logstash-output-splunk_hec 0.2.1 → 0.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '09f53b9c010a8b0a598df047bd79b44358b8960c512897b58d02b6ca046b1b0c'
-  data.tar.gz: b6887b783ed1bfae45cc50850d3a59ccfd07e1a00a492462e1d7e518f9bda250
+  metadata.gz: f12ba6a4c0c7bd31ea2444db3fa0c169c064f2ca57e3a84e99a6a302f9e730bf
+  data.tar.gz: 13b156bbb63461b8d5c5937ac413815e32de9d6912fc6572369c7157e974984f
 SHA512:
-  metadata.gz: 77d1fc5fbbef2c3e21367253f9add4451f5c512025d82cb3b21f15d3b2824e76605c301accf6e1eeeacd9fc13328a7770b6fbbbc3f1933af42e70ed69b7c12e6
-  data.tar.gz: c84e0e56254de9d4829d7aeacdf2bcfe7e3b80bdc949a9cabbe3b7fc23ed5fec4c141ea35fb07bc346f58f498b46010f366b883d1f54f5adf7becc26f50223d4
+  metadata.gz: c0f8630726eb385d0b12eff6902889a18522b40dcb3bb9465e8203b26aabe2f0e68d5037a1af34f773f0ddb178a14d19bd953e01dd7ffa6776e3a162752c4763
+  data.tar.gz: 43136925203426b59f606b4190b255a2ef9f4fd92a2e6761e553ba0856e486459acf57e84e5717e64ab1c17177b14366c58b4c24309508e6107a2c1193da6bb0

data/lib/logstash/outputs/splunk_hec.rb

@@ -11,21 +11,23 @@ class LogStash::Outputs::SplunkHec < LogStash::Outputs::Base
 
   concurrency :shared
 
-  config :token, :validate => :string, :required => true
-  config :host, :validate => :string, :required => true
+  config :hec_token, :validate => :string, :required => true
+  config :hec_host, :validate => :string, :required => true
+  config :host, :validate => :string, :default => "none"
+  config :source, :validate => :string, :default => "none"
+  config :sourcetype, :validate => :string, :default => "none"
   config :port, :validate => :number, :default => 443
   config :index, :validate => :string, :default => "main"
-  config :sourcetype, :validate => :string, :default => "_json"
   config :batch_size, :validate => :number, :default => 100
   config :flush_interval, :validate => :number, :default => 5
   config :retry_count, :validate => :number, :default => 3
 
   public
   def register
-    @http = Net::HTTP.new(@host, @port)
+    @http = Net::HTTP.new(@hec_host, @port)
     @http.use_ssl = true
     @http.verify_mode = OpenSSL::SSL::VERIFY_NONE
-    @uri = URI.parse("https://#{@host}:#{@port}/services/collector/event")
+    @uri = URI.parse("https://#{@hec_host}:#{@port}/services/collector/event")
     
     @event_batch = Concurrent::Array.new
     @last_flush = Concurrent::AtomicReference.new(Time.now)
@@ -52,12 +54,12 @@ class LogStash::Outputs::SplunkHec < LogStash::Outputs::Base
 
     hec_event = {
       "time" => event.get("@timestamp").to_i,
-      "host" => event.get("host")&.fetch("name") { Socket.gethostname },
-      "source" => event.get("source") { "logstash" },
-      "sourcetype" => @sourcetype,
+      "host" => @host != "none" ? @host : event.get("host")&.fetch("name") { Socket.gethostname } || "default_host",
+      "source" => @source != "none" ? @source : event.get("source") { "logstash" },
+      "sourcetype" => @sourcetype != "none" ? @sourcetype : "_json",
       "index" => @index,
       "event" => event_data
-    }
+    }    
 
     @event_batch << hec_event
   end
@@ -78,7 +80,7 @@ class LogStash::Outputs::SplunkHec < LogStash::Outputs::Base
 
     batch_to_send = @event_batch.slice!(0, @batch_size)
     request = Net::HTTP::Post.new(@uri.request_uri)
-    request["Authorization"] = "Splunk #{@token}"
+    request["Authorization"] = "Splunk #{@hec_token}"
     request["Content-Type"] = "application/json"
     request.body = batch_to_send.map(&:to_json).join("\n")
 

data/logstash-output-splunk_hec.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name          = 'logstash-output-splunk_hec'
-  s.version       = '0.2.1'
+  s.version       = '0.2.2'
   s.licenses      = ['Apache-2.0']
   s.summary       = 'Logstash Output Plugin for SplunkHec'
   s.authors       = ['Elisha Mawson']

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: logstash-output-splunk_hec
 version: !ruby/object:Gem::Version
-  version: 0.2.1
+  version: 0.2.2
 platform: ruby
 authors:
 - Elisha Mawson