logstash-filter-elapsed 3.0.2 → 4.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/LICENSE +1 -1
  4. data/README.md +12 -3
  5. data/lib/logstash/filters/elapsed.rb +17 -17
  6. data/logstash-filter-elapsed.gemspec +3 -3
  7. data/spec/filters/elapsed_spec.rb +21 -21
  8. metadata +13 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c4627cc1a4e6348394f82170fa0936280226e8a4
4
- data.tar.gz: 3ae065d888a13ed11446723e3e11989f788fb3fe
3
+ metadata.gz: 6892219b404e96411216707b1bb17cf60884dd65
4
+ data.tar.gz: d61cb14d8de18190aff53baebc8acb993a322cfc
5
5
  SHA512:
6
- metadata.gz: 6bf11487ff0921e5fae2bd3adab819eba5560d9281f30c4ffc08f9deadd7e9c657839e594ea7cc6feb03bda86d3909057d91713a09bfea049120bd26368dcb4e
7
- data.tar.gz: c293db5e6ef3adfc1f05638a99108a7bf60d06430592e209403ff7b61a4c7b1bc9ad8b206f637921887f9f094a2b4a5279174a171c957c2396fb1184cb8d675e
6
+ metadata.gz: 5a9d450ea54de03a47264f6f7703b28456166a12060a1709c1f15132df076840b346ae169fb76e0377f5649e6f58317524edeef750052b6f3da1a359981de9a8
7
+ data.tar.gz: fec56248a3ce501791129f5565ba3e338f5140423cecb62d25a24e17b5c020bd725ba00f7ac3d6158dadadc01e02f7a0d3a7e7160c416eae45e8972511af12f4
data/CHANGELOG.md CHANGED
@@ -1,7 +1,12 @@
1
+ # 4.0.0
2
+ - Use the new Event Api used in v5.0.0+
3
+
1
4
  # 3.0.2
2
5
  - Depend on logstash-core-plugin-api instead of logstash-core, removing the need to mass update plugins on major releases of logstash
6
+
3
7
  # 3.0.1
4
8
  - New dependency requirements for logstash-core for the 5.0 release
9
+
5
10
  ## 3.0.0
6
11
  - Elasticsearch 2.0 does not allow field names with dots in them. This is a
7
12
  breaking change which replaces the `.` with an underscore, `_`
data/LICENSE CHANGED
@@ -1,4 +1,4 @@
1
- Copyright (c) 2012–2015 Elasticsearch <http://www.elastic.co>
1
+ Copyright (c) 2012–2016 Elasticsearch <http://www.elastic.co>
2
2
 
3
3
  Licensed under the Apache License, Version 2.0 (the "License");
4
4
  you may not use this file except in compliance with the License.
data/README.md CHANGED
@@ -1,7 +1,6 @@
1
1
  # Logstash Plugin
2
2
 
3
- [![Build
4
- Status](http://build-eu-00.elastic.co/view/LS%20Plugins/view/LS%20Filters/job/logstash-plugin-filter-elapsed-unit/badge/icon)](http://build-eu-00.elastic.co/view/LS%20Plugins/view/LS%20Filters/job/logstash-plugin-filter-elapsed-unit/)
3
+ [![Travis Build Status](https://travis-ci.org/logstash-plugins/logstash-filter-elapsed.svg)](https://travis-ci.org/logstash-plugins/logstash-filter-elapsed)
5
4
 
6
5
  This is a plugin for [Logstash](https://github.com/elastic/logstash).
7
6
 
@@ -56,7 +55,12 @@ gem "logstash-filter-awesome", :path => "/your/local/logstash-filter-awesome"
56
55
  ```
57
56
  - Install plugin
58
57
  ```sh
58
+ # Logstash 2.3 and higher
59
+ bin/logstash-plugin install --no-verify
60
+
61
+ # Prior to Logstash 2.3
59
62
  bin/plugin install --no-verify
63
+
60
64
  ```
61
65
  - Run Logstash with your plugin
62
66
  ```sh
@@ -74,7 +78,12 @@ gem build logstash-filter-awesome.gemspec
74
78
  ```
75
79
  - Install the plugin from the Logstash home
76
80
  ```sh
77
- bin/plugin install /your/local/plugin/logstash-filter-awesome.gem
81
+ # Logstash 2.3 and higher
82
+ bin/logstash-plugin install --no-verify
83
+
84
+ # Prior to Logstash 2.3
85
+ bin/plugin install --no-verify
86
+
78
87
  ```
79
88
  - Start Logstash and proceed to test the plugin
80
89
 
data/lib/logstash/filters/elapsed.rb CHANGED
@@ -39,13 +39,13 @@ require 'socket'
39
39
  # [source,ruby]
40
40
  # filter {
41
41
  # grok {
42
- # match => ["message", "%{TIMESTAMP_ISO8601} START id: (?<task_id>.*)"]
42
+ # match => { "message" => "%{TIMESTAMP_ISO8601} START id: (?<task_id>.*)" }
43
43
  # add_tag => [ "taskStarted" ]
44
44
  # }
45
45
  #
46
46
  # grok {
47
- # match => ["message", "%{TIMESTAMP_ISO8601} END id: (?<task_id>.*)"]
48
- # add_tag => [ "taskTerminated"]
47
+ # match => { "message" => "%{TIMESTAMP_ISO8601} END id: (?<task_id>.*)" }
48
+ # add_tag => [ "taskTerminated" ]
49
49
  # }
50
50
  #
51
51
  # elapsed {
@@ -133,7 +133,7 @@ class LogStash::Filters::Elapsed < LogStash::Filters::Base
133
133
  def filter(event)
134
134
 
135
135
 
136
- unique_id = event[@unique_id_field]
136
+ unique_id = event.get(@unique_id_field)
137
137
  return if unique_id.nil?
138
138
 
139
139
  if(start_event?(event))
@@ -154,13 +154,13 @@ class LogStash::Filters::Elapsed < LogStash::Filters::Base
154
154
  if(@start_events.has_key?(unique_id))
155
155
  start_event = @start_events.delete(unique_id).event
156
156
  @mutex.unlock
157
- elapsed = event["@timestamp"] - start_event["@timestamp"]
157
+ elapsed = event.get("@timestamp") - start_event.get("@timestamp")
158
158
  if(@new_event_on_match)
159
- elapsed_event = new_elapsed_event(elapsed, unique_id, start_event["@timestamp"])
159
+ elapsed_event = new_elapsed_event(elapsed, unique_id, start_event.get("@timestamp"))
160
160
  filter_matched(elapsed_event)
161
161
  yield elapsed_event if block_given?
162
162
  else
163
- return add_elapsed_info(event, elapsed, unique_id, start_event["@timestamp"])
163
+ return add_elapsed_info(event, elapsed, unique_id, start_event.get("@timestamp"))
164
164
  end
165
165
  else
166
166
  @mutex.unlock
@@ -211,10 +211,10 @@ class LogStash::Filters::Elapsed < LogStash::Filters::Base
211
211
  error_event.tag(ELAPSED_TAG)
212
212
  error_event.tag(EXPIRED_ERROR_TAG)
213
213
 
214
- error_event[HOST_FIELD] = Socket.gethostname
215
- error_event[@unique_id_field] = element.event[@unique_id_field]
216
- error_event[ELAPSED_FIELD] = element.age
217
- error_event[TIMESTAMP_START_EVENT_FIELD] = element.event["@timestamp"]
214
+ error_event.set(HOST_FIELD, Socket.gethostname)
215
+ error_event.set(@unique_id_field, element.event.get(@unique_id_field) )
216
+ error_event.set(ELAPSED_FIELD, element.age)
217
+ error_event.set(TIMESTAMP_START_EVENT_FIELD, element.event.get("@timestamp") )
218
218
 
219
219
  events << error_event
220
220
  filter_matched(error_event)
@@ -224,16 +224,16 @@ class LogStash::Filters::Elapsed < LogStash::Filters::Base
224
224
  end
225
225
 
226
226
  def start_event?(event)
227
- return (event["tags"] != nil && event["tags"].include?(@start_tag))
227
+ return (event.get("tags") != nil && event.get("tags").include?(@start_tag))
228
228
  end
229
229
 
230
230
  def end_event?(event)
231
- return (event["tags"] != nil && event["tags"].include?(@end_tag))
231
+ return (event.get("tags") != nil && event.get("tags").include?(@end_tag))
232
232
  end
233
233
 
234
234
  def new_elapsed_event(elapsed_time, unique_id, timestamp_start_event)
235
235
  new_event = LogStash::Event.new
236
- new_event[HOST_FIELD] = Socket.gethostname
236
+ new_event.set(HOST_FIELD, Socket.gethostname)
237
237
  return add_elapsed_info(new_event, elapsed_time, unique_id, timestamp_start_event)
238
238
  end
239
239
 
@@ -241,9 +241,9 @@ class LogStash::Filters::Elapsed < LogStash::Filters::Base
241
241
  event.tag(ELAPSED_TAG)
242
242
  event.tag(MATCH_TAG)
243
243
 
244
- event[ELAPSED_FIELD] = elapsed_time
245
- event[@unique_id_field] = unique_id
246
- event[TIMESTAMP_START_EVENT_FIELD] = timestamp_start_event
244
+ event.set(ELAPSED_FIELD, elapsed_time)
245
+ event.set(@unique_id_field, unique_id)
246
+ event.set(TIMESTAMP_START_EVENT_FIELD, timestamp_start_event)
247
247
 
248
248
  return event
249
249
  end
data/logstash-filter-elapsed.gemspec CHANGED
@@ -1,10 +1,10 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'logstash-filter-elapsed'
4
- s.version = '3.0.2'
4
+ s.version = '4.0.0'
5
5
  s.licenses = ['Apache License (2.0)']
6
6
  s.summary = "This filter tracks a pair of start/end events and calculates the elapsed time between them."
7
- s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
7
+ s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
8
8
  s.authors = ["Elastic"]
9
9
  s.email = 'info@elastic.co'
10
10
  s.homepage = "http://www.elastic.co/guide/en/logstash/current/index.html"
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
20
20
  s.metadata = { "logstash_plugin" => "true", "logstash_group" => "filter" }
21
21
 
22
22
  # Gem dependencies
23
- s.add_runtime_dependency "logstash-core-plugin-api", "~> 1.0"
23
+ s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
24
24
 
25
25
  s.add_development_dependency 'logstash-devutils'
26
26
  end
data/spec/filters/elapsed_spec.rb CHANGED
@@ -105,7 +105,7 @@ describe LogStash::Filters::Elapsed do
105
105
 
106
106
  @filter.filter(end_event)
107
107
 
108
- insist { end_event["tags"].include?("elapsed_end_without_start") } == true
108
+ insist { end_event.get("tags").include?("elapsed_end_without_start") } == true
109
109
  end
110
110
  end
111
111
  end
@@ -150,23 +150,23 @@ describe LogStash::Filters::Elapsed do
150
150
 
151
151
  shared_examples_for "match event" do
152
152
  it "contains the tag 'elapsed'" do
153
- insist { @match_event["tags"].include?("elapsed") } == true
153
+ insist { @match_event.get("tags").include?("elapsed") } == true
154
154
  end
155
155
 
156
156
  it "contains the tag tag 'elapsed_match'" do
157
- insist { @match_event["tags"].include?("elapsed_match") } == true
157
+ insist { @match_event.get("tags").include?("elapsed_match") } == true
158
158
  end
159
159
 
160
160
  it "contains an 'elapsed_time field' with the elapsed time" do
161
- insist { @match_event["elapsed_time"] } == 10
161
+ insist { @match_event.get("elapsed_time") } == 10
162
162
  end
163
163
 
164
164
  it "contains an 'elapsed_timestamp_start field' with the timestamp of the 'start event'" do
165
- insist { @match_event["elapsed_timestamp_start"] } == @start_event["@timestamp"]
165
+ insist { @match_event.get("elapsed_timestamp_start") } == @start_event.get("@timestamp")
166
166
  end
167
167
 
168
168
  it "contains an 'id field'" do
169
- insist { @match_event[ID_FIELD] } == @id_value
169
+ insist { @match_event.get(ID_FIELD) } == @id_value
170
170
  end
171
171
  end
172
172
 
@@ -178,7 +178,7 @@ describe LogStash::Filters::Elapsed do
178
178
  @start_event = start_event(ID_FIELD => @id_value)
179
179
  @filter.filter(@start_event)
180
180
 
181
- end_timestamp = @start_event["@timestamp"] + 10
181
+ end_timestamp = @start_event.get("@timestamp") + 10
182
182
  end_event = end_event(ID_FIELD => @id_value, "@timestamp" => end_timestamp)
183
183
  @filter.filter(end_event) do |new_event|
184
184
  @match_event = new_event
@@ -189,14 +189,14 @@ describe LogStash::Filters::Elapsed do
189
189
  it_behaves_like "match event"
190
190
 
191
191
  it "contains the 'host field'" do
192
- insist { @match_event["host"] } == Socket.gethostname
192
+ insist { @match_event.get("host") } == Socket.gethostname
193
193
  end
194
194
  end
195
195
  end
196
196
 
197
197
  context "if 'new_event_on_match' is set to 'false'" do
198
198
  before(:each) do
199
- end_timestamp = @start_event["@timestamp"] + 10
199
+ end_timestamp = @start_event.get("@timestamp") + 10
200
200
  end_event = end_event(ID_FIELD => @id_value, "@timestamp" => end_timestamp)
201
201
  @filter.filter(end_event)
202
202
 
@@ -264,33 +264,33 @@ describe LogStash::Filters::Elapsed do
264
264
  end
265
265
 
266
266
  it "creates a new event with tag 'elapsed_expired_error' for each expired 'start event'" do
267
- insist { @expired_events[0]["tags"].include?("elapsed_expired_error") } == true
268
- insist { @expired_events[1]["tags"].include?("elapsed_expired_error") } == true
267
+ insist { @expired_events[0].get("tags").include?("elapsed_expired_error") } == true
268
+ insist { @expired_events[1].get("tags").include?("elapsed_expired_error") } == true
269
269
  end
270
270
 
271
271
  it "creates a new event with tag 'elapsed' for each expired 'start event'" do
272
- insist { @expired_events[0]["tags"].include?("elapsed") } == true
273
- insist { @expired_events[1]["tags"].include?("elapsed") } == true
272
+ insist { @expired_events[0].get("tags").include?("elapsed") } == true
273
+ insist { @expired_events[1].get("tags").include?("elapsed") } == true
274
274
  end
275
275
 
276
276
  it "creates a new event containing the 'id field' of the expired 'start event'" do
277
- insist { @expired_events[0][ID_FIELD] } == "2"
278
- insist { @expired_events[1][ID_FIELD] } == "3"
277
+ insist { @expired_events[0].get(ID_FIELD) } == "2"
278
+ insist { @expired_events[1].get(ID_FIELD) } == "3"
279
279
  end
280
280
 
281
281
  it "creates a new event containing an 'elapsed_time field' with the age of the expired 'start event'" do
282
- insist { @expired_events[0]["elapsed_time"] } == 30
283
- insist { @expired_events[1]["elapsed_time"] } == 31
282
+ insist { @expired_events[0].get("elapsed_time") } == 30
283
+ insist { @expired_events[1].get("elapsed_time") } == 31
284
284
  end
285
285
 
286
286
  it "creates a new event containing an 'elapsed_timestamp_start field' with the timestamp of the expired 'start event'" do
287
- insist { @expired_events[0]["elapsed_timestamp_start"] } == @start_event_2["@timestamp"]
288
- insist { @expired_events[1]["elapsed_timestamp_start"] } == @start_event_3["@timestamp"]
287
+ insist { @expired_events[0].get("elapsed_timestamp_start") } == @start_event_2.get("@timestamp")
288
+ insist { @expired_events[1].get("elapsed_timestamp_start") } == @start_event_3.get("@timestamp")
289
289
  end
290
290
 
291
291
  it "creates a new event containing a 'host field' for each expired 'start event'" do
292
- insist { @expired_events[0]["host"] } == Socket.gethostname
293
- insist { @expired_events[1]["host"] } == Socket.gethostname
292
+ insist { @expired_events[0].get("host") } == Socket.gethostname
293
+ insist { @expired_events[1].get("host") } == Socket.gethostname
294
294
  end
295
295
  end
296
296
  end
metadata CHANGED
@@ -1,29 +1,35 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-filter-elapsed
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.2
4
+ version: 4.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elastic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-03-24 00:00:00.000000000 Z
11
+ date: 2016-11-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
15
15
  requirements:
16
- - - "~>"
16
+ - - ">="
17
+ - !ruby/object:Gem::Version
18
+ version: '1.60'
19
+ - - "<="
17
20
  - !ruby/object:Gem::Version
18
- version: '1.0'
21
+ version: '2.99'
19
22
  name: logstash-core-plugin-api
20
23
  prerelease: false
21
24
  type: :runtime
22
25
  version_requirements: !ruby/object:Gem::Requirement
23
26
  requirements:
24
- - - "~>"
27
+ - - ">="
28
+ - !ruby/object:Gem::Version
29
+ version: '1.60'
30
+ - - "<="
25
31
  - !ruby/object:Gem::Version
26
- version: '1.0'
32
+ version: '2.99'
27
33
  - !ruby/object:Gem::Dependency
28
34
  requirement: !ruby/object:Gem::Requirement
29
35
  requirements:
@@ -38,7 +44,7 @@ dependencies:
38
44
  - - ">="
39
45
  - !ruby/object:Gem::Version
40
46
  version: '0'
41
- description: This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program
47
+ description: This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program
42
48
  email: info@elastic.co
43
49
  executables: []
44
50
  extensions: []