Class: Fluent::Plugin::SslCheckInput

Inherits:
Input
  • Object
show all
Defined in:
lib/fluent/plugin/in_ssl_check.rb

Overview

ssl_check input plugin

check ssl service

Defined Under Namespace

Classes: SslClient, SslInfo

Constant Summary collapse

NAME = 
'ssl_check'
DEFAULT_TAG = 
NAME
DEFAULT_HOST = 
'localhost'
DEFAULT_PORT = 
443
DEFAULT_TIME = 
600
DEFAULT_TIMEOUT = 
5
DEFAULT_LOG_EVENTS = 
true
DEFAULT_METRIC_EVENTS = 
false
DEFAULT_EVENT_PREFIX = 
''

Instance Method Summary collapse

Instance Method Details

#checkObject

rubocop:disable Lint/SuppressedException



91
92
93
94
95
96
97
98
99
100
 
# File 'lib/fluent/plugin/in_ssl_check.rb', line 91

def check
  hosts.each do |host_full|
    host, port = host_full.split(':')
    port = (port || DEFAULT_PORT).to_i
    ssl_info = fetch_ssl_info(host, port)
    emit_logs(ssl_info) if log_events
    emit_metrics(ssl_info) if metric_events
  rescue StandardError
  end
end

#configure(conf) ⇒ Object

rubocop:disable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity

Raises:

  • (Fluent::ConfigError) 


71
72
73
74
75
76
77
78
79
 
# File 'lib/fluent/plugin/in_ssl_check.rb', line 71

def configure(conf)
  super

  raise Fluent::ConfigError, 'tag can not be empty.' if !tag || tag.empty?
  raise Fluent::ConfigError, 'hosts can not be empty.' if !hosts || hosts.empty?
  raise Fluent::ConfigError, 'interval can not be < 1.' if !interval || interval < 1
  raise Fluent::ConfigError, 'ca_path should be a dir.' if ca_path && !File.directory?(ca_path)
  raise Fluent::ConfigError, 'ca_file should be a file.' if ca_file && !File.file?(ca_file)
end

#emit_logs(ssl_info) ⇒ Object 



112
113
114
115
116
117
118
119
120
121
122
123
124
125
 
# File 'lib/fluent/plugin/in_ssl_check.rb', line 112

def emit_logs(ssl_info)
  record = {
    'timestamp' => ssl_info.time.send("to_#{timestamp_format}"),
    'status' => ssl_info.status,
    'host' => ssl_info.host,
    'port' => ssl_info.port,
    'ssl_version' => ssl_info.ssl_version,
    'ssl_dn' => ssl_info.subject_s,
    'ssl_not_after' => ssl_info.not_after,
    'expire_in_days' => ssl_info.expire_in_days
  }
  record.update('error_class' => ssl_info.error_class) if ssl_info.error_class
  router.emit(tag, Fluent::EventTime.from_time(ssl_info.time), record)
end

#emit_metric_expirency(ssl_info) ⇒ Object 



146
147
148
149
150
151
152
153
154
155
156
157
158
 
# File 'lib/fluent/plugin/in_ssl_check.rb', line 146

def emit_metric_expirency(ssl_info)
  return if ssl_info.error

  record = {
    'timestamp' => ssl_info.time.send("to_#{timestamp_format}"),
    'metric_name' => 'ssl_expirency',
    'metric_value' => ssl_info.expire_in_days,
    "#{event_prefix}host" => ssl_info.host,
    "#{event_prefix}port" => ssl_info.port,
    "#{event_prefix}ssl_dn" => ssl_info.subject_s
  }
  router.emit(tag, Fluent::EventTime.from_time(ssl_info.time), record)
end

#emit_metric_status(ssl_info) ⇒ Object 



132
133
134
135
136
137
138
139
140
141
142
143
144
 
# File 'lib/fluent/plugin/in_ssl_check.rb', line 132

def emit_metric_status(ssl_info)
  record = {
    'timestamp' => ssl_info.time.send("to_#{timestamp_format}"),
    'metric_name' => 'ssl_status',
    'metric_value' => ssl_info.status,
    "#{event_prefix}host" => ssl_info.host,
    "#{event_prefix}port" => ssl_info.port,
    "#{event_prefix}ssl_dn" => ssl_info.subject_s,
    "#{event_prefix}ssl_version" => ssl_info.ssl_version,
    "#{event_prefix}ssl_not_after" => ssl_info.not_after
  }
  router.emit(tag, Fluent::EventTime.from_time(ssl_info.time), record)
end

#emit_metrics(ssl_info) ⇒ Object 



127
128
129
130
 
# File 'lib/fluent/plugin/in_ssl_check.rb', line 127

def emit_metrics(ssl_info)
  emit_metric_status(ssl_info)
  emit_metric_expirency(ssl_info)
end

#fetch_ssl_info(host, port) ⇒ Object

rubocop:enable Lint/SuppressedException



103
104
105
106
107
108
109
110
 
# File 'lib/fluent/plugin/in_ssl_check.rb', line 103

def fetch_ssl_info(host, port)
  ssl_client = SslClient.new(
    host: host, port: port,
    ca_path: ca_path, ca_file: ca_file,
    timeout: timeout
  )
  ssl_client.ssl_info
end

#startObject

rubocop:enable Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity



82
83
84
85
86
87
88
 
# File 'lib/fluent/plugin/in_ssl_check.rb', line 82

def start
  super

  timer_execute(:ssl_check_timer, 1, repeat: false, &method(:check)) if interval > 60

  timer_execute(:ssl_check_timer, interval, repeat: true, &method(:check))
end