fluent-plugin-elastic-log 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f99628e3afa35a188a2f1b94cf56b44a1cbac89f541852cd1791d4a635b6e658
|
|
4
|
+
data.tar.gz: ae773fc1151757b4b1ebdc5ef463c05c722ab1d50e89d7e5b01f8c5187505252
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e9b473e3db2182d81103f0b5a39c8c7a240c2bcc00dd2e01f852baa55aca426c3edc466595c6feb878ead856cb3f787c9f0cd7f2d182bfb0dcc38d9d5b0498f7
|
|
7
|
+
data.tar.gz: 544ddb9b34eed81fe9e758b65736ab4335b975ee575afddf36083ec91a026f506b1edea1d6f6a68fb914a88b12e234b375e58dcf84db1f89cd5615088a115ae4
|
data/.rubocop.yml
CHANGED
|
@@ -21,24 +21,26 @@ module Fluent
|
|
|
21
21
|
# data/write/* => write
|
|
22
22
|
# monitor/* => monitor
|
|
23
23
|
PRIVILEGE_MAP = {
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
24
|
+
'cluster:admin/' => 'admin',
|
|
25
|
+
'cluster:monitor/' => 'monitor',
|
|
26
|
+
'indices:admin/' => 'admin',
|
|
27
|
+
'indices:data/read/' => 'read',
|
|
28
|
+
'indices:data/write/' => 'write',
|
|
29
|
+
'indices:monitor/' => 'monitor'
|
|
30
30
|
}.freeze
|
|
31
31
|
|
|
32
32
|
ILM_PATTERN = /^(.*)-\d{6}$/.freeze
|
|
33
33
|
|
|
34
|
-
attr_reader :time, :record, :conf
|
|
34
|
+
attr_reader :time, :record, :conf, :prefix
|
|
35
35
|
|
|
36
|
-
def initialize(time:, record:, conf:)
|
|
36
|
+
def initialize(time:, record:, conf:, prefix: '')
|
|
37
37
|
@time = time
|
|
38
38
|
@record = record
|
|
39
39
|
@conf = conf
|
|
40
|
+
@prefix = prefix
|
|
40
41
|
end
|
|
41
42
|
|
|
43
|
+
# rubocop:disable Metrics/AbcSize
|
|
42
44
|
def timestamp
|
|
43
45
|
begin
|
|
44
46
|
timestamp = Time.parse(record[:timestamp])
|
|
@@ -46,25 +48,28 @@ module Fluent
|
|
|
46
48
|
timestamp = time.to_time
|
|
47
49
|
end
|
|
48
50
|
|
|
49
|
-
return timestamp.utc.
|
|
51
|
+
return (timestamp.utc.to_f * 1000).to_i if conf.timestamp_format == :epochmillis
|
|
52
|
+
return timestamp.utc.strftime('%s%3N') if conf.timestamp_format == :epochmillis_str
|
|
50
53
|
|
|
51
54
|
timestamp.utc.iso8601(3)
|
|
52
55
|
end
|
|
56
|
+
# rubocop:enable Metrics/AbcSize
|
|
53
57
|
|
|
54
|
-
def
|
|
58
|
+
def query_type
|
|
55
59
|
PRIVILEGE_MAP.each do |pattern, name|
|
|
56
|
-
return
|
|
60
|
+
return name if record[:privilege].to_s.start_with?(pattern)
|
|
57
61
|
end
|
|
58
|
-
|
|
62
|
+
'unknown_count'
|
|
59
63
|
end
|
|
60
64
|
|
|
61
65
|
def base
|
|
62
66
|
{
|
|
63
67
|
'timestamp' => timestamp,
|
|
64
|
-
'metric_name' =>
|
|
68
|
+
'metric_name' => 'query_count',
|
|
65
69
|
'metric_value' => 1,
|
|
66
|
-
|
|
67
|
-
|
|
70
|
+
"#{prefix}user" => record[:user],
|
|
71
|
+
"#{prefix}cluster" => record[:cluster],
|
|
72
|
+
"#{prefix}query_type" => query_type
|
|
68
73
|
}
|
|
69
74
|
end
|
|
70
75
|
|
|
@@ -82,7 +87,7 @@ module Fluent
|
|
|
82
87
|
def generate_event_stream
|
|
83
88
|
metric_es = MultiEventStream.new
|
|
84
89
|
indices.each do |indice|
|
|
85
|
-
metric_es.add(time, base.merge(
|
|
90
|
+
metric_es.add(time, base.merge("#{prefix}technical_name" => indice))
|
|
86
91
|
end
|
|
87
92
|
metric_es
|
|
88
93
|
end
|
|
@@ -42,6 +42,7 @@ module Fluent
|
|
|
42
42
|
DEFAULT_R_INDICES_KEY = 'audit_trace_resolved_indices'
|
|
43
43
|
DEFAULT_TIMESTAMP_KEY = '@timestamp'
|
|
44
44
|
DEFAULT_PRIVILEGE_KEY = 'audit_request_privilege'
|
|
45
|
+
DEFAULT_PREFIX = ''
|
|
45
46
|
|
|
46
47
|
# REQUEST PRIVILEGE:
|
|
47
48
|
# cluster:
|
|
@@ -78,8 +79,9 @@ module Fluent
|
|
|
78
79
|
config_param :privilege_key, :string, default: DEFAULT_PRIVILEGE_KEY
|
|
79
80
|
|
|
80
81
|
desc 'Timestamp format'
|
|
81
|
-
config_param :timestamp_format, :enum, list: %i[iso epochmillis], default: :iso
|
|
82
|
-
|
|
82
|
+
config_param :timestamp_format, :enum, list: %i[iso epochmillis epochmillis_str], default: :iso
|
|
83
|
+
desc 'Attribute prefix'
|
|
84
|
+
config_param :prefix, :string, default: DEFAULT_PREFIX
|
|
83
85
|
desc 'Aggregate ILM'
|
|
84
86
|
config_param :aggregate_ilm, :bool, default: true
|
|
85
87
|
|
|
@@ -142,7 +144,8 @@ module Fluent
|
|
|
142
144
|
layer: record[layer_key],
|
|
143
145
|
request_type: record[request_type_key]
|
|
144
146
|
},
|
|
145
|
-
conf: self
|
|
147
|
+
conf: self,
|
|
148
|
+
prefix: prefix
|
|
146
149
|
).generate_event_stream
|
|
147
150
|
end
|
|
148
151
|
# rubocop:enable Metrics/AbcSize
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fluent-plugin-elastic-log
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Thomas Tych
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-06-
|
|
11
|
+
date: 2023-06-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bump
|