logstash-filter-elasticsearch 3.6.0 → 3.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/logstash-filter-elasticsearch.gemspec +2 -2
- data/spec/es_helper.rb +43 -0
- data/spec/filters/integration/elasticsearch_spec.rb +20 -3
- metadata +4 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 54415da2d9bc4aa6d1d90ea0b65937aa4782c9a9614cafd2ac583d94c0780913
|
|
4
|
+
data.tar.gz: 44eea0bc6efd2a0a2a5415320a872e03cd3883e122e8d7627c3873241d47720c
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f148fcacc216cbbfca630e858ec93d85329487738dda440200ac2ea4f85253f2f4b6dc4a55cb859781be372a7ef15c727b5ded25015de1988302cd04e64de98e
|
|
7
|
+
data.tar.gz: '003910ce329cf1945fb3f92c2aef9f096588eb33c85e8716dbba0b65dd770e168e3960b1751553c2d251bc43b2a36dbc3eef339720acc9d40a08e1d1d36db402'
|
data/CHANGELOG.md
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
|
|
3
3
|
s.name = 'logstash-filter-elasticsearch'
|
|
4
|
-
s.version = '3.6.
|
|
4
|
+
s.version = '3.6.1'
|
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
|
6
6
|
s.summary = "Copies fields from previous log events in Elasticsearch to current events "
|
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -21,7 +21,7 @@ Gem::Specification.new do |s|
|
|
|
21
21
|
|
|
22
22
|
# Gem dependencies
|
|
23
23
|
s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
|
|
24
|
-
s.add_runtime_dependency 'elasticsearch', ">= 5.0.3"
|
|
24
|
+
s.add_runtime_dependency 'elasticsearch', ">= 5.0.3"
|
|
25
25
|
s.add_runtime_dependency 'manticore', "~> 0.6"
|
|
26
26
|
|
|
27
27
|
s.add_development_dependency 'logstash-devutils'
|
data/spec/es_helper.rb
ADDED
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
module ESHelper
|
|
2
|
+
def self.get_host_port
|
|
3
|
+
if ENV["INTEGRATION"] == "true"
|
|
4
|
+
"elasticsearch:9200"
|
|
5
|
+
else
|
|
6
|
+
"localhost:9200"
|
|
7
|
+
end
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def self.get_client
|
|
11
|
+
Elasticsearch::Client.new(:hosts => [get_host_port])
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def self.doc_type
|
|
15
|
+
if ESHelper.es_version_satisfies?(">=8")
|
|
16
|
+
nil
|
|
17
|
+
elsif ESHelper.es_version_satisfies?(">=7")
|
|
18
|
+
"_doc"
|
|
19
|
+
else
|
|
20
|
+
"doc"
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def self.index_doc(es, params)
|
|
25
|
+
type = doc_type
|
|
26
|
+
params[:type] = doc_type unless type.nil?
|
|
27
|
+
es.index(params)
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def self.es_version
|
|
31
|
+
ENV['ES_VERSION'] || ENV['ELASTIC_STACK_VERSION']
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def self.es_version_satisfies?(*requirement)
|
|
35
|
+
es_version = RSpec.configuration.filter[:es_version] || ENV['ES_VERSION'] || ENV['ELASTIC_STACK_VERSION']
|
|
36
|
+
if es_version.nil?
|
|
37
|
+
puts "Info: ES_VERSION, ELASTIC_STACK_VERSION or 'es_version' tag wasn't set. Returning false to all `es_version_satisfies?` call."
|
|
38
|
+
return false
|
|
39
|
+
end
|
|
40
|
+
es_release_version = Gem::Version.new(es_version).release
|
|
41
|
+
Gem::Requirement.new(requirement).satisfied_by?(es_release_version)
|
|
42
|
+
end
|
|
43
|
+
end
|
|
@@ -2,13 +2,17 @@
|
|
|
2
2
|
require "logstash/devutils/rspec/spec_helper"
|
|
3
3
|
require "logstash/plugin"
|
|
4
4
|
require "logstash/filters/elasticsearch"
|
|
5
|
+
require_relative "../../../spec/es_helper"
|
|
5
6
|
|
|
6
7
|
describe LogStash::Filters::Elasticsearch, :integration => true do
|
|
7
8
|
|
|
9
|
+
|
|
8
10
|
let(:config) do
|
|
9
11
|
{
|
|
10
|
-
"
|
|
12
|
+
"index" => 'logs',
|
|
13
|
+
"hosts" => [ESHelper.get_host_port],
|
|
11
14
|
"query" => "response: 404",
|
|
15
|
+
"sort" => "response",
|
|
12
16
|
"fields" => [ ["response", "code"] ],
|
|
13
17
|
}
|
|
14
18
|
end
|
|
@@ -16,21 +20,34 @@ describe LogStash::Filters::Elasticsearch, :integration => true do
|
|
|
16
20
|
let(:event) { LogStash::Event.new({}) }
|
|
17
21
|
|
|
18
22
|
before(:each) do
|
|
23
|
+
@es = ESHelper.get_client
|
|
24
|
+
# Delete all templates first.
|
|
25
|
+
# Clean ES of data before we start.
|
|
26
|
+
@es.indices.delete_template(:name => "*")
|
|
27
|
+
# This can fail if there are no indexes, ignore failure.
|
|
28
|
+
@es.indices.delete(:index => "*") rescue nil
|
|
29
|
+
10.times do
|
|
30
|
+
ESHelper.index_doc(@es, :index => 'logs', :body => { :response => 404, :this => 'that'})
|
|
31
|
+
end
|
|
32
|
+
@es.indices.refresh
|
|
33
|
+
|
|
19
34
|
plugin.register
|
|
20
35
|
end
|
|
21
36
|
|
|
22
37
|
it "should enhance the current event with new data" do
|
|
23
38
|
plugin.filter(event)
|
|
24
|
-
expect(event.get(
|
|
39
|
+
expect(event.get('code')).to eq(404)
|
|
25
40
|
end
|
|
26
41
|
|
|
27
42
|
context "when retrieving a list of elements" do
|
|
28
43
|
|
|
29
44
|
let(:config) do
|
|
30
45
|
{
|
|
31
|
-
"
|
|
46
|
+
"index" => 'logs',
|
|
47
|
+
"hosts" => [ESHelper.get_host_port],
|
|
32
48
|
"query" => "response: 404",
|
|
33
49
|
"fields" => [ ["response", "code"] ],
|
|
50
|
+
"sort" => "response",
|
|
34
51
|
"result_size" => 10
|
|
35
52
|
}
|
|
36
53
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-filter-elasticsearch
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.6.
|
|
4
|
+
version: 3.6.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-11-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -36,9 +36,6 @@ dependencies:
|
|
|
36
36
|
- - ">="
|
|
37
37
|
- !ruby/object:Gem::Version
|
|
38
38
|
version: 5.0.3
|
|
39
|
-
- - "<"
|
|
40
|
-
- !ruby/object:Gem::Version
|
|
41
|
-
version: 6.0.0
|
|
42
39
|
name: elasticsearch
|
|
43
40
|
prerelease: false
|
|
44
41
|
type: :runtime
|
|
@@ -47,9 +44,6 @@ dependencies:
|
|
|
47
44
|
- - ">="
|
|
48
45
|
- !ruby/object:Gem::Version
|
|
49
46
|
version: 5.0.3
|
|
50
|
-
- - "<"
|
|
51
|
-
- !ruby/object:Gem::Version
|
|
52
|
-
version: 6.0.0
|
|
53
47
|
- !ruby/object:Gem::Dependency
|
|
54
48
|
requirement: !ruby/object:Gem::Requirement
|
|
55
49
|
requirements:
|
|
@@ -96,6 +90,7 @@ files:
|
|
|
96
90
|
- lib/logstash/filters/elasticsearch.rb
|
|
97
91
|
- lib/logstash/filters/elasticsearch/client.rb
|
|
98
92
|
- logstash-filter-elasticsearch.gemspec
|
|
93
|
+
- spec/es_helper.rb
|
|
99
94
|
- spec/filters/elasticsearch_spec.rb
|
|
100
95
|
- spec/filters/fixtures/elasticsearch_7.x_hits_total_as_object.json
|
|
101
96
|
- spec/filters/fixtures/query_template.json
|
|
@@ -131,6 +126,7 @@ signing_key:
|
|
|
131
126
|
specification_version: 4
|
|
132
127
|
summary: Copies fields from previous log events in Elasticsearch to current events
|
|
133
128
|
test_files:
|
|
129
|
+
- spec/es_helper.rb
|
|
134
130
|
- spec/filters/elasticsearch_spec.rb
|
|
135
131
|
- spec/filters/fixtures/elasticsearch_7.x_hits_total_as_object.json
|
|
136
132
|
- spec/filters/fixtures/query_template.json
|