logstash-input-syslog 3.0.2 → 3.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -0
  3. data/lib/logstash/inputs/syslog.rb +12 -2
  4. data/logstash-input-syslog.gemspec +1 -1
  5. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d5f851e261ff56bc58c16959d22c604441514eb5
4
- data.tar.gz: 14a2a92213be5bac42ad94e7c45fc94e3924c78c
3
+ metadata.gz: 0b55d82ad51230835773338aee830938b0598eab
4
+ data.tar.gz: bc94cbd60d89897f55f6911198e2838c49bdb301
5
5
  SHA512:
6
- metadata.gz: 15b23da2e42ca0f181a16f64221252b825916c676f0249fd34c8fe461b83f43348a1c09e18b4520a5b0bf56d0c7443b2fc7396f82ec0581b9e08f8f4412426c6
7
- data.tar.gz: 22b08401ea543afbe9d01091a6b7807c1157e28dfc0445b67b0212477cf16f176548d28977fa6014be8b90ed0133b2eb61607513dba714b6199e81de0f1da93d
6
+ metadata.gz: f63fcdd232e1e461f4e94c5dac383971087bb2c76173e5f4a86230778b089124249e2e82e19cb53709c465c4e2f440247b5689ccd478c27f5a61972f57366aa8
7
+ data.tar.gz: 2b6726b6d2d9bfa736330e64a771d17c7192f35eee612e7aa6da355f623bc0b9c1ba2b9a0159b4cdc8901c9787c035739175fde77b9080237048e05ffcc4089f
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ ## 3.1.1
2
+ - Move one log message from info to debug to avoid noise
3
+
4
+ ## 3.1.0
5
+ - Add metrics for events, messages received, errors and connections attemps happening during execution time.
6
+
1
7
  ## 3.0.2
2
8
  - Relax constraint on logstash-core-plugin-api to >= 1.60 <= 2.99
3
9
 
data/lib/logstash/inputs/syslog.rb CHANGED
@@ -71,6 +71,7 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
71
71
 
72
72
  public
73
73
  def register
74
+ @metric_errors = metric.namespace(:errors)
74
75
  require "thread_safe"
75
76
  @grok_filter = LogStash::Filters::Grok.new(
76
77
  "overwrite" => "message",
@@ -118,6 +119,7 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
118
119
  rescue => e
119
120
  if !stop?
120
121
  @logger.warn("syslog listener died", :protocol => protocol, :address => "#{@host}:#{@port}", :exception => e, :backtrace => e.backtrace)
122
+ @metric_errors.increment(:listener)
121
123
  Stud.stoppable_sleep(5) { stop? }
122
124
  retry
123
125
  end
@@ -136,6 +138,7 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
136
138
 
137
139
  while !stop?
138
140
  payload, client = @udp.recvfrom(9000)
141
+ metric.increment(:messages_received)
139
142
  decode(client[3], output_queue, payload)
140
143
  end
141
144
  ensure
@@ -154,6 +157,7 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
154
157
  while !stop?
155
158
  socket = @tcp.accept
156
159
  @tcp_sockets << socket
160
+ metric.increment(:connections)
157
161
 
158
162
  Thread.new(output_queue, socket) do |output_queue, socket|
159
163
  tcp_receiver(output_queue, socket)
@@ -170,7 +174,10 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
170
174
  @logger.info("new connection", :client => "#{ip}:#{port}")
171
175
  LogStash::Util::set_thread_name("input|syslog|tcp|#{ip}:#{port}}")
172
176
 
173
- socket.each { |line| decode(ip, output_queue, line) }
177
+ socket.each do |line|
178
+ metric.increment(:messages_received)
179
+ decode(ip, output_queue, line)
180
+ end
174
181
  rescue Errno::ECONNRESET
175
182
  # swallow connection reset exceptions to avoid bubling up the tcp_listener & server
176
183
  ensure
@@ -185,10 +192,12 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
185
192
  event.set("host", host)
186
193
  syslog_relay(event)
187
194
  output_queue << event
195
+ metric.increment(:events)
188
196
  end
189
197
  rescue => e
190
198
  # swallow and log all decoding exceptions, these will never be socket related
191
199
  @logger.error("Error decoding data", :data => data.inspect, :exception => e, :backtrace => e.backtrace)
200
+ @metric_errors.increment(:decoding)
192
201
  end
193
202
 
194
203
  public
@@ -238,13 +247,14 @@ class LogStash::Inputs::Syslog < LogStash::Inputs::Base
238
247
  event.set("timestamp", event.get("timestamp8601")) if event.include?("timestamp8601")
239
248
  @date_filter.filter(event)
240
249
  else
241
- @logger.info? && @logger.info("NOT SYSLOG", :message => event.get("message"))
250
+ @logger.debug? && @logger.debug("NOT SYSLOG", :message => event.get("message"))
242
251
 
243
252
  # RFC3164 says unknown messages get pri=13
244
253
  priority = 13
245
254
  event.set("priority", 13)
246
255
  event.set("severity", 5) # 13 & 7 == 5
247
256
  event.set("facility", 1) # 13 >> 3 == 1
257
+ metric.increment(:unknown_messages)
248
258
  end
249
259
 
250
260
  # Apply severity and facility metadata if
data/logstash-input-syslog.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'logstash-input-syslog'
4
- s.version = '3.0.2'
4
+ s.version = '3.1.1'
5
5
  s.licenses = ['Apache License (2.0)']
6
6
  s.summary = "Read syslog messages as events over the network."
7
7
  s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-input-syslog
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.2
4
+ version: 3.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elastic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-07-14 00:00:00.000000000 Z
11
+ date: 2016-09-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -171,7 +171,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
171
171
  version: '0'
172
172
  requirements: []
173
173
  rubyforge_project:
174
- rubygems_version: 2.6.3
174
+ rubygems_version: 2.4.8
175
175
  signing_key:
176
176
  specification_version: 4
177
177
  summary: Read syslog messages as events over the network.