fluent-plugin-elasticsearch-timestamp-check 0.2.7 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +5 -5
  2. data/README.md +10 -5
  3. data/fluent-plugin-elasticsearch-timestamp-check.gemspec +1 -1
  4. data/lib/fluent/plugin/filter_elasticsearch_timestamp_check.rb +4 -2
  5. metadata +3 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 507e9c8bcb7590f680c4c72c39b26a86ef9029d3
4
- data.tar.gz: c709c47aa550498ffef8ab50f8493dda0ed154a9
2
+ SHA256:
3
+ metadata.gz: 5b5110d2d7f9ead5fa29dfac4bcfb437c0bc8224beaaef3a4dc0e4b9aea65903
4
+ data.tar.gz: 48969cf63eb856e576ce0d928403b02c369e0e9dd089baace0fb0abd7f3eb376
5
5
  SHA512:
6
- metadata.gz: '082a9b6262d7bdd1d0eff963c4b3d30a4e0983012a802192e5c2b8bd2a50241ac65dd2795890c3a3fdfe760624139fa28e14273142165925bc8f2fce67b95d1b'
7
- data.tar.gz: 02c0c8ce935610f5024f2a39d69670e85ef8474690454f2e5c171a027ce8b6358534662cce83068c039de9d2045ee110430ade8671d47fbf50d47301e94dc4c9
6
+ metadata.gz: 4c5b95db8961d6f0ef563982ff67dae7c6e517767ba5d712010231b7832ecbacef397f0405211ec9cb2062ba3257cdb04b01f6e50438e734f5a2f013bdc40276
7
+ data.tar.gz: fd418940aa39d78be9c40873d04aa9c6cce5feb47dfbe2eef5250ba89d4bf1564dfcd18d24cd37db3ad0f16535fc360e74468d4a4b5d12bb33d31930d9be14b4
data/README.md CHANGED
@@ -19,12 +19,17 @@ elasticsearch.
19
19
  such value is detected, it will be converted to iso8601 format for easier
20
20
  consumption of elasticsearch when dynamic mapping is used.**
21
21
 
22
- * If a field named `timestamp` or `time` or `syslog_timestamp` exists, it will
23
- parse that field and conver it to format '%Y-%m-%dT%H:%M:%S.%L%z' then store it
24
- in `@timestamp` field. In addition, a field `fluent_converted_timestamp`
25
- is added to the object with the same value.
22
+ * By default, it will check whether fields named `timestamp`, `time`, or
23
+ `syslog_timestamp` exists, if so it will parse that field and conver it to
24
+ format '%Y-%m-%dT%H:%M:%S.%L%z' then store it in `@timestamp` field. In
25
+ addition, a field `fluent_converted_timestamp` is added to the object with
26
+ the same value.
26
27
 
27
- * If none of the above field exists, it will insert current time in
28
+ * (>=0.3.0) the list of fields can be overriden by setting the
29
+ `timestamp_fields` parameter. It accepts a list of strings, the default is set
30
+ to: `['@timestamp', 'timestamp', 'time', 'syslog_timestamp']`
31
+
32
+ * If none of the above field exists, it will insert current event time in
28
33
  '%Y-%m-%dT%H:%M:%S.%L%z' format as the `@timestamp` field. A field
29
34
  `fluent_added_timestamp` is added to the object with same value.
30
35
 
data/fluent-plugin-elasticsearch-timestamp-check.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |spec|
2
2
  spec.name = "fluent-plugin-elasticsearch-timestamp-check"
3
- spec.version = "0.2.7"
3
+ spec.version = "0.3.1"
4
4
  spec.authors = ["Richard Li"]
5
5
  spec.email = ["evilcat@wisewolfsolutions.com"]
6
6
  spec.description = %q{fluent filter plugin to ensure @timestamp is in proper format}
data/lib/fluent/plugin/filter_elasticsearch_timestamp_check.rb CHANGED
@@ -7,6 +7,7 @@ module Fluent::Plugin
7
7
  Fluent::Plugin.register_filter('elasticsearch_timestamp_check', self)
8
8
 
9
9
  config_param :subsecond_precision, :integer, default: 3
10
+ config_param :timestamp_fields, :array, default: ['@timestamp', 'timestamp', 'time', 'syslog_timestamp'], value_type: :string
10
11
 
11
12
  def configure(conf)
12
13
  super
@@ -33,7 +34,7 @@ module Fluent::Plugin
33
34
  end
34
35
 
35
36
  def filter(tag, time, record)
36
- %w{@timestamp timestamp time syslog_timestamp}.map do |field|
37
+ @timestamp_fields.map do |field|
37
38
  record[field]
38
39
  end.compact.each do |timestamp|
39
40
  begin
@@ -58,12 +59,13 @@ module Fluent::Plugin
58
59
  $log.debug("Timestamp parsed: #{record['@timestamp']}")
59
60
  break
60
61
  rescue ArgumentError
62
+ $log.debug("#{field} (#{timestamp}) failed to parse, trying next")
61
63
  end
62
64
  end
63
65
 
64
66
  unless record['fluent_converted_timestamp']
65
67
  record['@timestamp'] = record['fluent_added_timestamp'] =
66
- Time.now.strftime(@strftime_format)
68
+ Time.at(time.is_a?(Fluent::EventTime) ? time.to_r : time).strftime(@strftime_format)
67
69
  $log.debug("Timestamp added: #{record['@timestamp']}")
68
70
  end
69
71
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-elasticsearch-timestamp-check
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.7
4
+ version: 0.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Richard Li
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-02-06 00:00:00.000000000 Z
11
+ date: 2022-03-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: fluentd
@@ -107,8 +107,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
107
107
  - !ruby/object:Gem::Version
108
108
  version: '0'
109
109
  requirements: []
110
- rubyforge_project:
111
- rubygems_version: 2.6.14
110
+ rubygems_version: 3.0.3
112
111
  signing_key:
113
112
  specification_version: 4
114
113
  summary: fluent timestamp checker filter