logstash-output-snmptrap-v2 1.0.0 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +52 -10
- data/lib/logstash/outputs/snmptrap.rb +7 -2
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: d1df3edc8d485f69e9df02b9605caf38f7e53e269cc02dabff1c4017f2c424da
|
4
|
+
data.tar.gz: f0f12899af7cad8ae5280bcf997a73376d52505872b2de8c8c899ee6ad4c1f89
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 235b8bf89bf0f037c7a6f793cbd9c64145c1ecbb47226b53bacffe6af5658967cf7b007844722fff3575abb7270fc594852d7f97ede516bf03cc5003863dfae4
|
7
|
+
data.tar.gz: 9ed79366b857de1f3a28c34208f8d693361c9c5d06ee76f022aae32f39d624e2a220fe97c671c6bd0364f31fdf2b330d511cc85b37b5795aaa3c44744296860c
|
data/README.md
CHANGED
@@ -11,18 +11,60 @@ SNMP Trap v2c Output for Logstash
|
|
11
11
|
|
12
12
|
#Synopsis
|
13
13
|
```
|
14
|
+
input {
|
15
|
+
http {
|
16
|
+
port => 5000
|
17
|
+
}
|
18
|
+
}
|
19
|
+
|
20
|
+
filter {
|
21
|
+
mutate {
|
22
|
+
# Set defaults, % placeholders are evaluated as message fields.
|
23
|
+
replace => {
|
24
|
+
"AppDetectedTimeStamp" => "%{@timestamp}"
|
25
|
+
"AppMsgTimeStamp" => "%{@timestamp}"
|
26
|
+
"AppEventID" => "Grafana-%{dashboardId}-%{panelId}-%{ruleId}"
|
27
|
+
"AppLabel" => "applabel"
|
28
|
+
"AppEventDescription" => "%{title}\n%{ruleUrl}"
|
29
|
+
"AppFriendlyEventDescription"=> "%{message}"
|
30
|
+
"AppCustomerImpact" => "78"
|
31
|
+
"AppServiceImpact" => "My Service"
|
32
|
+
"AppEventRegion" => "My Region"
|
33
|
+
}
|
34
|
+
}
|
35
|
+
}
|
36
|
+
|
14
37
|
output {
|
15
38
|
snmptrap {
|
16
|
-
codec =>
|
17
|
-
host =>
|
18
|
-
port =>
|
19
|
-
community =>
|
20
|
-
oid =>
|
21
|
-
|
39
|
+
codec => "json"
|
40
|
+
host => "snmpserver"
|
41
|
+
port => "161"
|
42
|
+
community => "public"
|
43
|
+
oid => "1.3.6.1.4.1.48177.2.1.1.121"
|
44
|
+
varbinds => {
|
45
|
+
"1.3.6.1.4.1.48177.2.1.3.1" => "@AppEventID"
|
46
|
+
"1.3.6.1.4.1.48177.2.1.3.2" => "@AppDetectedTimeStamp"
|
47
|
+
"1.3.6.1.4.1.48177.2.1.3.3" => "@AppMsgTimeStamp"
|
48
|
+
"1.3.6.1.4.1.48177.2.1.3.4" => "@AppLabel"
|
49
|
+
"1.3.6.1.4.1.48177.2.1.3.5" => "@AppEventType"
|
50
|
+
"1.3.6.1.4.1.48177.2.1.3.6" => "@AppEventSeverity"
|
51
|
+
"1.3.6.1.4.1.48177.2.1.3.7" => "@AppEventDescription"
|
52
|
+
"1.3.6.1.4.1.48177.2.1.3.8" => "@AppFriendlyEventDescription"
|
53
|
+
"1.3.6.1.4.1.48177.2.1.3.9" => "@AppEventTag"
|
54
|
+
"1.3.6.1.4.1.48177.2.1.3.10" => "@AppCustomerImpact"
|
55
|
+
"1.3.6.1.4.1.48177.2.1.3.11" => "@AppServiceImpact"
|
56
|
+
"1.3.6.1.4.1.48177.2.1.3.12" => "@AppEventRegion"
|
57
|
+
"1.3.6.1.4.1.48177.2.1.3.13" => "!event.to_s"
|
58
|
+
"1.3.6.1.4.1.48177.2.1.3.14" => "@AppTriggerIVR"
|
59
|
+
"1.3.6.1.4.1.48177.2.1.3.15" => "@AppPlatformService"
|
60
|
+
}
|
22
61
|
}
|
23
62
|
}
|
63
|
+
|
24
64
|
```
|
25
65
|
|
66
|
+
Varbind values prefixed with `@` will retrieve the value from that field on the message, values prefixed with `!` will be evaluated as ruby in the a context of `event`, varbind `key`, varbind `value` and the `snmp` manager.
|
67
|
+
|
26
68
|
## Developing
|
27
69
|
|
28
70
|
### 1. Plugin Developement and Testing
|
@@ -57,11 +99,11 @@ bundle exec rspec
|
|
57
99
|
|
58
100
|
- Edit Logstash `Gemfile` and add the local plugin path, for example:
|
59
101
|
```ruby
|
60
|
-
gem "logstash-
|
102
|
+
gem "logstash-output-snmptrap-v2", :path => "/your/local/logstash-output-snmptrap-v2"
|
61
103
|
```
|
62
104
|
- Install plugin
|
63
105
|
```sh
|
64
|
-
|
106
|
+
logstash-plugin install logstash-output-snmptrap-v2
|
65
107
|
```
|
66
108
|
- Run Logstash with your plugin
|
67
109
|
```sh
|
@@ -75,11 +117,11 @@ You can use the same **2.1** method to run your plugin in an installed Logstash
|
|
75
117
|
|
76
118
|
- Build your plugin gem
|
77
119
|
```sh
|
78
|
-
gem build logstash-
|
120
|
+
gem build logstash-output-snmptrap.gemspec
|
79
121
|
```
|
80
122
|
- Install the plugin from the Logstash home
|
81
123
|
```sh
|
82
|
-
bin/plugin install /your/local/plugin/logstash-
|
124
|
+
bin/plugin install /your/local/plugin/logstash-output-snmptrap.gem
|
83
125
|
```
|
84
126
|
- Start Logstash and proceed to test the plugin
|
85
127
|
|
@@ -22,6 +22,8 @@ class LogStash::Outputs::Snmptrap < LogStash::Outputs::Base
|
|
22
22
|
|
23
23
|
# varbind configuration
|
24
24
|
config :varbinds, :default => {"@oid" => "!event.to_s"}
|
25
|
+
|
26
|
+
config :log, :default => false, :validate => :boolean
|
25
27
|
|
26
28
|
def initialize(*args)
|
27
29
|
super(*args)
|
@@ -40,7 +42,8 @@ class LogStash::Outputs::Snmptrap < LogStash::Outputs::Base
|
|
40
42
|
SNMP::Manager.open(trapsender_opts) do |snmp|
|
41
43
|
#set it up and send the whole event using the user specified codec
|
42
44
|
varbinds = []
|
43
|
-
@varbinds.each do |key,
|
45
|
+
@varbinds.each do |key, expression|
|
46
|
+
value = expression.clone
|
44
47
|
if value.start_with?("!")
|
45
48
|
value.delete_prefix!("!")
|
46
49
|
value = eval(value)
|
@@ -55,6 +58,8 @@ class LogStash::Outputs::Snmptrap < LogStash::Outputs::Base
|
|
55
58
|
|
56
59
|
#we dont actually care about the sys_up_time...do we.
|
57
60
|
snmp.trap_v2(0, @oid, varbinds)
|
61
|
+
|
62
|
+
@logger.info("@oid: #{@oid.to_s} @varbinds: #{varbinds.to_s}", :event => event) if @log
|
58
63
|
end
|
59
64
|
end
|
60
65
|
end
|
@@ -69,4 +74,4 @@ class LogStash::Outputs::Snmptrap < LogStash::Outputs::Base
|
|
69
74
|
@oid = event.sprintf(@oid)
|
70
75
|
@codec.encode(event)
|
71
76
|
end
|
72
|
-
end
|
77
|
+
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-output-snmptrap-v2
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Marcel Vingerling
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-09-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: logstash-core-plugin-api
|