logstash-output-timber 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 8bf83aa2d2c4239a019db421f39fe16b87f0ede8613a6126b9d8ce7aa17742f9
+  data.tar.gz: 29ab8df17494515feec2301af889b2ec5d277564ae2594ce03f965dc4413d8ba
+SHA512:
+  metadata.gz: 02b47b2a374880b263f0fbbb733b363785ade764cee499e226eda5ccc4b66b163b9bea50f5ff741d439962ea30ba6e1b3700a5ff64113d9006a231f974ac6f68
+  data.tar.gz: 74d986e655bddaf3d3008221fb01abb7c1c82ea272c3289ea303d651e739e13298c740a5cd747ed2949bd95058ade00bd9938f9900d0c30f02a4b2a022825bcf

data/CHANGELOG.md

@@ -0,0 +1,66 @@
+## 4.3.3
+ - Docs: Add plugin description.
+
+## 4.3.2
+ - Docs: Update plugin title.
+
+## 4.3.1
+ - Fix deadlock that could occur in certain situations. All users should upgrade to the latest version.
+   This deadlock was caused by certain async HTTP APIs being called out of order thus creating a race.
+
+## 4.3.0
+ - Add `user` and `password` options to support HTTP basic auth
+ 
+## 4.2.0
+ - Allow nested array in field definition, See https://github.com/logstash-plugins/logstash-output-http/pull/53
+
+## 4.1.0
+ - Allow nested field definitions in `mappings`
+
+## 4.0.0
+ - Major overhaul of internals, adds new retry options
+ - Allow users to specify non-standard response codes as ignorable
+ - Set concurrency level to shared allowing for greater efficiency across threads
+ 
+## 3.1.1
+  - Relax constraint on logstash-core-plugin-api to >= 1.60 <= 2.99
+
+## 3.1.0
+ - breaking,config: Remove deprecated config 'verify_ssl'. Please use 'ssl_certificate_validation'.
+
+## 3.0.1
+ - Republish all the gems under jruby.
+
+## 3.0.0
+ - Update the plugin to the version 2.0 of the plugin api, this change is required for Logstash 5.0 compatibility. See https://github.com/elastic/logstash/issues/5141
+
+## 2.1.3
+ - Depend on logstash-core-plugin-api instead of logstash-core, removing the need to mass update plugins on major releases of logstash
+
+## 2.1.2
+ - New dependency requirements for logstash-core for the 5.0 release
+
+## 2.1.1
+ - Require http_client mixin with better keepalive handling
+
+
+## 2.1.0
+ - Properly close the client on #close
+ - Optimized execution for Logstash 2.2 ng pipeline
+
+## 2.0.5
+ - fixed memory leak
+
+## 2.0.3
+ - fixed potential race condition on async callbacks
+ - silenced specs equest logs and other spec robustness fixes
+
+## 2.0.0
+ - Plugins were updated to follow the new shutdown semantic, this mainly allows Logstash to instruct input plugins to terminate gracefully,
+   instead of using Thread.raise on the plugins' threads. Ref: https://github.com/elastic/logstash/pull/3895
+ - Dependency on logstash-core update to 2.0
+
+## 1.1.0
+ - Concurrent execution
+ - Add many HTTP options via the http_client mixin
+ - Switch to manticore as HTTP Client

data/CONTRIBUTORS

@@ -0,0 +1,17 @@
+The following is a list of people who have contributed ideas, code, bug
+reports, or in general have helped logstash along its way.
+
+Contributors:
+* Christian S. (squiddle)
+* Colin Surprenant (colinsurprenant)
+* John E. Vincent (lusis)
+* Jordan Sissel (jordansissel)
+* Kurt Hurtado (kurtado)
+* Pier-Hugues Pellerin (ph)
+* Richard Pijnenburg (electrical)
+* Ben Johnson (binarylogic)
+
+Note: If you've sent us patches, bug reports, or otherwise contributed to
+Logstash, and you aren't on the list above and want to be, please let us know
+and we'll make sure you're here. Contributions from folks like you are what make
+open source awesome.

data/Gemfile

@@ -0,0 +1,11 @@
+source 'https://rubygems.org'
+
+gemspec
+
+logstash_path = ENV["LOGSTASH_PATH"] || "../../logstash"
+use_logstash_source = ENV["LOGSTASH_SOURCE"] && ENV["LOGSTASH_SOURCE"].to_s == "1"
+
+if Dir.exist?(logstash_path) && use_logstash_source
+  gem 'logstash-core', :path => "#{logstash_path}/logstash-core"
+  gem 'logstash-core-plugin-api', :path => "#{logstash_path}/logstash-core-plugin-api"
+end

data/LICENSE

@@ -0,0 +1,13 @@
+Copyright (c) 2012–2016 Elasticsearch <http://www.elastic.co>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

data/NOTICE.TXT

@@ -0,0 +1,5 @@
+Elasticsearch
+Copyright 2012-2015 Elasticsearch
+
+This product includes software developed by The Apache Software
+Foundation (http://www.apache.org/).

data/README.md

@@ -0,0 +1,98 @@
+# Logstash Plugin
+
+[![Travis Build Status](https://travis-ci.org/logstash-plugins/logstash-output-http.svg)](https://travis-ci.org/logstash-plugins/logstash-output-http)
+
+This is a plugin for [Logstash](https://github.com/elastic/logstash).
+
+It is fully free and fully open source. The license is Apache 2.0, meaning you are pretty much free to use it however you want in whatever way.
+
+## Documentation
+
+Logstash provides infrastructure to automatically generate documentation for this plugin. We use the asciidoc format to write documentation so any comments in the source code will be first converted into asciidoc and then into html. All plugin documentation are placed under one [central location](http://www.elastic.co/guide/en/logstash/current/).
+
+- For formatting code or config example, you can use the asciidoc `[source,ruby]` directive
+- For more asciidoc formatting tips, see the excellent reference here https://github.com/elastic/docs#asciidoc-guide
+
+## Need Help?
+
+Need help? Try #logstash on freenode IRC or the https://discuss.elastic.co/c/logstash discussion forum.
+
+## Developing
+
+### 1. Plugin Developement and Testing
+
+#### Code
+- To get started, you'll need JRuby with the Bundler gem installed.
+
+- Create a new plugin or clone and existing from the GitHub [logstash-plugins](https://github.com/logstash-plugins) organization. We also provide [example plugins](https://github.com/logstash-plugins?query=example).
+
+- Install dependencies
+```sh
+bundle install
+```
+
+#### Test
+
+- Update your dependencies
+
+```sh
+bundle install
+```
+
+- Run tests
+
+```sh
+bundle exec rspec
+```
+
+### 2. Running your unpublished Plugin in Logstash
+
+#### 2.1 Run in a local Logstash clone
+
+- Edit Logstash `Gemfile` and add the local plugin path, for example:
+```ruby
+gem "logstash-filter-awesome", :path => "/your/local/logstash-filter-awesome"
+```
+- Install plugin
+```sh
+# Logstash 2.3 and higher
+bin/logstash-plugin install --no-verify
+
+# Prior to Logstash 2.3
+bin/plugin install --no-verify
+
+```
+- Run Logstash with your plugin
+```sh
+bin/logstash -e 'filter {awesome {}}'
+```
+At this point any modifications to the plugin code will be applied to this local Logstash setup. After modifying the plugin, simply rerun Logstash.
+
+#### 2.2 Run in an installed Logstash
+
+You can use the same **2.1** method to run your plugin in an installed Logstash by editing its `Gemfile` and pointing the `:path` to your local plugin development directory or you can build the gem and install it using:
+
+- Build your plugin gem
+```sh
+gem build logstash-output-http.gemspec
+```
+- Install the plugin from the Logstash home
+```sh
+# Logstash 2.3 and higher
+bin/logstash-plugin install --no-verify
+
+# Prior to Logstash 2.3
+bin/plugin install --no-verify
+
+```
+- Start Logstash and proceed to test the plugin
+
+## Contributing
+
+All contributions are welcome: ideas, patches, documentation, bug reports, complaints, and even something you drew up on a napkin.
+
+Programming is not a required skill. Whatever you've seen about open source and maintainers or community members  saying "send patches or die" - you will not see that here.
+
+It is more important to the community that you are able to contribute.
+
+For more information about contributing, see the [CONTRIBUTING](https://github.com/elastic/logstash/blob/master/CONTRIBUTING.md) file.

data/docs/index.asciidoc

@@ -0,0 +1,212 @@
+:plugin: timber
+:type: output
+
+///////////////////////////////////////////
+START - GENERATED VARIABLES, DO NOT EDIT!
+///////////////////////////////////////////
+:version: %VERSION%
+:release_date: %RELEASE_DATE%
+:changelog_url: %CHANGELOG_URL%
+:include_path: ../../../../logstash/docs/include
+///////////////////////////////////////////
+END - GENERATED VARIABLES, DO NOT EDIT!
+///////////////////////////////////////////
+
+[id="plugins-{type}s-{plugin}"]
+
+=== Timber output plugin
+
+include::{include_path}/plugin_header.asciidoc[]
+
+==== Description
+
+This output sends structured events to the Timber.io logging service.
+
+It's a highly efficient HTTP transport that uses batching and retries for
+fast and reliable delivery.
+
+This output will execute up to 'pool_max' requests in parallel for performance.
+Consider this when tuning this plugin for performance. The default of 50 should
+be sufficient for most setups.
+
+Additionally, note that when parallel execution is used strict ordering of events is not
+guaranteed!
+
+[id="plugins-{type}s-{plugin}-options"]
+==== Timber Output Configuration Options
+
+This plugin supports the following configuration options plus the <<plugins-{type}s-{plugin}-common-options>> described later.
+
+[cols="<,<,<",options="header",]
+|=======================================================================
+|Setting |Input type|Required
+| <<plugins-{type}s-{plugin}-api_key>> |Your Timber.io API key|No
+| <<plugins-{type}s-{plugin}-cacert>> |a valid filesystem path|No
+| <<plugins-{type}s-{plugin}-client_cert>> |a valid filesystem path|No
+| <<plugins-{type}s-{plugin}-client_key>> |a valid filesystem path|No
+| <<plugins-{type}s-{plugin}-connect_timeout>> |<<number,number>>|No
+| <<plugins-{type}s-{plugin}-keystore>> |a valid filesystem path|No
+| <<plugins-{type}s-{plugin}-keystore_password>> |<<password,password>>|No
+| <<plugins-{type}s-{plugin}-keystore_type>> |<<string,string>>|No
+| <<plugins-{type}s-{plugin}-pool_max>> |<<number,number>>|No
+| <<plugins-{type}s-{plugin}-proxy>> |<<,>>|No
+| <<plugins-{type}s-{plugin}-request_timeout>> |<<number,number>>|No
+| <<plugins-{type}s-{plugin}-socket_timeout>> |<<number,number>>|No
+| <<plugins-{type}s-{plugin}-truststore>> |a valid filesystem path|No
+| <<plugins-{type}s-{plugin}-truststore_password>> |<<password,password>>|No
+| <<plugins-{type}s-{plugin}-truststore_type>> |<<string,string>>|No
+|=======================================================================
+
+Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
+output plugins.
+
+&nbsp;
+
+[id="plugins-{type}s-{plugin}-api_key"]
+===== `cacert`
+
+  * Value type is <<string,string>>
+  * There is no default value for this setting.
+
+Your Timber.io API key. You can obtain your API by creating an app in the
+[Timber console](https://app.timber.io).
+
+
+[id="plugins-{type}s-{plugin}-client_cert"]
+===== `client_cert`
+
+  * Value type is <<path,path>>
+  * There is no default value for this setting.
+
+If you'd like to use a client certificate (note, most people don't want this) set the path to the x509 cert here
+
+
+[id="plugins-{type}s-{plugin}-client_key"]
+===== `client_key`
+
+  * Value type is <<path,path>>
+  * There is no default value for this setting.
+
+If you're using a client certificate specify the path to the encryption key here
+
+
+[id="plugins-{type}s-{plugin}-connect_timeout"]
+===== `connect_timeout`
+
+  * Value type is <<number,number>>
+  * Default value is `10`
+
+Timeout (in seconds) to wait for a connection to be established. Default is `10s`
+
+
+[id="plugins-{type}s-{plugin}-keystore"]
+===== `keystore`
+
+  * Value type is <<path,path>>
+  * There is no default value for this setting.
+
+If you need to use a custom keystore (`.jks`) specify that here. This does not work with .pem keys!
+
+
+[id="plugins-{type}s-{plugin}-keystore_password"]
+===== `keystore_password`
+
+  * Value type is <<password,password>>
+  * There is no default value for this setting.
+
+Specify the keystore password here.
+Note, most .jks files created with keytool require a password!
+
+
+[id="plugins-{type}s-{plugin}-keystore_type"]
+===== `keystore_type`
+
+  * Value type is <<string,string>>
+  * Default value is `"JKS"`
+
+Specify the keystore type here. One of `JKS` or `PKCS12`. Default is `JKS`
+
+
+[id="plugins-{type}s-{plugin}-pool_max"]
+===== `pool_max`
+
+  * Value type is <<number,number>>
+  * Default value is `50`
+
+Max number of concurrent connections. Defaults to `50`
+
+
+[id="plugins-{type}s-{plugin}-proxy"]
+===== `proxy`
+
+  * Value type is <<string,string>>
+  * There is no default value for this setting.
+
+If you'd like to use an HTTP proxy . This supports multiple configuration syntaxes:
+
+1. Proxy host in form: `http://proxy.org:1234`
+2. Proxy host in form: `{host => "proxy.org", port => 80, scheme => 'http', user => 'username@host', password => 'password'}`
+3. Proxy host in form: `{url =>  'http://proxy.org:1234', user => 'username@host', password => 'password'}`
+
+
+[id="plugins-{type}s-{plugin}-request_timeout"]
+===== `request_timeout`
+
+  * Value type is <<number,number>>
+  * Default value is `60`
+
+This module makes it easy to add a very fully configured HTTP client to logstash
+based on [Manticore](https://github.com/cheald/manticore).
+For an example of its usage see https://github.com/logstash-plugins/logstash-input-http_poller
+Timeout (in seconds) for the entire request
+
+
+[id="plugins-{type}s-{plugin}-socket_timeout"]
+===== `socket_timeout`
+
+  * Value type is <<number,number>>
+  * Default value is `10`
+
+Timeout (in seconds) to wait for data on the socket. Default is `10s`
+
+
+[id="plugins-{type}s-{plugin}-ssl_certificate_validation"]
+===== `ssl_certificate_validation`
+
+  * Value type is <<boolean,boolean>>
+  * Default value is `true`
+
+Set this to false to disable SSL/TLS certificate validation
+Note: setting this to false is generally considered insecure!
+
+
+[id="plugins-{type}s-{plugin}-truststore"]
+===== `truststore`
+
+  * Value type is <<path,path>>
+  * There is no default value for this setting.
+
+If you need to use a custom truststore (`.jks`) specify that here. This does not work with .pem certs!
+
+
+[id="plugins-{type}s-{plugin}-truststore_password"]
+===== `truststore_password`
+
+  * Value type is <<password,password>>
+  * There is no default value for this setting.
+
+Specify the truststore password here.
+Note, most .jks files created with keytool require a password!
+
+
+[id="plugins-{type}s-{plugin}-truststore_type"]
+===== `truststore_type`
+
+  * Value type is <<string,string>>
+  * Default value is `"JKS"`
+
+Specify the truststore type here. One of `JKS` or `PKCS12`. Default is `JKS`
+
+
+[id="plugins-{type}s-{plugin}-common-options"]
+include::{include_path}/{type}.asciidoc[]

data/lib/logstash/outputs/timber/http_client.rb

@@ -0,0 +1,131 @@
+# encoding: utf-8
+require "logstash/config/mixin"
+require "manticore"
+
+# This contains the HTTP client code within it's own namespace. It is based off
+# of the logstash-mixin-http_client plugin.
+class LogStash::Outputs::Timber < LogStash::Outputs::Base
+  module HttpClient
+    class InvalidHTTPConfigError < StandardError; end
+
+    def self.included(base)
+      base.extend(self)
+      base.setup_http_client_config
+    end
+
+    def setup_http_client_config
+      # Timeout (in seconds) for the entire request
+      config :request_timeout, :validate => :number, :default => 60
+
+      # Timeout (in seconds) to wait for data on the socket. Default is `10s`
+      config :socket_timeout, :validate => :number, :default => 10
+
+      # Timeout (in seconds) to wait for a connection to be established. Default is `10s`
+      config :connect_timeout, :validate => :number, :default => 10
+
+      # Max number of concurrent connections. Defaults to `50`
+      config :pool_max, :validate => :number, :default => 50
+
+      # If you need to use a custom X.509 CA (.pem certs) specify the path to that here
+      config :cacert, :validate => :path
+
+      # If you'd like to use a client certificate (note, most people don't want this) set the path to the x509 cert here
+      config :client_cert, :validate => :path
+
+      # If you're using a client certificate specify the path to the encryption key here
+      config :client_key, :validate => :path
+
+      # If you need to use a custom keystore (`.jks`) specify that here. This does not work with .pem keys!
+      config :keystore, :validate => :path
+
+      # Specify the keystore password here.
+      # Note, most .jks files created with keytool require a password!
+      config :keystore_password, :validate => :password
+
+      # Specify the keystore type here. One of `JKS` or `PKCS12`. Default is `JKS`
+      config :keystore_type, :validate => :string, :default => "JKS"
+
+      # If you need to use a custom truststore (`.jks`) specify that here. This does not work with .pem certs!
+      config :truststore, :validate => :path
+
+      # Specify the truststore password here.
+      # Note, most .jks files created with keytool require a password!
+      config :truststore_password, :validate => :password
+
+      # Specify the truststore type here. One of `JKS` or `PKCS12`. Default is `JKS`
+      config :truststore_type, :validate => :string, :default => "JKS"
+
+      # If you'd like to use an HTTP proxy . This supports multiple configuration syntaxes:
+      #
+      # 1. Proxy host in form: `http://proxy.org:1234`
+      # 2. Proxy host in form: `{host => "proxy.org", port => 80, scheme => 'http', user => 'username@host', password => 'password'}`
+      # 3. Proxy host in form: `{url =>  'http://proxy.org:1234', user => 'username@host', password => 'password'}`
+      config :proxy
+    end
+
+    def build_http_client_config
+      c = {
+        connect_timeout: @connect_timeout,
+        socket_timeout: @socket_timeout,
+        request_timeout: @request_timeout,
+        follow_redirects: true,
+        automatic_retries: 1,
+        retry_non_idempotent: true,
+        check_connection_timeout: 200,
+        pool_max: @pool_max,
+        pool_max_per_route: @pool_max,
+        cookies: false,
+        keepalive: true
+      }
+
+      if @proxy
+        # Symbolize keys if necessary
+        c[:proxy] = @proxy.is_a?(Hash) ?
+          @proxy.reduce({}) {|memo,(k,v)| memo[k.to_sym] = v; memo} :
+          @proxy
+      end
+
+      c[:ssl] = {}
+      if @cacert
+        c[:ssl][:ca_file] = @cacert
+      end
+
+      if @truststore
+        c[:ssl].merge!(
+          :truststore => @truststore,
+          :truststore_type => @truststore_type,
+          :truststore_password => @truststore_password.value
+        )
+
+        if c[:ssl][:truststore_password].nil?
+          raise LogStash::ConfigurationError, "Truststore declared without a password! This is not valid, please set the 'truststore_password' option"
+        end
+      end
+
+      if @keystore
+        c[:ssl].merge!(
+          :keystore => @keystore,
+          :keystore_type => @keystore_type,
+          :keystore_password => @keystore_password.value
+        )
+
+        if c[:ssl][:keystore_password].nil?
+          raise LogStash::ConfigurationError, "Keystore declared without a password! This is not valid, please set the 'keystore_password' option"
+        end
+      end
+
+      if @client_cert && @client_key
+        c[:ssl][:client_cert] = @client_cert
+        c[:ssl][:client_key] = @client_key
+      elsif !!@client_cert ^ !!@client_key
+        raise InvalidHTTPConfigError, "You must specify both client_cert and client_key for an HTTP client, or neither!"
+      end
+
+      c
+    end
+
+    def http_client
+      @http_client ||= Manticore::Client.new(build_http_client_config)
+    end
+  end
+end

data/lib/logstash/outputs/timber.rb

@@ -0,0 +1,141 @@
+# encoding: utf-8
+
+# Core classes
+require "base64"
+require "uri"
+
+# Logstash classes
+require "logstash/namespace"
+require "logstash/json"
+require "logstash/outputs/base"
+require "logstash/outputs/timber/http_client"
+
+class LogStash::Outputs::Timber < LogStash::Outputs::Base
+  include HttpClient
+
+  VERSION = "1.0.0".freeze
+  CONTENT_TYPE = "application/json".freeze
+  MAX_ATTEMPTS = 3
+  METHOD = :post.freeze
+  RETRYABLE_MANTICORE_EXCEPTIONS = [
+    ::Manticore::Timeout,
+    ::Manticore::SocketException,
+    ::Manticore::ClientProtocolException,
+    ::Manticore::ResolutionFailure,
+    ::Manticore::SocketTimeout
+  ].freeze
+  RETRYABLE_CODES = [429, 500, 502, 503, 504].freeze
+  URL = "https://logs.timber.io/frames".freeze
+  USER_AGENT = "Timber Logstash/#{VERSION}".freeze
+
+  # Attribute for testing purposes only
+  attr_writer :url
+
+  concurrency :shared
+
+  # This output lets you send events to the Timber.io logging service.
+  #
+  # This output will execute up to 'pool_max' requests in parallel for performance.
+  # Consider this when tuning this plugin for performance.
+  #
+  # Additionally, note that when parallel execution is used strict ordering of events is not
+  # guaranteed!
+  #
+  # Beware, this gem does not yet support codecs. Please use the 'format' option for now.
+  config_name "timber"
+
+  # Your Timber API key. This can be obtained by creating an app at https://app.timber.io.
+  # Already have an app? You can find your API key in your app's settings.
+  config :api_key, :validate => :string, :required => :true
+
+  def register
+    encoded_api_key = Base64.urlsafe_encode64(@api_key).chomp
+    authorization_value = "Basic #{encoded_api_key}"
+    @headers = {
+      "Authorization" => authorization_value,
+      "Content-Type" => CONTENT_TYPE,
+      "User-Agent" => USER_AGENT
+    }
+    @url = URL
+  end
+
+  def multi_receive(events)
+    send_events(events, 1)
+  end
+
+  def close
+    http_client.close
+  end
+
+  private
+    def send_events(events, attempt)
+      if attempt > MAX_ATTEMPTS
+        @logger.warn(
+          "Max attempts exceeded, dropping events",
+          :attempt => attempt
+        )
+        return false
+      end
+
+      response =
+        begin
+          hash_events = events.collect(&:to_hash)
+          body = LogStash::Json.dump(hash_events)
+          http_client.post(@url, :body => body, :headers => @headers)
+        rescue Exception => e
+          if retryable_exception?(e)
+            @logger.warn(
+              "Attempt #{attempt}, retryable exception when making request",
+              :attempt => attempt,
+              :class => e.class.name,
+              :message => e.message,
+              :backtrace => e.backtrace
+            )
+            return send_events(events, attempt + 1)
+          else
+            @logger.error(
+              "Attempt #{attempt}, fatal exception when making request",
+              :attempt => attempt,
+              :class => e.class.name,
+              :message => e.message,
+              :backtrace => e.backtrace
+            )
+            return false
+          end
+        end
+
+      code = response.code
+
+      if code >= 200 && code <= 299
+        true
+      elsif RETRYABLE_CODES.include?(code)
+        @logger.warn(
+          "Bad retryable response from the Timber API",
+          :attempt => attempt,
+          :code => code
+        )
+        sleep_time = sleep_for_attempt(attempt)
+        sleep(sleep_time)
+        send_events(events, attempt + 1)
+      else
+        @logger.error(
+          "Bad fatal response from the Timber API",
+          :attempt => attempt,
+          :code => code
+        )
+        false
+      end
+    end
+
+    def retryable_exception?(e)
+      RETRYABLE_MANTICORE_EXCEPTIONS.any? do |exception_class|
+        e.is_a?(exception_class)
+      end
+    end
+
+    def sleep_for_attempt(attempt)
+      sleep_for = attempt ** 2
+      sleep_for = sleep_for <= 60 ? sleep_for : 60
+      (sleep_for / 2) + (rand(0..sleep_for) / 2)
+    end
+end

data/logstash-output-timber.gemspec

@@ -0,0 +1,29 @@
+Gem::Specification.new do |s|
+  s.name            = 'logstash-output-timber'
+  s.version         = "1.0.0"
+  s.licenses        = ['Apache License (2.0)']
+  s.summary         = "This output send events to the Timber.io logging service"
+  s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
+  s.authors         = ["Elastic"]
+  s.email           = 'info@elastic.co'
+  s.homepage        = "http://www.elastic.co/guide/en/logstash/current/index.html"
+  s.require_paths = ["lib"]
+
+  # Files
+  s.files = Dir["lib/**/*","spec/**/*","*.gemspec","*.md","CONTRIBUTORS","Gemfile","LICENSE","NOTICE.TXT", "vendor/jar-dependencies/**/*.jar", "vendor/jar-dependencies/**/*.rb", "VERSION", "docs/**/*"]
+
+  # Tests
+  s.test_files = s.files.grep(%r{^(test|spec|features)/})
+
+  # Special flag to let us know this is actually a logstash plugin
+  s.metadata = { "logstash_plugin" => "true", "logstash_group" => "output" }
+
+  # Gem dependencies
+  s.add_runtime_dependency 'logstash-core-plugin-api', '>= 1.60', '<= 2.99'
+  s.add_runtime_dependency 'manticore', '>= 0.5.2', '< 1.0.0'
+
+  s.add_development_dependency 'logstash-devutils'
+  s.add_development_dependency 'logstash-codec-plain'
+  s.add_development_dependency 'sinatra'
+  s.add_development_dependency 'webrick'
+end

data/spec/outputs/timber_spec.rb

@@ -0,0 +1,145 @@
+require "logstash/devutils/rspec/spec_helper"
+require "logstash/outputs/timber"
+require "logstash/codecs/plain"
+require "thread"
+require "sinatra"
+
+PORT = rand(65535-1024) + 1025
+
+class LogStash::Outputs::Timber
+  attr_writer :agent
+  attr_reader :request_tokens
+end
+
+# note that Sinatra startup and shutdown messages are directly logged to stderr so
+# it is not really possible to disable them without reopening stderr which is not advisable.
+#
+# == Sinatra (v1.4.6) has taken the stage on 51572 for development with backup from WEBrick
+# == Sinatra has ended his set (crowd applauds)
+
+class TestApp < Sinatra::Base
+  # disable WEBrick logging
+  def self.server_settings
+    { :AccessLog => [], :Logger => WEBrick::BasicLog::new(nil, WEBrick::BasicLog::FATAL) }
+  end
+
+  def self.add_request(request)
+    self.requests << request
+  end
+
+  def self.requests
+    @requests ||= []
+  end
+
+  def self.reset_requests
+    @requests = []
+  end
+
+  post "/good" do
+    self.class.add_request(request)
+    [200, "Good"]
+  end
+
+  post "/auth_error" do
+    self.class.add_request(request)
+    [403, "Bad"]
+  end
+
+  post "/server_error" do
+    self.class.add_request(request)
+    [500, "Bad"]
+  end
+end
+
+RSpec.configure do |config|
+  #http://stackoverflow.com/questions/6557079/start-and-call-ruby-http-server-in-the-same-script
+  def sinatra_run_wait(app, opts)
+    queue = Queue.new
+
+    t = java.lang.Thread.new(
+      proc do
+        begin
+          app.run!(opts) do |server|
+            queue.push("started")
+          end
+        rescue => e
+          puts "Error in webserver thread #{e}"
+          # ignore
+        end
+      end
+    )
+    t.daemon = true
+    t.start
+    queue.pop # blocks until the run! callback runs
+  end
+
+  config.before(:suite) do
+    sinatra_run_wait(TestApp, :port => PORT, :server => 'webrick')
+    puts "Test webserver on port #{PORT}"
+  end
+end
+
+describe LogStash::Outputs::Timber do
+  let(:port) { PORT }
+  let(:output) { described_class.new({"api_key" => "123:abcd1234", "pool_max" => 1}) }
+  let(:event) { LogStash::Event.new({"message" => "hi"}) }
+  let(:requests) { TestApp.requests }
+
+  before(:each) do
+    output.register
+    TestApp.reset_requests
+  end
+
+  describe "#send_events" do
+    it "returns false when the max attempts are exceeded" do
+      result = output.send(:send_events, [event], 6)
+      expect(result).to eq(false)
+    end
+
+    it "returns false when the status is 403" do
+      output.url = "http://localhost:#{port}/auth_error"
+      result = output.send(:send_events, [event], 1)
+      expect(result).to eq(false)
+      expect(requests.length).to eq(1)
+    end
+
+    it "returns false when the status is 500" do
+      allow(output).to receive(:sleep_for_attempt).and_return(0)
+      output.url = "http://localhost:#{port}/server_error"
+      result = output.send(:send_events, [event], 1)
+      expect(result).to eq(false)
+      expect(requests.length).to eq(3)
+    end
+
+    it "returns true when the status is 200" do
+      output.url = "http://localhost:#{port}/good"
+      result = output.send(:send_events, [event], 1)
+      expect(result).to eq(true)
+      expect(requests.length).to eq(1)
+
+      request = requests.first
+      expect(request.env["CONTENT_TYPE"]).to eq("application/json")
+      expect(request.env["HTTP_AUTHORIZATION"]).to eq("Basic MTIzOmFiY2QxMjM0")
+      expect(request.env["HTTP_USER_AGENT"]).to eq("Timber Logstash/1.0.0")
+
+      timestamp_iso8601 = event.get("@timestamp").to_iso8601
+      expect(request.body.read).to eq("[{\"@timestamp\":\"#{timestamp_iso8601}\",\"@version\":\"1\",\"message\":\"hi\"}]")
+    end
+
+    it "handles fatal request errors" do
+      allow(output.send(:http_client)).to receive(:post).and_raise("boom")
+
+      output.url = "http://localhost:#{port}/good"
+      result = output.send(:send_events, [event], 1)
+      expect(result).to eq(false)
+    end
+
+    it "handles retryable request errors" do
+      expect(output.send(:http_client)).to receive(:post).exactly(3).times.and_raise(::Manticore::Timeout.new)
+
+      output.url = "http://localhost:#{port}/good"
+      result = output.send(:send_events, [event], 1)
+      expect(result).to eq(false)
+    end
+  end
+end

metadata

@@ -0,0 +1,155 @@
+--- !ruby/object:Gem::Specification
+name: logstash-output-timber
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Elastic
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2017-07-16 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.60'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: '2.99'
+  name: logstash-core-plugin-api
+  prerelease: false
+  type: :runtime
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.60'
+    - - "<="
+      - !ruby/object:Gem::Version
+        version: '2.99'
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.5.2
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+  name: manticore
+  prerelease: false
+  type: :runtime
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.5.2
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 1.0.0
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  name: logstash-devutils
+  prerelease: false
+  type: :development
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  name: logstash-codec-plain
+  prerelease: false
+  type: :development
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  name: sinatra
+  prerelease: false
+  type: :development
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  name: webrick
+  prerelease: false
+  type: :development
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: This gem is a Logstash plugin required to be installed on top of the
+  Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This
+  gem is not a stand-alone program
+email: info@elastic.co
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- CHANGELOG.md
+- CONTRIBUTORS
+- Gemfile
+- LICENSE
+- NOTICE.TXT
+- README.md
+- docs/index.asciidoc
+- lib/logstash/outputs/timber.rb
+- lib/logstash/outputs/timber/http_client.rb
+- logstash-output-timber.gemspec
+- spec/outputs/timber_spec.rb
+homepage: http://www.elastic.co/guide/en/logstash/current/index.html
+licenses:
+- Apache License (2.0)
+metadata:
+  logstash_plugin: 'true'
+  logstash_group: output
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.6.11
+signing_key:
+specification_version: 4
+summary: This output send events to the Timber.io logging service
+test_files:
+- spec/outputs/timber_spec.rb