fluent-plugin-nsca 0.0.3 → 0.0.4

data/README.md

@@ -8,7 +8,7 @@ The plugin sends a service check to the NSCA server for each record.
 
 ## Configuration
 
-### Examples
+### Example configuration
 
 ```apache
 <match ddos>
@@ -27,8 +27,8 @@ The plugin sends a service check to the NSCA server for each record.
   ## The service is "ddos_detection"
   service_description ddos_detection
 
-  ## The return code is read from the field "severity"
-  return_code_field severity
+  ## The return code is read from the field "level"
+  return_code_field level
 
   ## The plugin output is not specified;
   ## hence the plugin sends the JSON notation of the record.
@@ -41,16 +41,16 @@ The plugin sends a service check to the NSCA server for each record.
 The type of this plugin is `nsca`.
 Specify `type nsca` in the `match` section.
 
-### Connection
+### Connection setting
 
 * `server` (default is "localhost")
   * The IP address or the hostname of the host running the NSCA daemon.
-* `port` (default i 5667)
+* `port` (default is 5667)
   * The port on which the NSCA daemon is running.
-* `password` (default is empty string)
+* `password` (default is an empty string)
   * The password for authentication and encryption.
 
-### Payload
+### Check payload
 
 A service check for the NSCA server
 comprises the following four fields.
@@ -59,15 +59,18 @@ comprises the following four fields.
   * The name of the monitored host.
   * The corresponding property in the Nagios configuration is
     `host_name` property in a `host` definition.
+  * Limited to the maximum 64 bytes.
 * Service description
   * The name of the monitored service.
   * The corresponding property in the Nagios configuration is
     `service_description` property in a `service` definition.
+  * Limited to the maximum 128 bytes.
 * Return code
-  * The severity of the service status.
+  * The severity level of the service status.
   * 0 (OK), 1 (WARNING), 2 (CRITICAL) or 3 (UNKNOWN).
 * Plugin output
   * A description of the service status.
+  * Limited to the maximum 512 bytes.
 
 The destination of checks
 are identified by the pair of the host name and the service description.
@@ -76,13 +79,17 @@ are identified by the pair of the host name and the service description.
 
 The host name is determined as below.
 
-1. The host name of the fluentd server (lowest priority)
-2. `host_name` option
-3. The field specified by `host_name_field` option (highest priority)
+1. The field specified by `host_name_field` option,
+   if present (highest priority)
+  * If the value exceeds the maximum 64 bytes, it will be truncated.
+2. or `host_name` option, if present
+  * If the value exceeds the maximum 64 bytes, it causes a config error.
+3. or the host name of the fluentd server (lowest priority)
+  * If the value exceeds the maximum 64 bytes, it causes a config error.
 
 For example,
-let the fluentd server have the host name "fluent",
-and the configuration file contain the section below:
+assume that the fluentd server has the host name "fluent",
+and the configuration file contains the section below:
 
 ```apache
 <match ddos>
@@ -100,18 +107,20 @@ When the record `{"num" => 42}` is input to the tag `ddos`,
 the plugin sends a service check with the host name "fluent"
 (the host name of the fluentd server).
 
-Be aware that if the host name exceeds 64 bytes, it will be truncated.
-
 #### Service description
 
 The service description is determined as below.
 
-1. The tag name (lowest priority)
-2. `service_description` option
-3. The field specified by `service_description_field` option (highest priority)
+1. The field specified by `service_description_field` option,
+   if present (highest priority)
+  * If the value exceeds the maximum 128 bytes, it will be truncated.
+2. or `service_description` option, if present
+  * If the value exceeds the maximum 128 bytes, it causes a config error.
+3. or the tag name (lowest priority)
+  * If the value exceeds the maximum 128 bytes, it will be truncated.
 
 For example,
-let the configuration file contain the section below:
+assume that the configuration file contains the section below:
 
 ```apache
 <match ddos>
@@ -132,54 +141,59 @@ When the record
 the plugin sends a service check with the service description
 "ddos" (the tag name).
 
-Be aware that if the service description exceeds 128 bytes,
-it will be truncated.
-
 #### Return code
 
 The return code is determined as below.
 
-1. 3 or UNKNOWN (lowest priority)
-2. `return_code` option
-  * The permitted values are `0`, `1`, `2`, `3`,
-    and `OK`, `WARNING`, `CRITICAL`, `UNKNOWN`.
-3. The field specified by `return_code_field` option (highest priority)
+1. The field specified by `return_code_field` option,
+   if present (highest priority)
   * The values permitted for the field are integers `0`, `1`, `2`, `3`
     and strings `"0"`, `"1"`, `"2"`, `"3"`,
     `"OK"`, `"WARNING"`, `"CRITICAL"`, `"UNKNOWN"`.
   * If the field contains a value not permitted,
-    the plugin falls back to `return_code` if present, or to 3 (UNKNOWN).
+    the plugin falls back to `return_code` option if present,
+    or to `3` (UNKNOWN).
+2. or `return_code` option, if present
+  * The permitted values are `0`, `1`, `2`, `3`,
+    and `OK`, `WARNING`, `CRITICAL`, `UNKNOWN`.
+  * If the value is invalid, it causes a config error.
+3. or `3`, which means UNKNOWN (lowest priority)
 
 For example,
-let the configuration file contain the section below:
+assume that the configuration file contains the section below:
 
 ```apache
 <match ddos>
   type nsca
   ...snip...
-  return_code_field retcode
+  return_code_field level
 </match>
 ```
 
 When the record
-`{"num" => 42, "retcode" => "WARNING"}` is input to the tag `ddos`,
+`{"num" => 42, "level" => "WARNING"}` is input to the tag `ddos`,
 the plugin sends a service check with the return code `1`,
 which means WARNING.
 
 When the record
 `{"num" => 42}` is input to the tag `ddos`,
-the plugin sends a service check with the default return code `3`.
+the plugin sends a service check with the default return code `3`,
+which means UNKNOWN.
 
 #### Plugin output
 
 The plugin output is determined as below.
 
-1. JSON notation of the record (lowest priority)
-2. `plugin_output` option
-3. The field specified by `plugin_output_field` option (highest priority)
+1. The field specified by `plugin_output_field` option,
+   if present (highest priority)
+  * If the value exceeds the maximum 512 bytes, it will be truncated.
+2. or `plugin_output` option
+  * If the value exceeds the maximum 512 bytes, it causes a config error.
+3. or JSON notation of the record (lowest priority)
+  * If the value exceeds the maximum 512 bytes, it will be truncated.
 
 For example,
-let the configuration file contain the section below:
+assume that the configuration file contains the section below:
 
 ```apache
 <match ddos>
@@ -197,13 +211,11 @@ When the record
 `{"num" => 42}` is input to the tag `ddos`,
 the plugin sends a service check with the plugin output '{"num":42}'.
 
-Be aware that if the plugin output exceeds 512 bytes,
-it will be truncated.
-
 ### Buffering
 
 The default value of `flush_interval` option is set to 1 second.
-It means that checks are sent for every 1 second.
+It means that service checks are delayed at most 1 second
+before being sent.
 
 Except for `flush_interval`,
 the plugin uses default options
@@ -223,6 +235,113 @@ For example:
 </match>
 ```
 
+## Use case: "too many server errors" alert
+
+### Situation
+
+You have
+
+* "web" server (192.168.42.123) which runs Apache HTTP Server and Fluentd, and
+* "monitor" server (192.168.42.210) which runs Nagios and NSCA.
+
+You want to be notified when Apache responds too many server errors,
+for example 5 errors per minute as WARNING,
+and 50 errors per minute as CRITICAL.
+
+### Nagios configuration on "monitor" server
+
+Create web.cfg file shown as below,
+under the Nagios configuration direcotry.
+
+```
+# File: web.cfg
+
+# "web" server definition
+define host {
+  use generic-host
+  host_name web
+  alias web
+  address 192.168.42.123
+}
+
+# Server errors service definition
+define service {
+  use generic-service
+  name server_errors
+  active_checks_enabled 0
+  passive_checks_enabled 1
+  flap_detection_enabled 0
+  max_check_attempts 1
+  check_command check_dummy!0
+}
+
+# Delete this section if check_dummy command is defined elsewhere
+define command {
+  command_name check_dummy
+  command_line $USER1$/check_dummy $ARG1$
+}
+```
+
+### Fluentd configuration on "web" server
+
+This setting utilizes [fluent-plugin-datacounter](
+https://github.com/tagomoris/fluent-plugin-datacounter),
+[fluent-plugin-record-reformer](
+https://github.com/sonots/fluent-plugin-record-reformer),
+and of course `fluent-plugin-nsca`.
+So, first of all, install those gems.
+
+Next, add these lines to the Fluentd configuration file.
+
+```apache
+# Parse Apache access log
+<source>
+  type tail
+  tag access
+  format apache2
+
+  # The paths vary by setup
+  path /var/log/httpd/access_log
+  pos_file /var/log/fluentd/httpd-access_log.pos
+</source>
+
+# Count 5xx errors per minute
+<match access>
+  type datacounter
+  tag count.access
+  unit minute
+  aggregate all
+  count_key code
+  pattern1 error ^5\d\d$
+</match>
+
+# Calculate the severity level
+<match count.access>
+  type record_reformer
+  tag server_errors
+  enable_ruby true
+  <record>
+    level ${error_count < 5 ? 'OK' : error_count < 50 ? 'WARNING' : 'CRITICAL'}
+  </record>
+</match>
+
+# Send checks to NSCA
+<match server_errors>
+  type nsca
+  server 192.168.42.210
+  port 5667
+  # Empty password!
+
+  host_name web
+  service_description server_errors
+  return_code_field level
+</match>
+```
+
+You can use `record_transformer` filter
+instead of `fluent-plugin-record-reformer`
+on Fluentd 0.12.0 and above.
+
 ## Installation
 
 1. Install fluent-plugin-nsca gem from rubygems.org.
@@ -230,6 +349,13 @@ For example:
 
 ## Contributing
 
+Create an [issue](https://github.com/miyakawataku/fluent-plugin-nsca/issues).
+
+Or ask questions on Twitter to
+[@miyakawa\_taku](https://twitter.com/miyakawa_taku).
+
+Or submit a pull request as follows:
+
 1. Fork it
 2. Create your feature branch (`git checkout -b my-new-feature`)
 3. Commit your changes (`git commit -am 'Add some feature'`)

data/fluent-plugin-nsca.gemspec

@@ -5,12 +5,13 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 
 Gem::Specification.new do |spec|
   spec.name          = "fluent-plugin-nsca"
-  spec.version       = '0.0.3'
+  spec.version       = '0.0.4'
   spec.authors       = ["MIYAKAWA Taku"]
   spec.email         = ["miyakawa.taku@gmail.com"]
-  spec.description   = %q{Fluentd output plugin to send service checks to a Nagios NSCA daemon}
-  spec.summary       = %q{Fluentd output plugin to send service checks to a Nagios NSCA daemon}
-  spec.homepage      = "https://github.com/miyakawataku/fluent-plugin-nsca/"
+  spec.description   = 'Fluentd output plugin to send service checks' +
+	  ' to an NSCA / Nagios monitoring server'
+  spec.summary       = spec.description
+  spec.homepage      = "https://github.com/miyakawataku/fluent-plugin-nsca"
   spec.license       = "Apache License, v2.0"
 
   spec.files         = `git ls-files`.split($/)

data/lib/fluent/plugin/out_nsca.rb

@@ -2,14 +2,61 @@
 # vim: et sw=2 sts=2
 
 module Fluent
+
+  # Fluentd output plugin to send service checks
+  # to an NSCA / Nagios monitoring servers.
   class NscaOutput < Fluent::BufferedOutput
     Fluent::Plugin.register_output('nsca', self)
 
-    # These max bytes are specified in the pack string in send_nsca library
+    #
+    # Maximum bytes specified in the pack string in send_nsca library
+    #
+
+    # The maximum bytes for host names.
     MAX_HOST_NAME_BYTES = 64
+
+    # The maximum bytes for service descriptions.
     MAX_SERVICE_DESCRIPTION_BYTES = 128
+
+    # The maximum bytes for plugin outputs.
     MAX_PLUGIN_OUTPUT_BYTES = 512
 
+    #
+    # Return codes
+    #
+
+    # OK return code (0).
+    OK = 0
+
+    # WARNING return code (1).
+    WARNING = 1
+
+    # CRITICAL return code (2).
+    CRITICAL = 2
+
+    # UNKNOWN return code (3).
+    UNKNOWN = 3
+
+    # Mapping from the permitted return code representations
+    # to the normalized return codes.
+    VALID_RETURN_CODES = {
+      # OK
+      OK => OK, OK.to_s => OK, 'OK' => OK,
+
+      # WARNING
+      WARNING => WARNING, WARNING.to_s => WARNING, 'WARNING' => WARNING,
+
+      # CRITICAL
+      CRITICAL => CRITICAL, CRITICAL.to_s => CRITICAL, 'CRITICAL' => CRITICAL,
+
+      # UNKNOWN
+      UNKNOWN => UNKNOWN, UNKNOWN.to_s => UNKNOWN, 'UNKNOWN' => UNKNOWN
+    }
+
+    #
+    # Config parameters
+    #
+
     # The IP address or the hostname of the host running the NSCA daemon.
     config_param :server, :string, :default => 'localhost'
 
@@ -19,86 +66,85 @@ module Fluent
     # The password for authentication and encryption.
     config_param :password, :string, :default => ''
 
-    # Host name options: default = the host name of the fluentd server
+    # Host name options: default = the host name of the fluentd server.
     config_param :host_name, :string, :default => nil
     config_param :host_name_field, :string, :default => nil
 
-    # Service description options: default=tag
+    # Service description options: default=tag.
     config_param :service_description, :string, :default => nil
     config_param :service_description_field, :string, :default => nil
 
-    # Return code options: default=3 (UNKNOWN)
+    # Return code options: default=UNKNOWN.
     config_param :return_code_field, :string, :default => nil
-    config_param(:return_code, :default => 3) { |return_code|
-      if not @@valid_return_codes.has_key?(return_code)
+    config_param(:return_code, :default => UNKNOWN) { |return_code|
+      if not VALID_RETURN_CODES.has_key?(return_code)
           raise Fluent::ConfigError,
             "invalid 'return_code': #{return_code}; 'return_code' must be" +
             " 0, 1, 2, 3, OK, WARNING, CRITICAL, or UNKNOWN"
       end
-      @@valid_return_codes[return_code]
-    }
-    @@valid_return_codes = {
-      0 => 0, 1 => 1, 2 => 2, 3 => 3,
-      '0' => 0, '1' => 1, '2' => 2, '3' => 3,
-      'OK' => 0, 'WARNING' => 1, 'CRITICAL' => 2, 'UNKNOWN' => 3
+      VALID_RETURN_CODES[return_code]
     }
 
-    # Plugin output options: default = JSON notation of the record
+    # Plugin output options: default = JSON notation of the record.
     config_param :plugin_output, :string, :default => nil
     config_param :plugin_output_field, :string, :default => nil
 
-    # Overrides a buffering option
+    # Overrides a buffering option.
     config_param :flush_interval, :time, :default => 1
 
+    # Load SendNsca module.
     private
     def initialize
       super
+      require 'socket'
       require 'send_nsca'
     end
 
+    # Read and validate the configuration.
     public
     def configure(conf)
       super
       @host_name ||= Socket.gethostname
-      warn_if_host_name_exceeds_max_bytes(@host_name)
-      warn_if_service_description_exceeds_max_bytes(@service_description)
-      warn_if_plugin_output_exceeds_max_bytes(@plugin_output)
+      reject_host_name_option_exceeding_max_bytes
+      reject_service_description_option_exceeding_max_bytes
+      reject_plugin_output_option_exceeding_max_bytes
     end
 
+    # Reject host_name option exceeding the max bytes.
     private
-    def warn_if_host_name_exceeds_max_bytes(host_name)
-      if host_name.bytesize > MAX_HOST_NAME_BYTES
-        log.warn("Host name exceeds the max bytes; it will be truncated",
-                 :max_host_name_bytes => MAX_HOST_NAME_BYTES,
-                 :host_name => host_name)
+    def reject_host_name_option_exceeding_max_bytes
+      if host_name_exceeds_max_bytes?(@host_name)
+        raise ConfigError,
+          "host_name must not exceed #{MAX_HOST_NAME_BYTES} bytes"
       end
     end
 
+    # Reject service_description option exceeding the max bytes.
     private
-    def warn_if_service_description_exceeds_max_bytes(service_description)
-      if service_description and
-        service_description.bytesize > MAX_SERVICE_DESCRIPTION_BYTES
-        log.warn(
-          "Service description exceeds the max bytes; it will be truncated.",
-          :max_service_description_bytes => MAX_SERVICE_DESCRIPTION_BYTES,
-          :service_description => service_description)
+    def reject_service_description_option_exceeding_max_bytes
+      if service_description_exceeds_max_bytes?(@service_description)
+        raise ConfigError,
+          "service_description must not exceed" +
+          " #{MAX_SERVICE_DESCRIPTION_BYTES} bytes"
       end
     end
 
+    # Reject plugin_output option exceeding the max bytes.
     private
-    def warn_if_plugin_output_exceeds_max_bytes(plugin_output)
-      if plugin_output and plugin_output.bytesize > MAX_PLUGIN_OUTPUT_BYTES
-        log.warn("Plugin output exceeds the max bytes; it will be truncated.",
-                :max_plugin_output_bytes => MAX_PLUGIN_OUTPUT_BYTES,
-                :plugin_output => plugin_output)
+    def reject_plugin_output_option_exceeding_max_bytes
+      if plugin_output_exceeds_max_bytes?(@plugin_output)
+        raise ConfigError,
+          "plugin_output must not exceed #{MAX_PLUGIN_OUTPUT_BYTES} bytes"
       end
     end
 
+    # Pack the tuple (tag, time, record).
     public
     def format(tag, time, record)
       [tag, time, record].to_msgpack
     end
 
+    # Send a service check.
     public
     def write(chunk)
       results = []
@@ -119,6 +165,7 @@ module Fluent
       return results
     end
 
+    # Determines the host name.
     private
     def determine_host_name(record)
       if @host_name_field and record[@host_name_field]
@@ -130,6 +177,7 @@ module Fluent
       end
     end
 
+    # Determines the service description.
     private
     def determine_service_description(tag, record)
       if @service_description_field and record[@service_description_field]
@@ -144,10 +192,11 @@ module Fluent
       end
     end
 
+    # Determines the return code.
     private
     def determine_return_code(record)
       if @return_code_field and record[@return_code_field]
-        return_code =  @@valid_return_codes[record[@return_code_field]]
+        return_code =  VALID_RETURN_CODES[record[@return_code_field]]
         if return_code
           return return_code
         end
@@ -159,6 +208,7 @@ module Fluent
       return @return_code
     end
 
+    # Determines the plugin output.
     private
     def determine_plugin_output(record)
       if @plugin_output_field and record[@plugin_output_field]
@@ -173,5 +223,57 @@ module Fluent
         return plugin_output
       end
     end
+
+    # Log a warning if the host name exceeds the max bytes.
+    private
+    def warn_if_host_name_exceeds_max_bytes(host_name)
+      if host_name_exceeds_max_bytes?(host_name)
+        log.warn("Host name exceeds the max bytes; it will be truncated",
+                 :max_host_name_bytes => MAX_HOST_NAME_BYTES,
+                 :host_name => host_name)
+      end
+    end
+
+    # Log a warning if the service description exceeds the max bytes.
+    private
+    def warn_if_service_description_exceeds_max_bytes(service_description)
+      if service_description_exceeds_max_bytes?(service_description)
+        log.warn(
+          "Service description exceeds the max bytes; it will be truncated.",
+          :max_service_description_bytes => MAX_SERVICE_DESCRIPTION_BYTES,
+          :service_description => service_description)
+      end
+    end
+
+    # Log a warning if the plugin output exceeds the max bytes.
+    private
+    def warn_if_plugin_output_exceeds_max_bytes(plugin_output)
+      if plugin_output_exceeds_max_bytes?(plugin_output)
+        log.warn("Plugin output exceeds the max bytes; it will be truncated.",
+                :max_plugin_output_bytes => MAX_PLUGIN_OUTPUT_BYTES,
+                :plugin_output => plugin_output)
+      end
+    end
+
+    # Returns true if host_name exceeds the max bytes
+    private
+    def host_name_exceeds_max_bytes?(host_name)
+      return !! host_name && host_name.bytesize > MAX_HOST_NAME_BYTES
+    end
+
+    # Returns true if service_description exceeds the max bytes
+    private
+    def service_description_exceeds_max_bytes?(service_description)
+      return !! service_description &&
+        service_description.bytesize > MAX_SERVICE_DESCRIPTION_BYTES
+    end
+
+    # Returns true if plugin_output exceeds the max bytes
+    private
+    def plugin_output_exceeds_max_bytes?(plugin_output)
+      return !! plugin_output &&
+        plugin_output.bytesize > MAX_PLUGIN_OUTPUT_BYTES
+    end
+
   end
 end

data/test/plugin/test_out_nsca.rb

@@ -2,29 +2,39 @@
 # vim: et sw=2 sts=2
 
 require 'helper'
-require 'socket'
 require 'send_nsca'
 
+# Test class for Fluent::NscaOutput
 class NscaOutputTest < Test::Unit::TestCase
+
+  # Sets up the test env and the stub
   def setup
     Fluent::Test.setup
+
+    # Stub NscaConnection
+    # whose send_nsca method returns the connection info and the check payload
+    # instead of sending the service check.
     stub.proxy(SendNsca::NscaConnection).new { |obj|
       stub(obj).send_nsca {
         obj.instance_eval {
-          [@nscahost, @port, @password, @hostname, @service, @return_code, @status]
+          [@nscahost, @port, @password,
+           @hostname, @service, @return_code, @status]
         }
       }
     }
   end
 
+  # Common settings
   CONFIG = %[
     server monitor.example.com
     port 4242
     password aoxomoxoa
   ]
 
+  # Returns a driver of the plugin
   def create_driver(conf = CONFIG, tag='test')
-    Fluent::Test::BufferedOutputTestDriver.new(Fluent::NscaOutput, tag).configure(conf)
+    driver = Fluent::Test::BufferedOutputTestDriver.new(Fluent::NscaOutput, tag)
+    driver.configure(conf)
   end
 
   # Connection settings are read
@@ -43,6 +53,102 @@ class NscaOutputTest < Test::Unit::TestCase
     assert_equal '', driver.instance.instance_eval{ @password }
   end
 
+  # Reject host_name option exceeding the max bytes
+  def test_reject_host_name_option_exceeding_max_bytes
+    max_bytes = Fluent::NscaOutput::MAX_HOST_NAME_BYTES
+    config = %[
+      #{CONFIG}
+      host_name #{'x' * (max_bytes + 1)}
+    ]
+    assert_raise(Fluent::ConfigError) {
+      create_driver(config)
+    }
+  end
+
+  # Decide if host name exceeds the max bytes
+  def test_host_name_exceeds_max_bytes()
+    max_bytes = Fluent::NscaOutput::MAX_HOST_NAME_BYTES
+    driver = create_driver('')
+
+    max_bytes_host_name = 'x' * max_bytes
+    assert_equal false, driver.instance.instance_eval{
+      host_name_exceeds_max_bytes?(max_bytes_host_name)
+    }
+
+    invalid_host_name = 'x' * (max_bytes + 1)
+    assert_equal true, driver.instance.instance_eval{
+      host_name_exceeds_max_bytes?(invalid_host_name)
+    }
+
+    assert_equal false, driver.instance.instance_eval{
+      host_name_exceeds_max_bytes?(nil)
+    }
+  end
+
+  # Reject service_description option exceeding the max bytes
+  def test_reject_service_description_option_exceeding_max_bytes
+    max_bytes = Fluent::NscaOutput::MAX_SERVICE_DESCRIPTION_BYTES
+    config = %[
+      #{CONFIG}
+      service_description #{'x' * (max_bytes + 1)}
+    ]
+    assert_raise(Fluent::ConfigError) {
+      create_driver(config)
+    }
+  end
+
+  # Decide if service description exceeds the max bytes
+  def test_service_description_exceeds_max_bytes()
+    max_bytes = Fluent::NscaOutput::MAX_SERVICE_DESCRIPTION_BYTES
+    driver = create_driver('')
+
+    max_bytes_service = 'x' * max_bytes
+    assert_equal false, driver.instance.instance_eval{
+      service_description_exceeds_max_bytes?(max_bytes_service)
+    }
+
+    invalid_service = 'x' * (max_bytes + 1)
+    assert_equal true, driver.instance.instance_eval{
+      service_description_exceeds_max_bytes?(invalid_service)
+    }
+
+    assert_equal false, driver.instance.instance_eval{
+      service_description_exceeds_max_bytes?(nil)
+    }
+  end
+
+  # Reject plugin_output option exceeding the max bytes
+  def test_reject_plugin_output_exceeding_max_bytes
+    max_bytes = Fluent::NscaOutput::MAX_PLUGIN_OUTPUT_BYTES
+    config = %[
+      #{CONFIG}
+      plugin_output #{'x' * (max_bytes + 1)}
+    ]
+    assert_raise(Fluent::ConfigError) {
+      create_driver(config)
+    }
+  end
+
+  # Decide if plugin output exceeds the max bytes
+  def test_plugin_output_exceeds_max_bytes()
+    max_bytes = Fluent::NscaOutput::MAX_PLUGIN_OUTPUT_BYTES
+    driver = create_driver('')
+
+    max_bytes_plugin_output = 'x' * max_bytes
+    assert_equal false, driver.instance.instance_eval{
+      plugin_output_exceeds_max_bytes?(max_bytes_plugin_output)
+    }
+
+    invalid_plugin_output = 'x' * (max_bytes + 1)
+    assert_equal true, driver.instance.instance_eval{
+      plugin_output_exceeds_max_bytes?(invalid_plugin_output)
+    }
+
+    assert_equal false, driver.instance.instance_eval{
+      plugin_output_exceeds_max_bytes?(nil)
+    }
+  end
+
   # Rejects invalid return codes
   def test_reject_invalid_return_codes
     config = %[
@@ -87,7 +193,9 @@ class NscaOutputTest < Test::Unit::TestCase
     time = Time.parse('2015-01-03 12:34:56 UTC').to_i
     driver.emit({"name" => "Stephen"}, time)
     output = driver.run
-    assert_equal [['monitor.example.com', 4242, 'aoxomoxoa', 'web.example.org', 'ddos_monitor', 2, 'possible attacks']], output
+    expected = ['monitor.example.com', 4242, 'aoxomoxoa',
+                'web.example.org', 'ddos_monitor', 2, 'possible attacks']
+    assert_equal [expected], output
   end
 
   # Sends a service check with host_name and host_name_field
@@ -106,13 +214,11 @@ class NscaOutputTest < Test::Unit::TestCase
     driver.emit({"name" => "Stephen", "host" => "app.example.org"}, time)
     driver.emit({"name" => "Aggi"}, time)
     output = driver.run
-    expected_first = [
-      'monitor.example.com', 4242, 'aoxomoxoa', 'app.example.org', 'ddos_monitor', 2, 'possible attacks'
-    ]
-    expected_second = [
-      'monitor.example.com', 4242, 'aoxomoxoa', 'fallback.example.org', 'ddos_monitor', 2, 'possible attacks'
-    ]
-    assert_equal [expected_first, expected_second], output
+    expected1 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'app.example.org', 'ddos_monitor', 2, 'possible attacks']
+    expected2 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'fallback.example.org', 'ddos_monitor', 2, 'possible attacks']
+    assert_equal [expected1, expected2], output
   end
 
   # Sends a service check with host_name_field
@@ -130,13 +236,12 @@ class NscaOutputTest < Test::Unit::TestCase
     driver.emit({"name" => "Stephen", "host" => "app.example.org"}, time)
     driver.emit({"name" => "Aggi"}, time)
     output = driver.run
-    expected_first = [
-      'monitor.example.com', 4242, 'aoxomoxoa', 'app.example.org', 'ddos_monitor', 2, 'possible attacks'
-    ]
-    expected_second = [
-      'monitor.example.com', 4242, 'aoxomoxoa', Socket.gethostname, 'ddos_monitor', 2, 'possible attacks'
-    ]
-    assert_equal [expected_first, expected_second], output
+    require 'socket'
+    expected1 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'app.example.org', 'ddos_monitor', 2, 'possible attacks']
+    expected2 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 Socket.gethostname, 'ddos_monitor', 2, 'possible attacks']
+    assert_equal [expected1, expected2], output
   end
 
   # Sends a service check with service_description and service_description_field
@@ -155,15 +260,11 @@ class NscaOutputTest < Test::Unit::TestCase
     driver.emit({"name" => "Stephen", "service" => "possible_ddos"})
     driver.emit({"name" => "Aggi"})
     output = driver.run
-    expected_first = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'possible_ddos', 2, 'possible attacks'
-    ]
-    expected_second = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_detection', 2, 'possible attacks'
-    ]
-    assert_equal [expected_first, expected_second], output
+    expected1 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'possible_ddos', 2, 'possible attacks']
+    expected2 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_detection', 2, 'possible attacks']
+    assert_equal [expected1, expected2], output
   end
 
   # Sends a service check with service_description_field
@@ -181,15 +282,11 @@ class NscaOutputTest < Test::Unit::TestCase
     driver.emit({"name" => "Stephen", "service" => "possible_ddos"})
     driver.emit({"name" => "Aggi"})
     output = driver.run
-    expected_first = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'possible_ddos', 2, 'possible attacks'
-    ]
-    expected_second = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos', 2, 'possible attacks'
-    ]
-    assert_equal [expected_first, expected_second], output
+    expected1 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'possible_ddos', 2, 'possible attacks']
+    expected2 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos', 2, 'possible attacks']
+    assert_equal [expected1, expected2], output
   end
 
   # Sends a service check with return_code and return_code_field
@@ -211,26 +308,16 @@ class NscaOutputTest < Test::Unit::TestCase
     driver.emit({"name" => "Brian", "retcode" => "invalid-value"})
     driver.emit({"name" => "Martin"})
     output = driver.run
-    expected1 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 3, 'possible attacks'
-    ]
-    expected2 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 2, 'possible attacks'
-    ]
-    expected3 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 1, 'possible attacks'
-    ]
-    expected4 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 0, 'possible attacks'
-    ]
-    expected5 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 0, 'possible attacks'
-    ]
+    expected1 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 3, 'possible attacks']
+    expected2 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 2, 'possible attacks']
+    expected3 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 1, 'possible attacks']
+    expected4 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 0, 'possible attacks']
+    expected5 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 0, 'possible attacks']
     assert_equal [expected1, expected2, expected3, expected4, expected5], output
   end
 
@@ -252,26 +339,16 @@ class NscaOutputTest < Test::Unit::TestCase
     driver.emit({"name" => "Brian", "retcode" => "invalid-value"})
     driver.emit({"name" => "Martin"})
     output = driver.run
-    expected1 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 0, 'possible attacks'
-    ]
-    expected2 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 1, 'possible attacks'
-    ]
-    expected3 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 2, 'possible attacks'
-    ]
-    expected4 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 3, 'possible attacks'
-    ]
-    expected5 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 3, 'possible attacks'
-    ]
+    expected1 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 0, 'possible attacks']
+    expected2 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 1, 'possible attacks']
+    expected3 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 2, 'possible attacks']
+    expected4 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 3, 'possible attacks']
+    expected5 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 3, 'possible attacks']
     assert_equal [expected1, expected2, expected3, expected4, expected5], output
   end
 
@@ -291,14 +368,10 @@ class NscaOutputTest < Test::Unit::TestCase
     driver.emit({"name" => "Stephen", "status" => "Possible DDOS detected"})
     driver.emit({"name" => "Aggi"})
     output = driver.run
-    expected1 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 2, 'Possible DDOS detected'
-    ]
-    expected2 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 2, 'DDOS detected'
-    ]
+    expected1 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 2, 'Possible DDOS detected']
+    expected2 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 2, 'DDOS detected']
     assert_equal [expected1, expected2], output
   end
 
@@ -317,14 +390,10 @@ class NscaOutputTest < Test::Unit::TestCase
     driver.emit({"name" => "Stephen", "status" => "Possible DDOS detected"})
     driver.emit({"name" => "Aggi"})
     output = driver.run
-    expected1 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 2, 'Possible DDOS detected'
-    ]
-    expected2 = [
-      'monitor.example.com', 4242, 'aoxomoxoa',
-      'web.example.org', 'ddos_monitor', 2, '{"name":"Aggi"}'
-    ]
+    expected1 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 2, 'Possible DDOS detected']
+    expected2 = ['monitor.example.com', 4242, 'aoxomoxoa',
+                 'web.example.org', 'ddos_monitor', 2, '{"name":"Aggi"}']
     assert_equal [expected1, expected2], output
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-nsca
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.0.4
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-15 00:00:00.000000000 Z
+date: 2015-03-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -91,7 +91,8 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
-description: Fluentd output plugin to send service checks to a Nagios NSCA daemon
+description: Fluentd output plugin to send service checks to an NSCA / Nagios monitoring
+  server
 email:
 - miyakawa.taku@gmail.com
 executables: []
@@ -107,7 +108,7 @@ files:
 - lib/fluent/plugin/out_nsca.rb
 - test/helper.rb
 - test/plugin/test_out_nsca.rb
-homepage: https://github.com/miyakawataku/fluent-plugin-nsca/
+homepage: https://github.com/miyakawataku/fluent-plugin-nsca
 licenses:
 - Apache License, v2.0
 post_install_message: 
@@ -122,7 +123,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -2882737187850770047
+      hash: 2216937057751646696
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -131,13 +132,14 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: -2882737187850770047
+      hash: 2216937057751646696
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.23
 signing_key: 
 specification_version: 3
-summary: Fluentd output plugin to send service checks to a Nagios NSCA daemon
+summary: Fluentd output plugin to send service checks to an NSCA / Nagios monitoring
+  server
 test_files:
 - test/helper.rb
 - test/plugin/test_out_nsca.rb