logstash-filter-phpipam 0.7.0 → 0.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/logstash/filters/phpipam.rb +44 -5
- data/logstash-filter-phpipam.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1958f973db608ec8a6d334f5ac17e7cdcc086090ec98edaa47581171ce69cd43
|
|
4
|
+
data.tar.gz: 6cdd9bf4973d25c9e6436a8738841c906d59bf2ae92cd59097c06770fa04ba74
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: def36e7c9853d630b10f6bd483efdfcf60eff8be42462bb2bdbe75cfb6a5e0ed33bda0344d7f58b6176d379e1e3b25abb584b67662a71a106287309059916ab4
|
|
7
|
+
data.tar.gz: b40a8985553daab7f1cba3321ffbcc786823dabf85e5a4977682bc1d5d0bb10fb2ccc7451ac885563a48a93eef08355d166a2a63f7112e9fcfc958125cf6c78f
|
|
@@ -54,7 +54,7 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
54
54
|
|
|
55
55
|
# Get data from cache or phpIPAM if not in cache
|
|
56
56
|
event_data = search_cache(ip)
|
|
57
|
-
event_data = phpipam_data(ip) if event_data.is_a?(FalseClass)
|
|
57
|
+
event_data = phpipam_data(ip, event) if event_data.is_a?(FalseClass)
|
|
58
58
|
|
|
59
59
|
return if !event_data['error'].nil? && event_data['error']
|
|
60
60
|
|
|
@@ -149,19 +149,32 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
149
149
|
value.nil? || value.empty?
|
|
150
150
|
end
|
|
151
151
|
|
|
152
|
+
# Checks if the value is defined and not nil or error
|
|
153
|
+
# @param value: a value to check
|
|
154
|
+
# @return [bool]
|
|
155
|
+
def okay?(value)
|
|
156
|
+
!defined?(value).nil? && !value.nil? && value['error'].nil?
|
|
157
|
+
end
|
|
158
|
+
|
|
152
159
|
# Queries phpIPAM and formats the data
|
|
153
160
|
# @param ip: an IP-address to query
|
|
154
161
|
# @return [hash]
|
|
155
|
-
def phpipam_data(ip)
|
|
162
|
+
def phpipam_data(ip, event)
|
|
156
163
|
# Fetch base data needed from phpIPAM
|
|
157
164
|
ip_data = send_rest_request('GET', "api/#{@app_id}/addresses/search/#{ip}/")
|
|
158
165
|
|
|
159
166
|
# If the IP wasn't found, return and do nuthin'
|
|
160
|
-
|
|
167
|
+
if !ip_data['error'].nil? && ip_data['error']
|
|
168
|
+
event.tag('_phpipam_ip_not_found')
|
|
169
|
+
return { 'error' => true }
|
|
170
|
+
end
|
|
161
171
|
|
|
162
172
|
subnet_data = send_rest_request('GET', "api/#{@app_id}/subnets/#{ip_data['subnetId']}/") unless nil_or_empty?(ip_data['subnetId'])
|
|
163
173
|
vlan_data = send_rest_request('GET', "api/#{@app_id}/vlans/#{subnet_data['vlanId']}/") unless nil_or_empty?(subnet_data['vlanId'])
|
|
164
174
|
|
|
175
|
+
device_data = send_rest_request('GET', "api/#{@app_id}/tools/devices/#{ip_data['deviceId']}/") unless ip_data['deviceId'] == '0' || nil_or_empty?(ip_data['deviceId'])
|
|
176
|
+
location_data = send_rest_request('GET', "api/#{@app_id}/tools/locations/#{ip_data['location']}/") unless ip_data['location'] == '0' || nil_or_empty?(ip_data['location'])
|
|
177
|
+
|
|
165
178
|
# Base hash to format data in
|
|
166
179
|
base = {
|
|
167
180
|
'ip' => {},
|
|
@@ -177,7 +190,7 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
177
190
|
base['ip']['owner'] = ip_data['owner'] unless nil_or_empty?(ip_data['owner'])
|
|
178
191
|
|
|
179
192
|
# Subnet information
|
|
180
|
-
if
|
|
193
|
+
if okay?(subnet_data)
|
|
181
194
|
base['subnet'] = {}
|
|
182
195
|
base['subnet']['id'] = ip_data['subnetId'].to_i
|
|
183
196
|
base['subnet']['section_id'] = subnet_data['sectionId'].to_i
|
|
@@ -188,7 +201,7 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
188
201
|
end
|
|
189
202
|
|
|
190
203
|
# VLAN information
|
|
191
|
-
if
|
|
204
|
+
if okay?(vlan_data)
|
|
192
205
|
base['vlan'] = {}
|
|
193
206
|
base['vlan']['id'] = subnet_data['vlanId'].to_i
|
|
194
207
|
base['vlan']['number'] = vlan_data['number'].to_i unless nil_or_empty?(vlan_data['number'])
|
|
@@ -196,6 +209,32 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
196
209
|
base['vlan']['description'] = vlan_data['description'] unless nil_or_empty?(vlan_data['description'])
|
|
197
210
|
end
|
|
198
211
|
|
|
212
|
+
# Device information
|
|
213
|
+
if okay?(device_data)
|
|
214
|
+
type = send_rest_request('GET', "api/#{@app_id}/tools/device_types/#{device_data['type']}/")
|
|
215
|
+
|
|
216
|
+
base['device'] = {}
|
|
217
|
+
base['device']['id'] = ip_data['deviceId'].to_i
|
|
218
|
+
base['device']['name'] = device_data['hostname'] unless nil_or_empty?(device_data['hostname'])
|
|
219
|
+
base['device']['description'] = device_data['description'] unless nil_or_empty?(device_data['description'])
|
|
220
|
+
base['device']['type'] = type['tname'] unless nil_or_empty?(type['tname'])
|
|
221
|
+
|
|
222
|
+
# If the IP doesn't have the location directly, use the one from the device (if that has one)
|
|
223
|
+
unless okay?(location_data)
|
|
224
|
+
location_data = send_rest_request('GET', "api/#{@app_id}/tools/locations/#{device_data['location']}/") unless device_data['location'] == '0' || nil_or_empty?(device_data['location'])
|
|
225
|
+
end
|
|
226
|
+
end
|
|
227
|
+
|
|
228
|
+
# Location information
|
|
229
|
+
if okay?(location_data)
|
|
230
|
+
base['location'] = {}
|
|
231
|
+
base['location']['id'] = ip_data['location'].to_i
|
|
232
|
+
base['location']['address'] = location_data['address'] unless nil_or_empty?(location_data['address'])
|
|
233
|
+
base['location']['name'] = location_data['name'] unless nil_or_empty?(location_data['name'])
|
|
234
|
+
base['location']['description'] = location_data['description'] unless nil_or_empty?(location_data['description'])
|
|
235
|
+
base['location']['location'] = { 'lat' => location_data['lat'], 'lon' => location_data['long'] } unless nil_or_empty?(location_data['lat'])
|
|
236
|
+
end
|
|
237
|
+
|
|
199
238
|
# Cache it for future needs
|
|
200
239
|
cache_data(base)
|
|
201
240
|
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = 'logstash-filter-phpipam'
|
|
5
|
-
s.version = '0.7.
|
|
5
|
+
s.version = '0.7.1'
|
|
6
6
|
s.licenses = ['Apache-2.0']
|
|
7
7
|
s.summary = 'A Logstash filter that returns results from phpIPAM'
|
|
8
8
|
s.description = 'A Logstash filter that looks up an IP-address, and returns results from phpIPAM'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-filter-phpipam
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.7.
|
|
4
|
+
version: 0.7.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- magnuslarsen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-08-
|
|
11
|
+
date: 2019-08-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: logstash-core-plugin-api
|