logstash-output-snmptrap-v2 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 449fff4e372cbd0d6e7107142ef0a589d9e437a1bb9ecfa7981aadcb02560126
-  data.tar.gz: 2008d53fd0c572f79dcbaeee155390be9d98d4b2c8a46c780c9e2b7f3d272e32
+  metadata.gz: d1df3edc8d485f69e9df02b9605caf38f7e53e269cc02dabff1c4017f2c424da
+  data.tar.gz: f0f12899af7cad8ae5280bcf997a73376d52505872b2de8c8c899ee6ad4c1f89
 SHA512:
-  metadata.gz: 8647579f21a88d5ad28f0cd83d53ca67bbeb697427504301f3daf9b3fd6e69119d7d6ee01fc09e1a8c8dd6f32d7e3c17c4b3b1366f8ac8daac6acec4dbc7af39
-  data.tar.gz: 66a796fdd65781265ccdc8bd41ea263406d9ef7517035126ef0425a60cc8cac889587012364c92aa33161eaa2002bb194524b9421fafa85e266a900847637253
+  metadata.gz: 235b8bf89bf0f037c7a6f793cbd9c64145c1ecbb47226b53bacffe6af5658967cf7b007844722fff3575abb7270fc594852d7f97ede516bf03cc5003863dfae4
+  data.tar.gz: 9ed79366b857de1f3a28c34208f8d693361c9c5d06ee76f022aae32f39d624e2a220fe97c671c6bd0364f31fdf2b330d511cc85b37b5795aaa3c44744296860c

data/README.md

@@ -11,18 +11,60 @@ SNMP Trap v2c Output for Logstash
 
 #Synopsis
 ```
+input {
+  http {
+    port => 5000
+  }
+}
+
+filter {
+  mutate { 
+    # Set defaults, % placeholders are evaluated as message fields.
+    replace => {
+      "AppDetectedTimeStamp" => "%{@timestamp}"
+      "AppMsgTimeStamp" => "%{@timestamp}"
+      "AppEventID" => "Grafana-%{dashboardId}-%{panelId}-%{ruleId}"
+      "AppLabel" => "applabel"
+      "AppEventDescription" => "%{title}\n%{ruleUrl}"
+      "AppFriendlyEventDescription"=> "%{message}"
+      "AppCustomerImpact" => "78"
+      "AppServiceImpact" => "My Service"
+      "AppEventRegion" => "My Region"
+    }
+  }
+}
+
 output {
   snmptrap {
-    codec => ... # codec (optional), default: "line"
-    host => ... # string (optional), default: "0.0.0.0"
-    port => ... # number (optional), default: "162"
-    community => ... # string (optional), default: "public"
-    oid => ... # string (required)
-    yamlmibdir => ... # string (optional)
+    codec => "json"
+    host => "snmpserver"
+    port => "161"
+    community => "public"
+    oid => "1.3.6.1.4.1.48177.2.1.1.121"
+    varbinds => {
+      "1.3.6.1.4.1.48177.2.1.3.1" => "@AppEventID"
+      "1.3.6.1.4.1.48177.2.1.3.2" => "@AppDetectedTimeStamp"
+      "1.3.6.1.4.1.48177.2.1.3.3" => "@AppMsgTimeStamp"
+      "1.3.6.1.4.1.48177.2.1.3.4" => "@AppLabel"
+      "1.3.6.1.4.1.48177.2.1.3.5" => "@AppEventType"
+      "1.3.6.1.4.1.48177.2.1.3.6" => "@AppEventSeverity"
+      "1.3.6.1.4.1.48177.2.1.3.7" => "@AppEventDescription"
+      "1.3.6.1.4.1.48177.2.1.3.8" => "@AppFriendlyEventDescription"
+      "1.3.6.1.4.1.48177.2.1.3.9" => "@AppEventTag"
+      "1.3.6.1.4.1.48177.2.1.3.10" => "@AppCustomerImpact"
+      "1.3.6.1.4.1.48177.2.1.3.11" => "@AppServiceImpact"
+      "1.3.6.1.4.1.48177.2.1.3.12" => "@AppEventRegion"
+      "1.3.6.1.4.1.48177.2.1.3.13" => "!event.to_s"
+      "1.3.6.1.4.1.48177.2.1.3.14" => "@AppTriggerIVR"
+      "1.3.6.1.4.1.48177.2.1.3.15" => "@AppPlatformService"
+    }
   }
 }
+
 ```
 
+Varbind values prefixed with `@` will retrieve the value from that field on the message, values prefixed with `!` will be evaluated as ruby in the a context of `event`, varbind `key`, varbind `value` and the `snmp` manager.
+
 ## Developing
 
 ### 1. Plugin Developement and Testing
@@ -57,11 +99,11 @@ bundle exec rspec
 
 - Edit Logstash `Gemfile` and add the local plugin path, for example:
 ```ruby
-gem "logstash-filter-awesome", :path => "/your/local/logstash-filter-awesome"
+gem "logstash-output-snmptrap-v2", :path => "/your/local/logstash-output-snmptrap-v2"
 ```
 - Install plugin
 ```sh
-bin/plugin install --no-verify
+logstash-plugin install logstash-output-snmptrap-v2
 ```
 - Run Logstash with your plugin
 ```sh
@@ -75,11 +117,11 @@ You can use the same **2.1** method to run your plugin in an installed Logstash
 
 - Build your plugin gem
 ```sh
-gem build logstash-filter-awesome.gemspec
+gem build logstash-output-snmptrap.gemspec
 ```
 - Install the plugin from the Logstash home
 ```sh
-bin/plugin install /your/local/plugin/logstash-filter-awesome.gem
+bin/plugin install /your/local/plugin/logstash-output-snmptrap.gem
 ```
 - Start Logstash and proceed to test the plugin
 

data/lib/logstash/outputs/snmptrap.rb

@@ -22,6 +22,8 @@ class LogStash::Outputs::Snmptrap < LogStash::Outputs::Base
 
   # varbind configuration
   config :varbinds, :default => {"@oid" => "!event.to_s"}
+  
+  config :log, :default => false, :validate => :boolean
 
   def initialize(*args)
     super(*args)
@@ -40,7 +42,8 @@ class LogStash::Outputs::Snmptrap < LogStash::Outputs::Base
       SNMP::Manager.open(trapsender_opts) do |snmp|
         #set it up and send the whole event using the user specified codec
         varbinds = []
-        @varbinds.each do |key, value|
+        @varbinds.each do |key, expression|
+          value = expression.clone
           if value.start_with?("!") 
             value.delete_prefix!("!")
             value = eval(value)
@@ -55,6 +58,8 @@ class LogStash::Outputs::Snmptrap < LogStash::Outputs::Base
 
         #we dont actually care about the sys_up_time...do we.
         snmp.trap_v2(0, @oid, varbinds)
+        
+        @logger.info("@oid: #{@oid.to_s} @varbinds: #{varbinds.to_s}", :event => event) if @log
         end
     end
   end
@@ -69,4 +74,4 @@ class LogStash::Outputs::Snmptrap < LogStash::Outputs::Base
     @oid = event.sprintf(@oid)
     @codec.encode(event)
   end
-end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-output-snmptrap-v2
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Marcel Vingerling
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-18 00:00:00.000000000 Z
+date: 2020-09-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: logstash-core-plugin-api