fluent-plugin-druid-log 0.1.2 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d468b5e88c20ec40b45bac3d2e68eff09882d885df618fc57a3f7025f6613972
|
|
4
|
+
data.tar.gz: d53dfa9917eda7f46741f34afef2d16f4a9127df484eaf2406fbbd0272efec7d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cfe4e4749ee7f6e1767f4eb249cf6d9855c5a1703a498c34df7a2c4c1c2fe693ec88576a1402ea4fa9587f01f3f61954702f4e2ddc4a2d916f6fed2a7b3ee38c
|
|
7
|
+
data.tar.gz: 42b43f812473cbff5ec96c4f10b12ec36740526aeed4e80d67a059917c6e4056c05a623788db5164ef5c18e4e32e11f6d4bad9239003942e4d241d72af03f6e6
|
data/README.md
CHANGED
|
@@ -20,7 +20,7 @@ Example:
|
|
|
20
20
|
|
|
21
21
|
<parse>
|
|
22
22
|
@type regexp
|
|
23
|
-
expression /^(?<timestamp>[^\t]+)\t(?<remote_addr>[^\t]*)\t{1,2}(?<query_result>[^\t]+)\t(?<
|
|
23
|
+
expression /^(?<timestamp>[^\t]+)\t(?<remote_addr>[^\t]*)\t{1,2}(?<query_result>[^\t]+)\t(?<query>.*)$/
|
|
24
24
|
time_key timestamp
|
|
25
25
|
keep_time_key true
|
|
26
26
|
</parse>
|
|
@@ -11,9 +11,12 @@ module Fluent
|
|
|
11
11
|
helpers :event_emitter, :timer
|
|
12
12
|
|
|
13
13
|
DEFAULT_QUERY_KEY = 'query'
|
|
14
|
+
DEFAULT_QUERY_RESULT_KEY = 'query_result'
|
|
14
15
|
|
|
15
16
|
desc 'Query key'
|
|
16
17
|
config_param :query_key, :string, default: DEFAULT_QUERY_KEY
|
|
18
|
+
desc 'Query result key'
|
|
19
|
+
config_param :query_result_key, :string, default: DEFAULT_QUERY_RESULT_KEY
|
|
17
20
|
|
|
18
21
|
def configure(conf)
|
|
19
22
|
super
|
|
@@ -28,18 +31,22 @@ module Fluent
|
|
|
28
31
|
end
|
|
29
32
|
|
|
30
33
|
def filter(_tag, _time, record)
|
|
31
|
-
new_record = format_record(record)
|
|
34
|
+
new_record = format_record(record.dup)
|
|
32
35
|
fix_record(new_record)
|
|
33
36
|
new_record
|
|
34
37
|
end
|
|
35
38
|
|
|
36
39
|
def format_record(record)
|
|
40
|
+
[query_key, query_result_key].each do |key|
|
|
41
|
+
record[key] = JSON.parse(record[key]) if record[key].is_a? String
|
|
42
|
+
end
|
|
43
|
+
|
|
37
44
|
query_type = guess_query_type(record)
|
|
45
|
+
record['query_type'] = query_type
|
|
38
46
|
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
new_record
|
|
47
|
+
query_data = record.delete(query_key)
|
|
48
|
+
record["#{query_type}_query".downcase] = query_data
|
|
49
|
+
record
|
|
43
50
|
end
|
|
44
51
|
|
|
45
52
|
def guess_query_type(record)
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'fluent/plugin/filter'
|
|
4
|
+
|
|
5
|
+
module Fluent
|
|
6
|
+
module Plugin
|
|
7
|
+
class FormatDruidAuditLog2Filter < Fluent::Plugin::Filter
|
|
8
|
+
NAME = 'format_druid_audit_log_2'
|
|
9
|
+
Fluent::Plugin.register_filter(NAME, self)
|
|
10
|
+
|
|
11
|
+
helpers :event_emitter, :timer
|
|
12
|
+
|
|
13
|
+
DEFAULT_QUERY_KEY = 'query'
|
|
14
|
+
DEFAULT_QUERY_RESULT_KEY = 'query_result'
|
|
15
|
+
|
|
16
|
+
desc 'Query key'
|
|
17
|
+
config_param :query_key, :string, default: DEFAULT_QUERY_KEY
|
|
18
|
+
desc 'Query result key'
|
|
19
|
+
config_param :query_result_key, :string, default: DEFAULT_QUERY_RESULT_KEY
|
|
20
|
+
|
|
21
|
+
def configure(conf)
|
|
22
|
+
super
|
|
23
|
+
|
|
24
|
+
return unless query_key.nil? and query_result.nil?
|
|
25
|
+
|
|
26
|
+
raise Fluent::ConfigError, 'query_key should be specified'
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def multi_workers_ready?
|
|
30
|
+
true
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def filter(_tag, _time, record)
|
|
34
|
+
new_record = format_record(record.dup)
|
|
35
|
+
fix_record(new_record)
|
|
36
|
+
new_record
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
def format_record(record)
|
|
40
|
+
[query_key, query_result_key].each do |key|
|
|
41
|
+
record[key] = JSON.parse(record[key]) if record[key].is_a? String
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
query_type = guess_query_type(record)
|
|
45
|
+
record['query_type'] = query_type
|
|
46
|
+
|
|
47
|
+
record
|
|
48
|
+
end
|
|
49
|
+
|
|
50
|
+
def guess_query_type(record)
|
|
51
|
+
record.dig(query_key,
|
|
52
|
+
'queryType') || (record.dig('query_result',
|
|
53
|
+
'sqlQuery/time') && 'sql') || (record.dig(query_key,
|
|
54
|
+
'query') && 'sql') || 'unknown'
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
def fix_record(record)
|
|
58
|
+
fix_record_query_granularity(record)
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def fix_record_query_granularity(record)
|
|
62
|
+
return if record.dig(query_key, 'granularity').nil?
|
|
63
|
+
|
|
64
|
+
record[query_key]['granularity'] = record[query_key]['granularity'].to_s
|
|
65
|
+
end
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fluent-plugin-druid-log
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Thomas Tych
|
|
@@ -211,6 +211,7 @@ files:
|
|
|
211
211
|
- README.md
|
|
212
212
|
- Rakefile
|
|
213
213
|
- lib/fluent/plugin/filter_format_druid_audit_log_1.rb
|
|
214
|
+
- lib/fluent/plugin/filter_format_druid_audit_log_2.rb
|
|
214
215
|
homepage: https://gitlab.com/ttych/fluent-plugin-druid-log
|
|
215
216
|
licenses:
|
|
216
217
|
- Apache-2.0
|