fluent-plugin-elastic-log 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6ef4e2a586f566d7b309ef59d3c754bbccaffe6ba545eb31a4715683403f67af
4
- data.tar.gz: fd5f957963bb03ca6bc4c2f456c8cf3c9053f35a53cadb2594280bc5899858c1
3
+ metadata.gz: f99628e3afa35a188a2f1b94cf56b44a1cbac89f541852cd1791d4a635b6e658
4
+ data.tar.gz: ae773fc1151757b4b1ebdc5ef463c05c722ab1d50e89d7e5b01f8c5187505252
5
5
  SHA512:
6
- metadata.gz: 482176de12204c607485f80d2234106e20c6d618f8bd6c04155105ff335a20e8d04c71778e9e3bc1382e3efbacda46b2aa1c95fbc2521cebe061503970cdecab
7
- data.tar.gz: f1a408614e789248cc1486ca9af9a11c3c8a66502c2bfbd3fe655e9dcd60f66bfbf3853082f99f78b368b39dfe15d67ae223b3a4574b1fdd8018e4651e1e3944
6
+ metadata.gz: e9b473e3db2182d81103f0b5a39c8c7a240c2bcc00dd2e01f852baa55aca426c3edc466595c6feb878ead856cb3f787c9f0cd7f2d182bfb0dcc38d9d5b0498f7
7
+ data.tar.gz: 544ddb9b34eed81fe9e758b65736ab4335b975ee575afddf36083ec91a026f506b1edea1d6f6a68fb914a88b12e234b375e58dcf84db1f89cd5615088a115ae4
data/.rubocop.yml CHANGED
@@ -10,6 +10,10 @@ Metrics/BlockLength:
10
10
  - fluent-plugin-elastic-log.gemspec
11
11
  - test/**/*.rb
12
12
 
13
+ Metrics/ClassLength:
14
+ Exclude:
15
+ - test/**/*.rb
16
+
13
17
  Metrics/MethodLength:
14
18
  Max: 20
15
19
 
@@ -5,7 +5,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
5
5
 
6
6
  Gem::Specification.new do |spec|
7
7
  spec.name = 'fluent-plugin-elastic-log'
8
- spec.version = '0.2.0'
8
+ spec.version = '0.3.0'
9
9
  spec.authors = ['Thomas Tych']
10
10
  spec.email = ['thomas.tych@gmail.com']
11
11
 
@@ -21,24 +21,26 @@ module Fluent
21
21
  # data/write/* => write
22
22
  # monitor/* => monitor
23
23
  PRIVILEGE_MAP = {
24
- "cluster:admin/" => 'admin_query',
25
- "cluster:monitor/" => 'monitor_query',
26
- "indices:admin/" => 'admin_query',
27
- "indices:data/read/" => 'read_query',
28
- "indices:data/write/" => 'write_query',
29
- "indices:monitor/" => 'monitor_query'
24
+ 'cluster:admin/' => 'admin',
25
+ 'cluster:monitor/' => 'monitor',
26
+ 'indices:admin/' => 'admin',
27
+ 'indices:data/read/' => 'read',
28
+ 'indices:data/write/' => 'write',
29
+ 'indices:monitor/' => 'monitor'
30
30
  }.freeze
31
31
 
32
32
  ILM_PATTERN = /^(.*)-\d{6}$/.freeze
33
33
 
34
- attr_reader :time, :record, :conf
34
+ attr_reader :time, :record, :conf, :prefix
35
35
 
36
- def initialize(time:, record:, conf:)
36
+ def initialize(time:, record:, conf:, prefix: '')
37
37
  @time = time
38
38
  @record = record
39
39
  @conf = conf
40
+ @prefix = prefix
40
41
  end
41
42
 
43
+ # rubocop:disable Metrics/AbcSize
42
44
  def timestamp
43
45
  begin
44
46
  timestamp = Time.parse(record[:timestamp])
@@ -46,25 +48,28 @@ module Fluent
46
48
  timestamp = time.to_time
47
49
  end
48
50
 
49
- return timestamp.utc.strftime('%s%3N') if conf.timestamp_format == :epochmillis
51
+ return (timestamp.utc.to_f * 1000).to_i if conf.timestamp_format == :epochmillis
52
+ return timestamp.utc.strftime('%s%3N') if conf.timestamp_format == :epochmillis_str
50
53
 
51
54
  timestamp.utc.iso8601(3)
52
55
  end
56
+ # rubocop:enable Metrics/AbcSize
53
57
 
54
- def metric_name
58
+ def query_type
55
59
  PRIVILEGE_MAP.each do |pattern, name|
56
- return "#{name}_count" if record[:privilege].to_s.start_with?(pattern)
60
+ return name if record[:privilege].to_s.start_with?(pattern)
57
61
  end
58
- "unknown_count"
62
+ 'unknown_count'
59
63
  end
60
64
 
61
65
  def base
62
66
  {
63
67
  'timestamp' => timestamp,
64
- 'metric_name' => metric_name,
68
+ 'metric_name' => 'query_count',
65
69
  'metric_value' => 1,
66
- 'tags_user' => record[:user],
67
- 'tags_cluster' => record[:cluster]
70
+ "#{prefix}user" => record[:user],
71
+ "#{prefix}cluster" => record[:cluster],
72
+ "#{prefix}query_type" => query_type
68
73
  }
69
74
  end
70
75
 
@@ -82,7 +87,7 @@ module Fluent
82
87
  def generate_event_stream
83
88
  metric_es = MultiEventStream.new
84
89
  indices.each do |indice|
85
- metric_es.add(time, base.merge(tags_technical_name: indice))
90
+ metric_es.add(time, base.merge("#{prefix}technical_name" => indice))
86
91
  end
87
92
  metric_es
88
93
  end
@@ -42,6 +42,7 @@ module Fluent
42
42
  DEFAULT_R_INDICES_KEY = 'audit_trace_resolved_indices'
43
43
  DEFAULT_TIMESTAMP_KEY = '@timestamp'
44
44
  DEFAULT_PRIVILEGE_KEY = 'audit_request_privilege'
45
+ DEFAULT_PREFIX = ''
45
46
 
46
47
  # REQUEST PRIVILEGE:
47
48
  # cluster:
@@ -78,8 +79,9 @@ module Fluent
78
79
  config_param :privilege_key, :string, default: DEFAULT_PRIVILEGE_KEY
79
80
 
80
81
  desc 'Timestamp format'
81
- config_param :timestamp_format, :enum, list: %i[iso epochmillis], default: :iso
82
-
82
+ config_param :timestamp_format, :enum, list: %i[iso epochmillis epochmillis_str], default: :iso
83
+ desc 'Attribute prefix'
84
+ config_param :prefix, :string, default: DEFAULT_PREFIX
83
85
  desc 'Aggregate ILM'
84
86
  config_param :aggregate_ilm, :bool, default: true
85
87
 
@@ -142,7 +144,8 @@ module Fluent
142
144
  layer: record[layer_key],
143
145
  request_type: record[request_type_key]
144
146
  },
145
- conf: self
147
+ conf: self,
148
+ prefix: prefix
146
149
  ).generate_event_stream
147
150
  end
148
151
  # rubocop:enable Metrics/AbcSize
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-elastic-log
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Thomas Tych
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-06-08 00:00:00.000000000 Z
11
+ date: 2023-06-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bump