logstash-codec-mtrraw 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +6 -3
- data/agent/mtrtrace-dns.sh +17 -0
- data/agent/mtrtrace.sh +17 -0
- data/lib/logstash/codecs/mtrraw.rb +13 -4
- data/logstash-codec-mtrraw.gemspec +2 -2
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 587994befbb0dc6d11a87ad54846eabd7c814de6
|
|
4
|
+
data.tar.gz: aa5ef5ca1baa6e64aa275c6ae55c38e7d2edf095
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a5fdaedbecf58eb488a62ec062b5264fcc1e9388aa86048514fc8d98fae093b80d0fb76ebfbe5f7eb79ea07df6703f9b90d2722b33e0167512b5bf43051e71d7
|
|
7
|
+
data.tar.gz: adc61e20578251b28c136a8d81401d02913e393f9b4a886cf4ab5782b5ec0e02cd091a69b13862d5c4e7ae12120683182d5e876401faad988d649aac9bfc060a
|
data/README.md
CHANGED
|
@@ -28,12 +28,15 @@ input {
|
|
|
28
28
|
Feed it with something that's functionally equivalent to this:
|
|
29
29
|
|
|
30
30
|
```
|
|
31
|
-
while true ; do (echo "s 0 GOOGDNS 1";mtr --raw --no-dns -c 1 8.8.8.8 ) | awk '{printf $0";"}' | nc localhost 4327 ; done
|
|
31
|
+
while true ; do (echo "s 0 MYBOX GOOGDNS 1";mtr --raw --no-dns -c 1 8.8.8.8 ) | awk '{printf $0";"}' | nc localhost 4327 ; done
|
|
32
32
|
```
|
|
33
33
|
|
|
34
34
|
Put the above in a script, make the script executable, and run it in the background. It'll continuously feed mtr trace data to
|
|
35
35
|
the codec.
|
|
36
36
|
|
|
37
|
+
The `agent` subdirectory contains some examples of this. You may have to play around with paths etc to make it work on your
|
|
38
|
+
system.
|
|
39
|
+
|
|
37
40
|
Explanation:
|
|
38
41
|
|
|
39
42
|
There's an infinite loop around the traces without a pause. A pause isn't really needed to keep load down as the trace is i/o bound
|
|
@@ -43,14 +46,14 @@ The `(echo ...;mtr)` construct allows us to overload the frontend of the trace a
|
|
|
43
46
|
stream. The front of the trace has a line that looks like this:
|
|
44
47
|
|
|
45
48
|
```
|
|
46
|
-
s 0 <targetname> <pingcount>
|
|
49
|
+
s 0 <originname> <targetname> <pingcount>
|
|
47
50
|
|
|
48
51
|
```
|
|
49
52
|
|
|
53
|
+
* <originname> is a name for the starting point of the trace
|
|
50
54
|
* <targetname> is whatever name you want to give the trace
|
|
51
55
|
* <pingcount> is the number of pings you're going to be doing to each node in the trace. This must match the -c parameter to mtr (see below).
|
|
52
56
|
|
|
53
|
-
Modify the echo statement accordingly.
|
|
54
57
|
|
|
55
58
|
The MTR execution part requires the following:
|
|
56
59
|
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
#!/usr/bin/env bash
|
|
2
|
+
|
|
3
|
+
ORIGIN_NAME=$1
|
|
4
|
+
TARGET_NAME=$2
|
|
5
|
+
PING_COUNT=$3
|
|
6
|
+
TARGET_IP=$4
|
|
7
|
+
LOGSTASH_IP=$5
|
|
8
|
+
LOGSTASH_PORT=$6
|
|
9
|
+
|
|
10
|
+
if [ -z "$1" ] ; then
|
|
11
|
+
echo "USAGE:"
|
|
12
|
+
echo "$0 <ORIGIN_NAME> <TARGET_NAME> <PING_COUNT> <TARGET_IP> <LOGSTASH_IP> <LOGSTASH_PORT>"
|
|
13
|
+
exit
|
|
14
|
+
fi
|
|
15
|
+
|
|
16
|
+
while true ; do echo -n '.'; (echo "s 0 $ORIGIN_NAME $TARGET_NAME 1";mtr --raw -c $PING_COUNT $TARGET_IP ) | awk '{printf $0";"}' | nc $LOGSTASH_IP $LOGSTASH_PORT ; done
|
|
17
|
+
|
data/agent/mtrtrace.sh
ADDED
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
#!/usr/bin/env bash
|
|
2
|
+
|
|
3
|
+
ORIGIN_NAME=$1
|
|
4
|
+
TARGET_NAME=$2
|
|
5
|
+
PING_COUNT=$3
|
|
6
|
+
TARGET_IP=$4
|
|
7
|
+
LOGSTASH_IP=$5
|
|
8
|
+
LOGSTASH_PORT=$6
|
|
9
|
+
|
|
10
|
+
if [ -z "$1" ] ; then
|
|
11
|
+
echo "USAGE:"
|
|
12
|
+
echo "$0 <ORIGIN_NAME> <TARGET_NAME> <PING_COUNT> <TARGET_IP> <LOGSTASH_IP> <LOGSTASH_PORT>"
|
|
13
|
+
exit
|
|
14
|
+
fi
|
|
15
|
+
|
|
16
|
+
while true ; do echo -n '.'; (echo "s 0 $ORIGIN_NAME $TARGET_NAME 1";mtr --raw --no-dns -c $PING_COUNT $TARGET_IP ) | awk '{printf $0";"}' | nc $LOGSTASH_IP $LOGSTASH_PORT ; done
|
|
17
|
+
|
|
@@ -4,6 +4,7 @@ require "logstash/codecs/line"
|
|
|
4
4
|
require "logstash/namespace"
|
|
5
5
|
require "securerandom"
|
|
6
6
|
require "digest"
|
|
7
|
+
require 'awesome_print'
|
|
7
8
|
|
|
8
9
|
|
|
9
10
|
# This codec presumes you've somehow sent in the equivalent of this
|
|
@@ -57,7 +58,12 @@ class LogStash::Codecs::Mtrraw < LogStash::Codecs::Base
|
|
|
57
58
|
if mtrrecs[0].type == 's'
|
|
58
59
|
target = mtrrecs.shift.data
|
|
59
60
|
pingcount = 0
|
|
60
|
-
if target =~ /(\w+) (\d+)/
|
|
61
|
+
if target =~ /(\w+) (\w+) (\d+)/
|
|
62
|
+
origin = $1
|
|
63
|
+
target = $2
|
|
64
|
+
pingcount = $3
|
|
65
|
+
elsif target =~ /(\w+) (\d+)/
|
|
66
|
+
origin = "ORIGIN"
|
|
61
67
|
target = $1
|
|
62
68
|
pingcount = $2
|
|
63
69
|
end
|
|
@@ -93,23 +99,26 @@ class LogStash::Codecs::Mtrraw < LogStash::Codecs::Base
|
|
|
93
99
|
"avgrtt" => avgrtt,
|
|
94
100
|
"tags" => ["wholepath"]
|
|
95
101
|
}
|
|
96
|
-
|
|
102
|
+
wholepathevent = LogStash::Event.new(tracedata)
|
|
103
|
+
yield wholepathevent
|
|
97
104
|
# Construct a starting point for trace to target
|
|
98
105
|
yield LogStash::Event.new({
|
|
99
106
|
"id" => id,
|
|
107
|
+
"origin" => origin,
|
|
100
108
|
"target" => target,
|
|
101
109
|
"tags" => ["hop"],
|
|
102
110
|
"seq" => -1,
|
|
103
111
|
"pathsig" => pathsig,
|
|
104
|
-
"A_node" => "
|
|
112
|
+
"A_node" => "#{origin}->#{target}",
|
|
105
113
|
"Z_node" => hops[0][:addr],
|
|
106
|
-
"dns" =>
|
|
114
|
+
"dns" => origin,
|
|
107
115
|
"avgrtt" => 0,
|
|
108
116
|
"avgloss" => 0
|
|
109
117
|
})
|
|
110
118
|
0.upto(path.size - 2) {
|
|
111
119
|
|index|
|
|
112
120
|
yield LogStash::Event.new({ "id" => id,
|
|
121
|
+
"origin" => origin,
|
|
113
122
|
"target" => target,
|
|
114
123
|
"tags" => ["hop"],
|
|
115
124
|
"pathsig" => pathsig,
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
s.name = 'logstash-codec-mtrraw'
|
|
3
|
-
s.version = '0.
|
|
3
|
+
s.version = '0.2.0'
|
|
4
4
|
s.licenses = ['Apache License (2.0)']
|
|
5
5
|
s.summary = 'Converts optionally overloaded mtr --raw data to an event'
|
|
6
6
|
s.description = 'Turn mtr --raw events with optional overloading into logstash events. see docs'
|
|
@@ -10,7 +10,7 @@ Gem::Specification.new do |s|
|
|
|
10
10
|
s.require_paths = ['lib']
|
|
11
11
|
|
|
12
12
|
# Files
|
|
13
|
-
s.files = Dir['lib/**/*','spec/**/*','vendor/**/*','*.gemspec','*.md','CONTRIBUTORS','Gemfile','LICENSE','NOTICE.TXT']
|
|
13
|
+
s.files = Dir['agent/*','lib/**/*','spec/**/*','vendor/**/*','*.gemspec','*.md','CONTRIBUTORS','Gemfile','LICENSE','NOTICE.TXT']
|
|
14
14
|
# Tests
|
|
15
15
|
s.test_files = s.files.grep(%r{^(test|spec|features)/})
|
|
16
16
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-codec-mtrraw
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- svdasein
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-11-
|
|
11
|
+
date: 2017-11-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: logstash-core-plugin-api
|
|
@@ -64,6 +64,8 @@ files:
|
|
|
64
64
|
- Gemfile
|
|
65
65
|
- LICENSE
|
|
66
66
|
- README.md
|
|
67
|
+
- agent/mtrtrace-dns.sh
|
|
68
|
+
- agent/mtrtrace.sh
|
|
67
69
|
- lib/logstash/codecs/mtrraw.rb
|
|
68
70
|
- logstash-codec-mtrraw.gemspec
|
|
69
71
|
- spec/codecs/mtrraw_spec.rb
|