Skip to content

Commit

Permalink
[azure] Add new source types and other cleanup (#354)
Browse files Browse the repository at this point in the history 
* inital commit for new sources

* update tests and replace allSettled

* make empty string checking a bit more clear

* handle trailing slash
  • Loading branch information
@claudiadadamo @DylanLovesCoffee
claudiadadamo authored and DylanLovesCoffee committed Oct 1, 2020
1 parent 5dafc09 commit f5460b1
Show file tree
Hide file tree
Showing 2 changed files with 165 additions and 38 deletions.
67 changes: 43 additions & 24 deletions azure/activity_logs_monitoring/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,7 @@ class EventhubLogForwarder {
}

addTagsToJsonLog(record) {
var metadata = this.extractResourceId(record);
var metadata = this.extractMetadataFromResource(record);
record['ddsource'] = metadata.source || DD_SOURCE;
record['ddsourcecategory'] = DD_SOURCE_CATEGORY;
record['service'] = DD_SERVICE;
Expand All @@ -225,39 +225,58 @@ class EventhubLogForwarder {
return this.addTagsToJsonLog(jsonLog);
}

extractResourceId(record) {
formatSourceType(sourceType) {
if (sourceType.includes('microsoft.')) {
return sourceType.replace('microsoft.', 'azure.');
} else {
return '';
}
}

extractMetadataFromResource(record) {
var metadata = { tags: [], source: '' };
if (
record.resourceId === undefined ||
typeof record.resourceId !== 'string'
) {
return metadata;
} else if (
record.resourceId.toLowerCase().startsWith('/subscriptions/')
) {
var resourceId = record.resourceId.toLowerCase().split('/');
if (resourceId.length > 2) {
metadata.tags.push('subscription_id:' + resourceId[2]);
}
var resourceId = record.resourceId.toLowerCase().split('/');
if (resourceId[0] === '') {
resourceId = resourceId.slice(1);
}
if (resourceId[resourceId.length - 1] === '') {
resourceId.pop();
}

if (resourceId[0] === 'subscriptions') {
if (resourceId.length > 1) {
metadata.tags.push('subscription_id:' + resourceId[1]);
if (resourceId.length == 2) {
metadata.source = 'azure.subscription';
return metadata;
}
}
if (resourceId.length > 4) {
metadata.tags.push('resource_group:' + resourceId[4]);
if (resourceId.length > 3) {
metadata.tags.push('resource_group:' + resourceId[3]);
if (resourceId.length == 4) {
metadata.source = 'azure.resourcegroup';
return metadata;
}
}
if (resourceId.length > 6 && resourceId[6]) {
metadata.source = resourceId[6].replace('microsoft.', 'azure.');
if (resourceId.length > 5 && resourceId[5]) {
metadata.source = this.formatSourceType(resourceId[5]);
}
return metadata;
} else if (record.resourceId.toLowerCase().startsWith('/tenants/')) {
var resourceId = record.resourceId.toLowerCase().split('/');
if (resourceId.length > 4 && resourceId[4]) {
metadata.tags.push('tenant:' + resourceId[2]);
metadata.source = resourceId[4]
.replace('microsoft.', 'azure.')
.replace('aadiam', 'activedirectory');
} else if (resourceId[0] === 'tenants') {
if (resourceId.length > 3 && resourceId[3]) {
metadata.tags.push('tenant:' + resourceId[1]);
metadata.source = this.formatSourceType(resourceId[3]).replace(
'aadiam',
'activedirectory'
);
}
return metadata;
} else {
return metadata;
}
return metadata;
}
}

Expand All @@ -272,7 +291,7 @@ module.exports = async function(context, eventHubMessages) {
eventHubMessages
);

return Promise.allSettled(promises);
return Promise.all(promises.map(p => p.catch(e => e)));
};

module.exports.forTests = {
Expand Down
136 changes: 122 additions & 14 deletions azure/test/client.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ describe('Azure Log Monitoring', function() {
});
});

describe('#extractResourceId', function() {
describe('#extractMetadataFromResource', function() {
beforeEach(function() {
this.forwarder = setUp();
});
Expand All @@ -110,14 +110,48 @@ describe('Azure Log Monitoring', function() {
};
assert.deepEqual(
expectedMetadata,
this.forwarder.extractResourceId(record)
this.forwarder.extractMetadataFromResource(record)
);
});
it('should parse a valid record without provider', function() {
it('should parse a valid resource group resource', function() {
record = {
resourceId:
'/SUBSCRIPTIONS/12345678-1234-ABCD-1234-1234567890AB/RESOURCEGROUPS/SOME-RESOURCE-GROUP'
};
expectedMetadata = {
tags: [
'subscription_id:12345678-1234-abcd-1234-1234567890ab',
'resource_group:some-resource-group'
],
source: 'azure.resourcegroup'
};
assert.deepEqual(
expectedMetadata,
this.forwarder.extractMetadataFromResource(record)
);
});
it('should parse a valid resource group resource ending slash', function() {
record = {
resourceId:
'/SUBSCRIPTIONS/12345678-1234-ABCD-1234-1234567890AB/RESOURCEGROUPS/SOME-RESOURCE-GROUP/'
};
expectedMetadata = {
tags: [
'subscription_id:12345678-1234-abcd-1234-1234567890ab',
'resource_group:some-resource-group'
],
source: 'azure.resourcegroup'
};
assert.deepEqual(
expectedMetadata,
this.forwarder.extractMetadataFromResource(record)
);
});
it('should parse a valid record without provider length 5', function() {
record = {
resourceId:
'/SUBSCRIPTIONS/12345678-1234-ABCD-1234-1234567890AB/RESOURCEGROUPS/SOME-RESOURCE-GROUP/ffffff'
};
expectedMetadata = {
tags: [
'subscription_id:12345678-1234-abcd-1234-1234567890ab',
Expand All @@ -127,45 +161,73 @@ describe('Azure Log Monitoring', function() {
};
assert.deepEqual(
expectedMetadata,
this.forwarder.extractResourceId(record)
this.forwarder.extractMetadataFromResource(record)
);
});
it('should parse a valid record without provider and resource group', function() {
it('should parse a valid subscription type resource', function() {
record = {
resourceId:
'/SUBSCRIPTIONS/12345678-1234-ABCD-1234-1234567890AB'
};
expectedMetadata = {
tags: ['subscription_id:12345678-1234-abcd-1234-1234567890ab'],
source: 'azure.subscription'
};
assert.deepEqual(
expectedMetadata,
this.forwarder.extractMetadataFromResource(record)
);
});
it('should parse a valid subscription type resource ending slash', function() {
record = {
resourceId:
'/SUBSCRIPTIONS/12345678-1234-ABCD-1234-1234567890AB/'
};
expectedMetadata = {
tags: ['subscription_id:12345678-1234-abcd-1234-1234567890ab'],
source: 'azure.subscription'
};
assert.deepEqual(
expectedMetadata,
this.forwarder.extractMetadataFromResource(record)
);
});
it('should parse a valid record without provider and resource group length 3', function() {
record = {
resourceId:
'/SUBSCRIPTIONS/12345678-1234-ABCD-1234-1234567890AB/ffffff'
};
expectedMetadata = {
tags: ['subscription_id:12345678-1234-abcd-1234-1234567890ab'],
source: ''
};
assert.deepEqual(
expectedMetadata,
this.forwarder.extractResourceId(record)
this.forwarder.extractMetadataFromResource(record)
);
});
it('should not fail on record without resourceId', function() {
record = { key: 'value' };
expectedMetadata = { tags: [], source: '' };
assert.deepEqual(
expectedMetadata,
this.forwarder.extractResourceId(record)
this.forwarder.extractMetadataFromResource(record)
);
});
it('should not fail on string record', function() {
record = { key: 'value' };
expectedMetadata = { tags: [], source: '' };
assert.deepEqual(
expectedMetadata,
this.forwarder.extractResourceId(record)
this.forwarder.extractMetadataFromResource(record)
);
});
it('should not fail on improper resourceId', function() {
record = { resourceId: 'foo/bar' };
expectedMetadata = { tags: [], source: '' };
assert.deepEqual(
expectedMetadata,
this.forwarder.extractResourceId(record)
this.forwarder.extractMetadataFromResource(record)
);
});
it('should not fail with an invalid source', function() {
Expand All @@ -182,7 +244,41 @@ describe('Azure Log Monitoring', function() {
};
assert.deepEqual(
expectedMetadata,
this.forwarder.extractResourceId(record)
this.forwarder.extractMetadataFromResource(record)
);
});
it('should return empty source when not correct source format', function() {
record = {
resourceId:
'/SUBSCRIPTIONS/12345678-1234-ABCD-1234-1234567890AB/RESOURCEGROUPS/SOME-RESOURCE-GROUP/PROVIDERS/NOTTHESAMEFORMAT/VIRTUALMACHINES/SOME-VM'
};
expectedMetadata = {
tags: [
'subscription_id:12345678-1234-abcd-1234-1234567890ab',
'resource_group:some-resource-group'
],
source: ''
};
assert.deepEqual(
expectedMetadata,
this.forwarder.extractMetadataFromResource(record)
);
});
it('should handle when first element of resource id list is not empty', function() {
record = {
resourceId:
'SUBSCRIPTIONS/12345678-1234-ABCD-1234-1234567890AB/RESOURCEGROUPS/SOME-RESOURCE-GROUP/PROVIDERS/NOTTHESAMEFORMAT/VIRTUALMACHINES/SOME-VM'
};
expectedMetadata = {
tags: [
'subscription_id:12345678-1234-abcd-1234-1234567890ab',
'resource_group:some-resource-group'
],
source: ''
};
assert.deepEqual(
expectedMetadata,
this.forwarder.extractMetadataFromResource(record)
);
});
});
Expand All @@ -209,10 +305,7 @@ describe('Azure Log Monitoring', function() {
it('should handle string properly', function() {
log = 'hello';
expected = ['hello'];
assert.equal(
this.forwarder.getLogFormat(log),
constants.STRING
);
assert.equal(this.forwarder.getLogFormat(log), constants.STRING);
testHandleStringLogs(this.forwarder, log, expected);
});

Expand Down Expand Up @@ -328,4 +421,19 @@ describe('Azure Log Monitoring', function() {
testHandleStringLogs(this.forwarder, log, expected);
});
});
describe('#formatSourceType', function() {
beforeEach(function() {
this.forwarder = setUp();
});
it('should replace microsoft with azure', function() {
expected = 'azure.bleh';
actual = this.forwarder.formatSourceType('microsoft.bleh');
assert.equal(actual, expected);
});
it('should return empty source', function() {
expected = '';
actual = this.forwarder.formatSourceType('something');
assert.equal(actual, expected);
});
});
});

0 comments on commit f5460b1

Please sign in to comment.