logstash-filter-phpipam 0.7.0 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/logstash/filters/phpipam.rb +44 -5
- data/logstash-filter-phpipam.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1958f973db608ec8a6d334f5ac17e7cdcc086090ec98edaa47581171ce69cd43
|
|
4
|
+
data.tar.gz: 6cdd9bf4973d25c9e6436a8738841c906d59bf2ae92cd59097c06770fa04ba74
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: def36e7c9853d630b10f6bd483efdfcf60eff8be42462bb2bdbe75cfb6a5e0ed33bda0344d7f58b6176d379e1e3b25abb584b67662a71a106287309059916ab4
|
|
7
|
+
data.tar.gz: b40a8985553daab7f1cba3321ffbcc786823dabf85e5a4977682bc1d5d0bb10fb2ccc7451ac885563a48a93eef08355d166a2a63f7112e9fcfc958125cf6c78f
|
|
@@ -54,7 +54,7 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
54
54
|
|
|
55
55
|
# Get data from cache or phpIPAM if not in cache
|
|
56
56
|
event_data = search_cache(ip)
|
|
57
|
-
event_data = phpipam_data(ip) if event_data.is_a?(FalseClass)
|
|
57
|
+
event_data = phpipam_data(ip, event) if event_data.is_a?(FalseClass)
|
|
58
58
|
|
|
59
59
|
return if !event_data['error'].nil? && event_data['error']
|
|
60
60
|
|
|
@@ -149,19 +149,32 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
149
149
|
value.nil? || value.empty?
|
|
150
150
|
end
|
|
151
151
|
|
|
152
|
+
# Checks if the value is defined and not nil or error
|
|
153
|
+
# @param value: a value to check
|
|
154
|
+
# @return [bool]
|
|
155
|
+
def okay?(value)
|
|
156
|
+
!defined?(value).nil? && !value.nil? && value['error'].nil?
|
|
157
|
+
end
|
|
158
|
+
|
|
152
159
|
# Queries phpIPAM and formats the data
|
|
153
160
|
# @param ip: an IP-address to query
|
|
154
161
|
# @return [hash]
|
|
155
|
-
def phpipam_data(ip)
|
|
162
|
+
def phpipam_data(ip, event)
|
|
156
163
|
# Fetch base data needed from phpIPAM
|
|
157
164
|
ip_data = send_rest_request('GET', "api/#{@app_id}/addresses/search/#{ip}/")
|
|
158
165
|
|
|
159
166
|
# If the IP wasn't found, return and do nuthin'
|
|
160
|
-
|
|
167
|
+
if !ip_data['error'].nil? && ip_data['error']
|
|
168
|
+
event.tag('_phpipam_ip_not_found')
|
|
169
|
+
return { 'error' => true }
|
|
170
|
+
end
|
|
161
171
|
|
|
162
172
|
subnet_data = send_rest_request('GET', "api/#{@app_id}/subnets/#{ip_data['subnetId']}/") unless nil_or_empty?(ip_data['subnetId'])
|
|
163
173
|
vlan_data = send_rest_request('GET', "api/#{@app_id}/vlans/#{subnet_data['vlanId']}/") unless nil_or_empty?(subnet_data['vlanId'])
|
|
164
174
|
|
|
175
|
+
device_data = send_rest_request('GET', "api/#{@app_id}/tools/devices/#{ip_data['deviceId']}/") unless ip_data['deviceId'] == '0' || nil_or_empty?(ip_data['deviceId'])
|
|
176
|
+
location_data = send_rest_request('GET', "api/#{@app_id}/tools/locations/#{ip_data['location']}/") unless ip_data['location'] == '0' || nil_or_empty?(ip_data['location'])
|
|
177
|
+
|
|
165
178
|
# Base hash to format data in
|
|
166
179
|
base = {
|
|
167
180
|
'ip' => {},
|
|
@@ -177,7 +190,7 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
177
190
|
base['ip']['owner'] = ip_data['owner'] unless nil_or_empty?(ip_data['owner'])
|
|
178
191
|
|
|
179
192
|
# Subnet information
|
|
180
|
-
if
|
|
193
|
+
if okay?(subnet_data)
|
|
181
194
|
base['subnet'] = {}
|
|
182
195
|
base['subnet']['id'] = ip_data['subnetId'].to_i
|
|
183
196
|
base['subnet']['section_id'] = subnet_data['sectionId'].to_i
|
|
@@ -188,7 +201,7 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
188
201
|
end
|
|
189
202
|
|
|
190
203
|
# VLAN information
|
|
191
|
-
if
|
|
204
|
+
if okay?(vlan_data)
|
|
192
205
|
base['vlan'] = {}
|
|
193
206
|
base['vlan']['id'] = subnet_data['vlanId'].to_i
|
|
194
207
|
base['vlan']['number'] = vlan_data['number'].to_i unless nil_or_empty?(vlan_data['number'])
|
|
@@ -196,6 +209,32 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
196
209
|
base['vlan']['description'] = vlan_data['description'] unless nil_or_empty?(vlan_data['description'])
|
|
197
210
|
end
|
|
198
211
|
|
|
212
|
+
# Device information
|
|
213
|
+
if okay?(device_data)
|
|
214
|
+
type = send_rest_request('GET', "api/#{@app_id}/tools/device_types/#{device_data['type']}/")
|
|
215
|
+
|
|
216
|
+
base['device'] = {}
|
|
217
|
+
base['device']['id'] = ip_data['deviceId'].to_i
|
|
218
|
+
base['device']['name'] = device_data['hostname'] unless nil_or_empty?(device_data['hostname'])
|
|
219
|
+
base['device']['description'] = device_data['description'] unless nil_or_empty?(device_data['description'])
|
|
220
|
+
base['device']['type'] = type['tname'] unless nil_or_empty?(type['tname'])
|
|
221
|
+
|
|
222
|
+
# If the IP doesn't have the location directly, use the one from the device (if that has one)
|
|
223
|
+
unless okay?(location_data)
|
|
224
|
+
location_data = send_rest_request('GET', "api/#{@app_id}/tools/locations/#{device_data['location']}/") unless device_data['location'] == '0' || nil_or_empty?(device_data['location'])
|
|
225
|
+
end
|
|
226
|
+
end
|
|
227
|
+
|
|
228
|
+
# Location information
|
|
229
|
+
if okay?(location_data)
|
|
230
|
+
base['location'] = {}
|
|
231
|
+
base['location']['id'] = ip_data['location'].to_i
|
|
232
|
+
base['location']['address'] = location_data['address'] unless nil_or_empty?(location_data['address'])
|
|
233
|
+
base['location']['name'] = location_data['name'] unless nil_or_empty?(location_data['name'])
|
|
234
|
+
base['location']['description'] = location_data['description'] unless nil_or_empty?(location_data['description'])
|
|
235
|
+
base['location']['location'] = { 'lat' => location_data['lat'], 'lon' => location_data['long'] } unless nil_or_empty?(location_data['lat'])
|
|
236
|
+
end
|
|
237
|
+
|
|
199
238
|
# Cache it for future needs
|
|
200
239
|
cache_data(base)
|
|
201
240
|
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = 'logstash-filter-phpipam'
|
|
5
|
-
s.version = '0.7.
|
|
5
|
+
s.version = '0.7.1'
|
|
6
6
|
s.licenses = ['Apache-2.0']
|
|
7
7
|
s.summary = 'A Logstash filter that returns results from phpIPAM'
|
|
8
8
|
s.description = 'A Logstash filter that looks up an IP-address, and returns results from phpIPAM'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-filter-phpipam
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.7.
|
|
4
|
+
version: 0.7.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- magnuslarsen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-08-
|
|
11
|
+
date: 2019-08-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: logstash-core-plugin-api
|