logstash-output-opensearch 1.2.0-java → 1.3.0-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/DEVELOPER_GUIDE.md +9 -0
- data/Gemfile +1 -1
- data/MAINTAINERS.md +3 -0
- data/README.md +70 -1
- data/lib/logstash/outputs/opensearch/http_client.rb +1 -1
- data/lib/logstash/outputs/opensearch/templates/ecs-disabled/2x.json +44 -0
- data/lib/logstash/outputs/opensearch/templates/ecs-v8/1x.json +5252 -0
- data/lib/logstash/outputs/opensearch/templates/ecs-v8/2x.json +5252 -0
- data/lib/logstash/outputs/opensearch/templates/ecs-v8/7x.json +5252 -0
- data/lib/logstash/outputs/opensearch.rb +2 -2
- data/logstash-output-opensearch.gemspec +3 -2
- data/spec/integration/outputs/compressed_indexing_spec.rb +7 -1
- data/spec/integration/outputs/index_spec.rb +7 -1
- data/spec/integration/outputs/ingest_pipeline_spec.rb +2 -1
- data/spec/integration/outputs/parent_spec.rb +1 -1
- data/spec/integration/outputs/retry_spec.rb +2 -1
- data/spec/integration/outputs/templates_spec.rb +83 -57
- data/spec/opensearch_spec_helper.rb +10 -0
- data/spec/unit/outputs/opensearch/http_client_spec.rb +1 -1
- data/spec/unit/outputs/opensearch/template_manager_spec.rb +23 -4
- data/spec/unit/outputs/opensearch_spec.rb +16 -0
- data.tar.gz.sig +0 -0
- metadata +48 -25
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bbe40e1f039f2d91a4adfb8b8fb9a28fd877156bf270060fa1d294986a769983
|
|
4
|
+
data.tar.gz: 9c2bd44c3e32cbf31d3ffac173a5e9b0ff2e4bcb9c4bd27267ac70a3a88ee6da
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ed114d31a8dd15ebe57cba0d87c278efe3be2a47743aa2cdfe99bf861e0934edb2772d09aa59eda0d9428b119dde77a16c82371ce19ca1cbfb5c6ce736692690
|
|
7
|
+
data.tar.gz: df6263f5109d5834bc19fa9804c082c95dc1867eed7926be99b7682c4c1cfb3abffa0ff23b16f123f55f196e353527d31d8d5a61f3011bbf56805f43fa890fdc
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
data/DEVELOPER_GUIDE.md
CHANGED
|
@@ -8,6 +8,7 @@
|
|
|
8
8
|
- [Run plugin](#run-plugin-in-logstash)
|
|
9
9
|
- [Configuration for Logstash Output OpenSearch Plugin](#configuration-for-logstash-output-opensearch-plugin)
|
|
10
10
|
- [Submitting Changes](#submitting-changes)
|
|
11
|
+
- [Backports](#backports)
|
|
11
12
|
|
|
12
13
|
# Developer Guide
|
|
13
14
|
|
|
@@ -206,3 +207,11 @@ Authorization to a secure OpenSearch cluster requires read permission at [index
|
|
|
206
207
|
## Submitting Changes
|
|
207
208
|
|
|
208
209
|
See [CONTRIBUTING](CONTRIBUTING.md).
|
|
210
|
+
|
|
211
|
+
## Backports
|
|
212
|
+
|
|
213
|
+
The Github workflow in [`backport.yml`](.github/workflows/backport.yml) creates backport PRs automatically when the
|
|
214
|
+
original PR with an appropriate label `backport <backport-branch-name>` is merged to main with the backport workflow
|
|
215
|
+
run successfully on the PR. For example, if a PR on main needs to be backported to `1.x` branch, add a label
|
|
216
|
+
`backport 1.x` to the PR and make sure the backport workflow runs on the PR along with other checks. Once this PR is
|
|
217
|
+
merged to main, the workflow will create a backport PR to the `1.x` branch.
|
data/Gemfile
CHANGED
|
@@ -17,4 +17,4 @@ use_logstash_source = ENV["LOGSTASH_SOURCE"] && ENV["LOGSTASH_SOURCE"].to_s == "
|
|
|
17
17
|
if Dir.exist?(logstash_path) && use_logstash_source
|
|
18
18
|
gem 'logstash-core', :path => "#{logstash_path}/logstash-core"
|
|
19
19
|
gem 'logstash-core-plugin-api', :path => "#{logstash_path}/logstash-core-plugin-api"
|
|
20
|
-
end
|
|
20
|
+
end
|
data/MAINTAINERS.md
CHANGED
|
@@ -22,6 +22,9 @@ This document explains who the maintainers are (see below), what they do in this
|
|
|
22
22
|
| Jack Mazanec | [jmazanec15](https://github.com/jmazanec15) | Amazon |
|
|
23
23
|
| Vamshi Vijay Nakkirtha | [vamshin](https://github.com/vamshin) | Amazon |
|
|
24
24
|
| Vijayan Balasubramanian | [VijayanB](https://github.com/VijayanB) | Amazon |
|
|
25
|
+
| Deep Datta | [deepdatta](https://github.com/deepdatta) | Amazon |
|
|
26
|
+
| David Venable | [dlvenable](https://github.com/dlvenable) | Amazon |
|
|
27
|
+
| Shivani Shukla | [sshivanii](https://github.com/sshivanii) | Amazon |
|
|
25
28
|
|
|
26
29
|
## Maintainer Responsibilities
|
|
27
30
|
|
data/README.md
CHANGED
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
[](https://github.com/opensearch-project/logstash-output-opensearch/actions/workflows/CI.yml)
|
|
2
2
|
|
|
3
|
-
# Logstash
|
|
3
|
+
# Logstash Output OpenSearch
|
|
4
4
|
|
|
5
5
|
- [Welcome!](#welcome)
|
|
6
6
|
- [Project Resources](#project-resources)
|
|
7
|
+
- [Configuration for Logstash Output Opensearch Plugin](#configuration-for-logstash-output-opensearch-plugin)
|
|
7
8
|
- [Code of Conduct](#code-of-conduct)
|
|
8
9
|
- [License](#license)
|
|
9
10
|
- [Copyright](#copyright)
|
|
@@ -12,6 +13,8 @@
|
|
|
12
13
|
|
|
13
14
|
**logstash-output-opensearch** is a community-driven, open source fork logstash-output-elasticsearch licensed under the [Apache v2.0 License](LICENSE). For more information, see [opensearch.org](https://opensearch.org/).
|
|
14
15
|
|
|
16
|
+
The logstash-output-opensearch plugin helps to ship events from Logstash to OpenSearch cluster.
|
|
17
|
+
|
|
15
18
|
## Project Resources
|
|
16
19
|
|
|
17
20
|
* [Project Website](https://opensearch.org/)
|
|
@@ -25,6 +28,72 @@
|
|
|
25
28
|
* [Admin Responsibilities](ADMINS.md)
|
|
26
29
|
* [Security](SECURITY.md)
|
|
27
30
|
|
|
31
|
+
## Configuration for Logstash Output Opensearch Plugin
|
|
32
|
+
|
|
33
|
+
To run the Logstash Output Opensearch plugin, add following configuration in your logstash.conf file.
|
|
34
|
+
```
|
|
35
|
+
output {
|
|
36
|
+
opensearch {
|
|
37
|
+
hosts => ["hostname:port"]
|
|
38
|
+
user => "admin"
|
|
39
|
+
password => "admin"
|
|
40
|
+
index => "logstash-logs-%{+YYYY.MM.dd}"
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
```
|
|
44
|
+
|
|
45
|
+
To run the Logstash Output Opensearch plugin using aws_iam authentication, refer to the sample configuration shown below:
|
|
46
|
+
```
|
|
47
|
+
output {
|
|
48
|
+
opensearch {
|
|
49
|
+
hosts => ["hostname:port"]
|
|
50
|
+
auth_type => {
|
|
51
|
+
type => 'aws_iam'
|
|
52
|
+
aws_access_key_id => 'ACCESS_KEY'
|
|
53
|
+
aws_secret_access_key => 'SECRET_KEY'
|
|
54
|
+
region => 'us-west-2'
|
|
55
|
+
}
|
|
56
|
+
index => "logstash-logs-%{+YYYY.MM.dd}"
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
```
|
|
60
|
+
|
|
61
|
+
In addition to the existing authentication mechanisms, if we want to add new authentication then we will be adding them in the configuration by using auth_type.
|
|
62
|
+
|
|
63
|
+
Example Configuration for basic authentication:
|
|
64
|
+
```
|
|
65
|
+
output {
|
|
66
|
+
opensearch {
|
|
67
|
+
hosts => ["hostname:port"]
|
|
68
|
+
auth_type => {
|
|
69
|
+
type => 'basic'
|
|
70
|
+
user => 'admin'
|
|
71
|
+
password => 'admin'
|
|
72
|
+
}
|
|
73
|
+
index => "logstash-logs-%{+YYYY.MM.dd}"
|
|
74
|
+
}
|
|
75
|
+
}
|
|
76
|
+
```
|
|
77
|
+
|
|
78
|
+
To ingest data into a `data stream` through logstash, we need to create the data stream and specify the name of data stream and the `op_type` of `create` in the output configuration. The sample configuration is shown below:
|
|
79
|
+
|
|
80
|
+
```yml
|
|
81
|
+
output {
|
|
82
|
+
opensearch {
|
|
83
|
+
hosts => ["https://hostname:port"]
|
|
84
|
+
auth_type => {
|
|
85
|
+
type => 'basic'
|
|
86
|
+
user => 'admin'
|
|
87
|
+
password => 'admin'
|
|
88
|
+
}
|
|
89
|
+
index => "my-data-stream"
|
|
90
|
+
action => "create"
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
```
|
|
94
|
+
|
|
95
|
+
For more details refer to this [documentation](https://opensearch.org/docs/latest/clients/logstash/ship-to-opensearch/#opensearch-output-plugin)
|
|
96
|
+
|
|
28
97
|
## Code of Conduct
|
|
29
98
|
|
|
30
99
|
This project has adopted the [Amazon Open Source Code of Conduct](CODE_OF_CONDUCT.md). For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq), or contact [opensource-codeofconduct@amazon.com](mailto:opensource-codeofconduct@amazon.com) with any additional questions or comments.
|
|
@@ -383,7 +383,7 @@ module LogStash; module Outputs; class OpenSearch;
|
|
|
383
383
|
end
|
|
384
384
|
|
|
385
385
|
def template_put(name, template)
|
|
386
|
-
path = "
|
|
386
|
+
path = "/#{template_endpoint}/#{name}"
|
|
387
387
|
logger.info("Installing OpenSearch template", name: name)
|
|
388
388
|
@pool.put(path, nil, LogStash::Json.dump(template))
|
|
389
389
|
end
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
{
|
|
2
|
+
"index_patterns" : "logstash-*",
|
|
3
|
+
"version" : 60001,
|
|
4
|
+
"settings" : {
|
|
5
|
+
"index.refresh_interval" : "5s",
|
|
6
|
+
"number_of_shards": 1
|
|
7
|
+
},
|
|
8
|
+
"mappings" : {
|
|
9
|
+
"dynamic_templates" : [ {
|
|
10
|
+
"message_field" : {
|
|
11
|
+
"path_match" : "message",
|
|
12
|
+
"match_mapping_type" : "string",
|
|
13
|
+
"mapping" : {
|
|
14
|
+
"type" : "text",
|
|
15
|
+
"norms" : false
|
|
16
|
+
}
|
|
17
|
+
}
|
|
18
|
+
}, {
|
|
19
|
+
"string_fields" : {
|
|
20
|
+
"match" : "*",
|
|
21
|
+
"match_mapping_type" : "string",
|
|
22
|
+
"mapping" : {
|
|
23
|
+
"type" : "text", "norms" : false,
|
|
24
|
+
"fields" : {
|
|
25
|
+
"keyword" : { "type": "keyword", "ignore_above": 256 }
|
|
26
|
+
}
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
} ],
|
|
30
|
+
"properties" : {
|
|
31
|
+
"@timestamp": { "type": "date"},
|
|
32
|
+
"@version": { "type": "keyword"},
|
|
33
|
+
"geoip" : {
|
|
34
|
+
"dynamic": true,
|
|
35
|
+
"properties" : {
|
|
36
|
+
"ip": { "type": "ip" },
|
|
37
|
+
"location" : { "type" : "geo_point" },
|
|
38
|
+
"latitude" : { "type" : "half_float" },
|
|
39
|
+
"longitude" : { "type" : "half_float" }
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
}
|