logstash-input-syslog 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/logstash-input-syslog.gemspec +1 -1
  3. data/spec/inputs/syslog_spec.rb +37 -71
  4. metadata +24 -24
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 10f8774fbf6c7be89f8e9539908c71ddb1e18ff7
4
- data.tar.gz: cc2699490d4266e5f56867816bd3116eec362c33
3
+ metadata.gz: 22db335a4b8f2c0ac93956e7c69a3fc53096c0ca
4
+ data.tar.gz: d39214064761b9e4b0b7de0d4f96998e856bc497
5
5
  SHA512:
6
- metadata.gz: e7b8e4d975964e96bf59dc47aa7b909c68b1e0e5b61daae966124216769a44a68fbee4afa386fd6ba963e020b2ba1831bcf8f4485c95dd99f8a8e1b323e4b651
7
- data.tar.gz: 5e22749a8e46b2d256dae946febcb9c820ba2a3b25c895d0a73fa610be75ca4b8de229daef422448cbc15a4e1bdd1940d6ff8dbb8812c420a4f9ff89907e47a9
6
+ metadata.gz: dbbfe415524aeac3357c90cd584ae814a142fd5ec71f42d03238e1eb29153c28344d6c2540852eec8bf37745679474e161c15d5447c733354d53bad5a1a16548
7
+ data.tar.gz: 15dfa744c469e63a0b7dd7652e49a249676f5ef822046c3e838473bd0917c67177bb5894e84696904783a853cc21e57bd7980cb4585db512d70fb4de30b9610b
data/logstash-input-syslog.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'logstash-input-syslog'
4
- s.version = '0.1.3'
4
+ s.version = '0.1.4'
5
5
  s.licenses = ['Apache License (2.0)']
6
6
  s.summary = "Read syslog messages as events over the network."
7
7
  s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
data/spec/inputs/syslog_spec.rb CHANGED
@@ -8,11 +8,10 @@ require "socket"
8
8
  describe "inputs/syslog" do
9
9
  SYSLOG_LINE = "<164>Oct 26 15:19:25 1.2.3.4 %ASA-4-106023: Deny udp src DRAC:10.1.2.3/43434 dst outside:192.168.0.1/53 by access-group \"acl_drac\" [0x0, 0x0]"
10
10
 
11
- describe "should properly handle priority, severity and facilities" do
11
+ it "should properly handle priority, severity and facilities" do
12
12
  port = 5511
13
13
  event_count = 10
14
-
15
- config <<-CONFIG
14
+ conf = <<-CONFIG
16
15
  input {
17
16
  syslog {
18
17
  type => "blah"
@@ -21,38 +20,28 @@ describe "inputs/syslog" do
21
20
  }
22
21
  CONFIG
23
22
 
24
- input do |pipeline, queue|
25
- t = Thread.new { pipeline.run }
26
- sleep 0.1 while !pipeline.ready?
27
-
23
+ events = input(conf) do |pipeline, queue|
28
24
  socket = Stud.try(5.times) { TCPSocket.new("127.0.0.1", port) }
29
25
  event_count.times do |i|
30
26
  socket.puts(SYSLOG_LINE)
31
27
  end
32
28
  socket.close
33
29
 
34
- events = event_count.times.collect { queue.pop }
35
-
36
- # important to shutdown here before any assertion so that the pipeline + socket
37
- # cleanups are correctly done before any potential spec error that would result
38
- # in aborting execution and not doing the cleanup.
39
- pipeline.shutdown
40
- t.join
30
+ event_count.times.collect { queue.pop }
31
+ end
41
32
 
42
- insist { events.length } == event_count
43
- events.each do |event|
44
- insist { event["priority"] } == 164
45
- insist { event["severity"] } == 4
46
- insist { event["facility"] } == 20
47
- end
33
+ insist { events.length } == event_count
34
+ events.each do |event|
35
+ insist { event["priority"] } == 164
36
+ insist { event["severity"] } == 4
37
+ insist { event["facility"] } == 20
48
38
  end
49
39
  end
50
40
 
51
- describe "should add unique tag when grok parsing fails with live syslog input" do
41
+ it "should add unique tag when grok parsing fails with live syslog input" do
52
42
  port = 5511
53
43
  event_count = 10
54
-
55
- config <<-CONFIG
44
+ conf = <<-CONFIG
56
45
  input {
57
46
  syslog {
58
47
  type => "blah"
@@ -61,36 +50,27 @@ describe "inputs/syslog" do
61
50
  }
62
51
  CONFIG
63
52
 
64
- input do |pipeline, queue|
65
- t = Thread.new { pipeline.run }
66
- sleep 0.1 while !pipeline.ready?
67
-
53
+ events = input(conf) do |pipeline, queue|
68
54
  socket = Stud.try(5.times) { TCPSocket.new("127.0.0.1", port) }
69
55
  event_count.times do |i|
70
56
  socket.puts("message which causes the a grok parse failure")
71
57
  end
72
58
  socket.close
73
59
 
74
- events = event_count.times.collect { queue.pop }
75
-
76
- # important to shutdown here before any assertion so that the pipeline + socket
77
- # cleanups are correctly done before any potential spec error that would result
78
- # in aborting execution and not doing the cleanup.
79
- pipeline.shutdown
80
- t.join
60
+ event_count.times.collect { queue.pop }
61
+ end
81
62
 
82
- insist { events.length } == event_count
83
- event_count.times do |i|
84
- insist { events[i]["tags"] } == ["_grokparsefailure_sysloginput"]
85
- end
63
+ insist { events.length } == event_count
64
+ event_count.times do |i|
65
+ insist { events[i]["tags"] } == ["_grokparsefailure_sysloginput"]
86
66
  end
87
67
  end
88
68
 
89
- describe "should properly handle locale and timezone" do
69
+ it "should properly handle locale and timezone" do
90
70
  port = 5511
91
71
  event_count = 10
92
72
 
93
- config <<-CONFIG
73
+ conf = <<-CONFIG
94
74
  input {
95
75
  syslog {
96
76
  type => "blah"
@@ -101,35 +81,26 @@ describe "inputs/syslog" do
101
81
  }
102
82
  CONFIG
103
83
 
104
- input do |pipeline, queue|
105
- t = Thread.new { pipeline.run }
106
- sleep 0.1 while !pipeline.ready?
107
-
84
+ events = input(conf) do |pipeline, queue|
108
85
  socket = Stud.try(5.times) { TCPSocket.new("127.0.0.1", port) }
109
86
  event_count.times do |i|
110
87
  socket.puts(SYSLOG_LINE)
111
88
  end
112
89
  socket.close
113
90
 
114
- events = event_count.times.collect { queue.pop }
115
-
116
- # important to shutdown here before any assertion so that the pipeline + socket
117
- # cleanups are correctly done before any potential spec error that would result
118
- # in aborting execution and not doing the cleanup.
119
- pipeline.shutdown
120
- t.join
91
+ event_count.times.collect { queue.pop }
92
+ end
121
93
 
122
- insist { events.length } == event_count
123
- events.each do |event|
124
- insist { event["@timestamp"].to_iso8601 } == "#{Time.now.year}-10-26T15:19:25.000Z"
125
- end
94
+ insist { events.length } == event_count
95
+ events.each do |event|
96
+ insist { event["@timestamp"].to_iso8601 } == "#{Time.now.year}-10-26T15:19:25.000Z"
126
97
  end
127
98
  end
128
99
 
129
- describe "should properly handle no locale and no timezone" do
100
+ it "should properly handle no locale and no timezone" do
130
101
  port = 5511
131
102
 
132
- config <<-CONFIG
103
+ conf = <<-CONFIG
133
104
  input {
134
105
  syslog {
135
106
  type => "blah"
@@ -138,25 +109,16 @@ describe "inputs/syslog" do
138
109
  }
139
110
  CONFIG
140
111
 
141
- input do |pipeline, queue|
142
- t = Thread.new { pipeline.run }
143
- sleep 0.1 while !pipeline.ready?
144
-
112
+ event = input(conf) do |pipeline, queue|
145
113
  socket = Stud.try(5.times) { TCPSocket.new("127.0.0.1", port) }
146
114
  socket.puts(SYSLOG_LINE)
147
115
  socket.close
148
116
 
149
- event = queue.pop
150
-
151
- # important to shutdown here before any assertion so that the pipeline + socket
152
- # cleanups are correctly done before any potential spec error that would result
153
- # in aborting execution and not doing the cleanup.
154
- pipeline.shutdown
155
- t.join
156
-
157
- # chances platform timezone is not UTC so ignore the hours
158
- insist { event["@timestamp"].to_iso8601 } =~ /#{Time.now.year}-10-26T\d\d:19:25.000Z/
117
+ queue.pop
159
118
  end
119
+
120
+ # chances platform timezone is not UTC so ignore the hours
121
+ insist { event["@timestamp"].to_iso8601 } =~ /#{Time.now.year}-10-26T\d\d:19:25.000Z/
160
122
  end
161
123
 
162
124
  it "should support non UTC timezone" do
@@ -168,6 +130,8 @@ describe "inputs/syslog" do
168
130
  syslog_event = LogStash::Event.new({ "message" => "<164>Oct 26 15:19:25 1.2.3.4 %ASA-4-106023: Deny udp src DRAC:10.1.2.3/43434" })
169
131
  input.syslog_relay(syslog_event)
170
132
  insist { syslog_event["@timestamp"].to_iso8601 } == "#{Time.now.year}-10-26T20:19:25.000Z"
133
+
134
+ input.teardown
171
135
  end
172
136
 
173
137
  it "should add unique tag when grok parsing fails" do
@@ -184,6 +148,8 @@ describe "inputs/syslog" do
184
148
  insist { syslog_event["priority"] } == 164
185
149
  insist { syslog_event["severity"] } == 4
186
150
  insist { syslog_event["tags"] } == nil
151
+
152
+ input.teardown
187
153
  end
188
154
 
189
155
  end
metadata CHANGED
@@ -1,17 +1,18 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-input-syslog
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.3
4
+ version: 0.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elasticsearch
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-02-26 00:00:00.000000000 Z
11
+ date: 2015-04-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- requirement: !ruby/object:Gem::Requirement
14
+ name: logstash-core
15
+ version_requirements: !ruby/object:Gem::Requirement
15
16
  requirements:
16
17
  - - '>='
17
18
  - !ruby/object:Gem::Version
@@ -19,10 +20,7 @@ dependencies:
19
20
  - - <
20
21
  - !ruby/object:Gem::Version
21
22
  version: 2.0.0
22
- name: logstash-core
23
- prerelease: false
24
- type: :runtime
25
- version_requirements: !ruby/object:Gem::Requirement
23
+ requirement: !ruby/object:Gem::Requirement
26
24
  requirements:
27
25
  - - '>='
28
26
  - !ruby/object:Gem::Version
@@ -30,90 +28,92 @@ dependencies:
30
28
  - - <
31
29
  - !ruby/object:Gem::Version
32
30
  version: 2.0.0
31
+ prerelease: false
32
+ type: :runtime
33
33
  - !ruby/object:Gem::Dependency
34
+ name: concurrent-ruby
35
+ version_requirements: !ruby/object:Gem::Requirement
36
+ requirements:
37
+ - - '>='
38
+ - !ruby/object:Gem::Version
39
+ version: '0'
34
40
  requirement: !ruby/object:Gem::Requirement
35
41
  requirements:
36
42
  - - '>='
37
43
  - !ruby/object:Gem::Version
38
44
  version: '0'
39
- name: concurrent-ruby
40
45
  prerelease: false
41
46
  type: :runtime
47
+ - !ruby/object:Gem::Dependency
48
+ name: thread_safe
42
49
  version_requirements: !ruby/object:Gem::Requirement
43
50
  requirements:
44
51
  - - '>='
45
52
  - !ruby/object:Gem::Version
46
53
  version: '0'
47
- - !ruby/object:Gem::Dependency
48
54
  requirement: !ruby/object:Gem::Requirement
49
55
  requirements:
50
56
  - - '>='
51
57
  - !ruby/object:Gem::Version
52
58
  version: '0'
53
- name: thread_safe
54
59
  prerelease: false
55
60
  type: :runtime
61
+ - !ruby/object:Gem::Dependency
62
+ name: logstash-codec-plain
56
63
  version_requirements: !ruby/object:Gem::Requirement
57
64
  requirements:
58
65
  - - '>='
59
66
  - !ruby/object:Gem::Version
60
67
  version: '0'
61
- - !ruby/object:Gem::Dependency
62
68
  requirement: !ruby/object:Gem::Requirement
63
69
  requirements:
64
70
  - - '>='
65
71
  - !ruby/object:Gem::Version
66
72
  version: '0'
67
- name: logstash-codec-plain
68
73
  prerelease: false
69
74
  type: :runtime
75
+ - !ruby/object:Gem::Dependency
76
+ name: logstash-filter-grok
70
77
  version_requirements: !ruby/object:Gem::Requirement
71
78
  requirements:
72
79
  - - '>='
73
80
  - !ruby/object:Gem::Version
74
81
  version: '0'
75
- - !ruby/object:Gem::Dependency
76
82
  requirement: !ruby/object:Gem::Requirement
77
83
  requirements:
78
84
  - - '>='
79
85
  - !ruby/object:Gem::Version
80
86
  version: '0'
81
- name: logstash-filter-grok
82
87
  prerelease: false
83
88
  type: :runtime
89
+ - !ruby/object:Gem::Dependency
90
+ name: logstash-filter-date
84
91
  version_requirements: !ruby/object:Gem::Requirement
85
92
  requirements:
86
93
  - - '>='
87
94
  - !ruby/object:Gem::Version
88
95
  version: '0'
89
- - !ruby/object:Gem::Dependency
90
96
  requirement: !ruby/object:Gem::Requirement
91
97
  requirements:
92
98
  - - '>='
93
99
  - !ruby/object:Gem::Version
94
100
  version: '0'
95
- name: logstash-filter-date
96
101
  prerelease: false
97
102
  type: :runtime
103
+ - !ruby/object:Gem::Dependency
104
+ name: logstash-devutils
98
105
  version_requirements: !ruby/object:Gem::Requirement
99
106
  requirements:
100
107
  - - '>='
101
108
  - !ruby/object:Gem::Version
102
109
  version: '0'
103
- - !ruby/object:Gem::Dependency
104
110
  requirement: !ruby/object:Gem::Requirement
105
111
  requirements:
106
112
  - - '>='
107
113
  - !ruby/object:Gem::Version
108
114
  version: '0'
109
- name: logstash-devutils
110
115
  prerelease: false
111
116
  type: :development
112
- version_requirements: !ruby/object:Gem::Requirement
113
- requirements:
114
- - - '>='
115
- - !ruby/object:Gem::Version
116
- version: '0'
117
117
  description: This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program
118
118
  email: info@elasticsearch.com
119
119
  executables: []
@@ -151,7 +151,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
151
151
  version: '0'
152
152
  requirements: []
153
153
  rubyforge_project:
154
- rubygems_version: 2.4.5
154
+ rubygems_version: 2.1.9
155
155
  signing_key:
156
156
  specification_version: 4
157
157
  summary: Read syslog messages as events over the network.