ncm-metaconfig: logstash add mutate filter convert

quattor · Dec 7, 2015 · e052cd3 · e052cd3
1 parent edef363
commit e052cd3
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 1 deletion.
diff --git a/ncm-metaconfig/src/main/metaconfig/logstash/2.0/tests/profiles/server.pan b/ncm-metaconfig/src/main/metaconfig/logstash/2.0/tests/profiles/server.pan
@@ -96,6 +96,23 @@ prefix "/software/components/metaconfig/services/{/etc/logstash/conf.d/logstash.
         nlist("mutate", nlist(
             "remove_field", list("syslog_hostname", "syslog_message", "syslog_timestamp"),
             )),
+        nlist("mutate", nlist(
+            "_conditional", nlist('expr', list(
+                nlist(
+                    "left", "'_grokparsefailure'",
+                    "test", "not in",
+                    "right", "[tags]",
+                ),
+                nlist(
+                    "join", "and",
+                    "left", "[jube_id]",
+                ))),
+            "convert", list(
+                nlist(
+                    "name", "success",
+                    "pattern", "boolean"
+                )
+            ))),
         nlist("bytes2human", nlist(
             "convert", nlist(
                 "field1", "bytes",

diff --git a/ncm-metaconfig/src/main/metaconfig/logstash/2.0/tests/regexps/server/base b/ncm-metaconfig/src/main/metaconfig/logstash/2.0/tests/regexps/server/base
@@ -69,6 +69,13 @@ filter \{$
 ^\s{8}mutate \{$
 ^\s{12}remove_field => \[ "syslog_hostname", "syslog_message", "syslog_timestamp" \]$
 ^\s{8}\}$
+^\s{8}if \('_grokparsefailure' not in \[tags\] and \[jube_id\]\) \{$
+^\s{12}mutate \{$
+^\s{16}convert => \{$
+^\s{20}"success" => "boolean"$
+^\s{16}\}$
+^\s{12}\}$
+^\s{8}\}$
 ^\s{8}bytes2human \{$
 ^\s{12}convert => \{$
 ^\s{16}"field1" => "bytes"$

diff --git a/ncm-metaconfig/src/main/metaconfig/logstash/config/filter/mutate.tt b/ncm-metaconfig/src/main/metaconfig/logstash/config/filter/mutate.tt
@@ -1,3 +1,3 @@
 [%- INCLUDE "metaconfig/logstash/config/type.tt" type="stringarray" names=['exclude_tags'] -%]
-[%- INCLUDE "metaconfig/logstash/config/type.tt" type="name_pattern" names=['replace'] -%]
+[%- INCLUDE "metaconfig/logstash/config/type.tt" type="name_pattern" names=['replace', 'convert'] -%]
 [%- INCLUDE "metaconfig/logstash/config/type.tt" type="stringhash" names=['split', 'rename'] -%]
diff --git a/ncm-metaconfig/src/main/metaconfig/logstash/pan/schema.pan b/ncm-metaconfig/src/main/metaconfig/logstash/pan/schema.pan
@@ -175,6 +175,7 @@ type logstash_filter_grep = {
 
 type logstash_filter_mutate = {
     include logstash_filter_plugin_common
+    "convert" ? logstash_name_pattern[]
     "replace" ? logstash_name_pattern[]
     "rename" ? string{}
     "split" ? string{}