class Fluent::SplunkTCPOutput

Public Instance Methods

configure(conf) click to toggle source
Calls superclass method
# File lib/fluent/plugin/out_splunk_tcp.rb, line 45
def configure(conf)
  super

  case @time_format
  when 'unixtime'
    @time_formatter = lambda {|time| time }
  else
    @timef = Fluent::TimeFormatter.new(@time_format, @localtime)
    @time_formatter = lambda {|time| @timef.format(time) }
  end

  case @format
  when 'json'
    if @use_fluentd_time
      @formatter = lambda {|time, record| Yajl.dump(insert_time_to_front(time, record)) }
    else
      @formatter = lambda {|_time, record| Yajl.dump(record) }
    end
  when 'kv'
    if @use_fluentd_time
      @formatter = lambda {|time, record| format_kv(insert_time_to_front(time, record)) }
    else
      @formatter = lambda {|_time, record| format_kv(record) }
    end
  when 'raw'
    unless @event_key
      raise ConfigError, "'event_key' option is required for format 'raw'"
    end
    @formatter = lambda {|_time, record| record[@event_key] || '' }
  else
    raise ConfigError, "invalid 'format' option: #{@format}"
  end
end
implement?(feature) click to toggle source
Calls superclass method
# File lib/fluent/plugin/out_splunk_tcp.rb, line 38
def implement?(feature)
  if feature == :custom_format
    return false
  end
  super
end
multi_workers_ready?() click to toggle source
# File lib/fluent/plugin/out_splunk_tcp.rb, line 79
def multi_workers_ready?
  true
end
shutdown() click to toggle source
Calls superclass method
# File lib/fluent/plugin/out_splunk_tcp.rb, line 87
def shutdown
  super
end
start() click to toggle source
Calls superclass method
# File lib/fluent/plugin/out_splunk_tcp.rb, line 83
def start
  super
end
write_objects(_tag, chunk) click to toggle source
# File lib/fluent/plugin/out_splunk_tcp.rb, line 91
def write_objects(_tag, chunk)
  return if chunk.empty?

  payload = ''
  chunk.msgpack_each do |time, record|
    event = @formatter.call(time, record)
    unless event.empty?
      payload << event
      payload << @line_breaker
    end
  end

  unless payload.empty?
    sock = create_socket
    sock.write(payload)
    sock.close
  end
end

Private Instance Methods

create_socket() click to toggle source
# File lib/fluent/plugin/out_splunk_tcp.rb, line 131
def create_socket
  @use_ssl ? create_ssl_socket : create_tcp_socket
end
create_ssl_socket() click to toggle source
# File lib/fluent/plugin/out_splunk_tcp.rb, line 135
def create_ssl_socket
  ctx = OpenSSL::SSL::SSLContext.new
  verify_mode = (@ssl_verify ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE)
  ctx.verify_mode = verify_mode
  ctx.cert = OpenSSL::X509::Certificate.new(File.read(@client_cert)) if @client_cert
  ctx.key = OpenSSL::PKey::RSA.new(File.read(@client_key), @client_key_pass) if @client_key

  cert_store = OpenSSL::X509::Store.new
  cert_store.set_default_paths
  cert_store.add_file(@ca_file) if @ca_file

  ctx.cert_store = cert_store

  tcpsock = create_tcp_socket
  sock = OpenSSL::SSL::SSLSocket.new(tcpsock, ctx)
  sock.sync_close = true
  sock.connect
  sock
end
create_tcp_socket() click to toggle source
# File lib/fluent/plugin/out_splunk_tcp.rb, line 155
def create_tcp_socket
  TCPSocket.open(@host, @port)
end
format_kv(record) click to toggle source
# File lib/fluent/plugin/out_splunk_tcp.rb, line 116
def format_kv(record)
  record.map{|k,v|
    case v
    when nil
      "#{k}="
    when Integer
      "#{k}=#{v}"
    when Float
      "#{k}=#{v}"
    else
      "#{k}=\"#{v.to_s.gsub('"', '\"')}\""
    end
  }.join(' ')
end
insert_time_to_front(time, record) click to toggle source
# File lib/fluent/plugin/out_splunk_tcp.rb, line 111
def insert_time_to_front(time, record)
  record.delete(@time_key)
  {@time_key => @time_formatter.call(time)}.merge(record)
end