logstash-filter-dateparts 2.0.1 → 2.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a8b480afd89318ea8bb3176bdec0b1cd9fbf3cd3
-  data.tar.gz: cd5302e4a35e5f4bd1b33b25759605bf4f288d77
+  metadata.gz: 5e19d793f2e58398b43d3a02e3cb752627117530
+  data.tar.gz: 010f207477326df140e9805693d13cd81f3a3b84
 SHA512:
-  metadata.gz: 5c3296b74768a007fc973faa9a428e213ecb627958e82342105e6a7a6fdd107c2edc5099b0e3f0c70133ed4819f14585496fb50fadec8234c9432105e5a5e650
-  data.tar.gz: a20d130798618bb3c5c0758e93615e1d60c4545edfdf54ce23a9c303625f127d019d1f5ad5d02f07cbf74628a319b360d7ae9a8c95c3b91a1f2d6fd9133ceac6
+  metadata.gz: 02946b25be55a6dafcc09037a747376b663360c77fb660473d0f08749285a5571b8e3a46852c0df106375e9562defc1acd75f146c7552a90582bd2b59fcb929d
+  data.tar.gz: 4595e1fac4bf60184c1abe2b6971df9d83b4c9358f91f84e8b8b76a3c43fb048864172887301e52a3713c9de08b495767c1c11dfacc71c769629f762a963fd5e

data/CHANGELOG.md

@@ -1,5 +1,14 @@
-# 2.0.0
-  - Breaking: Updated plugin to use new Java Event APIs
-
-# 1.0.1 
-  - Updated dependencies to avoid being tied to Logstash major release.
+# 2.1.1
+  - Added support for caluclating a duration - https://github.com/mikebski/logstash-filter-datepart/issues/4
+  - Added support for DateTime and other objects with a to_date method
+  - Added TravisCI build hook
+  
+# 2.0.1
+  - Removed extraneous output statement from
+    https://github.com/mikebski/logstash-filter-datepart/issues/3
+
+# 2.0.0
+  - Breaking: Updated plugin to use new Java Event APIs
+
+# 1.0.1 
+  - Updated dependencies to avoid being tied to Logstash major release.

data/Gemfile

@@ -1,2 +1,2 @@
-source 'https://rubygems.org'
-gemspec
+source 'https://rubygems.org'
+gemspec

data/LICENSE

@@ -1,13 +1,13 @@
-Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
+Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

data/README.md

@@ -1,119 +1,137 @@
-# Logstash Plugin
-
-This is a plugin for [Logstash](https://github.com/elastic/logstash).
-
-The source for this plugin can be [found here on github](https://github.com/mikebski/logstash-datepart-plugin.git)
-
-Author: Mike Baranski (mike.baranski@gmail.com).  Contributions are welcome.
-
-[![Gem Version](https://badge.fury.io/rb/logstash-filter-dateparts.svg)](https://badge.fury.io/rb/logstash-filter-dateparts)
-
-## License ##
-
-Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
-## About
-
-This plugin is useful if you want to easily query Logstash data on *day of week*, *hour of day*, or other parts of a date.  See the usage below for details on the output of the plugin.  The date parts that can be generated are:
-
-* day
-* wday
-* yday
-* month
-* year
-* hour
-* min
-* sec
-
-## Documentation
-
-### Installation
-
-To manually install the plugin, download the gem and run:
-
-`bin/plugin install --no-verify logstash-filter-dateparts-1.0.0.gem`
-
-### Usage
-
-To see the most basic usage, you can run the following (on Linux):
-
-`echo "HI" | bin/logstash -e 'input { stdin {} } filter {dateparts { }} output { stdout { codec=> rubydebug}}'`
-
-You could also use the logstash generator:
-
-`bin/logstash -e 'input {  generator { lines => ["HI"] count => 1  } } filter {dateparts { }} output { stdout { codec=> rubydebug}}'`
-
-Here is the sample output:
-
-	{
-		"message" => "HI",
-		"@version" => "1",
-		"@timestamp" => "2015-11-20T12:24:40.217Z",
-		"host" => "mike-VirtualBox",
-		"day" => 20,
-		"wday" => 5,
-		"yday" => 324,
-		"month" => 11,
-		"year" => 2015,
-		"hour" => 12,
-		"min" => 24,
-		"sec" => 40
-	}
-
-
-This uses the default configuration, which generates the following fields from the `@timestamp` field of the event:
-
-* day
-* wday
-* yday
-* month
-* year
-* hour
-* min
-* sec
-
-### Configuration
-
-#### Fields
-
-The generated fields are based on the date functions available in the [Ruby time class](http://ruby-doc.org/core-2.2.0/Time.html).  You can specify any valid function and it will be added to the event.
-
-For example, this will add 2 fields, *sec* corresponding to `time.sec()` and *hour* corresponding to `time.hour()`:
-
-    filter {
-    	   dateparts {
-	   	     "fields" => ["sec", "hour"]
-	   }
-    }
-
-#### Time Field
-
-By default, the plugin will use the *@timestamp* field, but you can specify a different one:
-
-    filter {
-    	   dateparts {
-	   	     "time_field" => "some_other_field"
-	   }
-    }
-
-#### Error Tags
-
-By default, the tag *_dateparts_error* is added on exception.  You can specify different tag(s) like so:
-
-    filter {
-    	   dateparts {
-	   	     "error_tags" => ["bad_dates", "xyz"]
-	   }
-    }
+# Logstash Plugin
+
+This is a plugin for [Logstash](https://github.com/elastic/logstash).
+
+The source for this plugin can be [found here on github](https://github.com/mikebski/logstash-datepart-plugin.git)
+
+Author: Mike Baranski (mike.baranski@gmail.com).  Contributions are welcome.
+
+[![Gem Version](https://badge.fury.io/rb/logstash-filter-dateparts.svg)](https://badge.fury.io/rb/logstash-filter-dateparts)
+[![Build Status](https://travis-ci.org/mikebski/logstash-filter-datepart.svg?branch=master)](https://travis-ci.org/mikebski/logstash-filter-datepart)
+
+## License ##
+
+Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+## About
+
+This plugin is useful if you want to easily query Logstash data on *day of week*, *hour of day*, or other parts of a date.  See the usage below for details on the output of the plugin.  The date parts that can be generated are:
+
+* day
+* wday
+* mday
+* yday
+* month
+* year
+* hour
+* min
+* sec
+
+## Documentation
+
+### Installation
+
+To manually install the plugin, download the gem and run:
+
+`bin/plugin install --no-verify logstash-filter-dateparts-1.0.0.gem`
+
+### Usage
+
+To see the most basic usage, you can run the following (on Linux):
+
+`echo "HI" | bin/logstash -e 'input { stdin {} } filter {dateparts { }} output { stdout { codec=> rubydebug}}'`
+
+You could also use the logstash generator:
+
+`bin/logstash -e 'input {  generator { lines => ["HI"] count => 1  } } filter {dateparts { }} output { stdout { codec=> rubydebug}}'`
+
+Here is the sample output:
+
+	{
+		"message" => "HI",
+		"@version" => "1",
+		"@timestamp" => "2015-11-20T12:24:40.217Z",
+		"host" => "mike-VirtualBox",
+		"day" => 20,
+		"wday" => 5,
+		"yday" => 324,
+		"month" => 11,
+		"year" => 2015,
+		"hour" => 12,
+		"min" => 24,
+		"sec" => 40
+	}
+
+
+This uses the default configuration, which generates the following fields from the `@timestamp` field of the event:
+
+* day
+* wday
+* yday
+* month
+* year
+* hour
+* min
+* sec
+
+### Configuration
+
+#### Fields
+
+The generated fields are based on the date functions available in the [Ruby time class](http://ruby-doc.org/core-2.2.0/Time.html).  You can specify any valid function and it will be added to the event.
+
+For example, this will add 2 fields, *sec* corresponding to `time.sec()` and *hour* corresponding to `time.hour()`:
+
+    filter {
+    	   dateparts {
+	   	     "fields" => ["sec", "hour"]
+	   }
+    }
+
+#### Time Field
+
+By default, the plugin will use the *@timestamp* field, but you can specify a different one:
+
+    filter {
+    	   dateparts {
+	   	     "time_field" => "some_other_field"
+	   }
+    }
+
+#### Duration Field (new in 2.1)
+
+2.1 provides the ability to calculate a duration (in seconds.milliseconds) based on 2 field.s
+The value of the duration is a float with millisecond precision.
+
+The input values must both be time values, and you specify an output field for the result
+
+    filter {
+         'fields' => %w(mday),
+         'duration' => {
+             'start_field' => 'tstart',
+             'end_field' => 'tend',
+             'result_field' => 'duration'
+         }
+     }
+
+#### Error Tags
+
+By default, the tag *_dateparts_error* is added on exception.  You can specify different tag(s) like so:
+
+    filter {
+    	   dateparts {
+	   	     "error_tags" => ["bad_dates", "xyz"]
+	   }
+    }

data/lib/logstash/filters/dateparts.rb

@@ -1,82 +1,118 @@
-# coding: utf-8
-# Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
-
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-
-#    http://www.apache.org/licenses/LICENSE-2.0
-
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# encoding: utf-8
-require "logstash/filters/base"
-require "logstash/namespace"
-
-# This filter will add date parts to your record based on
-# the timestamp field.
-# 
-class LogStash::Filters::DateParts < LogStash::Filters::Base
-  # Setting the config_name here is required. This is how you
-  # configure this filter from your Logstash config.
-  #
-  # filter {
-  #   dateparts {
-  #     
-  #   }
-  # }
-  #
-  config_name "dateparts"
-  config :fields, :validate => :array, :default => ["day", "wday", "yday", "month", "year", "hour", "min", "sec"], :required => true
-  config :time_field, :validate => :string, :default => "@timestamp", :required => true
-  config :error_tags, :validate => :array, :default => ["_dateparts_error"], :required => true
-  
-  public
-  def register
-    logger.debug? and logger.debug("DateParts filter registered")
-  end
-
-  def plugin_error(message, event)
-    logger.error("DatePart filter error: " + message)
-    LogStash::Util::Decorators.add_tags(@error_tags, event, "filters/#{self.class.name}")
-  end
-
-  def get_time_from_field(f)
-    if f.class == Time
-      return f
-    elsif f.respond_to?("time")
-      return f.time()
-    else
-      return nil
-    end
-  end
-  
-  public
-  def filter(event)
-    if @fields.respond_to?("each") and @fields.respond_to?("join")
-      logger.debug? and logger.debug("DateParts plugin filtering #{@time_field} time_field and adding fields: " + @fields.join(", "))
-      t = get_time_from_field(event.get(@time_field))
-      if t == nil
-        plugin_error("Invalid time field #{@time_field}; Time field must be an instance of Time or provide a time method that returns one", event)
-        return
-      end
-      @fields.each do |field|
-        begin
-          event.set(field, t.send(field))
-        rescue
-          plugin_error("No such method: #{field}\n", event)
-        end
-      end
-    else
-      plugin_error("DateParts plugin fields invalid, should be an array of function names")
-      return
-    end
-      
-    filter_matched(event)
-  end # def filter
-  
-end # class LogStash::Filters::DateParts
+# encoding: utf-8
+# Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+#    http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# encoding: utf-8
+require 'logstash/filters/base'
+require 'logstash/namespace'
+
+# This filter will add date parts to your record based on
+# the timestamp field.
+# 
+class LogStash::Filters::DateParts < LogStash::Filters::Base
+  # Setting the config_name here is required. This is how you
+  # configure this filter from your Logstash config.
+  #
+  # filter {
+  #   dateparts {
+  #     
+  #   }
+  # }
+  #
+  config_name 'dateparts'
+  config :fields, :validate => :array, :default => %w(day wday yday mday month year hour min sec), :required => true
+  config :time_field, :validate => :string, :default => '@timestamp', :required => true
+  config :error_tags, :validate => :array, :default => ['_dateparts_error'], :required => true
+  config :duration, :validate => :hash, :required => false
+  public
+
+  def register
+    logger.debug? and logger.debug('DateParts filter registered')
+  end
+
+  def plugin_error(message, event)
+    logger.error("DatePart filter error: #{message}")
+    LogStash::Util::Decorators.add_tags(@error_tags, event, "filters/#{self.class.name}")
+  end
+
+  def get_time_from_field(f)
+    if f.class == Time
+      f
+    elsif f.respond_to?('time')
+      f.time
+    elsif f.respond_to?('to_time')
+      f.to_time
+    else
+      nil
+    end
+  end
+
+  public
+  def filter(event)
+    invalid = true
+    event_time = get_time_from_field(event.get(@time_field))
+    if event_time == nil
+      plugin_error("Invalid time field #{@time_field}; Time field must be an instance of Time or provide a time method that returns one", event)
+      return
+    end
+    if @fields.respond_to?('each') and @fields.respond_to?('join')
+      invalid = false
+      logger.debug? and logger.debug("DateParts plugin filtering #{@time_field} time_field and adding fields: " + @fields.join(', '))
+      @fields.each do |field|
+        begin
+          event.set(field, event_time.send(field))
+        rescue
+          plugin_error("No such method: #{field}\n", event)
+        end
+      end
+    end
+    if @duration != nil
+      start_field = @duration['start_field']
+      if(start_field == nil)
+        start_field = '@timestamp'
+      end
+      start_time = get_time_from_field(event.get(start_field))
+
+      end_field = @duration['end_field']
+      if(end_field == nil)
+        end_field = '@timestamp'
+      end
+      end_time = get_time_from_field(event.get(end_field))
+
+      if start_time == nil or end_time == nil
+        plugin_error("Invalid start [#{@duration['start_field']}] or end [#{@duration['end_field']}].  Time fields must be an instance of Time or provide a time method that returns one", event)
+        return
+      end
+      if(start_field.eql?(end_field))
+        logger.warn("Start and End fields are the same for dateparts filter [#{start_field}]")
+      end
+
+      result_field = @duration['result_field']
+      if result_field == nil
+        result_field = 'duration_result'
+      end
+
+      duration = end_time - start_time
+      event.set(result_field, duration)
+      invalid = false
+    end
+    if invalid
+      plugin_error('DateParts plugin error', event)
+      return
+    end
+
+    filter_matched(event)
+  end # def filter
+
+end # class LogStash::Filters::DateParts

data/logstash-filter-dateparts.gemspec

@@ -1,39 +1,39 @@
-# encoding: utf-8
-
-# Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
-
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-
-#    http://www.apache.org/licenses/LICENSE-2.0
-
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-Gem::Specification.new do |s|
-  s.name = 'logstash-filter-dateparts'
-  s.version         = '2.0.1'
-  s.licenses = ['Apache License (2.0)']
-  s.summary = 'This dateparts fileter adds date information to your event based on your timestamp'
-  s.description = 'This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program'
-  s.authors = ['Mike Baranski']
-  s.email = 'mike.baranski@gmail.com'
-  s.homepage = 'http://mikeski.net'
-  s.require_paths = ['lib']
-
-  # Files
-  s.files = Dir['lib/**/*','spec/**/*','vendor/**/*','*.gemspec','*.md','Gemfile','LICENSE']
-   # Tests
-  s.test_files = s.files.grep(%r{^(test|spec|features)/})
-
-  # Special flag to let us know this is actually a logstash plugin
-  s.metadata = { 'logstash_plugin' => 'true', 'logstash_group' => 'filter' }
-
-  # Gem dependencies
-  s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
-  s.add_development_dependency 'logstash-devutils'
-end
+# encoding: utf-8
+
+# Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+#    http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+Gem::Specification.new do |s|
+  s.name = 'logstash-filter-dateparts'
+  s.version         = '2.1.1'
+  s.licenses = ['Apache License (2.0)']
+  s.summary = 'This dateparts fileter adds date information to your event based on your timestamp'
+  s.description = 'This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program'
+  s.authors = ['Mike Baranski']
+  s.email = 'mike.baranski@gmail.com'
+  s.homepage = 'http://mikeski.net'
+  s.require_paths = ['lib']
+
+  # Files
+  s.files = Dir['lib/**/*','spec/**/*','vendor/**/*','*.gemspec','*.md','Gemfile','LICENSE']
+   # Tests
+  s.test_files = s.files.grep(%r{^(test|spec|features)/})
+
+  # Special flag to let us know this is actually a logstash plugin
+  s.metadata = { 'logstash_plugin' => 'true', 'logstash_group' => 'filter' }
+
+  # Gem dependencies
+  s.add_runtime_dependency 'logstash-core-plugin-api', '>= 1.60', '<= 2.99'
+  s.add_development_dependency 'logstash-devutils', '1.1.0'
+end

data/spec/filters/dateparts_spec.rb

@@ -1,97 +1,206 @@
-# coding: utf-8
-# Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
-
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-
-#    http://www.apache.org/licenses/LICENSE-2.0
-
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-require 'spec_helper'
-require "logstash/filters/dateparts"
-require "logstash/timestamp"
-require "logstash/event"
-
-def get_event(contents = {})
-  contents["@timestamp"] = LogStash::Timestamp.new
-  event = LogStash::Event.new(contents)
-  return event
-end
-
-describe LogStash::Filters::DateParts do
-  default_ts = "@timestamp"
-  alt_ts_field = "zxlk"
-  
-  it "Default config should result in filter with 8 functions, one error tag and @timestamp as the time field" do
-    f = LogStash::Filters::DateParts.new({})
-    
-    expect(f.class).to eq(LogStash::Filters::DateParts)
-    expect(f.fields.length).to eq(8)
-    expect(f.time_field).to eq(default_ts)
-    expect(f.error_tags.length).to eq(1)
-  end
-
-  it "Config should result in filter with 2 functions and the alt timestamp field" do
-    f = LogStash::Filters::DateParts.new({
-                                           "fields" => ["sec", "hour"],
-                                           "time_field" => alt_ts_field 
-                                         })
-    
-    expect(f.class).to eq(LogStash::Filters::DateParts)
-    expect(f.fields.length).to eq(2)
-    expect(f.fields[0]).to eq("sec")
-    expect(f.time_field).to eq(alt_ts_field)
-  end
-
-  it "Should generate the default fields (8 of them)" do
-    event = get_event()
-    count = event.to_hash().count
-    f = LogStash::Filters::DateParts.new({})
-    f.filter(event)
-    
-    expect(event.to_hash().count).to eq(count + 8)
-    expect(event.get('sec')).to be_truthy
-    expect(event.get('hour')).to be_truthy
-    expect(event.get('min')).to be_truthy
-    expect(event.get('month')).to be_truthy
-    expect(event.get('year')).to be_truthy
-    expect(event.get('day')).to be_truthy
-    expect(event.get('wday')).to be_truthy
-    expect(event.get('yday')).to be_truthy
-    expect(event.get('tags')).to be_nil
-  end
-
-  it "Should generate only the specified fields" do
-    event = get_event()
-    count = event.to_hash.count
-    f = LogStash::Filters::DateParts.new({
-                                           "fields" => ["sec", "hour"]
-                                         })
-    f.filter(event)
-    expect(event.to_hash().count).to eq(count + 2)
-    expect(event.get('sec')).to be_truthy
-    expect(event.get('hour')).to be_truthy
-    expect(event.get('min')).to be_nil
-    expect(event.get('month')).to be_nil
-    expect(event.get('year')).to be_nil
-    expect(event.get('day')).to be_nil
-    expect(event.get('wday')).to be_nil
-    expect(event.get('yday')).to be_nil
-    expect(event.get('tags')).to be_nil
-  end
-
-  it "Should set the error tag on an invalid time field" do
-    event = get_event()
-    count = event.to_hash().count
-    f = LogStash::Filters::DateParts.new({ "time_field" => alt_ts_field })
-    
-    f.filter(event)
-    expect(event.get('tags').include? '_dateparts_error').to eq(true)
-  end
-end
+# coding: utf-8
+# Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+#    http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'spec_helper'
+require 'logstash/filters/dateparts'
+require 'logstash/timestamp'
+require 'logstash/event'
+
+def get_event(contents = {})
+  contents['@timestamp'] = LogStash::Timestamp.new
+  LogStash::Event.new(contents)
+end
+
+describe LogStash::Filters::DateParts do
+  default_ts = '@timestamp'
+  alt_ts_field = 'zxlk'
+
+  it 'Get time from field should work with Time' do
+    f = LogStash::Filters::DateParts.new({})
+    field_to_test = Time.new
+    val = f.get_time_from_field(field_to_test);
+    expect(val.class).to be(Time)
+  end
+
+  it 'Get time from field should work with DateTime' do
+    f = LogStash::Filters::DateParts.new({})
+    field_to_test = DateTime.new
+    val = f.get_time_from_field(field_to_test);
+    expect(val.class).to be(Time)
+  end
+
+  it 'Default config should result in filter with 8 functions, one error tag and @timestamp as the time field' do
+    f = LogStash::Filters::DateParts.new({})
+    
+    expect(f.class).to eq(LogStash::Filters::DateParts)
+    expect(f.fields.length).to eq(9)
+    expect(f.time_field).to eq(default_ts)
+    expect(f.error_tags.length).to eq(1)
+  end
+
+  it 'Config should result in filter with 2 functions and the alt timestamp field' do
+    f = LogStash::Filters::DateParts.new({
+                                           'fields' => %w(sec hour),
+                                           'time_field' => alt_ts_field
+                                         })
+    
+    expect(f.class).to eq(LogStash::Filters::DateParts)
+    expect(f.fields.length).to eq(2)
+    expect(f.fields[0]).to eq('sec')
+    expect(f.time_field).to eq(alt_ts_field)
+  end
+
+  it 'Should generate the default fields (8 of them)' do
+    event = get_event
+    count = event.to_hash.count
+    f = LogStash::Filters::DateParts.new({})
+    f.filter(event)
+    
+    expect(event.to_hash.count).to eq(count + 9)
+    expect(event.get('sec')).to be_truthy
+    expect(event.get('hour')).to be_truthy
+    expect(event.get('min')).to be_truthy
+    expect(event.get('month')).to be_truthy
+    expect(event.get('year')).to be_truthy
+    expect(event.get('day')).to be_truthy
+    expect(event.get('wday')).to be_truthy
+    expect(event.get('mday')).to be_truthy
+    expect(event.get('yday')).to be_truthy
+    expect(event.get('tags')).to be_nil
+  end
+
+  it 'Should generate only the specified fields' do
+    event = get_event
+    count = event.to_hash.count
+    f = LogStash::Filters::DateParts.new({
+                                           'fields' => %w(sec hour)
+                                         })
+    f.filter(event)
+    expect(event.to_hash.count).to eq(count + 2)
+    expect(event.get('sec')).to be_truthy
+    expect(event.get('hour')).to be_truthy
+    expect(event.get('min')).to be_nil
+    expect(event.get('month')).to be_nil
+    expect(event.get('year')).to be_nil
+    expect(event.get('day')).to be_nil
+    expect(event.get('wday')).to be_nil
+    expect(event.get('mday')).to be_nil
+    expect(event.get('yday')).to be_nil
+    expect(event.get('tags')).to be_nil
+  end
+
+  it 'Should set the error tag on an invalid time field' do
+    event = get_event
+    f = LogStash::Filters::DateParts.new({ 'time_field' => alt_ts_field })
+    
+    f.filter(event)
+    expect(event.get('tags').include? '_dateparts_error').to eq(true)
+  end
+
+  it 'Should bail on an invalid date part' do
+    event = get_event
+    f = LogStash::Filters::DateParts.new({
+                                             'fields' => %w(seczzz zzhour)
+                                         })
+    f.filter(event)
+    expect(event.get('tags').include? '_dateparts_error').to eq(true)
+  end
+
+  it 'Should calculate a duration' do
+    event = get_event
+    f = LogStash::Filters::DateParts.new({
+        'duration' => {
+            'start_field' => '@timestamp',
+            'end_field' => 'sometime',
+            'result_field' => 'duration'
+        }
+                                         })
+    event.set('sometime', Time.new)
+    f.filter(event)
+    expect(event.get('tags')).to be_nil
+    expect(event.get('duration')).to be > 0
+  end
+
+  it 'Should calculate a duration using 2 fields' do
+    event = get_event
+    f = LogStash::Filters::DateParts.new({
+                                             'duration' => {
+                                                 'start_field' => 'tstart',
+                                                 'end_field' => 'tend',
+                                                 'result_field' => 'duration'
+                                             }
+                                         })
+
+    event.set('tstart', DateTime.new(2016, 1, 1, 12, 0, 0).to_time)
+    event.set('tend', DateTime.new(2016, 1, 1, 12, 0, 0).to_time)
+    f.filter(event)
+    expect(event.get('tags')).to be_nil
+    expect(event.get('duration')).to eq(0.0)
+  end
+
+  it 'Should calculate a duration of 1 second using 2 fields' do
+    event = get_event
+    f = LogStash::Filters::DateParts.new({
+                                             'duration' => {
+                                                 'start_field' => 'tstart',
+                                                 'end_field' => 'tend',
+                                                 'result_field' => 'duration'
+                                             }
+                                         })
+
+    event.set('tstart', DateTime.new(2016, 1, 1, 23, 0, 0).to_time)
+    event.set('tend', DateTime.new(2016, 1, 1, 23, 0, 1).to_time)
+    f.filter(event)
+    expect(event.get('tags')).to be_nil
+    expect(event.get('duration')).to eq(1.0)
+  end
+
+  it 'Should calculate a duration of 3600 seconds using 2 fields and calculate datepart' do
+    event = get_event
+    f = LogStash::Filters::DateParts.new({
+                                             #'fields' => %w(mday),
+                                             'duration' => {
+                                                 'start_field' => 'tstart',
+                                                 'end_field' => 'tend',
+                                                 'result_field' => 'duration'
+                                             }
+                                         })
+
+    event.set('tstart', DateTime.new(2016, 1, 1, 20, 0, 0).to_time)
+    event.set('tend', DateTime.new(2016, 1, 1, 21, 0, 0).to_time)
+    f.filter(event)
+    expect(event.get('tags')).to be_nil
+    expect(event.get('duration')).to eq(3600.0)
+    expect(event.get('mday')).to be > -1
+
+  end
+
+  it 'Should warn and return 0.0 if start and end are the same field' do
+    event = get_event
+    f = LogStash::Filters::DateParts.new({
+                                             'duration' => {
+                                                 'start_field' => 'tstart',
+                                                 'end_field' => 'tstart',
+                                                 'result_field' => 'duration'
+                                             }
+                                         })
+
+    event.set('tstart', DateTime.new(2016, 1, 1, 20, 0, 0).to_time)
+    f.filter(event)
+    expect(event.get('tags')).to be_nil
+    expect(event.get('duration')).to eq(0.0)
+    expect(event.get('mday')).to be > -1
+  end
+end

data/spec/spec_helper.rb

@@ -1,16 +1,16 @@
-# coding: utf-8
-# Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
-
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-
-#    http://www.apache.org/licenses/LICENSE-2.0
-
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-require "logstash/devutils/rspec/spec_helper"
+# coding: utf-8
+# Copyright (c) 2014–2015 Mike Baranski <http://www.mikeski.net>
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+#    http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require "logstash/devutils/rspec/spec_helper"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-filter-dateparts
 version: !ruby/object:Gem::Version
-  version: 2.0.1
+  version: 2.1.1
 platform: ruby
 authors:
 - Mike Baranski
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-09-30 00:00:00.000000000 Z
+date: 2016-10-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: logstash-core-plugin-api
@@ -34,16 +34,16 @@ dependencies:
   name: logstash-devutils
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.1.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.1.0
 description: This gem is a logstash plugin required to be installed on top of the
   Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not
   a stand-alone program
@@ -82,7 +82,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.0.14
+rubygems_version: 2.0.14.1
 signing_key: 
 specification_version: 4
 summary: This dateparts fileter adds date information to your event based on your