fluent-plugin-elasticsearch 0.1.0

data/.gitignore

@@ -0,0 +1,17 @@
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/Gemfile

@@ -0,0 +1,4 @@
+source :rubygems
+
+# Specify your gem's dependencies in fluent-plugin-elasticsearch.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,22 @@
+Copyright (c) 2012 TODO: Write your name
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,72 @@
+# Fluent::Plugin::Elasticsearch
+
+I wrote this so you can search logs routed through Fluentd.
+
+## Installation
+
+    $ gem install fluent-plugin-elasticsearch
+
+## Usage
+
+In your fluentd configration, use `type elasticsearch`. Additional configuration is optional, default values would look like this:
+
+```
+host localhost
+port 9200
+index_name fluentd
+index_type fluentd
+```
+
+
+**More options:**
+
+```
+logstash_format true # defaults to false
+```
+
+This is meant to make writing data into elasticsearch compatible to what logstash writes. By doing this, one could take advantade of [kibana](http://kibana.org/).
+
+---
+
+```
+include_tag_key true # defaults to false
+tag_key tag # defaults to tag
+```
+
+This will add the fluentd tag in the json record. For instance, if you have a config like this:
+
+```
+<match my.logs>
+  type elasticsearch
+  include_tag_key true
+  tag_key _key
+</match>
+```
+
+The record inserted into elasticsearch would be
+
+```
+{"_key":"my.logs", "name":"Johnny Doeie"}
+```
+
+---
+
+fluentd-plugin-elasticsearch is a buffered output that uses elasticseach's bulk API. So additional buffer configuration would be (with default values):
+
+```
+buffer_type memory
+flush_interval 60
+retry_limit 17
+retry_wait 1.0
+num_threads 1
+```
+
+
+
+## Contributing
+
+1. Fork it
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Commit your changes (`git commit -am 'Add some feature'`)
+4. Push to the branch (`git push origin my-new-feature`)
+5. Create new Pull Request

data/Rakefile

@@ -0,0 +1,11 @@
+require "bundler/gem_tasks"
+require 'rake/testtask'
+
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+task :default => :test
+

data/fluent-plugin-elasticsearch.gemspec

@@ -0,0 +1,22 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+
+Gem::Specification.new do |s|
+  s.name          = "fluent-plugin-elasticsearch"
+  s.version       = '0.1.0'
+  s.authors       = ["diogo"]
+  s.email         = ["team@uken.com"]
+  s.description   = %q{ElasticSearch output plugin for Fluent event collector}
+  s.summary       = s.description
+  s.homepage      = "https://github.com/uken/fluent-plugin-elasticsearch"
+
+  s.files         = `git ls-files`.split($/)
+  s.executables   = s.files.grep(%r{^bin/}).map{ |f| File.basename(f) }
+  s.test_files    = s.files.grep(%r{^(test|spec|features)/})
+  s.require_paths = ["lib"]
+
+  s.add_runtime_dependency "fluentd"
+
+  s.add_development_dependency "rake"
+  s.add_development_dependency "webmock"
+end

data/lib/fluent/plugin/out_elasticsearch.rb

@@ -0,0 +1,62 @@
+# encoding: UTF-8
+require 'net/http'
+require 'date'
+
+class Fluent::ElasticsearchOutput < Fluent::BufferedOutput
+  Fluent::Plugin.register_output('elasticsearch', self)
+
+  config_param :host, :string,  :default => 'localhost'
+  config_param :port, :integer, :default => 9200
+  config_param :logstash_format, :bool, :default => false
+  config_param :type_name, :string, :default => "fluentd"
+  config_param :index_name, :string, :default => "fluentd"
+
+  include Fluent::SetTagKeyMixin
+  config_set_default :include_tag_key, false
+
+  def initialize
+    super
+  end
+
+  def configure(conf)
+    super
+  end
+
+  def start
+    super
+  end
+
+  def format(tag, time, record)
+    [tag, time, record].to_msgpack
+  end
+
+  def shutdown
+    super
+  end
+
+  def write(chunk)
+    bulk_message = []
+
+    chunk.msgpack_each do |tag, time, record|
+      if @logstash_format
+        record.merge!({"@timestamp" => Time.at(time).to_datetime.to_s})
+        target_index = "logstash-#{Time.now.strftime("%Y.%m.%d")}"
+      else
+        target_index = @index_name
+      end
+
+      if @include_tag_key
+        record.merge!(@tag_key => tag)
+      end
+
+      bulk_message << { "index" => {"_index" => target_index, "_type" => type_name} }.to_json
+      bulk_message << record.to_json
+    end
+    bulk_message << ""
+
+    http = Net::HTTP.new(@host, @port.to_i)
+    request = Net::HTTP::Post.new("/_bulk")
+    request.body = bulk_message.join("\n")
+    http.request(request)
+  end
+end

data/test/plugin/test_out_elasticsearch.rb

@@ -0,0 +1,140 @@
+require 'test/unit'
+
+require 'fluent/test'
+require 'fluent/plugin/out_elasticsearch'
+
+require 'webmock/test_unit'
+require 'date'
+
+$:.push File.expand_path("../lib", __FILE__)
+$:.push File.dirname(__FILE__)
+
+WebMock.disable_net_connect!
+
+class ElasticsearchOutput < Test::Unit::TestCase
+  attr_accessor :index_cmds
+
+  def setup
+    Fluent::Test.setup
+    @driver = nil
+  end
+
+  def driver(tag='test', conf='')
+    @driver ||= Fluent::Test::BufferedOutputTestDriver.new(Fluent::ElasticsearchOutput, tag).configure(conf)
+  end
+
+  def sample_record
+    {'age' => 26}
+  end
+
+  def stub_elastic(url="http://localhost:9200/_bulk")
+    stub_request(:post, url).with do |req|
+      @index_cmds = req.body.split("\n").map {|r| JSON.parse(r) }
+    end
+  end
+
+  def test_writes_to_default_index
+    stub_elastic
+    driver.emit(sample_record)
+    driver.run
+    assert_equal('fluentd', index_cmds.first['index']['_index'])
+  end
+
+  def test_writes_to_default_type
+    stub_elastic
+    driver.emit(sample_record)
+    driver.run
+    assert_equal('fluentd', index_cmds.first['index']['_type'])
+  end
+
+  def test_writes_to_speficied_index
+    driver.configure("index_name myindex\n")
+    stub_elastic
+    driver.emit(sample_record)
+    driver.run
+    assert_equal('myindex', index_cmds.first['index']['_index'])
+  end
+
+  def test_writes_to_speficied_type
+    driver.configure("type_name mytype\n")
+    stub_elastic
+    driver.emit(sample_record)
+    driver.run
+    assert_equal('mytype', index_cmds.first['index']['_type'])
+  end
+
+  def test_writes_to_speficied_host
+    driver.configure("host 192.168.33.50\n")
+    elastic_request = stub_elastic("http://192.168.33.50:9200/_bulk")
+    driver.emit(sample_record)
+    driver.run
+    assert_requested(elastic_request)
+  end
+
+  def test_writes_to_speficied_port
+    driver.configure("port 9201\n")
+    elastic_request = stub_elastic("http://localhost:9201/_bulk")
+    driver.emit(sample_record)
+    driver.run
+    assert_requested(elastic_request)
+  end
+
+  def test_makes_bulk_request
+    stub_elastic
+    driver.emit(sample_record)
+    driver.emit(sample_record.merge('age' => 27))
+    driver.run
+    assert_equal(4, index_cmds.count)
+  end
+
+  def test_all_records_are_preserved_in_bulk
+    stub_elastic
+    driver.emit(sample_record)
+    driver.emit(sample_record.merge('age' => 27))
+    driver.run
+    assert_equal(26, index_cmds[1]['age'])
+    assert_equal(27, index_cmds[3]['age'])
+  end
+
+  def test_writes_to_logstash_index
+    driver.configure("logstash_format true\n")
+    logstash_index = "logstash-#{Time.now.strftime("%Y.%m.%d")}"
+    stub_elastic
+    driver.emit(sample_record)
+    driver.run
+    assert_equal(logstash_index, index_cmds.first['index']['_index'])
+  end
+
+  def test_doesnt_add_logstash_timestamp_by_default
+    stub_elastic
+    driver.emit(sample_record)
+    driver.run
+    assert_nil(index_cmds[1]['@timestamp'])
+  end
+
+  def test_adds_logstash_timestamp_when_configured
+    driver.configure("logstash_format true\n")
+    stub_elastic
+    ts = DateTime.now.to_s
+    driver.emit(sample_record)
+    driver.run
+    assert(index_cmds[1].has_key? '@timestamp')
+    assert_equal(index_cmds[1]['@timestamp'], ts)
+  end
+
+  def test_doesnt_add_tag_key_by_default
+    stub_elastic
+    driver.emit(sample_record)
+    driver.run
+    assert_nil(index_cmds[1]['tag'])
+  end
+
+  def test_adds_tag_key_when_configured
+    driver('mytag').configure("include_tag_key true\n")
+    stub_elastic
+    driver.emit(sample_record)
+    driver.run
+    assert(index_cmds[1].has_key?('tag'))
+    assert_equal(index_cmds[1]['tag'], 'mytag')
+  end
+end

metadata

@@ -0,0 +1,110 @@
+--- !ruby/object:Gem::Specification
+name: fluent-plugin-elasticsearch
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+  prerelease: 
+platform: ruby
+authors:
+- diogo
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-02-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: fluentd
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: webmock
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: ElasticSearch output plugin for Fluent event collector
+email:
+- team@uken.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- fluent-plugin-elasticsearch.gemspec
+- lib/fluent/plugin/out_elasticsearch.rb
+- test/helper.rb
+- test/plugin/test_out_elasticsearch.rb
+homepage: https://github.com/uken/fluent-plugin-elasticsearch
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -3051582702752188354
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
+      - 0
+      hash: -3051582702752188354
+requirements: []
+rubyforge_project: 
+rubygems_version: 1.8.23
+signing_key: 
+specification_version: 3
+summary: ElasticSearch output plugin for Fluent event collector
+test_files:
+- test/helper.rb
+- test/plugin/test_out_elasticsearch.rb