logstash-output-azure_loganalytics 0.1.1 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +1 -0
- data/VERSION +1 -1
- data/lib/logstash/outputs/azure_loganalytics.rb +4 -1
- data/spec/outputs/azure_loganalytics_spec.rb +10 -6
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8b81ab703becb224bdf5e6df243ba1153b21fdbb
|
|
4
|
+
data.tar.gz: ce472b857248a21ce8409448107c431a1fdcdc0a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e4e2e958a0e3773c6e1d6254e4316b8c6192553d5c8d903953a797cfe02e64f4c4838c842e4c85fd49dd63b2c6fcc2c26ad3dca0e904a7a4c0c46c90f753969c
|
|
7
|
+
data.tar.gz: 0662396162a5a7caffac5f0bcfae949cd2d775158ea77a55450c6a09baa2c02ccc1865781f9f14353ac9dadcf768790a8d1023ba258482f95a0b6097634fb47f
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,7 @@
|
|
|
1
|
+
## 0.2.0
|
|
2
|
+
|
|
3
|
+
* Support for time-generated-field in output configuration [Issue#4](https://github.com/yokawasa/logstash-output-azure_loganalytics/issues/4) (Thanks to [@KiZach](https://github.com/KiZach))
|
|
4
|
+
|
|
1
5
|
## 0.1.1
|
|
2
6
|
|
|
3
7
|
* Fixed up [Issue#2](https://github.com/yokawasa/logstash-output-azure_loganalytics/issues/2) (Thanks to [@gmousset](https://github.com/gmousset))
|
data/README.md
CHANGED
|
@@ -29,6 +29,7 @@ output {
|
|
|
29
29
|
* **customer\_id (required)** - Your Operations Management Suite workspace ID
|
|
30
30
|
* **shared\_key (required)** - The primary or the secondary Connected Sources client authentication key.
|
|
31
31
|
* **log\_type (required)** - The name of the event type that is being submitted to Log Analytics. This must be only alpha characters.
|
|
32
|
+
* **time\_generated\_field (optional)** - Default:''(empty string) The name of the time generated field. Be carefule that the value of field should strictly follow the ISO 8601 format (YYYY-MM-DDThh:mm:ssZ). See also [this](https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-data-collector-api#create-a-request) for more details
|
|
32
33
|
* **key\_names (optional)** - Default:[] (empty array). list of Key names in in-coming record to deliver.
|
|
33
34
|
* **flush_items (optional)** - Default 50. Max number of items to buffer before flushing (1 - 1000).
|
|
34
35
|
* **flush_interval_time (optional)** - Default 5. Max number of seconds to wait between flushes.
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.2.0
|
|
@@ -17,6 +17,9 @@ class LogStash::Outputs::AzureLogAnalytics < LogStash::Outputs::Base
|
|
|
17
17
|
# The name of the event type that is being submitted to Log Analytics. This must be only alpha characters.
|
|
18
18
|
config :log_type, :validate => :string, :required => true
|
|
19
19
|
|
|
20
|
+
# The name of the time generated field. Be carefule that the value of field should strictly follow the ISO 8601 format (YYYY-MM-DDThh:mm:ssZ)
|
|
21
|
+
config :time_generated_field, :validate => :string, :default => ''
|
|
22
|
+
|
|
20
23
|
# list of Key names in in-coming record to deliver.
|
|
21
24
|
config :key_names, :validate => :array, :default => []
|
|
22
25
|
|
|
@@ -81,7 +84,7 @@ class LogStash::Outputs::AzureLogAnalytics < LogStash::Outputs::Base
|
|
|
81
84
|
end
|
|
82
85
|
|
|
83
86
|
begin
|
|
84
|
-
res = @client.post_data(@log_type, documents)
|
|
87
|
+
res = @client.post_data(@log_type, documents, @time_generated_field)
|
|
85
88
|
if not Azure::Loganalytics::Datacollectorapi::Client.is_success(res)
|
|
86
89
|
$logger.error("DataCollector API request failure: error code: #{res.code}, data=>" + (documents.to_json).to_s)
|
|
87
90
|
end
|
|
@@ -9,14 +9,16 @@ describe LogStash::Outputs::AzureLogAnalytics do
|
|
|
9
9
|
let(:customer_id) { '<Customer ID aka WorkspaceID String>' }
|
|
10
10
|
let(:shared_key) { '<Primary Key String>' }
|
|
11
11
|
let(:log_type) { 'ApacheAccessLog' }
|
|
12
|
-
let(:key_names) { ['logid','date','processing_time','remote','user','method','status','agent'] }
|
|
12
|
+
let(:key_names) { ['logid','date','processing_time','remote','user','method','status','agent','eventtime'] }
|
|
13
|
+
let(:time_generated_field) { 'eventtime' }
|
|
13
14
|
|
|
14
15
|
let(:azure_loganalytics_config) {
|
|
15
16
|
{
|
|
16
17
|
"customer_id" => customer_id,
|
|
17
18
|
"shared_key" => shared_key,
|
|
18
19
|
"log_type" => log_type,
|
|
19
|
-
"key_names" => key_names
|
|
20
|
+
"key_names" => key_names,
|
|
21
|
+
"time_generated_field" => time_generated_field
|
|
20
22
|
}
|
|
21
23
|
}
|
|
22
24
|
|
|
@@ -31,7 +33,7 @@ describe LogStash::Outputs::AzureLogAnalytics do
|
|
|
31
33
|
events = []
|
|
32
34
|
log1 = {
|
|
33
35
|
:logid => "5cdad72f-c848-4df0-8aaa-ffe033e75d57",
|
|
34
|
-
:date => "
|
|
36
|
+
:date => "2017-04-22 09:44:32 JST",
|
|
35
37
|
:processing_time => "372",
|
|
36
38
|
:remote => "101.202.74.59",
|
|
37
39
|
:user => "-",
|
|
@@ -39,12 +41,13 @@ describe LogStash::Outputs::AzureLogAnalytics do
|
|
|
39
41
|
:status => "304",
|
|
40
42
|
:size => "-",
|
|
41
43
|
:referer => "-",
|
|
42
|
-
:agent => "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:27.0) Gecko/20100101 Firefox/27.0"
|
|
44
|
+
:agent => "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:27.0) Gecko/20100101 Firefox/27.0",
|
|
45
|
+
:eventtime => "2017-04-22T01:44:32Z"
|
|
43
46
|
}
|
|
44
47
|
|
|
45
48
|
log2 = {
|
|
46
49
|
:logid => "7260iswx-8034-4cc3-uirtx-f068dd4cd659",
|
|
47
|
-
:date => "
|
|
50
|
+
:date => "2017-04-22 09:45:14 JST",
|
|
48
51
|
:processing_time => "105",
|
|
49
52
|
:remote => "201.78.74.59",
|
|
50
53
|
:user => "-",
|
|
@@ -52,7 +55,8 @@ describe LogStash::Outputs::AzureLogAnalytics do
|
|
|
52
55
|
:status =>"200",
|
|
53
56
|
:size => "-",
|
|
54
57
|
:referer => "-",
|
|
55
|
-
:agent => "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"
|
|
58
|
+
:agent => "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0",
|
|
59
|
+
:eventtime => "2017-04-22T01:45:14Z"
|
|
56
60
|
}
|
|
57
61
|
|
|
58
62
|
event1 = LogStash::Event.new(log1)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-output-azure_loganalytics
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Yoichi Kawasaki
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-04-
|
|
11
|
+
date: 2017-04-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|