Change name of httprequest filter

* Make its name more general because it's not only suited for GET requests * Fix list of fields referx to #27
Icinga · May 29, 2019 · 16956d9 · 16956d9
1 parent 60866d5
commit 16956d9
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 7 deletions.
diff --git a/doc/30-namingscheme.md b/doc/30-namingscheme.md
@@ -82,6 +82,4 @@ grep -Pho "\[icinga\]\[[^\[]*?\]" filter-* | sort -u | sed -e "s@\[icinga\]\[@@;
 
 These are all fieldnames in use for filter-50-configs to date:
 
-*agent, bytes, checkablespending, checkablesrate, checkinterval, checknext, checkoriginal, checktime, clientendpoint, clienthost, clientport, code, component, configfilecount, connectedendpoints, count, currentepoch, currentmaster, date, dateend, datestart, dbinstance, detail, direction, epochcurrent, epochreceived, errorcode, eventtype, facility, filecount, filterversion, hostname, hostport, httpclientip, httpclientport, idlecheckables, items01min, items05min, items15min, itemscount, itemsrate, listenerhost, logposition, message, messagecount, messagetype, metriclist, name, nomessageduration, notification, notificationcount, notificationtype, object, objectdetails, objectname, objecttype, path, period, pid, plugin, port, pugin, query, receivedepoch, remainingclients, severity, signal, sslerrorcode, sslerrordetails, statefile, tbd, timestamp, user, username, workerdetail, workerfacility, workerid, zone*
-
-
+*agent, apirequest, apiuser, bytes, checkablespending, checkablesrate, checkinterval, checknext, checkoriginal, checktime, clientendpoint, clienthost, clientport, code, component, configfilecount, connectedendpoints, context, count, currentepoch, currentmaster, date, dateend, datestart, dbinstance, detail, direction, epochcurrent, epochreceived, errorcode, eventtype, facility, filecount, filterversion, hostname, hostport, httpclientip, httpclientport, httpmethod, idlecheckables, items01min, items05min, items15min, itemscount, itemsrate, listenerhost, logposition, message, messagecount, messagetype, metriclist, name, nomessageduration, notification, notificationcount, notificationtype, object, objectdetails, objectname, objecttype, path, period, pid, plugin, port, pugin, query, receivedepoch, remainingclients, severity, signal, sslerrorcode, sslerrordetails, statefile, timestamp, username, workerdetail, workerfacility, workerid, zone
diff --git a/filter-50-httpserverconnection.conf b/filter-50-httpserverconnection.conf
@@ -14,11 +14,11 @@ filter {
       # do not use pattern USERNAME for api user, because sometimes it's just "<unauthenticated>"
       grok {
         match => ["message","Request: %{WORD:[icinga][httpmethod]} %{URIPATHPARAM:[icinga][apirequest]} \(from \[%{IP:[icinga][httpclientip]}\]:%{POSINT:[icinga][httpclientport]}\), user: %{DATA:[icinga][apiuser]}(, agent: %{DATA:[icinga][agent]} \(%{DATA:[icinga][agent]}\) %{DATA:[icinga][agent]})?\)"]
-        id => "icinga_requestget"
-        add_tag => "icinga_requestget"
-        tag_on_failure => ["_grokparsefailure","icinga_requestget_failed"]
+        id => "icinga_httprequest"
+        add_tag => "icinga_httprequest"
+        tag_on_failure => ["_grokparsefailure","icinga_httprequest_failed"]
         add_field => {
-          "[icinga][eventtype]" => "request_get"
+          "[icinga][eventtype]" => "httprequest"
         }
       }
     } else if [message] =~ /^Unauthorized request:/ {
Original file line number	Diff line number	Diff line change
Expand Up		@@ -82,6 +82,4 @@ grep -Pho "\[icinga\]\[[^\[]?\]" filter- \| sort -u \| sed -e "s@\[icinga\]\[@@;

		These are all fieldnames in use for filter-50-configs to date:

		agent, bytes, checkablespending, checkablesrate, checkinterval, checknext, checkoriginal, checktime, clientendpoint, clienthost, clientport, code, component, configfilecount, connectedendpoints, count, currentepoch, currentmaster, date, dateend, datestart, dbinstance, detail, direction, epochcurrent, epochreceived, errorcode, eventtype, facility, filecount, filterversion, hostname, hostport, httpclientip, httpclientport, idlecheckables, items01min, items05min, items15min, itemscount, itemsrate, listenerhost, logposition, message, messagecount, messagetype, metriclist, name, nomessageduration, notification, notificationcount, notificationtype, object, objectdetails, objectname, objecttype, path, period, pid, plugin, port, pugin, query, receivedepoch, remainingclients, severity, signal, sslerrorcode, sslerrordetails, statefile, tbd, timestamp, user, username, workerdetail, workerfacility, workerid, zone


		*agent, apirequest, apiuser, bytes, checkablespending, checkablesrate, checkinterval, checknext, checkoriginal, checktime, clientendpoint, clienthost, clientport, code, component, configfilecount, connectedendpoints, context, count, currentepoch, currentmaster, date, dateend, datestart, dbinstance, detail, direction, epochcurrent, epochreceived, errorcode, eventtype, facility, filecount, filterversion, hostname, hostport, httpclientip, httpclientport, httpmethod, idlecheckables, items01min, items05min, items15min, itemscount, itemsrate, listenerhost, logposition, message, messagecount, messagetype, metriclist, name, nomessageduration, notification, notificationcount, notificationtype, object, objectdetails, objectname, objecttype, path, period, pid, plugin, port, pugin, query, receivedepoch, remainingclients, severity, signal, sslerrorcode, sslerrordetails, statefile, timestamp, username, workerdetail, workerfacility, workerid, zone