logstash-input-snmp 1.3.0 → 1.3.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 747dbf68d6a90a7ab937bf8c64edef786b7d0c4c0ac2f97088401d1e842c2616
-  data.tar.gz: e53514a31810159796b3e80ee56f7aa6d66eba23ac781744fd9fbf0be83d4d9a
+  metadata.gz: 3fe1c5f85dcfcd638d7a15c9798f34d27cee90599d45b984e3a6a9d578233894
+  data.tar.gz: 4261ebb2f0e9d7ab9b7f73d11bc2e4b1af37c176131b14c97b4808c249176d45
 SHA512:
-  metadata.gz: fa84badc45e056d01ca6a8668e3b5a2ddf89348339f49524b60b77843753cb7eb51fe2fcfe40d2d61dfc95523988f1fa6e11cc430692bbbe38d0014371c62278
-  data.tar.gz: 9e8e9895750a23892e99b2c198eef3e66f75de885e700dcea020d00356e843a022bd5dae6894a390f9f64faea40ea0f15310dbc7b34ef1fa96947b15d9d1a45b
+  metadata.gz: 89ee144bd1e2a3d40dcdd355bac9b330a93b0b011739367721c82e33adca7762e716c53db4f95ae5816a87f004a1155f824603acf0c8f57025ac14502f5b4f11
+  data.tar.gz: d7879c1a5de45a5e8f50574223dc883723cdda586540409ced17442f79396fb42669ce6bec8302c3f62d97a2b49927e3e62e7157ac23bec6ebbf05831e753e32

data/CHANGELOG.md

@@ -1,3 +1,9 @@
+## 1.3.2
+  -  Docs: add troubleshooting help for "failed to locate MIB module" error when using smidump to convert MIBs
+
+## 1.3.1
+  -  Refactor: handle no response(s) wout error logging [#105](https://github.com/logstash-plugins/logstash-input-snmp/pull/105)
+
 ## 1.3.0
   - Feat: ECS compliance + optional target [#99](https://github.com/logstash-plugins/logstash-input-snmp/pull/99)
   - Internal: update to Gradle 7 [#102](https://github.com/logstash-plugins/logstash-input-snmp/pull/102)

data/docs/index.asciidoc

@@ -63,6 +63,37 @@ $ smidump --level=1 -k -f python RFC1213-MIB > RFC1213-MIB.dic
 
 Note that the resulting file as output by `smidump` must have the `.dic` extension.
 
+As `smidump` only looks for mib dependencies in its pre-configured path lists as defined in the documentaion in the https://www.ibr.cs.tu-bs.de/projects/libsmi/smi_config.html["MODULES LOCATIONS"] section, you may need to provide the paths to locations of MIBs in your particular environment to avoid a `failed to locate MIB module` error.
+
+Two ways to achieve this are by using an environment variable or a config file to provide the additional path configuration.
+
+Set the `SMIPATH` env var with the path to your mibs ensuring you include a prepended colon `:` for the path, for example:
+
+[source,sh]
+-----
+$ SMIPATH=":/path/to/mibs/" smidump -k -f python CISCO-PROCESS-MIB.mib > CISCO-PROCESS-MIB_my.dic
+-----
+
+NOTE: SMI docs on the prepended colon:
+
+  The ‘path’ command argument and the environment variable either start with a path separator character (‘:’ on UNIX-like systems, ‘;’ on MS-Windows systems) to append to the path, or end with a path separator character to prepend to the path, or otherwise completely replace the path.
+
+
+The other way is to create a configuration file eg `smi.conf` with the `path` option.
+
+[source,sh]
+-----
+path :/path/to/mibs/
+-----
+
+and use that config with smidump:
+
+[source,sh]
+-----
+$ smidump -c smi.conf -k -f python CISCO-PROCESS-MIB.mib > CISCO-PROCESS-MIB_my.dic
+-----
+
+
 [id="plugins-{type}s-{plugin}-options"]
 ==== SNMP Input Configuration Options
 

data/lib/logstash/inputs/snmp/base_client.rb

@@ -52,13 +52,13 @@ module LogStash
     end
 
     def walk(oid, strip_root = 0, path_length = 0)
-      result = {}
-
       pdufactory = get_pdu_factory
       treeUtils = TreeUtils.new(@snmp, pdufactory)
       events = treeUtils.getSubtree(@target, OID.new(oid))
       return nil if events.nil? || events.size == 0
 
+      result = {}
+
       events.each do |event|
         next if event.nil?
 

data/lib/logstash/inputs/snmp.rb

@@ -192,53 +192,73 @@ class LogStash::Inputs::Snmp < LogStash::Inputs::Base
 
   def run(queue)
     # for now a naive single threaded poller which sleeps off the remaining interval between
-    # each run. each run polls all the defined hosts for the get and walk options.
+    # each run. each run polls all the defined hosts for the get, table and walk options.
     stoppable_interval_runner.every(@interval, "polling hosts") do
-      @client_definitions.each do |definition|
-        client = definition[:client]
-        result = {}
-        if !definition[:get].empty?
-          oids = definition[:get]
-          begin
-            result = result.merge(client.get(oids, @oid_root_skip, @oid_path_length))
-          rescue => e
-            logger.error("error invoking get operation for OIDs: #{oids}, ignoring",
-                         host: definition[:host_address], exception: e, backtrace: e.backtrace)
+      poll_clients(queue)
+    end
+  end
+
+  def poll_clients(queue)
+    @client_definitions.each do |definition|
+      client = definition[:client]
+      host = definition[:host_address]
+      result = {}
+
+      if !definition[:get].empty?
+        oids = definition[:get]
+        begin
+          data = client.get(oids, @oid_root_skip, @oid_path_length)
+          if data
+            result.update(data)
+          else
+            logger.debug? && logger.debug("get operation returned no response", host: host, oids: oids)
           end
+        rescue => e
+          logger.error("error invoking get operation, ignoring", host: host, oids: oids, exception: e, backtrace: e.backtrace)
         end
-        if !definition[:walk].empty?
-          definition[:walk].each do |oid|
-            begin
-              result = result.merge(client.walk(oid, @oid_root_skip, @oid_path_length))
-            rescue => e
-              logger.error("error invoking walk operation on OID: #{oid}, ignoring",
-                           host: definition[:host_address], exception: e, backtrace: e.backtrace)
+      end
+
+      if !definition[:walk].empty?
+        definition[:walk].each do |oid|
+          begin
+            data = client.walk(oid, @oid_root_skip, @oid_path_length)
+            if data
+              result.update(data)
+            else
+              logger.debug? && logger.debug("walk operation returned no response", host: host, oid: oid)
             end
+          rescue => e
+            logger.error("error invoking walk operation, ignoring", host: host, oid: oid, exception: e, backtrace: e.backtrace)
           end
         end
+      end
 
-        if !Array(@tables).empty?
-          @tables.each do |table_entry|
-            begin
-              result = result.merge(client.table(table_entry, @oid_root_skip, @oid_path_length))
-            rescue => e
-              logger.error("error invoking table operation on OID: #{table_entry['name']}, ignoring",
-                           host: definition[:host_address], exception: e, backtrace: e.backtrace)
+      if !Array(@tables).empty?
+        @tables.each do |table_entry|
+          begin
+            data = client.table(table_entry, @oid_root_skip, @oid_path_length)
+            if data
+              result.update(data)
+            else
+              logger.debug? && logger.debug("table operation returned no response", host: host, table: table_entry)
             end
+          rescue => e
+            logger.error("error invoking table operation, ignoring",
+                         host: host, table_name: table_entry['name'], exception: e, backtrace: e.backtrace)
           end
         end
+      end
 
-        unless result.empty?
-          event = targeted_event_factory.new_event(result)
-          event.set(@host_protocol_field, definition[:host_protocol])
-          event.set(@host_address_field, definition[:host_address])
-          event.set(@host_port_field, definition[:host_port])
-          event.set(@host_community_field, definition[:host_community])
-          decorate(event)
-          queue << event
-        else
-          logger.debug? && logger.debug("no snmp data retrieved", host: definition[:host_address])
-        end
+      unless result.empty?
+        event = targeted_event_factory.new_event(result)
+        event.set(@host_protocol_field, definition[:host_protocol])
+        event.set(@host_address_field, definition[:host_address])
+        event.set(@host_port_field, definition[:host_port])
+        event.set(@host_community_field, definition[:host_community])
+        decorate(event)
+        queue << event
+      else
+        logger.debug? && logger.debug("no snmp data retrieved", host: definition[:host_address])
       end
     end
   end

data/logstash-input-snmp.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name          = 'logstash-input-snmp'
-  s.version       = '1.3.0'
+  s.version       = '1.3.2'
   s.licenses      = ['Apache-2.0']
   s.summary       = "SNMP input plugin"
   s.description   = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

data/spec/inputs/integration/it_spec.rb

@@ -2,7 +2,7 @@ require "logstash/devutils/rspec/spec_helper"
 require "logstash/inputs/snmp"
 
 describe LogStash::Inputs::Snmp do
-  let(:config) { {"get" => ["1.3.6.1.2.1.1.1.0", "1.3.6.1.2.1.1.3.0", "1.3.6.1.2.1.1.5.0"]} }
+  let(:config) { {"get" => %w[1.3.6.1.2.1.1.1.0 1.3.6.1.2.1.1.3.0 1.3.6.1.2.1.1.5.0], "ecs_compatibility" => "disabled" } }
   let(:plugin) { LogStash::Inputs::Snmp.new(config)}
 
   shared_examples "snmp plugin return single event" do
@@ -114,8 +114,8 @@ describe LogStash::Inputs::Snmp do
   end
 
   describe "multiple pipelines and mix of udp tcp hosts", :integration => true do
-    let(:config) { {"get" => ["1.3.6.1.2.1.1.1.0"], "hosts" => [{"host" => "udp:snmp1/161", "community" => "public"}]} }
-    let(:config2) { {"get" => ["1.3.6.1.2.1.1.1.0"], "hosts" => [{"host" => "tcp:snmp2/162", "community" => "public"}]} }
+    let(:config) { {"get" => ["1.3.6.1.2.1.1.1.0"], "hosts" => [{"host" => "udp:snmp1/161", "community" => "public"}], "ecs_compatibility" => "disabled" } }
+    let(:config2) { {"get" => ["1.3.6.1.2.1.1.1.0"], "hosts" => [{"host" => "tcp:snmp2/162", "community" => "public"}], "ecs_compatibility" => "disabled"} }
     let(:plugin) { LogStash::Inputs::Snmp.new(config)}
     let(:plugin2) { LogStash::Inputs::Snmp.new(config2)}
 
@@ -148,10 +148,12 @@ describe LogStash::Inputs::Snmp do
           snmp {
             get => ["1.3.6.1.2.1.1.1.0"]
             hosts => [{host => "udp:snmp1/161" community => "public"}]
+            ecs_compatibility => "disabled"
           }
           snmp {
             get => ["1.3.6.1.2.1.1.1.0"]
             hosts => [{host => "tcp:snmp2/162" community => "public"}]
+            ecs_compatibility => "disabled"
           }
         }
     CONFIG
@@ -171,6 +173,7 @@ describe LogStash::Inputs::Snmp do
             priv_protocol => "aes"
             priv_pass => "STr0ngP@SSWRD161"
             security_level => "authPriv"
+            ecs_compatibility => "disabled"
           }
           snmp {
             get => ["1.3.6.1.2.1.1.1.0"]
@@ -181,6 +184,7 @@ describe LogStash::Inputs::Snmp do
             priv_protocol => "aes"
             priv_pass => "STr0ngP@SSWRD162"
             security_level => "authPriv"
+            ecs_compatibility => "disabled"
           }
         }
     CONFIG

data/spec/inputs/snmp_spec.rb

@@ -136,43 +136,46 @@ describe LogStash::Inputs::Snmp, :ecs_compatibility_support do
 
     before(:each) do
       allow_any_instance_of(described_class).to receive(:ecs_compatibility).and_return(ecs_compatibility)
-    end
 
-    before do
       expect(LogStash::SnmpClient).to receive(:new).and_return(mock_client)
-      expect(mock_client).to receive(:get).and_return({"foo" => "bar"})
       # devutils in v6 calls close on the test pipelines while it does not in v7+
-      expect(mock_client).to receive(:close).at_most(:once)
+      allow(mock_client).to receive(:close).at_most(:once)
     end
 
-    it "shoud add @metadata fields and add default host field" do
-      config = <<-CONFIG
+    context 'mocked get' do
+
+      before do
+        expect(mock_client).to receive(:get).and_return({"foo" => "bar"})
+      end
+
+      it "shoud add @metadata fields and add default host field" do
+        config = <<-CONFIG
           input {
             snmp {
               get => ["1.3.6.1.2.1.1.1.0"]
               hosts => [{ host => "udp:127.0.0.1/161" community => "public" }]
             }
           }
-      CONFIG
-      event = input(config) { |_, queue| queue.pop }
-
-      if ecs_select.active_mode == :disabled
-        expect(event.get("[@metadata][host_protocol]")).to eq("udp")
-        expect(event.get("[@metadata][host_address]")).to eq("127.0.0.1")
-        expect(event.get("[@metadata][host_port]")).to eq("161")
-        expect(event.get("[@metadata][host_community]")).to eq("public")
-        expect(event.get("host")).to eql("127.0.0.1")
-      else
-        expect(event.get("[@metadata][input][snmp][host][protocol]")).to eq("udp")
-        expect(event.get("[@metadata][input][snmp][host][address]")).to eq("127.0.0.1")
-        expect(event.get("[@metadata][input][snmp][host][port]")).to eq('161')
-        expect(event.get("[@metadata][input][snmp][host][community]")).to eq("public")
-        expect(event.get("host")).to eql('ip' => "127.0.0.1")
+        CONFIG
+        event = input(config) { |_, queue| queue.pop }
+
+        if ecs_select.active_mode == :disabled
+          expect(event.get("[@metadata][host_protocol]")).to eq("udp")
+          expect(event.get("[@metadata][host_address]")).to eq("127.0.0.1")
+          expect(event.get("[@metadata][host_port]")).to eq("161")
+          expect(event.get("[@metadata][host_community]")).to eq("public")
+          expect(event.get("host")).to eql("127.0.0.1")
+        else
+          expect(event.get("[@metadata][input][snmp][host][protocol]")).to eq("udp")
+          expect(event.get("[@metadata][input][snmp][host][address]")).to eq("127.0.0.1")
+          expect(event.get("[@metadata][input][snmp][host][port]")).to eq('161')
+          expect(event.get("[@metadata][input][snmp][host][community]")).to eq("public")
+          expect(event.get("host")).to eql('ip' => "127.0.0.1")
+        end
       end
-    end
 
-    it "should add custom host field (legacy metadata)" do
-      config = <<-CONFIG
+      it "should add custom host field (legacy metadata)" do
+        config = <<-CONFIG
           input {
             snmp {
               get => ["1.3.6.1.2.1.1.1.0"]
@@ -180,14 +183,14 @@ describe LogStash::Inputs::Snmp, :ecs_compatibility_support do
               add_field => { host => "%{[@metadata][host_protocol]}:%{[@metadata][host_address]}/%{[@metadata][host_port]},%{[@metadata][host_community]}" }
             }
           }
-      CONFIG
-      event = input(config) { |_, queue| queue.pop }
+        CONFIG
+        event = input(config) { |_, queue| queue.pop }
 
-      expect(event.get("host")).to eq("udp:127.0.0.1/161,public")
-    end if ecs_select.active_mode == :disabled
+        expect(event.get("host")).to eq("udp:127.0.0.1/161,public")
+      end if ecs_select.active_mode == :disabled
 
-    it "should add custom host field (ECS mode)" do
-      config = <<-CONFIG
+      it "should add custom host field (ECS mode)" do
+        config = <<-CONFIG
           input {
             snmp {
               get => ["1.3.6.1.2.1.1.1.0"]
@@ -195,14 +198,14 @@ describe LogStash::Inputs::Snmp, :ecs_compatibility_support do
               add_field => { "[host][formatted]" => "%{[@metadata][input][snmp][host][protocol]}://%{[@metadata][input][snmp][host][address]}:%{[@metadata][input][snmp][host][port]}" }
             }
           }
-      CONFIG
-      event = input(config) { |_, queue| queue.pop }
+        CONFIG
+        event = input(config) { |_, queue| queue.pop }
 
-      expect(event.get("host")).to eq('formatted' => "tcp://192.168.1.11:1161")
-    end if ecs_select.active_mode != :disabled
+        expect(event.get("host")).to eq('formatted' => "tcp://192.168.1.11:1161")
+      end if ecs_select.active_mode != :disabled
 
-    it "should target event data" do
-      config = <<-CONFIG
+      it "should target event data" do
+        config = <<-CONFIG
           input {
             snmp {
               get => ["1.3.6.1.2.1.1.1.0"]
@@ -210,12 +213,92 @@ describe LogStash::Inputs::Snmp, :ecs_compatibility_support do
               target => "snmp_data"
             }
           }
-      CONFIG
-      event = input(config) { |_, queue| queue.pop }
+        CONFIG
+        event = input(config) { |_, queue| queue.pop }
+
+        expect( event.include?('foo') ).to be false
+        expect( event.get('[snmp_data]') ).to eql 'foo' => 'bar'
+      end
+
+    end
+
+    context 'mocked nil get response' do
+
+      let(:config) do
+        {
+            'get' => ["1.3.6.1.2.1.1.1.0"],
+            "hosts" => [{"host" => "udp:127.0.0.1/161", "community" => "public"}]
+        }
+      end
+
+      let(:logger) { double("Logger").as_null_object }
+
+      before do
+        expect(mock_client).to receive(:get).once.and_return(nil)
+        allow_any_instance_of(described_class).to receive(:logger).and_return(logger)
+        expect(logger).not_to receive(:error)
+      end
+
+      it 'generates no events when client returns no response' do
+        input = described_class.new(config).tap { |input| input.register }
+        input.poll_clients queue = Queue.new
+
+        expect( queue.size ).to eql 0
+      end
+    end
+
+    context 'mocked nil table response' do
+
+      let(:config) do
+        {
+            'tables' => [
+                { 'name' => "a1Table", 'columns' => ["1.3.6.1.4.1.3375.2.2.5.2.3.1.1"] }
+            ],
+            "hosts" => [{"host" => "udp:127.0.0.1/161", "community" => "public"}]
+        }
+      end
+
+      let(:logger) { double("Logger").as_null_object }
 
-      expect( event.include?('foo') ).to be false
-      expect( event.get('[snmp_data]') ).to eql 'foo' => 'bar'
+      before do
+        expect(mock_client).to receive(:table).once.and_return(nil)
+        allow_any_instance_of(described_class).to receive(:logger).and_return(logger)
+        expect(logger).not_to receive(:error)
+      end
+
+      it 'generates no events when client returns no response' do
+        input = described_class.new(config).tap { |input| input.register }
+        input.poll_clients queue = Queue.new
+
+        expect( queue.size ).to eql 0
+      end
+    end
+
+    context 'mocked nil walk response' do
+
+      let(:config) do
+        {
+            'walk' => ["1.3.6.1.2.1.1"],
+            "hosts" => [{"host" => "udp:127.0.0.1/161", "community" => "public"}]
+        }
+      end
+
+      let(:logger) { double("Logger").as_null_object }
+
+      before do
+        expect(mock_client).to receive(:walk).once.and_return(nil)
+        allow_any_instance_of(described_class).to receive(:logger).and_return(logger)
+        expect(logger).not_to receive(:error)
+      end
+
+      it 'generates no events when client returns no response' do
+        input = described_class.new(config).tap { |input| input.register }
+        input.poll_clients queue = Queue.new
+
+        expect( queue.size ).to eql 0
+      end
     end
+
   end
 
   context "StoppableIntervalRunner" do
@@ -307,5 +390,28 @@ describe LogStash::Inputs::Snmp, :ecs_compatibility_support do
       end
     end
   end
+
+  context "close" do
+    let(:config) do
+      <<-CONFIG
+          input {
+            snmp {
+              get => ["1.3.6.1.2.1.1.1.0"]
+              hosts => [{host => "udp:127.0.0.1/161" community => "public"}]
+            }
+          }
+      CONFIG
+    end
+
+    before(:each) do
+      expect(LogStash::SnmpClient).to receive(:new).and_return(mock_client)
+      expect(mock_client).to receive(:get).and_return({"foo" => "bar"})
+    end
+
+    it "should call the close method upon termination" do
+      expect(mock_client).to receive(:close).once
+      input(config) { }
+    end
+  end
 end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-input-snmp
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.3.2
 platform: ruby
 authors:
 - Elasticsearch
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-11-19 00:00:00.000000000 Z
+date: 2023-06-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -483,7 +483,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.2.33
 signing_key:
 specification_version: 4
 summary: SNMP input plugin