fluent-plugin-lm-logs-gcp 1.0.3 → 1.0.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +8 -0
- data/fluent-plugin-lm-logs-gcp.gemspec +2 -1
- data/lib/fluent/plugin/filter_gcplm.rb +36 -1
- metadata +17 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 10b17ee7b034c6e827b5213c154e07ac6098f5976ef6614c6b1b6922a156e996
|
|
4
|
+
data.tar.gz: 77a5ff349177a50024a8223ce723603580eaedefed302e30674f94b924def144
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b17a8137c85fab6ce5e7df780fe601428f74697c94578155be2048f93a1fde9c932515635baf6ee0bc26b286c0bfb7c8eeb3668b8b82443e086998d29dce487e
|
|
7
|
+
data.tar.gz: 694caa8636745a60a1630e2d40e5f3f24da5bb7dfae6a9a3c48def7f93c24c7904e0b101e786c8cd25ebd297e4ccd799b46bd22ca37b15c4b362da4d32799e61
|
data/README.md
CHANGED
|
@@ -4,4 +4,12 @@ This filter plugin is provided for mapping the logs coming from GCP pubsub to '_
|
|
|
4
4
|
* Google Cloud Functions
|
|
5
5
|
* Google Cloud SQL
|
|
6
6
|
* Google Audit Logs
|
|
7
|
+
* Google Cloud Composer
|
|
8
|
+
* Google Cloud Run
|
|
7
9
|
|
|
10
|
+
## LogicMonitor properties
|
|
11
|
+
|
|
12
|
+
| Property | Description |
|
|
13
|
+
| --- | --- |
|
|
14
|
+
| `metadata_keys` | Array of keys to be added as metadata. Filter will look for these keys in fluentd record and extract those if exist. in case of nested json, whole sub json would be added. default ` ["severity", "logName", "labels", "resource.type", "resource.labels", "httpRequest"] ` . few keys will be renamed as part of metadata standardization in Logicmonitor : ` {"trace" => "trace_id", "spanId" => "span_id","resource.type" => "_type"}`|
|
|
15
|
+
| `use_default_severity` | When `true`, and log record does not have severity, severity=`DEFAULT` would be added to log. default `false`. |
|
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
|
|
6
6
|
Gem::Specification.new do |spec|
|
|
7
7
|
spec.name = "fluent-plugin-lm-logs-gcp"
|
|
8
|
-
spec.version = '1.0.
|
|
8
|
+
spec.version = '1.0.5'
|
|
9
9
|
spec.authors = ["LogicMonitor"]
|
|
10
10
|
spec.email = "rubygems@logicmonitor.com"
|
|
11
11
|
spec.summary = "LogicMonitor with GCP logs fluentd filter plugin"
|
|
@@ -21,4 +21,5 @@ Gem::Specification.new do |spec|
|
|
|
21
21
|
spec.required_ruby_version = '>= 2.0.0'
|
|
22
22
|
|
|
23
23
|
spec.add_runtime_dependency "fluentd", [">= 1", "< 2"]
|
|
24
|
+
spec.add_development_dependency 'hashdiff', '>= 1.0.0'
|
|
24
25
|
end
|
|
@@ -4,6 +4,12 @@ module Fluent::Plugin
|
|
|
4
4
|
class GCPLMFilter < Filter
|
|
5
5
|
Fluent::Plugin.register_filter('gcplm', self)
|
|
6
6
|
|
|
7
|
+
METADATA_KEYS_TO_RENAME = {"trace" => "trace_id", "spanId" => "span_id","resource.type" => "_type"}.freeze
|
|
8
|
+
STATIC_METADATA = {"_integration" => "gcp"}
|
|
9
|
+
|
|
10
|
+
config_param :metadata_keys, :array, default: ["severity", "logName", "labels", "resource.type", "resource.labels", "httpRequest"], value_type: :string
|
|
11
|
+
config_param :use_default_severity, :bool, default: false
|
|
12
|
+
|
|
7
13
|
def configure(conf)
|
|
8
14
|
super
|
|
9
15
|
# Do the usual configuration here
|
|
@@ -12,6 +18,12 @@ module Fluent::Plugin
|
|
|
12
18
|
# This method is called when starting.
|
|
13
19
|
# Open sockets or files here.
|
|
14
20
|
def start
|
|
21
|
+
@final_metadata_keys = Hash.new
|
|
22
|
+
if @metadata_keys
|
|
23
|
+
@metadata_keys.each do | nested_key |
|
|
24
|
+
@final_metadata_keys[nested_key] = nested_key.to_s.split('.')
|
|
25
|
+
end
|
|
26
|
+
end
|
|
15
27
|
super
|
|
16
28
|
end
|
|
17
29
|
|
|
@@ -67,13 +79,36 @@ module Fluent::Plugin
|
|
|
67
79
|
end
|
|
68
80
|
|
|
69
81
|
if(record.key?("protoPayload") && record.dig('protoPayload', '@type') == "type.googleapis.com/google.cloud.audit.AuditLog")
|
|
70
|
-
resourceMap = {"system.
|
|
82
|
+
resourceMap = {"system.cloud.category" => 'GCP/LMAccount'}
|
|
71
83
|
end
|
|
72
84
|
|
|
85
|
+
|
|
86
|
+
resourceMap['system.gcp.projectId'] = project_id if !resourceMap.empty?
|
|
73
87
|
# Creating a new record which is further sent to LM
|
|
74
88
|
filteredRecord['message'] = message
|
|
75
89
|
filteredRecord['_lm.resourceId'] = resourceMap
|
|
76
90
|
filteredRecord['timestamp'] = record['timestamp']
|
|
91
|
+
|
|
92
|
+
# Add metadata
|
|
93
|
+
if @final_metadata_keys
|
|
94
|
+
@final_metadata_keys.each do | key, value |
|
|
95
|
+
final_key = METADATA_KEYS_TO_RENAME[key] ? METADATA_KEYS_TO_RENAME[key] : key
|
|
96
|
+
nestedVal = record
|
|
97
|
+
value.each { |x| nestedVal = nestedVal[x] }
|
|
98
|
+
if nestedVal != nil
|
|
99
|
+
filteredRecord[final_key] = nestedVal
|
|
100
|
+
end
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
# Add static metadata
|
|
105
|
+
STATIC_METADATA.each { | key, value| filteredRecord[key] = value }
|
|
106
|
+
|
|
107
|
+
# Add default severity if does not exist
|
|
108
|
+
if !filteredRecord["severity"] and @use_default_severity
|
|
109
|
+
filteredRecord["severity"] = "DEFAULT"
|
|
110
|
+
end
|
|
111
|
+
|
|
77
112
|
filteredRecord
|
|
78
113
|
end
|
|
79
114
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fluent-plugin-lm-logs-gcp
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- LogicMonitor
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-06-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: fluentd
|
|
@@ -30,6 +30,20 @@ dependencies:
|
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
32
|
version: '2'
|
|
33
|
+
- !ruby/object:Gem::Dependency
|
|
34
|
+
name: hashdiff
|
|
35
|
+
requirement: !ruby/object:Gem::Requirement
|
|
36
|
+
requirements:
|
|
37
|
+
- - ">="
|
|
38
|
+
- !ruby/object:Gem::Version
|
|
39
|
+
version: 1.0.0
|
|
40
|
+
type: :development
|
|
41
|
+
prerelease: false
|
|
42
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
43
|
+
requirements:
|
|
44
|
+
- - ">="
|
|
45
|
+
- !ruby/object:Gem::Version
|
|
46
|
+
version: 1.0.0
|
|
33
47
|
description: This filter plugin filters fluentd records in gcp to the configured LogicMonitor
|
|
34
48
|
account.
|
|
35
49
|
email: rubygems@logicmonitor.com
|
|
@@ -65,7 +79,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
65
79
|
- !ruby/object:Gem::Version
|
|
66
80
|
version: '0'
|
|
67
81
|
requirements: []
|
|
68
|
-
rubygems_version: 3.
|
|
82
|
+
rubygems_version: 3.4.10
|
|
69
83
|
signing_key:
|
|
70
84
|
specification_version: 4
|
|
71
85
|
summary: LogicMonitor with GCP logs fluentd filter plugin
|