RubyGems - logstash-filter-elastic_integration - Versions diffs - 0.0.3-java → 0.1.0-java - Mend

logstash-filter-elastic_integration 0.0.3-java → 0.1.0-java

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 245850625d596870d7536a1282f78419735370cf2d4b4a4d5ad51d59872f7de9
-  data.tar.gz: '017508efe2333faa598921431926a80f58cfaf7f2dae9c6b5a2d53a787bc296b'
+  metadata.gz: 844b5987e2e5e28d7e560c80eeec166c3d07651a6b4d167dc449e9639beda926
+  data.tar.gz: 6f85d9b9cabda183c6a365f3030876c21990161dbe64e1e82e8d349dccea4b17
 SHA512:
-  metadata.gz: 3234009681fad3833eacd39a943661a61ae4541c4d4fe3df6f5c0f0516ca53bdf6da70eaf5890de460def6c231173c785c1a9a317c82be0275dc8ee79a99cf81
-  data.tar.gz: f5bc0d1effe8c21c5c7cdc69ffe265d8cbcc10f67ee32e4e64d43ea4d494618db78edf8d5e42d05e644bfb87d2862982fddc8df571f0d366a6bcb6685b16e545
+  metadata.gz: a0e711a5d52416b93fbf88b0658657722b5a63d3be91f1a76125123ff614826705aa9a065f014a2a00489729c15b8ec1a9d654d3ab74235f53e2e4d66aec2225
+  data.tar.gz: 0af45a4b9be67629091d3a45d6dd7f8c666cc403ff0e1dee8aa1244a5b27cfc843340b0a61a817181f14b14982786a0b298014936b05fbb3c53aa611e0165fe2

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 0.0.3
1	+ 0.1.0

data/lib/logstash/filters/elastic_integration/geoip_database_provider_bridge.rb ADDED Viewed

@@ -0,0 +1,90 @@
+# encoding: utf-8
+########################################################################
+# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V.
+# under one or more contributor license agreements. Licensed under the
+# Elastic License 2.0; you may not use this file except in compliance
+# with the Elastic License 2.0.
+########################################################################
+require_relative "jar_dependencies"
+##
+# This module encapsulates methods and classes for bridging the gap between the
+# Ruby-API [LogStash::GeoipDatabaseManager] and this plugin's native-Java
+# GeoipDatabaseProvider.
+module LogStash::Filters::ElasticIntegration::GeoipDatabaseProviderBridge
+  GUIDANCE = "integrations that rely on the Geoip Processor will be unable to enrich events with geo data "\
+             "unless you either provide your own databases with `geoip_database_directory` or run this pipeline "\
+             "in a Logstash with Geoip Database Management enabled."
+  def initialize_geoip_database_provider!
+    java_import('co.elastic.logstash.filters.elasticintegration.geoip.GeoIpDatabaseProvider')
+    @geoip_database_provider ||= GeoIpDatabaseProvider::Builder.new.tap do |builder|
+      if geoip_database_directory
+        logger.debug("discovering geoip databases from #{geoip_database_directory}")
+        builder.discoverDatabases(java.io.File.new(geoip_database_directory))
+      else
+        geoip_database_manager = load_geoip_database_manager!
+        if :UNAVAILABLE == geoip_database_manager
+          logger.warn("Geoip Database Management is not available in the running version of Logstash; #{GUIDANCE}")
+        elsif geoip_database_manager.enabled?
+          logger.info "by not manually configuring self-managed databases with `geoip_database_directory => ...` "\
+                        "you accept and agree to the MaxMind EULA, which allows Elastic Integrations to use Logstash's Geoip Database Management service. "\
+                        "For more details please visit https://www.maxmind.com/en/geolite2/eula"
+          geoip_database_manager.supported_database_types.each do |type|
+            logger.debug("subscribing to managed geoip database #{type}")
+            builder.setDatabaseHolder("GeoLite2-#{type}.mmdb", ObservingDatabaseHolder.new(type, eula_manager: geoip_database_manager, logger: logger))
+          end
+        elsif geoip_database_directory.nil?
+          logger.warn("Geoip Database Management is disabled; #{GUIDANCE}")
+        end
+      end
+    end.build
+  end
+  def load_geoip_database_manager!
+    require 'geoip_database_management/manager'
+    LogStash::GeoipDatabaseManagement::Manager.instance
+  rescue LoadError
+    :UNAVAILABLE
+  end
+  java_import('co.elastic.logstash.filters.elasticintegration.geoip.ManagedGeoipDatabaseHolder')
+  class ObservingDatabaseHolder < ManagedGeoipDatabaseHolder
+    def initialize(simple_database_type, eula_manager:, logger: nil)
+      super("GeoLite2-#{simple_database_type}")
+      @simple_database_type = simple_database_type
+      @logger = logger
+      @subscription = eula_manager.subscribe_database_path(simple_database_type)
+      @subscription.observe(self)
+    end
+    def construct(db_info)
+      @logger&.debug("CONSTRUCT[#{@simple_database_type} => #{db_info}]")
+      self.setDatabasePath(db_info.path)
+    end
+    def on_update(db_info)
+      @logger&.debug("ON_UPDATE[#{@simple_database_type} => #{db_info}]")
+      self.setDatabasePath(db_info.path)
+    end
+    def on_expire()
+      @logger&.debug("ON_EXPIRE[#{@simple_database_type}]")
+      self.setDatabasePath(nil)
+    end
+    def close
+      super
+    ensure
+      @subscription&.release!
+    end
+  end
+end

data/lib/logstash/filters/elastic_integration/jar_dependencies.rb CHANGED Viewed

@@ -8,4 +8,4 @@
 ########################################################################
 require 'jar_dependencies'
-require_jar('co.elastic.logstash.plugins.filter.elasticintegration', 'logstash-filter-elastic_integration', '0.0.3')
+require_jar('co.elastic.logstash.plugins.filter.elasticintegration', 'logstash-filter-elastic_integration', '0.1.0')

data/lib/logstash/filters/elastic_integration.rb CHANGED Viewed

@@ -106,8 +106,10 @@ class LogStash::Filters::ElasticIntegration < LogStash::Filters::Base
     require_relative "elastic_integration/jar_dependencies"
     require_relative "elastic_integration/event_api_bridge"
+    require_relative "elastic_integration/geoip_database_provider_bridge"
     extend EventApiBridge
+    extend GeoipDatabaseProviderBridge
     super
@@ -365,14 +367,6 @@ class LogStash::Filters::ElasticIntegration < LogStash::Filters::Base
     raise_config_error!("configuration did not produce an EventProcessor: #{exception}")
   end
-  def initialize_geoip_database_provider!
-    java_import('co.elastic.logstash.filters.elasticintegration.geoip.GeoIpDatabaseProvider')
-    @geoip_database_provider ||= GeoIpDatabaseProvider::Builder.new.tap do |builder|
-      builder.setDatabases(java.io.File.new(@geoip_database_directory)) if @geoip_database_directory
-    end.build
-  end
   def perform_preflight_check!
     java_import('co.elastic.logstash.filters.elasticintegration.PreflightCheck')

data/vendor/jar-dependencies/co/elastic/logstash/plugins/filter/elasticintegration/logstash-filter-elastic_integration/{0.0.3/logstash-filter-elastic_integration-0.0.3.jar → 0.1.0/logstash-filter-elastic_integration-0.1.0.jar} RENAMED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-filter-elastic_integration
 version: !ruby/object:Gem::Version
-  version: 0.0.3
+  version: 0.1.0
 platform: java
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-10-04 00:00:00.000000000 Z
+date: 2023-12-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -71,9 +71,10 @@ files:
 - VERSION
 - lib/logstash/filters/elastic_integration.rb
 - lib/logstash/filters/elastic_integration/event_api_bridge.rb
+- lib/logstash/filters/elastic_integration/geoip_database_provider_bridge.rb
 - lib/logstash/filters/elastic_integration/jar_dependencies.rb
 - logstash-filter-elastic_integration.gemspec
-- vendor/jar-dependencies/co/elastic/logstash/plugins/filter/elasticintegration/logstash-filter-elastic_integration/0.0.3/logstash-filter-elastic_integration-0.0.3.jar
+- vendor/jar-dependencies/co/elastic/logstash/plugins/filter/elasticintegration/logstash-filter-elastic_integration/0.1.0/logstash-filter-elastic_integration-0.1.0.jar
 homepage: http://www.elastic.co/guide/en/logstash/current/index.html
 licenses:
 - ELv2