fluent-plugin-elasticsearch-timestamp-check 0.2.8 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 300d28349b60730721bbbde22a67d8ae349a8be2
-  data.tar.gz: '03584e93ac597b15235e92550c926c4b65da8764'
+  metadata.gz: aa6ae137a40c8f3ccb7c51a5206c31b828e567be
+  data.tar.gz: 1afe8d16d24bb3f29203c90c356cd2dc837feac8
 SHA512:
-  metadata.gz: 21d9cb1dd44ba3e63416d3d50939e3d086f3218e11e573b7b9f6458dfe3a4e6bc8aa61dfcbed145cff6da2562d3b3982ea9a5ab0cd8c95a3569aab998ca644af
-  data.tar.gz: de11655ba5c820fb6306e091cf63fd8fdad6b217685f12a4a22f40a039b848fe3f23a71742cccbe3a058efeb3589f9e8b9b0d5f56693684b28087d0b2dc9d7e6
+  metadata.gz: 273868f46777e729b27cd138a31444c8ec0fc5a5d5419a4299839cdd5cc9573b0bb9175b6344c6bc56f08ace5b065dbea72c6945b9b97ec8ca9cc57623394d47
+  data.tar.gz: 87aa129c73519b198c00e139b23a5c2dae7591e61e8c9d98c9550e39525284f7ed465849b731305720c79cef9b88a9e0d4ee02b7c42a26b5bf5d4b2649c7ab81

data/README.md

@@ -19,10 +19,15 @@ elasticsearch.
   such value is detected, it will be converted to iso8601 format for easier
   consumption of elasticsearch when dynamic mapping is used.**
 
-* If a field named `timestamp` or `time` or `syslog_timestamp` exists, it will
-  parse that field and conver it to format '%Y-%m-%dT%H:%M:%S.%L%z' then store it
-  in `@timestamp` field. In addition, a field `fluent_converted_timestamp`
-  is added to the object with the same value.
+* By default, it will check whether fields named `timestamp`, `time`, or
+  `syslog_timestamp` exists, if so it will parse that field and conver it to
+  format '%Y-%m-%dT%H:%M:%S.%L%z' then store it in `@timestamp` field. In
+  addition, a field `fluent_converted_timestamp` is added to the object with
+  the same value.
+
+* (>=0.3.0) the list of fields can be overriden by setting the
+  `timestamp_fields` parameter. It accepts a list of strings, the default is set
+  to: `['@timestamp', 'timestamp', 'time', 'syslog_timestamp']`
 
 * If none of the above field exists, it will insert current event time in
   '%Y-%m-%dT%H:%M:%S.%L%z' format as the `@timestamp` field. A field

data/fluent-plugin-elasticsearch-timestamp-check.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |spec|
   spec.name          = "fluent-plugin-elasticsearch-timestamp-check"
-  spec.version       = "0.2.8"
+  spec.version       = "0.3.0"
   spec.authors       = ["Richard Li"]
   spec.email         = ["evilcat@wisewolfsolutions.com"]
   spec.description   = %q{fluent filter plugin to ensure @timestamp is in proper format}

data/lib/fluent/plugin/filter_elasticsearch_timestamp_check.rb

@@ -7,6 +7,7 @@ module Fluent::Plugin
     Fluent::Plugin.register_filter('elasticsearch_timestamp_check', self)
 
     config_param :subsecond_precision, :integer, default: 3
+    config_param :timestamp_fields, :array, default: ['@timestamp', 'timestamp', 'time', 'syslog_timestamp'], value_type: :string
 
     def configure(conf)
       super
@@ -33,7 +34,7 @@ module Fluent::Plugin
     end
 
     def filter(tag, time, record)
-      %w{@timestamp timestamp time syslog_timestamp}.map do |field|
+      @timestamp_fields.map do |field|
         record[field]
       end.compact.each do |timestamp|
         begin
@@ -58,6 +59,7 @@ module Fluent::Plugin
           $log.debug("Timestamp parsed: #{record['@timestamp']}")
           break
         rescue ArgumentError
+          $log.debug("#{field} (#{timestamp}) failed to parse, trying next")
         end
       end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-elasticsearch-timestamp-check
 version: !ruby/object:Gem::Version
-  version: 0.2.8
+  version: 0.3.0
 platform: ruby
 authors:
 - Richard Li
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-02-22 00:00:00.000000000 Z
+date: 2019-02-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fluentd