Class: LogStash::Inputs::LDAPSearch

Inherits:
Base
  • Object
show all
Defined in:
lib/logstash/inputs/LDAPSearch.rb

Instance Method Summary collapse

Instance Method Details

#registerObject


22
23
24
# File 'lib/logstash/inputs/LDAPSearch.rb', line 22

def register
        require 'net/ldap'
end

#run(queue) ⇒ Object


27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# File 'lib/logstash/inputs/LDAPSearch.rb', line 27

def run(queue)
        begin
                if @usessl == true
                        conn = Net::LDAP.new :host => @host,
                                             :port => @port,
                                             :encryption => :simple_tls,
                                             :base => base,
                                             :auth => {
                                                :method => :simple,
                                                :username => @dn,
                                                :password => @password.value
                                             }
                else
                        conn = Net::LDAP.new :host => @host,
                                             :port => @port,
                                             :base => base,
                                             :auth => {
                                                :method => :simple,
                                                :username => @dn,
                                                :password => @password.value
                                             }
                end

                # Handling binding exception
                if ! conn.bind
                        puts "Connection failed - code:  #{conn.get_operation_result.code}: #{conn.get_operation_result.message}"
                end

                # Instantiating a LDAP filter
                search_filter = Net::LDAP::Filter.from_rfc2254(filter)

                # Lauching LDAP request
                conn.search( :filter => search_filter, :attributes => attrs ) { |entry|
                        event = LogStash::Event.new
                        decorate(event)
                        entry.attribute_names.each { |attr|
                                # Changing attribute variable type returned by attribute_name method from Symbol to String
                                attr = attr.to_s
                                # Suppressing default dn attribute if not wanted
                                next if (/^dn$/ =~ attr)
                                values = entry[attr]
                                # Formatting sAMAccountName to match classic case
                                attr = "sAMAccountName" if attr == "samaccountname"
                                values = values.map { |value|
                                        (/[^[:print:]]/ =~ value).nil? ? value : Base64.strict_encode64(value)
                                }
                                # Populating event
                                event.set(attr,values)
                        }
                        # Adding event and sending to logstash for processing
                        queue << event
                }
                #Managing LDAP exception
                rescue Net::LDAP::Error => le
                        puts "Got LDAP error: #{le}"
                        exit
        end
        # finished
end