logstash-input-cloudflare_logs 0.1.10 → 0.1.11

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/logstash/inputs/cloudflare_logs.rb +9 -5
  3. data/logstash-input-cloudflare-logs.gemspec +2 -1
  4. data/spec/fixtures/vcr_cassettes/error.yml +52 -0
  5. data/spec/inputs/cloudflare-logs_spec.rb +10 -4
  6. data/spec/inputs/cloudflare_access_spec.rb +26 -0
  7. data/spec/tmp/metadata.json +1 -0
  8. metadata +20 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b2e7718a2db8c32d7b87f6a6952b26558069b1df
4
- data.tar.gz: 719dbb75a6a5088e2b3ad06784ff143350e7726f
3
+ metadata.gz: 774d459f36cd5d6aa1c570f3c6bf7f900a14fa84
4
+ data.tar.gz: 5704d3a50ee2c3baddb254af75dbb3bcd7569df5
5
5
  SHA512:
6
- metadata.gz: 29b431afd92e56a57385c574793cdcdeacca6939c76dcf0ce22196f5d53638db49b01139827290051c1a108d172b69dd1d7eef1491c704a3cbfc203ad1b37940
7
- data.tar.gz: 023d9bb7b455afe0e69a4ee679748312a9a86bfd86c807462a4732b0195d1d712502cc5a20540e978726e9956c894d4b987c21084b899d6d827b5e4744a21d7a
6
+ metadata.gz: 9c18dcc7c4d292d7c8162c8b96674a7bcc21b105919705b3828fc9c205688aaa81c7eae8304c7bfaeee48f63612c0ee9013ca036bf667009126fe5850470eea8
7
+ data.tar.gz: d4e3f3193c31c13b0729e0d7449e0b7932cb5061c51920336f6eb9580b8de830eab54fde10f5e4ce530ecd9ad57d61b4f4a1c50516909a9e70c3852f7f2e72e5
data/lib/logstash/inputs/cloudflare_logs.rb CHANGED
@@ -54,10 +54,13 @@ class CloudflareAccess
54
54
  end
55
55
 
56
56
  def logs
57
- @logger.warn('starting to get logs')
58
- results = RestClient.get("https://api.cloudflare.com/client/v4/zones/#{domain}/logs/received?start=#{start_time}&end=#{end_time}&fields=#{fields.join(',')}", 'X-Auth-Email' => auth_email, 'X-Auth-Key' => auth_key)
59
- @logger.warn('got logs')
60
- results.body.split("\n").collect { |raw_log| JSON.parse(raw_log) }
57
+ begin
58
+ results = RestClient.get("https://api.cloudflare.com/client/v4/zones/#{domain}/logs/received?start=#{start_time}&end=#{end_time}&fields=#{fields.join(',')}", 'X-Auth-Email' => auth_email, 'X-Auth-Key' => auth_key)
59
+ results.body.split("\n").collect { |raw_log| JSON.parse(raw_log) }
60
+ rescue RestClient::BadRequest => error
61
+ @logger.error(error.response.strip)
62
+ raise error
63
+ end
61
64
  end
62
65
  end
63
66
 
@@ -92,12 +95,13 @@ class LogStash::Inputs::CloudflareLogs < LogStash::Inputs::Base
92
95
  log['fields.type'] = 'cloudflare'
93
96
  log['fields.env'] = @environment_name
94
97
  event = LogStash::Event.new(log)
95
- event.timestamp= LogStash::Timestamp.at(log['EdgeStartTimestamp'].to_i/1_000_000_000)
98
+ event.timestamp= LogStash::Timestamp.at(log['EdgeStartTimestamp'].to_i / 1_000_000_000)
96
99
  decorate(event)
97
100
  queue << event
98
101
  end
99
102
 
100
103
  cloudflare_access.update_metadata_file('start_time', cloudflare_access.end_time)
104
+ @access = nil
101
105
  end
102
106
 
103
107
  def run(queue)
data/logstash-input-cloudflare-logs.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = 'logstash-input-cloudflare_logs'
3
- s.version = '0.1.10'
3
+ s.version = '0.1.11'
4
4
  s.licenses = ['Apache License (2.0)']
5
5
  s.summary = 'write cloudflare logs to logstash'
6
6
  s.description = 'Write cloudflare lgos to logstash.' \
@@ -39,4 +39,5 @@ Gem::Specification.new do |s|
39
39
  s.add_development_dependency 'webmock'
40
40
  s.add_development_dependency 'vcr', '> 3.0.0', '< 4.0.0'
41
41
  s.add_development_dependency 'timecop'
42
+ s.add_development_dependency 'pry'
42
43
  end
data/spec/fixtures/vcr_cassettes/error.yml ADDED
@@ -0,0 +1,52 @@
1
+ ---
2
+ http_interactions:
3
+ - request:
4
+ method: get
5
+ uri: https://api.cloudflare.com/client/v4/zones/11/logs/received?end=2017-10-9T23:55:00Z&fields=CacheCacheStatus,CacheResponseBytes,CacheResponseStatus,ClientASN,ClientCountry,ClientDeviceType,ClientIP,ClientIPClass,ClientRequestBytes,ClientRequestHost,ClientRequestMethod,ClientRequestProtocol,ClientRequestReferer,ClientRequestURI,ClientRequestUserAgent,ClientSSLCipher,ClientSSLProtocol,ClientSrcPort,EdgeColoID,EdgeEndTimestamp,EdgePathingStatus,EdgeResponseBytes,EdgeResponseCompressionRatio,EdgeResponseStatus,EdgeStartTimestamp,OriginIP,OriginResponseBytes,OriginResponseHTTPExpires,OriginResponseHTTPLastModified,OriginResponseStatus,OriginResponseTime,RayID,WAFAction,WAFRuleID,ZoneID&start=2017-10-10T23:54:57Z
6
+ body:
7
+ encoding: US-ASCII
8
+ string: ''
9
+ headers:
10
+ Accept:
11
+ - "*/*; q=0.5, application/xml"
12
+ Accept-Encoding:
13
+ - gzip, deflate
14
+ X-Auth-Email:
15
+ - test@test.com
16
+ X-Auth-Key:
17
+ - secret
18
+ User-Agent:
19
+ - Ruby
20
+ response:
21
+ status:
22
+ code: 400
23
+ message: Bad Request
24
+ headers:
25
+ Date:
26
+ - Tue, 21 Nov 2017 15:06:13 GMT
27
+ Content-Type:
28
+ - application/json
29
+ Transfer-Encoding:
30
+ - chunked
31
+ Connection:
32
+ - keep-alive
33
+ Set-Cookie:
34
+ - __cfduid=dbe9fc98db8aa0e054f739756baf7f9c51511276772; expires=Wed, 21-Nov-18
35
+ 15:06:12 GMT; path=/; domain=.cloudflare.com; HttpOnly
36
+ Strict-Transport-Security:
37
+ - max-age=15780000; includeSubDomains
38
+ Served-In-Seconds:
39
+ - '0.112'
40
+ Server:
41
+ - cloudflare-nginx
42
+ Cf-Ray:
43
+ - 3c148d370c0838ac-ATL
44
+ body:
45
+ encoding: UTF-8
46
+ string: '{"success":false,"errors":[{"code":10000,"message":"Authentication
47
+ error"}]}
48
+
49
+ '
50
+ http_version:
51
+ recorded_at: Tue, 21 Nov 2017 15:06:13 GMT
52
+ recorded_with: VCR 3.0.3
data/spec/inputs/cloudflare-logs_spec.rb CHANGED
@@ -2,6 +2,7 @@
2
2
 
3
3
  require "#{File.expand_path(File.dirname(__FILE__))}/../spec_helper"
4
4
  require 'logstash/inputs/cloudflare_logs'
5
+ require 'pry'
5
6
 
6
7
  describe LogStash::Inputs::CloudflareLogs do
7
8
  describe '#run' do
@@ -9,24 +10,29 @@ describe LogStash::Inputs::CloudflareLogs do
9
10
  allow_any_instance_of(LogStash::Inputs::CloudflareLogs).to receive(:process_logs).and_return([])
10
11
  end
11
12
  it_behaves_like 'an interruptible input plugin' do
12
- let(:config) { { 'interval' => 100, 'auth_email' => 'test@test.com', 'auth_key' => 'test', 'domain_key' => 'asdf' } }
13
+ let(:config) { { 'metadata_file' => "#{File.expand_path(File.dirname(__FILE__))}/../tmp/metadata.json", 'interval' => 100, 'auth_email' => 'test@test.com', 'auth_key' => 'test', 'domain_key' => 'asdf' } }
13
14
  end
14
15
  end
15
16
 
16
17
  describe '#process_logs' do
17
- let(:config) { { 'interval' => 100, 'auth_email' => 'test@test.com', 'auth_key' => 'test', 'domain_key' => 'asdf' } }
18
+ let(:config) { { 'metadata_file' => "#{File.expand_path(File.dirname(__FILE__))}/../tmp/metadata.json", 'interval' => 100, 'auth_email' => 'test@test.com', 'auth_key' => 'test', 'domain_key' => 'asdf' } }
18
19
  let(:queue) { double(:queue, :<< => 'test') }
19
20
  before(:each) { allow_any_instance_of(CloudflareAccess).to receive(:logs).and_return([{ a: 1 }]) }
20
21
  let(:plugin) { described_class.new(config) }
21
22
  subject { plugin.process_logs(queue) }
23
+ before :each do
24
+ event = double(LogStash::Event)
25
+ allow(event).to receive(:timestamp=)
26
+ # allow(LogStash::Event).to receive(:new).and_return(event)
27
+ end
22
28
 
23
29
  it 'should create each log event' do
24
- expect(LogStash::Event).to receive(:new).with(a: 1)
30
+ expect(LogStash::Event).to receive(:new).with(a: 1, 'fields.type' => 'cloudflare', 'fields.env' => nil).and_return(LogStash::Event.new)
25
31
  subject
26
32
  end
27
33
 
28
34
  it 'should create each log event' do
29
- expect(LogStash::Event).to receive(:new).with(a: 1)
35
+ expect(LogStash::Event).to receive(:new).with(a: 1, 'fields.type' => 'cloudflare', 'fields.env' => nil).and_return(LogStash::Event.new)
30
36
  subject
31
37
  end
32
38
 
data/spec/inputs/cloudflare_access_spec.rb CHANGED
@@ -2,13 +2,17 @@
2
2
  require 'json'
3
3
  require "#{File.expand_path(File.dirname(__FILE__))}/../spec_helper"
4
4
  require 'logstash/inputs/cloudflare_logs'
5
+ require 'pry'
5
6
 
6
7
  describe CloudflareAccess do
7
8
  let(:meta_filename) { "#{File.expand_path(File.dirname(__FILE__))}/../tmp/metadata.json" }
9
+ let(:logger) { logger = double() }
10
+
8
11
  let(:cloudflare_access) do
9
12
  CloudflareAccess.new(auth_email: 'test@test.com',
10
13
  auth_key: 'secret',
11
14
  domain: '11',
15
+ logger: logger,
12
16
  metadata_file: meta_filename)
13
17
  end
14
18
 
@@ -101,5 +105,27 @@ describe CloudflareAccess do
101
105
  it 'should return each item as a hash' do
102
106
  expect(subject.first).to be_instance_of(Hash)
103
107
  end
108
+
109
+ describe 'connection failure' do
110
+ before do
111
+ allow(cloudflare_access).to receive(:end_time).and_return('2017-10-9T23:55:00Z')
112
+ end
113
+
114
+ subject do
115
+ VCR.use_cassette(:error) do
116
+ cloudflare_access.logs
117
+ end
118
+ end
119
+
120
+ it 'should raise an error' do
121
+ allow(logger).to receive(:error)
122
+ expect { subject }.to raise_error(RestClient::BadRequest)
123
+ end
124
+
125
+ it 'should log a descriptive error' do
126
+ expect(logger).to receive(:error).with("{\"success\":false,\"errors\":[{\"code\":10000,\"message\":\"Authentication error\"}]}")
127
+ expect { subject }.to raise_error(RestClient::BadRequest)
128
+ end
129
+ end
104
130
  end
105
131
  end
data/spec/tmp/metadata.json ADDED
@@ -0,0 +1 @@
1
+ {"start_time":"2017-11-20 10:37:08 -0500"}
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-input-cloudflare_logs
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.10
4
+ version: 0.1.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josh Moore
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-10-30 00:00:00.000000000 Z
11
+ date: 2017-11-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -128,6 +128,20 @@ dependencies:
128
128
  - - ">="
129
129
  - !ruby/object:Gem::Version
130
130
  version: '0'
131
+ - !ruby/object:Gem::Dependency
132
+ requirement: !ruby/object:Gem::Requirement
133
+ requirements:
134
+ - - ">="
135
+ - !ruby/object:Gem::Version
136
+ version: '0'
137
+ name: pry
138
+ prerelease: false
139
+ type: :development
140
+ version_requirements: !ruby/object:Gem::Requirement
141
+ requirements:
142
+ - - ">="
143
+ - !ruby/object:Gem::Version
144
+ version: '0'
131
145
  description: Write cloudflare lgos to logstash. This requires an Enterprise account
132
146
  with cloudflare
133
147
  email: joshsmoore@gmail.com
@@ -143,10 +157,12 @@ files:
143
157
  - README.md
144
158
  - lib/logstash/inputs/cloudflare_logs.rb
145
159
  - logstash-input-cloudflare-logs.gemspec
160
+ - spec/fixtures/vcr_cassettes/error.yml
146
161
  - spec/fixtures/vcr_cassettes/logs.yml
147
162
  - spec/inputs/cloudflare-logs_spec.rb
148
163
  - spec/inputs/cloudflare_access_spec.rb
149
164
  - spec/spec_helper.rb
165
+ - spec/tmp/metadata.json
150
166
  homepage: https://github.com/resumecompanion/logstash-input-cloudflare-logs
151
167
  licenses:
152
168
  - Apache License (2.0)
@@ -174,7 +190,9 @@ signing_key:
174
190
  specification_version: 4
175
191
  summary: write cloudflare logs to logstash
176
192
  test_files:
193
+ - spec/fixtures/vcr_cassettes/error.yml
177
194
  - spec/fixtures/vcr_cassettes/logs.yml
178
195
  - spec/inputs/cloudflare-logs_spec.rb
179
196
  - spec/inputs/cloudflare_access_spec.rb
180
197
  - spec/spec_helper.rb
198
+ - spec/tmp/metadata.json