Examples with KinesisLogEntry org.graylog.integrations.aws.cloudwatch.KinesisLogEntry used on opensource projects

Search in sources :

Example 6 with KinesisLogEntry

use of org.graylog.integrations.aws.cloudwatch.KinesisLogEntry in project graylog-plugin-integrations by Graylog2.

the class KinesisPayloadDecoderTest method testKinesisRawDecoding.

@Test
public void testKinesisRawDecoding() throws IOException {
    final String textLogMessage = "a text log message";
    final Instant now = Instant.now();
    final List<KinesisLogEntry> logEntries = rawDecoder.processMessages(textLogMessage.getBytes(), now);
    Assert.assertEquals(1, logEntries.size());
    // Verify that there are two flow logs present in the parsed result.
    Assert.assertEquals(1, logEntries.stream().filter(logEntry -> logEntry.message().equals(textLogMessage)).count());
    // Verify timestamp and message contents.
    final KinesisLogEntry resultLogEntry = logEntries.stream().findAny().get();
    Assert.assertEquals(textLogMessage, resultLogEntry.message());
    Assert.assertEquals(new DateTime(now.toEpochMilli(), DateTimeZone.UTC), resultLogEntry.timestamp());
}
Also used : Instant(java.time.Instant) KinesisLogEntry(org.graylog.integrations.aws.cloudwatch.KinesisLogEntry) DateTime(org.joda.time.DateTime) Test(org.junit.Test)

Example 7 with KinesisLogEntry

use of org.graylog.integrations.aws.cloudwatch.KinesisLogEntry in project graylog-plugin-integrations by Graylog2.

the class AWSCodecTest method testKinesisFlowLogCodec.

@Test
public void testKinesisFlowLogCodec() throws JsonProcessingException {
    final HashMap<String, Object> configMap = new HashMap<>();
    configMap.put(AWSCodec.CK_AWS_MESSAGE_TYPE, AWSMessageType.KINESIS_CLOUDWATCH_FLOW_LOGS.toString());
    final Configuration configuration = new Configuration(configMap);
    final AWSCodec codec = new AWSCodec(configuration, AWSTestingUtils.buildTestCodecs());
    DateTime timestamp = DateTime.now(DateTimeZone.UTC);
    KinesisLogEntry kinesisLogEntry = KinesisLogEntry.create("a-stream", "log-group", "log-stream", timestamp, "2 423432432432 eni-3244234 172.1.1.2 172.1.1.2 80 2264 6 1 52 1559738144 1559738204 ACCEPT OK");
    Message message = codec.decode(new RawMessage(objectMapper.writeValueAsBytes(kinesisLogEntry)));
    Assert.assertEquals("log-group", message.getField(AbstractKinesisCodec.FIELD_LOG_GROUP));
    Assert.assertEquals("log-stream", message.getField(AbstractKinesisCodec.FIELD_LOG_STREAM));
    Assert.assertEquals("a-stream", message.getField(AbstractKinesisCodec.FIELD_KINESIS_STREAM));
    Assert.assertEquals(6, message.getField(KinesisCloudWatchFlowLogCodec.FIELD_PROTOCOL_NUMBER));
    Assert.assertEquals("172.1.1.2", message.getField(KinesisCloudWatchFlowLogCodec.FIELD_SRC_ADDR));
    Assert.assertEquals(KinesisCloudWatchFlowLogCodec.SOURCE, message.getField("source"));
    Assert.assertEquals("eni-3244234 ACCEPT TCP 172.1.1.2:80 -> 172.1.1.2:2264", message.getField("message"));
    Assert.assertEquals(1L, message.getField(KinesisCloudWatchFlowLogCodec.FIELD_PACKETS));
    Assert.assertEquals(80, message.getField(KinesisCloudWatchFlowLogCodec.FIELD_SRC_PORT));
    Assert.assertEquals(60, message.getField(KinesisCloudWatchFlowLogCodec.FIELD_CAPTURE_WINDOW_DURATION));
    Assert.assertEquals("TCP", message.getField(KinesisCloudWatchFlowLogCodec.FIELD_PROTOCOL));
    Assert.assertEquals("423432432432", message.getField(KinesisCloudWatchFlowLogCodec.FIELD_ACCOUNT_ID));
    Assert.assertEquals("eni-3244234", message.getField(KinesisCloudWatchFlowLogCodec.FIELD_INTERFACE_ID));
    Assert.assertEquals("OK", message.getField(KinesisCloudWatchFlowLogCodec.FIELD_LOG_STATUS));
    Assert.assertEquals(52L, message.getField(KinesisCloudWatchFlowLogCodec.FIELD_BYTES));
    Assert.assertEquals(true, message.getField(KinesisCloudWatchFlowLogCodec.SOURCE_GROUP_IDENTIFIER));
    Assert.assertEquals("172.1.1.2", message.getField(KinesisCloudWatchFlowLogCodec.FIELD_DST_ADDR));
    Assert.assertEquals(2264, message.getField(KinesisCloudWatchFlowLogCodec.FIELD_DST_PORT));
    Assert.assertEquals("ACCEPT", message.getField(KinesisCloudWatchFlowLogCodec.FIELD_ACTION));
    Assert.assertEquals(timestamp, message.getTimestamp());
}
Also used : Configuration(org.graylog2.plugin.configuration.Configuration) RawMessage(org.graylog2.plugin.journal.RawMessage) Message(org.graylog2.plugin.Message) HashMap(java.util.HashMap) KinesisLogEntry(org.graylog.integrations.aws.cloudwatch.KinesisLogEntry) RawMessage(org.graylog2.plugin.journal.RawMessage) DateTime(org.joda.time.DateTime) Test(org.junit.Test)

Aggregations

KinesisLogEntry (org.graylog.integrations.aws.cloudwatch.KinesisLogEntry)7 Test (org.junit.Test)6 Message (org.graylog2.plugin.Message)4 DateTime (org.joda.time.DateTime)4 AWSLogMessage (org.graylog.integrations.aws.AWSLogMessage)3 RawMessage (org.graylog2.plugin.journal.RawMessage)3 HashMap (java.util.HashMap)2 Configuration (org.graylog2.plugin.configuration.Configuration)2 JsonProcessingException (com.fasterxml.jackson.core.JsonProcessingException)1 Instant (java.time.Instant)1 BadRequestException (javax.ws.rs.BadRequestException)1 AWSMessageType (org.graylog.integrations.aws.AWSMessageType)1 Codec (org.graylog2.plugin.inputs.codecs.Codec)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial