class LogStash::Filters::Base

Constants

RESERVED

Public Class Methods

new(params) click to toggle source
Calls superclass method LogStash::Plugin::new
# File lib/logstash/filters/base.rb, line 91
def initialize(params)
  super
  config_init(params)
  @threadsafe = true
end

Public Instance Methods

execute(event, &block) click to toggle source
# File lib/logstash/filters/base.rb, line 108
def execute(event, &block)
  filter(event, &block)
end
filter(event) click to toggle source
# File lib/logstash/filters/base.rb, line 103
def filter(event)
  raise "#{self.class}#filter must be overidden"
end
register() click to toggle source
# File lib/logstash/filters/base.rb, line 98
def register
  raise "#{self.class}#register must be overidden"
end
threadsafe?() click to toggle source
# File lib/logstash/filters/base.rb, line 113
def threadsafe?
  @threadsafe
end

Protected Instance Methods

filter?(event) click to toggle source
# File lib/logstash/filters/base.rb, line 161
def filter?(event)
  if !@type.empty?
    if event["type"] != @type
      @logger.debug? and @logger.debug(["filters/#{self.class.name}: Skipping event because type doesn't match #{@type}", event])
      return false
    end
  end

  if !@tags.empty?
    # this filter has only works on events with certain tags,
    # and this event has no tags.
    return false if !event["tags"]

    # Is @tags a subset of the event's tags? If not, skip it.
    if (event["tags"] & @tags).size != @tags.size
      @logger.debug(["filters/#{self.class.name}: Skipping event because tags don't match #{@tags.inspect}", event])
      return false
    end
  end

  if !@exclude_tags.empty? && event["tags"]
    if (diff_tags = (event["tags"] & @exclude_tags)).size != 0
      @logger.debug(["filters/#{self.class.name}: Skipping event because tags contains excluded tags: #{diff_tags.inspect}", event])
      return false
    end
  end

  return true
end
filter_matched(event) click to toggle source

a filter instance should call filter_matched from filter if the event matches the filter's conditions (right type, etc)

# File lib/logstash/filters/base.rb, line 120
def filter_matched(event)
  @add_field.each do |field, value|
    field = event.sprintf(field)
    value = [value] if !value.is_a?(Array)
    value.each do |v|
      v = event.sprintf(v)
      if event.include?(field)
        event[field] = [event[field]] if !event[field].is_a?(Array)
        event[field] << v
      else
        event[field] = v
      end
      @logger.debug? and @logger.debug("filters/#{self.class.name}: adding value to field",
                                     :field => field, :value => value)
    end
  end
  
  @remove_field.each do |field|
    field = event.sprintf(field)
    @logger.debug? and @logger.debug("filters/#{self.class.name}: removing field",
                                     :field => field) 
    event.remove(field)
  end

  @add_tag.each do |tag|
    tag = event.sprintf(tag)
    @logger.debug? and @logger.debug("filters/#{self.class.name}: adding tag",
                                     :tag => tag)
    (event["tags"] ||= []) << tag
  end

  @remove_tag.each do |tag|
    break if event["tags"].nil?
    tag = event.sprintf(tag)
    @logger.debug? and @logger.debug("filters/#{self.class.name}: removing tag",
                                     :tag => tag)
    event["tags"].delete(tag)
  end
end