fluent-plugin-newrelic 1.1.5 → 1.1.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e7132fae0051be2d81093419b87196ecc3b2b07047ab40dae17998f0951ab61f
-  data.tar.gz: 86bb2c5967400fc48f8ccbae6fcb392b3900a55565d0f788d91d4dd53c679701
+  metadata.gz: caf9616fa22e2338c4df33d70571d6a18850a17dafe98bb78c1e916aa7339ab5
+  data.tar.gz: a23147d65d03ac2de83765856f3ee84cc2afe26fbe24bc8c7e3c8f028316fb37
 SHA512:
-  metadata.gz: 58b0684282ed9d718483f986f6bdd8d3be52179ceb7c754fd1a5483661d25596f2063592db1c6d7bbc9bb3773aff22fa7e6533f602f220aab5ff7b71b12b4f75
-  data.tar.gz: cba6c35190cc781d3ecc083981faf08e4adac7daf2a3ad7b3afe6c3c47ea0babb012db0bba82fa7e88bb56415342d0894e6492223b5699d630faec546e0df59f
+  metadata.gz: 991cab2d7e3060134f2f31784077d6e409c505a878a2d44a9eb1bf1d6ec8bc79752e3840881b0e7e0cddbb8547d9067bb153f76c650cded1d0c330eb9fc184bf
+  data.tar.gz: 716cb1b8150874ecb42c09bf678baa339d0f7bc65e4ebeb30badd9c31a9258d6a60d31d6376649bbbc64329bdcfc95e3d45fbb9b1bc022ea657940c3c4be9106

data/DEVELOPER.md

@@ -0,0 +1,46 @@
+# Developing the plugin
+
+## Developing
+
+* Install Bundler gem: `gem install bundler`
+* Install dependencies: `bundle install`
+* Write tests and production code!
+* Bump version: edit version file `version.rb`
+* Run tests: `bundle exec rspec`
+* Build the gem: `gem build newrelic-fluentd-output.gemspec`
+
+**NOTE**: Be mindful that if you are using 'match **', that using `log.info` in the plugin can cause an unintended 
+Sorcerer's Apprentice Syndrome issue where exponentially larger copies of log messages are sent until the 
+td-agent is unloaded. To prevent this, use match tags specific to your source (so use `<match tag_from_your_source>`
+instead of `<match **>`), so that your output plugin does not also pick up things that Fluentd logs.
+
+## Testing on MacOS
+
+### Install Fluentd
+* `brew cask install td-agent`
+
+### Configure Fluentd
+* `sudo vi /etc/td-agent/td-agent.conf`
+* Add the following:
+```
+<source>
+  @type tail
+  format none
+  path /usr/local/var/log/test.log
+  tag test
+</source>
+
+<match test>
+  @type newrelic
+  api_key (your-api-key)
+</match>
+```
+
+### Testing plugin
+* Stop Fluentd: `sudo launchctl unload /Library/LaunchDaemons/td-agent.plist`
+* Remove previous version: `sudo /opt/td-agent/usr/sbin/td-agent-gem uninstall fluent-plugin-newrelic`
+* Add new version: `sudo /opt/td-agent/usr/sbin/td-agent-gem install fluent-plugin-newrelic-<version>.gem`
+* Start Fluentd: `sudo launchctl load /Library/LaunchDaemons/td-agent.plist`
+* Make sure things start up OK: `tail -f /var/log/td-agent/td-agent.log`
+* Cause a change that you've configured Fluentd to pick up: (`echo "FluentdTest" >> /usr/local/var/log/test.log`
+* Look in `https://one.newrelic.com/launcher/logger.log-launcher` for your log message ("FluentdTest")

data/README.md

@@ -4,11 +4,17 @@ A [Fluentd](https://fluentd.org/) output plugin that sends logs to New Relic
 
 This project is provided AS-IS WITHOUT WARRANTY OR SUPPORT, although you can report issues and contribute to the project here on GitHub.
 
+## Examples
+
+Please see the [examples](examples/) directory for ways to build a Docker image with the New Relic output plugin and other configuration types
+that could be useful in your environment.
+
 ## Prerequisites
 
 Fluentd >= v1.0
 
 ## Installation
+
 Add the plugin to your fluentd agent:
 
 `fluent-gem install fluent-plugin-newrelic`
@@ -53,6 +59,7 @@ Add one of the following blocks to your Fluentd config file (with your specific
 #### Using Insights Inserts Key
 
 Example using Insights Insert key:
+
 ```rb
 <match **>
   @type newrelic
@@ -64,7 +71,9 @@ Getting your New Relic Insights Insert key:
 `https://insights.newrelic.com/accounts/<ACCOUNT_ID>/manage/api_keys`
 
 #### Using License Key
+
 Example using License key:
+
 ```rb
 <match **>
   @type newrelic

data/examples/Dockerfile

@@ -0,0 +1,5 @@
+FROM fluent/fluentd:v1.9.1-1.0
+
+USER root
+
+RUN fluent-gem install fluent-plugin-newrelic

data/examples/readme.md

@@ -0,0 +1,71 @@
+# Fluentd -> New Relic Examples
+
+## Creating a Docker Image
+
+Using [Fluentd](https://www.fluentd.org/) as an image makes it simple to deploy a quick input logging solution for functions such as [Syslogs](https://docs.fluentd.org/input/syslog), [HTTP](https://docs.fluentd.org/input/http), custom [UDP](https://docs.fluentd.org/input/udp) and [TCP](https://docs.fluentd.org/input/tcp) use cases, [SNMP](https://github.com/iij/fluent-plugin-snmp), along with many other functions. The [Fluentd](https://www.fluentd.org/) team has put together a great [set of documents](https://docs.fluentd.org/container-deployment) to help you get their basic configuration setup. After that, you will want to get your logs flowing into [New Relic Logs](https://docs.newrelic.com/docs/logs/new-relic-logs/get-started/introduction-new-relic-logs) to create alerts and monitor your systems.
+
+If you are able to use the Fluentd image directly, it is really simple build on that image and add the New Relic Fluentd Output Plugin. The below set of steps assumes you have some basic understanding of building a Docker image.
+
+### Docker Image: Steps
+
+#### 1. Create a `Dockerfile`
+
+It doesn't take much to get the New Relic Output Plugin into a docker image. Here is a good example from Docker on how best to create an image, [LINK](https://docs.docker.com/develop/develop-images/dockerfile_best-practices/).
+
+We have an [example Docker file](Dockerfile) in this folder which can be used to get moving quickly.
+
+#### 2. Build the Image
+
+The build process is simple and will register a newly created image in your local Docker repository. If you want to use this image for multiple machines, you will need to publish the image to a location you can access.
+
+```bash
+# Run this command in the same directory as the Docker file or point to its location
+docker build --tag nr-fluent:latest nri-fluentd .
+
+# Run this command to verify the image was created
+docker image ls
+
+REPOSITORY          TAG                 IMAGE ID            CREATED             SIZE
+nr-fluent           latest              70c388b63afc        1 minute ago        44.9MB
+```
+
+#### 3. Run the Docker Image
+
+The next steps assume that you have already created a `fluentd.conf` file with is ready to being monitoring. If you haven't, you must do so before you continue.
+
+In the following example can be used if you are going to run a syslog server on the image.
+
+```bash
+# Notice that the syntax for exposing the UDP port is a bit different
+# In testing, it appeared that trying to map the UDP port to from a different one configured in the Fluentd config file didn't work as expected
+docker run -d --name "syslog" -p 0.0.0.0:5140:5140/udp -p 0.0.0.0:5142:5142/udp -v /etc/fluentd:/fluentd/etc -e FLUENTD_CONF=fluentd.conf nr-fluent:latest
+```
+
+## Configuring a Syslog Server with Fluentd and New Relic Logs
+
+In the below example, we are going to create a `fluentd.conf` which will enable a syslog server. It is a good idea to determine if your syslog server is going
+to connect to this service using UDP or TCP. By default, most syslog servers will likely use UDP. In the below example, I am setting up two syslog listeners for
+Ubiquiti [Edgemax router](https://help.ubnt.com/hc/en-us/articles/204975904-EdgeRouter-Remote-Syslog-Server-for-System-Logs) and the [Unifi Security Gateway and Access points](https://community.ui.com/questions/syslog-server-and-unifi-logs/bbde4318-e73f-4efe-b1b9-ae11319cc1d9).
+
+### Fluentd.Conf: Steps
+
+#### 1. Create a `fluentd.conf` file in a known directory on the host machine
+
+Below, I have chosen `/etc/fluentd/` as my directory.
+
+```bash
+# Make the directory
+sudo mkdir /etc/fluentd
+
+# Edit the file
+sudo nano /etc/fluentd/fluentd.conf
+```
+
+#### 2. Add the contents from the [`syslog\fluentd.conf`](syslog\fluentd.config)
+
+You can find the contents of the [`syslog\fluentd.conf`](syslog\fluentd.config) in the sub folder `syslog`. These contents should provide a quick start to getting started. In the provided
+example, the syslog details are coming from the above mentioned devices. You may need to tweak the configuration according to the server sending the syslog traffic.
+
+#### 3. Check New Relic for New Logs
+
+That is all it should take to get a new stream of logs coming from those devices.

data/examples/syslog/fluentd.config

@@ -0,0 +1,47 @@
+# UNIFI
+<source>
+  @type syslog
+  port 5140
+  bind 0.0.0.0
+  tag unifi
+</source>
+
+<filter unifi.**>
+  @type record_transformer
+  renew_record true
+  enable_ruby true
+  <record>
+    timestamp ${time.to_f}
+    hostname ${record["host"][/(^.*?),/, 1]}
+    service ${tag_prefix[1]}
+    log_level ${tag_suffix[2]}
+    message ${record.to_json}
+  </record>
+</filter>
+
+# EDGE MAX
+<source>
+  @type syslog
+  port 5142
+  bind 0.0.0.0
+  tag edge-max
+</source>
+
+<filter edge-max.**>
+  @type record_transformer
+  renew_record true
+  enable_ruby true
+  <record>
+    timestamp ${time.to_f}
+    hostname ${record["host"]}
+    service ${tag_prefix[1]}
+    log_level ${tag_suffix[2]}
+    message ${record.to_json}
+  </record>
+</filter>
+
+# Send data
+<match **>
+  @type newrelic
+  api_key <CHANGE TO YOUR LICENSE KEY HERE>
+</match>

data/lib/fluent/plugin/out_newrelic.rb

@@ -67,6 +67,9 @@ module Fluent
       end
 
       def package_record(record, timestamp)
+        if defined? timestamp.nsec
+          timestamp = timestamp * 1000 + timestamp.nsec / 1_000_000
+        end
         packaged = {
           'timestamp' => timestamp,
           # non-intrinsic attributes get put into 'attributes'

data/lib/newrelic-fluentd-output/version.rb

@@ -1,3 +1,3 @@
 module NewrelicFluentdOutput
-  VERSION = "1.1.5"
+  VERSION = "1.1.8"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-newrelic
 version: !ruby/object:Gem::Version
-  version: 1.1.5
+  version: 1.1.8
 platform: ruby
 authors:
 - New Relic Logging Team
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2019-10-22 00:00:00.000000000 Z
+date: 2020-03-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fluentd
@@ -103,11 +103,15 @@ extra_rdoc_files: []
 files:
 - ".dockerignore"
 - ".gitignore"
+- DEVELOPER.md
 - Dockerfile
 - Gemfile
 - LICENSE
 - README.md
 - Rakefile
+- examples/Dockerfile
+- examples/readme.md
+- examples/syslog/fluentd.config
 - lib/fluent/plugin/out_newrelic.rb
 - lib/newrelic-fluentd-output/version.rb
 - merge-to-master-pipeline.yml
@@ -132,7 +136,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Sends FluentD events to New Relic