logstash-input-cloudflare_logs 0.1.10 → 0.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/logstash/inputs/cloudflare_logs.rb +9 -5
  3. data/logstash-input-cloudflare-logs.gemspec +2 -1
  4. data/spec/fixtures/vcr_cassettes/error.yml +52 -0
  5. data/spec/inputs/cloudflare-logs_spec.rb +10 -4
  6. data/spec/inputs/cloudflare_access_spec.rb +26 -0
  7. data/spec/tmp/metadata.json +1 -0
  8. metadata +20 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b2e7718a2db8c32d7b87f6a6952b26558069b1df
4
- data.tar.gz: 719dbb75a6a5088e2b3ad06784ff143350e7726f
3
+ metadata.gz: 774d459f36cd5d6aa1c570f3c6bf7f900a14fa84
4
+ data.tar.gz: 5704d3a50ee2c3baddb254af75dbb3bcd7569df5
5
5
  SHA512:
6
- metadata.gz: 29b431afd92e56a57385c574793cdcdeacca6939c76dcf0ce22196f5d53638db49b01139827290051c1a108d172b69dd1d7eef1491c704a3cbfc203ad1b37940
7
- data.tar.gz: 023d9bb7b455afe0e69a4ee679748312a9a86bfd86c807462a4732b0195d1d712502cc5a20540e978726e9956c894d4b987c21084b899d6d827b5e4744a21d7a
6
+ metadata.gz: 9c18dcc7c4d292d7c8162c8b96674a7bcc21b105919705b3828fc9c205688aaa81c7eae8304c7bfaeee48f63612c0ee9013ca036bf667009126fe5850470eea8
7
+ data.tar.gz: d4e3f3193c31c13b0729e0d7449e0b7932cb5061c51920336f6eb9580b8de830eab54fde10f5e4ce530ecd9ad57d61b4f4a1c50516909a9e70c3852f7f2e72e5
data/lib/logstash/inputs/cloudflare_logs.rb CHANGED
@@ -54,10 +54,13 @@ class CloudflareAccess
54
54
  end
55
55
 
56
56
  def logs
57
- @logger.warn('starting to get logs')
58
- results = RestClient.get("https://api.cloudflare.com/client/v4/zones/#{domain}/logs/received?start=#{start_time}&end=#{end_time}&fields=#{fields.join(',')}", 'X-Auth-Email' => auth_email, 'X-Auth-Key' => auth_key)
59
- @logger.warn('got logs')
60
- results.body.split("\n").collect { |raw_log| JSON.parse(raw_log) }
57
+ begin
58
+ results = RestClient.get("https://api.cloudflare.com/client/v4/zones/#{domain}/logs/received?start=#{start_time}&end=#{end_time}&fields=#{fields.join(',')}", 'X-Auth-Email' => auth_email, 'X-Auth-Key' => auth_key)
59
+ results.body.split("\n").collect { |raw_log| JSON.parse(raw_log) }
60
+ rescue RestClient::BadRequest => error
61
+ @logger.error(error.response.strip)
62
+ raise error
63
+ end
61
64
  end
62
65
  end
63
66
 
@@ -92,12 +95,13 @@ class LogStash::Inputs::CloudflareLogs < LogStash::Inputs::Base
92
95
  log['fields.type'] = 'cloudflare'
93
96
  log['fields.env'] = @environment_name
94
97
  event = LogStash::Event.new(log)
95
- event.timestamp= LogStash::Timestamp.at(log['EdgeStartTimestamp'].to_i/1_000_000_000)
98
+ event.timestamp= LogStash::Timestamp.at(log['EdgeStartTimestamp'].to_i / 1_000_000_000)
96
99
  decorate(event)
97
100
  queue << event
98
101
  end
99
102
 
100
103
  cloudflare_access.update_metadata_file('start_time', cloudflare_access.end_time)
104
+ @access = nil
101
105
  end
102
106
 
103
107
  def run(queue)
data/logstash-input-cloudflare-logs.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = 'logstash-input-cloudflare_logs'
3
- s.version = '0.1.10'
3
+ s.version = '0.1.11'
4
4
  s.licenses = ['Apache License (2.0)']
5
5
  s.summary = 'write cloudflare logs to logstash'
6
6
  s.description = 'Write cloudflare lgos to logstash.' \
@@ -39,4 +39,5 @@ Gem::Specification.new do |s|
39
39
  s.add_development_dependency 'webmock'
40
40
  s.add_development_dependency 'vcr', '> 3.0.0', '< 4.0.0'
41
41
  s.add_development_dependency 'timecop'
42
+ s.add_development_dependency 'pry'
42
43
  end
data/spec/fixtures/vcr_cassettes/error.yml ADDED
@@ -0,0 +1,52 @@
1
+ ---
2
+ http_interactions:
3
+ - request:
4
+ method: get
5
+ uri: https://api.cloudflare.com/client/v4/zones/11/logs/received?end=2017-10-9T23:55:00Z&fields=CacheCacheStatus,CacheResponseBytes,CacheResponseStatus,ClientASN,ClientCountry,ClientDeviceType,ClientIP,ClientIPClass,ClientRequestBytes,ClientRequestHost,ClientRequestMethod,ClientRequestProtocol,ClientRequestReferer,ClientRequestURI,ClientRequestUserAgent,ClientSSLCipher,ClientSSLProtocol,ClientSrcPort,EdgeColoID,EdgeEndTimestamp,EdgePathingStatus,EdgeResponseBytes,EdgeResponseCompressionRatio,EdgeResponseStatus,EdgeStartTimestamp,OriginIP,OriginResponseBytes,OriginResponseHTTPExpires,OriginResponseHTTPLastModified,OriginResponseStatus,OriginResponseTime,RayID,WAFAction,WAFRuleID,ZoneID&start=2017-10-10T23:54:57Z
6
+ body:
7
+ encoding: US-ASCII
8
+ string: ''
9
+ headers:
10
+ Accept:
11
+ - "*/*; q=0.5, application/xml"
12
+ Accept-Encoding:
13
+ - gzip, deflate
14
+ X-Auth-Email:
15
+ - test@test.com
16
+ X-Auth-Key:
17
+ - secret
18
+ User-Agent:
19
+ - Ruby
20
+ response:
21
+ status:
22
+ code: 400
23
+ message: Bad Request
24
+ headers:
25
+ Date:
26
+ - Tue, 21 Nov 2017 15:06:13 GMT
27
+ Content-Type:
28
+ - application/json
29
+ Transfer-Encoding:
30
+ - chunked
31
+ Connection:
32
+ - keep-alive
33
+ Set-Cookie:
34
+ - __cfduid=dbe9fc98db8aa0e054f739756baf7f9c51511276772; expires=Wed, 21-Nov-18
35
+ 15:06:12 GMT; path=/; domain=.cloudflare.com; HttpOnly
36
+ Strict-Transport-Security:
37
+ - max-age=15780000; includeSubDomains
38
+ Served-In-Seconds:
39
+ - '0.112'
40
+ Server:
41
+ - cloudflare-nginx
42
+ Cf-Ray:
43
+ - 3c148d370c0838ac-ATL
44
+ body:
45
+ encoding: UTF-8
46
+ string: '{"success":false,"errors":[{"code":10000,"message":"Authentication
47
+ error"}]}
48
+
49
+ '
50
+ http_version:
51
+ recorded_at: Tue, 21 Nov 2017 15:06:13 GMT
52
+ recorded_with: VCR 3.0.3
data/spec/inputs/cloudflare-logs_spec.rb CHANGED
@@ -2,6 +2,7 @@
2
2
 
3
3
  require "#{File.expand_path(File.dirname(__FILE__))}/../spec_helper"
4
4
  require 'logstash/inputs/cloudflare_logs'
5
+ require 'pry'
5
6
 
6
7
  describe LogStash::Inputs::CloudflareLogs do
7
8
  describe '#run' do
@@ -9,24 +10,29 @@ describe LogStash::Inputs::CloudflareLogs do
9
10
  allow_any_instance_of(LogStash::Inputs::CloudflareLogs).to receive(:process_logs).and_return([])
10
11
  end
11
12
  it_behaves_like 'an interruptible input plugin' do
12
- let(:config) { { 'interval' => 100, 'auth_email' => 'test@test.com', 'auth_key' => 'test', 'domain_key' => 'asdf' } }
13
+ let(:config) { { 'metadata_file' => "#{File.expand_path(File.dirname(__FILE__))}/../tmp/metadata.json", 'interval' => 100, 'auth_email' => 'test@test.com', 'auth_key' => 'test', 'domain_key' => 'asdf' } }
13
14
  end
14
15
  end
15
16
 
16
17
  describe '#process_logs' do
17
- let(:config) { { 'interval' => 100, 'auth_email' => 'test@test.com', 'auth_key' => 'test', 'domain_key' => 'asdf' } }
18
+ let(:config) { { 'metadata_file' => "#{File.expand_path(File.dirname(__FILE__))}/../tmp/metadata.json", 'interval' => 100, 'auth_email' => 'test@test.com', 'auth_key' => 'test', 'domain_key' => 'asdf' } }
18
19
  let(:queue) { double(:queue, :<< => 'test') }
19
20
  before(:each) { allow_any_instance_of(CloudflareAccess).to receive(:logs).and_return([{ a: 1 }]) }
20
21
  let(:plugin) { described_class.new(config) }
21
22
  subject { plugin.process_logs(queue) }
23
+ before :each do
24
+ event = double(LogStash::Event)
25
+ allow(event).to receive(:timestamp=)
26
+ # allow(LogStash::Event).to receive(:new).and_return(event)
27
+ end
22
28
 
23
29
  it 'should create each log event' do
24
- expect(LogStash::Event).to receive(:new).with(a: 1)
30
+ expect(LogStash::Event).to receive(:new).with(a: 1, 'fields.type' => 'cloudflare', 'fields.env' => nil).and_return(LogStash::Event.new)
25
31
  subject
26
32
  end
27
33
 
28
34
  it 'should create each log event' do
29
- expect(LogStash::Event).to receive(:new).with(a: 1)
35
+ expect(LogStash::Event).to receive(:new).with(a: 1, 'fields.type' => 'cloudflare', 'fields.env' => nil).and_return(LogStash::Event.new)
30
36
  subject
31
37
  end
32
38
 
data/spec/inputs/cloudflare_access_spec.rb CHANGED
@@ -2,13 +2,17 @@
2
2
  require 'json'
3
3
  require "#{File.expand_path(File.dirname(__FILE__))}/../spec_helper"
4
4
  require 'logstash/inputs/cloudflare_logs'
5
+ require 'pry'
5
6
 
6
7
  describe CloudflareAccess do
7
8
  let(:meta_filename) { "#{File.expand_path(File.dirname(__FILE__))}/../tmp/metadata.json" }
9
+ let(:logger) { logger = double() }
10
+
8
11
  let(:cloudflare_access) do
9
12
  CloudflareAccess.new(auth_email: 'test@test.com',
10
13
  auth_key: 'secret',
11
14
  domain: '11',
15
+ logger: logger,
12
16
  metadata_file: meta_filename)
13
17
  end
14
18
 
@@ -101,5 +105,27 @@ describe CloudflareAccess do
101
105
  it 'should return each item as a hash' do
102
106
  expect(subject.first).to be_instance_of(Hash)
103
107
  end
108
+
109
+ describe 'connection failure' do
110
+ before do
111
+ allow(cloudflare_access).to receive(:end_time).and_return('2017-10-9T23:55:00Z')
112
+ end
113
+
114
+ subject do
115
+ VCR.use_cassette(:error) do
116
+ cloudflare_access.logs
117
+ end
118
+ end
119
+
120
+ it 'should raise an error' do
121
+ allow(logger).to receive(:error)
122
+ expect { subject }.to raise_error(RestClient::BadRequest)
123
+ end
124
+
125
+ it 'should log a descriptive error' do
126
+ expect(logger).to receive(:error).with("{\"success\":false,\"errors\":[{\"code\":10000,\"message\":\"Authentication error\"}]}")
127
+ expect { subject }.to raise_error(RestClient::BadRequest)
128
+ end
129
+ end
104
130
  end
105
131
  end
data/spec/tmp/metadata.json ADDED
@@ -0,0 +1 @@
1
+ {"start_time":"2017-11-20 10:37:08 -0500"}
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-input-cloudflare_logs
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.10
4
+ version: 0.1.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - Josh Moore
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-10-30 00:00:00.000000000 Z
11
+ date: 2017-11-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -128,6 +128,20 @@ dependencies:
128
128
  - - ">="
129
129
  - !ruby/object:Gem::Version
130
130
  version: '0'
131
+ - !ruby/object:Gem::Dependency
132
+ requirement: !ruby/object:Gem::Requirement
133
+ requirements:
134
+ - - ">="
135
+ - !ruby/object:Gem::Version
136
+ version: '0'
137
+ name: pry
138
+ prerelease: false
139
+ type: :development
140
+ version_requirements: !ruby/object:Gem::Requirement
141
+ requirements:
142
+ - - ">="
143
+ - !ruby/object:Gem::Version
144
+ version: '0'
131
145
  description: Write cloudflare lgos to logstash. This requires an Enterprise account
132
146
  with cloudflare
133
147
  email: joshsmoore@gmail.com
@@ -143,10 +157,12 @@ files:
143
157
  - README.md
144
158
  - lib/logstash/inputs/cloudflare_logs.rb
145
159
  - logstash-input-cloudflare-logs.gemspec
160
+ - spec/fixtures/vcr_cassettes/error.yml
146
161
  - spec/fixtures/vcr_cassettes/logs.yml
147
162
  - spec/inputs/cloudflare-logs_spec.rb
148
163
  - spec/inputs/cloudflare_access_spec.rb
149
164
  - spec/spec_helper.rb
165
+ - spec/tmp/metadata.json
150
166
  homepage: https://github.com/resumecompanion/logstash-input-cloudflare-logs
151
167
  licenses:
152
168
  - Apache License (2.0)
@@ -174,7 +190,9 @@ signing_key:
174
190
  specification_version: 4
175
191
  summary: write cloudflare logs to logstash
176
192
  test_files:
193
+ - spec/fixtures/vcr_cassettes/error.yml
177
194
  - spec/fixtures/vcr_cassettes/logs.yml
178
195
  - spec/inputs/cloudflare-logs_spec.rb
179
196
  - spec/inputs/cloudflare_access_spec.rb
180
197
  - spec/spec_helper.rb
198
+ - spec/tmp/metadata.json