Class: LogStash::Outputs::MicrosoftSentinelOutputInternal::LogstashLoganalyticsOutputConfiguration

Inherits:

Object

• Object
• LogStash::Outputs::MicrosoftSentinelOutputInternal::LogstashLoganalyticsOutputConfiguration

Defined in:

lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb

Instance Method Summary

• #amount_resizing ⇒ Object
• #amount_resizing=(new_amount_resizing) ⇒ Object
• #client_app_Id ⇒ Object
• #client_app_secret ⇒ Object
• #compress_data ⇒ Object
• #compress_data=(new_compress_data) ⇒ Object
• #create_sample_file ⇒ Object
• #create_sample_file=(new_create_sample_file) ⇒ Object
• #data_collection_endpoint ⇒ Object
• #dcr_immutable_id ⇒ Object
• #dcr_stream_name ⇒ Object
• #decrease_factor ⇒ Object
• #decrease_factor=(new_decrease_factor) ⇒ Object
• #initialize(client_app_Id, client_app_secret, tenant_id, data_collection_endpoint, dcr_immutable_id, dcr_stream_name, compress_data, create_sample_file, sample_file_path, logger) ⇒ LogstashLoganalyticsOutputConfiguration constructor

  A new instance of LogstashLoganalyticsOutputConfiguration.

• #key_names ⇒ Object
• #key_names=(new_key_names) ⇒ Object
• #logger ⇒ Object
• #max_items ⇒ Object
• #max_items=(new_max_items) ⇒ Object
• #MAX_SIZE_BYTES ⇒ Object
• #MIN_MESSAGE_AMOUNT ⇒ Object
• #plugin_flush_interval ⇒ Object
• #plugin_flush_interval=(new_plugin_flush_interval) ⇒ Object
• #print_missing_parameter_message_and_raise(param_name) ⇒ Object
• #proxy_aad ⇒ Object
• #proxy_aad=(new_proxy_aad) ⇒ Object
• #proxy_endpoint ⇒ Object
• #proxy_endpoint=(new_proxy_endpoint) ⇒ Object
• #RETRANSMISSION_DELAY ⇒ Object
• #retransmission_time ⇒ Object
• #retransmission_time=(new_retransmission_time) ⇒ Object
• #sample_file_path ⇒ Object
• #sample_file_path=(new_sample_file_path) ⇒ Object
• #tenant_id ⇒ Object
• #validate_configuration ⇒ Object

Constructor Details

#initialize(client_app_Id, client_app_secret, tenant_id, data_collection_endpoint, dcr_immutable_id, dcr_stream_name, compress_data, create_sample_file, sample_file_path, logger) ⇒ LogstashLoganalyticsOutputConfiguration

Returns a new instance of LogstashLoganalyticsOutputConfiguration.

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 4

def initialize(client_app_Id, client_app_secret, tenant_id, data_collection_endpoint, dcr_immutable_id, dcr_stream_name, compress_data, create_sample_file, sample_file_path, logger)
		@client_app_Id = client_app_Id
    @client_app_secret = client_app_secret
    @tenant_id = tenant_id
    @data_collection_endpoint = data_collection_endpoint
    @dcr_immutable_id = dcr_immutable_id
    @dcr_stream_name = dcr_stream_name
    @logger = logger
 @compress_data = compress_data
 @create_sample_file = create_sample_file
 @sample_file_path = sample_file_path

	# Delay between each resending of a message
    @RETRANSMISSION_DELAY = 2
    @MIN_MESSAGE_AMOUNT = 100
    # Maximum of 1 MB per post to Log Analytics Data Collector API V2. 
    # This is a size limit for a single post. 
    # If the data from a single post that exceeds 1 MB, you should split it.
    @loganalytics_api_data_limit = 1 * 1024 * 1024

    # Taking 4K safety buffer
    @MAX_SIZE_BYTES = @loganalytics_api_data_limit - 10000
end

Instance Method Details

#amount_resizing ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 98

def amount_resizing
    @amount_resizing
end

#amount_resizing=(new_amount_resizing) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 178

def amount_resizing=(new_amount_resizing)
    @amount_resizing = new_amount_resizing
end

#client_app_Id ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 122

def client_app_Id
    @client_app_Id
end

#client_app_secret ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 126

def client_app_secret
    @client_app_secret
end

#compress_data ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 198

def compress_data
    @compress_data
end

#compress_data=(new_compress_data) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 202

def compress_data=(new_compress_data)
    @compress_data = new_compress_data
end

#create_sample_file ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 206

def create_sample_file
    @create_sample_file
end

#create_sample_file=(new_create_sample_file) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 210

def create_sample_file=(new_create_sample_file)
    @create_sample_file = new_create_sample_file
end

#data_collection_endpoint ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 134

def data_collection_endpoint
    @data_collection_endpoint
end

#dcr_immutable_id ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 138

def dcr_immutable_id
    @dcr_immutable_id
end

#dcr_stream_name ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 142

def dcr_stream_name
    @dcr_stream_name
end

#decrease_factor ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 118

def decrease_factor
    @decrease_factor
end

#decrease_factor=(new_decrease_factor) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 174

def decrease_factor=(new_decrease_factor)
    @decrease_factor = new_decrease_factor
end

#key_names ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 146

def key_names
    @key_names
end

#key_names=(new_key_names) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 166

def key_names=(new_key_names)
    @key_names = new_key_names
end

#logger ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 114

def logger
    @logger
end

#max_items ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 150

def max_items
    @max_items
end

#max_items=(new_max_items) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 162

def max_items=(new_max_items)
    @max_items = new_max_items
end

#MAX_SIZE_BYTES ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 94

def MAX_SIZE_BYTES
    @MAX_SIZE_BYTES
end

#MIN_MESSAGE_AMOUNT ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 158

def MIN_MESSAGE_AMOUNT
    @MIN_MESSAGE_AMOUNT
end

#plugin_flush_interval ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 154

def plugin_flush_interval
    @plugin_flush_interval
end

#plugin_flush_interval=(new_plugin_flush_interval) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 170

def plugin_flush_interval=(new_plugin_flush_interval)
    @plugin_flush_interval = new_plugin_flush_interval
end

#print_missing_parameter_message_and_raise(param_name) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 78

def print_missing_parameter_message_and_raise(param_name)
    @logger.error("Missing a required setting for the microsoft-sentinel-log-analytics-logstash-output-plugin output plugin:
  output {
microsoft-sentinel-log-analytics-logstash-output-plugin {
  #{param_name} => # SETTING MISSING
  ...
}
  }
")
    raise ArgumentError, "The setting #{param_name} is required."
end

#proxy_aad ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 106

def proxy_aad
    @proxy_aad
end

#proxy_aad=(new_proxy_aad) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 186

def proxy_aad=(new_proxy_aad)
    @proxy_aad = new_proxy_aad
end

#proxy_endpoint ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 110

def proxy_endpoint
    @proxy_endpoint
end

#proxy_endpoint=(new_proxy_endpoint) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 190

def proxy_endpoint=(new_proxy_endpoint)
    @proxy_endpoint = new_proxy_endpoint
end

#RETRANSMISSION_DELAY ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 90

def RETRANSMISSION_DELAY
    @RETRANSMISSION_DELAY
end

#retransmission_time ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 102

def retransmission_time
    @retransmission_time
end

#retransmission_time=(new_retransmission_time) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 194

def retransmission_time=(new_retransmission_time)
    @retransmission_time = new_retransmission_time
end

#sample_file_path ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 214

def sample_file_path
    @sample_file_path
end

#sample_file_path=(new_sample_file_path) ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 218

def sample_file_path=(new_sample_file_path)
    @sample_file_path = new_sample_file_path
end

#tenant_id ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 130

def tenant_id
    @tenant_id
end

#validate_configuration ⇒ Object

# File 'lib/logstash/sentinel_la/logstashLoganalyticsConfiguration.rb', line 28

def validate_configuration()
  if @create_sample_file
      begin
          if @sample_file_path.nil?
              print_missing_parameter_message_and_raise("sample_file_path")
          end
          if @sample_file_path.strip == ""
              raise ArgumentError, "The setting sample_file_path cannot be empty"
          end
          begin
              file = java.io.File.new(@sample_file_path)
              if !file.exists
                  raise "Path not exists"
              end
          rescue Exception
              raise ArgumentError, "The path #{@sample_file_path} does not exist."
          end
      end
  else
      required_configs = { "client_app_Id" => @client_app_Id,
                          "client_app_secret" => @client_app_secret,
                          "tenant_id" => @tenant_id,
                          "data_collection_endpoint" => @data_collection_endpoint,
                          "dcr_immutable_id" => @dcr_immutable_id,
                          "dcr_stream_name" => @dcr_stream_name }
      required_configs.each { |name, conf|
          if conf.nil?
              print_missing_parameter_message_and_raise(name)
          end
          if conf.empty?
              raise ArgumentError, "Malformed configuration , the following arguments can not be null or empty.[client_app_Id, client_app_secret, tenant_id, data_collection_endpoint, dcr_immutable_id, dcr_stream_name]"
          end
      }

      if @retransmission_time < 0
          raise ArgumentError, "retransmission_time must be a positive integer."
      end
      if @max_items < @MIN_MESSAGE_AMOUNT
          raise ArgumentError, "Setting max_items to value must be greater then #{@MIN_MESSAGE_AMOUNT}."
      end
      if @key_names.length > 500
          raise ArgumentError, 'There are over 500 key names listed to be included in the events sent to Azure Loganalytics, which exceeds the limit of columns that can be define in each table in log analytics.'
      end
  end
    @logger.info("Azure Loganalytics configuration was found valid.")
    # If all validation pass then configuration is valid
    return  true
end