fluent-plugin-splunk-hec 1.2.0 → 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +58 -55
- data/README.md +35 -52
- data/VERSION +1 -1
- data/fluent-plugin-splunk-hec.gemspec +7 -5
- data/lib/fluent/plugin/out_splunk_hec.rb +2 -1
- data/lib/fluent/plugin/out_splunk_ingest_api.rb +6 -3
- data/test/fluent/plugin/out_splunk_hec_test.rb +0 -9
- data/test/fluent/plugin/out_splunk_ingest_api_test.rb +2 -2
- metadata +46 -18
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b08af552b4a06c613aadbfac297ccb4bae1dbdc4814ecc930beb4a81d1a58e5f
|
4
|
+
data.tar.gz: db100e47a1d540241ddc807e949d4bebbb0a159a56149aa77317710c0df32b4b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 31be2f7ad272c86436d9d2efd32c6c18b81d99cb1798917dcc0544a75b4aea4c81b5798478408ba7ef6b0ae3fbd14afb1905937260044252221f35ba14931f8d
|
7
|
+
data.tar.gz: f5a4617e8822cd0fca9a7ad88be301fba6a1c661eaa43ad107db8fbb5d660787f30a0a747e637e1ad697ff17cf8351acf1df4ac50a10213fd32b4392786d74e0
|
data/Gemfile.lock
CHANGED
@@ -1,89 +1,93 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
fluent-plugin-splunk-hec (1.2.
|
5
|
-
|
6
|
-
|
4
|
+
fluent-plugin-splunk-hec (1.2.1)
|
5
|
+
activesupport (~> 5.2)
|
6
|
+
fluent-plugin-kubernetes_metadata_filter (~> 2.4.2)
|
7
|
+
fluentd (>= 1.4)
|
8
|
+
http_parser.rb (= 0.5.3)
|
7
9
|
multi_json (~> 1.13)
|
8
|
-
net-http-persistent (~> 3.
|
9
|
-
openid_connect (~> 1.1.
|
10
|
-
prometheus-client (
|
10
|
+
net-http-persistent (~> 3.1)
|
11
|
+
openid_connect (~> 1.1.8)
|
12
|
+
prometheus-client (< 0.10.0)
|
11
13
|
|
12
14
|
GEM
|
13
15
|
remote: https://rubygems.org/
|
14
16
|
specs:
|
15
|
-
activemodel (
|
16
|
-
activesupport (=
|
17
|
-
activesupport (
|
17
|
+
activemodel (5.2.4.1)
|
18
|
+
activesupport (= 5.2.4.1)
|
19
|
+
activesupport (5.2.4.1)
|
18
20
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
19
21
|
i18n (>= 0.7, < 2)
|
20
22
|
minitest (~> 5.1)
|
21
23
|
tzinfo (~> 1.1)
|
22
|
-
|
23
|
-
|
24
|
-
public_suffix (>= 2.0.2, < 4.0)
|
24
|
+
addressable (2.7.0)
|
25
|
+
public_suffix (>= 2.0.2, < 5.0)
|
25
26
|
aes_key_wrap (1.0.1)
|
26
27
|
ast (2.4.0)
|
27
28
|
attr_required (1.0.1)
|
28
29
|
bindata (2.4.4)
|
29
|
-
concurrent-ruby (1.1.
|
30
|
+
concurrent-ruby (1.1.6)
|
30
31
|
connection_pool (2.2.2)
|
31
|
-
cool.io (1.
|
32
|
+
cool.io (1.6.0)
|
32
33
|
crack (0.4.3)
|
33
34
|
safe_yaml (~> 1.0.0)
|
34
|
-
|
35
|
-
docile (1.3.1)
|
35
|
+
docile (1.3.2)
|
36
36
|
domain_name (0.5.20190701)
|
37
37
|
unf (>= 0.0.5, < 1.0.0)
|
38
|
-
|
38
|
+
ffi (1.12.2)
|
39
|
+
ffi-compiler (1.0.1)
|
40
|
+
ffi (>= 1.0.0)
|
41
|
+
rake
|
42
|
+
fluent-plugin-kubernetes_metadata_filter (2.4.2)
|
39
43
|
fluentd (>= 0.14.0, < 2)
|
40
|
-
kubeclient (
|
44
|
+
kubeclient (< 5)
|
41
45
|
lru_redux
|
42
|
-
fluentd (1.
|
46
|
+
fluentd (1.9.2)
|
43
47
|
cool.io (>= 1.4.5, < 2.0.0)
|
44
|
-
dig_rb (~> 1.0.0)
|
45
48
|
http_parser.rb (>= 0.5.1, < 0.7.0)
|
46
|
-
msgpack (>=
|
49
|
+
msgpack (>= 1.3.1, < 2.0.0)
|
47
50
|
serverengine (>= 2.0.4, < 3.0.0)
|
48
51
|
sigdump (~> 0.2.2)
|
49
52
|
strptime (>= 0.2.2, < 1.0.0)
|
50
|
-
tzinfo (
|
53
|
+
tzinfo (>= 1.0, < 3.0)
|
51
54
|
tzinfo-data (~> 1.0)
|
52
55
|
yajl-ruby (~> 1.0)
|
53
|
-
hashdiff (0.
|
54
|
-
http (
|
56
|
+
hashdiff (1.0.0)
|
57
|
+
http (4.3.0)
|
55
58
|
addressable (~> 2.3)
|
56
59
|
http-cookie (~> 1.0)
|
57
|
-
http-form_data (~>
|
58
|
-
|
60
|
+
http-form_data (~> 2.2)
|
61
|
+
http-parser (~> 1.2.0)
|
59
62
|
http-accept (1.7.0)
|
60
63
|
http-cookie (1.0.3)
|
61
64
|
domain_name (~> 0.5)
|
62
|
-
http-form_data (
|
63
|
-
|
65
|
+
http-form_data (2.2.0)
|
66
|
+
http-parser (1.2.1)
|
67
|
+
ffi-compiler (>= 1.0, < 2.0)
|
68
|
+
http_parser.rb (0.5.3)
|
64
69
|
httpclient (2.8.3)
|
65
|
-
i18n (1.
|
70
|
+
i18n (1.8.2)
|
66
71
|
concurrent-ruby (~> 1.0)
|
67
|
-
jaro_winkler (1.5.
|
68
|
-
json (2.
|
69
|
-
json-jwt (1.
|
72
|
+
jaro_winkler (1.5.4)
|
73
|
+
json (2.3.0)
|
74
|
+
json-jwt (1.11.0)
|
70
75
|
activesupport (>= 4.2)
|
71
76
|
aes_key_wrap
|
72
77
|
bindata
|
73
|
-
kubeclient (
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
rest-client
|
78
|
+
kubeclient (4.6.0)
|
79
|
+
http (>= 3.0, < 5.0)
|
80
|
+
recursive-open-struct (~> 1.0, >= 1.0.4)
|
81
|
+
rest-client (~> 2.0)
|
78
82
|
lru_redux (1.1.0)
|
79
83
|
mail (2.7.1)
|
80
84
|
mini_mime (>= 0.1.1)
|
81
|
-
mime-types (3.3)
|
85
|
+
mime-types (3.3.1)
|
82
86
|
mime-types-data (~> 3.2015)
|
83
87
|
mime-types-data (3.2019.1009)
|
84
88
|
mini_mime (1.0.2)
|
85
|
-
minitest (5.
|
86
|
-
msgpack (1.3.
|
89
|
+
minitest (5.14.0)
|
90
|
+
msgpack (1.3.3)
|
87
91
|
multi_json (1.14.1)
|
88
92
|
net-http-persistent (3.1.0)
|
89
93
|
connection_pool (~> 2.2)
|
@@ -98,25 +102,25 @@ GEM
|
|
98
102
|
validate_email
|
99
103
|
validate_url
|
100
104
|
webfinger (>= 1.0.1)
|
101
|
-
parallel (1.
|
102
|
-
parser (2.
|
105
|
+
parallel (1.19.1)
|
106
|
+
parser (2.7.0.2)
|
103
107
|
ast (~> 2.4.0)
|
104
|
-
power_assert (1.1.
|
108
|
+
power_assert (1.1.5)
|
105
109
|
powerpack (0.1.2)
|
106
110
|
prometheus-client (0.9.0)
|
107
111
|
quantile (~> 0.2.1)
|
108
|
-
public_suffix (
|
112
|
+
public_suffix (4.0.3)
|
109
113
|
quantile (0.2.1)
|
110
|
-
rack (2.
|
111
|
-
rack-oauth2 (1.10.
|
114
|
+
rack (2.2.2)
|
115
|
+
rack-oauth2 (1.10.1)
|
112
116
|
activesupport
|
113
117
|
attr_required
|
114
118
|
httpclient
|
115
|
-
json-jwt (>= 1.
|
119
|
+
json-jwt (>= 1.11.0)
|
116
120
|
rack
|
117
121
|
rainbow (3.0.0)
|
118
|
-
rake (12.3.
|
119
|
-
recursive-open-struct (1.
|
122
|
+
rake (12.3.3)
|
123
|
+
recursive-open-struct (1.1.0)
|
120
124
|
rest-client (2.1.0)
|
121
125
|
http-accept (>= 1.7.0, < 2.0)
|
122
126
|
http-cookie (>= 1.0.2, < 2.0)
|
@@ -130,9 +134,9 @@ GEM
|
|
130
134
|
rainbow (>= 2.2.2, < 4.0)
|
131
135
|
ruby-progressbar (~> 1.7)
|
132
136
|
unicode-display_width (~> 1.4.0)
|
133
|
-
ruby-progressbar (1.10.
|
137
|
+
ruby-progressbar (1.10.1)
|
134
138
|
safe_yaml (1.0.5)
|
135
|
-
serverengine (2.
|
139
|
+
serverengine (2.2.1)
|
136
140
|
sigdump (~> 0.2.2)
|
137
141
|
sigdump (0.2.4)
|
138
142
|
simplecov (0.16.1)
|
@@ -145,10 +149,10 @@ GEM
|
|
145
149
|
activesupport (>= 3)
|
146
150
|
attr_required (>= 0.0.5)
|
147
151
|
httpclient (>= 2.4)
|
148
|
-
test-unit (3.3.
|
152
|
+
test-unit (3.3.5)
|
149
153
|
power_assert
|
150
154
|
thread_safe (0.3.6)
|
151
|
-
tzinfo (1.2.
|
155
|
+
tzinfo (1.2.6)
|
152
156
|
thread_safe (~> 0.1)
|
153
157
|
tzinfo-data (1.2019.3)
|
154
158
|
tzinfo (>= 1.0.0)
|
@@ -170,7 +174,6 @@ GEM
|
|
170
174
|
crack (>= 0.3.2)
|
171
175
|
hashdiff
|
172
176
|
yajl-ruby (1.4.1)
|
173
|
-
zeitwerk (2.2.0)
|
174
177
|
|
175
178
|
PLATFORMS
|
176
179
|
ruby
|
@@ -186,4 +189,4 @@ DEPENDENCIES
|
|
186
189
|
webmock (~> 3.5.0)
|
187
190
|
|
188
191
|
BUNDLED WITH
|
189
|
-
2.
|
192
|
+
2.1.4
|
data/README.md
CHANGED
@@ -2,13 +2,13 @@
|
|
2
2
|
# fluent-plugin-splunk-hec
|
3
3
|
|
4
4
|
[Fluentd](https://fluentd.org/) output plugin to send events and metrics to [Splunk](https://www.splunk.com) in 2 modes:<br/>
|
5
|
-
1) Via Splunk's [HEC (HTTP Event Collector) API](http://dev.splunk.com/view/event-collector/SP-CAAAE7F)<br/>
|
6
|
-
2) Via the
|
5
|
+
1) Via Splunk's [HEC (HTTP Event Collector) API](http://dev.splunk.com/view/event-collector/SP-CAAAE7F)<br/>
|
6
|
+
2) Via the Splunk Cloud Services (SCS) [Ingest API](https://sdc.splunkbeta.com/reference/api/ingest/v1beta2)
|
7
7
|
|
8
8
|
## Installation
|
9
9
|
|
10
10
|
### RubyGems
|
11
|
-
```
|
11
|
+
```
|
12
12
|
$ gem install fluent-plugin-splunk-hec
|
13
13
|
```
|
14
14
|
### Bundler
|
@@ -29,7 +29,7 @@ $ bundle
|
|
29
29
|
|
30
30
|
* See also: [Output Plugin Overview](https://docs.fluentd.org/v1.0/articles/output-plugin-overview)
|
31
31
|
|
32
|
-
#### Example 1: Minimum Configuration
|
32
|
+
#### Example 1: Minimum HEC Configuration
|
33
33
|
|
34
34
|
```
|
35
35
|
<match **>
|
@@ -43,17 +43,18 @@ $ bundle
|
|
43
43
|
This example is very basic, it just tells the plugin to send events to Splunk HEC on `https://12.34.56.78:8088` (https is the default protocol), using the HEC token `00000000-0000-0000-0000-000000000000`. It will use whatever index, source, sourcetype are configured in HEC. And the `host` of each event is the hostname of the machine which running fluentd.
|
44
44
|
|
45
45
|
|
46
|
-
#### Example 2: Configuration example
|
46
|
+
#### Example 2: SCS Ingest Configuration example
|
47
47
|
|
48
48
|
```
|
49
49
|
<match **>
|
50
50
|
@type splunk_ingest_api
|
51
51
|
service_client_identifier xxxxxxxx
|
52
52
|
service_client_secret_key xxxx-xxxxx
|
53
|
-
token_endpoint /
|
54
|
-
|
55
|
-
|
56
|
-
|
53
|
+
token_endpoint /token
|
54
|
+
ingest_auth_host auth.scp.splunk.com
|
55
|
+
ingest_api_host api.scp.splunk.com
|
56
|
+
ingest_api_tenant <mytenant>
|
57
|
+
ingest_api_events_endpoint /<mytenant>/ingest/v1beta2/events
|
57
58
|
debug_http false
|
58
59
|
</match>
|
59
60
|
```
|
@@ -157,7 +158,7 @@ This value must be set to `splunk_hec` when using HEC API and to `splunk_ingest_
|
|
157
158
|
|
158
159
|
#### protocol (enum) (optional)
|
159
160
|
|
160
|
-
This is the protocol to use for calling the HEC API. Available values are: http, https. This parameter is
|
161
|
+
This is the protocol to use for calling the HEC API. Available values are: http, https. This parameter is
|
161
162
|
set to `https` by default.
|
162
163
|
|
163
164
|
### hec_host (string) (required)
|
@@ -194,72 +195,70 @@ If `coerce_to_utf8` is set to `true`, any non-UTF-8 character is replaced by the
|
|
194
195
|
|
195
196
|
### Parameters for `splunk_ingest_api`
|
196
197
|
|
197
|
-
### service_client_identifier: (optional) (string)
|
198
|
+
### service_client_identifier: (optional) (string)
|
198
199
|
|
199
200
|
Splunk uses the client identifier to make authorized requests to the ingest API.
|
200
201
|
|
201
|
-
### service_client_secret_key: (string)
|
202
|
+
### service_client_secret_key: (string)
|
202
203
|
|
203
204
|
The client identifier uses this authorization to make requests to the ingest API.
|
204
205
|
|
205
|
-
### token_endpoint: (string)
|
206
|
+
### token_endpoint: (string)
|
206
207
|
|
207
208
|
This value indicates which endpoint Splunk should look to for the authorization token necessary for requests to the ingest API.
|
208
209
|
|
209
|
-
### ingest_api_host: (string)
|
210
|
+
### ingest_api_host: (string)
|
210
211
|
|
211
212
|
Indicates which url/hostname to use for requests to the ingest API.
|
212
213
|
|
213
|
-
### ingest_api_tenant: (string)
|
214
|
+
### ingest_api_tenant: (string)
|
214
215
|
|
215
216
|
Indicates which tenant Splunk should use for requests to the ingest API.
|
216
217
|
|
217
|
-
### ingest_api_events_endpoint: (string)
|
218
|
+
### ingest_api_events_endpoint: (string)
|
218
219
|
|
219
220
|
Indicates which endpoint to use for requests to the ingest API.
|
220
221
|
|
221
|
-
### debug_http: (bool)
|
222
|
+
### debug_http: (bool)
|
222
223
|
Set to True if you want to debug requests and responses to ingest API. Default is false.
|
223
224
|
|
224
225
|
### Parameters for both `splunk_hec` and `splunk_ingest_api`
|
225
226
|
|
226
227
|
### index (string) (optional)
|
227
228
|
|
228
|
-
Identifier for the Splunk index to be used for indexing events. If this parameter is not set,
|
229
|
-
the indexer is chosen by HEC.
|
229
|
+
Identifier for the Splunk index to be used for indexing events. If this parameter is not set,
|
230
|
+
the indexer is chosen by HEC. Cannot set both `index` and `index_key` parameters at the same time.
|
230
231
|
|
231
232
|
### index_key (string) (optional)
|
232
233
|
|
233
|
-
The field name that contains the Splunk index name.
|
234
|
-
not work if the `index` parameter is not set.
|
234
|
+
The field name that contains the Splunk index name. Cannot set both `index` and `index_key` parameters at the same time.
|
235
235
|
|
236
236
|
### host (string) (optional)
|
237
237
|
|
238
|
-
The host location for events.
|
238
|
+
The host location for events. Cannot set both `host` and `host_key` parameters at the same time.
|
239
239
|
If the parameter is not set, the default value is the hostname of the machine runnning fluentd.
|
240
240
|
|
241
241
|
### host_key (string) (optional)
|
242
242
|
|
243
|
-
Key for the host location.
|
244
|
-
parameter is not set, this parameter is ignored.
|
243
|
+
Key for the host location. Cannot set both `host` and `host_key` parameters at the same time.
|
245
244
|
|
246
245
|
### source (string) (optional)
|
247
246
|
|
248
|
-
The source field for events. If this parameter is not set, the source will be decided by HEC.
|
249
|
-
|
247
|
+
The source field for events. If this parameter is not set, the source will be decided by HEC.
|
248
|
+
Cannot set both `source` and `source_key` parameters at the same time.
|
250
249
|
|
251
250
|
### source_key (string) (optional)
|
252
251
|
|
253
|
-
Field name to contain source.
|
252
|
+
Field name to contain source. Cannot set both `source` and `source_key` parameters at the same time.
|
254
253
|
|
255
254
|
### sourcetype (string) (optional)
|
256
255
|
|
257
|
-
The sourcetype field for events. When not set, the sourcetype is decided by HEC.
|
258
|
-
|
256
|
+
The sourcetype field for events. When not set, the sourcetype is decided by HEC.
|
257
|
+
Cannot set both `source` and `source_key` parameters at the same time.
|
259
258
|
|
260
259
|
### sourcetype_key (string) (optional)
|
261
260
|
|
262
|
-
Field name that contains the sourcetype.
|
261
|
+
Field name that contains the sourcetype. Cannot set both `source` and `source_key` parameters at the same time.
|
263
262
|
|
264
263
|
### fields (init) (optional)
|
265
264
|
|
@@ -320,7 +319,7 @@ If a parameter has just a key, it means its value is exactly the same as the key
|
|
320
319
|
|
321
320
|
#### When `data_type` is `metric`
|
322
321
|
|
323
|
-
For metrics, parameters inside `<fields>` are used as dimensions. If `<fields>` is not presented, the original input event will be used as dimensions. If an empty `<fields></fields>` is presented, no dimension is sent. For example, given the following configuration:
|
322
|
+
For metrics, parameters inside `<fields>` are used as dimensions. If `<fields>` is not presented, the original input event will be used as dimensions. If an empty `<fields></fields>` is presented, no dimension is sent. For example, given the following configuration:
|
324
323
|
|
325
324
|
```
|
326
325
|
<match **>
|
@@ -371,7 +370,7 @@ Multiple `<format>` sections can be defined to use different formatters for diff
|
|
371
370
|
</format>
|
372
371
|
```
|
373
372
|
|
374
|
-
This example:
|
373
|
+
This example:
|
375
374
|
- Formats events with tags that start with `sometag.` with the `single_value` formatter
|
376
375
|
- Formats events with tags `some.othertag` with the `csv` formatter
|
377
376
|
- Formats all other events with the `json` formatter (the default formatter)
|
@@ -388,31 +387,15 @@ The following parameters can be used for tuning HTTP connections:
|
|
388
387
|
|
389
388
|
#### idle_timeout (integer)
|
390
389
|
|
391
|
-
The default is five seconds. If a connection has not been used for five seconds, it is automatically reset at next use, in order to avoid attempting to send to a closed connection. Specifiy `nil` to prohibit any timeouts.
|
390
|
+
The default is five seconds. If a connection has not been used for five seconds, it is automatically reset at next use, in order to avoid attempting to send to a closed connection. Specifiy `nil` to prohibit any timeouts.
|
392
391
|
|
393
392
|
#### read_timeout (integer)
|
394
|
-
The amount of time allowed between reading two chunks from the socket. The default value is `nil`, which means no timeout.
|
393
|
+
The amount of time allowed between reading two chunks from the socket. The default value is `nil`, which means no timeout.
|
395
394
|
|
396
395
|
#### open_timeout (integer)
|
397
396
|
|
398
397
|
The amount of time to wait for a connection to be opened. The default is `nil`, which means no timeout.
|
399
398
|
|
400
|
-
### Net::HTTP::Persistent parameters (optional)
|
401
|
-
|
402
|
-
The following parameters can be used for tuning HTTP connections
|
403
|
-
|
404
|
-
#### idle_timeout (integer)
|
405
|
-
|
406
|
-
The default is 5 seconds. If a connection has not been used for this number of seconds it will automatically be reset upon the next use to avoid attempting to send to a closed connection; nil means no timeout.
|
407
|
-
|
408
|
-
#### read_timeout (integer)
|
409
|
-
|
410
|
-
The default is nil. The amount of time allowed between reading two chunks from the socket.
|
411
|
-
|
412
|
-
#### open_timeout (integer)
|
413
|
-
|
414
|
-
The default is nil. The amount of time to wait for a connection to be opened.
|
415
|
-
|
416
399
|
### SSL parameters
|
417
400
|
|
418
401
|
The following optional parameters let you configure SSL for HTTPS protocol.
|
@@ -439,7 +422,7 @@ List of SSl ciphers allowed.
|
|
439
422
|
|
440
423
|
#### insecure_ssl (bool)
|
441
424
|
|
442
|
-
Specifies whether an insecure SSL connection is allowed. If set to false, Splunk does not verify an insecure server certificate. This parameter is set to `false` by default.
|
425
|
+
Specifies whether an insecure SSL connection is allowed. If set to false, Splunk does not verify an insecure server certificate. This parameter is set to `false` by default. Ensure parameter `ca_file` is not configured in order to allow insecure SSL connections when this value is set to `true`.
|
443
426
|
|
444
427
|
## About Buffer
|
445
428
|
|
@@ -454,4 +437,4 @@ Here are some hints:
|
|
454
437
|
|
455
438
|
## License
|
456
439
|
|
457
|
-
Please see [LICENSE](LICENSE).
|
440
|
+
Please see [LICENSE](LICENSE).
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.2.
|
1
|
+
1.2.1
|
@@ -33,12 +33,14 @@ Gem::Specification.new do |spec|
|
|
33
33
|
|
34
34
|
spec.required_ruby_version = '>= 2.3.0'
|
35
35
|
|
36
|
-
spec.add_runtime_dependency 'fluent-plugin-kubernetes_metadata_filter', '
|
37
|
-
spec.add_runtime_dependency 'fluentd', '
|
36
|
+
spec.add_runtime_dependency 'fluent-plugin-kubernetes_metadata_filter', '~> 2.4.2'
|
37
|
+
spec.add_runtime_dependency 'fluentd', '>= 1.4'
|
38
38
|
spec.add_runtime_dependency 'multi_json', '~> 1.13'
|
39
|
-
spec.add_runtime_dependency 'net-http-persistent', '~> 3.
|
40
|
-
spec.add_runtime_dependency 'openid_connect', '~> 1.1.
|
41
|
-
spec.add_runtime_dependency 'prometheus-client', '
|
39
|
+
spec.add_runtime_dependency 'net-http-persistent', '~> 3.1'
|
40
|
+
spec.add_runtime_dependency 'openid_connect', '~> 1.1.8'
|
41
|
+
spec.add_runtime_dependency 'prometheus-client', '< 0.10.0'
|
42
|
+
spec.add_runtime_dependency 'activesupport', '~> 5.2'
|
43
|
+
spec.add_runtime_dependency 'http_parser.rb', '= 0.5.3'
|
42
44
|
|
43
45
|
spec.add_development_dependency 'bundler', '~> 2.0'
|
44
46
|
spec.add_development_dependency 'rake', '~> 12.0'
|
@@ -1,5 +1,6 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
require 'fluent/env'
|
3
4
|
require 'fluent/output'
|
4
5
|
require 'fluent/plugin/output'
|
5
6
|
require 'fluent/plugin/formatter'
|
@@ -217,7 +218,7 @@ module Fluent::Plugin
|
|
217
218
|
# That's why we use `to_s` here.
|
218
219
|
time: time.to_f.to_s,
|
219
220
|
event: 'metric'
|
220
|
-
}.tap do |payload|
|
221
|
+
}.tap do |payload|
|
221
222
|
if @time
|
222
223
|
time_value = @time.(tag, record)
|
223
224
|
# if no value is found don't override and use fluentd's time
|
@@ -16,10 +16,13 @@ module Fluent::Plugin
|
|
16
16
|
config_param :service_client_secret_key, :string, default: nil
|
17
17
|
|
18
18
|
desc 'Token Endpoint'
|
19
|
-
config_param :token_endpoint, :string, default: '/
|
19
|
+
config_param :token_endpoint, :string, default: '/token'
|
20
|
+
|
21
|
+
desc 'Token Auth Hostname'
|
22
|
+
config_param :ingest_auth_host, :string, default: 'auth.scp.splunk.com'
|
20
23
|
|
21
24
|
desc 'Ingest Api Hostname'
|
22
|
-
config_param :ingest_api_host, :string, default: 'api.
|
25
|
+
config_param :ingest_api_host, :string, default: 'api.scp.splunk.com'
|
23
26
|
|
24
27
|
desc 'Ingest API Tenant Name'
|
25
28
|
config_param :ingest_api_tenant, :string
|
@@ -90,7 +93,7 @@ module Fluent::Plugin
|
|
90
93
|
identifier: @service_client_identifier,
|
91
94
|
secret: @service_client_secret_key,
|
92
95
|
redirect_uri: 'http://localhost:8080/', # Not used
|
93
|
-
host: @
|
96
|
+
host: @ingest_auth_host,
|
94
97
|
scheme: 'https'
|
95
98
|
)
|
96
99
|
|
@@ -100,15 +100,6 @@ describe Fluent::Plugin::SplunkHecOutput do
|
|
100
100
|
assert_nil(test_driver.instance.time_key)
|
101
101
|
end
|
102
102
|
|
103
|
-
# it "should contain splunk event time field via fluentd, as nil" do
|
104
|
-
# expect(create_output_driver('hec_host splunk.com').instance.time_key).must_equal nil
|
105
|
-
# end
|
106
|
-
#
|
107
|
-
it "should contain splunk event time field via fluentd, as nil" do
|
108
|
-
test_driver = create_output_driver('hec_host splunk.com')
|
109
|
-
assert_nil(test_driver.instance.time_key)
|
110
|
-
end
|
111
|
-
|
112
103
|
it "should use host machine's hostname for event host by default" do
|
113
104
|
verify_sent_events do |batch|
|
114
105
|
batch.each do |item|
|
@@ -6,8 +6,8 @@ describe Fluent::Plugin::SplunkIngestApiOutput do
|
|
6
6
|
include Fluent::Test::Helpers
|
7
7
|
include PluginTestHelper
|
8
8
|
|
9
|
-
INGEST_API_ENDPOINT = 'https://api.
|
10
|
-
AUTH_TOKEN_ENDPOINT = 'https://
|
9
|
+
INGEST_API_ENDPOINT = 'https://api.scp.splunk.com/tenant_name/ingest/v1beta2/events'
|
10
|
+
AUTH_TOKEN_ENDPOINT = 'https://auth.scp.splunk.com/token'
|
11
11
|
|
12
12
|
before { Fluent::Test.setup } # setup router and others
|
13
13
|
|
metadata
CHANGED
@@ -1,41 +1,41 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fluent-plugin-splunk-hec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.2.
|
4
|
+
version: 1.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Splunk Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2020-02-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: fluent-plugin-kubernetes_metadata_filter
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- -
|
17
|
+
- - "~>"
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 2.
|
19
|
+
version: 2.4.2
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
|
-
- -
|
24
|
+
- - "~>"
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 2.
|
26
|
+
version: 2.4.2
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: fluentd
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
30
30
|
requirements:
|
31
|
-
- -
|
31
|
+
- - ">="
|
32
32
|
- !ruby/object:Gem::Version
|
33
33
|
version: '1.4'
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
|
-
- -
|
38
|
+
- - ">="
|
39
39
|
- !ruby/object:Gem::Version
|
40
40
|
version: '1.4'
|
41
41
|
- !ruby/object:Gem::Dependency
|
@@ -58,42 +58,70 @@ dependencies:
|
|
58
58
|
requirements:
|
59
59
|
- - "~>"
|
60
60
|
- !ruby/object:Gem::Version
|
61
|
-
version: '3.
|
61
|
+
version: '3.1'
|
62
62
|
type: :runtime
|
63
63
|
prerelease: false
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
65
65
|
requirements:
|
66
66
|
- - "~>"
|
67
67
|
- !ruby/object:Gem::Version
|
68
|
-
version: '3.
|
68
|
+
version: '3.1'
|
69
69
|
- !ruby/object:Gem::Dependency
|
70
70
|
name: openid_connect
|
71
71
|
requirement: !ruby/object:Gem::Requirement
|
72
72
|
requirements:
|
73
73
|
- - "~>"
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version: 1.1.
|
75
|
+
version: 1.1.8
|
76
76
|
type: :runtime
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
80
|
- - "~>"
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version: 1.1.
|
82
|
+
version: 1.1.8
|
83
83
|
- !ruby/object:Gem::Dependency
|
84
84
|
name: prometheus-client
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - "<"
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: 0.10.0
|
90
|
+
type: :runtime
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - "<"
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: 0.10.0
|
97
|
+
- !ruby/object:Gem::Dependency
|
98
|
+
name: activesupport
|
85
99
|
requirement: !ruby/object:Gem::Requirement
|
86
100
|
requirements:
|
87
101
|
- - "~>"
|
88
102
|
- !ruby/object:Gem::Version
|
89
|
-
version:
|
103
|
+
version: '5.2'
|
90
104
|
type: :runtime
|
91
105
|
prerelease: false
|
92
106
|
version_requirements: !ruby/object:Gem::Requirement
|
93
107
|
requirements:
|
94
108
|
- - "~>"
|
95
109
|
- !ruby/object:Gem::Version
|
96
|
-
version:
|
110
|
+
version: '5.2'
|
111
|
+
- !ruby/object:Gem::Dependency
|
112
|
+
name: http_parser.rb
|
113
|
+
requirement: !ruby/object:Gem::Requirement
|
114
|
+
requirements:
|
115
|
+
- - '='
|
116
|
+
- !ruby/object:Gem::Version
|
117
|
+
version: 0.5.3
|
118
|
+
type: :runtime
|
119
|
+
prerelease: false
|
120
|
+
version_requirements: !ruby/object:Gem::Requirement
|
121
|
+
requirements:
|
122
|
+
- - '='
|
123
|
+
- !ruby/object:Gem::Version
|
124
|
+
version: 0.5.3
|
97
125
|
- !ruby/object:Gem::Dependency
|
98
126
|
name: bundler
|
99
127
|
requirement: !ruby/object:Gem::Requirement
|
@@ -249,13 +277,13 @@ signing_key:
|
|
249
277
|
specification_version: 4
|
250
278
|
summary: Fluentd plugin for Splunk HEC.
|
251
279
|
test_files:
|
280
|
+
- test/fluent/plugin/out_splunk_hec_test.rb
|
281
|
+
- test/fluent/plugin/out_splunk_ingest_api_test.rb
|
282
|
+
- test/lib/webmock/http_lib_adapters/patron_adapter.rb
|
283
|
+
- test/lib/webmock/http_lib_adapters/manticore_adapter.rb
|
252
284
|
- test/lib/webmock/http_lib_adapters/em_http_request_adapter.rb
|
253
285
|
- test/lib/webmock/http_lib_adapters/typhoeus_hydra_adapter.rb
|
254
|
-
- test/lib/webmock/http_lib_adapters/patron_adapter.rb
|
255
286
|
- test/lib/webmock/http_lib_adapters/curb_adapter.rb
|
256
|
-
- test/lib/webmock/http_lib_adapters/manticore_adapter.rb
|
257
287
|
- test/lib/webmock/http_lib_adapters/http_rb_adapter.rb
|
258
288
|
- test/lib/webmock/http_lib_adapters/excon_adapter.rb
|
259
|
-
- test/fluent/plugin/out_splunk_ingest_api_test.rb
|
260
|
-
- test/fluent/plugin/out_splunk_hec_test.rb
|
261
289
|
- test/test_helper.rb
|