Hi,
I made a custom filter which to perform some commands on a remote server using net-ssh and return the output. The filter works fine for 3 to 4 events but after that it starts to fail.
Filter code:-
# encoding: utf-8
require "logstash/filters/base"
require "logstash/namespace"
require "rubygems"
require "net/ssh"
class LogStash::Filters::RemoteCommand < LogStash::Filters::Base
config_name "remote_command"
# Replace the message with this value.
config :command_list, :validate => :string, :default => nil
config :username, :validate => :string, :default => nil
config :password, :validate => :string, :default => nil
config :hostname, :validate => :string, :default => nil
config :output, :validate => :string, :default => nil
public
def register
end # def register
public
def filter(event)
@command = event.get(@command_list)
@user = event.get(@username)
@pass = event.get(@password)
@host = event.get(@hostname)
@command_output = event.get(@output)
begin
Net::SSH.start(@host, @user, :password => @pass) do|ssh|
event.set("filter_check","ssh_pass")
result = ssh.exec!(@command)
event.set(@command_output, result)
ssh.close
end
rescue => error
event.set(@command_output, error.backtrace)
event.set("command_output_message", error.message)
event.set("command_output_inspect", error.inspect)
end
# filter_matched should go in the last line of our successful code
filter_matched(event)
end # def filter
end # class LogStash::Filters::RemoteCommand
After 3 to 4 event filter is not able to ssh to the remote server, it show following reason for failure in error
error.inspect:- "wrong number of arguments (1 for 2)"
error.message:- "#<ArgumentError: wrong number of arguments (1 for 2)>"
error.backtrace:- [ 0] "/home/xyz/elk_6.1.1_64bit/logstash/vendor/bundle/jruby/2.3.0/gems/net-ssh-4.2.0/lib/net/ssh/transport/server_version.rb:57:in block in negotiate!'", [ 1] "org/jruby/RubyKernel.java:1292:inloop'",
[ 2] "/home/xyz/elk_6.1.1_64bit/logstash/vendor/bundle/jruby/2.3.0/gems/net-ssh-4.2.0/lib/net/ssh/transport/server_version.rb:52:in block in negotiate!'", [ 3] "org/jruby/RubyKernel.java:1292:inloop'",
[ 4] "/home/xyz/elk_6.1.1_64bit/logstash/vendor/bundle/jruby/2.3.0/gems/net-ssh-4.2.0/lib/net/ssh/transport/server_version.rb:50:in negotiate!'", [ 5] "/home/xyz/elk_6.1.1_64bit/logstash/vendor/bundle/jruby/2.3.0/gems/net-ssh-4.2.0/lib/net/ssh/transport/server_version.rb:32:ininitialize'",
[ 6] "/home/xyz/elk_6.1.1_64bit/logstash/vendor/bundle/jruby/2.3.0/gems/net-ssh-4.2.0/lib/net/ssh/transport/session.rb:84:in initialize'", [ 7] "/home/xyz/elk_6.1.1_64bit/logstash/vendor/bundle/jruby/2.3.0/gems/net-ssh-4.2.0/lib/net/ssh.rb:237:instart'",
[ 8] "/home/xyz/elk_6.1.1_64bit/logstash/vendor/local_gems/1f71cb3a/logstash-filter-remote_command-0.1.0/lib/logstash/filters/remote_command.rb:37:in filter'", [ 9] "/home/xyz/elk_6.1.1_64bit/logstash/logstash-core/lib/logstash/filters/base.rb:145:indo_filter'",
[10] "/home/xyz/elk_6.1.1_64bit/logstash/logstash-core/lib/logstash/filters/base.rb:164:in block in multi_filter'", [11] "org/jruby/RubyArray.java:1734:ineach'",
[12] "/home/xyz/elk_6.1.1_64bit/logstash/logstash-core/lib/logstash/filters/base.rb:161:in multi_filter'", [13] "/home/xyz/elk_6.1.1_64bit/logstash/logstash-core/lib/logstash/filter_delegator.rb:48:inmulti_filter'",
[14] "(eval):1288:in block in initialize'", [15] "org/jruby/RubyArray.java:1734:ineach'",
[16] "(eval):1282:in block in initialize'", [17] "(eval):1310:inblock in initialize'",
[18] "org/jruby/RubyArray.java:1734:in each'", [19] "(eval):1304:inblock in initialize'",
[20] "(eval):1328:in block in initialize'", [21] "org/jruby/RubyArray.java:1734:ineach'",
[22] "(eval):1321:in block in initialize'", [23] "(eval):496:inblock in filter_func'",
[24] "/home/xyz/elk_6.1.1_64bit/logstash/logstash-core/lib/logstash/pipeline.rb:455:in filter_batch'", [25] "/home/xyz/elk_6.1.1_64bit/logstash/logstash-core/lib/logstash/pipeline.rb:434:inworker_loop'",
[26] "/home/xyz/elk_6.1.1_64bit/logstash/logstash-core/lib/logstash/pipeline.rb:393:in `block in start_workers'"