fluent-plugin-splunk-hec 1.3.0 → 1.3.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +32 -20
- data/README.md +11 -0
- data/VERSION +1 -1
- data/fluent-plugin-splunk-hec.gemspec +3 -0
- data/lib/fluent/plugin/out_splunk_hec.rb +6 -1
- data/test/fluent/plugin/out_splunk_hec_test.rb +7 -0
- metadata +35 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 95692f6f46749b89d1afb9d2c0f353e210c3a75bdb301e666a514461a921f144
|
4
|
+
data.tar.gz: bd2e18ac48003d0a7fe0e66ec01978b0f7fc8008488490a08eb0c3fe823ef5fa
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 73a5f400dd4c5465ec673d909f4a11f4db4eeed4a9e2fa99198ea9535c603878f194ef5a7ec770717300d65e0b18c4fbecfd898c37946b922d574185fb8020c8
|
7
|
+
data.tar.gz: 0d74186b33138347b2ab9833cd2df57ad0ee5fcae053ba7db59b2feb351c014dbeb6665b527281967ce7dcdc6454dc186b80068b9e07c0a8734de658bf1e20c3
|
data/Gemfile.lock
CHANGED
@@ -1,19 +1,21 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
fluent-plugin-splunk-hec (1.3.
|
4
|
+
fluent-plugin-splunk-hec (1.3.2)
|
5
5
|
fluentd (>= 1.5)
|
6
|
+
json-jwt (~> 1.15.0)
|
6
7
|
multi_json (~> 1.13)
|
7
8
|
net-http-persistent (~> 4.0)
|
8
9
|
openid_connect (~> 1.1.8)
|
9
10
|
prometheus-client (>= 2.1.0)
|
11
|
+
rack-oauth2 (~> 1.19)
|
10
12
|
|
11
13
|
GEM
|
12
14
|
remote: https://rubygems.org/
|
13
15
|
specs:
|
14
|
-
activemodel (7.0.3)
|
15
|
-
activesupport (= 7.0.3)
|
16
|
-
activesupport (7.0.3)
|
16
|
+
activemodel (7.0.4.3)
|
17
|
+
activesupport (= 7.0.4.3)
|
18
|
+
activesupport (7.0.4.3)
|
17
19
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
18
20
|
i18n (>= 1.6, < 2)
|
19
21
|
minitest (>= 5.1)
|
@@ -22,15 +24,21 @@ GEM
|
|
22
24
|
public_suffix (>= 2.0.2, < 5.0)
|
23
25
|
aes_key_wrap (1.1.0)
|
24
26
|
attr_required (1.0.1)
|
25
|
-
bindata (2.4.
|
26
|
-
concurrent-ruby (1.
|
27
|
-
connection_pool (2.
|
27
|
+
bindata (2.4.14)
|
28
|
+
concurrent-ruby (1.2.2)
|
29
|
+
connection_pool (2.3.0)
|
28
30
|
cool.io (1.7.1)
|
29
31
|
crack (0.4.5)
|
30
32
|
rexml
|
31
33
|
digest (3.1.0)
|
32
34
|
docile (1.4.0)
|
33
|
-
|
35
|
+
faraday (2.7.1)
|
36
|
+
faraday-net_http (>= 2.0, < 3.1)
|
37
|
+
ruby2_keywords (>= 0.0.4)
|
38
|
+
faraday-follow_redirects (0.3.0)
|
39
|
+
faraday (>= 1, < 3)
|
40
|
+
faraday-net_http (3.0.2)
|
41
|
+
fluentd (1.15.3)
|
34
42
|
bundler
|
35
43
|
cool.io (>= 1.4.5, < 2.0.0)
|
36
44
|
http_parser.rb (>= 0.5.1, < 0.9.0)
|
@@ -45,18 +53,19 @@ GEM
|
|
45
53
|
hashdiff (1.0.1)
|
46
54
|
http_parser.rb (0.8.0)
|
47
55
|
httpclient (2.8.3)
|
48
|
-
i18n (1.
|
56
|
+
i18n (1.12.0)
|
49
57
|
concurrent-ruby (~> 1.0)
|
50
58
|
io-wait (0.2.1)
|
51
|
-
json-jwt (1.
|
59
|
+
json-jwt (1.15.3)
|
52
60
|
activesupport (>= 4.2)
|
53
61
|
aes_key_wrap
|
54
62
|
bindata
|
63
|
+
httpclient
|
55
64
|
mail (2.7.1)
|
56
65
|
mini_mime (>= 0.1.1)
|
57
66
|
mini_mime (1.1.2)
|
58
67
|
minitest (5.15.0)
|
59
|
-
msgpack (1.
|
68
|
+
msgpack (1.6.0)
|
60
69
|
multi_json (1.15.0)
|
61
70
|
net-http-persistent (4.0.1)
|
62
71
|
connection_pool (~> 2.2)
|
@@ -80,8 +89,8 @@ GEM
|
|
80
89
|
power_assert (2.0.1)
|
81
90
|
prometheus-client (4.0.0)
|
82
91
|
public_suffix (4.0.6)
|
83
|
-
rack (
|
84
|
-
rack-oauth2 (1.
|
92
|
+
rack (3.0.6.1)
|
93
|
+
rack-oauth2 (1.21.2)
|
85
94
|
activesupport
|
86
95
|
attr_required
|
87
96
|
httpclient
|
@@ -89,6 +98,7 @@ GEM
|
|
89
98
|
rack (>= 2.1.0)
|
90
99
|
rake (13.0.6)
|
91
100
|
rexml (3.2.5)
|
101
|
+
ruby2_keywords (0.0.5)
|
92
102
|
serverengine (2.3.0)
|
93
103
|
sigdump (~> 0.2.2)
|
94
104
|
sigdump (0.2.4)
|
@@ -99,16 +109,17 @@ GEM
|
|
99
109
|
simplecov-html (0.12.3)
|
100
110
|
simplecov_json_formatter (0.1.3)
|
101
111
|
strptime (0.2.5)
|
102
|
-
swd (
|
112
|
+
swd (2.0.2)
|
103
113
|
activesupport (>= 3)
|
104
114
|
attr_required (>= 0.0.5)
|
105
|
-
|
115
|
+
faraday (~> 2.0)
|
116
|
+
faraday-follow_redirects
|
106
117
|
test-unit (3.5.3)
|
107
118
|
power_assert
|
108
119
|
timeout (0.2.0)
|
109
|
-
tzinfo (2.0.
|
120
|
+
tzinfo (2.0.6)
|
110
121
|
concurrent-ruby (~> 1.0)
|
111
|
-
tzinfo-data (1.2022.
|
122
|
+
tzinfo-data (1.2022.6)
|
112
123
|
tzinfo (>= 1.0.0)
|
113
124
|
validate_email (0.1.6)
|
114
125
|
activemodel (>= 3.0)
|
@@ -116,9 +127,10 @@ GEM
|
|
116
127
|
validate_url (1.0.15)
|
117
128
|
activemodel (>= 3.0.0)
|
118
129
|
public_suffix
|
119
|
-
webfinger (1.2
|
130
|
+
webfinger (2.1.2)
|
120
131
|
activesupport
|
121
|
-
|
132
|
+
faraday (~> 2.0)
|
133
|
+
faraday-follow_redirects
|
122
134
|
webmock (3.5.1)
|
123
135
|
addressable (>= 2.3.6)
|
124
136
|
crack (>= 0.3.2)
|
@@ -140,4 +152,4 @@ DEPENDENCIES
|
|
140
152
|
webmock (~> 3.5.0)
|
141
153
|
|
142
154
|
BUNDLED WITH
|
143
|
-
2.
|
155
|
+
2.4.9
|
data/README.md
CHANGED
@@ -1,3 +1,7 @@
|
|
1
|
+
# End of Support
|
2
|
+
|
3
|
+
**Important:** The fluent-plugin-splunk-hec will reach End of Support on January 1, 2024. After that date, this repository will no longer receive updates from Splunk and will no longer be supported by Splunk. Until then, only critical security fixes and bug fixes will be provided.
|
4
|
+
|
1
5
|
# fluent-plugin-splunk-hec
|
2
6
|
|
3
7
|
[Fluentd](https://fluentd.org/) output plugin to send events and metrics to [Splunk](https://www.splunk.com) in 2 modes:<br/>
|
@@ -288,6 +292,10 @@ Splunk app name using this plugin (default to `hec_plugin_gem`)
|
|
288
292
|
|
289
293
|
The version of Splunk app using this this plugin (default to plugin version)
|
290
294
|
|
295
|
+
### custom_headers (Hash) (Optional)
|
296
|
+
|
297
|
+
Hash of custom headers to be added to the HTTP request. Used to populate [`override_headers`](https://docs.seattlerb.org/net-http-persistent/Net/HTTP/Persistent.html#attribute-i-override_headers) attribute of the underlying `Net::HTTP::Persistent` connection.
|
298
|
+
|
291
299
|
#### When `data_type` is `event`
|
292
300
|
|
293
301
|
In this case, parameters inside `<fields>` are used as indexed fields and removed from the original input events. Please see the "Add a "fields" property at the top JSON level" [here](http://dev.splunk.com/view/event-collector/SP-CAAAFB6) for details. Given we have configuration like
|
@@ -400,6 +408,9 @@ Specifies which formatter to use.
|
|
400
408
|
|
401
409
|
The following parameters can be used for tuning HTTP connections:
|
402
410
|
|
411
|
+
#### gzip_compression (boolean)
|
412
|
+
Whether to use gzip compression on outbound posts. This parameter is set to `false` by default for backwards compatibility.
|
413
|
+
|
403
414
|
#### idle_timeout (integer)
|
404
415
|
|
405
416
|
The default is five seconds. If a connection has not been used for five seconds, it is automatically reset at next use, in order to avoid attempting to send to a closed connection. Specifiy `nil` to prohibit any timeouts.
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.3.
|
1
|
+
1.3.2
|
@@ -38,6 +38,9 @@ Gem::Specification.new do |spec|
|
|
38
38
|
spec.add_runtime_dependency 'net-http-persistent', '~> 4.0'
|
39
39
|
spec.add_runtime_dependency 'openid_connect', '~> 1.1.8'
|
40
40
|
spec.add_runtime_dependency 'prometheus-client', '>= 2.1.0'
|
41
|
+
spec.add_runtime_dependency 'json-jwt', '~> 1.15.0'
|
42
|
+
spec.add_runtime_dependency 'rack-oauth2', '~> 1.19'
|
43
|
+
|
41
44
|
|
42
45
|
spec.add_development_dependency 'bundler', '~> 2.0'
|
43
46
|
spec.add_development_dependency 'rake', '>= 12.0'
|
@@ -134,6 +134,9 @@ module Fluent::Plugin
|
|
134
134
|
DESC
|
135
135
|
config_param :non_utf8_replacement_string, :string, :default => ' '
|
136
136
|
|
137
|
+
desc 'Any custom headers to include alongside requests made to Splunk'
|
138
|
+
config_param :custom_headers, :hash, :default => {}
|
139
|
+
|
137
140
|
def initialize
|
138
141
|
super
|
139
142
|
@default_host = Socket.gethostname
|
@@ -168,7 +171,9 @@ module Fluent::Plugin
|
|
168
171
|
c.override_headers['Authorization'] = "Splunk #{@hec_token}"
|
169
172
|
c.override_headers['__splunk_app_name'] = "#{@app_name}"
|
170
173
|
c.override_headers['__splunk_app_version'] = "#{@app_version}"
|
171
|
-
|
174
|
+
@custom_headers.each do |header, value|
|
175
|
+
c.override_headers[header] = value
|
176
|
+
end
|
172
177
|
end
|
173
178
|
end
|
174
179
|
|
@@ -66,6 +66,13 @@ describe Fluent::Plugin::SplunkHecOutput do
|
|
66
66
|
it 'should support enabling gzip' do
|
67
67
|
expect(create_hec_output_driver('hec_host hec_token', 'gzip_compression true').instance.gzip_compression).must_equal true
|
68
68
|
end
|
69
|
+
it 'should define custom_headers as {} (hash) initially' do
|
70
|
+
assert_empty(create_hec_output_driver('hec_host hec_token').instance.custom_headers)
|
71
|
+
expect(create_hec_output_driver('hec_host hec_token').instance.custom_headers).is_a? Hash
|
72
|
+
end
|
73
|
+
it 'should allow setting custom_headers' do
|
74
|
+
assert_equal(create_hec_output_driver('hec_host hec_token', 'custom_headers {"custom":"header"}').instance.custom_headers, {"custom" => "header"})
|
75
|
+
end
|
69
76
|
end
|
70
77
|
|
71
78
|
describe 'hec_host validation' do
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fluent-plugin-splunk-hec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.3.
|
4
|
+
version: 1.3.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Splunk Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2023-03-24 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: fluentd
|
@@ -80,6 +80,34 @@ dependencies:
|
|
80
80
|
- - ">="
|
81
81
|
- !ruby/object:Gem::Version
|
82
82
|
version: 2.1.0
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: json-jwt
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - "~>"
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: 1.15.0
|
90
|
+
type: :runtime
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - "~>"
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: 1.15.0
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: rack-oauth2
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
100
|
+
requirements:
|
101
|
+
- - "~>"
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: '1.19'
|
104
|
+
type: :runtime
|
105
|
+
prerelease: false
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
107
|
+
requirements:
|
108
|
+
- - "~>"
|
109
|
+
- !ruby/object:Gem::Version
|
110
|
+
version: '1.19'
|
83
111
|
- !ruby/object:Gem::Dependency
|
84
112
|
name: bundler
|
85
113
|
requirement: !ruby/object:Gem::Requirement
|
@@ -221,13 +249,13 @@ signing_key:
|
|
221
249
|
specification_version: 4
|
222
250
|
summary: Fluentd plugin for Splunk HEC.
|
223
251
|
test_files:
|
224
|
-
- test/test_helper.rb
|
225
252
|
- test/lib/webmock/http_lib_adapters/excon_adapter.rb
|
253
|
+
- test/lib/webmock/http_lib_adapters/patron_adapter.rb
|
226
254
|
- test/lib/webmock/http_lib_adapters/typhoeus_hydra_adapter.rb
|
227
|
-
- test/lib/webmock/http_lib_adapters/
|
255
|
+
- test/lib/webmock/http_lib_adapters/em_http_request_adapter.rb
|
228
256
|
- test/lib/webmock/http_lib_adapters/curb_adapter.rb
|
257
|
+
- test/lib/webmock/http_lib_adapters/manticore_adapter.rb
|
229
258
|
- test/lib/webmock/http_lib_adapters/http_rb_adapter.rb
|
230
|
-
- test/
|
231
|
-
- test/lib/webmock/http_lib_adapters/patron_adapter.rb
|
232
|
-
- test/fluent/plugin/out_splunk_hec_test.rb
|
259
|
+
- test/test_helper.rb
|
233
260
|
- test/fluent/plugin/out_splunk_ingest_api_test.rb
|
261
|
+
- test/fluent/plugin/out_splunk_hec_test.rb
|