logstash-codec-mtrraw 0.1.0 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +6 -3
- data/agent/mtrtrace-dns.sh +17 -0
- data/agent/mtrtrace.sh +17 -0
- data/lib/logstash/codecs/mtrraw.rb +13 -4
- data/logstash-codec-mtrraw.gemspec +2 -2
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 587994befbb0dc6d11a87ad54846eabd7c814de6
|
|
4
|
+
data.tar.gz: aa5ef5ca1baa6e64aa275c6ae55c38e7d2edf095
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a5fdaedbecf58eb488a62ec062b5264fcc1e9388aa86048514fc8d98fae093b80d0fb76ebfbe5f7eb79ea07df6703f9b90d2722b33e0167512b5bf43051e71d7
|
|
7
|
+
data.tar.gz: adc61e20578251b28c136a8d81401d02913e393f9b4a886cf4ab5782b5ec0e02cd091a69b13862d5c4e7ae12120683182d5e876401faad988d649aac9bfc060a
|
data/README.md
CHANGED
|
@@ -28,12 +28,15 @@ input {
|
|
|
28
28
|
Feed it with something that's functionally equivalent to this:
|
|
29
29
|
|
|
30
30
|
```
|
|
31
|
-
while true ; do (echo "s 0 GOOGDNS 1";mtr --raw --no-dns -c 1 8.8.8.8 ) | awk '{printf $0";"}' | nc localhost 4327 ; done
|
|
31
|
+
while true ; do (echo "s 0 MYBOX GOOGDNS 1";mtr --raw --no-dns -c 1 8.8.8.8 ) | awk '{printf $0";"}' | nc localhost 4327 ; done
|
|
32
32
|
```
|
|
33
33
|
|
|
34
34
|
Put the above in a script, make the script executable, and run it in the background. It'll continuously feed mtr trace data to
|
|
35
35
|
the codec.
|
|
36
36
|
|
|
37
|
+
The `agent` subdirectory contains some examples of this. You may have to play around with paths etc to make it work on your
|
|
38
|
+
system.
|
|
39
|
+
|
|
37
40
|
Explanation:
|
|
38
41
|
|
|
39
42
|
There's an infinite loop around the traces without a pause. A pause isn't really needed to keep load down as the trace is i/o bound
|
|
@@ -43,14 +46,14 @@ The `(echo ...;mtr)` construct allows us to overload the frontend of the trace a
|
|
|
43
46
|
stream. The front of the trace has a line that looks like this:
|
|
44
47
|
|
|
45
48
|
```
|
|
46
|
-
s 0 <targetname> <pingcount>
|
|
49
|
+
s 0 <originname> <targetname> <pingcount>
|
|
47
50
|
|
|
48
51
|
```
|
|
49
52
|
|
|
53
|
+
* <originname> is a name for the starting point of the trace
|
|
50
54
|
* <targetname> is whatever name you want to give the trace
|
|
51
55
|
* <pingcount> is the number of pings you're going to be doing to each node in the trace. This must match the -c parameter to mtr (see below).
|
|
52
56
|
|
|
53
|
-
Modify the echo statement accordingly.
|
|
54
57
|
|
|
55
58
|
The MTR execution part requires the following:
|
|
56
59
|
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
#!/usr/bin/env bash
|
|
2
|
+
|
|
3
|
+
ORIGIN_NAME=$1
|
|
4
|
+
TARGET_NAME=$2
|
|
5
|
+
PING_COUNT=$3
|
|
6
|
+
TARGET_IP=$4
|
|
7
|
+
LOGSTASH_IP=$5
|
|
8
|
+
LOGSTASH_PORT=$6
|
|
9
|
+
|
|
10
|
+
if [ -z "$1" ] ; then
|
|
11
|
+
echo "USAGE:"
|
|
12
|
+
echo "$0 <ORIGIN_NAME> <TARGET_NAME> <PING_COUNT> <TARGET_IP> <LOGSTASH_IP> <LOGSTASH_PORT>"
|
|
13
|
+
exit
|
|
14
|
+
fi
|
|
15
|
+
|
|
16
|
+
while true ; do echo -n '.'; (echo "s 0 $ORIGIN_NAME $TARGET_NAME 1";mtr --raw -c $PING_COUNT $TARGET_IP ) | awk '{printf $0";"}' | nc $LOGSTASH_IP $LOGSTASH_PORT ; done
|
|
17
|
+
|
data/agent/mtrtrace.sh
ADDED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
#!/usr/bin/env bash
|
|
2
|
+
|
|
3
|
+
ORIGIN_NAME=$1
|
|
4
|
+
TARGET_NAME=$2
|
|
5
|
+
PING_COUNT=$3
|
|
6
|
+
TARGET_IP=$4
|
|
7
|
+
LOGSTASH_IP=$5
|
|
8
|
+
LOGSTASH_PORT=$6
|
|
9
|
+
|
|
10
|
+
if [ -z "$1" ] ; then
|
|
11
|
+
echo "USAGE:"
|
|
12
|
+
echo "$0 <ORIGIN_NAME> <TARGET_NAME> <PING_COUNT> <TARGET_IP> <LOGSTASH_IP> <LOGSTASH_PORT>"
|
|
13
|
+
exit
|
|
14
|
+
fi
|
|
15
|
+
|
|
16
|
+
while true ; do echo -n '.'; (echo "s 0 $ORIGIN_NAME $TARGET_NAME 1";mtr --raw --no-dns -c $PING_COUNT $TARGET_IP ) | awk '{printf $0";"}' | nc $LOGSTASH_IP $LOGSTASH_PORT ; done
|
|
17
|
+
|
|
@@ -4,6 +4,7 @@ require "logstash/codecs/line"
|
|
|
4
4
|
require "logstash/namespace"
|
|
5
5
|
require "securerandom"
|
|
6
6
|
require "digest"
|
|
7
|
+
require 'awesome_print'
|
|
7
8
|
|
|
8
9
|
|
|
9
10
|
# This codec presumes you've somehow sent in the equivalent of this
|
|
@@ -57,7 +58,12 @@ class LogStash::Codecs::Mtrraw < LogStash::Codecs::Base
|
|
|
57
58
|
if mtrrecs[0].type == 's'
|
|
58
59
|
target = mtrrecs.shift.data
|
|
59
60
|
pingcount = 0
|
|
60
|
-
if target =~ /(\w+) (\d+)/
|
|
61
|
+
if target =~ /(\w+) (\w+) (\d+)/
|
|
62
|
+
origin = $1
|
|
63
|
+
target = $2
|
|
64
|
+
pingcount = $3
|
|
65
|
+
elsif target =~ /(\w+) (\d+)/
|
|
66
|
+
origin = "ORIGIN"
|
|
61
67
|
target = $1
|
|
62
68
|
pingcount = $2
|
|
63
69
|
end
|
|
@@ -93,23 +99,26 @@ class LogStash::Codecs::Mtrraw < LogStash::Codecs::Base
|
|
|
93
99
|
"avgrtt" => avgrtt,
|
|
94
100
|
"tags" => ["wholepath"]
|
|
95
101
|
}
|
|
96
|
-
|
|
102
|
+
wholepathevent = LogStash::Event.new(tracedata)
|
|
103
|
+
yield wholepathevent
|
|
97
104
|
# Construct a starting point for trace to target
|
|
98
105
|
yield LogStash::Event.new({
|
|
99
106
|
"id" => id,
|
|
107
|
+
"origin" => origin,
|
|
100
108
|
"target" => target,
|
|
101
109
|
"tags" => ["hop"],
|
|
102
110
|
"seq" => -1,
|
|
103
111
|
"pathsig" => pathsig,
|
|
104
|
-
"A_node" => "
|
|
112
|
+
"A_node" => "#{origin}->#{target}",
|
|
105
113
|
"Z_node" => hops[0][:addr],
|
|
106
|
-
"dns" =>
|
|
114
|
+
"dns" => origin,
|
|
107
115
|
"avgrtt" => 0,
|
|
108
116
|
"avgloss" => 0
|
|
109
117
|
})
|
|
110
118
|
0.upto(path.size - 2) {
|
|
111
119
|
|index|
|
|
112
120
|
yield LogStash::Event.new({ "id" => id,
|
|
121
|
+
"origin" => origin,
|
|
113
122
|
"target" => target,
|
|
114
123
|
"tags" => ["hop"],
|
|
115
124
|
"pathsig" => pathsig,
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
s.name = 'logstash-codec-mtrraw'
|
|
3
|
-
s.version = '0.
|
|
3
|
+
s.version = '0.2.0'
|
|
4
4
|
s.licenses = ['Apache License (2.0)']
|
|
5
5
|
s.summary = 'Converts optionally overloaded mtr --raw data to an event'
|
|
6
6
|
s.description = 'Turn mtr --raw events with optional overloading into logstash events. see docs'
|
|
@@ -10,7 +10,7 @@ Gem::Specification.new do |s|
|
|
|
10
10
|
s.require_paths = ['lib']
|
|
11
11
|
|
|
12
12
|
# Files
|
|
13
|
-
s.files = Dir['lib/**/*','spec/**/*','vendor/**/*','*.gemspec','*.md','CONTRIBUTORS','Gemfile','LICENSE','NOTICE.TXT']
|
|
13
|
+
s.files = Dir['agent/*','lib/**/*','spec/**/*','vendor/**/*','*.gemspec','*.md','CONTRIBUTORS','Gemfile','LICENSE','NOTICE.TXT']
|
|
14
14
|
# Tests
|
|
15
15
|
s.test_files = s.files.grep(%r{^(test|spec|features)/})
|
|
16
16
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-codec-mtrraw
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- svdasein
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-11-
|
|
11
|
+
date: 2017-11-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: logstash-core-plugin-api
|
|
@@ -64,6 +64,8 @@ files:
|
|
|
64
64
|
- Gemfile
|
|
65
65
|
- LICENSE
|
|
66
66
|
- README.md
|
|
67
|
+
- agent/mtrtrace-dns.sh
|
|
68
|
+
- agent/mtrtrace.sh
|
|
67
69
|
- lib/logstash/codecs/mtrraw.rb
|
|
68
70
|
- logstash-codec-mtrraw.gemspec
|
|
69
71
|
- spec/codecs/mtrraw_spec.rb
|