Class: Fluent::Plugin::ElasticsearchOutput
Defined Under Namespace
Classes: MissingIdFieldError, RecoverableRequestFailure, RequestInfo, RetryStreamEmitFailure, RetryStreamError, UnrecoverableRequestFailure
Constant Summary
collapse
- DEFAULT_BUFFER_TYPE =
"memory"
- DEFAULT_ELASTICSEARCH_VERSION =
5
- DEFAULT_TYPE_NAME_ES_7x =
"_doc".freeze
- DEFAULT_TYPE_NAME =
"fluentd".freeze
- DEFAULT_RELOAD_AFTER =
-1
- DEFAULT_TARGET_BULK_BYTES =
-1
- DEFAULT_POLICY_ID =
"logstash-policy"
Fluent::Plugin::ElasticsearchTLS::DEFAULT_VERSION, Fluent::Plugin::ElasticsearchTLS::SUPPORTED_TLS_VERSIONS
Fluent::Plugin::ElasticsearchIndexLifecycleManagement::ILM_DEFAULT_POLICY_PATH
Fluent::Plugin::ElasticsearchConstants::BODY_DELIMITER, Fluent::Plugin::ElasticsearchConstants::CREATE_OP, Fluent::Plugin::ElasticsearchConstants::ID_FIELD, Fluent::Plugin::ElasticsearchConstants::INDEX_OP, Fluent::Plugin::ElasticsearchConstants::TIMESTAMP_FIELD, Fluent::Plugin::ElasticsearchConstants::UPDATE_OP, Fluent::Plugin::ElasticsearchConstants::UPSERT_OP
Instance Attribute Summary collapse
Instance Method Summary
collapse
-
#append_record_to_messages(op, meta, header, record, msgs) ⇒ Object
append_record_to_messages adds a record to the bulk message payload to be submitted to Elasticsearch.
-
#backend_options ⇒ Object
-
#client(host = nil, compress_connection = false) ⇒ Object
-
#client_library_version ⇒ Object
-
#cloud_client ⇒ Object
-
#compression ⇒ Object
-
#compression_strategy ⇒ Object
-
#configure(conf) ⇒ Object
-
#configure_routing_key_name ⇒ Object
-
#connection_options_description(con_host = nil) ⇒ Object
-
#convert_compat_id_key(key) ⇒ Object
-
#convert_numeric_time_into_string(numeric_time, time_key_format = "%Y-%m-%d %H:%M:%S.%N%z") ⇒ Object
-
#create_meta_config_map ⇒ Object
-
#create_time_parser ⇒ Object
once fluent v0.14 is released we might be able to use Fluent::Parser::TimeParser, but it doesn’t quite do what we want - if gives [sec,nsec] where as we want something we can call ‘strftime` on…
-
#detect_es_major_version ⇒ Object
-
#dry_run? ⇒ Boolean
-
#expand_placeholders(chunk) ⇒ Object
-
#flatten_record(record, prefix = []) ⇒ Object
-
#get_affinity_target_indices(chunk) ⇒ Object
-
#get_connection_options(con_host = nil) ⇒ Object
-
#get_escaped_userinfo(host_str) ⇒ Object
-
#get_parent_of(record, path) ⇒ Object
returns [parent, child_key] of child described by path array in record’s tree returns [nil, child_key] if path doesnt exist in record.
-
#gzip(string) ⇒ Object
-
#handle_last_seen_es_major_version ⇒ Object
-
#initialize ⇒ ElasticsearchOutput
constructor
A new instance of ElasticsearchOutput.
-
#inject_chunk_id_to_record_if_needed(record, chunk_id) ⇒ Object
-
#is_existing_connection(host) ⇒ Object
-
#is_ipv6_host(host_str) ⇒ Object
-
#multi_workers_ready? ⇒ Boolean
-
#parse_time(value, event_time, tag) ⇒ Object
-
#placeholder?(name, param) ⇒ Boolean
-
#placeholder_substitution_needed_for_template? ⇒ Boolean
-
#process_message(tag, meta, header, time, record, affinity_target_indices, extracted_values) ⇒ Object
-
#remove_keys(record) ⇒ Object
-
#retry_stream_retryable? ⇒ Boolean
-
#send_bulk(data, tag, chunk, bulk_message_count, extracted_values, info, unpacked_msg_arr) ⇒ Object
send_bulk given a specific bulk request, the original tag, chunk, and bulk_message_count.
-
#setup_api_key ⇒ Object
-
#split_request?(bulk_message, info) ⇒ Boolean
-
#split_request_size_check?(bulk_message, info) ⇒ Boolean
-
#split_request_size_uncheck?(bulk_message, info) ⇒ Boolean
-
#target_index_affinity_enabled? ⇒ Boolean
-
#template_installation(deflector_alias, template_name, customize_template, application_name, ilm_policy_id, target_index, host) ⇒ Object
-
#template_installation_actual(deflector_alias, template_name, customize_template, application_name, target_index, ilm_policy_id, host = nil) ⇒ Object
-
#update_body(record, op) ⇒ Object
-
#write(chunk) ⇒ Object
included, #set_tls_minmax_version_config
#create_ilm_policy, #default_policy_payload, #get_ilm_policy, #ilm_policy_exists?, #ilm_policy_put, #setup_ilm, #verify_ilm_working, #xpack_info
#create_rollover_alias, #get_custom_template, #get_template, #get_template_name, #host_unreachable_exceptions, #indexcreation, #inject_ilm_settings_to_template, #retry_operate, #rollover_alias_payload, #template_custom_install, #template_exists?, #template_install, #template_put, #templates_hash_install
Constructor Details
Returns a new instance of ElasticsearchOutput.
196
197
198
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 196
def initialize
super
end
|
Instance Attribute Details
#alias_indexes ⇒ Object
Returns the value of attribute alias_indexes.
59
60
61
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 59
def alias_indexes
@alias_indexes
end
|
Returns the value of attribute api_key_header.
63
64
65
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 63
def
@api_key_header
end
|
#compressable_connection ⇒ Object
Returns the value of attribute compressable_connection.
62
63
64
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 62
def compressable_connection
@compressable_connection
end
|
#ssl_version_options ⇒ Object
Returns the value of attribute ssl_version_options.
61
62
63
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 61
def ssl_version_options
@ssl_version_options
end
|
#template_names ⇒ Object
Returns the value of attribute template_names.
60
61
62
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 60
def template_names
@template_names
end
|
Instance Method Details
#append_record_to_messages(op, meta, header, record, msgs) ⇒ Object
append_record_to_messages adds a record to the bulk message payload to be submitted to Elasticsearch. Records that do not include ‘_id’ field are skipped when ‘write_operation’ is configured for ‘create’ or ‘update’
returns ‘true’ if record was appended to the bulk message
and 'false' otherwise
#backend_options ⇒ Object
471
472
473
474
475
476
477
478
479
480
481
482
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 471
def backend_options
case @http_backend
when :excon
{ client_key: @client_key, client_cert: @client_cert, client_key_pass: @client_key_pass, nonblock: @http_backend_excon_nonblock }
when :typhoeus
require 'faraday/typhoeus'
{ sslkey: @client_key, sslcert: @client_cert, keypasswd: @client_key_pass }
end
rescue LoadError => ex
log.error_backtrace(ex.backtrace)
raise Fluent::ConfigError, "You must install #{@http_backend} gem. Exception: #{ex}"
end
|
#client(host = nil, compress_connection = false) ⇒ Object
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 590
def client(host = nil, compress_connection = false)
return cloud_client if @cloud_id
connection_options = get_connection_options(host)
@_es = nil unless is_existing_connection(connection_options[:hosts])
@_es = nil unless @compressable_connection == compress_connection
@_es ||= begin
@compressable_connection = compress_connection
@current_config = connection_options[:hosts].clone
adapter_conf = lambda {|f| f.adapter @http_backend, @backend_options }
local_reload_connections = @reload_connections
if local_reload_connections && @reload_after > DEFAULT_RELOAD_AFTER
local_reload_connections = @reload_after
end
= if compress_connection
{'Content-Encoding' => 'gzip'}
else
{}
end
= { 'Content-Type' => @content_type.to_s }
.merge(@custom_headers)
.merge(@api_key_header)
.merge()
ssl_options = { verify: @ssl_verify, ca_file: @ca_file}.merge(@ssl_version_options)
transport = TRANSPORT_CLASS::Transport::HTTP::Faraday.new(connection_options.merge(
options: {
reload_connections: local_reload_connections,
reload_on_failure: @reload_on_failure,
resurrect_after: @resurrect_after,
logger: @transport_logger,
transport_options: {
headers: ,
request: { timeout: @request_timeout },
ssl: ssl_options,
},
http: {
user: @user,
password: @password,
scheme: @scheme
},
sniffer_class: @sniffer_class,
serializer_class: @serializer_class,
selector_class: @selector_class,
compression: compress_connection,
}), &adapter_conf)
Elasticsearch::Client.new transport: transport
end
end
|
#client_library_version ⇒ Object
513
514
515
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 513
def client_library_version
Elasticsearch::VERSION
end
|
#cloud_client ⇒ Object
582
583
584
585
586
587
588
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 582
def cloud_client
Elasticsearch::Client.new(
cloud_id: @cloud_id,
user: @user,
password: @password
)
end
|
#compression ⇒ Object
454
455
456
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 454
def compression
!(@compression_level == :no_compression)
end
|
#compression_strategy ⇒ Object
458
459
460
461
462
463
464
465
466
467
468
469
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 458
def compression_strategy
case @compression_level
when :default_compression
Zlib::DEFAULT_COMPRESSION
when :best_compression
Zlib::BEST_COMPRESSION
when :best_speed
Zlib::BEST_SPEED
else
Zlib::NO_COMPRESSION
end
end
|
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 200
def configure(conf)
compat_parameters_convert(conf, :buffer)
super
if placeholder_substitution_needed_for_template?
elsif not @buffer_config.chunk_keys.include? "tag" and
not @buffer_config.chunk_keys.include? "_index"
raise Fluent::ConfigError, "'tag' or '_index' in chunk_keys is required."
end
@time_parser = create_time_parser
@backend_options = backend_options
@ssl_version_options = set_tls_minmax_version_config(@ssl_version, @ssl_max_version, @ssl_min_version)
if @remove_keys
@remove_keys = @remove_keys.split(/\s*,\s*/)
end
if @target_index_key && @target_index_key.is_a?(String)
@target_index_key = @target_index_key.split '.'
end
if @target_type_key && @target_type_key.is_a?(String)
@target_type_key = @target_type_key.split '.'
end
if @remove_keys_on_update && @remove_keys_on_update.is_a?(String)
@remove_keys_on_update = @remove_keys_on_update.split ','
end
@api_key_header = setup_api_key
raise Fluent::ConfigError, "'max_retry_putting_template' must be greater than or equal to zero." if @max_retry_putting_template < 0
raise Fluent::ConfigError, "'max_retry_get_es_version' must be greater than or equal to zero." if @max_retry_get_es_version < 0
valid_host_placeholder = placeholder?(:host_placeholder, @host)
if valid_host_placeholder && (@template_name && @template_file || @templates)
if @verify_es_version_at_startup
raise Fluent::ConfigError, "host placeholder, template installation, and verify Elasticsearch version at startup are exclusive feature at same time. Please specify verify_es_version_at_startup as `false` when host placeholder and template installation are enabled."
end
log.info "host placeholder and template installation makes your Elasticsearch cluster a bit slow down(beta)."
end
raise Fluent::ConfigError, "You can't specify ilm_policy and ilm_policies at the same time" unless @ilm_policy.empty? or @ilm_policies.empty?
unless @ilm_policy.empty?
@ilm_policies = { @ilm_policy_id => @ilm_policy }
end
@alias_indexes = []
@template_names = []
if !dry_run?
if @template_name && @template_file
if @enable_ilm
raise Fluent::ConfigError, "deflector_alias is prohibited to use with enable_ilm at same time." if @deflector_alias
end
if @ilm_policy.empty? && @ilm_policy_overwrite
raise Fluent::ConfigError, "ilm_policy_overwrite requires a non empty ilm_policy."
end
if @logstash_format || placeholder_substitution_needed_for_template?
class << self
alias_method :template_installation, :template_installation_actual
end
else
template_installation_actual(@deflector_alias ? @deflector_alias : @index_name, @template_name, @customize_template, @application_name, @index_name, @ilm_policy_id)
end
verify_ilm_working if @enable_ilm
end
if @templates
retry_operate(@max_retry_putting_template,
@fail_on_putting_template_retry_exceed,
@catch_transport_exception_on_retry) do
templates_hash_install(@templates, @template_overwrite)
end
end
end
@truncate_mutex = Mutex.new
if @truncate_caches_interval
timer_execute(:out_elasticsearch_truncate_caches, @truncate_caches_interval) do
log.info('Clean up the indices and template names cache')
@truncate_mutex.synchronize {
@alias_indexes.clear
@template_names.clear
}
end
end
@serializer_class = nil
begin
require 'oj'
@dump_proc = Oj.method(:dump)
if @prefer_oj_serializer
@serializer_class = Fluent::Plugin::Serializer::Oj
Elasticsearch::API.settings[:serializer] = Fluent::Plugin::Serializer::Oj
end
rescue LoadError
@dump_proc = Yajl.method(:dump)
end
raise Fluent::ConfigError, "`cloud_auth` must be present if `cloud_id` is present" if @cloud_id && @cloud_auth.nil?
raise Fluent::ConfigError, "`password` must be present if `user` is present" if @user && @password.nil?
if @cloud_auth
@user = @cloud_auth.split(':', -1)[0]
@password = @cloud_auth.split(':', -1)[1]
end
if @user && m = @user.match(/%{(?<user>.*)}/)
@user = URI.encode_www_form_component(m["user"])
end
if @password && m = @password.match(/%{(?<password>.*)}/)
@password = URI.encode_www_form_component(m["password"])
end
@transport_logger = nil
if @with_transporter_log
@transport_logger = log
log_level = conf['@log_level'] || conf['log_level']
log.warn "Consider to specify log_level with @log_level." unless log_level
end
@sniffer_class = nil
begin
@sniffer_class = Object.const_get(@sniffer_class_name) if @sniffer_class_name
rescue Exception => ex
raise Fluent::ConfigError, "Could not load sniffer class #{@sniffer_class_name}: #{ex}"
end
@selector_class = nil
begin
@selector_class = Object.const_get(@selector_class_name) if @selector_class_name
rescue Exception => ex
raise Fluent::ConfigError, "Could not load selector class #{@selector_class_name}: #{ex}"
end
@last_seen_major_version = if major_version = handle_last_seen_es_major_version
major_version
else
@default_elasticsearch_version
end
if @suppress_type_name && @last_seen_major_version >= 7
@type_name = nil
else
if @last_seen_major_version == 6 && @type_name != DEFAULT_TYPE_NAME_ES_7x
log.info "Detected ES 6.x: ES 7.x will only accept `_doc` in type_name."
end
if @last_seen_major_version == 7 && @type_name != DEFAULT_TYPE_NAME_ES_7x
log.warn "Detected ES 7.x: `_doc` will be used as the document `_type`."
@type_name = '_doc'.freeze
end
if @last_seen_major_version >= 8 && @type_name != DEFAULT_TYPE_NAME_ES_7x
log.debug "Detected ES 8.x or above: This parameter has no effect."
@type_name = nil
end
end
if @validate_client_version && !dry_run?
if @last_seen_major_version != client_library_version.to_i
raise Fluent::ConfigError, <<-EOC
Detected ES #{@last_seen_major_version} but you use ES client #{client_library_version}.
Please consider to use #{@last_seen_major_version}.x series ES client.
EOC
end
end
if @last_seen_major_version >= 6
case @ssl_version
when :SSLv23, :TLSv1, :TLSv1_1
if @scheme == :https
log.warn "Detected ES 6.x or above and enabled insecure security:
You might have to specify `ssl_version TLSv1_2` in configuration."
end
end
end
if @ssl_version && @scheme == :https
if !@http_backend_excon_nonblock
log.warn "TLS handshake will be stucked with block connection.
Consider to set `http_backend_excon_nonblock` as true"
end
end
@id_key = convert_compat_id_key(@id_key) if @id_key
@parent_key = convert_compat_id_key(@parent_key) if @parent_key
@routing_key = convert_compat_id_key(@routing_key) if @routing_key
@routing_key_name = configure_routing_key_name
@meta_config_map = create_meta_config_map
@current_config = nil
@compressable_connection = false
@ignore_exception_classes = @ignore_exceptions.map do |exception|
unless Object.const_defined?(exception)
log.warn "Cannot find class #{exception}. Will ignore it."
nil
else
Object.const_get(exception)
end
end.compact
if @bulk_message_request_threshold < 0
class << self
alias_method :split_request?, :split_request_size_uncheck?
end
else
class << self
alias_method :split_request?, :split_request_size_check?
end
end
if Gem::Version.create(::TRANSPORT_CLASS::VERSION) < Gem::Version.create("7.2.0")
if compression
raise Fluent::ConfigError, <<-EOC
Cannot use compression with elasticsearch-transport plugin version < 7.2.0
Your elasticsearch-transport plugin version version is #{TRANSPORT_CLASS::VERSION}.
Please consider to upgrade ES client.
EOC
end
end
end
|
517
518
519
520
521
522
523
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 517
def configure_routing_key_name
if @last_seen_major_version >= 7
'routing'
else
'_routing'
end
end
|
#connection_options_description(con_host = nil) ⇒ Object
715
716
717
718
719
720
721
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 715
def connection_options_description(con_host=nil)
get_connection_options(con_host)[:hosts].map do |host_info|
attributes = host_info.dup
attributes[:password] = 'obfuscated' if attributes.has_key?(:password)
attributes.inspect
end.join(', ')
end
|
#convert_compat_id_key(key) ⇒ Object
525
526
527
528
529
530
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 525
def convert_compat_id_key(key)
if key.include?('.') && !key.start_with?('$[')
key = "$.#{key}" unless key.start_with?('$.')
end
key
end
|
#convert_numeric_time_into_string(numeric_time, time_key_format = "%Y-%m-%d %H:%M:%S.%N%z") ⇒ Object
570
571
572
573
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 570
def convert_numeric_time_into_string(numeric_time, time_key_format = "%Y-%m-%d %H:%M:%S.%N%z")
numeric_time_parser = Fluent::NumericTimeParser.new(:float)
Time.at(numeric_time_parser.parse(numeric_time).to_r).strftime(time_key_format)
end
|
532
533
534
535
536
537
538
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 532
def create_meta_config_map
result = []
result << [record_accessor_create(@id_key), '_id'] if @id_key
result << [record_accessor_create(@parent_key), '_parent'] if @parent_key
result << [record_accessor_create(@routing_key), @routing_key_name] if @routing_key
result
end
|
#create_time_parser ⇒ Object
once fluent v0.14 is released we might be able to use Fluent::Parser::TimeParser, but it doesn’t quite do what we want - if gives
- sec,nsec
-
where as we want something we can call ‘strftime` on…
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 543
def create_time_parser
if @time_key_format
begin
strptime = Strptime.new(@time_key_format)
Proc.new { |value|
value = convert_numeric_time_into_string(value, @time_key_format) if value.is_a?(Numeric)
strptime.exec(value).to_datetime
}
rescue
Proc.new { |value|
value = convert_numeric_time_into_string(value, @time_key_format) if value.is_a?(Numeric)
DateTime.strptime(value, @time_key_format)
}
end
else
Proc.new { |value|
value = convert_numeric_time_into_string(value) if value.is_a?(Numeric)
DateTime.parse(value)
}
end
end
|
#detect_es_major_version ⇒ Object
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 496
def detect_es_major_version
begin
@_es_info ||= client.info
rescue ::Elasticsearch::UnsupportedProductError => e
raise Fluent::ConfigError, "Using Elasticsearch client #{client_library_version} is not compatible for your Elasticsearch server. Please check your using elasticsearch gem version and Elasticsearch server."
end
begin
unless version = @_es_info.dig("version", "number")
version = @default_elasticsearch_version
end
rescue NoMethodError => e
log.warn "#{@_es_info} can not dig version information. Assuming Elasticsearch #{@default_elasticsearch_version}", error: e
version = @default_elasticsearch_version
end
version.to_i
end
|
#dry_run? ⇒ Boolean
432
433
434
435
436
437
438
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 432
def dry_run?
if Fluent::Engine.respond_to?(:dry_run_mode)
Fluent::Engine.dry_run_mode
elsif Fluent::Engine.respond_to?(:supervisor_mode)
Fluent::Engine.supervisor_mode
end
end
|
#expand_placeholders(chunk) ⇒ Object
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 795
def expand_placeholders(chunk)
logstash_prefix = (@logstash_prefix, chunk)
logstash_dateformat = (@logstash_dateformat, chunk)
index_name = (@index_name, chunk)
if @type_name
type_name = (@type_name, chunk)
else
type_name = nil
end
if @template_name
template_name = (@template_name, chunk)
else
template_name = nil
end
if @customize_template
customize_template = @customize_template.each_with_object({}) { |(key, value), hash| hash[key] = (value, chunk) }
else
customize_template = nil
end
if @deflector_alias
deflector_alias = (@deflector_alias, chunk)
else
deflector_alias = nil
end
if @application_name
application_name = (@application_name, chunk)
else
application_name = nil
end
if @pipeline
pipeline = (@pipeline, chunk)
else
pipeline = nil
end
if @ilm_policy_id
ilm_policy_id = (@ilm_policy_id, chunk)
else
ilm_policy_id = nil
end
return logstash_prefix, logstash_dateformat, index_name, type_name, template_name, customize_template, deflector_alias, application_name, pipeline, ilm_policy_id
end
|
#flatten_record(record, prefix = []) ⇒ Object
780
781
782
783
784
785
786
787
788
789
790
791
792
793
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 780
def flatten_record(record, prefix=[])
ret = {}
if record.is_a? Hash
record.each { |key, value|
ret.merge! flatten_record(value, prefix + [key.to_s])
}
elsif record.is_a? Array
ret.merge!({prefix.join(@flatten_hashes_separator) => record})
else
return {prefix.join(@flatten_hashes_separator) => record}
end
ret
end
|
#get_affinity_target_indices(chunk) ⇒ Object
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 920
def get_affinity_target_indices(chunk)
indices = Hash.new
if target_index_affinity_enabled?()
id_key_accessor = record_accessor_create(@id_key)
ids = Set.new
chunk.msgpack_each do |time, record|
next unless record.is_a? Hash
begin
ids << id_key_accessor.call(record)
end
end
log.debug("Find affinity target_indices by quering on ES (write_operation #{@write_operation}) for ids: #{ids.to_a}")
options = {
:index => "#{logstash_prefix}#{@logstash_prefix_separator}*",
}
query = {
'query' => { 'ids' => { 'values' => ids.to_a } },
'_source' => false,
'sort' => [
{"_index" => {"order" => "desc"}}
]
}
result = client.search(options.merge(:body => Yajl.dump(query)))
result['hits']['hits'].each do |hit|
indices[hit["_id"]] = hit["_index"]
log.debug("target_index for id: #{hit["_id"]} from es: #{hit["_index"]}")
end
end
indices
end
|
#get_connection_options(con_host = nil) ⇒ Object
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 664
def get_connection_options(con_host=nil)
hosts = if con_host || @hosts
(con_host || @hosts).split(',').map do |host_str|
if host_str.match(%r{^[^:]+(\:\d+)?$})
{
host: host_str.split(':')[0],
port: (host_str.split(':')[1] || @port).to_i,
scheme: @scheme.to_s
}
elsif is_ipv6_host(host_str)
if Resolv::IPv6::Regex.match(host_str)
{
host: "[#{host_str}]",
port: @port.to_i,
scheme: @scheme.to_s
}
else
{
host: host_str,
port: @port.to_i,
scheme: @scheme.to_s
}
end
else
uri = URI(get_escaped_userinfo(host_str))
%w(user password path).inject(host: uri.host, port: uri.port, scheme: uri.scheme) do |hash, key|
hash[key.to_sym] = uri.public_send(key) unless uri.public_send(key).nil? || uri.public_send(key) == ''
hash
end
end
end.compact
else
if Resolv::IPv6::Regex.match(@host)
[{host: "[#{@host}]", scheme: @scheme.to_s, port: @port}]
else
[{host: @host, port: @port, scheme: @scheme.to_s}]
end
end.each do |host|
host.merge!(user: @user, password: @password) if !host[:user] && @user
host.merge!(path: @path) if !host[:path] && @path
end
{
hosts: hosts
}
end
|
#get_escaped_userinfo(host_str) ⇒ Object
644
645
646
647
648
649
650
651
652
653
654
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 644
def get_escaped_userinfo(host_str)
if m = host_str.match(/(?<scheme>.*)%{(?<user>.*)}:%{(?<password>.*)}(?<path>@.*)/)
m["scheme"] +
URI.encode_www_form_component(m["user"]) +
':' +
URI.encode_www_form_component(m["password"]) +
m["path"]
else
host_str
end
end
|
#get_parent_of(record, path) ⇒ Object
returns [parent, child_key] of child described by path array in record’s tree returns [nil, child_key] if path doesnt exist in record
1065
1066
1067
1068
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 1065
def get_parent_of(record, path)
parent_object = path[0..-2].reduce(record) { |a, e| a.is_a?(Hash) ? a[e] : nil }
[parent_object, path[-1]]
end
|
#gzip(string) ⇒ Object
1071
1072
1073
1074
1075
1076
1077
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 1071
def gzip(string)
wio = StringIO.new("w")
w_gz = Zlib::GzipWriter.new(wio, strategy = compression_strategy)
w_gz.write(string)
w_gz.close
wio.string
end
|
#handle_last_seen_es_major_version ⇒ Object
484
485
486
487
488
489
490
491
492
493
494
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 484
def handle_last_seen_es_major_version
if @verify_es_version_at_startup && !dry_run?
retry_operate(@max_retry_get_es_version,
@fail_on_detecting_es_version_retry_exceed,
@catch_transport_exception_on_retry) do
detect_es_major_version
end
else
nil
end
end
|
#inject_chunk_id_to_record_if_needed(record, chunk_id) ⇒ Object
841
842
843
844
845
846
847
848
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 841
def inject_chunk_id_to_record_if_needed(record, chunk_id)
if @metainfo&.include_chunk_id
record[@metainfo.chunk_id_key] = chunk_id
record
else
record
end
end
|
#is_existing_connection(host) ⇒ Object
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 1179
def is_existing_connection(host)
return false if @_es.nil?
return false if @current_config.nil?
return false if host.length != @current_config.length
for i in 0...host.length
if !host[i][:host].eql? @current_config[i][:host] || host[i][:port] != @current_config[i][:port]
return false
end
end
return true
end
|
#is_ipv6_host(host_str) ⇒ Object
656
657
658
659
660
661
662
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 656
def is_ipv6_host(host_str)
begin
IPAddr.new(host_str).ipv6?
rescue IPAddr::InvalidAddressError
return false
end
end
|
#multi_workers_ready? ⇒ Boolean
837
838
839
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 837
def multi_workers_ready?
true
end
|
#parse_time(value, event_time, tag) ⇒ Object
575
576
577
578
579
580
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 575
def parse_time(value, event_time, tag)
@time_parser.call(value)
rescue => e
router.emit_error_event(@time_parse_error_tag, Fluent::Engine.now, {'tag' => tag, 'time' => event_time, 'format' => @time_key_format, 'value' => value}, e)
return Time.at(event_time).to_datetime
end
|
#placeholder?(name, param) ⇒ Boolean
440
441
442
443
444
445
446
447
448
449
450
451
452
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 440
def placeholder?(name, param)
placeholder_validities = []
placeholder_validators(name, param).each do |v|
begin
v.validate!
placeholder_validities << true
rescue Fluent::ConfigError => e
log.debug("'#{name} #{param}' is tested built-in placeholder(s) but there is no valid placeholder(s). error: #{e}")
placeholder_validities << false
end
end
placeholder_validities.include?(true)
end
|
#placeholder_substitution_needed_for_template? ⇒ Boolean
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 1079
def placeholder_substitution_needed_for_template?
need_substitution = placeholder?(:host, @host.to_s) ||
placeholder?(:index_name, @index_name.to_s) ||
placeholder?(:template_name, @template_name.to_s) ||
@customize_template&.values&.any? { |value| placeholder?(:customize_template, value.to_s) } ||
placeholder?(:logstash_prefix, @logstash_prefix.to_s) ||
placeholder?(:logstash_dateformat, @logstash_dateformat.to_s) ||
placeholder?(:deflector_alias, @deflector_alias.to_s) ||
placeholder?(:application_name, @application_name.to_s) ||
placeholder?(:ilm_policy_id, @ilm_policy_id.to_s)
log.debug("Need substitution: #{need_substitution}")
need_substitution
end
|
#process_message(tag, meta, header, time, record, affinity_target_indices, extracted_values) ⇒ Object
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 964
def process_message(tag, meta, , time, record, affinity_target_indices, )
logstash_prefix, logstash_dateformat, index_name, type_name, _template_name, _customize_template, _deflector_alias, application_name, pipeline, _ilm_policy_id =
if @flatten_hashes
record = flatten_record(record)
end
dt = nil
if @logstash_format || @include_timestamp
if record.has_key?(TIMESTAMP_FIELD)
rts = record[TIMESTAMP_FIELD]
dt = parse_time(rts, time, tag)
elsif record.has_key?(@time_key)
rts = record[@time_key]
dt = parse_time(rts, time, tag)
record[TIMESTAMP_FIELD] = dt.iso8601(@time_precision) unless @time_key_exclude_timestamp
else
dt = Time.at(time).to_datetime
record[TIMESTAMP_FIELD] = dt.iso8601(@time_precision)
end
end
target_index_parent, target_index_child_key = @target_index_key ? get_parent_of(record, @target_index_key) : nil
if target_index_parent && target_index_parent[target_index_child_key]
target_index_alias = target_index = target_index_parent.delete(target_index_child_key)
elsif @logstash_format
dt = dt.new_offset(0) if @utc_index
target_index = "#{logstash_prefix}#{@logstash_prefix_separator}#{dt.strftime(logstash_dateformat)}"
target_index_alias = "#{logstash_prefix}#{@logstash_prefix_separator}#{application_name}#{@logstash_prefix_separator}#{dt.strftime(logstash_dateformat)}"
else
target_index_alias = target_index = index_name
end
target_index = target_index.downcase
target_index_alias = target_index_alias.downcase
if @include_tag_key
record[@tag_key] = tag
end
if !affinity_target_indices.empty?
id_accessor = record_accessor_create(@id_key)
id_value = id_accessor.call(record)
if affinity_target_indices.key?(id_value)
target_index = affinity_target_indices[id_value]
end
end
target_type_parent, target_type_child_key = @target_type_key ? get_parent_of(record, @target_type_key) : nil
if target_type_parent && target_type_parent[target_type_child_key]
target_type = target_type_parent.delete(target_type_child_key)
if @last_seen_major_version == 6
log.warn "Detected ES 6.x: `@type_name` will be used as the document `_type`."
target_type = type_name
elsif @last_seen_major_version == 7
log.warn "Detected ES 7.x: `_doc` will be used as the document `_type`."
target_type = '_doc'.freeze
elsif @last_seen_major_version >= 8
log.debug "Detected ES 8.x or above: document type will not be used."
target_type = nil
end
else
if @suppress_type_name && @last_seen_major_version == 7
target_type = nil
elsif @last_seen_major_version == 7 && @type_name != DEFAULT_TYPE_NAME_ES_7x
log.warn "Detected ES 7.x: `_doc` will be used as the document `_type`."
target_type = '_doc'.freeze
elsif @last_seen_major_version >= 8
log.debug "Detected ES 8.x or above: document type will not be used."
target_type = nil
else
target_type = type_name
end
end
meta.clear
meta["_index".freeze] = target_index
meta["_type".freeze] = target_type unless @last_seen_major_version >= 8
meta["_alias".freeze] = target_index_alias
if @pipeline
meta["pipeline".freeze] = pipeline
end
@meta_config_map.each do |record_accessor, meta_key|
if raw_value = record_accessor.call(record)
meta[meta_key] = raw_value
end
end
if @remove_keys
@remove_keys.each { |key| record.delete(key) }
end
return [meta, , record]
end
|
#remove_keys(record) ⇒ Object
771
772
773
774
775
776
777
778
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 771
def remove_keys(record)
keys = record[@remove_keys_on_update_key] || @remove_keys_on_update || []
record.delete(@remove_keys_on_update_key)
return record unless keys.any?
record = record.dup
keys.each { |key| record.delete(key) }
record
end
|
#retry_stream_retryable? ⇒ Boolean
1175
1176
1177
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 1175
def retry_stream_retryable?
@buffer.storable?
end
|
#send_bulk(data, tag, chunk, bulk_message_count, extracted_values, info, unpacked_msg_arr) ⇒ Object
send_bulk given a specific bulk request, the original tag, chunk, and bulk_message_count
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 1125
def send_bulk(data, tag, chunk, bulk_message_count, , info, unpacked_msg_arr)
_logstash_prefix, _logstash_dateformat, index_name, _type_name, template_name, customize_template, deflector_alias, application_name, _pipeline, ilm_policy_id =
if deflector_alias
template_installation(deflector_alias, template_name, customize_template, application_name, index_name, ilm_policy_id, info.host)
else
template_installation(info.ilm_index, template_name, customize_template, application_name, @logstash_format ? info.ilm_alias : index_name, ilm_policy_id, info.host)
end
begin
log.on_trace { log.trace "bulk request: #{data}" }
prepared_data = if compression
gzip(data)
else
data
end
response = client(info.host, compression).bulk body: prepared_data, index: info.index
log.on_trace { log.trace "bulk response: #{response}" }
if response['errors']
error = Fluent::Plugin::ElasticsearchErrorHandler.new(self)
error.handle_error(response, tag, chunk, bulk_message_count, , unpacked_msg_arr)
end
rescue RetryStreamError => e
log.trace "router.emit_stream for retry stream doing..."
emit_tag = @retry_tag ? @retry_tag : tag
if retry_stream_retryable?
router.emit_stream(emit_tag, e.retry_stream)
else
raise RetryStreamEmitFailure, "buffer is full."
end
log.trace "router.emit_stream for retry stream done."
rescue => e
ignore = @ignore_exception_classes.any? { |clazz| e.class <= clazz }
log.warn "Exception ignored in tag #{tag}: #{e.class.name} #{e.message}" if ignore
@_es = nil if @reconnect_on_error
@_es_info = nil if @reconnect_on_error
raise UnrecoverableRequestFailure if ignore && @exception_backup
raise RecoverableRequestFailure, "could not push logs to Elasticsearch cluster (#{connection_options_description(info.host)}): #{e.message}" unless ignore
end
end
|
#setup_api_key ⇒ Object
426
427
428
429
430
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 426
def setup_api_key
return {} unless @api_key
{ "Authorization" => "ApiKey " + Base64.strict_encode64(@api_key) }
end
|
#split_request?(bulk_message, info) ⇒ Boolean
952
953
954
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 952
def split_request?(bulk_message, info)
end
|
#split_request_size_check?(bulk_message, info) ⇒ Boolean
956
957
958
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 956
def split_request_size_check?(bulk_message, info)
bulk_message[info].size > @bulk_message_request_threshold
end
|
#split_request_size_uncheck?(bulk_message, info) ⇒ Boolean
960
961
962
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 960
def split_request_size_uncheck?(bulk_message, info)
false
end
|
#target_index_affinity_enabled? ⇒ Boolean
916
917
918
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 916
def target_index_affinity_enabled?()
@target_index_affinity && @logstash_format && @id_key && (@write_operation == UPDATE_OP || @write_operation == UPSERT_OP)
end
|
#template_installation(deflector_alias, template_name, customize_template, application_name, ilm_policy_id, target_index, host) ⇒ Object
1093
1094
1095
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 1093
def template_installation(deflector_alias, template_name, customize_template, application_name, ilm_policy_id, target_index, host)
end
|
#template_installation_actual(deflector_alias, template_name, customize_template, application_name, target_index, ilm_policy_id, host = nil) ⇒ Object
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 1097
def template_installation_actual(deflector_alias, template_name, customize_template, application_name, target_index, ilm_policy_id, host=nil)
if template_name && @template_file
if !@logstash_format && (deflector_alias.nil? || (@alias_indexes.include? deflector_alias)) && (@template_names.include? template_name)
if deflector_alias
log.debug("Index alias #{deflector_alias} and template #{template_name} already exist (cached)")
else
log.debug("Template #{template_name} already exists (cached)")
end
else
retry_operate(@max_retry_putting_template,
@fail_on_putting_template_retry_exceed,
@catch_transport_exception_on_retry) do
if customize_template
template_custom_install(template_name, @template_file, @template_overwrite, customize_template, @enable_ilm, deflector_alias, ilm_policy_id, host, target_index, @index_separator)
else
template_install(template_name, @template_file, @template_overwrite, @enable_ilm, deflector_alias, ilm_policy_id, host, target_index, @index_separator)
end
ilm_policy = @ilm_policies[ilm_policy_id] || {}
create_rollover_alias(target_index, @rollover_index, deflector_alias, application_name, @index_date_pattern, @index_separator, @enable_ilm, ilm_policy_id, ilm_policy, @ilm_policy_overwrite, host)
end
@alias_indexes << deflector_alias unless deflector_alias.nil?
@template_names << template_name
end
end
end
|
#update_body(record, op) ⇒ Object
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 755
def update_body(record, op)
update = remove_keys(record)
if @suppress_doc_wrap
return update
end
body = {"doc".freeze => update}
if op == UPSERT_OP
if update == record
body["doc_as_upsert".freeze] = true
else
body[UPSERT_OP] = record
end
end
body
end
|
#write(chunk) ⇒ Object
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
|
# File 'lib/fluent/plugin/out_elasticsearch.rb', line 850
def write(chunk)
bulk_message_count = Hash.new { |h,k| h[k] = 0 }
bulk_message = Hash.new { |h,k| h[k] = '' }
= {}
meta = {}
unpackedMsgArr = {}
tag = chunk.metadata.tag
chunk_id = dump_unique_id_hex(chunk.unique_id)
= expand_placeholders(chunk)
host = if @hosts
(@hosts, chunk)
else
(@host, chunk)
end
affinity_target_indices = get_affinity_target_indices(chunk)
chunk.msgpack_each do |time, record|
next unless record.is_a? Hash
record = inject_chunk_id_to_record_if_needed(record, chunk_id)
begin
meta, , record = process_message(tag, meta, , time, record, affinity_target_indices, )
info = if @include_index_in_url
RequestInfo.new(host, meta.delete("_index".freeze), meta["_index".freeze], meta.delete("_alias".freeze))
else
RequestInfo.new(host, nil, meta["_index".freeze], meta.delete("_alias".freeze))
end
unpackedMsgArr[info] = [] if unpackedMsgArr[info].nil?
unpackedMsgArr[info] << {:time => time, :record => record}
if split_request?(bulk_message, info)
bulk_message.each do |info, msgs|
send_bulk(msgs, tag, chunk, bulk_message_count[info], , info, unpackedMsgArr[info]) unless msgs.empty?
unpackedMsgArr[info].clear
msgs.clear
bulk_message_count[info] = 0;
next
end
end
if append_record_to_messages(@write_operation, meta, , record, bulk_message[info])
bulk_message_count[info] += 1;
else
if @emit_error_for_missing_id
raise MissingIdFieldError, "Missing '_id' field. Write operation is #{@write_operation}"
else
log.on_debug { log.debug("Dropping record because its missing an '_id' field and write_operation is #{@write_operation}: #{record}") }
end
end
rescue => e
router.emit_error_event(tag, time, record, e)
end
end
bulk_message.each do |info, msgs|
send_bulk(msgs, tag, chunk, bulk_message_count[info], , info, unpackedMsgArr[info]) unless msgs.empty?
unpackedMsgArr[info].clear
msgs.clear
end
end
|