fluent-plugin-splunkhec 1.5 → 1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/fluent-plugin-splunkhec.gemspec +1 -1
- data/lib/fluent/plugin/out_splunkhec.rb +17 -17
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 55b9a5e86477b6fda1429bdbb9f57adbdef3688d
|
4
|
+
data.tar.gz: 4c06e39f92558b8e7b21acdfbda06eda1a4734f5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: afdbea0ed8ad15825cb90159600b731ad4d2160f89c0aa86430b17aaa430100708261a66f5b7ccbf4020996fd7e0ab32b1c309fa91e069b91b766a7ba2c0f760
|
7
|
+
data.tar.gz: 34b0f43b99e6130f9080c86eabe70545a7565c3e8b0add5b3e3adcd2d160754c9ef36b41f71e1b05a6802cb3df13195f61997b55a5154d198c24e3da15efb637
|
data/CHANGELOG.md
CHANGED
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
4
|
|
5
5
|
Gem::Specification.new do |gem|
|
6
6
|
gem.name = "fluent-plugin-splunkhec"
|
7
|
-
gem.version = "1.
|
7
|
+
gem.version = "1.6"
|
8
8
|
gem.authors = "Coen Meerbeek"
|
9
9
|
gem.email = "cmeerbeek@gmail.com"
|
10
10
|
gem.description = %q{Output plugin for the Splunk HTTP Event Collector.}
|
@@ -15,8 +15,8 @@ module Fluent
|
|
15
15
|
# Splunk event parameters
|
16
16
|
config_param :index, :string, :default => 'main'
|
17
17
|
config_param :event_host, :string, :default => nil
|
18
|
-
config_param :source, :string, :default => '
|
19
|
-
config_param :sourcetype, :string, :default => '
|
18
|
+
config_param :source, :string, :default => 'tag'
|
19
|
+
config_param :sourcetype, :string, :default => 'fluentd'
|
20
20
|
config_param :send_event_as_json, :bool, :default => false
|
21
21
|
config_param :usejson, :bool, :default => true
|
22
22
|
config_param :send_batched_events, :bool, :default => false
|
@@ -27,7 +27,7 @@ module Fluent
|
|
27
27
|
def configure(conf)
|
28
28
|
super
|
29
29
|
@splunk_url = @protocol + '://' + @host + ':' + @port + '/services/collector/event'
|
30
|
-
log.
|
30
|
+
log.info 'splunkhec: sent data to ' + @splunk_url
|
31
31
|
|
32
32
|
if conf['event_host'] == nil
|
33
33
|
begin
|
@@ -69,17 +69,17 @@ module Fluent
|
|
69
69
|
else
|
70
70
|
event = record
|
71
71
|
end
|
72
|
-
|
73
|
-
|
72
|
+
|
73
|
+
source = @source == 'tag' ? tag : @source
|
74
74
|
|
75
75
|
# Build body for the POST request
|
76
76
|
if !@usejson
|
77
77
|
event = record["time"]+ " " + record["message"].to_json.gsub(/^"|"$/,"")
|
78
78
|
body << '{"time":"'+ DateTime.parse(record["time"]).strftime("%Q") +'", "event":"' + event + '", "sourcetype" :"' + sourcetype + '", "source" :"' + @source + '", "index" :"' + @index + '", "host" : "' + @event_host + '"}'
|
79
79
|
elsif @send_event_as_json
|
80
|
-
body << '{"time" :' + time.to_s + ', "event" :' + event + ', "sourcetype" :"' + sourcetype + '", "source" :"' +
|
80
|
+
body << '{"time" :' + time.to_s + ', "event" :' + event + ', "sourcetype" :"' + sourcetype + '", "source" :"' + source + '", "index" :"' + @index + '", "host" : "' + @event_host + '"}'
|
81
81
|
else
|
82
|
-
body << '{"time" :' + time.to_s + ', "event" :"' + event + '", "sourcetype" :"' + sourcetype + '", "source" :"' +
|
82
|
+
body << '{"time" :' + time.to_s + ', "event" :"' + event + '", "sourcetype" :"' + sourcetype + '", "source" :"' + source + '", "index" :"' + @index + '", "host" : "' + @event_host + '"}'
|
83
83
|
end
|
84
84
|
|
85
85
|
if @send_batched_events
|
@@ -103,23 +103,23 @@ module Fluent
|
|
103
103
|
# Create client
|
104
104
|
http = Net::HTTP.new(uri.host, uri.port)
|
105
105
|
|
106
|
-
# Create
|
107
|
-
req = Net::HTTP::Post.new(uri)
|
108
|
-
# Add headers
|
109
|
-
req.add_field "Authorization", "Splunk #{@token}"
|
110
|
-
# Add headers
|
111
|
-
req.add_field "Content-Type", "application/json; charset=utf-8"
|
112
|
-
# Set body
|
106
|
+
# Create request
|
107
|
+
req = Net::HTTP::Post.new(uri, "Content-Type" => "application/json", "Authorization" => "Splunk #{@token}")
|
113
108
|
req.body = body
|
109
|
+
|
114
110
|
# Handle SSL
|
115
111
|
if @protocol == 'https'
|
116
112
|
http.use_ssl = true
|
117
113
|
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
|
118
114
|
end
|
119
115
|
|
120
|
-
#
|
121
|
-
res =
|
122
|
-
|
116
|
+
# Send Request
|
117
|
+
res = Net::HTTP.start(uri.hostname, uri.port) do |http|
|
118
|
+
http.request(req)
|
119
|
+
end
|
120
|
+
|
121
|
+
log.debug "splunkhec: HTTP Response Status Code is #{res.code}"
|
122
|
+
|
123
123
|
if res.code.to_i != 200
|
124
124
|
body = JSON.parse(res.body)
|
125
125
|
raise SplunkHECOutputError.new(body['text'], body['code'], body['invalid-event-number'], res.code)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fluent-plugin-splunkhec
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: '1.
|
4
|
+
version: '1.6'
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Coen Meerbeek
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2018-04-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: fluentd
|