logstash-filter-phpipam 0.8.0 → 0.8.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +31 -15
- data/lib/logstash/filters/phpipam.rb +32 -14
- data/logstash-filter-phpipam.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f3cd0911dedfc5eaa00e49d5518753e2055c2daaa340226365de5cfad4bfea94
|
|
4
|
+
data.tar.gz: 229d3e2f8343dd1c08b99814eea4e46624748916db5f7a1aecb7fb38616aeab0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 95a096e5d5930a43312fa0d70de8d77f2de58348e6dc0043513dade3e612de34c02bece88e95e98d3ffa633be27af14940735ecc7a5c7475cacf61f8c955d3c5
|
|
7
|
+
data.tar.gz: 8a801db0276f5497fb45cabab9415b5fe43f4bdf20f9b1fb43584f5136e68838e0842bae7989948f6d37580790be25c5b9dffb784c3075a3211ace64c2e0f61b
|
data/README.md
CHANGED
|
@@ -20,22 +20,38 @@ This plugin can be installed using the `logstash-plugin` command in $LOGSTASH_HO
|
|
|
20
20
|
${LOGSTASH_HOME:-/usr/share/logstash}/bin/logstash-plugin install logstash-filter-phpipam
|
|
21
21
|
```
|
|
22
22
|
|
|
23
|
+
## Redis configuration
|
|
24
|
+
Redis is primarily used as a [LRU cache](https://redis.io/topics/lru-cache), and can be configured in a lot of ways.
|
|
25
|
+
|
|
26
|
+
The two highly recommended settings to set, are `maxmemory` and `maxmemory-policy`:
|
|
27
|
+
* `maxmemory` can be tested using the `redis-cli --lru-test` [command](https://redis.io/topics/rediscli#performing-an-lru-simulation)
|
|
28
|
+
* `maxmemory-policy` I would set to `allkeys-lru`
|
|
29
|
+
|
|
30
|
+
The above settings would limit the memory that Redis can use. The limit should be high enough to contain almost all keys. \
|
|
31
|
+
If the limit is reached--and `maxmemory-policy` is set to `allkeys-lru`--the least accessed keys would be evicted first.
|
|
32
|
+
|
|
33
|
+
Every key will also have an expiration time of `cache_fresshness` (default 24 hours) associated, meaning that every key will live for 24 hours maximum. \
|
|
34
|
+
This is to prevent cached data to become stale, and always keep (approximately) up-to-date data from phpIPAM.
|
|
35
|
+
|
|
36
|
+
With my production data, every 50 keys is about 1 MiB of memory.
|
|
37
|
+
|
|
23
38
|
## Configuration options
|
|
24
|
-
| Option
|
|
25
|
-
|
|
|
26
|
-
| host
|
|
27
|
-
| app_id
|
|
28
|
-
| username
|
|
29
|
-
| password
|
|
30
|
-
| auth
|
|
31
|
-
| cache_ip
|
|
32
|
-
| cache_subnet
|
|
33
|
-
| cache_vlan
|
|
34
|
-
| cache_device
|
|
35
|
-
| cache_location
|
|
36
|
-
|
|
|
37
|
-
|
|
|
38
|
-
|
|
|
39
|
+
| Option | Type | Default | Comment |
|
|
40
|
+
| ----------------- | ------- | ------------- | -------------------------------------------------------------------------------- |
|
|
41
|
+
| host | string | | What host to connect to with protocol and optional port (e.g. https://fqdn:3000) |
|
|
42
|
+
| app_id | string | | See below |
|
|
43
|
+
| username | string | | Username to use for the connection |
|
|
44
|
+
| password | string | | Password to use for the connection |
|
|
45
|
+
| auth | boolean | true | Whether to use authentication or not |
|
|
46
|
+
| cache_ip | integer | 0 | ID of the redis database for IP-addresses |
|
|
47
|
+
| cache_subnet | integer | 1 | ID of the redis database for subnets |
|
|
48
|
+
| cache_vlan | integer | 2 | ID of the redis database for vlans |
|
|
49
|
+
| cache_device | integer | 3 | ID of the redis database for devices |
|
|
50
|
+
| cache_location | integer | 4 | ID of the redis database for locations |
|
|
51
|
+
| cache_device_type | integer | 5 | ID of the redis database for device types |
|
|
52
|
+
| cache_freshness | integer | 86400 (1 day) | How long, in seconds, a value should be cached before it's expired |
|
|
53
|
+
| source | string | | Which field the IP-address is in |
|
|
54
|
+
| target | string | phpipam | Where to place the phpIPAM data in |
|
|
39
55
|
|
|
40
56
|
`app_id` can be found in phpIPAM: Administration -> API \
|
|
41
57
|
It's recommended to use SSL when accessing the app_id in phpIPAM.
|
|
@@ -35,6 +35,7 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
35
35
|
config :cache_vlan, validate: :number, default: 2
|
|
36
36
|
config :cache_device, validate: :number, default: 3
|
|
37
37
|
config :cache_location, validate: :number, default: 4
|
|
38
|
+
config :cache_device_types, validate: :number, default: 5
|
|
38
39
|
|
|
39
40
|
# IP-address field to look up
|
|
40
41
|
config :source, validate: :string, required: true
|
|
@@ -54,20 +55,26 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
54
55
|
|
|
55
56
|
@cache_freshness = @cache_freshness.to_i
|
|
56
57
|
|
|
57
|
-
@cs_ip
|
|
58
|
-
@cs_subnet
|
|
59
|
-
@cs_vlan
|
|
60
|
-
@cs_device
|
|
61
|
-
@cs_location
|
|
58
|
+
@cs_ip = Redis.new(db: @cache_ip, id: 'logstash-filter-phpipam')
|
|
59
|
+
@cs_subnet = Redis.new(db: @cache_subnet, id: 'logstash-filter-phpipam')
|
|
60
|
+
@cs_vlan = Redis.new(db: @cache_vlan, id: 'logstash-filter-phpipam')
|
|
61
|
+
@cs_device = Redis.new(db: @cache_device, id: 'logstash-filter-phpipam')
|
|
62
|
+
@cs_location = Redis.new(db: @cache_location, id: 'logstash-filter-phpipam')
|
|
63
|
+
@cs_device_types = Redis.new(db: @cache_device_types, id: 'logstash-filter-phpipam')
|
|
64
|
+
|
|
65
|
+
# Validate Redis connection
|
|
66
|
+
begin
|
|
67
|
+
@cs_ip.ping
|
|
68
|
+
rescue Redis::CannotConnectError
|
|
69
|
+
raise Redis::CannotConnectError, 'Cannot connect to Redis!'
|
|
70
|
+
end
|
|
62
71
|
end
|
|
63
72
|
|
|
64
73
|
def close
|
|
74
|
+
@logger.debug? && @logger.debug('Persisting databases...')
|
|
75
|
+
|
|
65
76
|
# Persist the database to disk, when the pipeline ends
|
|
66
|
-
@cs_ip.bgsave
|
|
67
|
-
@cs_subnet.bgsave
|
|
68
|
-
@cs_vlan.bgsave
|
|
69
|
-
@cs_device.bgsave
|
|
70
|
-
@cs_location.bgsave
|
|
77
|
+
@cs_ip.bgsave # Will persist all databases
|
|
71
78
|
end
|
|
72
79
|
|
|
73
80
|
def filter(event)
|
|
@@ -102,7 +109,7 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
102
109
|
target
|
|
103
110
|
end
|
|
104
111
|
|
|
105
|
-
# Validates
|
|
112
|
+
# Validates an IP-address
|
|
106
113
|
# @param ip: an IP-address
|
|
107
114
|
# @param event: The Logstash event variable
|
|
108
115
|
# @return [bool]
|
|
@@ -278,14 +285,21 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
278
285
|
if device_id.positive?
|
|
279
286
|
if @cs_device.get(device_id).nil?
|
|
280
287
|
device_data = send_rest_request('GET', "api/#{@app_id}/tools/devices/#{device_id}/")
|
|
288
|
+
type_id = device_data['type']
|
|
289
|
+
|
|
290
|
+
# Device type_name is another REST call
|
|
291
|
+
if @cs_device_types.get(type_id).nil?
|
|
292
|
+
type_name = send_rest_request('GET', "api/#{@app_id}/tools/device_types/#{type_id}/")['tname']
|
|
281
293
|
|
|
282
|
-
|
|
283
|
-
|
|
294
|
+
@cs_device_types.set(type_id, type_name, ex: @cache_freshness)
|
|
295
|
+
else
|
|
296
|
+
type_name = @cs_device_types.get(type_id)
|
|
297
|
+
end
|
|
284
298
|
|
|
285
299
|
base['device']['id'] = device_id
|
|
286
300
|
base['device']['name'] = device_data['hostname'] unless nil_or_empty?(device_data['hostname'])
|
|
287
301
|
base['device']['description'] = device_data['description'] unless nil_or_empty?(device_data['description'])
|
|
288
|
-
base['device']['type'] =
|
|
302
|
+
base['device']['type'] = type_name
|
|
289
303
|
|
|
290
304
|
# Get device location
|
|
291
305
|
base['device']['location_id'] = device_data['location'].to_i
|
|
@@ -331,5 +345,9 @@ class LogStash::Filters::Phpipam < LogStash::Filters::Base
|
|
|
331
345
|
|
|
332
346
|
# all your base are belong to us
|
|
333
347
|
base
|
|
348
|
+
|
|
349
|
+
# Crash hard incase the connection to Redis stops
|
|
350
|
+
rescue Redis::CannotConnectError
|
|
351
|
+
raise Redis::CannotConnectError, 'Lost connection to Redis!'
|
|
334
352
|
end
|
|
335
353
|
end
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = 'logstash-filter-phpipam'
|
|
5
|
-
s.version = '0.8.
|
|
5
|
+
s.version = '0.8.1'
|
|
6
6
|
s.licenses = ['Apache-2.0']
|
|
7
7
|
s.summary = 'A Logstash filter that returns results from phpIPAM'
|
|
8
8
|
s.description = 'A Logstash filter that looks up an IP-address, and returns results from phpIPAM'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-filter-phpipam
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.8.
|
|
4
|
+
version: 0.8.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- magnuslarsen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-09-
|
|
11
|
+
date: 2019-09-13 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: logstash-core-plugin-api
|