ecs.HTTPResponseBodyBytes
 
-	LogAPIKeyID       = logger.APIKeyID
-	LogPolicyID       = logger.PolicyID
-	LogAgentID        = logger.AgentID
-	LogEnrollAPIKeyID = logger.EnrollAPIKeyID
-	LogAccessAPIKeyID = logger.AccessAPIKeyID
+	LogAPIKeyID       = ecs.APIKeyID
+	LogPolicyID       = ecs.PolicyID
+	LogAgentID        = ecs.AgentID
+	LogEnrollAPIKeyID = ecs.EnrollAPIKeyID
+	LogAccessAPIKeyID = ecs.AccessAPIKeyID
 )
 
 // BadRequestErr is used for request validation errors. These can be json

@@ -25,7 +25,7 @@ import (
 	"github.com/elastic/fleet-server/v7/internal/pkg/config"
 	"github.com/elastic/fleet-server/v7/internal/pkg/dl"
 	"github.com/elastic/fleet-server/v7/internal/pkg/es"
-	"github.com/elastic/fleet-server/v7/internal/pkg/logger"
+	"github.com/elastic/fleet-server/v7/internal/pkg/logger/ecs"
 	"github.com/elastic/fleet-server/v7/internal/pkg/model"
 	"github.com/elastic/fleet-server/v7/internal/pkg/policy"
 	"github.com/elastic/fleet-server/v7/internal/pkg/smap"
@@ -243,8 +243,8 @@ func (ack *AckT) handleAckEvents(ctx context.Context, zlog zerolog.Logger, agent
 		span.Context.SetLabel("agent_id", agent.Agent.ID)
 		span.Context.SetLabel("action_id", event.ActionId)
 		log := zlog.With().
-			Str(logger.ActionID, event.ActionId).
-			Str(logger.AgentID, event.AgentId).
+			Str(ecs.ActionID, event.ActionId).
+			Str(ecs.AgentID, event.AgentId).
 			Time("timestamp", event.Timestamp).
 			Int("n", n).Logger()
 		log.Info().Msg("ack event")
@@ -365,14 +365,14 @@ func (ack *AckT) handleActionResult(ctx context.Context, zlog zerolog.Logger, ag
 
 	// Save action result document
 	if err := dl.CreateActionResult(ctx, ack.bulk, acr); err != nil {
-		zlog.Error().Err(err).Str(logger.AgentID, agent.Agent.ID).Str(logger.ActionID, action.Id).Msg("create action result")
+		zlog.Error().Err(err).Str(ecs.AgentID, agent.Agent.ID).Str(ecs.ActionID, action.Id).Msg("create action result")
 		return err
 	}
 
 	if action.Type == TypeUpgrade {
 		event, _ := ev.AsUpgradeEvent()
 		if err := ack.handleUpgrade(ctx, zlog, agent, event); err != nil {
-			zlog.Error().Err(err).Str(logger.AgentID, agent.Agent.ID).Str(logger.ActionID, action.Id).Msg("handle upgrade event")
+			zlog.Error().Err(err).Str(ecs.AgentID, agent.Agent.ID).Str(ecs.ActionID, action.Id).Msg("handle upgrade event")
 			return err
 		}
 	}
@@ -397,7 +397,7 @@ func (ack *AckT) handlePolicyChange(ctx context.Context, zlog zerolog.Logger, ag
 			Str("agent.policyId", agent.PolicyID).
 			Int64("agent.revisionIdx", currRev).
 			Str("rev.policyId", rev.PolicyID).
-			Int64(logger.RevisionIdx, rev.RevisionIdx).
+			Int64(ecs.RevisionIdx, rev.RevisionIdx).
 			Msg("ack policy revision")
 
 		if ok && rev.PolicyID == agent.PolicyID && rev.RevisionIdx > currRev {
@@ -446,7 +446,7 @@ func (ack *AckT) updateAPIKey(ctx context.Context,
 	if outputName != "" {
 		outputBulk := ack.bulk.GetBulker(outputName)
 		if outputBulk != nil {
-			zlog.Debug().Str(logger.PolicyOutputName, outputName).Msg("Using output bulker in updateAPIKey")
+			zlog.Debug().Str(ecs.PolicyOutputName, outputName).Msg("Using output bulker in updateAPIKey")
 			bulk = outputBulk
 		}
 	}
@@ -457,14 +457,14 @@ func (ack *AckT) updateAPIKey(ctx context.Context,
 				zlog.Warn().
 					Err(err).
 					Str(LogAPIKeyID, apiKeyID).
-					Str(logger.PolicyOutputName, outputName).
+					Str(ecs.PolicyOutputName, outputName).
 					Msg("Failed to read API Key roles")
 			} else {
 				// race when API key was invalidated before acking
 				zlog.Info().
 					Err(err).
 					Str(LogAPIKeyID, apiKeyID).
-					Str(logger.PolicyOutputName, outputName).
+					Str(ecs.PolicyOutputName, outputName).
 					Msg("Failed to read invalidated API Key roles")
 
 				// prevents future checks
@@ -480,14 +480,14 @@ func (ack *AckT) updateAPIKey(ctx context.Context,
 					Msg("Failed to cleanup roles")
 			} else if removedRolesCount > 0 {
 				if err := bulk.APIKeyUpdate(ctx, apiKeyID, permissionHash, clean); err != nil {
-					zlog.Error().Err(err).RawJSON("roles", clean).Str(LogAPIKeyID, apiKeyID).Str(logger.PolicyOutputName, outputName).Msg("Failed to update API Key")
+					zlog.Error().Err(err).RawJSON("roles", clean).Str(LogAPIKeyID, apiKeyID).Str(ecs.PolicyOutputName, outputName).Msg("Failed to update API Key")
 				} else {
 					zlog.Debug().
 						Str("hash.sha256", permissionHash).
 						Str(LogAPIKeyID, apiKeyID).
 						RawJSON("roles", clean).
 						Int("removedRoles", removedRolesCount).
-						Str(logger.PolicyOutputName, outputName).
+						Str(ecs.PolicyOutputName, outputName).
 						Msg("Updating agent record to pick up reduced roles.")
 				}
 			}
@@ -637,8 +637,8 @@ func (ack *AckT) handleUpgrade(ctx context.Context, zlog zerolog.Logger, agent *
 	zlog.Info().
 		Str("lastReportedVersion", agent.Agent.Version).
 		Str("upgradedAt", now).
-		Str(logger.AgentID, agent.Agent.ID).
-		Str(logger.ActionID, event.ActionId).
+		Str(ecs.AgentID, agent.Agent.ID).
+		Str(ecs.ActionID, event.ActionId).
 		Msg("ack upgrade")
 
 	return nil
@@ -719,17 +719,17 @@ func invalidateAPIKeys(ctx context.Context, zlog zerolog.Logger, bulk bulk.Bulk,
 			// read output config from .fleet-policies, not filtering by policy id as agent could be reassigned
 			policy, err := dl.QueryOutputFromPolicy(ctx, bulk, outputName)
 			if err != nil || policy == nil {
-				zlog.Warn().Str(logger.PolicyOutputName, outputName).Any("ids", outputIds).Msg("Output policy not found, API keys will be orphaned")
+				zlog.Warn().Str(ecs.PolicyOutputName, outputName).Any("ids", outputIds).Msg("Output policy not found, API keys will be orphaned")
 			} else {
 				outputBulk, _, err = bulk.CreateAndGetBulker(ctx, zlog, outputName, policy.Data.Outputs)
 				if err != nil {
-					zlog.Warn().Str(logger.PolicyOutputName, outputName).Any("ids", outputIds).Msg("Failed to recreate output bulker, API keys will be orphaned")
+					zlog.Warn().Str(ecs.PolicyOutputName, outputName).Any("ids", outputIds).Msg("Failed to recreate output bulker, API keys will be orphaned")
 				}
 			}
 		}
 		if outputBulk != nil {
 			if err := outputBulk.APIKeyInvalidate(ctx, outputIds...); err != nil {
-				zlog.Info().Err(err).Strs("ids", outputIds).Str(logger.PolicyOutputName, outputName).Msg("Failed to invalidate API keys")
+				zlog.Info().Err(err).Strs("ids", outputIds).Str(ecs.PolicyOutputName, outputName).Msg("Failed to invalidate API keys")
 			}
 		}
 	}

@@ -26,7 +26,7 @@ import (
 	"github.com/elastic/fleet-server/v7/internal/pkg/checkin"
 	"github.com/elastic/fleet-server/v7/internal/pkg/config"
 	"github.com/elastic/fleet-server/v7/internal/pkg/dl"
-	"github.com/elastic/fleet-server/v7/internal/pkg/logger"
+	"github.com/elastic/fleet-server/v7/internal/pkg/logger/ecs"
 	"github.com/elastic/fleet-server/v7/internal/pkg/model"
 	"github.com/elastic/fleet-server/v7/internal/pkg/monitor"
 	"github.com/elastic/fleet-server/v7/internal/pkg/policy"
@@ -260,7 +260,7 @@ func (ct *CheckinT) validateRequest(zlog zerolog.Logger, w http.ResponseWriter,
 
 func (ct *CheckinT) ProcessRequest(zlog zerolog.Logger, w http.ResponseWriter, r *http.Request, start time.Time, agent *model.Agent, ver string) error {
 	zlog = zlog.With().
-		Str(logger.AgentID, agent.Id).Logger()
+		Str(ecs.AgentID, agent.Id).Logger()
 	validated, err := ct.validateRequest(zlog, w, r, start, agent)
 	if err != nil {
 		return err
@@ -301,7 +301,7 @@ func (ct *CheckinT) ProcessRequest(zlog zerolog.Logger, w http.ResponseWriter, r
 	defer func() {
 		err := ct.pm.Unsubscribe(sub)
 		if err != nil {
-			zlog.Error().Err(err).Str(logger.PolicyID, agent.PolicyID).Msg("unable to unsubscribe from policy")
+			zlog.Error().Err(err).Str(ecs.PolicyID, agent.PolicyID).Msg("unable to unsubscribe from policy")
 		}
 	}()
 
@@ -329,7 +329,7 @@ func (ct *CheckinT) ProcessRequest(zlog zerolog.Logger, w http.ResponseWriter, r
 	// 8.16.x releases would incorrectly set unenrolled_at
 	err = ct.bc.CheckIn(agent.Id, string(req.Status), req.Message, rawMeta, rawComponents, seqno, ver, unhealthyReason, agent.AuditUnenrolledReason != "" || agent.UnenrolledAt != "")
 	if err != nil {
-		zlog.Error().Err(err).Str(logger.AgentID, agent.Id).Msg("checkin failed")
+		zlog.Error().Err(err).Str(ecs.AgentID, agent.Id).Msg("checkin failed")
 	}
 
 	// Initial fetch for pending actions
@@ -384,7 +384,7 @@ func (ct *CheckinT) ProcessRequest(zlog zerolog.Logger, w http.ResponseWriter, r
 			case <-tick.C:
 				err := ct.bc.CheckIn(agent.Id, string(req.Status), req.Message, nil, rawComponents, nil, ver, unhealthyReason, false)
 				if err != nil {
-					zlog.Error().Err(err).Str(logger.AgentID, agent.Id).Msg("checkin failed")
+					zlog.Error().Err(err).Str(ecs.AgentID, agent.Id).Msg("checkin failed")
 				}
 			}
 		}
@@ -590,8 +590,8 @@ func (ct *CheckinT) writeResponse(zlog zerolog.Logger, w http.ResponseWriter, r
 		zlog.Info().
 			Str("ackToken", fromPtr(resp.AckToken)).
 			Str("createdAt", action.CreatedAt).
-			Str(logger.ActionID, action.Id).
-			Str(logger.ActionType, string(action.Type)).
+			Str(ecs.ActionID, action.Id).
+			Str(ecs.ActionType, string(action.Type)).
 			Str("inputType", action.InputType).
 			Int64("timeout", fromPtr(action.Timeout)).
 			Msg("Action delivered to agent on checkin")
@@ -698,7 +698,7 @@ func filterActions(zlog zerolog.Logger, agentID string, actions []model.Action)
 	resp := make([]model.Action, 0, len(actions))
 	for _, action := range actions {
 		if valid := validActionTypes[action.Type]; !valid {
-			zlog.Info().Str(logger.AgentID, agentID).Str(logger.ActionID, action.ActionID).Str(logger.ActionType, action.Type).Msg("Removing action found in index from check in response")
+			zlog.Info().Str(ecs.AgentID, agentID).Str(ecs.ActionID, action.ActionID).Str(ecs.ActionType, action.Type).Msg("Removing action found in index from check in response")
 			continue
 		}
 		resp = append(resp, action)
@@ -799,7 +799,7 @@ func convertActions(zlog zerolog.Logger, agentID string, actions []model.Action)
 	for _, action := range actions {
 		ad, err := convertActionData(ActionType(action.Type), action.Data)
 		if err != nil {
-			zlog.Error().Err(err).Str(logger.ActionID, action.ActionID).Str(logger.ActionType, action.Type).Msg("Failed to convert action.Data")
+			zlog.Error().Err(err).Str(ecs.ActionID, action.ActionID).Str(ecs.ActionType, action.Type).Msg("Failed to convert action.Data")
 			continue
 		}
 		r := Action{
@@ -850,7 +850,7 @@ func processPolicy(ctx context.Context, zlog zerolog.Logger, bulker bulk.Bulk, a
 	defer span.End()
 	zlog = zlog.With().
 		Str("fleet.ctx", "processPolicy").
-		Int64(logger.RevisionIdx, pp.Policy.RevisionIdx).
+		Int64(ecs.RevisionIdx, pp.Policy.RevisionIdx).
 		Str(LogPolicyID, pp.Policy.PolicyID).
 		Logger()
 

@@ -25,7 +25,7 @@ import (
 	"github.com/elastic/fleet-server/v7/internal/pkg/config"
 	"github.com/elastic/fleet-server/v7/internal/pkg/dl"
 	"github.com/elastic/fleet-server/v7/internal/pkg/limit"
-	"github.com/elastic/fleet-server/v7/internal/pkg/logger"
+	"github.com/elastic/fleet-server/v7/internal/pkg/logger/zap"
 	"github.com/elastic/fleet-server/v7/version"
 )
 
@@ -74,7 +74,7 @@ func init() {
 	cntGetPGP.Register(routesRegistry.newRegistry("getPGPKey"))
 	cntAuditUnenroll.Register(routesRegistry.newRegistry("auditUnenroll"))
 
-	err := report.SetupMetrics(logger.NewZapStub("instance-metrics"), build.ServiceName, version.DefaultVersion, monitoring.NewRegistry(), registry.registry)
+	err := report.SetupMetrics(zap.NewStub("instance-metrics"), build.ServiceName, version.DefaultVersion, monitoring.NewRegistry(), registry.registry)
 	if err != nil {
 		zerolog.Ctx(context.TODO()).Error().Err(err).Msg("unable to initialize metrics") // TODO is used because this may logged during the package load
 	}
@@ -256,7 +256,7 @@ func InitMetrics(ctx context.Context, cfg *config.Config, bi build.Info, tracer
 	}
 
 	// Start local api server; largely for metrics.
-	zapStub := logger.NewZapStub("fleet-metrics")
+	zapStub := zap.NewStub("fleet-metrics")
 	cfgStub, err := cfglib.NewConfigFrom(&cfg.HTTP)
 	if err != nil {
 		return nil, err

@@ -13,17 +13,20 @@ import (
 	"net"
 	"net/http"
 
+	"github.com/elastic/elastic-agent-libs/logp"
 	"github.com/elastic/elastic-agent-libs/transport/tlscommon"
-	"github.com/elastic/fleet-server/v7/internal/pkg/config"
-	"github.com/elastic/fleet-server/v7/internal/pkg/logger"
 
+	"github.com/elastic/fleet-server/v7/internal/pkg/config"
+	"github.com/elastic/fleet-server/v7/internal/pkg/logger/ecs"
+	"github.com/elastic/fleet-server/v7/internal/pkg/logger/zap"
 	"github.com/rs/zerolog"
 )
 
 type server struct {
 	cfg     *config.Server
 	addr    string
 	handler http.Handler
+	logger  *logp.Logger
 }
 
 // NewServer creates a new HTTP api for the passed addr.
@@ -39,6 +42,7 @@ func NewServer(addr string, cfg *config.Server, opts ...APIOpt) *server {
 		addr:    addr,
 		cfg:     cfg,
 		handler: newRouter(&cfg.Limits, a, a.tracer),
+		logger:  zap.NewStub("api-server"),
 	}
 }
 
@@ -76,7 +80,7 @@ func (s *server) Run(ctx context.Context) error {
 	}()
 
 	if s.cfg.TLS != nil && s.cfg.TLS.IsEnabled() {
-		commonTLSCfg, err := tlscommon.LoadTLSServerConfig(s.cfg.TLS)
+		commonTLSCfg, err := tlscommon.LoadTLSServerConfig(s.cfg.TLS, s.logger)
 		if err != nil {
 			return err
 		}
@@ -148,7 +152,7 @@ type stubLogger struct {
 }
 
 func (s *stubLogger) Write(p []byte) (n int, err error) {
-	s.log.Error().Bytes(logger.ECSMessage, p).Send()
+	s.log.Error().Bytes(ecs.Message, p).Send()
 	return len(p), nil
 }