fluent-plugin-lm-logs-gcp 1.0.1 → 1.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/fluent-plugin-lm-logs-gcp.gemspec +1 -1
- data/lib/fluent/plugin/filter_gcplm.rb +20 -8
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 83368f705d0f9f3655f512d02196ccb63a9c4035afd114e55751a304eacc1f4d
|
4
|
+
data.tar.gz: 8e5184a94b67354aeeebb8c37294296f7e138c41a74255511555a6e68e362571
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 375ab329bf7d30d66f26c362c7460e857e290cafdd9714bf6bf7a1ee9539a4286e3d1ddb5fd929ab43d219ead62b1c29e00828ce1cd708baec58b6426c362280
|
7
|
+
data.tar.gz: 811764602d57f8e7c3c20a9e73e451e17e775a1a3adccdf79a58b747e00e4ce5bca46792a7ed1f475af363eb7838013d2ebb5e40641d25dd84da582b3f9f8363
|
@@ -5,7 +5,7 @@
|
|
5
5
|
|
6
6
|
Gem::Specification.new do |spec|
|
7
7
|
spec.name = "fluent-plugin-lm-logs-gcp"
|
8
|
-
spec.version = '1.0.
|
8
|
+
spec.version = '1.0.2'
|
9
9
|
spec.authors = ["LogicMonitor"]
|
10
10
|
spec.email = "rubygems@logicmonitor.com"
|
11
11
|
spec.summary = "LogicMonitor with GCP logs fluentd filter plugin"
|
@@ -23,40 +23,52 @@ module Fluent::Plugin
|
|
23
23
|
|
24
24
|
def filter(tag, time, record)
|
25
25
|
message = String.new
|
26
|
-
|
26
|
+
# The type of service in GCP
|
27
|
+
resourceType = record.dig("resource", "type")
|
27
28
|
resourceMap = Hash.new
|
28
|
-
|
29
|
-
|
29
|
+
# The id of project in GCP
|
30
|
+
project_id = record.dig("resource", "labels", "project_id")
|
31
|
+
# The region where the service is running in GCP
|
32
|
+
region = record.dig("resource", "labels", "region")
|
30
33
|
filteredRecord = Hash.new
|
31
34
|
|
32
35
|
case
|
36
|
+
# Capturing json and text payloads as message field
|
33
37
|
when record['textPayload']
|
34
38
|
message = record['textPayload']
|
35
39
|
when record['jsonPayload']
|
36
40
|
message = record['jsonPayload'].to_json
|
41
|
+
# Capturing the protoPayload when we receive an audit log
|
37
42
|
when record['protoPayload']
|
38
43
|
message = record['protoPayload'].to_json
|
44
|
+
# for cloudRun we have request logs getting logged when a request is made to the service which has the statusCode, request type etc in httprequest field in the log
|
45
|
+
when record['httpRequest'] && resourceType == 'cloud_run_revision'
|
46
|
+
message = record['httpRequest'].to_json
|
39
47
|
else
|
40
48
|
message = nil
|
41
49
|
end
|
42
50
|
|
51
|
+
# Mapping the '_lm.resourceId' to the specific resourceId or resourceName depending on the type of service in GCP
|
43
52
|
case resourceType
|
44
53
|
when 'gce_instance'
|
45
|
-
if (record.dig("resource","labels", "instance_id"))
|
46
|
-
resourceMap = {"system.gcp.resourceid" => record.dig("resource","labels", "instance_id"), "system.cloud.category" => 'GCP/ComputeEngine'}
|
54
|
+
if (record.dig("resource", "labels", "instance_id"))
|
55
|
+
resourceMap = {"system.gcp.resourceid" => record.dig("resource", "labels", "instance_id"), "system.cloud.category" => 'GCP/ComputeEngine'}
|
47
56
|
elsif (record.dig("labels", "compute.googleapis.com/resource_name"))
|
48
57
|
resourceMap = {"system.gcp.resourcename" => record.dig("labels", "compute.googleapis.com/resource_name"), "system.cloud.category" => 'GCP/ComputeEngine'}
|
49
58
|
end
|
50
59
|
when 'cloud_function'
|
51
|
-
resourceMap = {"system.gcp.resourcename" => "projects/" + project_id + "/locations/" + region +"/functions/" + record.dig("resource","labels", "function_name"), "system.cloud.category" => 'GCP/CloudFunction'}
|
60
|
+
resourceMap = {"system.gcp.resourcename" => "projects/" + project_id + "/locations/" + region +"/functions/" + record.dig("resource", "labels", "function_name"), "system.cloud.category" => 'GCP/CloudFunction'}
|
52
61
|
when 'cloudsql_database'
|
53
|
-
resourceMap = {"system.gcp.resourceid" => record.dig("resource","labels", "database_id"), "system.cloud.category" => 'GCP/CloudSQL'}
|
62
|
+
resourceMap = {"system.gcp.resourceid" => record.dig("resource", "labels", "database_id"), "system.cloud.category" => 'GCP/CloudSQL'}
|
63
|
+
when 'cloud_run_revision'
|
64
|
+
resourceMap = {"system.gcp.resourcename" => record.dig("resource", "labels", "service_name"), "system.cloud.category" => 'GCP/CloudRun'}
|
54
65
|
end
|
55
66
|
|
56
|
-
if(record.key?("protoPayload") && record.dig('protoPayload','@type') == "type.googleapis.com/google.cloud.audit.AuditLog")
|
67
|
+
if(record.key?("protoPayload") && record.dig('protoPayload', '@type') == "type.googleapis.com/google.cloud.audit.AuditLog")
|
57
68
|
resourceMap = {"system.gcp.projectId" => project_id, "system.cloud.category" => 'GCP/LMAccount'}
|
58
69
|
end
|
59
70
|
|
71
|
+
# Creating a new record which is further sent to LM
|
60
72
|
filteredRecord['message'] = message
|
61
73
|
filteredRecord['_lm.resourceId'] = resourceMap
|
62
74
|
filteredRecord['timestamp'] = record['timestamp']
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fluent-plugin-lm-logs-gcp
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- LogicMonitor
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-05-
|
11
|
+
date: 2021-05-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: fluentd
|