logstash-filter-elasticsearch 2.1.1 → 3.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +2 -3
  3. data/lib/logstash/filters/elasticsearch.rb +6 -5
  4. data/lib/logstash/filters/elasticsearch/client.rb +1 -1
  5. data/logstash-filter-elasticsearch.gemspec +2 -2
  6. data/spec/filters/elasticsearch_spec.rb +2 -24
  7. data/spec/filters/integration/elasticsearch_spec.rb +2 -2
  8. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4449efda65f5a277f728141753eb1c950e83ef04
4
- data.tar.gz: e56e6b5c256c27117461b6db0bea22bfbb527d34
3
+ metadata.gz: c49921dd793aef36a733aea0ed8a5779b18436b1
4
+ data.tar.gz: 87a9620d7ab1ecb01ae9beb754e6792b4a98b79d
5
5
  SHA512:
6
- metadata.gz: f59ef828868090acfef220f3ad3dd6e01154963a4e362d40438a8bbb67a33f17fc71286c0b5b4133430738d97b7256defa34e6a6c5cd62569fd9ec5e03f225c7
7
- data.tar.gz: 30932b8f798136089e5c609bb1ad801441779a2053f452d11b3b3acab493874f6895a304241e4d63b52400826753657d8a41d3c7a1c457e4c3669ebd08dfb9c8
6
+ metadata.gz: c5a2a6405f93d584e3f72130eebd95ce722ea6a2921fa0042893b25b49998013bd38767b1b9c1e3ad611ba75571a70ce2385a18cdee85b73a5e02835f4fb1cf5
7
+ data.tar.gz: 8cdd41e4935039db5f7efaf6885f87556d0be62a882b4ad3839c426010d40b6a8e205113495464e7d3049ba62ac3d1c1ac6c891d9db4c3cbb2264b3d7c75456d
data/CHANGELOG.md CHANGED
@@ -1,6 +1,5 @@
1
- ## 2.1.1
2
- - Fix: wrong usage of search params, now if index is properly specified
3
- it's passed to search so it's performed not to all indices if this is not the explicit intention.
1
+ ## 3.0.0
2
+ - Breaking: Updated plugin to use new Java Event APIs
4
3
  ## 2.1.0
5
4
  - Improved the configuration options to be more easy to understand and
6
5
  match what the expectations are from the documentation.
data/lib/logstash/filters/elasticsearch.rb CHANGED
@@ -74,7 +74,8 @@ class LogStash::Filters::Elasticsearch < LogStash::Filters::Base
74
74
  :ssl => @ssl,
75
75
  :hosts => @hosts,
76
76
  :ca_file => @ca_file,
77
- :logger => @logger
77
+ :logger => @logger,
78
+ :index => @index
78
79
  }
79
80
  @client = LogStash::Filters::ElasticsearchClient.new(@user, @password, options)
80
81
  end # def register
@@ -83,7 +84,7 @@ class LogStash::Filters::Elasticsearch < LogStash::Filters::Base
83
84
  begin
84
85
  query_str = event.sprintf(@query)
85
86
 
86
- params = { :q => query_str, :size => result_size, :index => @index }
87
+ params = { :q => query_str, :size => result_size }
87
88
  params[:sort] = @sort if @enable_sort
88
89
  results = @client.search(params)
89
90
 
@@ -93,13 +94,13 @@ class LogStash::Filters::Elasticsearch < LogStash::Filters::Base
93
94
  results["hits"]["hits"].to_a.each do |doc|
94
95
  set << doc["_source"][old_key]
95
96
  end
96
- event[new_key] = ( set.count > 1 ? set : set.first)
97
+ event.set(new_key, set.count > 1 ? set : set.first)
97
98
  end
98
99
  end
99
100
  rescue => e
100
- @logger.warn("Failed to query elasticsearch for previous event", :index => @index, :query => query_str, :event => event, :error => e)
101
+ @logger.warn("Failed to query elasticsearch for previous event", :index, @index, :query => query_str, :event => event, :error => e)
101
102
  @tag_on_failure.each{|tag| event.tag(tag)}
102
103
  end
103
104
  filter_matched(event)
104
105
  end # def filter
105
- end # class LogStash::Filters::Elasticsearch
106
+ end #class LogStash::Filters::Elasticsearch
data/lib/logstash/filters/elasticsearch/client.rb CHANGED
@@ -23,7 +23,7 @@ module LogStash
23
23
  transport_options[:ssl] = { ca_file: options[:ca_file] } if ssl && options[:ca_file]
24
24
 
25
25
  @logger.info("New ElasticSearch filter", :hosts => hosts)
26
- @client = ::Elasticsearch::Client.new(hosts: hosts, transport_options: transport_options)
26
+ @client = ::Elasticsearch::Client.new(index: options[:index], hosts: hosts, transport_options: transport_options)
27
27
  end
28
28
 
29
29
  def search(params)
data/logstash-filter-elasticsearch.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'logstash-filter-elasticsearch'
4
- s.version = '2.1.1'
4
+ s.version = '3.0.0'
5
5
  s.licenses = ['Apache License (2.0)']
6
6
  s.summary = "Search elasticsearch for a previous log event and copy some fields from it into the current event"
7
7
  s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
20
20
  s.metadata = { "logstash_plugin" => "true", "logstash_group" => "filter" }
21
21
 
22
22
  # Gem dependencies
23
- s.add_runtime_dependency "logstash-core-plugin-api", "~> 1.0"
23
+ s.add_runtime_dependency "logstash-core-plugin-api", "~> 2.0"
24
24
  s.add_runtime_dependency 'elasticsearch'
25
25
 
26
26
  s.add_development_dependency 'logstash-devutils'
data/spec/filters/elasticsearch_spec.rb CHANGED
@@ -40,29 +40,7 @@ describe LogStash::Filters::Elasticsearch do
40
40
 
41
41
  it "should enhance the current event with new data" do
42
42
  plugin.filter(event)
43
- expect(event["code"]).to eq(404)
44
- end
45
-
46
- it "should receive all necessary params to perform the search" do
47
- expect(client).to receive(:search).with({:q=>"response: 404", :size=>1, :index=>"", :sort=>"@timestamp:desc"})
48
- plugin.filter(event)
49
- end
50
-
51
- context "when asking to hit specific index" do
52
-
53
- let(:config) do
54
- {
55
- "index" => "foo*",
56
- "hosts" => ["localhost:9200"],
57
- "query" => "response: 404",
58
- "fields" => [ ["response", "code"] ],
59
- }
60
- end
61
-
62
- it "should receive all necessary params to perform the search" do
63
- expect(client).to receive(:search).with({:q=>"response: 404", :size=>1, :index=>"foo*", :sort=>"@timestamp:desc"})
64
- plugin.filter(event)
65
- end
43
+ expect(event.get("code")).to eq(404)
66
44
  end
67
45
 
68
46
  context "when asking for more than one result" do
@@ -82,7 +60,7 @@ describe LogStash::Filters::Elasticsearch do
82
60
 
83
61
  it "should enhance the current event with new data" do
84
62
  plugin.filter(event)
85
- expect(event["code"]).to eq([404]*10)
63
+ expect(event.get("code")).to eq([404]*10)
86
64
  end
87
65
  end
88
66
 
data/spec/filters/integration/elasticsearch_spec.rb CHANGED
@@ -21,7 +21,7 @@ describe LogStash::Filters::Elasticsearch, :integration => true do
21
21
 
22
22
  it "should enhance the current event with new data" do
23
23
  plugin.filter(event)
24
- expect(event["code"]).to eq(404)
24
+ expect(event.get("code")).to eq(404)
25
25
  end
26
26
 
27
27
  context "when retrieving a list of elements" do
@@ -37,7 +37,7 @@ describe LogStash::Filters::Elasticsearch, :integration => true do
37
37
 
38
38
  it "should enhance the current event with new data" do
39
39
  plugin.filter(event)
40
- expect(event["code"]).to eq([404]*10)
40
+ expect(event.get("code")).to eq([404]*10)
41
41
  end
42
42
 
43
43
  end
metadata CHANGED
@@ -1,21 +1,21 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-filter-elasticsearch
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.1.1
4
+ version: 3.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elastic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-01 00:00:00.000000000 Z
11
+ date: 2016-06-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
15
15
  requirements:
16
16
  - - "~>"
17
17
  - !ruby/object:Gem::Version
18
- version: '1.0'
18
+ version: '2.0'
19
19
  name: logstash-core-plugin-api
20
20
  prerelease: false
21
21
  type: :runtime
@@ -23,7 +23,7 @@ dependencies:
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '1.0'
26
+ version: '2.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  requirement: !ruby/object:Gem::Requirement
29
29
  requirements: