logstash-filter-geoip 4.1.1-java → 4.2.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/Gemfile +8 -1
- data/docs/index.asciidoc +18 -3
- data/lib/logstash-filter-geoip_jars.rb +3 -3
- data/logstash-filter-geoip.gemspec +1 -1
- data/spec/filters/geoip_spec.rb +23 -6
- data/vendor/GeoLite2-City.mmdb +0 -0
- data/vendor/jar-dependencies/com/maxmind/db/maxmind-db/{1.2.1/maxmind-db-1.2.1.jar → 1.2.2/maxmind-db-1.2.2.jar} +0 -0
- data/vendor/jar-dependencies/com/maxmind/geoip2/geoip2/2.9.0/geoip2-2.9.0.jar +0 -0
- data/vendor/jar-dependencies/org/logstash/filters/logstash-filter-geoip/4.2.0/logstash-filter-geoip-4.2.0.jar +0 -0
- metadata +5 -5
- data/vendor/jar-dependencies/com/maxmind/geoip2/geoip2/2.8.0/geoip2-2.8.0.jar +0 -0
- data/vendor/jar-dependencies/org/logstash/filters/logstash-filter-geoip/4.1.0/logstash-filter-geoip-4.1.0.jar +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b7e65b1d5c1999721ca71919a80456212728f06e
|
4
|
+
data.tar.gz: a2fac474da826188d901084c675f02f554f69af4
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: be13622780cf0997cdf9765a206ad1ecebd0e471d1b71599bd203e7257217c725d9de9d9a295a38b7fa220536d73d981b300449829754b7808beed09db5e5076
|
7
|
+
data.tar.gz: 9b62ae00ecac61f70f9e694eac48624f619b26b21980f478ad379dded6fcde45837b2a61888d1e4df62674fb75c566693e421a011fed2e0985d63f45bddc27e6
|
data/CHANGELOG.md
CHANGED
data/Gemfile
CHANGED
@@ -1,4 +1,11 @@
|
|
1
1
|
source 'https://rubygems.org'
|
2
2
|
|
3
|
-
# Specify your gem's dependencies in logstash-mass_effect.gemspec
|
4
3
|
gemspec
|
4
|
+
|
5
|
+
logstash_path = ENV["LOGSTASH_PATH"] || "../../logstash"
|
6
|
+
use_logstash_source = ENV["LOGSTASH_SOURCE"] && ENV["LOGSTASH_SOURCE"].to_s == "1"
|
7
|
+
|
8
|
+
if Dir.exist?(logstash_path) && use_logstash_source
|
9
|
+
gem 'logstash-core', :path => "#{logstash_path}/logstash-core"
|
10
|
+
gem 'logstash-core-plugin-api', :path => "#{logstash_path}/logstash-core-plugin-api"
|
11
|
+
end
|
data/docs/index.asciidoc
CHANGED
@@ -14,15 +14,30 @@ END - GENERATED VARIABLES, DO NOT EDIT!
|
|
14
14
|
|
15
15
|
[id="plugins-{type}-{plugin}"]
|
16
16
|
|
17
|
-
=== Geoip
|
17
|
+
=== Geoip filter plugin
|
18
18
|
|
19
19
|
include::{include_path}/plugin_header.asciidoc[]
|
20
20
|
|
21
21
|
==== Description
|
22
22
|
|
23
23
|
The GeoIP filter adds information about the geographical location of IP addresses,
|
24
|
-
based on data from the Maxmind GeoLite2
|
25
|
-
|
24
|
+
based on data from the Maxmind GeoLite2 databases.
|
25
|
+
|
26
|
+
==== Supported Databases
|
27
|
+
|
28
|
+
This plugin is bundled with https://dev.maxmind.com/geoip/geoip2/geolite2[GeoLite2] City database out of the box. From Maxmind's description --
|
29
|
+
"GeoLite2 databases are free IP geolocation databases comparable to, but less accurate than, MaxMind’s
|
30
|
+
GeoIP2 databases". Please see GeoIP Lite2 license for more details.
|
31
|
+
|
32
|
+
https://www.maxmind.com/en/geoip2-databases[Commercial databases] from Maxmind are also supported in this plugin.
|
33
|
+
|
34
|
+
If you need to use databases other than the bundled GeoLite2 City, you can download them directly
|
35
|
+
from Maxmind's website and use the `database` option to specify their location. The GeoLite2 databases
|
36
|
+
can be downloaded from https://dev.maxmind.com/geoip/geoip2/geolite2[here].
|
37
|
+
|
38
|
+
If you would like to get Autonomous System Number(ASN) information, you can use the GeoLite2-ASN database.
|
39
|
+
|
40
|
+
==== Details
|
26
41
|
|
27
42
|
A `[geoip][location]` field is created if
|
28
43
|
the GeoIP lookup returns a latitude and longitude. The field is stored in
|
@@ -1,6 +1,6 @@
|
|
1
1
|
# AUTOGENERATED BY THE GRADLE SCRIPT. DO NOT EDIT.
|
2
2
|
|
3
3
|
require 'jar_dependencies'
|
4
|
-
require_jar('com.maxmind.geoip2', 'geoip2', '2.
|
5
|
-
require_jar('com.maxmind.db', 'maxmind-db', '1.2.
|
6
|
-
require_jar('org.logstash.filters', 'logstash-filter-geoip', '4.
|
4
|
+
require_jar('com.maxmind.geoip2', 'geoip2', '2.9.0')
|
5
|
+
require_jar('com.maxmind.db', 'maxmind-db', '1.2.2')
|
6
|
+
require_jar('org.logstash.filters', 'logstash-filter-geoip', '4.2.0')
|
@@ -1,7 +1,7 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
|
3
3
|
s.name = 'logstash-filter-geoip'
|
4
|
-
s.version = '4.
|
4
|
+
s.version = '4.2.0'
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
6
6
|
s.summary = "$summary"
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
data/spec/filters/geoip_spec.rb
CHANGED
@@ -3,6 +3,8 @@ require "logstash/devutils/rspec/spec_helper"
|
|
3
3
|
require "logstash/filters/geoip"
|
4
4
|
|
5
5
|
CITYDB = ::Dir.glob(::File.expand_path("../../vendor/", ::File.dirname(__FILE__))+"/GeoLite2-City.mmdb").first
|
6
|
+
# this is downloaded in build dir so we don't accidentally package this database when creating a gem
|
7
|
+
ASNDB = ::Dir.glob(::File.expand_path("../../build/GeoLite2-ASN_*", ::File.dirname(__FILE__))+"/GeoLite2-ASN.mmdb").first
|
6
8
|
|
7
9
|
describe LogStash::Filters::GeoIP do
|
8
10
|
|
@@ -20,9 +22,7 @@ describe LogStash::Filters::GeoIP do
|
|
20
22
|
insist { subject }.include?("geoip")
|
21
23
|
|
22
24
|
expected_fields = %w(ip country_code2 country_code3 country_name
|
23
|
-
continent_code
|
24
|
-
latitude longitude dma_code timezone
|
25
|
-
location )
|
25
|
+
continent_code latitude longitude location)
|
26
26
|
expected_fields.each do |f|
|
27
27
|
insist { subject.get("geoip") }.include?(f)
|
28
28
|
end
|
@@ -52,9 +52,7 @@ describe LogStash::Filters::GeoIP do
|
|
52
52
|
expect(subject).to include("src_ip")
|
53
53
|
|
54
54
|
expected_fields = %w(ip country_code2 country_code3 country_name
|
55
|
-
continent_code
|
56
|
-
latitude longitude dma_code timezone
|
57
|
-
location )
|
55
|
+
continent_code latitude longitude location)
|
58
56
|
expected_fields.each do |f|
|
59
57
|
expect(subject.get("src_ip")).to include(f)
|
60
58
|
end
|
@@ -270,4 +268,23 @@ describe LogStash::Filters::GeoIP do
|
|
270
268
|
end
|
271
269
|
end
|
272
270
|
|
271
|
+
describe "GeoIP2-ASN database" do
|
272
|
+
config <<-CONFIG
|
273
|
+
filter {
|
274
|
+
geoip {
|
275
|
+
source => "ip"
|
276
|
+
database => "#{ASNDB}"
|
277
|
+
}
|
278
|
+
}
|
279
|
+
CONFIG
|
280
|
+
|
281
|
+
sample("ip" => "8.8.8.8") do
|
282
|
+
expect(subject.get("geoip")).not_to be_empty
|
283
|
+
expect(subject.get("geoip")["asn"]).to eq(15169)
|
284
|
+
expect(subject.get("geoip")["as_org"]).to eq("Google Inc.")
|
285
|
+
end
|
286
|
+
|
287
|
+
|
288
|
+
end
|
289
|
+
|
273
290
|
end
|
data/vendor/GeoLite2-City.mmdb
CHANGED
Binary file
|
Binary file
|
Binary file
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-filter-geoip
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.2.0
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-06-22 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -78,9 +78,9 @@ files:
|
|
78
78
|
- maxmind-db-NOTICE.txt
|
79
79
|
- spec/filters/geoip_spec.rb
|
80
80
|
- vendor/GeoLite2-City.mmdb
|
81
|
-
- vendor/jar-dependencies/com/maxmind/db/maxmind-db/1.2.
|
82
|
-
- vendor/jar-dependencies/com/maxmind/geoip2/geoip2/2.
|
83
|
-
- vendor/jar-dependencies/org/logstash/filters/logstash-filter-geoip/4.
|
81
|
+
- vendor/jar-dependencies/com/maxmind/db/maxmind-db/1.2.2/maxmind-db-1.2.2.jar
|
82
|
+
- vendor/jar-dependencies/com/maxmind/geoip2/geoip2/2.9.0/geoip2-2.9.0.jar
|
83
|
+
- vendor/jar-dependencies/org/logstash/filters/logstash-filter-geoip/4.2.0/logstash-filter-geoip-4.2.0.jar
|
84
84
|
homepage: http://www.elastic.co/guide/en/logstash/current/index.html
|
85
85
|
licenses:
|
86
86
|
- Apache License (2.0)
|
Binary file
|