1.2.13 (#241)

.ruby-version

@@ -1 +1 @@
-2.6.1
+2.7.4

Gemfile.lock

@@ -1,10 +1,10 @@
 PATH
   remote: .
   specs:
-    fluent-plugin-splunk-hec (1.2.12)
+    fluent-plugin-splunk-hec (1.2.13)
       fluentd (>= 1.4)
       multi_json (~> 1.13)
-      net-http-persistent (~> 3.1)
+      net-http-persistent (~> 4.0)
       openid_connect (~> 1.1.8)
       prometheus-client (>= 2.1.0)
 
@@ -29,7 +29,7 @@ GEM
     crack (0.4.5)
       rexml
     docile (1.4.0)
-    fluentd (1.14.5)
+    fluentd (1.14.6)
       bundler
       cool.io (>= 1.4.5, < 2.0.0)
       http_parser.rb (>= 0.5.1, < 0.9.0)
@@ -54,9 +54,9 @@ GEM
       mini_mime (>= 0.1.1)
     mini_mime (1.1.2)
     minitest (5.15.0)
-    msgpack (1.4.5)
+    msgpack (1.5.1)
     multi_json (1.15.0)
-    net-http-persistent (3.1.0)
+    net-http-persistent (4.0.1)
       connection_pool (~> 2.2)
     openid_connect (1.1.8)
       activemodel
@@ -114,7 +114,7 @@ GEM
       crack (>= 0.3.2)
       hashdiff
     webrick (1.7.0)
-    yajl-ruby (1.4.1)
+    yajl-ruby (1.4.2)
 
 PLATFORMS
   ruby

README.md

@@ -1,13 +1,13 @@
 # fluent-plugin-splunk-hec
 
 [Fluentd](https://fluentd.org/) output plugin to send events and metrics to [Splunk](https://www.splunk.com) in 2 modes:<br/>
-1) Via Splunk's [HEC (HTTP Event Collector) API](http://dev.splunk.com/view/event-collector/SP-CAAAE7F)<br/> 
+1) Via Splunk's [HEC (HTTP Event Collector) API](http://dev.splunk.com/view/event-collector/SP-CAAAE7F)<br/>
 2) Via the Splunk Cloud Services (SCS) [Ingest API](https://sdc.splunkbeta.com/reference/api/ingest/v1beta2)
 
 ## Installation
 
 ### RubyGems
-``` 
+```
 $ gem install fluent-plugin-splunk-hec
 ```
 ### Bundler
@@ -157,7 +157,7 @@ This value must be set to `splunk_hec` when using HEC API and to `splunk_ingest_
 
 #### protocol (enum) (optional)
 
-This is the protocol to use for calling the HEC API. Available values are: http, https. This parameter is 
+This is the protocol to use for calling the HEC API. Available values are: http, https. This parameter is
 set to `https` by default.
 
 ### hec_host (string) (required)
@@ -172,6 +172,10 @@ The port number for the HEC token or the HEC load balancer. The default value is
 
 Identifier for the HEC token.
 
+### hec_endpoint (string) (optional)
+
+The HEC REST API endpoint to use. The default value is `services/collector`.
+
 ### metrics_from_event (bool) (optional)
 
 When `data_type` is set to "metric", the ingest API will treat every key-value pair in the input event as a metric name-value pair. Set `metrics_from_event` to `false` to disable this behavior and use `metric_name_key` and `metric_value_key` to define metrics. The default value is `true`.
@@ -194,31 +198,31 @@ If `coerce_to_utf8` is set to `true`, any non-UTF-8 character is replaced by the
 
 ### Parameters for `splunk_ingest_api`
 
-### service_client_identifier: (optional) (string) 
+### service_client_identifier: (optional) (string)
 
 Splunk uses the client identifier to make authorized requests to the ingest API.
 
-### service_client_secret_key: (string) 
+### service_client_secret_key: (string)
 
 The client identifier uses this authorization to make requests to the ingest API.
 
-### token_endpoint: (string) 
+### token_endpoint: (string)
 
 This value indicates which endpoint Splunk should look to for the authorization token necessary for requests to the ingest API.
 
-### ingest_api_host: (string) 
+### ingest_api_host: (string)
 
 Indicates which url/hostname to use for requests to the ingest API.
 
-### ingest_api_tenant: (string) 
+### ingest_api_tenant: (string)
 
 Indicates which tenant Splunk should use for requests to the ingest API.
 
-### ingest_api_events_endpoint: (string) 
+### ingest_api_events_endpoint: (string)
 
 Indicates which endpoint to use for requests to the ingest API.
 
-### debug_http: (bool) 
+### debug_http: (bool)
 Set to True if you want to debug requests and responses to ingest API. Default is false.
 
 ### Parameters for both `splunk_hec` and `splunk_ingest_api`
@@ -330,7 +334,7 @@ If a parameter has just a key, it means its value is exactly the same as the key
 
 #### When `data_type` is `metric`
 
-For metrics, parameters inside `<fields>` are used as dimensions. If `<fields>` is not presented, the original input event will be used as dimensions. If an empty `<fields></fields>` is presented, no dimension is sent. For example, given the following configuration: 
+For metrics, parameters inside `<fields>` are used as dimensions. If `<fields>` is not presented, the original input event will be used as dimensions. If an empty `<fields></fields>` is presented, no dimension is sent. For example, given the following configuration:
 
 ```
 <match **>
@@ -381,7 +385,7 @@ Multiple `<format>` sections can be defined to use different formatters for diff
   </format>
 ```
 
-This example: 
+This example:
 - Formats events with tags that start with `sometag.` with the `single_value` formatter
 - Formats events with tags `some.othertag` with the `csv` formatter
 - Formats all other events with the `json` formatter (the default formatter)
@@ -398,7 +402,7 @@ The following parameters can be used for tuning HTTP connections:
 
 #### idle_timeout (integer)
 
-The default is five seconds. If a connection has not been used for five seconds, it is automatically reset at next use, in order to avoid attempting to send to a closed connection. Specifiy `nil` to prohibit any timeouts. 
+The default is five seconds. If a connection has not been used for five seconds, it is automatically reset at next use, in order to avoid attempting to send to a closed connection. Specifiy `nil` to prohibit any timeouts.
 
 #### read_timeout (integer)
 
@@ -457,4 +461,4 @@ Here are some hints:
 
 ## License
 
-Please see [LICENSE](LICENSE). 
+Please see [LICENSE](LICENSE).

VERSION

@@ -1 +1 @@
-1.2.12
+1.2.13

docker/Gemfile

@@ -1,23 +1,23 @@
 source 'https://rubygems.org'
 
-# This is separate gemfile for building docker image that has all plugins 
+# This is separate gemfile for building docker image that has all plugins
 # for kubernetes log collection agent
 # List all required gems here and install via bundler to resolve dependencies
-gem "fluentd", ">=1.14.2" 
+gem "fluentd", ">=1.14.5"
 gem "fluent-plugin-systemd", "=1.0.2"
 gem "fluent-plugin-concat", "=2.4.0"
-gem "fluent-plugin-prometheus", "=2.0.1"
+gem "fluent-plugin-prometheus", "=2.0.2"
 gem "fluent-plugin-jq", "=0.5.1"
 gem "fluent-plugin-kubernetes_metadata_filter", ">=2.9.2"
 gem "oj", "=3.11.2"
 gem 'multi_json', '~> 1.13'
-gem 'net-http-persistent', '~> 3.1'
+gem 'net-http-persistent', '~> 4.0'
 gem 'openid_connect', '~> 1.1.8'
 gem 'prometheus-client', '>= 2.1.0'
 gem 'activesupport', '~> 5.2.4.3'
-gem 'http_parser.rb', '=0.5.3'
+gem 'http_parser.rb', '=0.8.0'
 gem "rack", ">= 2.1.4"
 gem "fluent-plugin-record-modifier", ">=2.1"
 
 
-gem 'fluent-plugin-splunk-hec', path: 'gem/'
+gem 'fluent-plugin-splunk-hec', path: 'gem/'

docker/Gemfile.lock

@@ -1,10 +1,10 @@
 PATH
   remote: gem
   specs:
-    fluent-plugin-splunk-hec (1.2.12)
+    fluent-plugin-splunk-hec (1.2.13)
       fluentd (>= 1.4)
       multi_json (~> 1.13)
-      net-http-persistent (~> 3.1)
+      net-http-persistent (~> 4.0)
       openid_connect (~> 1.1.8)
       prometheus-client (>= 2.1.0)
 
@@ -41,20 +41,20 @@ GEM
       fluentd (>= 0.14.0, < 1.15)
       kubeclient (>= 4.0.0, < 5.0.0)
       lru_redux
-    fluent-plugin-prometheus (2.0.1)
+    fluent-plugin-prometheus (2.0.2)
       fluentd (>= 1.9.1, < 2)
       prometheus-client (>= 2.1.0)
     fluent-plugin-record-modifier (2.1.0)
       fluentd (>= 1.0, < 2)
     fluent-plugin-systemd (1.0.2)
       fluentd (>= 0.14.11, < 2)
       systemd-journal (~> 1.3.2)
-    fluentd (1.14.4)
+    fluentd (1.14.6)
       bundler
       cool.io (>= 1.4.5, < 2.0.0)
       http_parser.rb (>= 0.5.1, < 0.9.0)
       msgpack (>= 1.3.1, < 2.0.0)
-      serverengine (>= 2.2.2, < 3.0.0)
+      serverengine (>= 2.2.5, < 3.0.0)
       sigdump (~> 0.2.2)
       strptime (>= 0.2.4, < 1.0.0)
       tzinfo (>= 1.0, < 3.0)
@@ -72,7 +72,7 @@ GEM
     http-form_data (2.3.0)
     http-parser (1.2.3)
       ffi-compiler (>= 1.0, < 2.0)
-    http_parser.rb (0.5.3)
+    http_parser.rb (0.8.0)
     httpclient (2.8.3)
     i18n (1.9.1)
       concurrent-ruby (~> 1.0)
@@ -82,7 +82,7 @@ GEM
       bindata
     jsonpath (1.1.0)
       multi_json
-    kubeclient (4.9.2)
+    kubeclient (4.9.3)
       http (>= 3.0, < 5.0)
       jsonpath (~> 1.0)
       recursive-open-struct (~> 1.1, >= 1.1.1)
@@ -95,9 +95,9 @@ GEM
     mime-types-data (3.2022.0105)
     mini_mime (1.1.2)
     minitest (5.15.0)
-    msgpack (1.4.4)
+    msgpack (1.5.1)
     multi_json (1.15.0)
-    net-http-persistent (3.1.0)
+    net-http-persistent (4.0.0)
       connection_pool (~> 2.2)
     netrc (0.11.0)
     oj (3.11.2)
@@ -140,7 +140,7 @@ GEM
     thread_safe (0.3.6)
     tzinfo (1.2.9)
       thread_safe (~> 0.1)
-    tzinfo-data (1.2021.5)
+    tzinfo-data (1.2022.1)
       tzinfo (>= 1.0.0)
     unf (0.1.4)
       unf_ext
@@ -155,7 +155,7 @@ GEM
       activesupport
       httpclient (>= 2.4)
     webrick (1.7.0)
-    yajl-ruby (1.4.1)
+    yajl-ruby (1.4.2)
 
 PLATFORMS
   ruby
@@ -165,18 +165,18 @@ DEPENDENCIES
   fluent-plugin-concat (= 2.4.0)
   fluent-plugin-jq (= 0.5.1)
   fluent-plugin-kubernetes_metadata_filter (>= 2.9.2)
-  fluent-plugin-prometheus (= 2.0.1)
+  fluent-plugin-prometheus (= 2.0.2)
   fluent-plugin-record-modifier (>= 2.1)
   fluent-plugin-splunk-hec!
   fluent-plugin-systemd (= 1.0.2)
-  fluentd (>= 1.14.2)
-  http_parser.rb (= 0.5.3)
+  fluentd (>= 1.14.5)
+  http_parser.rb (= 0.8.0)
   multi_json (~> 1.13)
-  net-http-persistent (~> 3.1)
+  net-http-persistent (~> 4.0)
   oj (= 3.11.2)
   openid_connect (~> 1.1.8)
   prometheus-client (>= 2.1.0)
   rack (>= 2.1.4)
 
 BUNDLED WITH
-   2.2.32
+   2.3.11

fluent-plugin-splunk-hec.gemspec

@@ -35,7 +35,7 @@ Gem::Specification.new do |spec|
 
   spec.add_runtime_dependency 'fluentd', '>= 1.4'
   spec.add_runtime_dependency 'multi_json', '~> 1.13'
-  spec.add_runtime_dependency 'net-http-persistent', '~> 3.1'
+  spec.add_runtime_dependency 'net-http-persistent', '~> 4.0'
   spec.add_runtime_dependency 'openid_connect', '~> 1.1.8'
   spec.add_runtime_dependency 'prometheus-client', '>= 2.1.0'
 

lib/fluent/plugin/out_splunk.rb

@@ -92,6 +92,10 @@ def configure(conf)
       end
     end
 
+    def shutdown
+      super
+    end
+
     def write(chunk)
       log.trace { "#{self.class}: Received new chunk, size=#{chunk.read.bytesize}" }
 

lib/fluent/plugin/out_splunk_hec.rb

@@ -36,6 +36,9 @@ class SplunkHecOutput < SplunkOutput
     desc 'The port number to HEC, or HEC load balancer.'
     config_param :hec_port, :integer, default: 8088
 
+    desc 'HEC REST API endpoint to use'
+    config_param :hec_endpoint, :string, default: 'services/collector'
+
     desc 'Full url to connect tosplunk. Example: https://mydomain.com:8088/apps/splunk'
     config_param :full_url, :string, default: ''
 
@@ -166,8 +169,8 @@ def start
     end
 
     def shutdown
+      @conn.shutdown if not @conn.nil?
       super
-      @conn.shutdown
     end
 
     def format(tag, time, record)
@@ -287,9 +290,9 @@ def format_metric(tag, time, record)
 
     def construct_api
       if @full_url.empty?
-        URI("#{@protocol}://#{@hec_host}:#{@hec_port}/services/collector")
+        URI("#{@protocol}://#{@hec_host}:#{@hec_port}/#{@hec_endpoint.delete_prefix("/")}")
       else
-        URI("#{@full_url.delete_suffix("/")}/services/collector")
+        URI("#{@full_url.delete_suffix("/")}/#{@hec_endpoint.delete_prefix("/")}")
       end
     rescue StandardError
       if @full_url.empty?