RubyGems - logstash-lib - Versions diffs - 1.3.2 - Mend

logstash-lib 1.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (419) hide show

data/.gitignore +24 -0
data/.tailor +8 -0
data/.travis.yml +12 -0
data/CHANGELOG +1185 -0
data/CONTRIBUTING.md +61 -0
data/CONTRIBUTORS +79 -0
data/LICENSE +14 -0
data/Makefile +460 -0
data/README.md +120 -0
data/STYLE.md +96 -0
data/bin/logstash +37 -0
data/bin/logstash-test +4 -0
data/bin/logstash-web +4 -0
data/bin/logstash.lib.sh +78 -0
data/bot/check_pull_changelog.rb +89 -0
data/docs/configuration.md +260 -0
data/docs/docgen.rb +242 -0
data/docs/extending/example-add-a-new-filter.md +121 -0
data/docs/extending/index.md +91 -0
data/docs/flags.md +43 -0
data/docs/generate_index.rb +28 -0
data/docs/index.html.erb +56 -0
data/docs/learn.md +46 -0
data/docs/life-of-an-event.md +109 -0
data/docs/logging-tool-comparisons.md +60 -0
data/docs/plugin-doc.html.erb +91 -0
data/docs/plugin-milestones.md +41 -0
data/docs/plugin-synopsis.html.erb +24 -0
data/docs/release-engineering.md +46 -0
data/docs/release-test-results.md +14 -0
data/docs/repositories.md +35 -0
data/docs/tutorials/10-minute-walkthrough/apache-elasticsearch.conf +35 -0
data/docs/tutorials/10-minute-walkthrough/apache-parse.conf +33 -0
data/docs/tutorials/10-minute-walkthrough/apache_log.1 +1 -0
data/docs/tutorials/10-minute-walkthrough/apache_log.2.bz2 +0 -0
data/docs/tutorials/10-minute-walkthrough/hello-search.conf +25 -0
data/docs/tutorials/10-minute-walkthrough/hello.conf +16 -0
data/docs/tutorials/10-minute-walkthrough/index.md +124 -0
data/docs/tutorials/10-minute-walkthrough/step-5-output.txt +17 -0
data/docs/tutorials/getting-started-centralized-overview-diagram.png +0 -0
data/docs/tutorials/getting-started-centralized-overview-diagram.xml +1 -0
data/docs/tutorials/getting-started-centralized.md +217 -0
data/docs/tutorials/getting-started-simple.md +200 -0
data/docs/tutorials/just-enough-rabbitmq-for-logstash.md +201 -0
data/docs/tutorials/media/frontend-response-codes.png +0 -0
data/docs/tutorials/metrics-from-logs.md +84 -0
data/docs/tutorials/zeromq.md +118 -0
data/extract_services.rb +29 -0
data/gembag.rb +64 -0
data/lib/logstash-event.rb +2 -0
data/lib/logstash.rb +4 -0
data/lib/logstash/JRUBY-6970-openssl.rb +22 -0
data/lib/logstash/JRUBY-6970.rb +102 -0
data/lib/logstash/agent.rb +305 -0
data/lib/logstash/certs/cacert.pem +3895 -0
data/lib/logstash/codecs/base.rb +49 -0
data/lib/logstash/codecs/compress_spooler.rb +50 -0
data/lib/logstash/codecs/dots.rb +18 -0
data/lib/logstash/codecs/edn.rb +28 -0
data/lib/logstash/codecs/edn_lines.rb +36 -0
data/lib/logstash/codecs/fluent.rb +55 -0
data/lib/logstash/codecs/graphite.rb +114 -0
data/lib/logstash/codecs/json.rb +41 -0
data/lib/logstash/codecs/json_lines.rb +52 -0
data/lib/logstash/codecs/json_spooler.rb +22 -0
data/lib/logstash/codecs/line.rb +58 -0
data/lib/logstash/codecs/msgpack.rb +43 -0
data/lib/logstash/codecs/multiline.rb +189 -0
data/lib/logstash/codecs/netflow.rb +342 -0
data/lib/logstash/codecs/netflow/util.rb +212 -0
data/lib/logstash/codecs/noop.rb +19 -0
data/lib/logstash/codecs/oldlogstashjson.rb +56 -0
data/lib/logstash/codecs/plain.rb +48 -0
data/lib/logstash/codecs/rubydebug.rb +22 -0
data/lib/logstash/codecs/spool.rb +38 -0
data/lib/logstash/config/Makefile +4 -0
data/lib/logstash/config/config_ast.rb +380 -0
data/lib/logstash/config/file.rb +39 -0
data/lib/logstash/config/grammar.rb +3504 -0
data/lib/logstash/config/grammar.treetop +241 -0
data/lib/logstash/config/mixin.rb +464 -0
data/lib/logstash/config/registry.rb +13 -0
data/lib/logstash/config/test.conf +18 -0
data/lib/logstash/errors.rb +10 -0
data/lib/logstash/event.rb +262 -0
data/lib/logstash/filters/advisor.rb +178 -0
data/lib/logstash/filters/alter.rb +173 -0
data/lib/logstash/filters/anonymize.rb +93 -0
data/lib/logstash/filters/base.rb +190 -0
data/lib/logstash/filters/checksum.rb +50 -0
data/lib/logstash/filters/cidr.rb +76 -0
data/lib/logstash/filters/cipher.rb +145 -0
data/lib/logstash/filters/clone.rb +35 -0
data/lib/logstash/filters/collate.rb +114 -0
data/lib/logstash/filters/csv.rb +94 -0
data/lib/logstash/filters/date.rb +244 -0
data/lib/logstash/filters/dns.rb +201 -0
data/lib/logstash/filters/drop.rb +32 -0
data/lib/logstash/filters/elapsed.rb +256 -0
data/lib/logstash/filters/elasticsearch.rb +73 -0
data/lib/logstash/filters/environment.rb +27 -0
data/lib/logstash/filters/extractnumbers.rb +84 -0
data/lib/logstash/filters/gelfify.rb +52 -0
data/lib/logstash/filters/geoip.rb +145 -0
data/lib/logstash/filters/grep.rb +153 -0
data/lib/logstash/filters/grok.rb +425 -0
data/lib/logstash/filters/grokdiscovery.rb +75 -0
data/lib/logstash/filters/i18n.rb +51 -0
data/lib/logstash/filters/json.rb +90 -0
data/lib/logstash/filters/json_encode.rb +52 -0
data/lib/logstash/filters/kv.rb +232 -0
data/lib/logstash/filters/metaevent.rb +68 -0
data/lib/logstash/filters/metrics.rb +237 -0
data/lib/logstash/filters/multiline.rb +241 -0
data/lib/logstash/filters/mutate.rb +399 -0
data/lib/logstash/filters/noop.rb +21 -0
data/lib/logstash/filters/prune.rb +149 -0
data/lib/logstash/filters/punct.rb +32 -0
data/lib/logstash/filters/railsparallelrequest.rb +86 -0
data/lib/logstash/filters/range.rb +142 -0
data/lib/logstash/filters/ruby.rb +42 -0
data/lib/logstash/filters/sleep.rb +111 -0
data/lib/logstash/filters/split.rb +64 -0
data/lib/logstash/filters/sumnumbers.rb +73 -0
data/lib/logstash/filters/syslog_pri.rb +107 -0
data/lib/logstash/filters/translate.rb +121 -0
data/lib/logstash/filters/unique.rb +29 -0
data/lib/logstash/filters/urldecode.rb +57 -0
data/lib/logstash/filters/useragent.rb +112 -0
data/lib/logstash/filters/uuid.rb +58 -0
data/lib/logstash/filters/xml.rb +139 -0
data/lib/logstash/filters/zeromq.rb +123 -0
data/lib/logstash/filterworker.rb +122 -0
data/lib/logstash/inputs/base.rb +125 -0
data/lib/logstash/inputs/collectd.rb +306 -0
data/lib/logstash/inputs/drupal_dblog.rb +323 -0
data/lib/logstash/inputs/drupal_dblog/jdbcconnection.rb +66 -0
data/lib/logstash/inputs/elasticsearch.rb +140 -0
data/lib/logstash/inputs/eventlog.rb +129 -0
data/lib/logstash/inputs/eventlog/racob_fix.rb +44 -0
data/lib/logstash/inputs/exec.rb +69 -0
data/lib/logstash/inputs/file.rb +146 -0
data/lib/logstash/inputs/ganglia.rb +127 -0
data/lib/logstash/inputs/ganglia/gmondpacket.rb +146 -0
data/lib/logstash/inputs/ganglia/xdr.rb +327 -0
data/lib/logstash/inputs/gelf.rb +138 -0
data/lib/logstash/inputs/gemfire.rb +222 -0
data/lib/logstash/inputs/generator.rb +97 -0
data/lib/logstash/inputs/graphite.rb +41 -0
data/lib/logstash/inputs/heroku.rb +51 -0
data/lib/logstash/inputs/imap.rb +136 -0
data/lib/logstash/inputs/irc.rb +84 -0
data/lib/logstash/inputs/log4j.rb +136 -0
data/lib/logstash/inputs/lumberjack.rb +53 -0
data/lib/logstash/inputs/pipe.rb +57 -0
data/lib/logstash/inputs/rabbitmq.rb +126 -0
data/lib/logstash/inputs/rabbitmq/bunny.rb +118 -0
data/lib/logstash/inputs/rabbitmq/hot_bunnies.rb +1 -0
data/lib/logstash/inputs/rabbitmq/march_hare.rb +129 -0
data/lib/logstash/inputs/redis.rb +263 -0
data/lib/logstash/inputs/relp.rb +106 -0
data/lib/logstash/inputs/s3.rb +279 -0
data/lib/logstash/inputs/snmptrap.rb +87 -0
data/lib/logstash/inputs/sqlite.rb +185 -0
data/lib/logstash/inputs/sqs.rb +172 -0
data/lib/logstash/inputs/stdin.rb +46 -0
data/lib/logstash/inputs/stomp.rb +84 -0
data/lib/logstash/inputs/syslog.rb +237 -0
data/lib/logstash/inputs/tcp.rb +231 -0
data/lib/logstash/inputs/threadable.rb +18 -0
data/lib/logstash/inputs/twitter.rb +82 -0
data/lib/logstash/inputs/udp.rb +81 -0
data/lib/logstash/inputs/unix.rb +163 -0
data/lib/logstash/inputs/varnishlog.rb +48 -0
data/lib/logstash/inputs/websocket.rb +50 -0
data/lib/logstash/inputs/wmi.rb +72 -0
data/lib/logstash/inputs/xmpp.rb +81 -0
data/lib/logstash/inputs/zenoss.rb +143 -0
data/lib/logstash/inputs/zeromq.rb +165 -0
data/lib/logstash/kibana.rb +113 -0
data/lib/logstash/loadlibs.rb +9 -0
data/lib/logstash/logging.rb +89 -0
data/lib/logstash/monkeypatches-for-bugs.rb +2 -0
data/lib/logstash/monkeypatches-for-debugging.rb +47 -0
data/lib/logstash/monkeypatches-for-performance.rb +66 -0
data/lib/logstash/multiqueue.rb +53 -0
data/lib/logstash/namespace.rb +16 -0
data/lib/logstash/outputs/base.rb +120 -0
data/lib/logstash/outputs/boundary.rb +116 -0
data/lib/logstash/outputs/circonus.rb +78 -0
data/lib/logstash/outputs/cloudwatch.rb +351 -0
data/lib/logstash/outputs/csv.rb +55 -0
data/lib/logstash/outputs/datadog.rb +93 -0
data/lib/logstash/outputs/datadog_metrics.rb +123 -0
data/lib/logstash/outputs/elasticsearch.rb +332 -0
data/lib/logstash/outputs/elasticsearch/elasticsearch-template.json +44 -0
data/lib/logstash/outputs/elasticsearch_http.rb +256 -0
data/lib/logstash/outputs/elasticsearch_river.rb +214 -0
data/lib/logstash/outputs/email.rb +299 -0
data/lib/logstash/outputs/exec.rb +40 -0
data/lib/logstash/outputs/file.rb +180 -0
data/lib/logstash/outputs/ganglia.rb +75 -0
data/lib/logstash/outputs/gelf.rb +208 -0
data/lib/logstash/outputs/gemfire.rb +103 -0
data/lib/logstash/outputs/google_bigquery.rb +570 -0
data/lib/logstash/outputs/google_cloud_storage.rb +431 -0
data/lib/logstash/outputs/graphite.rb +143 -0
data/lib/logstash/outputs/graphtastic.rb +185 -0
data/lib/logstash/outputs/hipchat.rb +80 -0
data/lib/logstash/outputs/http.rb +142 -0
data/lib/logstash/outputs/irc.rb +80 -0
data/lib/logstash/outputs/jira.rb +109 -0
data/lib/logstash/outputs/juggernaut.rb +105 -0
data/lib/logstash/outputs/librato.rb +146 -0
data/lib/logstash/outputs/loggly.rb +93 -0
data/lib/logstash/outputs/lumberjack.rb +51 -0
data/lib/logstash/outputs/metriccatcher.rb +103 -0
data/lib/logstash/outputs/mongodb.rb +81 -0
data/lib/logstash/outputs/nagios.rb +119 -0
data/lib/logstash/outputs/nagios_nsca.rb +123 -0
data/lib/logstash/outputs/null.rb +18 -0
data/lib/logstash/outputs/opentsdb.rb +101 -0
data/lib/logstash/outputs/pagerduty.rb +79 -0
data/lib/logstash/outputs/pipe.rb +132 -0
data/lib/logstash/outputs/rabbitmq.rb +96 -0
data/lib/logstash/outputs/rabbitmq/bunny.rb +135 -0
data/lib/logstash/outputs/rabbitmq/hot_bunnies.rb +1 -0
data/lib/logstash/outputs/rabbitmq/march_hare.rb +143 -0
data/lib/logstash/outputs/redis.rb +245 -0
data/lib/logstash/outputs/riak.rb +152 -0
data/lib/logstash/outputs/riemann.rb +109 -0
data/lib/logstash/outputs/s3.rb +356 -0
data/lib/logstash/outputs/sns.rb +124 -0
data/lib/logstash/outputs/solr_http.rb +78 -0
data/lib/logstash/outputs/sqs.rb +141 -0
data/lib/logstash/outputs/statsd.rb +116 -0
data/lib/logstash/outputs/stdout.rb +53 -0
data/lib/logstash/outputs/stomp.rb +67 -0
data/lib/logstash/outputs/syslog.rb +145 -0
data/lib/logstash/outputs/tcp.rb +145 -0
data/lib/logstash/outputs/udp.rb +38 -0
data/lib/logstash/outputs/websocket.rb +46 -0
data/lib/logstash/outputs/websocket/app.rb +29 -0
data/lib/logstash/outputs/websocket/pubsub.rb +45 -0
data/lib/logstash/outputs/xmpp.rb +78 -0
data/lib/logstash/outputs/zabbix.rb +108 -0
data/lib/logstash/outputs/zeromq.rb +125 -0
data/lib/logstash/pipeline.rb +286 -0
data/lib/logstash/plugin.rb +150 -0
data/lib/logstash/plugin_mixins/aws_config.rb +93 -0
data/lib/logstash/program.rb +15 -0
data/lib/logstash/runner.rb +238 -0
data/lib/logstash/sized_queue.rb +8 -0
data/lib/logstash/test.rb +183 -0
data/lib/logstash/threadwatchdog.rb +37 -0
data/lib/logstash/time_addon.rb +33 -0
data/lib/logstash/util.rb +106 -0
data/lib/logstash/util/buftok.rb +139 -0
data/lib/logstash/util/charset.rb +39 -0
data/lib/logstash/util/fieldreference.rb +50 -0
data/lib/logstash/util/password.rb +25 -0
data/lib/logstash/util/prctl.rb +11 -0
data/lib/logstash/util/relp.rb +326 -0
data/lib/logstash/util/require-helper.rb +18 -0
data/lib/logstash/util/socket_peer.rb +7 -0
data/lib/logstash/util/zenoss.rb +566 -0
data/lib/logstash/util/zeromq.rb +47 -0
data/lib/logstash/version.rb +6 -0
data/locales/en.yml +170 -0
data/logstash-event.gemspec +29 -0
data/logstash.gemspec +128 -0
data/patterns/firewalls +60 -0
data/patterns/grok-patterns +91 -0
data/patterns/haproxy +37 -0
data/patterns/java +3 -0
data/patterns/linux-syslog +14 -0
data/patterns/mcollective +1 -0
data/patterns/mcollective-patterns +4 -0
data/patterns/nagios +108 -0
data/patterns/postgresql +3 -0
data/patterns/redis +3 -0
data/patterns/ruby +2 -0
data/pkg/build.sh +135 -0
data/pkg/centos/after-install.sh +1 -0
data/pkg/centos/before-install.sh +10 -0
data/pkg/centos/before-remove.sh +11 -0
data/pkg/centos/sysconfig +15 -0
data/pkg/debian/after-install.sh +5 -0
data/pkg/debian/before-install.sh +13 -0
data/pkg/debian/before-remove.sh +13 -0
data/pkg/debian/build.sh +34 -0
data/pkg/debian/debian/README +6 -0
data/pkg/debian/debian/changelog +17 -0
data/pkg/debian/debian/compat +1 -0
data/pkg/debian/debian/control +16 -0
data/pkg/debian/debian/copyright +27 -0
data/pkg/debian/debian/dirs +19 -0
data/pkg/debian/debian/docs +0 -0
data/pkg/debian/debian/logstash.default +39 -0
data/pkg/debian/debian/logstash.init +201 -0
data/pkg/debian/debian/logstash.install +1 -0
data/pkg/debian/debian/logstash.logrotate +9 -0
data/pkg/debian/debian/logstash.postinst +68 -0
data/pkg/debian/debian/logstash.postrm +23 -0
data/pkg/debian/debian/manpage.1.ex +59 -0
data/pkg/debian/debian/preinst.ex +37 -0
data/pkg/debian/debian/prerm.ex +40 -0
data/pkg/debian/debian/release.conf +5 -0
data/pkg/debian/debian/rules +80 -0
data/pkg/debian/debian/watch.ex +22 -0
data/pkg/logrotate.conf +8 -0
data/pkg/logstash-web.default +41 -0
data/pkg/logstash-web.sysv.debian +201 -0
data/pkg/logstash-web.upstart.ubuntu +18 -0
data/pkg/logstash.default +45 -0
data/pkg/logstash.sysv.debian +202 -0
data/pkg/logstash.sysv.redhat +158 -0
data/pkg/logstash.upstart.ubuntu +20 -0
data/pkg/rpm/SOURCES/logstash.conf +26 -0
data/pkg/rpm/SOURCES/logstash.init +80 -0
data/pkg/rpm/SOURCES/logstash.logrotate +8 -0
data/pkg/rpm/SOURCES/logstash.sysconfig +3 -0
data/pkg/rpm/SOURCES/logstash.wrapper +105 -0
data/pkg/rpm/SPECS/logstash.spec +180 -0
data/pkg/rpm/readme.md +4 -0
data/pkg/ubuntu/after-install.sh +7 -0
data/pkg/ubuntu/before-install.sh +12 -0
data/pkg/ubuntu/before-remove.sh +13 -0
data/pull_release_note.rb +25 -0
data/require-analyze.rb +22 -0
data/spec/README.md +14 -0
data/spec/codecs/edn.rb +40 -0
data/spec/codecs/edn_lines.rb +53 -0
data/spec/codecs/graphite.rb +96 -0
data/spec/codecs/json.rb +57 -0
data/spec/codecs/json_lines.rb +51 -0
data/spec/codecs/json_spooler.rb +43 -0
data/spec/codecs/msgpack.rb +39 -0
data/spec/codecs/multiline.rb +60 -0
data/spec/codecs/oldlogstashjson.rb +55 -0
data/spec/codecs/plain.rb +35 -0
data/spec/codecs/spool.rb +35 -0
data/spec/conditionals/test.rb +323 -0
data/spec/config.rb +31 -0
data/spec/event.rb +165 -0
data/spec/examples/fail2ban.rb +28 -0
data/spec/examples/graphite-input.rb +41 -0
data/spec/examples/mysql-slow-query.rb +70 -0
data/spec/examples/parse-apache-logs.rb +66 -0
data/spec/examples/parse-haproxy-logs.rb +115 -0
data/spec/examples/syslog.rb +48 -0
data/spec/filters/alter.rb +96 -0
data/spec/filters/anonymize.rb +189 -0
data/spec/filters/checksum.rb +41 -0
data/spec/filters/clone.rb +67 -0
data/spec/filters/collate.rb +122 -0
data/spec/filters/csv.rb +174 -0
data/spec/filters/date.rb +285 -0
data/spec/filters/date_performance.rb +31 -0
data/spec/filters/dns.rb +159 -0
data/spec/filters/drop.rb +19 -0
data/spec/filters/elapsed.rb +294 -0
data/spec/filters/environment.rb +43 -0
data/spec/filters/geoip.rb +62 -0
data/spec/filters/grep.rb +342 -0
data/spec/filters/grok.rb +473 -0
data/spec/filters/grok/timeout2.rb +56 -0
data/spec/filters/grok/timeouts.rb +39 -0
data/spec/filters/i18n.rb +25 -0
data/spec/filters/json.rb +72 -0
data/spec/filters/json_encode.rb +37 -0
data/spec/filters/kv.rb +403 -0
data/spec/filters/metrics.rb +212 -0
data/spec/filters/multiline.rb +119 -0
data/spec/filters/mutate.rb +180 -0
data/spec/filters/noop.rb +221 -0
data/spec/filters/prune.rb +441 -0
data/spec/filters/punct.rb +18 -0
data/spec/filters/railsparallelrequest.rb +112 -0
data/spec/filters/range.rb +169 -0
data/spec/filters/split.rb +58 -0
data/spec/filters/translate.rb +70 -0
data/spec/filters/unique.rb +25 -0
data/spec/filters/useragent.rb +42 -0
data/spec/filters/xml.rb +157 -0
data/spec/inputs/file.rb +107 -0
data/spec/inputs/gelf.rb +52 -0
data/spec/inputs/generator.rb +30 -0
data/spec/inputs/imap.rb +60 -0
data/spec/inputs/redis.rb +63 -0
data/spec/inputs/relp.rb +70 -0
data/spec/inputs/tcp.rb +101 -0
data/spec/jar.rb +21 -0
data/spec/outputs/csv.rb +266 -0
data/spec/outputs/elasticsearch.rb +161 -0
data/spec/outputs/elasticsearch_http.rb +240 -0
data/spec/outputs/email.rb +173 -0
data/spec/outputs/file.rb +82 -0
data/spec/outputs/graphite.rb +236 -0
data/spec/outputs/redis.rb +127 -0
data/spec/speed.rb +20 -0
data/spec/sqlite-test.rb +81 -0
data/spec/support/LOGSTASH-733.rb +21 -0
data/spec/support/LOGSTASH-820.rb +25 -0
data/spec/support/akamai-grok.rb +26 -0
data/spec/support/date-http.rb +17 -0
data/spec/support/postwait1.rb +26 -0
data/spec/support/pull375.rb +21 -0
data/spec/test_utils.rb +125 -0
data/spec/util/fieldeval_spec.rb +44 -0
data/test/jenkins/config.xml.erb +74 -0
data/test/jenkins/create-jobs.rb +23 -0
data/test/jenkins/generatorjob.config.xml +66 -0
data/tools/Gemfile +14 -0
data/tools/Gemfile.jruby-1.9.lock +322 -0
data/tools/Gemfile.rbx-2.1.lock +516 -0
data/tools/Gemfile.ruby-1.9.1.lock +310 -0
data/tools/Gemfile.ruby-2.0.0.lock +310 -0
metadata +629 -0

data/lib/logstash/inputs/snmptrap.rb ADDED

@@ -0,0 +1,87 @@
+# encoding: utf-8
+require "logstash/inputs/base"
+require "logstash/namespace"
+# Read snmp trap messages as events
+#
+# Resulting @message looks like :
+#   #<SNMP::SNMPv1_Trap:0x6f1a7a4 @varbind_list=[#<SNMP::VarBind:0x2d7bcd8f @value="teststring",
+#   @name=[1.11.12.13.14.15]>], @timestamp=#<SNMP::TimeTicks:0x1af47e9d @value=55>, @generic_trap=6,
+#   @enterprise=[1.2.3.4.5.6], @source_ip="127.0.0.1", @agent_addr=#<SNMP::IpAddress:0x29a4833e @value="\xC0\xC1\xC2\xC3">,
+#   @specific_trap=99>
+#
+class LogStash::Inputs::Snmptrap < LogStash::Inputs::Base
+  config_name "snmptrap"
+  milestone 1
+  # The address to listen on
+  config :host, :validate => :string, :default => "0.0.0.0"
+  # The port to listen on. Remember that ports less than 1024 (privileged
+  # ports) may require root to use. hence the default of 1062.
+  config :port, :validate => :number, :default => 1062
+  # SNMP Community String to listen for.
+  config :community, :validate => :string, :default => "public"
+  # directory of YAML MIB maps  (same format ruby-snmp uses)
+  config :yamlmibdir, :validate => :string
+  def initialize(*args)
+    super(*args)
+  end # def initialize
+  public
+  def register
+    require "snmp"
+    @snmptrap = nil
+    if @yamlmibdir
+      @logger.info("checking #{@yamlmibdir} for MIBs")
+      Dir["#{@yamlmibdir}/*.yaml"].each do |yamlfile|
+        mib_name = File.basename(yamlfile, ".*")
+        @yaml_mibs ||= []
+        @yaml_mibs << mib_name
+      end
+      @logger.info("found MIBs: #{@yaml_mibs.join(',')}") if @yaml_mibs
+    end
+  end # def register
+  public
+  def run(output_queue)
+    begin
+      # snmp trap server
+      snmptrap_listener(output_queue)
+    rescue => e
+      @logger.warn("SNMP Trap listener died", :exception => e, :backtrace => e.backtrace)
+      sleep(5)
+      retry
+    end # begin
+  end # def run
+  private
+  def snmptrap_listener(output_queue)
+    traplistener_opts = {:Port => @port, :Community => @community, :Host => @host}
+    if !@yaml_mibs.empty?
+      traplistener_opts.merge!({:MibDir => @yamlmibdir, :MibModules => @yaml_mibs})
+    end
+    @logger.info("It's a Trap!", traplistener_opts.dup)
+    @snmptrap = SNMP::TrapListener.new(traplistener_opts)
+    @snmptrap.on_trap_default do |trap|
+      begin
+        event = LogStash::Event.new("message" => trap.inspect, "host" => trap.source_ip)
+        decorate(event)
+        trap.each_varbind do |vb|
+          event[vb.name.to_s] = vb.value.to_s
+        end
+        @logger.debug("SNMP Trap received: ", :trap_object => trap.inspect)
+        output_queue << event
+      rescue => event
+        @logger.error("Failed to create event", :trap_object => trap.inspect)
+      end
+    end
+    @snmptrap.join
+  end # def snmptrap_listener
+end # class LogStash::Inputs::Snmptrap

data/lib/logstash/inputs/sqlite.rb ADDED

@@ -0,0 +1,185 @@
+# encoding: utf-8
+require "logstash/inputs/base"
+require "logstash/namespace"
+require "socket"
+# Read rows from an sqlite database.
+#
+# This is most useful in cases where you are logging directly to a table.
+# Any tables being watched must have an 'id' column that is monotonically
+# increasing.
+#
+# All tables are read by default except:
+# * ones matching 'sqlite_%' - these are internal/adminstrative tables for sqlite
+# * 'since_table' - this is used by this plugin to track state.
+#
+# ## Example
+#
+#     % sqlite /tmp/example.db
+#     sqlite> CREATE TABLE weblogs (
+#         id INTEGER PRIMARY KEY AUTOINCREMENT,
+#         ip STRING,
+#         request STRING,
+#         response INTEGER);
+#     sqlite> INSERT INTO weblogs (ip, request, response)
+#         VALUES ("1.2.3.4", "/index.html", 200);
+#
+# Then with this logstash config:
+#
+#     input {
+#       sqlite {
+#         path => "/tmp/example.db"
+#         type => weblogs
+#       }
+#     }
+#     output {
+#       stdout {
+#         debug => true
+#       }
+#     }
+#
+# Sample output:
+#
+#     {
+#       "@source"      => "sqlite://sadness/tmp/x.db",
+#       "@tags"        => [],
+#       "@fields"      => {
+#         "ip"       => "1.2.3.4",
+#         "request"  => "/index.html",
+#         "response" => 200
+#       },
+#       "@timestamp"   => "2013-05-29T06:16:30.850Z",
+#       "@source_host" => "sadness",
+#       "@source_path" => "/tmp/x.db",
+#       "@message"     => "",
+#       "@type"        => "foo"
+#     }
+#
+class LogStash::Inputs::Sqlite < LogStash::Inputs::Base
+  config_name "sqlite"
+  milestone 1
+  # The path to the sqlite database file.
+  config :path, :validate => :string, :required => true
+  # Any tables to exclude by name.
+  # By default all tables are followed.
+  config :exclude_tables, :validate => :array, :default => []
+  # How many rows to fetch at a time from each SELECT call.
+  config :batch, :validate => :number, :default => 5
+  SINCE_TABLE = :since_table
+  public
+  def init_placeholder_table(db)
+    begin
+      db.create_table SINCE_TABLE do
+        String :table
+        Int    :place
+      end
+    rescue
+      @logger.debug("since tables already exists")
+    end
+  end
+  public
+  def get_placeholder(db, table)
+    since = db[SINCE_TABLE]
+    x = since.where(:table => "#{table}")
+    if x[:place].nil?
+      init_placeholder(db, table)
+      return 0
+    else
+      @logger.debug("placeholder already exists, it is #{x[:place]}")
+      return x[:place][:place]
+    end
+  end
+  public
+  def init_placeholder(db, table)
+    @logger.debug("init placeholder for #{table}")
+    since = db[SINCE_TABLE]
+    since.insert(:table => table, :place => 0)
+  end
+  public
+  def update_placeholder(db, table, place)
+    @logger.debug("set placeholder to #{place}")
+    since = db[SINCE_TABLE]
+    since.where(:table => table).update(:place => place)
+  end
+  public
+  def get_all_tables(db)
+    return db["SELECT * FROM sqlite_master WHERE type = 'table' AND tbl_name != '#{SINCE_TABLE}' AND tbl_name NOT LIKE 'sqlite_%'"].map { |t| t[:name] }.select { |n| !@exclude_tables.include?(n) }
+  end
+  public
+  def get_n_rows_from_table(db, table, offset, limit)
+    dataset = db["SELECT * FROM #{table}"]
+    return db["SELECT * FROM #{table} WHERE (id > #{offset}) ORDER BY 'id' LIMIT #{limit}"].map { |row| row }
+  end
+  public
+  def register
+    require "sequel"
+    require "jdbc/sqlite3"
+    @host = Socket.gethostname
+    @logger.info("Registering sqlite input", :database => @path)
+    @db = Sequel.connect("jdbc:sqlite:#{@path}")
+    @tables = get_all_tables(@db)
+    @table_data = {}
+    @tables.each do |table|
+      init_placeholder_table(@db)
+      last_place = get_placeholder(@db, table)
+      @table_data[table] = { :name => table, :place => last_place }
+    end
+  end # def register
+  public
+  def run(queue)
+    sleep_min = 0.01
+    sleep_max = 5
+    sleeptime = sleep_min
+    begin
+      @logger.debug("Tailing sqlite db", :path => @path)
+      loop do
+        count = 0
+        @table_data.each do |k, table|
+          table_name = table[:name]
+          offset = table[:place]
+          @logger.debug("offset is #{offset}", :k => k, :table => table_name)
+          rows = get_n_rows_from_table(@db, table_name, offset, @batch)
+          count += rows.count
+          rows.each do |row|
+            event = LogStash::Event.new("host" => @host, "db" => @db)
+            decorate(event)
+            # store each column as a field in the event.
+            row.each do |column, element|
+              next if column == :id
+              event[column.to_s] = element
+            end
+            queue << event
+            @table_data[k][:place] = row[:id]
+          end
+          # Store the last-seen row in the database
+          update_placeholder(@db, table_name, @table_data[k][:place])
+        end
+        if count == 0
+          # nothing found in that iteration
+          # sleep a bit
+          @logger.debug("No new rows. Sleeping.", :time => sleeptime)
+          sleeptime = [sleeptime * 2, sleep_max].min
+          sleep(sleeptime)
+        else
+          sleeptime = sleep_min
+        end
+      end # loop
+    end # begin/rescue
+  end #run
+end # class Logtstash::Inputs::EventLog

data/lib/logstash/inputs/sqs.rb ADDED

@@ -0,0 +1,172 @@
+# encoding: utf-8
+require "logstash/inputs/threadable"
+require "logstash/namespace"
+require "logstash/plugin_mixins/aws_config"
+require "digest/sha2"
+# Pull events from an Amazon Web Services Simple Queue Service (SQS) queue.
+#
+# SQS is a simple, scalable queue system that is part of the
+# Amazon Web Services suite of tools.
+#
+# Although SQS is similar to other queuing systems like AMQP, it
+# uses a custom API and requires that you have an AWS account.
+# See http://aws.amazon.com/sqs/ for more details on how SQS works,
+# what the pricing schedule looks like and how to setup a queue.
+#
+# To use this plugin, you *must*:
+#
+#  * Have an AWS account
+#  * Setup an SQS queue
+#  * Create an identify that has access to consume messages from the queue.
+#
+# The "consumer" identity must have the following permissions on the queue:
+#
+#  * sqs:ChangeMessageVisibility
+#  * sqs:ChangeMessageVisibilityBatch
+#  * sqs:DeleteMessage
+#  * sqs:DeleteMessageBatch
+#  * sqs:GetQueueAttributes
+#  * sqs:GetQueueUrl
+#  * sqs:ListQueues
+#  * sqs:ReceiveMessage
+#
+# Typically, you should setup an IAM policy, create a user and apply the IAM policy to the user.
+# A sample policy is as follows:
+#
+#     {
+#       "Statement": [
+#         {
+#           "Action": [
+#             "sqs:ChangeMessageVisibility",
+#             "sqs:ChangeMessageVisibilityBatch",
+#             "sqs:GetQueueAttributes",
+#             "sqs:GetQueueUrl",
+#             "sqs:ListQueues",
+#             "sqs:SendMessage",
+#             "sqs:SendMessageBatch"
+#           ],
+#           "Effect": "Allow",
+#           "Resource": [
+#             "arn:aws:sqs:us-east-1:123456789012:Logstash"
+#           ]
+#         }
+#       ]
+#     }
+#
+# See http://aws.amazon.com/iam/ for more details on setting up AWS identities.
+#
+class LogStash::Inputs::SQS < LogStash::Inputs::Threadable
+  include LogStash::PluginMixins::AwsConfig
+  config_name "sqs"
+  milestone 1
+  default :codec, "json"
+  # Name of the SQS Queue name to pull messages from. Note that this is just the name of the queue, not the URL or ARN.
+  config :queue, :validate => :string, :required => true
+  # Name of the event field in which to store the SQS message ID
+  config :id_field, :validate => :string
+  # Name of the event field in which to store the SQS message MD5 checksum
+  config :md5_field, :validate => :string
+  # Name of the event field in which to store the  SQS message Sent Timestamp
+  config :sent_timestamp_field, :validate => :string
+  public
+  def aws_service_endpoint(region)
+    return {
+        :sqs_endpoint => "sqs.#{region}.amazonaws.com"
+    }
+  end
+  public
+  def register
+    @logger.info("Registering SQS input", :queue => @queue)
+    require "aws-sdk"
+    @sqs = AWS::SQS.new(aws_options_hash)
+    begin
+      @logger.debug("Connecting to AWS SQS queue", :queue => @queue)
+      @sqs_queue = @sqs.queues.named(@queue)
+      @logger.info("Connected to AWS SQS queue successfully.", :queue => @queue)
+    rescue Exception => e
+      @logger.error("Unable to access SQS queue.", :error => e.to_s, :queue => @queue)
+      throw e
+    end # begin/rescue
+  end # def register
+  public
+  def run(output_queue)
+    @logger.debug("Polling SQS queue", :queue => @queue)
+    receive_opts = {
+        :limit => 10,
+        :visibility_timeout => 30,
+        :attributes => [:sent_at]
+    }
+    continue_polling = true
+    while running? && continue_polling
+      continue_polling = run_with_backoff(60, 1) do
+        @sqs_queue.receive_message(receive_opts) do |message|
+          if message
+            @codec.decode(message.body) do |event|
+              decorate(event)
+              if @id_field
+                event[@id_field] = message.id
+              end
+              if @md5_field
+                event[@md5_field] = message.md5
+              end
+              if @sent_timestamp_field
+                event[@sent_timestamp_field] = message.sent_timestamp.utc
+              end
+              @logger.debug? && @logger.debug("Processed SQS message", :message_id => message.id, :message_md5 => message.md5, :sent_timestamp => message.sent_timestamp, :queue => @queue)
+              output_queue << event
+              message.delete
+            end # codec.decode
+          end # valid SQS message
+        end # receive_message
+      end # run_with_backoff
+    end # polling loop
+  end # def run
+  def teardown
+    @sqs_queue = nil
+    finished
+  end # def teardown
+  private
+  # Runs an AWS request inside a Ruby block with an exponential backoff in case
+  # we exceed the allowed AWS RequestLimit.
+  #
+  # @param [Integer] max_time maximum amount of time to sleep before giving up.
+  # @param [Integer] sleep_time the initial amount of time to sleep before retrying.
+  # @param [Block] block Ruby code block to execute.
+  def run_with_backoff(max_time, sleep_time, &block)
+    if sleep_time > max_time
+      @logger.error("AWS::EC2::Errors::RequestLimitExceeded ... failed.", :queue => @queue)
+      return false
+    end # retry limit exceeded
+    begin
+      block.call
+    rescue AWS::EC2::Errors::RequestLimitExceeded
+      @logger.info("AWS::EC2::Errors::RequestLimitExceeded ... retrying SQS request", :queue => @queue, :sleep_time => sleep_time)
+      sleep sleep_time
+      run_with_backoff(max_time, sleep_time * 2, &block)
+    rescue AWS::EC2::Errors::InstanceLimitExceeded
+      @logger.warn("AWS::EC2::Errors::InstanceLimitExceeded ... aborting SQS message retreival.")
+      return false
+    rescue Exception => bang
+      @logger.error("Error reading SQS queue.", :error => bang, :queue => @queue)
+      return false
+    end # begin/rescue
+    return true
+  end # def run_with_backoff
+end # class LogStash::Inputs::SQS

data/lib/logstash/inputs/stdin.rb ADDED

@@ -0,0 +1,46 @@
+# encoding: utf-8
+require "logstash/inputs/base"
+require "logstash/namespace"
+require "socket" # for Socket.gethostname
+# Read events from standard input.
+#
+# By default, each event is assumed to be one line. If you
+# want to join lines, you'll want to use the multiline filter.
+class LogStash::Inputs::Stdin < LogStash::Inputs::Base
+  config_name "stdin"
+  milestone 3
+  default :codec, "line"
+  public
+  def register
+    @host = Socket.gethostname
+  end # def register
+  def run(queue)
+    while true
+      begin
+        # Based on some testing, there is no way to interrupt an IO.sysread nor
+        # IO.select call in JRuby. Bummer :(
+        data = $stdin.sysread(16384)
+        @codec.decode(data) do |event|
+          decorate(event)
+          event["host"] = @host
+          queue << event
+        end
+      rescue EOFError, LogStash::ShutdownSignal
+        # stdin closed or a requested shutdown
+        break
+      end
+    end # while true
+    finished
+  end # def run
+  public
+  def teardown
+    @logger.debug("stdin shutting down.")
+    $stdin.close rescue nil
+    finished
+  end # def teardown
+end # class LogStash::Inputs::Stdin