logstash-output-loginsight 0.2.0 → 0.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 236d9a7c83a11fba824f0c7ccf4339167c8ac64f
-  data.tar.gz: 2944deae252cf72fa06d94ec6deb961dfe3ba614
+  metadata.gz: bb98e3b8031a18f4f06888b94cbc673e8078f0e3
+  data.tar.gz: 75101e0f13bb6bbbcd90202c74632dd8dd3d4d46
 SHA512:
-  metadata.gz: be68a388a3450906cc90b0a30cc316e46f98e5314fba75907868b0c16cddf008ca8d472512b38a4e246c330ec6f0352b747a21deef8241cedb40e3f76c2aabfc
-  data.tar.gz: f6644a6dc1cc1cf3f605cff24102fee4eb326d63eb70de991046ebe37c78973f04e9c245a34ae89a4e9b4499c1b9aebe9bf5276fa16a119420a26402a8666d22
+  metadata.gz: e030d1d0de528941f83e0b07642b67d6b1cbd0c5be8906082a9f5ae217761af7c778846644dc9dd705decac2bb31c154dadd877247bed95e12ae3275bd171481
+  data.tar.gz: d373190258f4a8dcf0afcc183e0325cab139636fd65851b88ca3ddf5a990f6e122d2068c7d8b982e64e2a9a5dcda8d16276dcf5732697ebd5f95e2280cb89b09

data/README.md

@@ -4,7 +4,57 @@ This is a plugin for [Logstash](https://github.com/elastic/logstash), sending ev
 
 It is fully free and fully open source. The license is Apache 2.0, meaning you are pretty much free to use it however you want in whatever way.
 
-## Documentation
+## Installation from rubygems
+
+[logstash-output-loginsight](http://rubygems.org/gems/logstash-output-loginsight) is hosted on rubygems.org. [Download and install the latest gem](https://www.elastic.co/guide/en/logstash/current/working-with-plugins.html) in your Logstash deployment:
+
+```sh
+bin/logstash-plugin install logstash-output-loginsight
+```
+
+Verify installed version:
+```sh
+bin/logstash-plugin list --verbose logstash-output-loginsight
+logstash-output-loginsight (0.1.12)
+```
+
+## Usage
+
+The plugin requires, at minimum, the hostname or IP address of a remote Log Insight server. Connections are established via HTTPS on port 9543, with certificate verification by default. If the Log Insight server carries a certificate issued by a trusted authority, a hostname is the only required option.
+
+```
+loginsight {
+    host => "loginsightvip.example.com"
+}
+```
+
+| option | default | notes |
+| --- | --- | --- |
+| `host`  |       | required remote sserver to connect to |
+| `port`  | `9543`  | ingestion api port 9000 uses http |
+| `proto` | `https` | `https` or `http` |
+| `uuid`  | `id` or `0` | unique identifier for client |
+| `verify` | `True` | verify certificate chain and hostname for SSL connections |
+| `ca_file` |       | alternate certificate chain to trust |
+
+## Self-signed Certificate
+
+Verification of the remote certificate is done against the platform's certificate authority. If you're using a self-signed certificate, you can retrieve a copy of the certificate and then configure the client to trust it. The certificate's common name must still match the `host` option.
+
+Connect to your Log Insight server and retrieve the certificate, writing it out to a PEM-formatted file. This method works for single-certificate chains, as in the self-signed case.
+```sh
+openssl s_client -showcerts -connect 10.11.12.13:9543 < /dev/null | openssl x509 -outform PEM > certificate.pem
+```
+
+For longer untrusted chains, use `openssl s_client -connect 10.11.12.13:9543 -verify 1` and copy the contents of all the sections inside `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`, inclusive, and save them in a new`certificate.pem` file.
+
+Pass the PEM-formatted file in the `ca_file` parameter:
+
+```sh
+bin/logstash -e 'input { stdin { add_field => { "fieldname" => "10" } } } output { loginsight { host => ["10.11.12.13"] verify => [true] ca_file => ["/Path to PEM/certificate.pem"] } }' --log.level=debug
+```
+
+## AsciiDocs
 
 Logstash provides infrastructure to automatically generate documentation for this plugin. We use the asciidoc format to write documentation so any comments in the source code will be first converted into asciidoc and then into html. All plugin documentation are placed under one [central location](http://www.elastic.co/guide/en/logstash/current/).
 
@@ -22,61 +72,61 @@ Need help? Try #logstash on freenode IRC or the https://discuss.elastic.co/c/log
 #### Code
 - To get started, you'll need JRuby with the Bundler gem installed.
 
-- Create a new plugin or clone and existing from the GitHub [logstash-plugins](https://github.com/logstash-plugins) organization. We also provide [example plugins](https://github.com/logstash-plugins?query=example).
+- Clone this repository.
 
-- Install dependencies
+- Install dependencies:
 ```sh
 bundle install
 ```
 
 #### Test
 
-- Update your dependencies
-
+- Update your dependencies:
 ```sh
 bundle install
 ```
 
-- Run tests
-
+- Run tests:
 ```sh
 bundle exec rspec
 ```
 
-### 2. Running your unpublished Plugin in Logstash
+### 2. Running the local, unpublished plugin in Logstash
 
 #### 2.1 Run in a local Logstash clone
 
 - Edit Logstash `Gemfile` and add the local plugin path, for example:
 ```ruby
-gem "logstash-filter-awesome", :path => "/your/local/logstash-filter-awesome"
+gem "logstash-output-loginsight", :path => "/your/local/logstash-output-loginsight"
 ```
 - Install plugin
 ```sh
 bin/logstash-plugin install --no-verify
 ```
-- Run Logstash with your plugin
+- Start Logstash and with the `stdin` input plugin and test connectivity to Log Insight, with debug logging:
 ```sh
-bin/logstash -e 'filter {awesome {}}'
+bin/logstash -e 'input { stdin { add_field => { "fieldname" => "10" } } } output { loginsight { host => ["10.11.12.13"] } }' --log.level=debug
 ```
+
 At this point any modifications to the plugin code will be applied to this local Logstash setup. After modifying the plugin, simply rerun Logstash.
 
 #### 2.2 Run in an installed Logstash
 
 You can use the same **2.1** method to run your plugin in an installed Logstash by editing its `Gemfile` and pointing the `:path` to your local plugin development directory. Or you can build the gem and install it using:
 
-- Build your plugin gem
+- Build your plugin gem:
 ```sh
 gem build logstash-output-loginsight.gemspec
 ```
-- Install the plugin from the Logstash home
+- Install the plugin from the Logstash home:
 ```sh
-bin/logstash-plugin install /your/local/plugin/logstash-filter-loginsight.gem
+bin/logstash-plugin install /your/local/plugin/logstash-output-loginsight.gem
 ```
-- Start Logstash and proceed to test the plugin
+- Start Logstash and with the `stdin` input plugin and test connectivity to Log Insight, with debug logging:
 ```sh
-bin/logstash -e 'input { stdin { add_field => { "fieldname" => "10" } } } output { loginsight { host => "10.11.12.13" } }' --log.level=debug
+bin/logstash -e 'input { stdin { add_field => { "fieldname" => "10" } } } output { loginsight { host => ["10.11.12.13"] } }' --log.level=debug
 ```
+
 ## Contributing
 
 All contributions are welcome: ideas, patches, documentation, bug reports, complaints, and even something you drew up on a napkin.

data/lib/logstash/outputs/loginsight.rb

@@ -1,11 +1,18 @@
 # encoding: utf-8
+# Copyright © 2017 VMware, Inc. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+
 require "logstash/outputs/base"
 require "logstash/namespace"
 require "stud/buffer"
 require "manticore"
-#require "logstash/agent"
 
-# An output plugin that sends events to a VMware vRealize Log Insight cluster.
+# This output plugin is used to send Events to a VMware vRealize Log Insight cluster,
+# preserving existing fields on Events as key=value fields. Timestamps are transmitted
+# as milliseconds-since-epoch UTC.
+
+# output { loginsight { host => ["10.11.12.13"] } }
+
 class LogStash::Outputs::Loginsight < LogStash::Outputs::Base
   include Stud::Buffer
 

data/logstash-output-loginsight.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name          = 'logstash-output-loginsight'
-  s.version       = '0.2.0'
+  s.version       = '0.2.1'
   s.licenses      = ['Apache-2.0']
   s.summary       = 'Output events to a Log Insight server. This uses the Ingestion API protocol.'
   s.description   = 'This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install logstash-output-loginsight. This gem is not a stand-alone program.'
@@ -21,5 +21,5 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
   s.add_runtime_dependency "manticore", "~> 0.6", ">= 0.6.0"
 
-  s.add_development_dependency "logstash-devutils", "~> 0", ">= 1.3.1"
+  s.add_development_dependency "logstash-devutils"
 end

data/spec/outputs/loginsight_spec.rb

@@ -1,4 +1,7 @@
 # encoding: utf-8
+# Copyright © 2017 VMware, Inc. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+
 require "logstash/devutils/rspec/spec_helper"
 require "logstash/outputs/loginsight"
 require "logstash/codecs/plain"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-output-loginsight
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.2.1
 platform: ruby
 authors:
 - Alan Castonguay
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-04-04 00:00:00.000000000 Z
+date: 2017-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -53,23 +53,17 @@ dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.1
+        version: '0'
   name: logstash-devutils
   prerelease: false
   type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.1
+        version: '0'
 description: This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install logstash-output-loginsight. This gem is not a stand-alone program.
 email: acastonguay@vmware.com
 executables: []