logstash-input-cloudwatch_logs 1.0.0.pre.3 → 1.0.0.rc1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1609b955d44c5cf6fb13e2ef341dce96fd7d79ec
-  data.tar.gz: f4ce33514097bc7495097557fd263c384723e948
+  metadata.gz: f3c086f123d992aed90c4ca3f3f9e32561d8d14b
+  data.tar.gz: f8a299987d5ea86dac1aeccadb1061de883b21e1
 SHA512:
-  metadata.gz: 8364a0350d31f9ab5b64bf4e4789eca9028d2c58092659f3129ee92e0132fd1b928693329e1fa379e1d0cc66f7858b2c142ac6842ea69a5f868f42680c69391a
-  data.tar.gz: 999de5c022c9160bd252826921065463a0165703e9cfc83c32e9df2420980bad0e330ce60c2b23b8fe9934f3265ba2a610acd7173bdcd4287515656ca4dc84bf
+  metadata.gz: 2efff01f11400ad57da03596b97335c8b7c095e29d0b05b0b5d5abb5b50e277514962d6970bd2eced47f76493fd8dd7e2bb5d850da6e0e6b5d7049dce6c7b00b
+  data.tar.gz: 591d042bfdcbe403d64d1335f2911db0224797f5a70474ec4f748f68cd468de07080f556a9a14b0450b8f3aad97adb50c0046f91f47f2cb5a37d42221edaecd9

data/CHANGELOG.md

@@ -1,5 +1,9 @@
 # Release Notes for `logstash-input-cloudwatch_logs`
 
+## v1.0.0.rc1 Release Candidate 1 (2017-07-02)
+* Ensure the plugin stops properly
+* Implement `start_position` setting ([#28](https://github.com/lukewaite/logstash-input-cloudwatch-logs/issues/28))
+
 ## v1.0.0.pre3 Pre-Release 3 (2017-06-28)
 * Fix call to `filter_log_events` which had been limited to 10 events per call for debugging
 

data/DEVELOPER.md

@@ -0,0 +1,86 @@
+# Logstash Plugin
+
+This is a plugin for [Logstash](https://github.com/elasticsearch/logstash).
+
+It is fully free and fully open source. The license is Apache 2.0, meaning you are pretty much free to use it however you want in whatever way.
+
+## Documentation
+
+Logstash provides infrastructure to automatically generate documentation for this plugin. We use the asciidoc format to write documentation so any comments in the source code will be first converted into asciidoc and then into html. All plugin documentation are placed under one [central location](http://www.elasticsearch.org/guide/en/logstash/current/).
+
+- For formatting code or config example, you can use the asciidoc `[source,ruby]` directive
+- For more asciidoc formatting tips, see the excellent reference here https://github.com/elasticsearch/docs#asciidoc-guide
+
+## Need Help?
+
+Need help? Try #logstash on freenode IRC or the https://discuss.elastic.co/c/logstash discussion forum.
+
+## Developing
+
+### 1. Plugin Developement and Testing
+
+#### Code
+- To get started, you'll need JRuby with the Bundler gem installed.
+
+- Create a new plugin or clone and existing from the GitHub [logstash-plugins](https://github.com/logstash-plugins) organization. We also provide [example plugins](https://github.com/logstash-plugins?query=example).
+
+- Install dependencies
+```sh
+bundle install
+```
+
+#### Test
+
+- Update your dependencies
+
+```sh
+bundle install
+```
+
+- Run tests
+
+```sh
+bundle exec rspec
+```
+
+### 2. Running your unpublished Plugin in Logstash
+
+#### 2.1 Run in a local Logstash clone
+
+- Edit Logstash `Gemfile` and add the local plugin path, for example:
+```ruby
+gem "logstash-filter-awesome", :path => "/your/local/logstash-filter-awesome"
+```
+- Install plugin
+```sh
+bin/plugin install --no-verify
+```
+- Run Logstash with your plugin
+```sh
+bin/logstash -e 'filter {awesome {}}'
+```
+At this point any modifications to the plugin code will be applied to this local Logstash setup. After modifying the plugin, simply rerun Logstash.
+
+#### 2.2 Run in an installed Logstash
+
+You can use the same **2.1** method to run your plugin in an installed Logstash by editing its `Gemfile` and pointing the `:path` to your local plugin development directory or you can build the gem and install it using:
+
+- Build your plugin gem
+```sh
+gem build logstash-filter-awesome.gemspec
+```
+- Install the plugin from the Logstash home
+```sh
+bin/plugin install /your/local/plugin/logstash-filter-awesome.gem
+```
+- Start Logstash and proceed to test the plugin
+
+## Contributing
+
+All contributions are welcome: ideas, patches, documentation, bug reports, complaints, and even something you drew up on a napkin.
+
+Programming is not a required skill. Whatever you've seen about open source and maintainers or community members  saying "send patches or die" - you will not see that here.
+
+It is more important to the community that you are able to contribute.
+
+For more information about contributing, see the [CONTRIBUTING](https://github.com/elasticsearch/logstash/blob/master/CONTRIBUTING.md) file.

data/README.md

@@ -5,14 +5,14 @@
 [![Software License][ico-license]](LICENSE.md)
 [![Build Status][ico-travis]][link-travis]
 
-> Stream events from CloudWatch Logs streams.
+> Stream events from CloudWatch Logs.
 
 ### Purpose
-Specify an individual log group, and this plugin will scan
+Specify an individual log group or array of groups, and this plugin will scan
 all log streams in that group, and pull in any new log events.
 
 Optionally, you may set the `log_group_prefix` parameter to true
-which will scan for all log groups matching the specified prefix
+which will scan for all log groups matching the specified prefix(s)
 and ingest all logs available in all of the matching groups.
 
 ## Usage
@@ -20,8 +20,9 @@ and ingest all logs available in all of the matching groups.
 ### Parameters
 | Parameter | Input Type | Required | Default |
 |-----------|------------|----------|---------|
-| log_group | array | Yes | |
+| log_group | string or Array of strings | Yes | |
 | log_group_prefix | boolean | No | `false` |
+| start_position | `beginning`, `end`, or an Integer | No | `beginning` |
 | sincedb_path | string | No | `$HOME/.sincedb*` |
 | interval | number | No | 60 |
 | aws_credentials_file | string | No | |
@@ -31,6 +32,18 @@ and ingest all logs available in all of the matching groups.
 | region | string | No | `us-east-1` |
 | codec | string | No | `plain` |
 
+#### `start_position`
+The `start_position` setting allows you to specify where to begin processing
+a newly encountered log group on plugin boot. Whether the group is 'new' is
+determined by whether or not the log group has a previously existing entry in
+the sincedb file.
+
+Valid options for `start_position` are:
+* `beginning` - Reads from the beginning of the group (default)
+* `end` - Sets the sincedb to now, and reads any new messages going forward
+* Integer - Number of seconds in the past to begin reading at
+
+#### Logstash Default config params
 Other standard logstash parameters are available such as:
 * `add_field`
 * `type`

data/lib/logstash/inputs/cloudwatch_logs.rb

@@ -29,7 +29,7 @@ class LogStash::Inputs::CloudWatch_Logs < LogStash::Inputs::Base
 
   # Log group(s) to use as an input. If `log_group_prefix` is set
   # to `true`, then each member of the array is treated as a prefix
-  config :log_group, :validate => :string, :list => true, :required => true
+  config :log_group, :validate => :string, :list => true
 
   # Where to write the since database (keeps track of the date
   # the last handled log stream was updated). The default will write
@@ -44,6 +44,12 @@ class LogStash::Inputs::CloudWatch_Logs < LogStash::Inputs::Base
   # Decide if log_group is a prefix or an absolute name
   config :log_group_prefix, :validate => :boolean, :default => false
 
+  # When a new log group is encountered at initial plugin start (not already in
+  # sincedb), allow configuration to specify where to begin ingestion on this group.
+  # Valid options are: `beginning`, `end`, or an integer, representing number of
+  # seconds before now to read back from.
+  config :start_position, :default => 'beginning'
+
 
   # def register
   public
@@ -53,6 +59,8 @@ class LogStash::Inputs::CloudWatch_Logs < LogStash::Inputs::Base
     settings = defined?(LogStash::SETTINGS) ? LogStash::SETTINGS : nil
     @sincedb = {}
 
+    check_start_position_validity
+
     Aws::ConfigService::Client.new(aws_options_hash)
     @cloudwatch = Aws::CloudWatchLogs::Client.new(aws_options_hash)
 
@@ -88,21 +96,33 @@ class LogStash::Inputs::CloudWatch_Logs < LogStash::Inputs::Base
 
   end #def register
 
+  public
+  def check_start_position_validity
+    raise LogStash::ConfigurationError, "No start_position specified!" unless @start_position
+
+    return if @start_position =~ /^(beginning|end)$/
+    return if @start_position.is_a? Integer
+
+    raise LogStash::ConfigurationError, "start_position '#{@start_position}' is invalid! Must be `beginning`, `end`, or an integer."
+  end # def check_start_position_validity
+
   # def run
   public
   def run(queue)
     @queue = queue
     _sincedb_open
+    determine_start_position(find_log_groups)
 
-    Stud.interval(@interval) do
+    while !stop?
       groups = find_log_groups
 
       groups.each do |group|
         @logger.debug("calling process_group on #{group}")
         process_group(group)
       end # groups.each
-    end
 
+      Stud.stoppable_sleep(@interval) { stop? }
+    end
   end # def run
 
   public
@@ -127,6 +147,24 @@ class LogStash::Inputs::CloudWatch_Logs < LogStash::Inputs::Base
     groups
   end # def find_log_groups
 
+  public
+  def determine_start_position(groups)
+    groups.each do |group|
+      if !@sincedb.member?(group)
+        case @start_position
+          when 'beginning'
+            @sincedb[group] = 0
+
+          when 'end'
+            @sincedb[group] = DateTime.now.strftime('%Q')
+
+          else
+            @sincedb[group] = DateTime.now.strftime('%Q') - (@start_position * 1000)
+        end # case @start_position
+      end
+    end
+  end # def determine_start_position
+
   private
   def process_group(group)
     next_token = nil

data/logstash-input-cloudwatch_logs.gemspec

@@ -1,7 +1,7 @@
 Gem::Specification.new do |s|
 
   s.name            = 'logstash-input-cloudwatch_logs'
-  s.version         = '1.0.0.pre.3'
+  s.version         = '1.0.0.rc1'
   s.licenses        = ['Apache License (2.0)']
   s.summary         = 'Stream events from CloudWatch Logs.'
   s.description     = 'This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program'

data/spec/inputs/cloudwatch_logs_spec.rb

@@ -1,26 +1,97 @@
 # encoding: utf-8
-require "logstash/devutils/rspec/spec_helper"
-require "logstash/inputs/cloudwatch_logs"
+require 'logstash/devutils/rspec/spec_helper'
+require 'logstash/inputs/cloudwatch_logs'
+require 'aws-sdk-resources'
+require 'aws-sdk'
 
 describe LogStash::Inputs::CloudWatch_Logs do
+  let(:config) {
+    {
+        'access_key_id' => '1234',
+        'secret_access_key' => 'secret',
+        'log_group' => ['sample-log-group'],
+        'region' => 'us-east-1'
+    }
+  }
+
   before do
     Aws.config[:stub_responses] = true
     Thread.abort_on_exception = true
   end
 
+
+  context 'when interrupting the plugin' do
+    let(:config) {super.merge({'interval' => 5})}
+
+    before do
+      expect_any_instance_of(LogStash::Inputs::CloudWatch_Logs).to receive(:process_group).and_return(nil)
+    end
+
+    it_behaves_like 'an interruptible input plugin'
+  end
+
   describe '#register' do
-    let(:config) {
-      {
-          'access_key_id' => '1234',
-          'secret_access_key' => 'secret',
-          'log_group' => ['sample-log-group'],
-          'region' => 'us-east-1'
-      }
-    }
-    subject {LogStash::Inputs::CloudWatch_Logs.new(config)}
+    context 'default config' do
+      subject {LogStash::Inputs::CloudWatch_Logs.new(config)}
+
+      it 'registers succesfully' do
+        expect {subject.register}.to_not raise_error
+      end
+    end
+
+    context 'start_position set to end' do
+      subject {LogStash::Inputs::CloudWatch_Logs.new(config.merge({'start_position' => 'end'}))}
+
+      it 'registers succesfully' do
+        expect {subject.register}.to_not raise_error
+      end
+    end
 
-    it "registers succesfully" do
-      expect {subject.register}.to_not raise_error
+    context 'start_position set to an integer' do
+      subject {LogStash::Inputs::CloudWatch_Logs.new(config.merge({'start_position' => 100}))}
+
+      it 'registers succesfully' do
+        expect {subject.register}.to_not raise_error
+      end
+    end
+
+    context 'start_position invalid' do
+      subject {LogStash::Inputs::CloudWatch_Logs.new(config.merge({'start_position' => 'invalid start position'}))}
+
+      it 'raises a configuration error' do
+        expect {subject.register}.to raise_error(LogStash::ConfigurationError)
+      end
+    end
+  end
+
+
+  describe '#find_log_groups without prefix true' do
+    context 'with an array in the config' do
+      subject {LogStash::Inputs::CloudWatch_Logs.new(config)}
+
+      it 'passes through configuration' do
+        expect(subject.find_log_groups).to eq(['sample-log-group'])
+      end
+    end
+
+    context 'with a single string in the log_group' do
+      subject {LogStash::Inputs::CloudWatch_Logs.new(config.merge({'log_group' => 'sample-log-group-string'}))}
+
+      it 'array-ifies the single string' do
+        expect(subject.find_log_groups).to eq(['sample-log-group-string'])
+      end
     end
   end
+
+  # describe '#find_log_groups with prefix true' do
+  #   subject {LogStash::Inputs::CloudWatch_Logs.new(config.merge({'log_group_prefix' => true}))}
+  #
+  #   before(:each) {subject.register}
+  #
+  #   it 'should create list of prefixes' do
+  #     expect_any_instance_of(Aws::CloudWatchLogs::Resource).to receive(:describe_log_groups).and_return({'log_groups' => [{'log_group_name' => '1'},{'log_group_name' => '2'}]})
+  #     expect(subject.find_log_groups).to eq(['sample-log-group-1', 'sample-log-group-2'])
+  #   end
+  # end
+
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-input-cloudwatch_logs
 version: !ruby/object:Gem::Version
-  version: 1.0.0.pre.3
+  version: 1.0.0.rc1
 platform: ruby
 authors:
 - Luke Waite
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-06-28 00:00:00.000000000 Z
+date: 2017-07-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -80,6 +80,7 @@ extra_rdoc_files: []
 files:
 - CHANGELOG.md
 - CONTRIBUTORS
+- DEVELOPER.md
 - Gemfile
 - LICENSE
 - NOTICE.TXT