RubyGems - logstash-filter-weblookup - Versions diffs - 0.1.0 → 0.1.1 - Mend

logstash-filter-weblookup 0.1.0 → 0.1.1

Files changed (4) hide show

checksums.yaml +4 -4
data/lib/logstash/filters/weblookup.rb +28 -12
data/logstash-filter-weblookup.gemspec +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: a1c310e4e0feb0bf4c56096f6e5bad6a720df01f4ebd66f868b5ddc97d0052c6
-  data.tar.gz: 37b23ae97012cf03a00b9c07226da8ee51d363b546ad21978e3a4b795b68d597
+  metadata.gz: 2c96b1c02dc9936abcbed2834158d6df2d37b65423b92e0ddc0fb676b77c4b00
+  data.tar.gz: 49283b96b0ab8c0f00638c965897e01c0a6f29d8a413b7275bbe650c804849fb
 SHA512:
-  metadata.gz: 8151672a15f02a90c590de31ded5968896e68b1e5aaf6809beae5e8f803629c749c5949dacd5c8c5a77fbceca847d40c74d7c4a5c6fd86c2e776b9085694dbbd
-  data.tar.gz: b48a47c202874450f09d6d1e5390cf4ac123917ecf48283b4271e87b0eb31d19c1fd767b14cf9ef09299cd7a88ddc4bdf5e01305ddbdbe741ef4ff3787c0b4ca
+  metadata.gz: fba0a7b28e64f24b4cc9733a161a7a368579edc0f0de2317992ee530811c196d11bef2f8fc2a328745f7c9b7cb531748d27f4632486171659f3fecfb0c0f5f26
+  data.tar.gz: 50517ea043a5b254db9e74ffed413d2cdaf0f6b4c3bb3ee1ce3890288b69be7fc1bc9591b50fec9649f49b18d96b99fe6d3df73673194060bcba44f4ce51179f

data/lib/logstash/filters/weblookup.rb CHANGED Viewed

@@ -42,7 +42,11 @@ class LogStash::Filters::Webookup < LogStash::Filters::Base
   config :use_redis, :validate => :boolean, :required => false, :default => false
   config :redis_path, :validate => :string, :required => false
   config :redis_expiry, :validate => :number, :required => false, :default => 604800
+  # Optional simplify the message by moving a field to be the new root of the message
   config :normalize, :validate => :boolean, :required => false, :default => false
+  config :newroot, :validate => :string, :required => false
+  config :roottostrip, :validate => :string, :required => false
   HTTP_OPTIONS = {
       keep_alive_timeout: 300
@@ -68,6 +72,7 @@ def register
             @logger.error("Configuration error, there must be an equal amount of destinations and fields, defaulting to using the field as a root for the new values. e.g. if the lookup is done on the value of [\"ClientIP\"] the destination will be [\"ClientIP\"][\"Key\"]")
             destinations=fields
         end
+        # add case destination is empty to put the result in under the same field
     end
     # http connectionpool
@@ -79,7 +84,7 @@ def register
     # find the key where the value is <item>, otherwise just use the value
     @params = @uri.query_values(Hash)
     @params.each do |key, value|
-        if value="\<item\>"
+        if value == "\<item\>"
             @ip=key
 	    @params.delete(key)
 	    logger.info("the ip key in the uri is #{@ip}")
@@ -107,6 +112,9 @@ def filter(event)
             event.set("["+destinations[index]+"]", json)
         end
     end
+    if @normalize
+        replant(event, @newroot)
+    end
     # filter_matched should go in the last line of our successful code
     filter_matched(event)
 end # def filter
@@ -152,29 +160,37 @@ def find(item)
     return res
 end
+# for legacy
 def normalize(event)
-      event.set("net", JSON.parse(net))
-      event.get("[records][properties]").each {|k, v| event.set(k, v) }
-      event.remove("[records]")
-      event.remove("[message]")
-      return event
+    event.set("net", JSON.parse(net))
+    event.get("[records][properties]").each {|k, v| event.set(k, v) }
+    event.remove("[records]")
+    event.remove("[message]")
+    return event
+end
+def replant(event, newroot)
+    @logger.debug("event: #{event.get(newroot)}")
+    event.get(newroot).each {|k, v| event.set(k, v) }
+    event.remove(@roottostrip)
+    return event
 end
 # From https://github.com/angel9484/logstash-filter-lookup
-  def json_loader(data)
+def json_loader(data)
     get_map.merge!(JSON.parse(File.read(data)))
-  end
+end
-  def csv_loader(data)
+def csv_loader(data)
     data = CSV.read(data).inject(Hash.new) do |acc, v|
       acc[v[0]] = v[1]
       acc
     end
     get_map.merge!(data)
-  end
+end
-  def yml_loader(data)
+def yml_loader(data)
     get_map.merge!(YAML.load_file(data))
-  end
+end
 end # class LogStash::Filters::Lookup

data/logstash-filter-weblookup.gemspec CHANGED Viewed

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name          = 'logstash-filter-weblookup'
-  s.version       = '0.1.0'
+  s.version       = '0.1.1'
   s.licenses      = ['Apache-2.0']
   s.summary       = 'This logstash filter plugin takes one or more fields and enriches with a lookup value from a list, redis cache or webservice'
   s.description   = <<-EOF

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-filter-weblookup
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
 platform: ruby
 authors:
 - Jan Geertsma
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-05-13 00:00:00.000000000 Z
+date: 2019-10-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement