RubyGems - fluent-plugin-ldap-client - Versions diffs - 0.1.0 → 0.1.1 - Mend

fluent-plugin-ldap-client 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/README.md +27 -5
data/lib/fluent/plugin/filter_ldap_enrich.rb +3 -3
data/lib/fluent/plugin/ldap_client/ldap_client.rb +2 -2
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9902fbdbda54619005fea1824cb4a2672cdd4d96976df46b6cda5adac6dbbdb2
-  data.tar.gz: 27341af7bbdbfb47cc6e09393a0c699c7030f906d73ab8c3bc02f5fb3b641245
+  metadata.gz: '02008dd36f192c816c8119fde2a5e538ac6658c2d16d3218fa18a7db15a5b77b'
+  data.tar.gz: bfb8878bb5986b9f2c0f27277790375469fc002a842794552ab1da05aa57c9c2
 SHA512:
-  metadata.gz: 87cc6a4b5ab92f03af2c9800708cc0f12e73a5bbab177b425a98ce1e4993ff3afaf9fcaf977c0bbda0fe1723bfcf4a8fe6becfca082dc919af5ca24f32da1c3a
-  data.tar.gz: 551e6e42443aa50cbf8c1e10b1a6b9efcf2c2ee2e57f5f85aa13866a20f8449c52808a46247f95da38a388da6537496cca0486ca1f7abef97f88cd44992f86b2
+  metadata.gz: 4bf9696b01bd689306df637c1b768135221a849151ef836cab83852a127a918129eb13422eb2e3ff3d5d265b10779a2be66c6304cb5f837a100c292f634597a3
+  data.tar.gz: e4e3b6ecd42aa88b59275cf40098821a0f48bb64a407fd59c55e8695a931a65c724b6451cbcd8fe36bba9e7005e71249d5cec5a33d7b1e5a50a2c268dfebe356

data/README.md CHANGED Viewed

@@ -12,18 +12,40 @@ To do enrichment on events through ldap search.
 Parameters are :
-| parameters | mandatory | default | type | purpose |
-|------------|-----------|---------|------|---------|
-|            |           |         |      |         |
-|            |           |         |      |         |
-|            |           |         |      |         |
+| parameters         | default   | type     | purpose                                                           |
+|--------------------|-----------|----------|-------------------------------------------------------------------|
+| ldap_host          | localhost | string   | ldap hostname                                                     |
+| ldap_port          | 389       | integer  | ldap port                                                         |
+| ldap_encryption    | false     | bool     | use tls                                                           |
+| ldap_base_dn       | ''        | string   | ldap base DN for query                                            |
+| ldap_username      | nil       | string   | username for ldap bind                                            |
+| ldap_password      | nil       | string   | password for ldap bind                                            |
+| ldap_ca_cert       | nil       | string   | path of CA cert for ldap connection                               |
+| ldap_query         | nil       | string   | query that will be interpolated against record, then sent to ldap |
+| ldap_attributes    | {}        | hash     | mapping of ldap attributes to inject in record                    |
+| enable_cache       | true      | bool     | enable cache to reduce query to ldap                              |
+| cache_size         | 1000      | interger | cache size in number of entries                                   |
+| cache_ttl_positive | 24 * 3600 | integer  | ttl of positive entries (not nil) in seconds                      |
+| cache_ttl_negative | 3600      | integer  | ttl of negative entries (nil) in seconds                          |
 ### examples
 ``` text
+<filter test>
+  @type ldap_enrich
+  ldap_base_dn "dc=test"
+  ldap_query "(uid=%{user})"
+  ldap_attributes uid:user_uid,mail:user_mail
+  cache_enable true
+</filter>
 ```
+* use "dc=test" as ldap search base DN
+* ldap_query will be interpolated, with %{user} replaced by record['user'], then send the query to ldap
+* ldap_attributes will inject uid attributes as user_uid in record, will inject mail attributes as user_mail in record
 ## Installation
 Manual install, by executing:

data/lib/fluent/plugin/filter_ldap_enrich.rb CHANGED Viewed

@@ -49,8 +49,8 @@ module Fluent
       desc 'ldap password'
       config_param :ldap_password, :string, default: DEFAULT_LDAP_PASSWORD, secret: true
-      desc 'CA cert'
-      config_param :ca_cert, :string, default: nil
+      desc 'ldap CA cert'
+      config_param :ldap_ca_cert, :string, default: nil
       DEFAULT_LDAP_ATTRIBUTES = {}.freeze
@@ -92,7 +92,7 @@ module Fluent
           username: ldap_username,
           password: ldap_password,
           encryption: ldap_encryption,
-          ca_cert: ca_cert,
+          ca_cert: ldap_ca_cert,
           log: log
         )

data/lib/fluent/plugin/ldap_client/ldap_client.rb CHANGED Viewed

@@ -54,7 +54,7 @@ module Fluent
           return unless encryption
           { method: :simple_tls,
-            tls_options: { ca_file: ca_file } }
+            tls_options: { ca_file: ca_cert } }
         end
         def search_query(query)
@@ -69,7 +69,7 @@ module Fluent
         def search_filter(filter)
           result = ldap.search(base: base_dn, filter: filter)
-          log&.debug "LDAP Client: No LDAP results for query \"#{query}\"" if result.nil? || result.empty?
+          log&.debug "LDAP Client: No LDAP results for filter \"#{filter}\"" if result.nil? || result.empty?
           result&.first&.to_h
         rescue StandardError => e

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-ldap-client
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Thomas Tych
 bindir: bin
 cert_chain: []
-date: 2025-03-21 00:00:00.000000000 Z
+date: 2025-03-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bump