fluent-plugin-lm-logs-gcp 1.0.1 → 1.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 86591ed4d747ec9ba44685fc6e9a0e7f193796fe620d8ad90b0e42250350971d
-  data.tar.gz: ad4e8736b8454ea34445c94e0c8739f769429c835f4d3f6767f5cb5ea0bff993
+  metadata.gz: 83368f705d0f9f3655f512d02196ccb63a9c4035afd114e55751a304eacc1f4d
+  data.tar.gz: 8e5184a94b67354aeeebb8c37294296f7e138c41a74255511555a6e68e362571
 SHA512:
-  metadata.gz: 650e1799e6546073994d608187e70babc7c95f4d4da299aa87049d9849a9e045adaca15a75b599090b1f182afe71d22cef66d78e87db328f406c33fbb2c074b3
-  data.tar.gz: 5b194b7f3f691ac9039212a1f5ae06a26e796158397bdcc1404fea719bfe812102561cdbf9a2f75b050bcfb12d7c370a1c075bbd5e17e50dd1b2c0156ddf9cb8
+  metadata.gz: 375ab329bf7d30d66f26c362c7460e857e290cafdd9714bf6bf7a1ee9539a4286e3d1ddb5fd929ab43d219ead62b1c29e00828ce1cd708baec58b6426c362280
+  data.tar.gz: 811764602d57f8e7c3c20a9e73e451e17e775a1a3adccdf79a58b747e00e4ce5bca46792a7ed1f475af363eb7838013d2ebb5e40641d25dd84da582b3f9f8363

data/fluent-plugin-lm-logs-gcp.gemspec

@@ -5,7 +5,7 @@
 
 Gem::Specification.new do |spec|
   spec.name                           = "fluent-plugin-lm-logs-gcp"
-  spec.version                        = '1.0.1'
+  spec.version                        = '1.0.2'
   spec.authors                        = ["LogicMonitor"]
   spec.email                          = "rubygems@logicmonitor.com"
   spec.summary                        = "LogicMonitor with GCP logs fluentd filter plugin"

data/lib/fluent/plugin/filter_gcplm.rb

@@ -23,40 +23,52 @@ module Fluent::Plugin
 
     def filter(tag, time, record)
       message = String.new
-      resourceType = record.dig("resource","type")
+      # The type of service in GCP
+      resourceType = record.dig("resource", "type")
       resourceMap = Hash.new
-      project_id = record.dig("resource","labels", "project_id")
-      region = record.dig("resource","labels", "region")
+      # The id of project in GCP
+      project_id = record.dig("resource", "labels", "project_id")
+      # The region where the service is running in GCP
+      region = record.dig("resource", "labels", "region")
       filteredRecord = Hash.new
 
       case
+      # Capturing json and text payloads as message field
       when record['textPayload']
         message = record['textPayload']
       when record['jsonPayload']
         message = record['jsonPayload'].to_json
+      # Capturing the protoPayload when we receive an audit log
       when record['protoPayload']
         message = record['protoPayload'].to_json
+      # for cloudRun we have request logs getting logged when a request is made to the service which has the statusCode, request type etc in httprequest field in the log
+      when record['httpRequest'] && resourceType == 'cloud_run_revision'
+        message = record['httpRequest'].to_json
       else
         message = nil
       end
 
+      # Mapping the '_lm.resourceId' to the specific resourceId or resourceName depending on the type of service in GCP
       case resourceType
       when 'gce_instance'
-        if (record.dig("resource","labels", "instance_id"))
-            resourceMap = {"system.gcp.resourceid" => record.dig("resource","labels", "instance_id"), "system.cloud.category" => 'GCP/ComputeEngine'}
+        if (record.dig("resource", "labels", "instance_id"))
+            resourceMap = {"system.gcp.resourceid" => record.dig("resource", "labels", "instance_id"), "system.cloud.category" => 'GCP/ComputeEngine'}
         elsif (record.dig("labels", "compute.googleapis.com/resource_name"))
             resourceMap = {"system.gcp.resourcename" => record.dig("labels", "compute.googleapis.com/resource_name"), "system.cloud.category" => 'GCP/ComputeEngine'}
         end
       when 'cloud_function'
-        resourceMap = {"system.gcp.resourcename" => "projects/" + project_id + "/locations/" + region +"/functions/" + record.dig("resource","labels", "function_name"), "system.cloud.category" => 'GCP/CloudFunction'}
+        resourceMap = {"system.gcp.resourcename" => "projects/" + project_id + "/locations/" + region +"/functions/" + record.dig("resource", "labels", "function_name"), "system.cloud.category" => 'GCP/CloudFunction'}
       when 'cloudsql_database'
-        resourceMap = {"system.gcp.resourceid" => record.dig("resource","labels", "database_id"), "system.cloud.category" => 'GCP/CloudSQL'}
+        resourceMap = {"system.gcp.resourceid" => record.dig("resource", "labels", "database_id"), "system.cloud.category" => 'GCP/CloudSQL'}
+      when 'cloud_run_revision'
+        resourceMap = {"system.gcp.resourcename" => record.dig("resource", "labels", "service_name"), "system.cloud.category" => 'GCP/CloudRun'}
       end
 
-      if(record.key?("protoPayload") && record.dig('protoPayload','@type') == "type.googleapis.com/google.cloud.audit.AuditLog")
+      if(record.key?("protoPayload") && record.dig('protoPayload', '@type') == "type.googleapis.com/google.cloud.audit.AuditLog")
         resourceMap = {"system.gcp.projectId" => project_id, "system.cloud.category" => 'GCP/LMAccount'}
       end
 
+      # Creating a new record which is further sent to LM
       filteredRecord['message'] = message
       filteredRecord['_lm.resourceId'] = resourceMap
       filteredRecord['timestamp'] = record['timestamp']

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-lm-logs-gcp
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.2
 platform: ruby
 authors:
 - LogicMonitor
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-05-05 00:00:00.000000000 Z
+date: 2021-05-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fluentd