logstash-input-snmp 1.0.1 → 1.2.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 33e68f50e2d8dce7148c80ccc3a90029b4a0cc1f1039ae72a99be1525df17d89
-  data.tar.gz: 75d01ff55607a5e0aa31251bcdb91d94d75c3009acae39ac82c4dfb0a09feaa4
+  metadata.gz: 131263a5b332d433de705dac607ddecd0920f33827c0419c7a837adc735c4dc0
+  data.tar.gz: d1b6e99a2c8340470833dc83e2d2bb756342c332cc36ba22ac90b93caa32149b
 SHA512:
-  metadata.gz: e2e8ae4ba872e2f55451be69e62108572ff27ea9380eaa29330cd80a42dbfc39cba4bfb4a1f11ef6e087c66f8e4c0d927484a02f093c742c666c6ede031f8cfc
-  data.tar.gz: 7347cab038cb7d1efbee0c8d60c5fe3a13dcedd2986f399ae150feeaa8758f34f0c0a32740f94685b13e172868a52d340f121bcdde81ffb193f9902985722932
+  metadata.gz: 8b7b2c722a7eb4d81492b8f39b2aa05fd60131f1871b89ec0b122fbaed398336924a5c805bd3885a45906b2ba43a41d9579fb5d5ab456d42cc8a32df93557e51
+  data.tar.gz: c2f3d2d67868fdd602117dab01f371c76b3e8ea7406438965395e088f73db06a4b589635cb57989e7d90e6ebf9a7f0fcee4aa96aa6592572fb48686d9c3abb4d

data/CHANGELOG.md

@@ -1,3 +1,23 @@
+## 1.2.3
+  -  Fixed: multithreading problem when using multiple snmp inputs with multiple v3 credentials [#80](https://github.com/logstash-plugins/logstash-input-snmp/pull/80)
+
+## 1.2.2
+  -  Refactor: scope and review java_imports [#72](https://github.com/logstash-plugins/logstash-input-snmp/pull/72)
+
+## 1.2.1
+  - Fixed GAUGE32 integer overflow [#65](https://github.com/logstash-plugins/logstash-input-snmp/pull/65)
+
+## 1.2.0
+  - Adding oid_path_length config option [#59](https://github.com/logstash-plugins/logstash-input-snmp/pull/59)
+  - Fixing bug with table support removing index value from OIDs [#60])https://github.com/logstash-plugins/logstash-input-snmp/issues/60)
+
+## 1.1.1
+  - Added information and other improvements to documentation [#57](https://github.com/logstash-plugins/logstash-input-snmp/pull/57)
+
+## 1.1.0
+  - Added support for querying SNMP tables [#49](https://github.com/logstash-plugins/logstash-input-snmp/pull/49)
+  - Changed three error messages in the base_client to include the target address for clarity in the logs.
+
 ## 1.0.1
   - Added no_codec condition to the documentation and bumped version [#39](https://github.com/logstash-plugins/logstash-input-snmp/pull/39)
   - Changed docs to improve options layout [#38](https://github.com/logstash-plugins/logstash-input-snmp/pull/38)
@@ -22,4 +42,3 @@
 
 ## 0.1.0.beta1
   - First beta version
-

data/CONTRIBUTORS

@@ -3,6 +3,7 @@ reports, or in general have helped logstash along its way.
 
 Contributors:
 * Colin Surprenant - colin.surprenant@gmail.com
+* Dan Major - axrayn@gmail.com
 
 Note: If you've sent us patches, bug reports, or otherwise contributed to
 Logstash, and you aren't on the list above and want to be, please let us know

data/LICENSE

@@ -1,11 +1,202 @@
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
 
-    http://www.apache.org/licenses/LICENSE-2.0
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
 
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2020 Elastic and contributors
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

data/docs/index.asciidoc

@@ -59,8 +59,10 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-hosts>> |<<array,array>>|No
 | <<plugins-{type}s-{plugin}-interval>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-mib_paths>> |<<path,path>>|No
-| <<plugins-{type}s-{plugin}-oid_root_skip>> |<<boolean,boolean>>|No
+| <<plugins-{type}s-{plugin}-oid_root_skip>> |<<number,number>>|No
+| <<plugins-{type}s-{plugin}-oid_path_length>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-walk>> |<<array,array>>|No
+| <<plugins-{type}s-{plugin}-tables>> |<<array,array>>|No
 |=======================================================================
 
 ==== SNMPv3 Authentication Options
@@ -168,7 +170,7 @@ If you require other MIBs, you need to import them. See <<plugins-{type}s-{plugi
 [id="plugins-{type}s-{plugin}-oid_root_skip"]
 ===== `oid_root_skip` 
 
-The `oid_root_skip` option specifies the  number of OID root digits to ignore in event field name.
+The `oid_root_skip` option specifies the number of OID root digits to ignore in the event field name.
 For example, in a numeric OID like "1.3.6.1.2.1.1.1.0" the first 5 digits could be ignored by setting `oid_root_skip => 5`
 which would result in a field name "1.1.1.0". Similarly when a MIB is used an OID such
 "1.3.6.1.2.mib-2.system.sysDescr.0" would become "mib-2.system.sysDescr.0"
@@ -176,6 +178,17 @@ which would result in a field name "1.1.1.0". Similarly when a MIB is used an OI
 * Value type is <<number,number>>
 * Default value is `0`
 
+[id="plugins-{type}s-{plugin}-oid_path_length"]
+===== `oid_path_length`
+
+The `oid_path_length` option specifies the number of OID root digits to retain in the event field name.
+For example, in a numeric OID like "1.3.6.1.2.1.1.1.0" the last 2 digits could be retained by setting `oid_path_length => 2`
+which would result in a field name "1.0". Similarly when a MIB is used an OID such
+"1.3.6.1.2.mib-2.system.sysDescr.0" would become "sysDescr.0"
+
+* Value type is <<number,number>>
+* Default value is `0`
+
 [id="plugins-{type}s-{plugin}-walk"]
 ===== `walk`
 
@@ -197,6 +210,41 @@ Example
 }
 -----
 
+[id="plugins-{type}s-{plugin}-tables"]
+===== `tables`
+
+The `tables` option is used to query for tabular values for the given column OID(s).
+
+Each table definition is a hash and must define the name key and value and the columns to return.
+
+* Value type is <<array,array>>
+* There is no default value for this setting
+* Results are returned under a field using the table name
+
+*Specifying a single table*
+
+[source,ruby]
+-----
+input {
+  snmp {
+    hosts => [{host => "udp:127.0.0.1/161" community => "public" version => "2c"  retries => 2  timeout => 1000}]
+    tables => [ {"name" => "interfaces" "columns" => ["1.3.6.1.2.1.2.2.1.1", "1.3.6.1.2.1.2.2.1.2", "1.3.6.1.2.1.2.2.1.5"]} ]
+  }
+}
+-----
+
+*Specifying multiple tables*
+
+[source,ruby]
+-----
+input {
+  snmp {
+    get => ["1.3.6.1.2.1.1.1.0"]
+    tables => [ {"name" => "interfaces" "columns" => ["1.3.6.1.2.1.2.2.1.1", "1.3.6.1.2.1.2.2.1.2", "1.3.6.1.2.1.2.2.1.5"]}, {"name" => "ltmPoolStatTable" "columns" => ["1.3.6.1.4.1.3375.2.2.5.2.3.1.1", "1.3.6.1.4.1.3375.2.2.5.2.3.1.6"]} ]
+  }
+}
+-----
+
 ==== SNMPv3 Authentication Options
 
 A **single user** can be configured and will be used for all defined SNMPv3 hosts.
@@ -252,6 +300,25 @@ The `security_level` option specifies the SNMPv3 security level between Authenti
 * Value can be any of: `noAuthNoPriv`, `authNoPriv`, `authPriv`
 * There is no default value for this setting
 
+*Specifying SNMPv3 settings*
+
+[source,ruby]
+-----
+input {
+  snmp {
+    hosts => [{host => "udp:127.0.0.1/161" version => "3"}]
+    get => ["1.3.6.1.2.1.1.1.0"]
+    security_name => "mySecurityName"
+    auth_protocol => "sha"
+    auth_pass => "ShaPassword"
+    priv_protocol => "aes"
+    priv_pass => "AesPasword"
+    security_level => "authPriv"
+  }
+}
+
+-----
+
 ==== More configuration examples
 
 *Using both `get` and `walk` in the same poll cycle for each host(s)*

data/lib/logstash/inputs/snmp.rb

@@ -20,6 +20,9 @@ class LogStash::Inputs::Snmp < LogStash::Inputs::Base
   # List of OIDs for which we want to retrieve the subtree of information
   config :walk,:validate => :array # ["1.3.6.1.2.1.1.1.0"]
 
+  # List of tables to walk
+  config :tables, :validate => :array  #[ {"name" => "interfaces" "columns" => ["1.3.6.1.2.1.2.2.1.1", "1.3.6.1.2.1.2.2.1.2", "1.3.6.1.2.1.2.2.1.5"]} ]
+
   # List of hosts to query the configured `get` and `walk` options.
   #
   # Each host definition is a hash and must define the `host` key and value.
@@ -53,6 +56,12 @@ class LogStash::Inputs::Snmp < LogStash::Inputs::Base
   # as "1.3.6.1.2.mib-2.system.sysDescr.0" would become "mib-2.system.sysDescr.0"
   config :oid_root_skip, :validate => :number, :default => 0
 
+  # number of OID tail digits to retain in event field name. For example, in a numeric OID
+  # like 1.3.6.1.2.1.1.1.0" the last 2 digits could be retained by setting oid_path_length => 2
+  # which would result in a field name "1.0". Similarly, when a MIB is used an OID such as
+  # "1.3.6.1.2.mib-2.system.sysDescr.0" would become "sysDescr.0"
+  config :oid_path_length, :validate => :number, :default => 0
+
   # Set polling interval in seconds
   #
   # The default, `30`, means poll each host every 30 seconds.
@@ -91,6 +100,8 @@ class LogStash::Inputs::Snmp < LogStash::Inputs::Base
   def register
     validate_oids!
     validate_hosts!
+    validate_tables!
+    validate_strip!
 
     mib = LogStash::SnmpMib.new
 
@@ -157,7 +168,7 @@ class LogStash::Inputs::Snmp < LogStash::Inputs::Base
         result = {}
         if !definition[:get].empty?
           begin
-            result = result.merge(definition[:client].get(definition[:get], @oid_root_skip))
+            result = result.merge(definition[:client].get(definition[:get], @oid_root_skip, @oid_path_length))
           rescue => e
             logger.error("error invoking get operation on #{definition[:host_address]} for OIDs: #{definition[:get]}, ignoring", :exception => e, :backtrace => e.backtrace)
           end
@@ -165,13 +176,23 @@ class LogStash::Inputs::Snmp < LogStash::Inputs::Base
         if  !definition[:walk].empty?
           definition[:walk].each do |oid|
             begin
-              result = result.merge(definition[:client].walk(oid, @oid_root_skip))
+              result = result.merge(definition[:client].walk(oid, @oid_root_skip, @oid_path_length))
             rescue => e
               logger.error("error invoking walk operation on OID: #{oid}, ignoring", :exception => e, :backtrace => e.backtrace)
             end
           end
         end
 
+        if  !Array(@tables).empty?
+          @tables.each do |table_entry|
+            begin
+              result = result.merge(definition[:client].table(table_entry, @oid_root_skip, @oid_path_length))
+            rescue => e
+              logger.error("error invoking table operation on OID: #{table_entry['name']}, ignoring", :exception => e, :backtrace => e.backtrace)
+            end
+          end
+        end
+
         unless result.empty?
           metadata = {
             "host_protocol" => definition[:host_protocol],
@@ -217,7 +238,20 @@ class LogStash::Inputs::Snmp < LogStash::Inputs::Base
       $1
     end
 
-    raise(LogStash::ConfigurationError, "at least one get OID or one walk OID is required") if @get.empty? && @walk.empty?
+    if !@tables.nil?
+      @tables.each do |table_entry|
+      # Verify oids for valid pattern and get rid of any leading dot if present
+        columns = table_entry["columns"]
+        columns.each do |column|
+          unless column =~ OID_REGEX
+      	    raise(Logstash::ConfigurationError, "The table column oid '#{column}' is an invalid format")
+          end
+        end
+        $1
+      end
+    end
+
+    raise(LogStash::ConfigurationError, "at least one get OID, one walk OID, or one table OID is required") if @get.empty? && @walk.empty? && @tables.nil?
   end
 
   def validate_v3_user!
@@ -242,4 +276,16 @@ class LogStash::Inputs::Snmp < LogStash::Inputs::Base
       raise(LogStash::ConfigurationError, "each host definition must have a \"host\" option") if !host.is_a?(Hash) || host["host"].nil?
     end
   end
+  
+  def validate_tables!
+    if !@tables.nil?
+      @tables.each do |table_entry|
+        raise(LogStash::ConfigurationError, "each table definition must have a \"name\" option") if !table_entry.is_a?(Hash) || table_entry["name"].nil?
+      end
+    end
+  end
+
+  def validate_strip!
+    raise(LogStash::ConfigurationError, "you can not specify both oid_root_skip and oid_path_length") if @oid_root_skip > 0 and @oid_path_length > 0
+  end
 end

data/lib/logstash/inputs/snmp/base_client.rb

@@ -3,48 +3,71 @@ require "logstash-input-snmp_jars.rb"
 
 require "logstash/util/loggable"
 
-java_import "org.snmp4j.CommunityTarget"
-java_import "org.snmp4j.PDU"
-java_import "org.snmp4j.ScopedPDU"
-java_import "org.snmp4j.Snmp"
-java_import "org.snmp4j.Target"
-java_import "org.snmp4j.TransportMapping"
-java_import "org.snmp4j.event.ResponseEvent"
-java_import "org.snmp4j.mp.SnmpConstants"
-java_import "org.snmp4j.smi.Address"
-java_import "org.snmp4j.smi.GenericAddress"
-java_import "org.snmp4j.smi.OID"
-java_import "org.snmp4j.smi.OctetString"
-java_import "org.snmp4j.smi.VariableBinding"
-java_import "org.snmp4j.transport.DefaultUdpTransportMapping"
-java_import "org.snmp4j.transport.DefaultTcpTransportMapping"
-java_import "org.snmp4j.util.TreeUtils"
-java_import "org.snmp4j.util.DefaultPDUFactory"
-java_import "org.snmp4j.asn1.BER"
-
 module LogStash
   class SnmpClientError < StandardError
   end
 
+  # Only one Snmp instance per transport should be created and listened on.
+  # The Snmp object is thread safe and can be shared across input threads and pipelines.
+  class SnmpFactory
+    java_import "org.snmp4j.Snmp"
+    java_import "org.snmp4j.transport.DefaultUdpTransportMapping"
+    java_import "org.snmp4j.transport.DefaultTcpTransportMapping"
+
+    include Singleton
+
+    def initialize
+      @lock = Mutex.new
+      @udp = nil
+      @tcp = nil
+    end
+
+    def udp
+      @lock.synchronize do
+        if @udp.nil?
+          @udp = Snmp.new(DefaultUdpTransportMapping.new)
+          @udp.listen
+        end
+      end
+      @udp
+    end
+
+    def tcp
+      @lock.synchronize do
+        if @tcp.nil?
+          @tcp = Snmp.new(DefaultTcpTransportMapping.new)
+          @tcp.listen
+        end
+      end
+      @tcp
+    end
+  end
+
   class BaseSnmpClient
+    java_import "org.snmp4j.TransportMapping"
+    java_import "org.snmp4j.mp.SnmpConstants"
+    java_import "org.snmp4j.smi.OID"
+    java_import "org.snmp4j.smi.VariableBinding"
+    java_import "org.snmp4j.util.TableUtils"
+    java_import "org.snmp4j.util.TreeUtils"
+    java_import "org.snmp4j.asn1.BER"
+
     include LogStash::Util::Loggable
 
     def initialize(protocol, address, port, retries, timeout, mib)
+      @mib = mib
+
       transport = case protocol.to_s
         when "udp"
-          DefaultUdpTransportMapping.new
+          @snmp = SnmpFactory.instance.udp
         when "tcp"
-          DefaultTcpTransportMapping.new
+          @snmp = SnmpFactory.instance.tcp
         else
           raise(SnmpClientError, "invalid transport protocol specified '#{protocol.to_s}', expecting 'udp' or 'tcp'")
-        end
-
-      @mib = mib
-      @snmp = Snmp.new(transport)
-      transport.listen()
+      end
     end
 
-    def get(oids, strip_root = 0)
+    def get(oids, strip_root = 0, path_length = 0)
       pdu = get_pdu
       Array(oids).each { |oid| pdu.add(VariableBinding.new(OID.new(oid))) }
 
@@ -52,11 +75,11 @@ module LogStash
       return nil if response_event.nil?
 
       e = response_event.getError
-      raise(SnmpClientError, "error sending snmp get request: #{e.inspect}, #{e.getMessage}") if e
+      raise(SnmpClientError, "error sending snmp get request to target #{@target.address}: #{e.inspect}, #{e.getMessage}") if e
 
       result = {}
       response_pdu = response_event.getResponse
-      raise(SnmpClientError, "timeout sending snmp get request") if response_pdu.nil?
+      raise(SnmpClientError, "timeout sending snmp get request to target #{@target.address}") if response_pdu.nil?
 
       size = response_pdu.size
       (0..size - 1).each do |i|
@@ -65,14 +88,14 @@ module LogStash
         variable = variable_binding.getVariable
         value = coerce(variable)
 
-        result[@mib.map_oid(oid, strip_root)] = value
+        result[@mib.map_oid(oid, strip_root, path_length)] = value
       end
 
       result
     end
 
 
-    def walk(oid, strip_root = 0)
+    def walk(oid, strip_root = 0, path_length = 0)
       result = {}
 
       pdufactory = get_pdu_factory
@@ -85,7 +108,7 @@ module LogStash
 
         if event.isError
           # TODO: see if we can salvage non errored event here
-          raise(SnmpClientError, "error sending snmp walk request: #{event.getErrorMessage}")
+          raise(SnmpClientError, "error sending snmp walk request to target #{@target.address}: #{event.getErrorMessage}")
         end
 
         var_bindings = event.getVariableBindings
@@ -98,13 +121,56 @@ module LogStash
           variable = var_binding.getVariable
           value = coerce(variable)
 
-          result[@mib.map_oid(oid, strip_root)] = value
+          result[@mib.map_oid(oid, strip_root, path_length)] = value
         end
       end
 
       result
     end
 
+    def table(table, strip_root = 0, path_length = 0)
+      result = {}
+      rows = []
+      pdufactory = get_pdu_factory
+      table_name = table["name"]
+      tableUtils = TableUtils.new(@snmp, pdufactory)
+
+      colOID = Array.new
+      Array(table["columns"]).each { |oid| colOID << OID.new(oid) }
+
+      events = tableUtils.getTable(@target, colOID.to_java(org.snmp4j.smi.OID), nil, nil)
+
+      return nil if events.nil? || events.size == 0
+      events.each do |event|
+        next if event.nil?
+
+        if event.isError
+          # TODO: see if we can salvage non errored event here
+          raise(SnmpClientError, "error sending snmp table request to target #{@target.address}: #{event.getErrorMessage}")
+        end
+
+        row = {}
+        idx_val = event.getIndex.toString
+        row["index"] = idx_val
+
+        var_bindings = event.getColumns
+        next if var_bindings.nil? || var_bindings.size == 0
+
+        var_bindings.each do |var_binding|
+          next if var_binding.nil?
+
+          oid = var_binding.getOid.toString
+          variable = var_binding.getVariable
+          value = coerce(variable)
+          mapped_oid = @mib.map_oid(oid, strip_root, path_length).chomp('.'+idx_val)
+          row[mapped_oid] = value
+        end
+        rows << row
+      end
+      result[table_name] = rows
+      result
+    end
+
     protected
 
     NULL_STRING = "null".freeze
@@ -115,9 +181,9 @@ module LogStash
       case variable_syntax
         when BER::OCTETSTRING, BER::BITSTRING
           variable.toString
-        when BER::TIMETICKS, BER::COUNTER, BER::COUNTER32, BER::COUNTER64
+        when BER::TIMETICKS, BER::COUNTER, BER::COUNTER32, BER::COUNTER64, BER::GAUGE, BER::GAUGE32
           variable.toLong
-        when BER::INTEGER, BER::INTEGER32, BER::GAUGE, BER::GAUGE32
+        when BER::INTEGER, BER::INTEGER32
           variable.toInt
         when BER::IPADDRESS
           variable.toString

data/lib/logstash/inputs/snmp/client.rb

@@ -2,28 +2,19 @@ require "java"
 require "logstash-input-snmp_jars.rb"
 require_relative "base_client"
 
-java_import "org.snmp4j.CommunityTarget"
-java_import "org.snmp4j.PDU"
-java_import "org.snmp4j.ScopedPDU"
-java_import "org.snmp4j.Snmp"
-java_import "org.snmp4j.Target"
-java_import "org.snmp4j.TransportMapping"
-java_import "org.snmp4j.event.ResponseEvent"
-java_import "org.snmp4j.mp.SnmpConstants"
-java_import "org.snmp4j.smi.Address"
-java_import "org.snmp4j.smi.GenericAddress"
-java_import "org.snmp4j.smi.OID"
-java_import "org.snmp4j.smi.OctetString"
-java_import "org.snmp4j.smi.VariableBinding"
-java_import "org.snmp4j.transport.DefaultUdpTransportMapping"
-java_import "org.snmp4j.transport.DefaultTcpTransportMapping"
-java_import "org.snmp4j.util.TreeUtils"
-java_import "org.snmp4j.util.DefaultPDUFactory"
-java_import "org.snmp4j.asn1.BER"
-
 module LogStash
   class SnmpClient < BaseSnmpClient
 
+    java_import "org.snmp4j.CommunityTarget"
+    java_import "org.snmp4j.PDU"
+    java_import "org.snmp4j.ScopedPDU"
+    java_import "org.snmp4j.Snmp"
+    java_import "org.snmp4j.Target"
+    java_import "org.snmp4j.smi.Address"
+    java_import "org.snmp4j.smi.GenericAddress"
+    java_import "org.snmp4j.smi.OctetString"
+    java_import "org.snmp4j.util.DefaultPDUFactory"
+
     def initialize(protocol, address, port, community, version, retries, timeout, mib)
       super(protocol, address, port, retries, timeout, mib)
       raise(SnmpClientError, "SnmpClient is expecting verison '1' or '2c'") unless ["1", "2c"].include?(version.to_s)

data/lib/logstash/inputs/snmp/clientv3.rb

@@ -1,43 +1,51 @@
 require 'java'
 require 'logstash-input-snmp_jars.rb'
 
+module LogStash
 
-java_import 'org.snmp4j.PDU'
-java_import 'org.snmp4j.ScopedPDU'
-java_import 'org.snmp4j.Snmp'
-java_import 'org.snmp4j.Target'
-java_import 'org.snmp4j.TransportMapping'
-java_import 'org.snmp4j.event.ResponseEvent'
-java_import 'org.snmp4j.mp.MPv3'
-java_import 'org.snmp4j.mp.SnmpConstants'
-java_import 'org.snmp4j.security.AuthMD5'
-java_import 'org.snmp4j.security.AuthSHA'
-java_import 'org.snmp4j.security.AuthSHA2'
-java_import 'org.snmp4j.security.AuthHMAC128SHA224'
-java_import 'org.snmp4j.security.AuthHMAC192SHA256'
-java_import 'org.snmp4j.security.AuthHMAC256SHA384'
-java_import 'org.snmp4j.security.AuthHMAC384SHA512'
-java_import 'org.snmp4j.security.Priv3DES'
-java_import 'org.snmp4j.security.PrivDES'
-java_import 'org.snmp4j.security.PrivAES128'
-java_import 'org.snmp4j.security.PrivAES192'
-java_import 'org.snmp4j.security.PrivAES256'
-java_import 'org.snmp4j.security.SecurityModels'
-java_import 'org.snmp4j.security.SecurityProtocols'
-java_import 'org.snmp4j.security.USM'
-java_import 'org.snmp4j.security.UsmUser'
-java_import 'org.snmp4j.security.SecurityLevel'
-java_import 'org.snmp4j.smi.Address'
-java_import 'org.snmp4j.smi.GenericAddress'
-java_import 'org.snmp4j.smi.OID'
-java_import 'org.snmp4j.smi.OctetString'
-java_import 'org.snmp4j.transport.DefaultUdpTransportMapping'
-java_import 'org.snmp4j.transport.DefaultTcpTransportMapping'
-java_import 'org.snmp4j.UserTarget'
-java_import 'org.snmp4j.util.DefaultPDUFactory'
+  # Only a single USM instance should be created and added to the SecurityModels
+  class USMFactory
+    java_import 'org.snmp4j.security.SecurityProtocols'
+    java_import 'org.snmp4j.security.SecurityModels'
+    java_import 'org.snmp4j.security.USM'
+    java_import 'org.snmp4j.smi.OctetString'
+    java_import 'org.snmp4j.mp.MPv3'
+
+    include Singleton
+    attr_reader :usm
+
+    def initialize
+      @usm = USM.new(SecurityProtocols.getInstance, OctetString.new(MPv3.createLocalEngineID), 0)
+      SecurityModels.getInstance.addSecurityModel(@usm)
+    end
+  end
 
-module LogStash
   class SnmpClientV3 < BaseSnmpClient
+    java_import 'org.snmp4j.PDU'
+    java_import 'org.snmp4j.ScopedPDU'
+    java_import 'org.snmp4j.Snmp'
+    java_import 'org.snmp4j.Target'
+    java_import 'org.snmp4j.event.ResponseEvent'
+    java_import 'org.snmp4j.mp.SnmpConstants'
+    java_import 'org.snmp4j.security.AuthMD5'
+    java_import 'org.snmp4j.security.AuthSHA'
+    java_import 'org.snmp4j.security.AuthSHA2'
+    java_import 'org.snmp4j.security.AuthHMAC128SHA224'
+    java_import 'org.snmp4j.security.AuthHMAC192SHA256'
+    java_import 'org.snmp4j.security.AuthHMAC256SHA384'
+    java_import 'org.snmp4j.security.AuthHMAC384SHA512'
+    java_import 'org.snmp4j.security.Priv3DES'
+    java_import 'org.snmp4j.security.PrivDES'
+    java_import 'org.snmp4j.security.PrivAES128'
+    java_import 'org.snmp4j.security.PrivAES192'
+    java_import 'org.snmp4j.security.PrivAES256'
+    java_import 'org.snmp4j.security.UsmUser'
+    java_import 'org.snmp4j.security.SecurityLevel'
+    java_import 'org.snmp4j.smi.Address'
+    java_import 'org.snmp4j.smi.GenericAddress'
+    java_import 'org.snmp4j.smi.OctetString'
+    java_import 'org.snmp4j.UserTarget'
+    java_import 'org.snmp4j.util.DefaultPDUFactory'
 
     def initialize(protocol, address, port, retries, timeout, mib, security_name, auth_protocol, auth_pass, priv_protocol, priv_pass, security_level)
       super(protocol, address, port, retries, timeout, mib)
@@ -49,8 +57,8 @@ module LogStash
       auth_pass = auth_pass.nil? ? nil : OctetString.new(auth_pass)
       priv_pass = priv_pass.nil? ? nil : OctetString.new(priv_pass)
 
-      usm = USM.new(SecurityProtocols.getInstance, OctetString.new(MPv3.createLocalEngineID), 0)
-      SecurityModels.getInstance.addSecurityModel(usm)
+      # make sure the USM is initialized
+      USMFactory.instance
 
       @snmp.getUSM.addUser(UsmUser.new(security_name, auth_protocol, auth_pass, priv_protocol, priv_pass))
       @target = build_target("#{protocol}:#{address}/#{port}", security_name, security_level, retries, timeout)

data/lib/logstash/inputs/snmp/mib.rb

@@ -69,7 +69,7 @@ module LogStash
         current.childs[last_node] = node
       end
 
-      def map_oid(oid, strip_root = 0)
+      def map_oid(oid, strip_root = 0, path_length = 0)
         path = Oid.parse(oid)
 
         result = []
@@ -88,7 +88,13 @@ module LogStash
           result << node.name
         end
 
-        result.drop(strip_root).join(".")
+	if strip_root > 0
+	  result.drop(strip_root).join(".")
+	elsif path_length > 0
+	  result.pop(path_length).join(".")
+	else
+	  result.join(".")
+	end
       end
     end
 
@@ -136,8 +142,8 @@ module LogStash
       [module_name, nodes]
     end
 
-    def map_oid(oid, strip_root = 0)
-      @tree.map_oid(oid, strip_root)
+    def map_oid(oid, strip_root = 0, path_length = 0)
+      @tree.map_oid(oid, strip_root, path_length)
     end
 
     private

data/logstash-input-snmp.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name          = 'logstash-input-snmp'
-  s.version       = '1.0.1'
+  s.version       = '1.2.3'
   s.licenses      = ['Apache-2.0']
   s.summary       = "SNMP input plugin"
   s.description   = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

data/spec/inputs/snmp/base_client_spec.rb

@@ -2,11 +2,14 @@
 require "logstash/devutils/rspec/spec_helper"
 require "logstash/inputs/snmp/base_client"
 
-java_import "org.snmp4j.smi.AbstractVariable"
-java_import "org.snmp4j.smi.SMIConstants"
-
 module LogStash
 
+  java_import "org.snmp4j.asn1.BER"
+  java_import "org.snmp4j.smi.AbstractVariable"
+  java_import "org.snmp4j.smi.SMIConstants"
+  java_import "org.snmp4j.smi.Gauge32"
+  java_import "org.snmp4j.smi.Integer32"
+
   class TestableBaseSnmpClient < BaseSnmpClient
     def coerce(*args)
       super(*args)
@@ -33,6 +36,18 @@ module LogStash
         expect(subject).to receive(:logger).exactly(1).times.and_call_original
         expect(subject.coerce(v)).to eq("error: unknown variable syntax 130, EndOfMibView")
       end
+
+      it "should handle max unsigned 32 bits integer GAUGE32" do
+        MAX_UNSIGNED_INT_32 = 4294967295
+        v = Gauge32.new(MAX_UNSIGNED_INT_32)
+        expect(subject.coerce(v)).to eq(MAX_UNSIGNED_INT_32)
+      end
+
+      it "should handle max signed 32 bits integer INTEGER32" do
+        MAX_SIGNED_INT_32 = 2147483647
+        v = Integer32.new(MAX_SIGNED_INT_32)
+        expect(subject.coerce(v)).to eq(MAX_SIGNED_INT_32)
+      end
     end
   end
-end
+end

data/spec/inputs/snmp_spec.rb

@@ -1,5 +1,6 @@
 # encoding: utf-8
 require "logstash/devutils/rspec/spec_helper"
+require "logstash/devutils/rspec/shared_examples"
 require "logstash/inputs/snmp"
 
 describe LogStash::Inputs::Snmp do
@@ -22,8 +23,12 @@ describe LogStash::Inputs::Snmp do
         [
             {"get" => ["1.3.6.1.2.1.1.1.0"], "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
             {"get" => [".1.3.6.1.2.1.1.1.0"], "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
+            {"get" => [".1.3.6.1.2.1.1.1.0"], "hosts" => [{"host" => "udp:127.0.0.1/161"}], "oid_root_skip" => 2},
+            {"get" => [".1.3.6.1.2.1.1.1.0"], "hosts" => [{"host" => "udp:127.0.0.1/161"}], "oid_path_length" => 2},
             {"get" => ["1.3.6.1.2.1.1.1.0", "1.3.6.1.2.1.1"], "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
             {"get" => ["1.3.6.1.2.1.1.1.0", ".1.3.6.1.2.1.1"], "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
+            {"walk" => ["1.3.6.1.2.1.1.1"], "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
+            {"tables" => [{"name" => "ltmPoolStatTable", "columns" => ["1.3.6.1.4.1.3375.2.2.5.2.3.1.1", "1.3.6.1.4.1.3375.2.2.5.2.3.1.6"]}], "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
         ]
     }
 
@@ -33,6 +38,10 @@ describe LogStash::Inputs::Snmp do
           {"get" => ["test"], "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
           {"get" => [], "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
           {"get" => "foo", "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
+          {"get" => [".1.3.6.1.2.1.1.1.0"], "hosts" => [{"host" => "udp:127.0.0.1/161"}], "oid_path_length" => "a" },
+          {"get" => [".1.3.6.1.2.1.1.1.0"], "hosts" => [{"host" => "udp:127.0.0.1/161"}], "oid_path_length" => 2, "oid_root_skip" => 2 },
+          {"walk" => "foo", "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
+          {"tables" => [{"columns" => ["1.2.3.4", "4.3.2.1"]}], "hosts" => [{"host" => "udp:127.0.0.1/161"}]},
       ]
     }
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-input-snmp
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.2.3
 platform: ruby
 authors:
 - Elasticsearch
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-11-05 00:00:00.000000000 Z
+date: 2020-08-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement