RubyGems - logstash-filter-grok - Versions diffs - 2.0.2 → 2.0.3 - Mend

logstash-filter-grok 2.0.2 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +3 -1
data/README.md +3 -0
data/lib/logstash/filters/grok.rb +42 -42
data/logstash-filter-grok.gemspec +1 -1
metadata +19 -19

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0db663241d42d604907726c6780eb3c61a091e55
-  data.tar.gz: 9b44dbb0243e36e4f205248153b9d78a84755c85
+  metadata.gz: 0c29b365e4050c830edadd3f1787b202851ab318
+  data.tar.gz: ab4929767f5244347793b383bb33a4ae8f86741d
 SHA512:
-  metadata.gz: 4b8430c616c8d2bf1890f645f94d791e9a776bb16a53dc6f36ce208b63b9e7611d0d4ecb6f0c75d2e893f71a140625531b6d079ff33e99ac36c624eeb5e38611
-  data.tar.gz: e7356c65e3a21192cf0a6524b554c17274fecba4ab18143f1dcacc72d7bfe0e1be323dfd63924b71ecdea98792174a99ef2e34fbe9e22ed0fb692aa6d5d07169
+  metadata.gz: 41c8bb7ec629ab346b44013059e05ddc13bffaa2ca9eb25f1c8d1c8d730fb6272d6ae8d22e2651a99bd3d524d9fe870a51132558a0cda01c3a0cf3af05e4ae4b
+  data.tar.gz: 2825968293377f7ec3f0e6a327e6863e0bbd8c78f24100ab46f630f14f5e361006c2ff8e262efb3293544a769617dcc4644ad448a3eb972d40fdbd917973369d

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,7 @@
+## 2.0.3
+ - fix fieldref assignment to avoid assumption on mutable object
 ## 2.0.0
- - Plugins were updated to follow the new shutdown semantic, this mainly allows Logstash to instruct input plugins to terminate gracefully,
+ - Plugins were updated to follow the new shutdown semantic, this mainly allows Logstash to instruct input plugins to terminate gracefully,
    instead of using Thread.raise on the plugins' threads. Ref: https://github.com/elastic/logstash/pull/3895
  - Dependency on logstash-core update to 2.0

data/README.md CHANGED Viewed

@@ -1,5 +1,8 @@
 # Logstash Plugin
+[![Build
+Status](http://build-eu-00.elastic.co/view/LS%20Plugins/view/LS%20Filters/job/logstash-plugin-filter-grok-unit/badge/icon)](http://build-eu-00.elastic.co/view/LS%20Plugins/view/LS%20Filters/job/logstash-plugin-filter-grok-unit/)
 This is a plugin for [Logstash](https://github.com/elastic/logstash).
 It is fully free and fully open source. The license is Apache 2.0, meaning you are pretty much free to use it however you want in whatever way.

data/lib/logstash/filters/grok.rb CHANGED Viewed

@@ -4,7 +4,7 @@
   require "logstash/environment"
   require "logstash/patterns/core"
   require "set"
   # Parse arbitrary text and structure it.
   #
   # Grok is currently the best way in logstash to parse crappy unstructured log
@@ -72,7 +72,7 @@
   #     }
   #
   # After the grok filter, the event will have a few extra fields in it:
-  #
+  #
   # * `client: 55.3.244.1`
   # * `method: GET`
   # * `request: /index.html`
@@ -138,13 +138,13 @@
   # `SYSLOGBASE` pattern which itself is defined by other patterns.
   class LogStash::Filters::Grok < LogStash::Filters::Base
     config_name "grok"
     # Specify a pattern to parse with. This will match the `message` field.
     #
     # If you want to match other fields than message, use the `match` setting.
     # Multiple patterns is fine.
     config :pattern, :validate => :array, :deprecated => "You should use this instead: match => { \"message\" => \"your pattern here\" }"
     # A hash of matches of field => value
     #
     # For example:
@@ -159,9 +159,9 @@
     #       grok { match => { "message" => [ "Duration: %{NUMBER:duration}", "Speed: %{NUMBER:speed}" ] } }
     #     }
-    #
+    #
     config :match, :validate => :hash, :default => {}
     #
     # Logstash ships by default with a bunch of patterns, so you don't
     # necessarily need to define this yourself unless you are adding additional
@@ -169,7 +169,7 @@
     # Note that Grok will read all files in the directory and assume its a pattern
     # file (including any tilde backup files)
     # [source,ruby]
-    #     patterns_dir => ["/opt/logstash/patterns", "/opt/logstash/extra_patterns"]
+    #     patterns_dir => ["/opt/logstash/patterns", "/opt/logstash/extra_patterns"]
     #
     # Pattern files are plain text with format:
     # [source,ruby]
@@ -179,26 +179,26 @@
     # [source,ruby]
     #     NUMBER \d+
     config :patterns_dir, :validate => :array, :default => []
     # Break on first match. The first successful match by grok will result in the
     # filter being finished. If you want grok to try all patterns (maybe you are
     # parsing different things), then set this to false.
     config :break_on_match, :validate => :boolean, :default => true
     # If `true`, only store named captures from grok.
     config :named_captures_only, :validate => :boolean, :default => true
     # If `true`, keep empty captures as event fields.
     config :keep_empty_captures, :validate => :boolean, :default => false
     # If `true`, make single-value fields simply that value, not an array
     # containing that one value.
     config :singles, :validate => :boolean, :default => true, :deprecated => "This behavior is the default now, you don't need to set it."
     # Append values to the `tags` field when there has been no
     # successful match
     config :tag_on_failure, :validate => :array, :default => ["_grokparsefailure"]
     # The fields to overwrite.
     #
     # This allows you to overwrite a value in a field that already exists.
@@ -216,14 +216,14 @@
     # In this case, a line like `May 29 16:37:11 sadness logger: hello world`
     # will be parsed and `hello world` will overwrite the original message.
     config :overwrite, :validate => :array, :default => []
     # Register default pattern paths
     @@patterns_path ||= Set.new
     @@patterns_path += [
       LogStash::Patterns::Core.path,
       LogStash::Environment.pattern_path("*")
     ]
     public
     def initialize(params)
       super(params)
@@ -232,13 +232,13 @@
       # a cache of capture name handler methods.
       @handlers = {}
     end
     public
     def register
       require "grok-pure" # rubygem 'jls-grok'
       @patternfiles = []
       # Have @@patterns_path show first. Last-in pattern definitions win; this
       # will let folks redefine built-in patterns at runtime.
       @patterns_dir = @@patterns_path.to_a + @patterns_dir
@@ -247,20 +247,20 @@
         if File.directory?(path)
           path = File.join(path, "*")
         end
         Dir.glob(path).each do |file|
           @logger.info? and @logger.info("Grok loading patterns from file", :path => file)
           @patternfiles << file
         end
       end
       @patterns = Hash.new { |h,k| h[k] = [] }
       @logger.info? and @logger.info("Match data", :match => @match)
       @match.each do |field, patterns|
         patterns = [patterns] if patterns.is_a?(String)
         @logger.info? and @logger.info("Grok compile", :field => field, :patterns => patterns)
         patterns.each do |pattern|
           @logger.debug? and @logger.debug("regexp: #{@type}/#{field}", :pattern => pattern)
@@ -272,14 +272,14 @@
         end
       end # @match.each
     end # def register
     public
     def filter(event)
       matched = false
       done = false
       @logger.debug? and @logger.debug("Running grok filter", :event => event);
       @patterns.each do |field, groks|
         if match(groks, field, event)
@@ -288,21 +288,16 @@
         end
         #break if done
       end # @patterns.each
       if matched
         filter_matched(event)
       else
-        # Tag this event if we can't parse it. We can use this later to
-        # reparse+reindex logs if we improve the patterns given.
-        @tag_on_failure.each do |tag|
-          event["tags"] ||= []
-          event["tags"] << tag unless event["tags"].include?(tag)
-        end
+        @tag_on_failure.each{|tag| event.tag(tag)}
       end
       @logger.debug? and @logger.debug("Event now: ", :event => event)
     end # def filter
     private
     def match(groks, field, event)
       input = event[field]
@@ -318,7 +313,7 @@
     rescue StandardError => e
       @logger.warn("Grok regexp threw exception", :exception => e.message)
     end
     private
     def match_against_groks(groks, input, event)
       matched = false
@@ -332,11 +327,11 @@
       end
       return matched
     end
     private
     def handle(field, value, event)
       return if (value.nil? || (value.is_a?(String) && value.empty?)) unless @keep_empty_captures
       if @overwrite.include?(field)
         event[field] = value
       else
@@ -344,14 +339,19 @@
         if v.nil?
           event[field] = value
         elsif v.is_a?(Array)
-          event[field] << value
+          # do not replace the code below with:
+          #   event[field] << value
+          # this assumes implementation specific feature of returning a mutable object
+          # from a field ref which should not be assumed and will change in the future.
+          v << value
+          event[field] = v
         elsif v.is_a?(String)
           # Promote to array since we aren't overwriting.
           event[field] = [v, value]
         end
       end
     end
     private
     def add_patterns_from_files(paths, grok)
       paths.each do |path|
@@ -361,5 +361,5 @@
         grok.add_patterns_from_file(path)
       end
     end # def add_patterns_from_files
   end # class LogStash::Filters::Grok

data/logstash-filter-grok.gemspec CHANGED Viewed

@@ -1,7 +1,7 @@
 Gem::Specification.new do |s|
   s.name            = 'logstash-filter-grok'
-  s.version         = '2.0.2'
+  s.version         = '2.0.3'
   s.licenses        = ['Apache License (2.0)']
   s.summary         = "Parse arbitrary text and structure it."
   s.description     = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"

metadata CHANGED Viewed

@@ -1,17 +1,18 @@
 --- !ruby/object:Gem::Specification
 name: logstash-filter-grok
 version: !ruby/object:Gem::Version
-  version: 2.0.2
+  version: 2.0.3
 platform: ruby
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-10-14 00:00:00.000000000 Z
+date: 2015-12-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  requirement: !ruby/object:Gem::Requirement
+  name: logstash-core
+  version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
@@ -19,10 +20,7 @@ dependencies:
     - - <
       - !ruby/object:Gem::Version
         version: 3.0.0
-  name: logstash-core
-  prerelease: false
-  type: :runtime
-  version_requirements: !ruby/object:Gem::Requirement
+  requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
@@ -30,48 +28,50 @@ dependencies:
     - - <
       - !ruby/object:Gem::Version
         version: 3.0.0
+  prerelease: false
+  type: :runtime
 - !ruby/object:Gem::Dependency
+  name: jls-grok
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.11.1
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
         version: 0.11.1
-  name: jls-grok
   prerelease: false
   type: :runtime
+- !ruby/object:Gem::Dependency
+  name: logstash-patterns-core
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - '>='
       - !ruby/object:Gem::Version
-        version: 0.11.1
-- !ruby/object:Gem::Dependency
+        version: '0'
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
         version: '0'
-  name: logstash-patterns-core
   prerelease: false
   type: :runtime
+- !ruby/object:Gem::Dependency
+  name: logstash-devutils
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
         version: '0'
-  name: logstash-devutils
   prerelease: false
   type: :development
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '>='
-      - !ruby/object:Gem::Version
-        version: '0'
 description: This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program
 email: info@elastic.co
 executables: []