logstash-filter-geoip 4.1.1-java → 4.2.0-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile +8 -1
- data/docs/index.asciidoc +18 -3
- data/lib/logstash-filter-geoip_jars.rb +3 -3
- data/logstash-filter-geoip.gemspec +1 -1
- data/spec/filters/geoip_spec.rb +23 -6
- data/vendor/GeoLite2-City.mmdb +0 -0
- data/vendor/jar-dependencies/com/maxmind/db/maxmind-db/{1.2.1/maxmind-db-1.2.1.jar → 1.2.2/maxmind-db-1.2.2.jar} +0 -0
- data/vendor/jar-dependencies/com/maxmind/geoip2/geoip2/2.9.0/geoip2-2.9.0.jar +0 -0
- data/vendor/jar-dependencies/org/logstash/filters/logstash-filter-geoip/4.2.0/logstash-filter-geoip-4.2.0.jar +0 -0
- metadata +5 -5
- data/vendor/jar-dependencies/com/maxmind/geoip2/geoip2/2.8.0/geoip2-2.8.0.jar +0 -0
- data/vendor/jar-dependencies/org/logstash/filters/logstash-filter-geoip/4.1.0/logstash-filter-geoip-4.1.0.jar +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b7e65b1d5c1999721ca71919a80456212728f06e
|
4
|
+
data.tar.gz: a2fac474da826188d901084c675f02f554f69af4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: be13622780cf0997cdf9765a206ad1ecebd0e471d1b71599bd203e7257217c725d9de9d9a295a38b7fa220536d73d981b300449829754b7808beed09db5e5076
|
7
|
+
data.tar.gz: 9b62ae00ecac61f70f9e694eac48624f619b26b21980f478ad379dded6fcde45837b2a61888d1e4df62674fb75c566693e421a011fed2e0985d63f45bddc27e6
|
data/CHANGELOG.md
CHANGED
data/Gemfile
CHANGED
@@ -1,4 +1,11 @@
|
|
1
1
|
source 'https://rubygems.org'
|
2
2
|
|
3
|
-
# Specify your gem's dependencies in logstash-mass_effect.gemspec
|
4
3
|
gemspec
|
4
|
+
|
5
|
+
logstash_path = ENV["LOGSTASH_PATH"] || "../../logstash"
|
6
|
+
use_logstash_source = ENV["LOGSTASH_SOURCE"] && ENV["LOGSTASH_SOURCE"].to_s == "1"
|
7
|
+
|
8
|
+
if Dir.exist?(logstash_path) && use_logstash_source
|
9
|
+
gem 'logstash-core', :path => "#{logstash_path}/logstash-core"
|
10
|
+
gem 'logstash-core-plugin-api', :path => "#{logstash_path}/logstash-core-plugin-api"
|
11
|
+
end
|
data/docs/index.asciidoc
CHANGED
@@ -14,15 +14,30 @@ END - GENERATED VARIABLES, DO NOT EDIT!
|
|
14
14
|
|
15
15
|
[id="plugins-{type}-{plugin}"]
|
16
16
|
|
17
|
-
=== Geoip
|
17
|
+
=== Geoip filter plugin
|
18
18
|
|
19
19
|
include::{include_path}/plugin_header.asciidoc[]
|
20
20
|
|
21
21
|
==== Description
|
22
22
|
|
23
23
|
The GeoIP filter adds information about the geographical location of IP addresses,
|
24
|
-
based on data from the Maxmind GeoLite2
|
25
|
-
|
24
|
+
based on data from the Maxmind GeoLite2 databases.
|
25
|
+
|
26
|
+
==== Supported Databases
|
27
|
+
|
28
|
+
This plugin is bundled with https://dev.maxmind.com/geoip/geoip2/geolite2[GeoLite2] City database out of the box. From Maxmind's description --
|
29
|
+
"GeoLite2 databases are free IP geolocation databases comparable to, but less accurate than, MaxMind’s
|
30
|
+
GeoIP2 databases". Please see GeoIP Lite2 license for more details.
|
31
|
+
|
32
|
+
https://www.maxmind.com/en/geoip2-databases[Commercial databases] from Maxmind are also supported in this plugin.
|
33
|
+
|
34
|
+
If you need to use databases other than the bundled GeoLite2 City, you can download them directly
|
35
|
+
from Maxmind's website and use the `database` option to specify their location. The GeoLite2 databases
|
36
|
+
can be downloaded from https://dev.maxmind.com/geoip/geoip2/geolite2[here].
|
37
|
+
|
38
|
+
If you would like to get Autonomous System Number(ASN) information, you can use the GeoLite2-ASN database.
|
39
|
+
|
40
|
+
==== Details
|
26
41
|
|
27
42
|
A `[geoip][location]` field is created if
|
28
43
|
the GeoIP lookup returns a latitude and longitude. The field is stored in
|
@@ -1,6 +1,6 @@
|
|
1
1
|
# AUTOGENERATED BY THE GRADLE SCRIPT. DO NOT EDIT.
|
2
2
|
|
3
3
|
require 'jar_dependencies'
|
4
|
-
require_jar('com.maxmind.geoip2', 'geoip2', '2.
|
5
|
-
require_jar('com.maxmind.db', 'maxmind-db', '1.2.
|
6
|
-
require_jar('org.logstash.filters', 'logstash-filter-geoip', '4.
|
4
|
+
require_jar('com.maxmind.geoip2', 'geoip2', '2.9.0')
|
5
|
+
require_jar('com.maxmind.db', 'maxmind-db', '1.2.2')
|
6
|
+
require_jar('org.logstash.filters', 'logstash-filter-geoip', '4.2.0')
|
@@ -1,7 +1,7 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
|
3
3
|
s.name = 'logstash-filter-geoip'
|
4
|
-
s.version = '4.
|
4
|
+
s.version = '4.2.0'
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
6
6
|
s.summary = "$summary"
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
data/spec/filters/geoip_spec.rb
CHANGED
@@ -3,6 +3,8 @@ require "logstash/devutils/rspec/spec_helper"
|
|
3
3
|
require "logstash/filters/geoip"
|
4
4
|
|
5
5
|
CITYDB = ::Dir.glob(::File.expand_path("../../vendor/", ::File.dirname(__FILE__))+"/GeoLite2-City.mmdb").first
|
6
|
+
# this is downloaded in build dir so we don't accidentally package this database when creating a gem
|
7
|
+
ASNDB = ::Dir.glob(::File.expand_path("../../build/GeoLite2-ASN_*", ::File.dirname(__FILE__))+"/GeoLite2-ASN.mmdb").first
|
6
8
|
|
7
9
|
describe LogStash::Filters::GeoIP do
|
8
10
|
|
@@ -20,9 +22,7 @@ describe LogStash::Filters::GeoIP do
|
|
20
22
|
insist { subject }.include?("geoip")
|
21
23
|
|
22
24
|
expected_fields = %w(ip country_code2 country_code3 country_name
|
23
|
-
continent_code
|
24
|
-
latitude longitude dma_code timezone
|
25
|
-
location )
|
25
|
+
continent_code latitude longitude location)
|
26
26
|
expected_fields.each do |f|
|
27
27
|
insist { subject.get("geoip") }.include?(f)
|
28
28
|
end
|
@@ -52,9 +52,7 @@ describe LogStash::Filters::GeoIP do
|
|
52
52
|
expect(subject).to include("src_ip")
|
53
53
|
|
54
54
|
expected_fields = %w(ip country_code2 country_code3 country_name
|
55
|
-
continent_code
|
56
|
-
latitude longitude dma_code timezone
|
57
|
-
location )
|
55
|
+
continent_code latitude longitude location)
|
58
56
|
expected_fields.each do |f|
|
59
57
|
expect(subject.get("src_ip")).to include(f)
|
60
58
|
end
|
@@ -270,4 +268,23 @@ describe LogStash::Filters::GeoIP do
|
|
270
268
|
end
|
271
269
|
end
|
272
270
|
|
271
|
+
describe "GeoIP2-ASN database" do
|
272
|
+
config <<-CONFIG
|
273
|
+
filter {
|
274
|
+
geoip {
|
275
|
+
source => "ip"
|
276
|
+
database => "#{ASNDB}"
|
277
|
+
}
|
278
|
+
}
|
279
|
+
CONFIG
|
280
|
+
|
281
|
+
sample("ip" => "8.8.8.8") do
|
282
|
+
expect(subject.get("geoip")).not_to be_empty
|
283
|
+
expect(subject.get("geoip")["asn"]).to eq(15169)
|
284
|
+
expect(subject.get("geoip")["as_org"]).to eq("Google Inc.")
|
285
|
+
end
|
286
|
+
|
287
|
+
|
288
|
+
end
|
289
|
+
|
273
290
|
end
|
data/vendor/GeoLite2-City.mmdb
CHANGED
Binary file
|
Binary file
|
Binary file
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-filter-geoip
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.2.0
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-06-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -78,9 +78,9 @@ files:
|
|
78
78
|
- maxmind-db-NOTICE.txt
|
79
79
|
- spec/filters/geoip_spec.rb
|
80
80
|
- vendor/GeoLite2-City.mmdb
|
81
|
-
- vendor/jar-dependencies/com/maxmind/db/maxmind-db/1.2.
|
82
|
-
- vendor/jar-dependencies/com/maxmind/geoip2/geoip2/2.
|
83
|
-
- vendor/jar-dependencies/org/logstash/filters/logstash-filter-geoip/4.
|
81
|
+
- vendor/jar-dependencies/com/maxmind/db/maxmind-db/1.2.2/maxmind-db-1.2.2.jar
|
82
|
+
- vendor/jar-dependencies/com/maxmind/geoip2/geoip2/2.9.0/geoip2-2.9.0.jar
|
83
|
+
- vendor/jar-dependencies/org/logstash/filters/logstash-filter-geoip/4.2.0/logstash-filter-geoip-4.2.0.jar
|
84
84
|
homepage: http://www.elastic.co/guide/en/logstash/current/index.html
|
85
85
|
licenses:
|
86
86
|
- Apache License (2.0)
|
Binary file
|