logstash-filter-varnishlog 0.1.5 → 0.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/lib/logstash/filters/varnishlog.rb +29 -24
- data/logstash-filter-varnishlog.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 132dc667645e4c0ed4ad0923d2e3c663e0b43c1e
|
|
4
|
+
data.tar.gz: d89076af90343002b99b42d7326ffe5e4be15647
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 62741d02b6fcc571b679fd0affb71806c2e5dffea3a2f29c795ea97ec68658089763c676426a96391ec2c4e1e62e34df25c9bcd2863b55619822aa78b8f34b40
|
|
7
|
+
data.tar.gz: cff06e7c4f7b91c6a95b2e4dd8398a5d38b2d5c7f17b72313198f5ca19b3dfd9c73ed77f915ec6cb6b95d3560645f6652b9de7e991973b8bca7f2e76abdc5235
|
data/CHANGELOG.md
CHANGED
|
@@ -10,7 +10,7 @@ require "logstash/namespace"
|
|
|
10
10
|
##Extenting array class to to an something like grep -v
|
|
11
11
|
class Array
|
|
12
12
|
def grepv(regex, &block)
|
|
13
|
-
self.reject { |elem| elem
|
|
13
|
+
self.reject { |elem| elem.match(/#{regex}/i) }.each(&block)
|
|
14
14
|
end
|
|
15
15
|
end
|
|
16
16
|
|
|
@@ -26,28 +26,28 @@ class LogStash::Filters::Varnishlog < LogStash::Filters::Base
|
|
|
26
26
|
# }
|
|
27
27
|
#
|
|
28
28
|
config_name "varnishlog"
|
|
29
|
-
|
|
29
|
+
|
|
30
30
|
# Replace the message with this value.
|
|
31
31
|
#config :message, :validate => :string, :default => "Hello World!"
|
|
32
32
|
config :blacklist_sections, :validate => :array, :default => []
|
|
33
|
-
|
|
33
|
+
config :normalize_fieldnames, :validate => :boolean, :default => false
|
|
34
34
|
public
|
|
35
35
|
def register
|
|
36
|
-
# Add instance variables
|
|
36
|
+
# Add instance variables
|
|
37
37
|
end # def register
|
|
38
38
|
|
|
39
39
|
public
|
|
40
40
|
def filter(event)
|
|
41
41
|
items = event.get("[message]").split("\n")
|
|
42
42
|
##Remove Blacklisted items from items hash
|
|
43
|
-
items = items.grepv(
|
|
43
|
+
items = items.grepv(blacklist_sections.join("|")) if blacklist_sections.any?
|
|
44
44
|
##
|
|
45
45
|
|
|
46
46
|
##timestamps
|
|
47
47
|
timestamps = items.grep(/Timestamp/)
|
|
48
48
|
timestamps.each do |timestamp|
|
|
49
49
|
if match = /-\s+Timestamp\s+(?<step>.*): (?<time_a>.*) (?<time_b>.*) (?<time_c>.*)/.match(timestamp)
|
|
50
|
-
event.set("timestamp_" + match['step'], match['time_a'])
|
|
50
|
+
event.set(normalize_fields("timestamp_" + match['step'] ), match['time_a'])
|
|
51
51
|
end
|
|
52
52
|
end
|
|
53
53
|
## VCL Log
|
|
@@ -58,7 +58,7 @@ class LogStash::Filters::Varnishlog < LogStash::Filters::Base
|
|
|
58
58
|
log_lines.push(match['log_line'])
|
|
59
59
|
end
|
|
60
60
|
if index == log_lines.size - 1
|
|
61
|
-
event.set("VCL_Log", log_lines)
|
|
61
|
+
event.set(normalize_fields("VCL_Log"), log_lines)
|
|
62
62
|
end
|
|
63
63
|
end
|
|
64
64
|
|
|
@@ -66,58 +66,58 @@ class LogStash::Filters::Varnishlog < LogStash::Filters::Base
|
|
|
66
66
|
## Request headers.
|
|
67
67
|
request_headers = items.grep(/ReqHeader/)
|
|
68
68
|
request_headers.each do |header|
|
|
69
|
-
if match =
|
|
70
|
-
event.set(match['header_name'], match['header_value'])
|
|
69
|
+
if match = /-+\s+ReqHeader\s+(?<header_name>.*?): (?<header_value>.*)/.match(header)
|
|
70
|
+
event.set(normalize_fields(match['header_name']), match['header_value'])
|
|
71
71
|
end
|
|
72
72
|
end
|
|
73
73
|
## Match ReqMethod.
|
|
74
|
-
if method_match =
|
|
75
|
-
event.set("
|
|
74
|
+
if method_match = /-+\s+ReqMethod\s+(?<method>.*)/.match(items.grep(/ReqMethod/)[0])
|
|
75
|
+
event.set("ReqMethod", method_match['method'])
|
|
76
76
|
end
|
|
77
77
|
## Match ReqURL.
|
|
78
|
-
if url_match =
|
|
79
|
-
event.set("
|
|
78
|
+
if url_match = /-+\s+ReqURL\s+(?<url>\/.*)/.match(items.grep(/ReqURL/)[0])
|
|
79
|
+
event.set("ReqUrl", url_match['url'])
|
|
80
80
|
end
|
|
81
81
|
## Match ReqProtocol.
|
|
82
|
-
if protocol_match =
|
|
82
|
+
if protocol_match = /-+\s+ReqProtocol\s+(?<protocol>.*)/.match(items.grep(/ReqProtocol/)[0])
|
|
83
83
|
event.set("ReqProtocol", protocol_match['protocol'])
|
|
84
84
|
end
|
|
85
|
-
|
|
85
|
+
|
|
86
86
|
# Response
|
|
87
87
|
## Response headers.
|
|
88
88
|
response_headers = items.grep(/RespHeader/)
|
|
89
89
|
response_headers.each do |header|
|
|
90
|
-
if match =
|
|
91
|
-
event.set(match['header_name'], match['header_value'])
|
|
90
|
+
if match = /-+\s+RespHeader\s+(?<header_name>.*?): (?<header_value>.*)/.match(header)
|
|
91
|
+
event.set(normalize_fields(match['header_name']), match['header_value'])
|
|
92
92
|
end
|
|
93
93
|
end
|
|
94
94
|
## Match RespProtocol
|
|
95
|
-
if protocol_match =
|
|
95
|
+
if protocol_match = /-+\s+RespProtocol\s+(?<protocol>.*)/.match(items.grep(/RespProtocol/)[0])
|
|
96
96
|
event.set("RespProtocol", protocol_match['protocol'])
|
|
97
97
|
end
|
|
98
98
|
## Match RespStatus
|
|
99
99
|
status_match = items.grep(/RespStatus/)
|
|
100
100
|
states = []
|
|
101
101
|
status_match.each_with_index do |status, index|
|
|
102
|
-
if match =
|
|
103
|
-
|
|
102
|
+
if match = /-+\s+RespStatus\s+(?<status>.*)/.match(status)
|
|
103
|
+
states.push(match['status'].to_i)
|
|
104
104
|
end
|
|
105
105
|
if index == status_match.size - 1
|
|
106
|
-
|
|
106
|
+
event.set("RespStatus", states)
|
|
107
107
|
end
|
|
108
108
|
end
|
|
109
109
|
## Match RespReason
|
|
110
110
|
response_reason = items.grep(/RespReason/)
|
|
111
111
|
reasons = []
|
|
112
112
|
response_reason.each_with_index do |reason, index|
|
|
113
|
-
if match =
|
|
114
|
-
|
|
113
|
+
if match = /-+\s+RespReason\s+(?<reason>.*)/.match(reason)
|
|
114
|
+
reasons.push(match['reason'])
|
|
115
115
|
end
|
|
116
116
|
if index == response_reason.size - 1
|
|
117
117
|
event.set("RespReason", reasons)
|
|
118
118
|
end
|
|
119
119
|
end
|
|
120
|
-
|
|
120
|
+
|
|
121
121
|
if @message
|
|
122
122
|
# Replace the event message with our message as configured in the
|
|
123
123
|
# config file.
|
|
@@ -127,4 +127,9 @@ class LogStash::Filters::Varnishlog < LogStash::Filters::Base
|
|
|
127
127
|
# filter_matched should go in the last line of our successful code
|
|
128
128
|
filter_matched(event)
|
|
129
129
|
end # def filter
|
|
130
|
+
|
|
131
|
+
private
|
|
132
|
+
def normalize_fields(name)
|
|
133
|
+
name.capitalize.gsub(/[_-](\w)/){$1.upcase} if @normalize_fieldnames
|
|
134
|
+
end
|
|
130
135
|
end # class LogStash::Filters::Varnishlog
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
s.name = 'logstash-filter-varnishlog'
|
|
3
|
-
s.version = '0.1.
|
|
3
|
+
s.version = '0.1.6'
|
|
4
4
|
s.licenses = ['Apache License (2.0)']
|
|
5
5
|
s.summary = 'A logstash plugin reading varnishlog output'
|
|
6
6
|
s.description = 'logstash filter plugin reading varnishlog grouped by id'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-filter-varnishlog
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Christian Herweg
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-03-
|
|
11
|
+
date: 2018-03-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|