fluent-plugin-lm-logs-gcp 1.0.1 → 1.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/fluent-plugin-lm-logs-gcp.gemspec +1 -1
  3. data/lib/fluent/plugin/filter_gcplm.rb +20 -8
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 86591ed4d747ec9ba44685fc6e9a0e7f193796fe620d8ad90b0e42250350971d
4
- data.tar.gz: ad4e8736b8454ea34445c94e0c8739f769429c835f4d3f6767f5cb5ea0bff993
3
+ metadata.gz: 83368f705d0f9f3655f512d02196ccb63a9c4035afd114e55751a304eacc1f4d
4
+ data.tar.gz: 8e5184a94b67354aeeebb8c37294296f7e138c41a74255511555a6e68e362571
5
5
  SHA512:
6
- metadata.gz: 650e1799e6546073994d608187e70babc7c95f4d4da299aa87049d9849a9e045adaca15a75b599090b1f182afe71d22cef66d78e87db328f406c33fbb2c074b3
7
- data.tar.gz: 5b194b7f3f691ac9039212a1f5ae06a26e796158397bdcc1404fea719bfe812102561cdbf9a2f75b050bcfb12d7c370a1c075bbd5e17e50dd1b2c0156ddf9cb8
6
+ metadata.gz: 375ab329bf7d30d66f26c362c7460e857e290cafdd9714bf6bf7a1ee9539a4286e3d1ddb5fd929ab43d219ead62b1c29e00828ce1cd708baec58b6426c362280
7
+ data.tar.gz: 811764602d57f8e7c3c20a9e73e451e17e775a1a3adccdf79a58b747e00e4ce5bca46792a7ed1f475af363eb7838013d2ebb5e40641d25dd84da582b3f9f8363
data/fluent-plugin-lm-logs-gcp.gemspec CHANGED
@@ -5,7 +5,7 @@
5
5
 
6
6
  Gem::Specification.new do |spec|
7
7
  spec.name = "fluent-plugin-lm-logs-gcp"
8
- spec.version = '1.0.1'
8
+ spec.version = '1.0.2'
9
9
  spec.authors = ["LogicMonitor"]
10
10
  spec.email = "rubygems@logicmonitor.com"
11
11
  spec.summary = "LogicMonitor with GCP logs fluentd filter plugin"
data/lib/fluent/plugin/filter_gcplm.rb CHANGED
@@ -23,40 +23,52 @@ module Fluent::Plugin
23
23
 
24
24
  def filter(tag, time, record)
25
25
  message = String.new
26
- resourceType = record.dig("resource","type")
26
+ # The type of service in GCP
27
+ resourceType = record.dig("resource", "type")
27
28
  resourceMap = Hash.new
28
- project_id = record.dig("resource","labels", "project_id")
29
- region = record.dig("resource","labels", "region")
29
+ # The id of project in GCP
30
+ project_id = record.dig("resource", "labels", "project_id")
31
+ # The region where the service is running in GCP
32
+ region = record.dig("resource", "labels", "region")
30
33
  filteredRecord = Hash.new
31
34
 
32
35
  case
36
+ # Capturing json and text payloads as message field
33
37
  when record['textPayload']
34
38
  message = record['textPayload']
35
39
  when record['jsonPayload']
36
40
  message = record['jsonPayload'].to_json
41
+ # Capturing the protoPayload when we receive an audit log
37
42
  when record['protoPayload']
38
43
  message = record['protoPayload'].to_json
44
+ # for cloudRun we have request logs getting logged when a request is made to the service which has the statusCode, request type etc in httprequest field in the log
45
+ when record['httpRequest'] && resourceType == 'cloud_run_revision'
46
+ message = record['httpRequest'].to_json
39
47
  else
40
48
  message = nil
41
49
  end
42
50
 
51
+ # Mapping the '_lm.resourceId' to the specific resourceId or resourceName depending on the type of service in GCP
43
52
  case resourceType
44
53
  when 'gce_instance'
45
- if (record.dig("resource","labels", "instance_id"))
46
- resourceMap = {"system.gcp.resourceid" => record.dig("resource","labels", "instance_id"), "system.cloud.category" => 'GCP/ComputeEngine'}
54
+ if (record.dig("resource", "labels", "instance_id"))
55
+ resourceMap = {"system.gcp.resourceid" => record.dig("resource", "labels", "instance_id"), "system.cloud.category" => 'GCP/ComputeEngine'}
47
56
  elsif (record.dig("labels", "compute.googleapis.com/resource_name"))
48
57
  resourceMap = {"system.gcp.resourcename" => record.dig("labels", "compute.googleapis.com/resource_name"), "system.cloud.category" => 'GCP/ComputeEngine'}
49
58
  end
50
59
  when 'cloud_function'
51
- resourceMap = {"system.gcp.resourcename" => "projects/" + project_id + "/locations/" + region +"/functions/" + record.dig("resource","labels", "function_name"), "system.cloud.category" => 'GCP/CloudFunction'}
60
+ resourceMap = {"system.gcp.resourcename" => "projects/" + project_id + "/locations/" + region +"/functions/" + record.dig("resource", "labels", "function_name"), "system.cloud.category" => 'GCP/CloudFunction'}
52
61
  when 'cloudsql_database'
53
- resourceMap = {"system.gcp.resourceid" => record.dig("resource","labels", "database_id"), "system.cloud.category" => 'GCP/CloudSQL'}
62
+ resourceMap = {"system.gcp.resourceid" => record.dig("resource", "labels", "database_id"), "system.cloud.category" => 'GCP/CloudSQL'}
63
+ when 'cloud_run_revision'
64
+ resourceMap = {"system.gcp.resourcename" => record.dig("resource", "labels", "service_name"), "system.cloud.category" => 'GCP/CloudRun'}
54
65
  end
55
66
 
56
- if(record.key?("protoPayload") && record.dig('protoPayload','@type') == "type.googleapis.com/google.cloud.audit.AuditLog")
67
+ if(record.key?("protoPayload") && record.dig('protoPayload', '@type') == "type.googleapis.com/google.cloud.audit.AuditLog")
57
68
  resourceMap = {"system.gcp.projectId" => project_id, "system.cloud.category" => 'GCP/LMAccount'}
58
69
  end
59
70
 
71
+ # Creating a new record which is further sent to LM
60
72
  filteredRecord['message'] = message
61
73
  filteredRecord['_lm.resourceId'] = resourceMap
62
74
  filteredRecord['timestamp'] = record['timestamp']
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-lm-logs-gcp
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.1
4
+ version: 1.0.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - LogicMonitor
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-05 00:00:00.000000000 Z
11
+ date: 2021-05-10 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: fluentd