RubyGems - logstash-input-syslog - Versions diffs - 3.0.2 → 3.1.1 - Mend

logstash-input-syslog 3.0.2 → 3.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +6 -0
data/lib/logstash/inputs/syslog.rb +12 -2
data/logstash-input-syslog.gemspec +1 -1
metadata +3 -3

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d5f851e261ff56bc58c16959d22c604441514eb5
-  data.tar.gz: 14a2a92213be5bac42ad94e7c45fc94e3924c78c
+  metadata.gz: 0b55d82ad51230835773338aee830938b0598eab
+  data.tar.gz: bc94cbd60d89897f55f6911198e2838c49bdb301
 SHA512:
-  metadata.gz: 15b23da2e42ca0f181a16f64221252b825916c676f0249fd34c8fe461b83f43348a1c09e18b4520a5b0bf56d0c7443b2fc7396f82ec0581b9e08f8f4412426c6
-  data.tar.gz: 22b08401ea543afbe9d01091a6b7807c1157e28dfc0445b67b0212477cf16f176548d28977fa6014be8b90ed0133b2eb61607513dba714b6199e81de0f1da93d
+  metadata.gz: f63fcdd232e1e461f4e94c5dac383971087bb2c76173e5f4a86230778b089124249e2e82e19cb53709c465c4e2f440247b5689ccd478c27f5a61972f57366aa8
+  data.tar.gz: 2b6726b6d2d9bfa736330e64a771d17c7192f35eee612e7aa6da355f623bc0b9c1ba2b9a0159b4cdc8901c9787c035739175fde77b9080237048e05ffcc4089f

data/CHANGELOG.md CHANGED

@@ -1,3 +1,9 @@
+## 3.1.1
+  - Move one log message from info to debug to avoid noise
+## 3.1.0
+  - Add metrics for events, messages received, errors and connections attemps happening during execution time.
 ## 3.0.2
   - Relax constraint on logstash-core-plugin-api to >= 1.60 <= 2.99

data/lib/logstash/inputs/syslog.rb CHANGED

@@ -71,6 +71,7 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
   public
   def register
+    @metric_errors = metric.namespace(:errors)
     require "thread_safe"
     @grok_filter = LogStash::Filters::Grok.new(
       "overwrite" => "message",
@@ -118,6 +119,7 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
   rescue => e
     if !stop?
       @logger.warn("syslog listener died", :protocol => protocol, :address => "#{@host}:#{@port}", :exception => e, :backtrace => e.backtrace)
+      @metric_errors.increment(:listener)
       Stud.stoppable_sleep(5) { stop? }
       retry
     end
@@ -136,6 +138,7 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
     while !stop?
       payload, client = @udp.recvfrom(9000)
+      metric.increment(:messages_received)
       decode(client[3], output_queue, payload)
     end
   ensure
@@ -154,6 +157,7 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
     while !stop?
       socket = @tcp.accept
       @tcp_sockets << socket
+      metric.increment(:connections)
       Thread.new(output_queue, socket) do |output_queue, socket|
         tcp_receiver(output_queue, socket)
@@ -170,7 +174,10 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
     @logger.info("new connection", :client => "#{ip}:#{port}")
     LogStash::Util::set_thread_name("input|syslog|tcp|#{ip}:#{port}}")
-    socket.each { |line| decode(ip, output_queue, line) }
+    socket.each do |line|
+      metric.increment(:messages_received)
+      decode(ip, output_queue, line)
+    end
   rescue Errno::ECONNRESET
     # swallow connection reset exceptions to avoid bubling up the tcp_listener & server
   ensure
@@ -185,10 +192,12 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
       event.set("host", host)
       syslog_relay(event)
       output_queue << event
+      metric.increment(:events)
     end
   rescue => e
     # swallow and log all decoding exceptions, these will never be socket related
     @logger.error("Error decoding data", :data => data.inspect, :exception => e, :backtrace => e.backtrace)
+    @metric_errors.increment(:decoding)
   end
   public
@@ -238,13 +247,14 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
       event.set("timestamp", event.get("timestamp8601")) if event.include?("timestamp8601")
       @date_filter.filter(event)
     else
-      @logger.info? && @logger.info("NOT SYSLOG", :message => event.get("message"))
+      @logger.debug? && @logger.debug("NOT SYSLOG", :message => event.get("message"))
       # RFC3164 says unknown messages get pri=13
       priority = 13
       event.set("priority", 13)
       event.set("severity", 5)   # 13 & 7 == 5
       event.set("facility", 1)   # 13 >> 3 == 1
+      metric.increment(:unknown_messages)
     end
     # Apply severity and facility metadata if

data/logstash-input-syslog.gemspec CHANGED

@@ -1,7 +1,7 @@
 Gem::Specification.new do |s|
   s.name            = 'logstash-input-syslog'
-  s.version         = '3.0.2'
+  s.version         = '3.1.1'
   s.licenses        = ['Apache License (2.0)']
   s.summary         = "Read syslog messages as events over the network."
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-input-syslog
 version: !ruby/object:Gem::Version
-  version: 3.0.2
+  version: 3.1.1
 platform: ruby
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-07-14 00:00:00.000000000 Z
+date: 2016-09-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -171,7 +171,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.3
+rubygems_version: 2.4.8
 signing_key:
 specification_version: 4
 summary: Read syslog messages as events over the network.