Class: Fluent::ModsecurityFilter

Inherits:

Filter

• Object
• Filter
• Fluent::ModsecurityFilter

Defined in:

lib/fluent/plugin/filter_modsecurity.rb

Instance Method Summary

• #configure(conf) ⇒ Object
• #filter(tag, time, record) ⇒ Object

Instance Method Details

#configure(conf) ⇒ Object

# File 'lib/fluent/plugin/filter_modsecurity.rb', line 11

def configure(conf)
    super
    @path_prefix = conf['path_prefix']
end

#filter(tag, time, record) ⇒ Object

# File 'lib/fluent/plugin/filter_modsecurity.rb', line 16

def filter(tag, time, record)
    log_path = ""
    record.each{ |key, value|
        if value.is_a?(String)
            token = value.split(" ")
            token.each { |v|
                if v.start_with?(@path_prefix)
                    log_path = v
                    break
                end
            }
        end
    }
    #find detail log and append to record
    unless log_path.to_s.strip.empty?
        file = File.read(log_path)
        data_hash = JSON.parse(file)
        #copy transaction object to original record
        record['transaction'] = data_hash['transaction']
    end
    record
end