logstash-filter-LDAPresolve 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +14 -0
- data/lib/logstash/filters/LDAPresolve.rb +10 -6
- data/logstash-filter-LDAPresolve.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: de57dc6b5130f9fd6c2cf254692aef06a80baebf
|
|
4
|
+
data.tar.gz: db27910914b47e409ab783633fce0da877c51fa9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 43a16fe0a4786385b9b18d3e439f403a3a8b6f02902e23a712ecf599367c21f667361ab3e6196e972b550f048662a60c2607267314ec2f1628cc3c69ef520d72
|
|
7
|
+
data.tar.gz: aa19a0e86dbf5cff46c1d0c6ef7df4d503f6235a91b03d913be565de2f6b54c5515cc710f69261d75772f4b1ed8fe318fb6ae989a97c361fd7310b899f1bb823
|
data/README.md
CHANGED
|
@@ -104,6 +104,20 @@ LDAPresolve {
|
|
|
104
104
|
}
|
|
105
105
|
```
|
|
106
106
|
|
|
107
|
+
uidNumber can be dynamic and include parts of the event using the %{field} syntax.
|
|
108
|
+
eg assume we have the uidNumber previously stored in the envent's field 'uid'
|
|
109
|
+
We can then use
|
|
110
|
+
```sh
|
|
111
|
+
LDAPresolve {
|
|
112
|
+
uidNumber => "%{uid}"
|
|
113
|
+
host => "ldap.somewhere.org"
|
|
114
|
+
userdn => "ou=users,dc=somewhere,dc=org"
|
|
115
|
+
groupdn => "ou=groups,dc=somewhere,dc=org"
|
|
116
|
+
}
|
|
117
|
+
|
|
118
|
+
```
|
|
119
|
+
|
|
120
|
+
|
|
107
121
|
#### auxiliary arguments
|
|
108
122
|
|
|
109
123
|
if your LDAP server use another port than the (339) default one
|
|
@@ -36,7 +36,7 @@ require "logstash/namespace"
|
|
|
36
36
|
# [source, ruby]
|
|
37
37
|
# filter {
|
|
38
38
|
# LDAPresolve {
|
|
39
|
-
# uidNumber => uidNumber to resolve
|
|
39
|
+
# uidNumber => uidNumber to resolve, you can also use "%{field name}" syntax
|
|
40
40
|
# host => "my.LDAP.Server"
|
|
41
41
|
# userdn => "Domain Name to search for users information"
|
|
42
42
|
# groupdn => "Domain Name to search for group information"
|
|
@@ -123,24 +123,28 @@ class LogStash::Filters::LDAPresolve < LogStash::Filters::Base
|
|
|
123
123
|
|
|
124
124
|
public
|
|
125
125
|
def filter(event)
|
|
126
|
+
# extract uid value from event
|
|
127
|
+
uid2resolve = event.sprintf(@uidNumber)
|
|
128
|
+
|
|
129
|
+
#STDERR.puts "UID:#{uid2resolve}"
|
|
126
130
|
exitstatus = @SUCCESS
|
|
127
131
|
##--- first check cache for provided uidNumber
|
|
128
132
|
cached = false
|
|
129
133
|
if @useCache
|
|
130
|
-
cached = cached?(
|
|
134
|
+
cached = cached?(uid2resolve)
|
|
131
135
|
end
|
|
132
136
|
|
|
133
137
|
if cached
|
|
134
138
|
login, user , group = cached
|
|
135
139
|
else
|
|
136
|
-
@logger.info("prompt LDAP for #{
|
|
140
|
+
@logger.info("prompt LDAP for #{uid2resolve} informations")
|
|
137
141
|
if use_ssl
|
|
138
142
|
conn = LDAP::SSLConn.new(host=@host, port=@ldaps_port)
|
|
139
143
|
else
|
|
140
144
|
conn = LDAP::Conn.new(host=@host, port=@ldap_port)
|
|
141
145
|
end
|
|
142
146
|
|
|
143
|
-
res = ldapsearch(conn,
|
|
147
|
+
res = ldapsearch(conn, uid2resolve)
|
|
144
148
|
user = res['user']
|
|
145
149
|
group = res['group']
|
|
146
150
|
login = res['login']
|
|
@@ -148,7 +152,7 @@ class LogStash::Filters::LDAPresolve < LogStash::Filters::Base
|
|
|
148
152
|
errmsg = res['err']
|
|
149
153
|
|
|
150
154
|
##--- cache infos.
|
|
151
|
-
cacheUID(
|
|
155
|
+
cacheUID(uid2resolve, login, user, group)
|
|
152
156
|
end
|
|
153
157
|
|
|
154
158
|
##--- finaly change event to embed login, user and group information
|
|
@@ -206,7 +210,7 @@ class LogStash::Filters::LDAPresolve < LogStash::Filters::Base
|
|
|
206
210
|
scope = LDAP::LDAP_SCOPE_SUBTREE
|
|
207
211
|
##--- search LDAP for the user name
|
|
208
212
|
begin
|
|
209
|
-
conn.search(@userdn, scope, "(& (objectclass=posixAccount) (uidNumber=#{
|
|
213
|
+
conn.search(@userdn, scope, "(& (objectclass=posixAccount) (uidNumber=#{uidNumber}))", @userattrs) { |entry|
|
|
210
214
|
|
|
211
215
|
# convert entry object to hash for easier manipulation
|
|
212
216
|
hashEntry = {}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
s.name = 'logstash-filter-LDAPresolve'
|
|
3
|
-
s.version = '0.1.
|
|
3
|
+
s.version = '0.1.2'
|
|
4
4
|
s.licenses = ['Apache License (2.0)']
|
|
5
5
|
s.summary = "This filter adds infodrmation fields from LDAP server based on the provided uid."
|
|
6
6
|
s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-filter-LDAPresolve
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Eric Deveaud
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-07-
|
|
11
|
+
date: 2015-07-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: logstash-core
|