fluent-plugin-splunk-enterprise 0.9.3 → 0.10.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.hec.md +7 -0
- data/README.md +2 -2
- data/docker.sh +41 -0
- data/fluent-plugin-splunk-enterprise.gemspec +1 -2
- data/lib/fluent/plugin/out_splunk_hec.rb +3 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 84b5e1f44dd742cfb10e81abbaefcc040baef0eccabfbc245a8f9e81640004e3
|
|
4
|
+
data.tar.gz: fb0198207841ef4ad8d8b169b1b35546a88c2b867df95a5da67fc56a686be678
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: aac19ad4c0e43281abae744ffc81fc6f5d351b182454a04d4c19b227b2cbb28a8b616c7a98441aea136effaf3cb607f3d6be0c0b42ef3556585a556b0104f24c
|
|
7
|
+
data.tar.gz: 89b54ce906d24f44d87f2370fea910533895b36a8c47cb43ea63289b13ad6f7698890c18ce473441adf077a62548d55f9ea9689ae2751d42c322fd7c5bc19619
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,7 @@
|
|
|
1
|
+
# Release v0.10.0 - 2019/06/13
|
|
2
|
+
|
|
3
|
+
* out_splunk_hec: Send time with nano seconds if possible when `use_fluentd_time` is set to true
|
|
4
|
+
|
|
1
5
|
# Release v0.9.3 - 2019/06/06
|
|
2
6
|
|
|
3
7
|
* out_splunk_hec: Improve sourcetype usage by adding `default_sourcetype`, `sourcetype_key` and `remove_sourcetype_key`
|
data/README.hec.md
CHANGED
|
@@ -19,6 +19,7 @@
|
|
|
19
19
|
* [sourcetype_key](#sourcetype_key)
|
|
20
20
|
* [remove_sourcetype_key](#remove_sourcetype_key)
|
|
21
21
|
* [use_fluentd_time](#use_fluentd_time)
|
|
22
|
+
* [time_as_integer](#time_as_integer)
|
|
22
23
|
* [use_ack](#use_ack)
|
|
23
24
|
* [channel](#channel)
|
|
24
25
|
* [ack_interval](#ack_interval)
|
|
@@ -135,6 +136,12 @@ The default: `true`
|
|
|
135
136
|
|
|
136
137
|
If set true, fluentd's timestamp is used as time metadata. If the record already has its own time value, this options should be `false`.
|
|
137
138
|
|
|
139
|
+
### time_as_integer
|
|
140
|
+
|
|
141
|
+
The default: `true`
|
|
142
|
+
|
|
143
|
+
Only used when `use_fluentd_time` is `true`. If set to `true` (default), time will be sent as integer seconds to Splunk, whereas if set to `false`, it will be sent with nano seconds.
|
|
144
|
+
|
|
138
145
|
### use_ack
|
|
139
146
|
|
|
140
147
|
Enable/Disable [Indexer acknowledgement](https://www.google.co.jp/search?q=splunk+http+ack&oq=splunk+http+ack&aqs=chrome..69i57j69i60l2.2725j0j9&sourceid=chrome&ie=UTF-8). When this is set `true`, `channel` parameter is required.
|
data/README.md
CHANGED
|
@@ -32,8 +32,8 @@ Available Splunk versions in tests are `6.5.2`, `6.4.6`, `6.3.9`, `6,2.12`, `6.1
|
|
|
32
32
|
Start a docker instance Splunk.
|
|
33
33
|
|
|
34
34
|
```
|
|
35
|
-
$ ./docker.sh
|
|
36
|
-
$ ./docker.sh
|
|
35
|
+
$ ./docker.sh build <splunk_version>
|
|
36
|
+
$ ./docker.sh run <splunk_version>
|
|
37
37
|
```
|
|
38
38
|
|
|
39
39
|
Run tests.
|
data/docker.sh
ADDED
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
#!/usr/bin/env bash
|
|
2
|
+
|
|
3
|
+
set -euxo pipefail
|
|
4
|
+
|
|
5
|
+
COMMAND=$1
|
|
6
|
+
VERSION=$2
|
|
7
|
+
IMAGE_LOCAL=splunk-for-test:${VERSION}
|
|
8
|
+
|
|
9
|
+
PORTS="-p 8000:8000 -p 8089:8089 -p 8191:8191 -p 12300:12300 -p 12301:12301 -p 12302:12302 -p 12303:12303 -p 12304:12304 -p 12305:12305 -p 1514:1514 -p 8088:8088 \
|
|
10
|
+
-p 8200:8200 -p 8289:8289 -p 8391:8391 -p 12500:12500 -p 12501:12501 -p 12502:12502 -p 12503:12503 -p 12504:12504 -p 12505:12505 -p 1714:1714 -p 8288:8288"
|
|
11
|
+
|
|
12
|
+
VOLUME="-v ${PWD}/test/config/props.conf:/opt/splunk_tcp/etc/system/local/props.conf \
|
|
13
|
+
-v ${PWD}/test/config/props.conf:/opt/splunk_ssl/etc/system/local/props.conf \
|
|
14
|
+
-v ${PWD}/test/config/inputs.tcp.conf:/opt/splunk_tcp/etc/apps/search/local/inputs.conf \
|
|
15
|
+
-v ${PWD}/test/config/inputs.ssl.conf:/opt/splunk_ssl/etc/apps/search/local/inputs.conf"
|
|
16
|
+
|
|
17
|
+
if [ "$VERSION" = "6.3.9" ]; then
|
|
18
|
+
VOLUME="${VOLUME} \
|
|
19
|
+
-v ${PWD}/test/config/server.conf.6.3:/opt/splunk_ssl/etc/system/local/server.conf.original \
|
|
20
|
+
-v ${PWD}/test/config/entrypoint.sh.6.3:/sbin/entrypoint.sh"
|
|
21
|
+
|
|
22
|
+
fi
|
|
23
|
+
|
|
24
|
+
case "$COMMAND" in
|
|
25
|
+
run)
|
|
26
|
+
docker run -d --entrypoint=/bin/bash ${PORTS} ${VOLUME} ${IMAGE_LOCAL} /sbin/entrypoint.sh
|
|
27
|
+
;;
|
|
28
|
+
stop)
|
|
29
|
+
docker stop $(docker ps -q --filter ancestor=${IMAGE_LOCAL})
|
|
30
|
+
;;
|
|
31
|
+
build)
|
|
32
|
+
docker build -t ${IMAGE_LOCAL} test/Dockerfiles/enterprise/${VERSION}
|
|
33
|
+
;;
|
|
34
|
+
force_build)
|
|
35
|
+
docker build --no-cache=true -t ${IMAGE_LOCAL} test/Dockerfiles/enterprise/${VERSION}
|
|
36
|
+
;;
|
|
37
|
+
*)
|
|
38
|
+
echo "Unkowon command"
|
|
39
|
+
exit 1
|
|
40
|
+
;;
|
|
41
|
+
esac
|
|
@@ -4,14 +4,13 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
|
4
4
|
|
|
5
5
|
Gem::Specification.new do |spec|
|
|
6
6
|
spec.name = "fluent-plugin-splunk-enterprise"
|
|
7
|
-
spec.version = "0.
|
|
7
|
+
spec.version = "0.10.0"
|
|
8
8
|
spec.authors = ["Yuki Ito", "Masahiro Nakagawa"]
|
|
9
9
|
spec.email = ["yito@treasure-data.com", "repeatedly@gmail.com"]
|
|
10
10
|
|
|
11
11
|
spec.summary = %q{Splunk output plugin for Fluentd}
|
|
12
12
|
spec.description = spec.summary
|
|
13
13
|
spec.homepage = ""
|
|
14
|
-
spec.has_rdoc = false
|
|
15
14
|
spec.license = "Apache-2.0"
|
|
16
15
|
|
|
17
16
|
spec.files = `git ls-files -z`.split("\x0").reject do |f|
|
|
@@ -105,7 +105,9 @@ module Fluent
|
|
|
105
105
|
|
|
106
106
|
def format_event(time, record)
|
|
107
107
|
msg = {'event' => record}
|
|
108
|
-
|
|
108
|
+
if @use_fluentd_time
|
|
109
|
+
msg['time'] = time.respond_to?('to_f') ? time.to_f : time
|
|
110
|
+
end
|
|
109
111
|
|
|
110
112
|
# metadata
|
|
111
113
|
if record[@sourcetype_key]
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fluent-plugin-splunk-enterprise
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.10.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Yuki Ito
|
|
@@ -9,7 +9,7 @@ authors:
|
|
|
9
9
|
autorequire:
|
|
10
10
|
bindir: exe
|
|
11
11
|
cert_chain: []
|
|
12
|
-
date: 2019-06-
|
|
12
|
+
date: 2019-06-14 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: fluentd
|
|
@@ -113,6 +113,7 @@ files:
|
|
|
113
113
|
- Rakefile
|
|
114
114
|
- bin/console
|
|
115
115
|
- bin/setup
|
|
116
|
+
- docker.sh
|
|
116
117
|
- fluent-plugin-splunk-enterprise.gemspec
|
|
117
118
|
- lib/fluent/plugin/out_splunk_hec.rb
|
|
118
119
|
- lib/fluent/plugin/out_splunk_tcp.rb
|