logstash-output-azure_loganalytics 0.3.1 → 0.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a25ad8b80f9c07355c78a85326fcca885e67d739
-  data.tar.gz: 332c355b577a8876e3b8dd77bd8322d1479ca0c1
+  metadata.gz: f5703dcf7467f52e043faed81a31e4ac16326a28
+  data.tar.gz: a1626400b84f10787997929640fce9dcc51fad4e
 SHA512:
-  metadata.gz: d490865b12e382522d1985d275a8f7b10f38cd8bab49961bd24c0024ffdb8843fe4501cf32c5ae8d08307ee8d01cd8065f212f620df16895ce8ffb6efbf04ec3
-  data.tar.gz: 549bfc413b647fb53e2e5c0e1bc0ee66bd0553f1ac090d3cba5f6703e4ec7e4fb6f32cbe3fe34e22ac126a1a55bddf814d18ec25647992f0a0278db231b5d04b
+  metadata.gz: 63e25706eec6fad297468afd439ac9dd93c567d838f584124bc276d3568f663ae6923bf6b4fcff2d15caea3dcde26b067ba788db5a3bf4203f0789d3e321bf92
+  data.tar.gz: b2492d86bbcd2ac2aaf00c6274bc6d039a19f256e557026f3a6b011df45a53e798583b48d1c65f1c7f6a2d9bf69187516f250a2feaef9127f03beb851deffd32

data/CHANGELOG.md

@@ -1,14 +1,38 @@
+## 0.5.2
+
+* Fixed using sprintf in log_type - [PR #16](https://github.com/yokawasa/logstash-output-azure_loganalytics/pull/16) by [@daniel-chambers](https://github.com/daniel-chambers)
+
+## 0.5.1
+
+* Change base [azure-loganalytics-datacollector-api](https://github.com/yokawasa/azure-log-analytics-data-collector) to ">= 0.5.0"
+
+## 0.5.0
+
+* Support sprintf syntax like `%{my_log_type}` for `log_type` config param - [Issue #13](https://github.com/yokawasa/logstash-output-azure_loganalytics/issues/13)
+
+## 0.4.0
+
+* Change base [azure-loganalytics-datacollector-api](https://github.com/yokawasa/azure-log-analytics-data-collector) to ">= 0.4.0"
+
+## 0.3.2
+
+* Improvement: removed unnecessary key check 
+
 ## 0.3.1
+
 * Performance optimization for large key_names list scenario - [Issue#10](https://github.com/yokawasa/logstash-output-azure_loganalytics/issues/10)
 
 ## 0.3.0
+
 * Support `key_types` param - [Issue#8](https://github.com/yokawasa/logstash-output-azure_loganalytics/issues/8)
 * Support custom log analytics API endpoint (for supporting Azure sovereign cloud) - [Issue#9](https://github.com/yokawasa/logstash-output-azure_loganalytics/issues/9)
 
 ## 0.2.3
+
 * Added additional debug logging for successful requests - [PR#7](https://github.com/yokawasa/logstash-output-azure_loganalytics/pull/7) by [@daniel-chambers](https://github.com/daniel-chambers)
 
 ## 0.2.2
+
 * Fix logging failure - [PR#6](https://github.com/yokawasa/logstash-output-azure_loganalytics/pull/6) by [@daniel-chambers](https://github.com/daniel-chambers)
 
 ## 0.2.1

data/README.md

@@ -29,7 +29,7 @@ output {
 
  * **customer\_id (required)** - Your Operations Management Suite workspace ID
  * **shared\_key (required)** - The primary or the secondary Connected Sources client authentication key.
- * **log\_type (required)** - The name of the event type that is being submitted to Log Analytics. This must be only alpha characters. 
+ * **log\_type (required)** - The name of the event type that is being submitted to Log Analytics. It must only contain alpha numeric and _, and not exceed 100 chars. sprintf syntax like `%{my_log_type}` is supported.
  * **time\_generated\_field (optional)** - Default:''(empty string) The name of the time generated field. Be carefule that the value of field should strictly follow the ISO 8601 format (YYYY-MM-DDThh:mm:ssZ). See also [this](https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-data-collector-api#create-a-request) for more details
  * **key\_names (optional)** - Default:[] (empty array). The list of key names in in-coming record that you want to submit to Log Analytics.
  * **key\_types (optional)** - Default:{} (empty hash). The list of data types for each column as which you want to store in Log Analytics (`string`, `boolean`, or `double`)

data/VERSION

@@ -1 +1 @@
-0.3.1
+0.5.2

data/lib/logstash/outputs/azure_loganalytics.rb

@@ -16,7 +16,8 @@ class LogStash::Outputs::AzureLogAnalytics < LogStash::Outputs::Base
   config :shared_key, :validate => :string, :required => true
 
   # The name of the event type that is being submitted to Log Analytics. 
-  # This must be only alpha characters.
+  # This must only contain alpha numeric and _, and not exceed 100 chars. 
+  # sprintf syntax like %{my_log_type} is supported.
   config :log_type, :validate => :string, :required => true
 
   # The service endpoint (Default: ods.opinsights.azure.com)
@@ -50,11 +51,6 @@ class LogStash::Outputs::AzureLogAnalytics < LogStash::Outputs::Base
   def register
     require 'azure/loganalytics/datacollectorapi/client'
 
-    ## Configure
-    if not @log_type.match(/^[[:alpha:]]+$/)
-      raise ArgumentError, 'log_type must be only alpha characters' 
-    end
-
     @key_types.each { |k, v|
       t = v.downcase
       if ( !t.eql?('string') && !t.eql?('double') && !t.eql?('boolean') ) 
@@ -83,20 +79,21 @@ class LogStash::Outputs::AzureLogAnalytics < LogStash::Outputs::Base
   public
   def flush (events, close=false)
   
-    documents = []  #this is the array of hashes to add Azure Log Analytics
+    documentsByLogType = {}  # This is a map of log_type to list of documents (themselves maps) to send to Log Analytics
     events.each do |event|
       document = {}
+      
+      log_type_for_event = event.sprintf(@log_type)
+
       event_hash = event.to_hash()
       if @key_names.length > 0
         # Get the intersection of key_names and keys of event_hash
         keys_intersection = @key_names & event_hash.keys
         keys_intersection.each do |key|
-          if event_hash.include?(key)
-            if @key_types.include?(key)
-              document[key] = convert_value(@key_types[key], event_hash[key])
-            else
-              document[key] = event_hash[key]
-            end
+          if @key_types.include?(key)
+            document[key] = convert_value(@key_types[key], event_hash[key])
+          else
+            document[key] = event_hash[key]
           end
         end
       else
@@ -105,26 +102,32 @@ class LogStash::Outputs::AzureLogAnalytics < LogStash::Outputs::Base
       # Skip if document doesn't contain any items
       next if (document.keys).length < 1
 
-      documents.push(document)
+      if documentsByLogType[log_type_for_event] == nil then
+        documentsByLogType[log_type_for_event] = []
+      end
+      documentsByLogType[log_type_for_event].push(document)
     end
 
     # Skip in case there are no candidate documents to deliver
-    if documents.length < 1
-      @logger.debug("No documents in batch for log type #{@log_type}. Skipping")
+    if documentsByLogType.length < 1
+      @logger.debug("No documents in batch. Skipping")
       return
     end
 
-    begin
-      @logger.debug("Posting log batch (log count: #{documents.length}) as log type #{@log_type} to DataCollector API. First log: " + (documents[0].to_json).to_s)
-      res = @client.post_data(@log_type, documents, @time_generated_field)
-      if Azure::Loganalytics::Datacollectorapi::Client.is_success(res)
-        @logger.debug("Successfully posted logs as log type #{@log_type} with result code #{res.code} to DataCollector API")
-      else
-        @logger.error("DataCollector API request failure: error code: #{res.code}, data=>" + (documents.to_json).to_s)
+    documentsByLogType.each do |log_type_for_events, events|
+      begin
+        @logger.debug("Posting log batch (log count: #{events.length}) as log type #{log_type_for_events} to DataCollector API. First log: " + (events[0].to_json).to_s)
+        res = @client.post_data(log_type_for_events, events, @time_generated_field)
+        if Azure::Loganalytics::Datacollectorapi::Client.is_success(res)
+          @logger.debug("Successfully posted logs as log type #{log_type_for_events} with result code #{res.code} to DataCollector API")
+        else
+          @logger.error("DataCollector API request failure: error code: #{res.code}, data=>" + (events.to_json).to_s)
+        end
+      rescue Exception => ex
+        @logger.error("Exception occured in posting to DataCollector API: '#{ex}', data=>" + (events.to_json).to_s)
       end
-    rescue Exception => ex
-      @logger.error("Exception occured in posting to DataCollector API: '#{ex}', data=>" + (documents.to_json).to_s)
     end
+    
   end # def flush
 
   private
@@ -141,4 +144,4 @@ class LogStash::Outputs::AzureLogAnalytics < LogStash::Outputs::Base
     end
   end
 
-end # class LogStash::Outputs::AzureLogAnalytics
+end # class LogStash::Outputs::AzureLogAnalytics

data/logstash-output-azure_loganalytics.gemspec

@@ -19,7 +19,7 @@ Gem::Specification.new do |s|
 
   # Gem dependencies
   s.add_runtime_dependency "rest-client", ">= 1.8.0"
-  s.add_runtime_dependency "azure-loganalytics-datacollector-api", ">= 0.1.5"
+  s.add_runtime_dependency "azure-loganalytics-datacollector-api", ">= 0.5.0"
   s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
   s.add_runtime_dependency "logstash-codec-plain"
   s.add_development_dependency "logstash-devutils"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-output-azure_loganalytics
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.5.2
 platform: ruby
 authors:
 - Yoichi Kawasaki
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-06-17 00:00:00.000000000 Z
+date: 2020-09-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.5
+        version: 0.5.0
   name: azure-loganalytics-datacollector-api
   prerelease: false
   type: :runtime
@@ -37,7 +37,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.1.5
+        version: 0.5.0
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements: