logstash-filter-geoip 7.2.1-java → 7.2.2-java
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 228cb2db9a6c6d725886c8a93970bf7c6f63ab5eaf838bce2777b2c88eea02f6
|
4
|
+
data.tar.gz: e52ec1454cc7658c4a61db2527058607a825b9ae0cde5fb270791e40b32ed067
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2b4addd23f4ad628dcf9a4d28638ea80f75a0774f0e2e1cb85be9777d1a08072ebbe3ff1a3e0d42bab957a0f397679dfeed507cff57e48e6a1b47cb3080a5780
|
7
|
+
data.tar.gz: 18fad8acf816a24f205a2b6c5f17518e07e96c7a9e62e7e1c38f05023a719306ce20f3bd67c954454b87e7daa225e4a26ead88290e7b6b14cf37283762beef79
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,6 @@
|
|
1
|
+
## 7.2.2
|
2
|
+
- [DOC] Add documentation for database auto-update behavior and database metrics [#187](https://github.com/logstash-plugins/logstash-filter-geoip/pull/187)
|
3
|
+
|
1
4
|
## 7.2.1
|
2
5
|
- Republish the gem due to missing jars in 7.2.0 [#186](https://github.com/logstash-plugins/logstash-filter-geoip/pull/186)
|
3
6
|
|
data/docs/index.asciidoc
CHANGED
@@ -43,9 +43,7 @@ If you would like to get Autonomous System Number(ASN) information, you can use
|
|
43
43
|
https://www.maxmind.com[MaxMind] changed from releasing the GeoIP database under
|
44
44
|
a Creative Commons (CC) license to a proprietary end-user license agreement
|
45
45
|
(EULA). The MaxMind EULA requires Logstash to update the MaxMind database
|
46
|
-
within 30 days of a database update.
|
47
|
-
for 30 days, the geoip filter will stop enriching events in order to maintain compliance.
|
48
|
-
Events will be tagged with `_geoip_expired_database` tag to facilitate the handling of this situation.
|
46
|
+
within 30 days of a database update.
|
49
47
|
|
50
48
|
The GeoIP filter plugin can manage the database for users running the Logstash default
|
51
49
|
distribution, or you can manage
|
@@ -57,6 +55,77 @@ Otherwise, you are responsible for maintaining compliance.
|
|
57
55
|
The Logstash open source distribution uses the MaxMind Creative Commons license
|
58
56
|
database by default.
|
59
57
|
|
58
|
+
[id="plugins-{type}s-{plugin}-database_auto"]
|
59
|
+
==== Database Auto-update
|
60
|
+
|
61
|
+
This plugin bundles Creative Commons (CC) license databases.
|
62
|
+
In air-gapped environments, Logstash can use CC license databases indefinitely.
|
63
|
+
Logstash checks for database updates every day. It downloads the latest and can replace the old database
|
64
|
+
while the plugin is running.
|
65
|
+
After Logstash downloads EULA license databases, it will not fallback to CC license databases.
|
66
|
+
|
67
|
+
If Logstash fails to download the database for 30 days,
|
68
|
+
the geoip filter will stop enriching events in order to maintain compliance.
|
69
|
+
Events will be tagged with `_geoip_expired_database` tag to facilitate the handling of this situation.
|
70
|
+
|
71
|
+
TIP: When possible, allow Logstash to access the internet to download databases so that they are always up-to-date.
|
72
|
+
|
73
|
+
[id="plugins-{type}s-{plugin}-metrics"]
|
74
|
+
==== Database Metrics
|
75
|
+
|
76
|
+
You can monitor database status through the {logstash-ref}/node-stats-api.html#node-stats-api[Node Stats API].
|
77
|
+
|
78
|
+
The following request returns a JSON document containing database manager stats,
|
79
|
+
including:
|
80
|
+
|
81
|
+
* database status and freshness
|
82
|
+
** `geoip_download_manager.database.*.status`
|
83
|
+
*** `init` : initial CC database status
|
84
|
+
*** `up_to_date` : using up-to-date EULA database
|
85
|
+
*** `to_be_expired` : 25 days without calling service
|
86
|
+
*** `expired` : 30 days without calling service
|
87
|
+
** `fail_check_in_days` : number of days Logstash fails to call service since the last success
|
88
|
+
* info about download successes and failures
|
89
|
+
** `geoip_download_manager.download_stats.successes` number of successful checks and downloads
|
90
|
+
** `geoip_download_manager.download_stats.failures` number of failed check or download
|
91
|
+
** `geoip_download_manager.download_stats.status`
|
92
|
+
*** `updating` : check and download at the moment
|
93
|
+
*** `succeeded` : last download succeed
|
94
|
+
*** `failed` : last download failed
|
95
|
+
|
96
|
+
[source,js]
|
97
|
+
--------------------------------------------------
|
98
|
+
curl -XGET 'localhost:9600/_node/stats/geoip_download_manager?pretty'
|
99
|
+
--------------------------------------------------
|
100
|
+
|
101
|
+
Example response:
|
102
|
+
|
103
|
+
[source,js]
|
104
|
+
--------------------------------------------------
|
105
|
+
{
|
106
|
+
"geoip_download_manager" : {
|
107
|
+
"database" : {
|
108
|
+
"ASN" : {
|
109
|
+
"status" : "up_to_date",
|
110
|
+
"fail_check_in_days" : 0,
|
111
|
+
"last_updated_at": "2021-06-21T16:06:54+02:00"
|
112
|
+
},
|
113
|
+
"City" : {
|
114
|
+
"status" : "up_to_date",
|
115
|
+
"fail_check_in_days" : 0,
|
116
|
+
"last_updated_at": "2021-06-21T16:06:54+02:00"
|
117
|
+
}
|
118
|
+
},
|
119
|
+
"download_stats" : {
|
120
|
+
"successes" : 15,
|
121
|
+
"failures" : 1,
|
122
|
+
"last_checked_at" : "2021-06-21T16:07:03+02:00",
|
123
|
+
"status" : "succeeded"
|
124
|
+
}
|
125
|
+
}
|
126
|
+
}
|
127
|
+
--------------------------------------------------
|
128
|
+
|
60
129
|
==== Details
|
61
130
|
|
62
131
|
A `[geoip][location]` field is created if
|
@@ -1,7 +1,7 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
|
3
3
|
s.name = 'logstash-filter-geoip'
|
4
|
-
s.version = '7.2.
|
4
|
+
s.version = '7.2.2'
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
6
6
|
s.summary = "Adds geographical information about an IP address"
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
Binary file
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-filter-geoip
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 7.2.
|
4
|
+
version: 7.2.2
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-06-
|
11
|
+
date: 2021-06-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|