logstash-filter-ieee_oui 1.0.4 → 1.0.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8b61037e52fda75b4e8a35244d59dea7246e8c8ce719853dfcfb45d8eba1ad01
4
- data.tar.gz: ab87f272af68fe7f88ef6ed3117839f5beab36d74ce8f8ee6ccad8731873359a
3
+ metadata.gz: 7934ac9a7081a5aed7682884cd113b01c19343fbc61057b4fcd8a641ecf81125
4
+ data.tar.gz: 75b024faa7cfdbdafec42410ea2d3fe709350c1be6e5c3c8bbe25b8d2f6ba85e
5
5
  SHA512:
6
- metadata.gz: 7abfa3b8c0575693846535c186ed1799041b294fc5e6d6a38dbae20adae34ac9c6de11fb4f6d27aebd2865b3fa27cb69e4ae965517a0da26fef7368e121e1d06
7
- data.tar.gz: 79eb3c71569239ceb9a7968c77f7d9a696e82871758dba3f7758b32d07b37b58773394aadc3ccee6713dd1bb89b61995afc75c9014c1c25e0d55c3408ebd181d
6
+ metadata.gz: 27df1ac1fce0efbc62fd0100701cc5d8eedf08b081538004bfbc16966e7be1945b19f6d882102fa3d4c5767b71f14085794d2cb71cca311edbe7bcab232040f0
7
+ data.tar.gz: b1fa8960e81efdfcec07490c4af05c57034285f2a5a01d42715ca9772e42893f98ede8f17fee56559c2bf2ba054e884829dc523c37bae2a7d73fd2063ab42c44
@@ -1,3 +1,5 @@
1
+ ## 1.0.5
2
+ - thread locking and refresh interval of oui file
1
3
  ## 1.0.4
2
4
  - added auto refresh of ouifile
3
5
  ## 1.0.3
@@ -3,6 +3,8 @@ require "logstash/filters/base"
3
3
  require "logstash/namespace"
4
4
  require 'digest'
5
5
 
6
+ java_import 'java.util.concurrent.locks.ReentrantReadWriteLock'
7
+
6
8
  # The ieee_oui filter allows you to match mac addresses to vendor names.
7
9
  # It accepts source mac addresses delimited by a colon(:), a dash(-) or no delimiter.
8
10
  # The filter requires a specially formatted oui-logstash.txt file for the ouifile.
@@ -27,44 +29,98 @@ class LogStash::Filters::IeeeOui < LogStash::Filters::Base
27
29
  config :source, :validate => :string, :default => 'mac'
28
30
  # Target field for manufacture
29
31
  config :target, :validate => :string, :default => 'mac_mfr'
32
+ # Indicates how frequently (in seconds) to check the oui text file for updates
33
+ config :refresh_interval, :validate => :number, :default => 300
30
34
  # Tag if lookup failure occurs
31
35
  config :tag_on_failure, :validate => :array, :default => ["_ouilookupfailure"]
32
36
 
33
37
  public
34
38
  def register
39
+ rw_lock = java.util.concurrent.locks.ReentrantReadWriteLock.new
40
+ @read_lock = rw_lock.readLock
41
+ @write_lock = rw_lock.writeLock
42
+
35
43
  if @ouifile.nil?
36
- @logger.debug("You must specifiy 'ouifile => path_to_file' in your ieee_oui filter")
37
44
  @ouihash = nil
45
+ raise LogStash::ConfigurationError, I18n.t(
46
+ "logstash.agent.configuration.invalid_plugin_register",
47
+ :plugin => "filter",
48
+ :type => "ieee_oui",
49
+ :error => "You must specifiy 'ouifile => path_to_file' in your ieee_oui filter"
50
+ )
38
51
  else
39
- @logger.info("Using oui file", :path => @ouifile)
40
- @md5 = md5file(@ouifile)
41
- @newmd5 = md5file(@ouifile)
42
- @ouihash = hashfile(@ouifile)
52
+ @logger.info("Using OUI file", :path => @ouifile)
53
+ @logger.info("OUI file refresh check seconds", :number => @refresh_interval)
54
+ @md5 = nil
55
+ @newmd5 = nil
56
+ @ouihash = nil
57
+ @next_refresh = Time.now + @refresh_interval
58
+ lock_for_write { refreshfile(@ouifile) }
43
59
  end
44
60
  end # def register
45
61
 
46
- #public
62
+ private
63
+ def lock_for_write
64
+ @write_lock.lock
65
+ begin
66
+ yield
67
+ ensure
68
+ @write_lock.unlock
69
+ end
70
+ end # def lock_for_write
71
+
72
+ private
73
+ def lock_for_read # ensuring only one thread updates the OUI hash
74
+ @read_lock.lock
75
+ begin
76
+ yield
77
+ ensure
78
+ @read_lock.unlock
79
+ end
80
+ end #def lock_for_read
81
+
82
+ private
47
83
  def md5file(file)
48
84
  return Digest::MD5.file(file).hexdigest
49
85
  end
50
86
 
87
+ private
51
88
  def hashfile(file)
52
89
  return Hash[*File.read(file).split(/\t|\n/)]
53
90
  end
54
91
 
92
+ private
55
93
  def refreshfile(file)
56
94
  @newmd5 = md5file(file)
57
95
  if @newmd5 != @md5
58
96
  @md5 = md5file(file)
59
97
  @ouihash = hashfile(file)
60
- @logger.info("Refreshing oui file" , :path => file)
98
+ @next_refresh = Time.now + @refresh_interval
99
+ @logger.info("Refreshing OUI file", :path => file)
100
+ else
101
+ @logger.debug("OUI file unchanged", :path => file)
61
102
  end
103
+ @logger.debug("OUI file MD5", :string => @md5)
104
+ end
105
+
106
+ private
107
+ def needs_refresh?
108
+ @next_refresh < Time.now
62
109
  end
63
110
 
111
+ public
64
112
  def filter(event)
65
113
  matched = false
114
+
66
115
  if ! @ouihash.nil?
67
- refreshfile(@ouifile)
116
+ if needs_refresh?
117
+ lock_for_write do
118
+ if needs_refresh?
119
+ refreshfile(@ouifile)
120
+ end
121
+ end
122
+ end
123
+
68
124
  validhex = false
69
125
  mac = event.get(@source)
70
126
  delimiter = mac[2]
@@ -75,7 +131,10 @@ class LogStash::Filters::IeeeOui < LogStash::Filters::Base
75
131
  end
76
132
  if !mfrid[/\H/]
77
133
  validhex = true
78
- vendor = @ouihash[mfrid]
134
+ vendor = nil
135
+ lock_for_read do
136
+ vendor = @ouihash[mfrid]
137
+ end
79
138
  if vendor.nil?
80
139
  vendor = 'unknown'
81
140
  else
@@ -85,8 +144,10 @@ class LogStash::Filters::IeeeOui < LogStash::Filters::Base
85
144
  event.set("#{@target}", vendor)
86
145
  end
87
146
  end
88
- @logger.debug("Invalid Hex in source", :string => @source) if not validhex
147
+
148
+ @logger.debug("Invalid MAC address in source", :string => @source) if not validhex
89
149
  @tag_on_failure.each{|tag| event.tag(tag)} if not matched
90
150
  filter_matched(event) if matched
91
151
  end # def filter
152
+
92
153
  end # class LogStash::Filters::IeeeOui
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = 'logstash-filter-ieee_oui'
3
- s.version = '1.0.4'
3
+ s.version = '1.0.5'
4
4
  s.licenses = ['Apache-2.0']
5
5
  s.summary = 'Logstash filter to parse OUI data from mac addresses, requires external OUI txt file from ieee.org'
6
6
  s.description = 'This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program'
@@ -20,4 +20,4 @@ Gem::Specification.new do |s|
20
20
  # Gem dependencies
21
21
  s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
22
22
  s.add_development_dependency 'logstash-devutils', '= 1.3.6'
23
- end
23
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-filter-ieee_oui
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.4
4
+ version: 1.0.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mike Pananen
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-02-02 00:00:00.000000000 Z
11
+ date: 2019-03-05 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement