logstash-filter-geoip 4.1.1-java → 4.2.0-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c9e2ae6154f3fb6786003715d49ffb91f35a2e34
4
- data.tar.gz: 50c92eba1af277a4ddce9f038142a035063b0b07
3
+ metadata.gz: b7e65b1d5c1999721ca71919a80456212728f06e
4
+ data.tar.gz: a2fac474da826188d901084c675f02f554f69af4
5
5
  SHA512:
6
- metadata.gz: 731ce064ee7eae5cb286d12d7736c162016b5fe68c1e6c48697f1ffc930893f9a941cdcd4ecc715fed6077d82ace86c1d8c8446447c7599e8e16a83e55916b32
7
- data.tar.gz: a374eeef224c9e60a13d4aac58a89c19d4c47c51fafb60915e8bedcd487221802ddc0c6ec63576e3ed4cf053f390a5b761fd8801d55e1b7b2c7a057fdaae6db1
6
+ metadata.gz: be13622780cf0997cdf9765a206ad1ecebd0e471d1b71599bd203e7257217c725d9de9d9a295a38b7fa220536d73d981b300449829754b7808beed09db5e5076
7
+ data.tar.gz: 9b62ae00ecac61f70f9e694eac48624f619b26b21980f478ad379dded6fcde45837b2a61888d1e4df62674fb75c566693e421a011fed2e0985d63f45bddc27e6
data/CHANGELOG.md CHANGED
@@ -1,3 +1,7 @@
1
+ ## 4.2.0
2
+ - Add support for GeoLite2-ASN database from Maxmind for ASN data.
3
+ - Update Java dependencies to 2.9.0 to support the new ASN database.
4
+
1
5
  ## 4.1.1
2
6
  - Add support for commercial databases from Maxmind.
3
7
  - Add ASN data support via GeoIP2-ISP database.
data/Gemfile CHANGED
@@ -1,4 +1,11 @@
1
1
  source 'https://rubygems.org'
2
2
 
3
- # Specify your gem's dependencies in logstash-mass_effect.gemspec
4
3
  gemspec
4
+
5
+ logstash_path = ENV["LOGSTASH_PATH"] || "../../logstash"
6
+ use_logstash_source = ENV["LOGSTASH_SOURCE"] && ENV["LOGSTASH_SOURCE"].to_s == "1"
7
+
8
+ if Dir.exist?(logstash_path) && use_logstash_source
9
+ gem 'logstash-core', :path => "#{logstash_path}/logstash-core"
10
+ gem 'logstash-core-plugin-api', :path => "#{logstash_path}/logstash-core-plugin-api"
11
+ end
data/docs/index.asciidoc CHANGED
@@ -14,15 +14,30 @@ END - GENERATED VARIABLES, DO NOT EDIT!
14
14
 
15
15
  [id="plugins-{type}-{plugin}"]
16
16
 
17
- === Geoip
17
+ === Geoip filter plugin
18
18
 
19
19
  include::{include_path}/plugin_header.asciidoc[]
20
20
 
21
21
  ==== Description
22
22
 
23
23
  The GeoIP filter adds information about the geographical location of IP addresses,
24
- based on data from the Maxmind GeoLite2 database. Commercial databases from Maxmind are
25
- also supported in this plugin.
24
+ based on data from the Maxmind GeoLite2 databases.
25
+
26
+ ==== Supported Databases
27
+
28
+ This plugin is bundled with https://dev.maxmind.com/geoip/geoip2/geolite2[GeoLite2] City database out of the box. From Maxmind's description --
29
+ "GeoLite2 databases are free IP geolocation databases comparable to, but less accurate than, MaxMind’s
30
+ GeoIP2 databases". Please see GeoIP Lite2 license for more details.
31
+
32
+ https://www.maxmind.com/en/geoip2-databases[Commercial databases] from Maxmind are also supported in this plugin.
33
+
34
+ If you need to use databases other than the bundled GeoLite2 City, you can download them directly
35
+ from Maxmind's website and use the `database` option to specify their location. The GeoLite2 databases
36
+ can be downloaded from https://dev.maxmind.com/geoip/geoip2/geolite2[here].
37
+
38
+ If you would like to get Autonomous System Number(ASN) information, you can use the GeoLite2-ASN database.
39
+
40
+ ==== Details
26
41
 
27
42
  A `[geoip][location]` field is created if
28
43
  the GeoIP lookup returns a latitude and longitude. The field is stored in
@@ -1,6 +1,6 @@
1
1
  # AUTOGENERATED BY THE GRADLE SCRIPT. DO NOT EDIT.
2
2
 
3
3
  require 'jar_dependencies'
4
- require_jar('com.maxmind.geoip2', 'geoip2', '2.8.0')
5
- require_jar('com.maxmind.db', 'maxmind-db', '1.2.1')
6
- require_jar('org.logstash.filters', 'logstash-filter-geoip', '4.1.0')
4
+ require_jar('com.maxmind.geoip2', 'geoip2', '2.9.0')
5
+ require_jar('com.maxmind.db', 'maxmind-db', '1.2.2')
6
+ require_jar('org.logstash.filters', 'logstash-filter-geoip', '4.2.0')
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'logstash-filter-geoip'
4
- s.version = '4.1.1'
4
+ s.version = '4.2.0'
5
5
  s.licenses = ['Apache License (2.0)']
6
6
  s.summary = "$summary"
7
7
  s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
@@ -3,6 +3,8 @@ require "logstash/devutils/rspec/spec_helper"
3
3
  require "logstash/filters/geoip"
4
4
 
5
5
  CITYDB = ::Dir.glob(::File.expand_path("../../vendor/", ::File.dirname(__FILE__))+"/GeoLite2-City.mmdb").first
6
+ # this is downloaded in build dir so we don't accidentally package this database when creating a gem
7
+ ASNDB = ::Dir.glob(::File.expand_path("../../build/GeoLite2-ASN_*", ::File.dirname(__FILE__))+"/GeoLite2-ASN.mmdb").first
6
8
 
7
9
  describe LogStash::Filters::GeoIP do
8
10
 
@@ -20,9 +22,7 @@ describe LogStash::Filters::GeoIP do
20
22
  insist { subject }.include?("geoip")
21
23
 
22
24
  expected_fields = %w(ip country_code2 country_code3 country_name
23
- continent_code region_name city_name postal_code
24
- latitude longitude dma_code timezone
25
- location )
25
+ continent_code latitude longitude location)
26
26
  expected_fields.each do |f|
27
27
  insist { subject.get("geoip") }.include?(f)
28
28
  end
@@ -52,9 +52,7 @@ describe LogStash::Filters::GeoIP do
52
52
  expect(subject).to include("src_ip")
53
53
 
54
54
  expected_fields = %w(ip country_code2 country_code3 country_name
55
- continent_code region_name city_name postal_code
56
- latitude longitude dma_code timezone
57
- location )
55
+ continent_code latitude longitude location)
58
56
  expected_fields.each do |f|
59
57
  expect(subject.get("src_ip")).to include(f)
60
58
  end
@@ -270,4 +268,23 @@ describe LogStash::Filters::GeoIP do
270
268
  end
271
269
  end
272
270
 
271
+ describe "GeoIP2-ASN database" do
272
+ config <<-CONFIG
273
+ filter {
274
+ geoip {
275
+ source => "ip"
276
+ database => "#{ASNDB}"
277
+ }
278
+ }
279
+ CONFIG
280
+
281
+ sample("ip" => "8.8.8.8") do
282
+ expect(subject.get("geoip")).not_to be_empty
283
+ expect(subject.get("geoip")["asn"]).to eq(15169)
284
+ expect(subject.get("geoip")["as_org"]).to eq("Google Inc.")
285
+ end
286
+
287
+
288
+ end
289
+
273
290
  end
Binary file
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-filter-geoip
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.1.1
4
+ version: 4.2.0
5
5
  platform: java
6
6
  authors:
7
7
  - Elastic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-05-15 00:00:00.000000000 Z
11
+ date: 2017-06-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -78,9 +78,9 @@ files:
78
78
  - maxmind-db-NOTICE.txt
79
79
  - spec/filters/geoip_spec.rb
80
80
  - vendor/GeoLite2-City.mmdb
81
- - vendor/jar-dependencies/com/maxmind/db/maxmind-db/1.2.1/maxmind-db-1.2.1.jar
82
- - vendor/jar-dependencies/com/maxmind/geoip2/geoip2/2.8.0/geoip2-2.8.0.jar
83
- - vendor/jar-dependencies/org/logstash/filters/logstash-filter-geoip/4.1.0/logstash-filter-geoip-4.1.0.jar
81
+ - vendor/jar-dependencies/com/maxmind/db/maxmind-db/1.2.2/maxmind-db-1.2.2.jar
82
+ - vendor/jar-dependencies/com/maxmind/geoip2/geoip2/2.9.0/geoip2-2.9.0.jar
83
+ - vendor/jar-dependencies/org/logstash/filters/logstash-filter-geoip/4.2.0/logstash-filter-geoip-4.2.0.jar
84
84
  homepage: http://www.elastic.co/guide/en/logstash/current/index.html
85
85
  licenses:
86
86
  - Apache License (2.0)