logstash-filter-geoip 7.2.1-java → 7.2.2-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 285fa554ef1f4455e341836fd13e7b1af1a07c52b81d41854adfe6640d831eba
-  data.tar.gz: e7dfba0e36f8255f15b27dcc8e55325b273941f277a6b9e3004e2c00e350778c
+  metadata.gz: 228cb2db9a6c6d725886c8a93970bf7c6f63ab5eaf838bce2777b2c88eea02f6
+  data.tar.gz: e52ec1454cc7658c4a61db2527058607a825b9ae0cde5fb270791e40b32ed067
 SHA512:
-  metadata.gz: 6495b6e4a085cca0b2e23310621bbd6543ad0118dc3cd35aa97224795a12ff3e3714194460974fb86961e74e2653b3926e2d94b4941a5f80582700319ae73f18
-  data.tar.gz: ce5b1b5bbc3b103de2cb0760bb3ab9d2b125e2d70d92fec20ef8f84b40f9e92cdbaf95ffd0954d7c2eacd85bd3865284a5d021f81e328fa82566dcaf42a0b3ec
+  metadata.gz: 2b4addd23f4ad628dcf9a4d28638ea80f75a0774f0e2e1cb85be9777d1a08072ebbe3ff1a3e0d42bab957a0f397679dfeed507cff57e48e6a1b47cb3080a5780
+  data.tar.gz: 18fad8acf816a24f205a2b6c5f17518e07e96c7a9e62e7e1c38f05023a719306ce20f3bd67c954454b87e7daa225e4a26ead88290e7b6b14cf37283762beef79

data/CHANGELOG.md

@@ -1,3 +1,6 @@
+## 7.2.2
+  - [DOC] Add documentation for database auto-update behavior and database metrics [#187](https://github.com/logstash-plugins/logstash-filter-geoip/pull/187)
+
 ## 7.2.1
   - Republish the gem due to missing jars in 7.2.0 [#186](https://github.com/logstash-plugins/logstash-filter-geoip/pull/186)
 

data/docs/index.asciidoc

@@ -43,9 +43,7 @@ If you would like to get Autonomous System Number(ASN) information, you can use
 https://www.maxmind.com[MaxMind] changed from releasing the GeoIP database under
 a Creative Commons (CC) license to a proprietary end-user license agreement
 (EULA).  The MaxMind EULA requires Logstash to update the MaxMind database
-within 30 days of a database update. If Logstash fails to download the database
-for 30 days, the geoip filter will stop enriching events in order to maintain compliance.
-Events will be tagged with `_geoip_expired_database` tag to facilitate the handling of this situation.
+within 30 days of a database update.
 
 The GeoIP filter plugin can manage the database for users running the Logstash default
 distribution, or you can manage
@@ -57,6 +55,77 @@ Otherwise, you are responsible for maintaining compliance.
 The Logstash open source distribution uses the MaxMind Creative Commons license
 database by default.
 
+[id="plugins-{type}s-{plugin}-database_auto"]
+==== Database Auto-update
+
+This plugin bundles Creative Commons (CC) license databases.
+In air-gapped environments, Logstash can use CC license databases indefinitely.
+Logstash checks for database updates every day. It downloads the latest and can replace the old database
+while the plugin is running.
+After Logstash downloads EULA license databases, it will not fallback to CC license databases.
+
+If Logstash fails to download the database for 30 days, 
+the geoip filter will stop enriching events in order to maintain compliance.
+Events will be tagged with `_geoip_expired_database` tag to facilitate the handling of this situation.
+
+TIP: When possible, allow Logstash to access the internet to download databases so that they are always up-to-date.
+
+[id="plugins-{type}s-{plugin}-metrics"]
+==== Database Metrics
+
+You can monitor database status through the {logstash-ref}/node-stats-api.html#node-stats-api[Node Stats API].
+
+The following request returns a JSON document containing database manager stats,
+including:
+
+* database status and freshness
+** `geoip_download_manager.database.*.status`
+*** `init` : initial CC database status
+*** `up_to_date` : using up-to-date EULA database
+*** `to_be_expired` : 25 days without calling service
+*** `expired` : 30 days without calling service
+** `fail_check_in_days` : number of days Logstash fails to call service since the last success
+* info about download successes and failures
+** `geoip_download_manager.download_stats.successes` number of successful checks and downloads
+** `geoip_download_manager.download_stats.failures` number of failed check or download
+** `geoip_download_manager.download_stats.status`
+*** `updating` : check and download at the moment
+*** `succeeded` : last download succeed
+*** `failed` : last download failed
+
+[source,js]
+--------------------------------------------------
+curl -XGET 'localhost:9600/_node/stats/geoip_download_manager?pretty'
+--------------------------------------------------
+
+Example response:
+
+[source,js]
+--------------------------------------------------
+{
+  "geoip_download_manager" : {
+    "database" : {
+      "ASN" : {
+        "status" : "up_to_date",
+        "fail_check_in_days" : 0,
+        "last_updated_at": "2021-06-21T16:06:54+02:00"
+      },
+      "City" : {
+        "status" : "up_to_date",
+        "fail_check_in_days" : 0,
+        "last_updated_at": "2021-06-21T16:06:54+02:00"
+      }
+    },
+    "download_stats" : {
+      "successes" : 15,
+      "failures" : 1,
+      "last_checked_at" : "2021-06-21T16:07:03+02:00",
+      "status" : "succeeded"
+    }
+  }
+}
+--------------------------------------------------
+
 ==== Details
 
 A `[geoip][location]` field is created if

data/logstash-filter-geoip.gemspec

@@ -1,7 +1,7 @@
 Gem::Specification.new do |s|
 
   s.name            = 'logstash-filter-geoip'
-  s.version         = '7.2.1'
+  s.version         = '7.2.2'
   s.licenses        = ['Apache License (2.0)']
   s.summary         = "Adds geographical information about an IP address"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-filter-geoip
 version: !ruby/object:Gem::Version
-  version: 7.2.1
+  version: 7.2.2
 platform: java
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-06-16 00:00:00.000000000 Z
+date: 2021-06-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement