fluent-plugin-light-core 0.3.3 → 0.3.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +2 -0
  3. data/fluent-plugin-light-core.gemspec +1 -1
  4. data/lib/fluent/plugin/filter_light_core.rb +14 -5
  5. data/sample/README.md +16 -0
  6. data/sample/source.conf +86 -12
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 153a8ac1fcd1f93b50ca3502cac1d2a941f283c707e50b6367f42b8c13e08cf7
4
- data.tar.gz: a27cd131cdec3ecfeddb80d4d154809a6745ca652a229ec6970dad135cf57e1b
3
+ metadata.gz: 0c276f56914554fa43af82f0ce4a8c8e391f77b5f9e8c7d3c645b60b45c6ba77
4
+ data.tar.gz: c039e954174ad34042adf4ed68c9bffbbee2ff99f955deb33ac9cd613e46b10a
5
5
  SHA512:
6
- metadata.gz: 44197cea697e733b50abad6bde8e7e645a2d3c4fee3161de2b131461dadb8bc5076581ec9905975c173bddc5b726ff45bf08dcb9442d7784e208c1c7b5af0f80
7
- data.tar.gz: 961ad750fe2f00b933792e8278822e927942763a64db38515159e44b3ce4145c93d9801a5cf36fb73a9e3b6e07fdc195bbda69b2d3a895c1314860ae1d286363
6
+ metadata.gz: 903b498c54d3ede06a6360211f2eeeff2da5e9d1ed2d1d522136b78b75e39368c9a41e4d6340f6b8565cb0fba364b10f6f43fc0a7e8d74432ce03dfc5439d48a
7
+ data.tar.gz: 50b9f395eeafaa166daa8f95c0b9261d9397a6d61608b42326b2c08b5b2e0b72986a9879978936a87acc2238c4e9e688e577533da5a48883a5a431d266735ba1
data/.gitignore CHANGED
@@ -1,3 +1,5 @@
1
1
  *.log
2
2
  *.pos
3
3
  *.gem
4
+
5
+ audit.json
data/fluent-plugin-light-core.gemspec CHANGED
@@ -3,7 +3,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
3
3
 
4
4
  Gem::Specification.new do |spec|
5
5
  spec.name = "fluent-plugin-light-core"
6
- spec.version = "0.3.3"
6
+ spec.version = "0.3.4"
7
7
  spec.authors = ["LIN LI"]
8
8
  spec.email = ["l.li@alphabets.cn"]
9
9
 
data/lib/fluent/plugin/filter_light_core.rb CHANGED
@@ -76,23 +76,27 @@ module Fluent
76
76
  # 应用
77
77
  if ['app', 'service'].include? tag
78
78
  record = filter_app(tag, time, record)
79
+ return unless record
79
80
  notice('app', record)
80
81
  end
81
82
 
82
83
  # 负载均衡
83
84
  if ['lb'].include? tag
84
85
  record = filter_lb(tag, time, record)
86
+ return unless record
85
87
  notice('lb', record)
86
88
  end
87
89
 
88
- # 数据库 - TODO: 其中mongo为旧tag删除预定
89
- if ['mongo', 'master', 'secondary', 'arbiter'].include? tag
90
+ # 数据库
91
+ if ['master', 'secondary', 'arbiter'].include? tag
90
92
  record = filter_mongo(tag, time, record)
93
+ return unless record
91
94
  notice('mongo', record)
92
95
  end
93
96
 
94
97
  if ['syslog.messages', 'syslog.secure', 'syslog.audit'].include? tag
95
98
  record = filter_syslog(tag, time, record)
99
+ return unless record
96
100
  end
97
101
 
98
102
  record['environment'] = ENV['FLUENTD_ENV']
@@ -241,7 +245,7 @@ module Fluent
241
245
  def filter_mongo(tag, time, record)
242
246
 
243
247
  file = record['file'].split('/').last.split('_')
244
- log = record['log']
248
+ logging = record['log']
245
249
 
246
250
  record['cid'] = file[0]
247
251
  record['cname'] = tag
@@ -252,7 +256,13 @@ module Fluent
252
256
  record.delete('time')
253
257
 
254
258
  # 版本4.4开始,默认日志为json格式
255
- item = JSON.parse(log)
259
+ begin
260
+ item = JSON.parse(logging)
261
+ rescue JSON::ParserError
262
+ log.warn('json parse error : ', logging)
263
+ return nil
264
+ end
265
+
256
266
  record['time'] = item['t']['$date']
257
267
  record['severity'] = item['s']
258
268
  record['component'] = item['c']
@@ -264,7 +274,6 @@ module Fluent
264
274
  if attributes
265
275
  record['querytime'] = attributes['durationMillis']
266
276
  record['collection'] = attributes['ns']
267
- record['command'] = attributes['command']
268
277
  record['reslen'] = attributes['reslen']
269
278
  storage = attributes['storage']
270
279
  if storage
data/sample/README.md CHANGED
@@ -52,14 +52,30 @@ Initialized empty Git repository in /Users/lilin/developer/light/fluent-plugin-l
52
52
  ## 在Linxu上运行
53
53
 
54
54
  - 进入fluentd容器, 安装依赖
55
+ ```
55
56
  $ yum groupinstall 'Development Tools'
56
57
  $ yum install rubygems ruby-devel
58
+ ```
57
59
 
58
60
  - 下载代码, 安装依赖
61
+ ```
59
62
  $ git clone http://git.alphabets.cn/light/fluent-plugin-light-core.git
60
63
  $ cd fluent-plugin-light-core
61
64
  $ gem install bundler:1.17.2
62
65
  $ bundler install
66
+ ```
63
67
 
64
68
  - 运行代码
69
+ ```
65
70
  $ rm -f sample/*.pos && fluentd -c sample/source.conf -p lib/fluent/plugin
71
+ ```
72
+
73
+ ## MySQL数据提取
74
+ ```
75
+ sudo gem install fluent-plugin-sql --no-document
76
+ sudo gem install mysql2 --no-document
77
+ mac下mysql2无法安装 报错
78
+ ld: library not found for -lssl
79
+ 可以用下面的命令
80
+ sudo gem install mysql2 -- --with-opt-dir="$(brew --prefix openssl)"
81
+ ```
data/sample/source.conf CHANGED
@@ -38,18 +38,18 @@
38
38
  # time_format %Y-%m-%dT%H:%M:%S.%NZ
39
39
  # </source>
40
40
 
41
- # <source>
42
- # @type tail
43
- # path sample/db*.log
44
- # pos_file sample/source.mongo.pos
45
- # tag mongo
46
- # format json
47
- # read_from_head true
48
- # path_key file
49
- # time_key time
50
- # keep_time_key true
51
- # time_format %Y-%m-%dT%H:%M:%S.%NZ
52
- # </source>
41
+ <source>
42
+ @type tail
43
+ path sample/db*.log
44
+ pos_file sample/source.master.pos
45
+ tag master
46
+ format json
47
+ read_from_head true
48
+ path_key file
49
+ time_key time
50
+ keep_time_key true
51
+ time_format %Y-%m-%dT%H:%M:%S.%NZ
52
+ </source>
53
53
 
54
54
  # <source>
55
55
  # @type tail
@@ -115,6 +115,58 @@
115
115
  # </parse>
116
116
  # </source>
117
117
 
118
+ # <source>
119
+ # @type tail
120
+ # path sample/mongo/master/audit.json,sample/mongo/secondary/audit.json
121
+ # pos_file sample/mongo/fluentd-mongodb-audit.pos
122
+ # read_from_head true
123
+ # tag mongodb.audit
124
+ # format json
125
+ # path_key file
126
+ # </source>
127
+
128
+ #######################################
129
+ # mysql
130
+ #######################################
131
+ # <source>
132
+ # @type sql
133
+ # host mysql
134
+ # port 53306
135
+ # database jumpserver
136
+ # adapter mysql2
137
+ # username jumpserver
138
+ # password yqk1EkO3eB(j50FR5anXSNT@oXfMil
139
+ # tag_prefix fortress
140
+ # select_interval 60s # optional
141
+ # select_limit 500 # optional
142
+ # state_file /var/log/fluentd-sql-state.pos
143
+
144
+ # <table>
145
+ # table audits_operatelog
146
+ # tag operatelog
147
+ # update_column datetime
148
+ # </table>
149
+
150
+ # <table>
151
+ # table audits_passwordchangelog
152
+ # tag passwordchangelog
153
+ # update_column datetime
154
+ # </table>
155
+
156
+ # <table>
157
+ # table audits_userloginlog
158
+ # tag userloginlog
159
+ # update_column datetime
160
+ # </table>
161
+
162
+ # <table>
163
+ # table terminal_command
164
+ # tag command
165
+ # update_column timestamp
166
+ # </table>
167
+
168
+ # </source>
169
+
118
170
  <filter **>
119
171
  @type light_core
120
172
  sentry true
@@ -140,6 +192,28 @@
140
192
  # </rule>
141
193
  # </match>
142
194
 
195
+ # <match **>
196
+ # @type copy
197
+
198
+ # <store>
199
+ # @type elasticsearch
200
+ # host es-master
201
+ # port 9200
202
+ # logstash_format true
203
+ # logstash_prefix ${tag}
204
+ # <buffer>
205
+ # @type file
206
+ # path sample/fluentd
207
+ # flush_interval 5s
208
+ # flush_thread_count 3 # 收集日志的线程数,太大回占用过多的cpu资源,太小收集日志不及时
209
+ # </buffer>
210
+ # log_es_400_reason true
211
+ # reconnect_on_error true
212
+ # request_timeout 10s
213
+ # suppress_type_name true # 去除 type_name 警告
214
+ # </store>
215
+ # </match>
216
+
143
217
  <match **>
144
218
  @type stdout
145
219
  </match>
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-light-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.3
4
+ version: 0.3.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - LIN LI
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-12-18 00:00:00.000000000 Z
11
+ date: 2022-01-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler