fluent-plugin-splunk-http-eventcollector 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6af449c8480d06db46282037eecc373581957efe
-  data.tar.gz: 6372e889d37f0c8ec98f540e53e354a5673dcf85
+  metadata.gz: f0b634d4b7da2f0a0461d6edaa9f0f785e3de843
+  data.tar.gz: 17fed2d133c051734081f7a5abff20ab2d9dca66
 SHA512:
-  metadata.gz: 3d647ecdfcfdcf530b494d4306c7c5df8eec958ea53d806de94073213bc7fe59b1fd92323db598d4bd9721a374f679ad2ed292a9724f28a19767e7345e0a36dc
-  data.tar.gz: e11b0d0fbba97638f5614a4dd3aa1e57b7d116af75ebed13a9e54fa9dc95aee19ee5f9d46256230085c1636644ba084c56c5545bf009f2f7c81498189ce13b47
+  metadata.gz: 00fdd38ca4382e5219334fb82553a15df387d4871b5c0d7425b67de6b67fa40432f4ede9d32a7899953e0122897632b7255a0a69b07d5677c3d413ce48facc4e
+  data.tar.gz: 1a9dea180b260fb78079b590f3f86d296ebac8d452914e4721a76a0fd1a70324c19805a0c5dbeae7d711a8e1f3f79977ea2f1b87174b1477cc7c35d9f7cf0480

data/.gitignore

@@ -1,17 +1,27 @@
+### Ruby ###
 *.gem
 *.rbc
-.bundle
-.config
-.yardoc
+/.config
+/coverage/
+/InstalledFiles
+/pkg/
+/spec/reports/
+/spec/examples.txt
+/test/tmp/
+/test/version_tmp/
+/tmp/
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalization:
+/.bundle/
+/vendor/bundle
+/lib/bundler/man/
+
 Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
-rdoc
-spec/reports
-test/tmp
-test/version_tmp
-tmp
+.ruby-version
+.ruby-gemset

data/README.md

@@ -5,6 +5,8 @@ Splunk output plugin for Fluent event collector.
 This plugin interfaces with the Splunk HTTP Event Collector:
   http://dev.splunk.com/view/event-collector/SP-CAAAE6M
 
+[![Build Status](https://travis-ci.org/brycied00d/fluent-plugin-splunk-http-eventcollector.svg?branch=master)](https://travis-ci.org/brycied00d/fluent-plugin-splunk-http-eventcollector)
+
 ## Basic Example
 
     <match **>

data/fluent-plugin-splunk-http-eventcollector.gemspec

@@ -3,7 +3,7 @@ $:.push File.expand_path("../lib", __FILE__)
 
 Gem::Specification.new do |gem|
   gem.name             = "fluent-plugin-splunk-http-eventcollector"
-  gem.version          = "0.1.0"
+  gem.version          = "0.2.0"
   gem.authors          = ["Bryce Chidester"]
   gem.email            = ["bryce.chidester@calyptix.com"]
   gem.summary          = "Splunk output plugin for Fluentd"
@@ -16,12 +16,13 @@ Gem::Specification.new do |gem|
                            "fluent-plugin-splunk-http-eventcollector.gemspec",
                            "lib/fluent/plugin/out_splunk-http-eventcollector.rb",
                            "test/plugin/test_out_splunk-http-eventcollector.rb" ]
-  gem.test_files       = [ "test/helper.rb", 
+  gem.test_files       = [ "test/helper.rb",
                            "test/plugin/test_out_splunk-http-eventcollector.rb" ]
   gem.require_paths    = ["lib"]
 
+  gem.add_development_dependency "rake"
   gem.add_development_dependency "test-unit", '~> 3.1'
-  gem.add_runtime_dependency "fluentd", '~> 0.12'
+  gem.add_development_dependency "webmock", '~> 2.3', '>= 2.3.2'
+  gem.add_runtime_dependency "fluentd", '~> 0.12.12'
   gem.add_runtime_dependency "net-http-persistent", '~> 2.9'
-  gem.add_runtime_dependency "fluent-mixin-rewrite-tag-name", '~> 0.1.0'
 end

data/lib/fluent/plugin/out_splunk-http-eventcollector.rb

@@ -25,37 +25,47 @@ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 =end
-require 'fluent/mixin/rewrite_tag_name'
+
+# Splunk HTTP Event collector docs
+# http://dev.splunk.com/view/event-collector/SP-CAAAE6M
+# http://docs.splunk.com/Documentation/Splunk/latest/RESTREF/RESTinput#services.2Fcollector
 
 module Fluent
 class SplunkHTTPEventcollectorOutput < BufferedOutput
-  
-  Plugin.register_output('splunk-http-eventcollector', self)
 
-  include Fluent::HandleTagNameMixin
-  include Fluent::Mixin::RewriteTagName
+  Plugin.register_output('splunk-http-eventcollector', self)
 
   config_param :test_mode, :bool, :default => false
-  
+
   config_param :server, :string, :default => 'localhost:8088'
   config_param :verify, :bool, :default => true
   config_param :token, :string, :default => nil
-  
+
   # Event parameters
   config_param :protocol, :string, :default => 'https'
   config_param :host, :string, :default => nil
   config_param :index, :string, :default => 'main'
   config_param :all_items, :bool, :default => false
-  
+
   config_param :sourcetype, :string, :default => 'fluentd'
   config_param :source, :string, :default => nil
   config_param :post_retry_max, :integer, :default => 5
   config_param :post_retry_interval, :integer, :default => 5
-  
+
   # TODO Find better upper limits
   config_param :batch_size_limit, :integer, :default => 262144 # 65535
   #config_param :batch_event_limit, :integer, :default => 100
-  
+
+  # Whether to allow non-UTF-8 characters in user logs. If set to true, any
+  # non-UTF-8 character would be replaced by the string specified by
+  # 'non_utf8_replacement_string'. If set to false, any non-UTF-8 character
+  # would trigger the plugin to error out.
+  config_param :coerce_to_utf8, :bool, :default => true
+
+  # If 'coerce_to_utf8' is set to true, any non-UTF-8 character would be
+  # replaced by the string specified here.
+  config_param :non_utf8_replacement_string, :string, :default => ' '
+
   # Called on class load (class initializer)
   def initialize
     super
@@ -63,7 +73,34 @@ class SplunkHTTPEventcollectorOutput < BufferedOutput
     require 'net/http/persistent'
     require 'openssl'
   end  # initialize
-  
+
+  # Thanks to
+  # https://github.com/kazegusuri/fluent-plugin-prometheus/blob/348c112d/lib/fluent/plugin/prometheus.rb
+  def self.placeholder_expander(log)
+    # Use internal class in order to expand placeholder
+    if defined?(Fluent::Filter) # for v0.12, built-in PlaceholderExpander
+      begin
+        require 'fluent/plugin/filter_record_transformer'
+        if defined?(Fluent::Plugin::RecordTransformerFilter::PlaceholderExpander)
+          # for v0.14
+          return Fluent::Plugin::RecordTransformerFilter::PlaceholderExpander.new(log: log)
+        else
+          # for v0.12
+          return Fluent::RecordTransformerFilter::PlaceholderExpander.new(log: log)
+        end
+      rescue LoadError => e
+        raise ConfigError, "cannot find filter_record_transformer plugin: #{e.message}"
+      end
+    else # for v0.10, use PlaceholderExapander in fluent-plugin-record-reformer plugin
+      begin
+        require 'fluent/plugin/out_record_reformer.rb'
+        return Fluent::RecordReformerOutput::PlaceholderExpander.new(log: log)
+      rescue LoadError => e
+        raise ConfigError, "cannot find fluent-plugin-record-reformer: #{e.message}"
+      end
+    end
+  end
+
   ## This method is called before starting.
   ## 'conf' is a Hash that includes configuration parameters.
   ## If the configuration is invalid, raise Fluent::ConfigError.
@@ -75,9 +112,12 @@ class SplunkHTTPEventcollectorOutput < BufferedOutput
     rescue
       raise ConfigError, "Unable to parse the server into a URI."
     end
+
+    @placeholder_expander = Fluent::SplunkHTTPEventcollectorOutput.placeholder_expander(log)
+    @hostname = Socket.gethostname
     # TODO Add other robust input/syntax checks.
   end  # configure
-  
+
   ## This method is called when starting.
   ## Open sockets or files here.
   def start
@@ -88,46 +128,55 @@ class SplunkHTTPEventcollectorOutput < BufferedOutput
     @http.override_headers['Content-Type'] = 'application/json'
     @http.override_headers['User-Agent'] = 'fluent-plugin-splunk-http-eventcollector/0.0.1'
     @http.override_headers['Authorization'] = "Splunk #{@token}"
-    
+
     log.trace "initialized for splunk-http-eventcollector"
   end
-  
+
   ## This method is called when shutting down.
   ## Shutdown the thread and close sockets or files here.
   def shutdown
     super
     log.trace "splunk-http-eventcollector(shutdown) called"
-    
+
     @http.shutdown
     log.trace "shutdown from splunk-http-eventcollector"
   end  # shutdown
-  
+
   ## This method is called when an event reaches to Fluentd. (like unbuffered emit())
   ## Convert the event to a raw string.
   def format(tag, time, record)
     #log.trace "splunk-http-eventcollector(format) called"
     # Basic object for Splunk. Note explicit type-casting to avoid accidental errors.
-    @placeholder_expander.set_tag(tag)
+
+    placeholder_values = {
+      'tag' => tag,
+      'tag_parts' => tag.split('.'),
+      'hostname' => @hostname,
+      'record' => record
+    }
+
+    placeholders = @placeholder_expander.prepare_placeholders(placeholder_values)
 
     splunk_object = Hash[
         "time" => time.to_i,
-        "source" => if @source.nil? then tag.to_s else @placeholder_expander.expand(@source) end,
-        "sourcetype" => @placeholder_expander.expand(@sourcetype.to_s),
+        "source" => if @source.nil? then tag.to_s else @placeholder_expander.expand(@source, placeholders) end,
+        "sourcetype" => @placeholder_expander.expand(@sourcetype.to_s, placeholders),
         "host" => @host.to_s,
-        "index" =>  @placeholder_expander.expand(@index)
+        "index" =>  @placeholder_expander.expand(@index, placeholders)
       ]
     # TODO: parse different source types as expected: KVP, JSON, TEXT
     if @all_items
-        splunk_object["event"] = record
+      splunk_object["event"] = convert_to_utf8(record)
     else
-        splunk_object["event"] = record["message"]
+      splunk_object["event"] = convert_to_utf8(record["message"])
     end
+
     json_event = splunk_object.to_json
     #log.debug "Generated JSON(#{json_event.class.to_s}): #{json_event.to_s}"
     #log.debug "format: returning: #{[tag, record].to_json.to_s}"
     json_event
   end
-  
+
   # By this point, fluentd has decided its buffer is full and it's time to flush
   # it. chunk.read is a concatenated string of JSON.to_s objects. Simply POST
   # them to Splunk and go about our life.
@@ -140,7 +189,7 @@ class SplunkHTTPEventcollectorOutput < BufferedOutput
   ## NOTE! This method is called by internal thread, not Fluentd's main thread. So IO wait doesn't affect other plugins.
   def write(chunk)
     log.trace "splunk-http-eventcollector(write) called"
-    
+
     # Break the concatenated string of JSON-formatted events into an Array
     split_chunk = chunk.read.split("}{").each do |x|
       # Reconstruct the opening{/closing} that #split() strips off.
@@ -153,12 +202,12 @@ class SplunkHTTPEventcollectorOutput < BufferedOutput
     # Don't care about the number of events so much as the POST size (bytes)
     #if split_chunk.size > @batch_event_limit
     #  log.warn "Fluentd is attempting to push #{numfmt(split_chunk.size)} " +
-    #      "events in a single push to Splunk. The configured limit is " + 
+    #      "events in a single push to Splunk. The configured limit is " +
     #      "#{numfmt(@batch_event_limit)}."
     #end
     if chunk.read.bytesize > @batch_size_limit
       log.warn "Fluentd is attempting to push #{numfmt(chunk.read.bytesize)} " +
-          "bytes in a single push to Splunk. The configured limit is " + 
+          "bytes in a single push to Splunk. The configured limit is " +
           "#{numfmt(@batch_size_limit)} bytes."
       newbuffer = Array.new
       split_chunk_counter = 0
@@ -188,7 +237,7 @@ class SplunkHTTPEventcollectorOutput < BufferedOutput
       return push_buffer chunk.read
     end # if chunk.read.bytesize > @batch_size_limit
   end # write
-  
+
   def push_buffer(body)
     post = Net::HTTP::Post.new @splunk_uri.request_uri
     post.body = body
@@ -226,13 +275,50 @@ class SplunkHTTPEventcollectorOutput < BufferedOutput
       else
         # other errors. fluentd will retry processing on exception
         # FIXME: this may duplicate logs when using multiple buffers
-        raise "#{@splunk_uri}: #{response.message}"
+        raise "#{@splunk_uri}: #{response.message}\n#{response.body}"
       end # If response.code
     end # 1.upto(@post_retry_max)
   end # push_buffer
-  
+
   def numfmt(input)
     input.to_s.reverse.gsub(/(\d{3})(?=\d)/, '\1,').reverse
   end # numfmt
+
+  # Encode as UTF-8. If 'coerce_to_utf8' is set to true in the config, any
+  # non-UTF-8 character would be replaced by the string specified by
+  # 'non_utf8_replacement_string'. If 'coerce_to_utf8' is set to false, any
+  # non-UTF-8 character would trigger the plugin to error out.
+  # Thanks to
+  # https://github.com/GoogleCloudPlatform/fluent-plugin-google-cloud/blob/dbc28575/lib/fluent/plugin/out_google_cloud.rb#L1284
+  def convert_to_utf8(input)
+    if input.is_a?(Hash)
+      record = {}
+      input.each do |key, value|
+        record[convert_to_utf8(key)] = convert_to_utf8(value)
+      end
+
+      return record
+    end
+    return input.map { |value| convert_to_utf8(value) } if input.is_a?(Array)
+    return input unless input.respond_to?(:encode)
+
+    if @coerce_to_utf8
+      input.encode(
+        'utf-8',
+        invalid: :replace,
+        undef: :replace,
+        replace: @non_utf8_replacement_string)
+    else
+      begin
+        input.encode('utf-8')
+      rescue EncodingError
+        @log.error 'Encountered encoding issues potentially due to non ' \
+                   'UTF-8 characters. To allow non-UTF-8 characters and ' \
+                   'replace them with spaces, please set "coerce_to_utf8" ' \
+                   'to true.'
+        raise
+      end
+    end
+  end
 end  # class SplunkHTTPEventcollectorOutput
 end  # module Fluent

data/test/helper.rb

@@ -22,6 +22,7 @@ unless ENV.has_key?('VERBOSE')
   $log = nulllogger
 end
 
+require 'webmock/test_unit'
 require 'fluent/plugin/out_splunk-http-eventcollector'
 
 class Test::Unit::TestCase

data/test/plugin/test_out_splunk-http-eventcollector.rb

@@ -18,17 +18,162 @@ class SplunkHTTPEventcollectorOutputTest < Test::Unit::TestCase
   def test_configure
     # default
     d = create_driver
-    assert_equal '{TAG}', d.instance.source
-    assert_equal '_json', d.instance.sourcetype
+    assert_equal nil, d.instance.source
+    assert_equal 'fluentd', d.instance.sourcetype
   end
 
   def test_write
+    stub_request(:post, "https://localhost:8089/services/collector").
+      to_return(body: '{"text":"Success","code":0}')
+
+    d = create_driver
+
+    time = Time.parse("2010-01-02 13:14:15 UTC").to_i
+    d.emit({ "message" => "a message"}, time)
+
+    d.run
+
+    assert_requested :post, "https://localhost:8089/services/collector",
+      headers: {
+        "Authorization" => "Splunk changeme",
+        'Content-Type' => 'application/json',
+        'User-Agent' => 'fluent-plugin-splunk-http-eventcollector/0.0.1'
+      },
+      body: { time: time, source:"test", sourcetype: "fluentd", host: "", index: "main", event: "a message" },
+      times: 1
+  end
+
+  def test_expand
+    stub_request(:post, "https://localhost:8089/services/collector").
+      to_return(body: '{"text":"Success","code":0}')
+
+    d = create_driver(CONFIG + %[
+      source ${record["source"]}
+      sourcetype ${tag_parts[0]}
+    ])
+
+    time = Time.parse("2010-01-02 13:14:15 UTC").to_i
+    d.emit({"message" => "a message", "source" => "source-from-record"}, time)
+
+    d.run
+
+    assert_requested :post, "https://localhost:8089/services/collector",
+      headers: {"Authorization" => "Splunk changeme"},
+      body: { time: time, source: "source-from-record", sourcetype: "test", host: "", index: "main", event: "a message" },
+      times: 1
+  end
+
+  def test_4XX_error_retry
+    stub_request(:post, "https://localhost:8089/services/collector").
+      with(headers: {"Authorization" => "Splunk changeme"}).
+      to_return(body: '{"text":"Incorrect data format","code":5,"invalid-event-number":0}', status: 400)
+
     d = create_driver
 
     time = Time.parse("2010-01-02 13:14:15 UTC").to_i
-    d.emit({"a"=>1}, time)
-    d.emit({"a"=>2}, time)
+    d.emit({ "message" => "1" }, time)
+    d.run
+
+    assert_requested :post, "https://localhost:8089/services/collector",
+      headers: {"Authorization" => "Splunk changeme"},
+      body: { time: time, source: "test", sourcetype: "fluentd", host: "", index: "main", event: "1" },
+      times: 1
+  end
+
+  def test_5XX_error_retry
+    request_count = 0
+    stub_request(:post, "https://localhost:8089/services/collector").
+      with(headers: {"Authorization" => "Splunk changeme"}).
+      to_return do |request|
+        request_count += 1
+
+        if request_count < 5
+          { body: '{"text":"Internal server error","code":8}', status: 500 }
+        else
+          { body: '{"text":"Success","code":0}', status: 200 }
+        end
+      end
+
+
+    d = create_driver(CONFIG + %[
+      post_retry_max 5
+      post_retry_interval 0.1
+    ])
+
+    time = Time.parse("2010-01-02 13:14:15 UTC").to_i
+    d.emit({ "message" => "1" }, time)
+    d.run
+
+    assert_requested :post, "https://localhost:8089/services/collector",
+      headers: {"Authorization" => "Splunk changeme"},
+      body: { time: time, source: "test", sourcetype: "fluentd", host: "", index: "main", event: "1" },
+      times: 5
+  end
+
+  def test_write_splitting
+    stub_request(:post, "https://localhost:8089/services/collector").
+      with(headers: {"Authorization" => "Splunk changeme"}).
+      to_return(body: '{"text":"Incorrect data format","code":5,"invalid-event-number":0}', status: 400)
+
+    # A single msg is ~110 bytes
+    d = create_driver(CONFIG + %[
+      batch_size_limit 250
+    ])
+
+    time = Time.parse("2010-01-02 13:14:15 UTC").to_i
+    d.emit({"message" => "a" }, time)
+    d.emit({"message" => "b" }, time)
+    d.emit({"message" => "c" }, time)
+    d.run
+
+    assert_requested :post, "https://localhost:8089/services/collector",
+      headers: {"Authorization" => "Splunk changeme"},
+      body:
+        { time: time, source: "test", sourcetype: "fluentd", host: "", index: "main", event: "a" }.to_json +
+        { time: time, source: "test", sourcetype: "fluentd", host: "", index: "main", event: "b" }.to_json,
+      times: 1
+    assert_requested :post, "https://localhost:8089/services/collector",
+      headers: {"Authorization" => "Splunk changeme"},
+      body: { time: time, source: "test", sourcetype: "fluentd", host: "", index: "main", event: "c" }.to_json,
+      times: 1
+    assert_requested :post, "https://localhost:8089/services/collector", times: 2
+  end
+
+  def test_utf8
+    stub_request(:post, "https://localhost:8089/services/collector").
+      with(headers: {"Authorization" => "Splunk changeme"}).
+      to_return(body: '{"text":"Success","code":0}')
+
+    d = create_driver(CONFIG + %[
+      all_items true
+    ])
+
+    time = Time.parse("2010-01-02 13:14:15 UTC").to_i
+    d.emit({ "some" => { "nested" => "ü†f-8".force_encoding("BINARY"), "with" => ['ü', '†', 'f-8'].map {|c| c.force_encoding("BINARY") } } }, time)
+    d.run
 
+    assert_requested :post, "https://localhost:8089/services/collector",
+      headers: {"Authorization" => "Splunk changeme"},
+      body: { time: time, source: "test", sourcetype: "fluentd", host: "", index: "main", event: { some: { nested: "     f-8", with: ["  ","   ","f-8"]}}},
+      times: 1
+  end
+
+  def test_utf8
+    stub_request(:post, "https://localhost:8089/services/collector").
+      with(headers: {"Authorization" => "Splunk changeme"}).
+      to_return(body: '{"text":"Success","code":0}')
+
+    d = create_driver(CONFIG + %[
+      all_items true
+    ])
+
+    time = Time.parse("2010-01-02 13:14:15 UTC").to_i
+    d.emit({ "some" => { "nested" => "ü†f-8".force_encoding("BINARY"), "with" => ['ü', '†', 'f-8'].map {|c| c.force_encoding("BINARY") } } }, time)
     d.run
+
+    assert_requested :post, "https://localhost:8089/services/collector",
+      headers: {"Authorization" => "Splunk changeme"},
+      body: { time: time, source: "test", sourcetype: "fluentd", host: "", index: "main", event: { some: { nested: "     f-8", with: ["  ","   ","f-8"]}}},
+      times: 1
   end
 end

metadata

@@ -1,15 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-splunk-http-eventcollector
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Bryce Chidester
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-02-20 00:00:00.000000000 Z
+date: 2017-04-20 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: test-unit
   requirement: !ruby/object:Gem::Requirement
@@ -25,47 +39,53 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '3.1'
 - !ruby/object:Gem::Dependency
-  name: fluentd
+  name: webmock
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
-  type: :runtime
+        version: '2.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.3.2
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.12'
+        version: '2.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.3.2
 - !ruby/object:Gem::Dependency
-  name: net-http-persistent
+  name: fluentd
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.9'
+        version: 0.12.12
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.9'
+        version: 0.12.12
 - !ruby/object:Gem::Dependency
-  name: fluent-mixin-rewrite-tag-name
+  name: net-http-persistent
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: '2.9'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.0
+        version: '2.9'
 description: Splunk output plugin (HTTP Event Collector) for Fluentd event collector
 email:
 - bryce.chidester@calyptix.com