fluent-plugin-elb-log 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +14 -6
- data/fluent-plugin-elb-log.gemspec +3 -3
- data/fluent.conf.sample +2 -3
- data/lib/fluent/plugin/in_elb_log.rb +10 -2
- data/test/plugin/in_elb_log.rb +39 -0
- metadata +17 -11
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ef83fe5f1ca41f2f28d7d1d67fae59876fc915200009564db4115e11a97788ed
|
|
4
|
+
data.tar.gz: 8f94bf0325d3ab08838e90b721d676153f56c061be2d311a9f5f5ca1cd86848c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 15ec8f47aa7811c44aa98ea8ad57c97280e3d4899018c555a930f363c3cd5248ff2f33fceabb6071d222d5e1b5799caa18a20bdec1ce24d486ec85cca27407b0
|
|
7
|
+
data.tar.gz: 436c4b85afbbaa887653091b263f224ce5bbfbf8e973a8bfa99b852cc7e0b01d3bea53032bba1b78be627aae1463df5f968873cc399051c88bf6fe79daca7543
|
data/README.md
CHANGED
|
@@ -86,7 +86,7 @@ SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt (If you using amazon linux)
|
|
|
86
86
|
```
|
|
87
87
|
|
|
88
88
|
### json output example
|
|
89
|
-
```
|
|
89
|
+
```json
|
|
90
90
|
{
|
|
91
91
|
"account_id":"123456789012",
|
|
92
92
|
"region":"ap-northeast-1",
|
|
@@ -118,9 +118,17 @@ SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt (If you using amazon linux)
|
|
|
118
118
|
"ssl_cipher":"DHE-RSA-AES128-SHA",
|
|
119
119
|
"ssl_protocol":"TLSv1.2",
|
|
120
120
|
"type":"http",
|
|
121
|
-
"target_group_arn":"arn:aws:elasticloadbalancing:ap-northeast-1:123456789012:targetgroup/lbgrp1/605122a4e4ee9f2d",
|
|
122
|
-
"trace_id":"\"Root=1-xxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx\""
|
|
123
|
-
"
|
|
121
|
+
"target_group_arn": "arn:aws:elasticloadbalancing:ap-northeast-1:123456789012:targetgroup/lbgrp1/605122a4e4ee9f2d",
|
|
122
|
+
"trace_id": "\"Root=1-xxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx\"",
|
|
123
|
+
"domain_name": "-",
|
|
124
|
+
"chosen_cert_arn": "-",
|
|
125
|
+
"matched_rule_priority": "0",
|
|
126
|
+
"request_creation_time": "2099-10-26T06:10:03.050000Z",
|
|
127
|
+
"actions_executed": "forward",
|
|
128
|
+
"redirect_url": "-",
|
|
129
|
+
"error_reason": "-",
|
|
130
|
+
"option1": "\"192.168.0.1:443\"",
|
|
131
|
+
"option2": "\"301\"",
|
|
132
|
+
"option3": null
|
|
124
133
|
}
|
|
125
|
-
```
|
|
126
|
-
|
|
134
|
+
```
|
|
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
|
4
4
|
|
|
5
5
|
Gem::Specification.new do |spec|
|
|
6
6
|
spec.name = "fluent-plugin-elb-log"
|
|
7
|
-
spec.version = "1.
|
|
7
|
+
spec.version = "1.2.0"
|
|
8
8
|
spec.authors = ["shinsaka"]
|
|
9
9
|
spec.email = ["shinx1265@gmail.com"]
|
|
10
10
|
spec.summary = "Amazon ELB log input plugin"
|
|
@@ -17,11 +17,11 @@ Gem::Specification.new do |spec|
|
|
|
17
17
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
|
18
18
|
spec.require_paths = ["lib"]
|
|
19
19
|
|
|
20
|
-
spec.add_dependency "fluentd", "
|
|
20
|
+
spec.add_dependency "fluentd", ">= 0.14.0", "< 2"
|
|
21
21
|
spec.add_dependency "aws-sdk-s3", "~> 1"
|
|
22
22
|
spec.add_dependency "aws-sdk-ec2", "~> 1"
|
|
23
23
|
|
|
24
|
-
spec.add_development_dependency "bundler", "
|
|
24
|
+
spec.add_development_dependency "bundler", ">=1.17"
|
|
25
25
|
spec.add_development_dependency "rake", "~> 12"
|
|
26
26
|
spec.add_development_dependency "test-unit", "~> 3.2"
|
|
27
27
|
spec.add_development_dependency "webmock", "~>3"
|
data/fluent.conf.sample
CHANGED
|
@@ -12,8 +12,7 @@ class Fluent::Plugin::Elb_LogInput < Fluent::Plugin::Input
|
|
|
12
12
|
helpers :timer
|
|
13
13
|
|
|
14
14
|
LOGFILE_REGEXP = /^((?<prefix>.+?)\/|)AWSLogs\/(?<account_id>[0-9]{12})\/elasticloadbalancing\/(?<region>.+?)\/(?<logfile_date>[0-9]{4}\/[0-9]{2}\/[0-9]{2})\/[0-9]{12}_elasticloadbalancing_.+?_(?<logfile_elb_name>[^_]+)_(?<elb_timestamp>[0-9]{8}T[0-9]{4}Z)_(?<elb_ip_address>.+?)_(?<logfile_hash>.+)\.log(.gz)?$/
|
|
15
|
-
ACCESSLOG_REGEXP = /^((?<type>[a-z0-9]+) )?(?<time>\d{4}-\d{2}-\d{2}T\d{2}\:\d{2}\:\d{2}\.\d{6}Z) (?<elb>.+?) (?<client>[^ ]+)\:(?<client_port>.+?) (?<backend>.+?)(\:(?<backend_port>.+?))? (?<request_processing_time>.+?) (?<backend_processing_time>.+?) (?<response_processing_time>.+?) (?<elb_status_code>.+?) (?<backend_status_code>.+?) (?<received_bytes>.+?) (?<sent_bytes>.+?) \"(?<request_method>.+?) (?<request_uri>.+?) (?<request_protocol>.+?)\"(
|
|
16
|
-
|
|
15
|
+
ACCESSLOG_REGEXP = /^((?<type>[a-z0-9]+) )?(?<time>\d{4}-\d{2}-\d{2}T\d{2}\:\d{2}\:\d{2}\.\d{6}Z) (?<elb>.+?) (?<client>[^ ]+)\:(?<client_port>.+?) (?<backend>.+?)(\:(?<backend_port>.+?))? (?<request_processing_time>.+?) (?<backend_processing_time>.+?) (?<response_processing_time>.+?) (?<elb_status_code>.+?) (?<backend_status_code>.+?) (?<received_bytes>.+?) (?<sent_bytes>.+?) \"(?<request_method>.+?) (?<request_uri>.+?) (?<request_protocol>.+?)\"(\s+\"(?<user_agent>.+?)\" (?<ssl_cipher>.+?) (?<ssl_protocol>[^\s]+)( (?<target_group_arn>arn:\S+) (?<trace_id>[^\s]+))?( \"(?<domain_name>.+?)\" \"(?<chosen_cert_arn>.+?)\" (?<matched_rule_priority>.+?) (?<request_creation_time>.+?) \"(?<actions_executed>.+?)\" \"(?<redirect_url>.+?)\" \"(?<error_reason>[^\s]+)\"( |$))?((?<option1>[^\s]+)( |$))?((?<option2>[^\s]+)( |$))?( (?<option3>.*))?)?/
|
|
17
16
|
config_param :access_key_id, :string, default: nil, secret: true
|
|
18
17
|
config_param :secret_access_key, :string, default: nil, secret: true
|
|
19
18
|
config_param :region, :string
|
|
@@ -319,6 +318,15 @@ class Fluent::Plugin::Elb_LogInput < Fluent::Plugin::Input
|
|
|
319
318
|
"type" => item[:type],
|
|
320
319
|
"target_group_arn" => item[:target_group_arn],
|
|
321
320
|
"trace_id" => item[:trace_id],
|
|
321
|
+
"domain_name" => item[:domain_name],
|
|
322
|
+
"chosen_cert_arn" => item[:chosen_cert_arn],
|
|
323
|
+
"matched_rule_priority" => item[:matched_rule_priority],
|
|
324
|
+
"request_creation_time" => item[:request_creation_time],
|
|
325
|
+
"actions_executed" => item[:actions_executed],
|
|
326
|
+
"redirect_url" => item[:redirect_url],
|
|
327
|
+
"error_reason" => item[:error_reason],
|
|
328
|
+
"option1" => item[:option1],
|
|
329
|
+
"option2" => item[:option2],
|
|
322
330
|
"option3" => item[:option3]
|
|
323
331
|
}
|
|
324
332
|
end
|
data/test/plugin/in_elb_log.rb
CHANGED
|
@@ -251,6 +251,45 @@ class Elb_LogInputTest < Test::Unit::TestCase
|
|
|
251
251
|
assert_equal('-', m[:ssl_protocol])
|
|
252
252
|
assert_equal('arn:aws:elasticloadbalancing:us-east-1:123456789123:targetgroup/example-service/1234abcd1234abcd', m[:target_group_arn])
|
|
253
253
|
assert_equal('"Root=1-xxxxxxxx-yyyyyyyyyyyyyyyyyyyzzzzz"', m[:trace_id])
|
|
254
|
+
assert_equal('"-" "-" 3', m[:option3])
|
|
255
|
+
end
|
|
256
|
+
|
|
257
|
+
def test_alb_all_field
|
|
258
|
+
log = 'http 2019-10-26T06:10:03.157333Z app/my-alb/520e61ffffffffff 60.11.22.33:51306 192.168.30.111:443 0.010 0.097 0.001 301 301 414 507 "GET http://www.example.com:80/ HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36" ssl1 ssl2 arn:aws:elasticloadbalancing:ap-northeast-1:123456789012:targetgroup/lbgrp1/605122a4ffffffff "Root=1-123abcde-d03aafc8497211546b64c54c" "domainname" "certarn" 50000 2019-10-26T06:10:03.050000Z "forward" "redirect://url-something.com/" "error_reason" "192.168.30.186:443" "301"'
|
|
259
|
+
m = Fluent::Plugin::Elb_LogInput::ACCESSLOG_REGEXP.match(log)
|
|
260
|
+
assert_equal('http', m[:type])
|
|
261
|
+
assert_equal('2019-10-26T06:10:03.157333Z', m[:time])
|
|
262
|
+
|
|
263
|
+
assert_equal('app/my-alb/520e61ffffffffff', m[:elb])
|
|
264
|
+
assert_equal('60.11.22.33', m[:client])
|
|
265
|
+
assert_equal('51306', m[:client_port])
|
|
266
|
+
assert_equal('192.168.30.111', m[:backend])
|
|
267
|
+
assert_equal('443', m[:backend_port])
|
|
268
|
+
|
|
269
|
+
assert_equal('0.010', m[:request_processing_time])
|
|
270
|
+
assert_equal('0.097', m[:backend_processing_time])
|
|
271
|
+
assert_equal('0.001', m[:response_processing_time])
|
|
272
|
+
assert_equal('301', m[:elb_status_code])
|
|
273
|
+
assert_equal('301', m[:backend_status_code])
|
|
274
|
+
assert_equal('414', m[:received_bytes])
|
|
275
|
+
assert_equal('507', m[:sent_bytes])
|
|
276
|
+
assert_equal('GET', m[:request_method])
|
|
277
|
+
assert_equal('http://www.example.com:80/', m[:request_uri])
|
|
278
|
+
assert_equal('HTTP/1.1', m[:request_protocol])
|
|
279
|
+
assert_equal('Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36', m[:user_agent])
|
|
280
|
+
assert_equal('ssl1', m[:ssl_cipher])
|
|
281
|
+
assert_equal('ssl2', m[:ssl_protocol])
|
|
282
|
+
assert_equal('arn:aws:elasticloadbalancing:ap-northeast-1:123456789012:targetgroup/lbgrp1/605122a4ffffffff', m[:target_group_arn])
|
|
283
|
+
assert_equal('"Root=1-123abcde-d03aafc8497211546b64c54c"', m[:trace_id])
|
|
284
|
+
assert_equal('domainname', m[:domain_name])
|
|
285
|
+
assert_equal('certarn', m[:chosen_cert_arn])
|
|
286
|
+
assert_equal('50000', m[:matched_rule_priority])
|
|
287
|
+
assert_equal('2019-10-26T06:10:03.050000Z', m[:request_creation_time])
|
|
288
|
+
assert_equal('forward', m[:actions_executed])
|
|
289
|
+
assert_equal('redirect://url-something.com/', m[:redirect_url])
|
|
290
|
+
assert_equal('error_reason', m[:error_reason])
|
|
291
|
+
assert_equal('"192.168.30.186:443"', m[:option1])
|
|
292
|
+
assert_equal('"301"', m[:option2])
|
|
254
293
|
assert_equal(nil, m[:option3])
|
|
255
294
|
end
|
|
256
295
|
end
|
metadata
CHANGED
|
@@ -1,29 +1,35 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fluent-plugin-elb-log
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- shinsaka
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-10-
|
|
11
|
+
date: 2019-10-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: fluentd
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- - "
|
|
17
|
+
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
19
|
+
version: 0.14.0
|
|
20
|
+
- - "<"
|
|
21
|
+
- !ruby/object:Gem::Version
|
|
22
|
+
version: '2'
|
|
20
23
|
type: :runtime
|
|
21
24
|
prerelease: false
|
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
26
|
requirements:
|
|
24
|
-
- - "
|
|
27
|
+
- - ">="
|
|
25
28
|
- !ruby/object:Gem::Version
|
|
26
|
-
version:
|
|
29
|
+
version: 0.14.0
|
|
30
|
+
- - "<"
|
|
31
|
+
- !ruby/object:Gem::Version
|
|
32
|
+
version: '2'
|
|
27
33
|
- !ruby/object:Gem::Dependency
|
|
28
34
|
name: aws-sdk-s3
|
|
29
35
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -56,16 +62,16 @@ dependencies:
|
|
|
56
62
|
name: bundler
|
|
57
63
|
requirement: !ruby/object:Gem::Requirement
|
|
58
64
|
requirements:
|
|
59
|
-
- - "
|
|
65
|
+
- - ">="
|
|
60
66
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: '
|
|
67
|
+
version: '1.17'
|
|
62
68
|
type: :development
|
|
63
69
|
prerelease: false
|
|
64
70
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
71
|
requirements:
|
|
66
|
-
- - "
|
|
72
|
+
- - ">="
|
|
67
73
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: '
|
|
74
|
+
version: '1.17'
|
|
69
75
|
- !ruby/object:Gem::Dependency
|
|
70
76
|
name: rake
|
|
71
77
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -159,7 +165,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
159
165
|
- !ruby/object:Gem::Version
|
|
160
166
|
version: '0'
|
|
161
167
|
requirements: []
|
|
162
|
-
rubygems_version: 3.
|
|
168
|
+
rubygems_version: 3.0.6
|
|
163
169
|
signing_key:
|
|
164
170
|
specification_version: 4
|
|
165
171
|
summary: Amazon ELB log input plugin
|