fluent-plugin-splunk-hec 1.2.2 → 1.2.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile.lock +6 -48
  3. data/README.md +8 -0
  4. data/VERSION +1 -1
  5. data/fluent-plugin-splunk-hec.gemspec +1 -4
  6. data/lib/fluent/plugin/out_splunk_hec.rb +14 -2
  7. metadata +4 -46
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8ff7ecf53a148bd18736b952a0b2d3a1a846a552ef3a923603aa64fd42e2d4cf
4
- data.tar.gz: b7e57c1d2db0469245600cfba62f94df9db6b28617c76722b158c6bea2ddcb03
3
+ metadata.gz: e144a9789e7458c60740d05f2a53cbf18787991f19f61aeff224c0114d6f5001
4
+ data.tar.gz: 96edae330175b273c041c933a03fa052a6a41f9fb736bb28549d2405668dac71
5
5
  SHA512:
6
- metadata.gz: 2f5c0639ce6bf0029aa0c2e96c5a4af0e5b3765c92f41bfdc94755412514f54be499e895c3207c2be170ff3cf5b3c919531ad4eab26a53cb7562f769d5b9451f
7
- data.tar.gz: 2c2ead66b7c73c55414f1c6d9eaeb04112afd5394db414ae3be0f6aaeb6f82049ddfd92c46b02ead0a8f825ca5a846ac138bfddca8fbf953e0f41be4bef3b262
6
+ metadata.gz: fe149f5fe894e6cccbae1c17d181f84bb7ec0ce4a71d7f4da0c71eb663e6d82134bd1783eb8901c10183face7c713f4b0d60117f76d5647180eeea345deac774
7
+ data.tar.gz: 7bbda982e056231f17adc319045d6321d70641b0fc11d19d58dbbf5291251b79cdb0f2f84f6ed6fb69d06cdaf731bb44cc296e4e7de945df72a20d69090e75db
data/Gemfile.lock CHANGED
@@ -1,11 +1,8 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- fluent-plugin-splunk-hec (1.2.2)
5
- activesupport (~> 5.2)
6
- fluent-plugin-kubernetes_metadata_filter (~> 2.4)
4
+ fluent-plugin-splunk-hec (1.2.3)
7
5
  fluentd (>= 1.4)
8
- http_parser.rb (= 0.5.3)
9
6
  multi_json (~> 1.13)
10
7
  net-http-persistent (~> 3.1)
11
8
  openid_connect (~> 1.1.8)
@@ -14,9 +11,9 @@ PATH
14
11
  GEM
15
12
  remote: https://rubygems.org/
16
13
  specs:
17
- activemodel (5.2.4.1)
18
- activesupport (= 5.2.4.1)
19
- activesupport (5.2.4.1)
14
+ activemodel (5.2.4.3)
15
+ activesupport (= 5.2.4.3)
16
+ activesupport (5.2.4.3)
20
17
  concurrent-ruby (~> 1.0, >= 1.0.2)
21
18
  i18n (>= 0.7, < 2)
22
19
  minitest (~> 5.1)
@@ -33,16 +30,6 @@ GEM
33
30
  crack (0.4.3)
34
31
  safe_yaml (~> 1.0.0)
35
32
  docile (1.3.2)
36
- domain_name (0.5.20190701)
37
- unf (>= 0.0.5, < 1.0.0)
38
- ffi (1.12.2)
39
- ffi-compiler (1.0.1)
40
- ffi (>= 1.0.0)
41
- rake
42
- fluent-plugin-kubernetes_metadata_filter (2.4.2)
43
- fluentd (>= 0.14.0, < 2)
44
- kubeclient (< 5)
45
- lru_redux
46
33
  fluentd (1.9.2)
47
34
  cool.io (>= 1.4.5, < 2.0.0)
48
35
  http_parser.rb (>= 0.5.1, < 0.7.0)
@@ -54,17 +41,6 @@ GEM
54
41
  tzinfo-data (~> 1.0)
55
42
  yajl-ruby (~> 1.0)
56
43
  hashdiff (1.0.0)
57
- http (4.3.0)
58
- addressable (~> 2.3)
59
- http-cookie (~> 1.0)
60
- http-form_data (~> 2.2)
61
- http-parser (~> 1.2.0)
62
- http-accept (1.7.0)
63
- http-cookie (1.0.3)
64
- domain_name (~> 0.5)
65
- http-form_data (2.2.0)
66
- http-parser (1.2.1)
67
- ffi-compiler (>= 1.0, < 2.0)
68
44
  http_parser.rb (0.5.3)
69
45
  httpclient (2.8.3)
70
46
  i18n (1.8.2)
@@ -75,23 +51,14 @@ GEM
75
51
  activesupport (>= 4.2)
76
52
  aes_key_wrap
77
53
  bindata
78
- kubeclient (4.6.0)
79
- http (>= 3.0, < 5.0)
80
- recursive-open-struct (~> 1.0, >= 1.0.4)
81
- rest-client (~> 2.0)
82
- lru_redux (1.1.0)
83
54
  mail (2.7.1)
84
55
  mini_mime (>= 0.1.1)
85
- mime-types (3.3.1)
86
- mime-types-data (~> 3.2015)
87
- mime-types-data (3.2019.1009)
88
56
  mini_mime (1.0.2)
89
57
  minitest (5.14.0)
90
58
  msgpack (1.3.3)
91
59
  multi_json (1.14.1)
92
60
  net-http-persistent (3.1.0)
93
61
  connection_pool (~> 2.2)
94
- netrc (0.11.0)
95
62
  openid_connect (1.1.8)
96
63
  activemodel
97
64
  attr_required (>= 1.0.0)
@@ -111,7 +78,7 @@ GEM
111
78
  quantile (~> 0.2.1)
112
79
  public_suffix (4.0.3)
113
80
  quantile (0.2.1)
114
- rack (2.2.2)
81
+ rack (2.2.3)
115
82
  rack-oauth2 (1.10.1)
116
83
  activesupport
117
84
  attr_required
@@ -120,12 +87,6 @@ GEM
120
87
  rack
121
88
  rainbow (3.0.0)
122
89
  rake (12.3.3)
123
- recursive-open-struct (1.1.0)
124
- rest-client (2.1.0)
125
- http-accept (>= 1.7.0, < 2.0)
126
- http-cookie (>= 1.0.2, < 2.0)
127
- mime-types (>= 1.16, < 4.0)
128
- netrc (~> 0.8)
129
90
  rubocop (0.63.1)
130
91
  jaro_winkler (~> 1.5.1)
131
92
  parallel (~> 1.10)
@@ -156,9 +117,6 @@ GEM
156
117
  thread_safe (~> 0.1)
157
118
  tzinfo-data (1.2019.3)
158
119
  tzinfo (>= 1.0.0)
159
- unf (0.1.4)
160
- unf_ext
161
- unf_ext (0.0.7.6)
162
120
  unicode-display_width (1.4.1)
163
121
  validate_email (0.1.6)
164
122
  activemodel (>= 3.0)
@@ -182,7 +140,7 @@ DEPENDENCIES
182
140
  bundler (~> 2.0)
183
141
  fluent-plugin-splunk-hec!
184
142
  minitest (~> 5.0)
185
- rake (~> 12.0)
143
+ rake (>= 12.0)
186
144
  rubocop (~> 0.63.1)
187
145
  simplecov
188
146
  test-unit (~> 3.0)
data/README.md CHANGED
@@ -273,6 +273,14 @@ When set to true, all fields defined in `index_key`, `host_key`, `source_key`, `
273
273
 
274
274
  Depending on the value of `data_type` parameter, the parameters inside the `<fields>` section have different meanings. Despite the meaning, the syntax for parameters is unique.
275
275
 
276
+ ### app_name (string) (Optional)
277
+
278
+ Splunk app name using this plugin (default to `hec_plugin_gem`)
279
+
280
+ ### app_version (string) (Optional)
281
+
282
+ The version of Splunk app using this this plugin (default to plugin version)
283
+
276
284
  #### When `data_type` is `event`
277
285
 
278
286
  In this case, parameters inside `<fields>` are used as indexed fields and removed from the original input events. Please see the "Add a "fields" property at the top JSON level" [here](http://dev.splunk.com/view/event-collector/SP-CAAAFB6) for details. Given we have configuration like
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.2.2
1
+ 1.2.3
data/fluent-plugin-splunk-hec.gemspec CHANGED
@@ -33,17 +33,14 @@ Gem::Specification.new do |spec|
33
33
 
34
34
  spec.required_ruby_version = '>= 2.3.0'
35
35
 
36
- spec.add_runtime_dependency 'fluent-plugin-kubernetes_metadata_filter', '~> 2.4'
37
36
  spec.add_runtime_dependency 'fluentd', '>= 1.4'
38
37
  spec.add_runtime_dependency 'multi_json', '~> 1.13'
39
38
  spec.add_runtime_dependency 'net-http-persistent', '~> 3.1'
40
39
  spec.add_runtime_dependency 'openid_connect', '~> 1.1.8'
41
40
  spec.add_runtime_dependency 'prometheus-client', '< 0.10.0'
42
- spec.add_runtime_dependency 'activesupport', '~> 5.2'
43
- spec.add_runtime_dependency 'http_parser.rb', '= 0.5.3'
44
41
 
45
42
  spec.add_development_dependency 'bundler', '~> 2.0'
46
- spec.add_development_dependency 'rake', '~> 12.0'
43
+ spec.add_development_dependency 'rake', '>= 12.0'
47
44
  # required by fluent/test.rb
48
45
  spec.add_development_dependency 'minitest', '~> 5.0'
49
46
  spec.add_development_dependency 'rubocop', '~> 0.63.1'
data/lib/fluent/plugin/out_splunk_hec.rb CHANGED
@@ -87,6 +87,12 @@ module Fluent::Plugin
87
87
  desc 'When set to true, all fields defined in `index_key`, `host_key`, `source_key`, `sourcetype_key`, `metric_name_key`, `metric_value_key` will not be removed from the original event.'
88
88
  config_param :keep_keys, :bool, default: false
89
89
 
90
+ desc 'App name'
91
+ config_param :app_name, :string, default: "hec_plugin_gem"
92
+
93
+ desc 'App version'
94
+ config_param :app_version, :string, default: "#{VERSION}"
95
+
90
96
  desc 'Define index-time fields for event data type, or metric dimensions for metric data type. Null value fields will be removed.'
91
97
  config_section :fields, init: false, multi: false, required: false do
92
98
  # this is blank on purpose
@@ -138,6 +144,9 @@ module Fluent::Plugin
138
144
  c.override_headers['Content-Type'] = 'application/json'
139
145
  c.override_headers['User-Agent'] = "fluent-plugin-splunk_hec_out/#{VERSION}"
140
146
  c.override_headers['Authorization'] = "Splunk #{@hec_token}"
147
+ c.override_headers['__splunk_app_name'] = "#{@app_name}"
148
+ c.override_headers['__splunk_app_version'] = "#{@app_version}"
149
+
141
150
  end
142
151
  end
143
152
 
@@ -277,6 +286,9 @@ module Fluent::Plugin
277
286
  c.override_headers['Content-Type'] = 'application/json'
278
287
  c.override_headers['User-Agent'] = "fluent-plugin-splunk_hec_out/#{VERSION}"
279
288
  c.override_headers['Authorization'] = "Splunk #{@hec_token}"
289
+ c.override_headers['__splunk_app_name'] = "#{@app_name}"
290
+ c.override_headers['__splunk_app_version'] = "#{@app_version}"
291
+
280
292
  end
281
293
  end
282
294
 
@@ -291,12 +303,12 @@ module Fluent::Plugin
291
303
  t2 = Time.now
292
304
 
293
305
  # raise Exception to utilize Fluentd output plugin retry machanism
294
- raise "Server error (#{response.code}) for POST #{@hec_api}, response: #{response.body}" if response.code.start_with?('5')
306
+ raise "Server error (#{response.code}) for POST #{@api}, response: #{response.body}" if response.code.start_with?('5')
295
307
 
296
308
  # For both success response (2xx) and client errors (4xx), we will consume the chunk.
297
309
  # Because there probably a bug in the code if we get 4xx errors, retry won't do any good.
298
310
  if not response.code.start_with?('2')
299
- log.error "Failed POST to #{@hec_api}, response: #{response.body}"
311
+ log.error "Failed POST to #{@api}, response: #{response.body}"
300
312
  log.debug { "Failed request body: #{post.body}" }
301
313
  end
302
314
 
metadata CHANGED
@@ -1,29 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-splunk-hec
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.2
4
+ version: 1.2.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Splunk Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-04-30 00:00:00.000000000 Z
11
+ date: 2020-07-27 00:00:00.000000000 Z
12
12
  dependencies:
13
- - !ruby/object:Gem::Dependency
14
- name: fluent-plugin-kubernetes_metadata_filter
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - "~>"
18
- - !ruby/object:Gem::Version
19
- version: '2.4'
20
- type: :runtime
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - "~>"
25
- - !ruby/object:Gem::Version
26
- version: '2.4'
27
13
  - !ruby/object:Gem::Dependency
28
14
  name: fluentd
29
15
  requirement: !ruby/object:Gem::Requirement
@@ -94,34 +80,6 @@ dependencies:
94
80
  - - "<"
95
81
  - !ruby/object:Gem::Version
96
82
  version: 0.10.0
97
- - !ruby/object:Gem::Dependency
98
- name: activesupport
99
- requirement: !ruby/object:Gem::Requirement
100
- requirements:
101
- - - "~>"
102
- - !ruby/object:Gem::Version
103
- version: '5.2'
104
- type: :runtime
105
- prerelease: false
106
- version_requirements: !ruby/object:Gem::Requirement
107
- requirements:
108
- - - "~>"
109
- - !ruby/object:Gem::Version
110
- version: '5.2'
111
- - !ruby/object:Gem::Dependency
112
- name: http_parser.rb
113
- requirement: !ruby/object:Gem::Requirement
114
- requirements:
115
- - - '='
116
- - !ruby/object:Gem::Version
117
- version: 0.5.3
118
- type: :runtime
119
- prerelease: false
120
- version_requirements: !ruby/object:Gem::Requirement
121
- requirements:
122
- - - '='
123
- - !ruby/object:Gem::Version
124
- version: 0.5.3
125
83
  - !ruby/object:Gem::Dependency
126
84
  name: bundler
127
85
  requirement: !ruby/object:Gem::Requirement
@@ -140,14 +98,14 @@ dependencies:
140
98
  name: rake
141
99
  requirement: !ruby/object:Gem::Requirement
142
100
  requirements:
143
- - - "~>"
101
+ - - ">="
144
102
  - !ruby/object:Gem::Version
145
103
  version: '12.0'
146
104
  type: :development
147
105
  prerelease: false
148
106
  version_requirements: !ruby/object:Gem::Requirement
149
107
  requirements:
150
- - - "~>"
108
+ - - ">="
151
109
  - !ruby/object:Gem::Version
152
110
  version: '12.0'
153
111
  - !ruby/object:Gem::Dependency