fluent-plugin-winevtlog 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: f20f0df26f1be8901b84ec7cb3da2296af8be98b
4
- data.tar.gz: 2bb0885a56495b74783de4ccc6c02e464ad37595
3
+ metadata.gz: 238726bd6a49e60ad9e2f165ddbf87b351e0436d
4
+ data.tar.gz: ba9b3af62d8460e2791a470a1f7fb2807be1f8c0
5
5
  SHA512:
6
- metadata.gz: a42c58a4c327a8e57e6d017162fc05b5aa4194f787505a22433a0744f0a005cffdb6ea2770a5e2b8ba89f0720b0ddced404cfa27d10ce103d7cf33cd66408e39
7
- data.tar.gz: 89baa6e3dae8da65c5d66c29925c27039aa5132543573089f380eb376559a828047ad6d61fc16be0573253f17f3b5c767f9e3b9fc9978bfbfd0d470e1d717234
6
+ metadata.gz: 14da61cc1fa48009ec2e3bec9dce3dc4e5434b2bd628196fd025df8a9cb6f7df683cee73c641f1f836ee929484196c58f2e928f51ced102b3578c77f1f507929
7
+ data.tar.gz: 9c5136757333abc4c15a322a790fdad842896300024acee918efdc972878d8f7a79a663d62dc9d7ab150fa82fdbfa42d55699cf6875b4e091f5ed54fb7460e3d
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
4
 
5
5
  Gem::Specification.new do |spec|
6
6
  spec.name = "fluent-plugin-winevtlog"
7
- spec.version = "0.0.2"
7
+ spec.version = "0.0.3"
8
8
  spec.authors = ["okahashi117"]
9
9
  spec.email = ["naruki_okahashi@jbat.co.jp"]
10
10
  spec.summary = %q{Input plugin to read windows event log.}
@@ -20,26 +20,26 @@ module Fluent
20
20
  config_param :tag, :string
21
21
  config_param :read_interval, :time, :default => 2
22
22
  config_param :pos_file, :string, :default => nil
23
- config_param :category, :string, :default => 'Application'
24
- config_param :keys, :string, :default => ''
23
+ config_param :channel, :string, :default => 'Application'
24
+ config_param :key, :string, :default => ''
25
25
  config_param :read_from_head, :bool, :default => false
26
26
 
27
- attr_reader :cats
27
+ attr_reader :chs
28
28
 
29
29
  def initialize
30
30
  super
31
- @cats = []
31
+ @chs = []
32
32
  @keynames = []
33
33
  @tails = {}
34
34
  end
35
35
 
36
36
  def configure(conf)
37
37
  super
38
- @cats = @category.split(',').map {|cat| cat.strip }.uniq
39
- if @cats.empty?
40
- raise ConfigError, "winevtlog: 'category' parameter is required on winevtlog input"
38
+ @chs = @channel.split(',').map {|ch| ch.strip.downcase }.uniq
39
+ if @chs.empty?
40
+ raise ConfigError, "winevtlog: 'channel' parameter is required on winevtlog input"
41
41
  end
42
- @keynames = @keys.split(',').map {|k| k.strip }.uniq
42
+ @keynames = @key.split(',').map {|k| k.strip }.uniq
43
43
  if @keynames.empty?
44
44
  @keynames = @@KEY_MAP.keys
45
45
  end
@@ -54,7 +54,7 @@ module Fluent
54
54
  @pf = PositionFile.parse(@pf_file)
55
55
  end
56
56
  @loop = Coolio::Loop.new
57
- start_watchers(@cats)
57
+ start_watchers(@chs)
58
58
  @thread = Thread.new(&method(:run))
59
59
  end
60
60
 
@@ -65,30 +65,30 @@ module Fluent
65
65
  @pf_file.close if @pf_file
66
66
  end
67
67
 
68
- def setup_wacther(cat, pe)
69
- wlw = WindowsLogWatcher.new(cat, pe, &method(:receive_lines))
68
+ def setup_wacther(ch, pe)
69
+ wlw = WindowsLogWatcher.new(ch, pe, &method(:receive_lines))
70
70
  wlw.attach(@loop)
71
71
  wlw
72
72
  end
73
73
 
74
- def start_watchers(cats)
75
- cats.each { |cat|
74
+ def start_watchers(chs)
75
+ chs.each { |ch|
76
76
  pe = nil
77
77
  if @pf
78
- pe = @pf[cat]
78
+ pe = @pf[ch]
79
79
  if @read_from_head && pe.read_num.zero?
80
- el = EventLog.open(cat)
80
+ el = EventLog.open(ch)
81
81
  pe.update(el.oldest_record_number-1,1)
82
82
  el.close
83
83
  end
84
84
  end
85
- @tails[cat] = setup_wacther(cat, pe)
85
+ @tails[ch] = setup_wacther(ch, pe)
86
86
  }
87
87
  end
88
88
 
89
- def stop_watchers(cats, unwatched = false)
90
- cats.each { |cat|
91
- wlw = @tails.delete(cat)
89
+ def stop_watchers(chs, unwatched = false)
90
+ chs.each { |ch|
91
+ wlw = @tails.delete(ch)
92
92
  if wlw
93
93
  wlw.unwatched = unwatched
94
94
  close_watcher(wlw)
@@ -108,11 +108,13 @@ module Fluent
108
108
  $log.error_backtrace
109
109
  end
110
110
 
111
- def receive_lines(lines, pe)
111
+ def receive_lines(ch, lines, pe)
112
112
  return if lines.empty?
113
113
  begin
114
114
  for r in lines
115
- h = Hash[@keynames.map {|k| [k, r.send(@@KEY_MAP[k])]}]
115
+ h = {"channel" => ch}
116
+ @keynames.each {|k| h[k]=r.send(@@KEY_MAP[k]).to_s}
117
+ #h = Hash[@keynames.map {|k| [k, r.send(@@KEY_MAP[k]).to_s]}]
116
118
  Engine.emit(@tag, Engine.now, h)
117
119
  pe[1] +=1
118
120
  end
@@ -124,14 +126,14 @@ module Fluent
124
126
 
125
127
 
126
128
  class WindowsLogWatcher
127
- def initialize(cat, pe, &receive_lines)
128
- @cat = cat
129
+ def initialize(ch, pe, &receive_lines)
130
+ @ch = ch
129
131
  @pe = pe || MemoryPositionEntry.new
130
132
  @receive_lines = receive_lines
131
133
  @timer_trigger = TimerWatcher.new(1, true, &method(:on_notify))
132
134
  end
133
135
 
134
- attr_reader :cat
136
+ attr_reader :ch
135
137
  attr_accessor :unwatched
136
138
  attr_accessor :pe
137
139
 
@@ -149,7 +151,7 @@ module Fluent
149
151
  end
150
152
 
151
153
  def on_notify
152
- el = EventLog.open(@cat)
154
+ el = EventLog.open(@ch)
153
155
  rl_sn = [el.oldest_record_number, el.total_records]
154
156
  pe_sn = [@pe.read_start, @pe.read_num]
155
157
  # if total_records is zero, oldest_record_number has no meaning.
@@ -170,7 +172,7 @@ module Fluent
170
172
  cur_end += 0xFFFFFFFF
171
173
  end
172
174
 
173
- if (cur_end <= old_end)
175
+ if (cur_end < old_end)
174
176
  # something occured.
175
177
  @pe.update(rl_sn[0], rl_sn[1])
176
178
  return
@@ -179,8 +181,10 @@ module Fluent
179
181
  read_more = false
180
182
  begin
181
183
  numlines = cur_end - old_end
184
+
182
185
  winlogs = el.read(Windows::Constants::EVENTLOG_SEEK_READ | Windows::Constants::EVENTLOG_FORWARDS_READ, old_end + 1)
183
- @receive_lines.call(winlogs, pe_sn)
186
+ @receive_lines.call(@ch, winlogs, pe_sn)
187
+
184
188
  @pe.update(pe_sn[0], pe_sn[1])
185
189
  old_end = pe_sn[0] + pe_sn[1] -1
186
190
  end while read_more
@@ -211,17 +215,17 @@ module Fluent
211
215
  @last_pos = last_pos
212
216
  end
213
217
 
214
- def [](cat)
215
- if m = @map[cat]
218
+ def [](ch)
219
+ if m = @map[ch]
216
220
  return m
217
221
  end
218
222
  @file.pos = @last_pos
219
- @file.write cat
223
+ @file.write ch
220
224
  @file.write "\t"
221
225
  seek = @file.pos
222
226
  @file.write "00000000\t00000000\n"
223
227
  @last_pos = @file.pos
224
- @map[cat] = FilePositionEntry.new(@file, seek)
228
+ @map[ch] = FilePositionEntry.new(@file, seek)
225
229
  end
226
230
 
227
231
  # parsing file and rebuild mysself
@@ -232,10 +236,10 @@ module Fluent
232
236
  # check and get a matched line as m
233
237
  m = /^([^\t]+)\t([0-9a-fA-F]+)\t([0-9a-fA-F]+)/.match(line)
234
238
  next unless m
235
- cat = m[1]
239
+ ch = m[1]
236
240
  pos = m[2].to_i(16)
237
- seek = file.pos - line.bytesize + cat.bytesize + 1
238
- map[cat] = FilePositionEntry.new(file, seek)
241
+ seek = file.pos - line.bytesize + ch.bytesize + 1
242
+ map[ch] = FilePositionEntry.new(file, seek)
239
243
  }
240
244
  new(file, map, file.pos)
241
245
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-winevtlog
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.2
4
+ version: 0.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - okahashi117
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-09-24 00:00:00.000000000 Z
11
+ date: 2014-10-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: bundler