added some complex fields to the log generator
This commit is contained in:
Spencer Alger
@ -135,6 +135,47 @@ function createIndex(indexName) {
|
|||||||
type: 'string',
|
type: 'string',
|
||||||
index: 'not_analyzed'
|
index: 'not_analyzed'
|
||||||
}
|
}
|
||||||
|
},
|
||||||
|
geo: {
|
||||||
|
properties: {
|
||||||
|
srcdst: {
|
||||||
|
type: 'string',
|
||||||
|
index: 'not_analyzed'
|
||||||
|
},
|
||||||
|
dst: {
|
||||||
|
type: 'string',
|
||||||
|
index: 'not_analyzed'
|
||||||
|
},
|
||||||
|
src: {
|
||||||
|
type: 'string',
|
||||||
|
index: 'not_analyzed'
|
||||||
|
},
|
||||||
|
coordinates: {
|
||||||
|
type: 'geo_point'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
},
|
||||||
|
meta: {
|
||||||
|
properties: {
|
||||||
|
related: {
|
||||||
|
type: 'string',
|
||||||
|
},
|
||||||
|
char: {
|
||||||
|
type: 'string',
|
||||||
|
index: 'not_analyzed'
|
||||||
|
},
|
||||||
|
user: {
|
||||||
|
properties: {
|
||||||
|
firstname: {
|
||||||
|
type: 'string',
|
||||||
|
},
|
||||||
|
lastname: {
|
||||||
|
type: 'integer',
|
||||||
|
index: 'not_analyzed'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -251,19 +292,25 @@ async.timesSeries(total, function (i, done) {
|
|||||||
var event = {};
|
var event = {};
|
||||||
|
|
||||||
event.index = indexName;
|
event.index = indexName;
|
||||||
event['@timestamp'] = dateAsIso;
|
event['@timestamp'] = dateAsIso;
|
||||||
event.ip = samples.ips();
|
event.ip = samples.ips();
|
||||||
event.extension = samples.extensions();
|
event.extension = samples.extensions();
|
||||||
event.response = samples.responseCodes();
|
event.response = samples.responseCodes();
|
||||||
event.country = samples.countries();
|
|
||||||
event.point = samples.airports();
|
event.geo = {
|
||||||
|
coordinates: samples.airports(),
|
||||||
|
src: samples.countries(),
|
||||||
|
dest: samples.countries()
|
||||||
|
};
|
||||||
|
event.geo.srcdest = event.geo.src + ':' + event.geo.dest;
|
||||||
|
|
||||||
event['@tags'] = [
|
event['@tags'] = [
|
||||||
samples.tags(),
|
samples.tags(),
|
||||||
samples.tags2()
|
samples.tags2()
|
||||||
];
|
];
|
||||||
event.utc_time = dateAsIso;
|
event.utc_time = dateAsIso;
|
||||||
event.referer = 'http://' + samples.referrers() + '/' + samples.tags() + '/' + samples.astronauts();
|
event.referer = 'http://' + samples.referrers() + '/' + samples.tags() + '/' + samples.astronauts();
|
||||||
event.agent = samples.userAgents();
|
event.agent = samples.userAgents();
|
||||||
event.clientip = event.ip;
|
event.clientip = event.ip;
|
||||||
event.bytes = event.response < 500 ? samples.lessRandomRespSize() : 0;
|
event.bytes = event.response < 500 ? samples.lessRandomRespSize() : 0;
|
||||||
event.request = '/' + samples.astronauts() + '.' + event.extension;
|
event.request = '/' + samples.astronauts() + '.' + event.extension;
|
||||||
@ -272,6 +319,22 @@ async.timesSeries(total, function (i, done) {
|
|||||||
}
|
}
|
||||||
event['@message'] = event.ip + ' - - [' + dateAsIso + '] "GET ' + event.request + ' HTTP/1.1" ' +
|
event['@message'] = event.ip + ' - - [' + dateAsIso + '] "GET ' + event.request + ' HTTP/1.1" ' +
|
||||||
event.response + ' ' + event.bytes + ' "-" "' + event.agent + '"';
|
event.response + ' ' + event.bytes + ' "-" "' + event.agent + '"';
|
||||||
|
event.spaces = 'this is a thing with lots of spaces wwwwoooooo';
|
||||||
|
event.xss = '<script>console.log("xss")</script>';
|
||||||
|
event.headings = [
|
||||||
|
'<h3>' + samples.astronauts() + '</h5>',
|
||||||
|
'http://' + samples.referrers() + '/' + samples.tags() + '/' + samples.astronauts()
|
||||||
|
];
|
||||||
|
event.links = [
|
||||||
|
samples.astronauts() + '@' + samples.referrers(),
|
||||||
|
'http://' + samples.referrers() + '/' + samples.tags2() + '/' + samples.astronauts(),
|
||||||
|
'www.' + samples.referrers()
|
||||||
|
];
|
||||||
|
|
||||||
|
event.machine = {
|
||||||
|
os: samples.randomOs(),
|
||||||
|
ram: samples.randomRam()
|
||||||
|
};
|
||||||
|
|
||||||
eventBuffer.push({
|
eventBuffer.push({
|
||||||
header: {
|
header: {
|
||||||
|
|||||||
@ -29,6 +29,9 @@ exports.make = function (startingMoment, endingMoment) {
|
|||||||
stdev: dayMs * 0.15,
|
stdev: dayMs * 0.15,
|
||||||
}, 'get');
|
}, 'get');
|
||||||
|
|
||||||
|
sets.randomRam = new RandomList(require('./ram'));
|
||||||
|
sets.randomOs = new RandomList(require('./os'));
|
||||||
|
|
||||||
sets.astronauts = new RandomList(require('./astronauts').map(function (name) {
|
sets.astronauts = new RandomList(require('./astronauts').map(function (name) {
|
||||||
return name.replace(/\W+/g, '-').toLowerCase();
|
return name.replace(/\W+/g, '-').toLowerCase();
|
||||||
}));
|
}));
|
||||||
|
|||||||
7
scripts/generate/logs/samples/os.js
Normal file
7
scripts/generate/logs/samples/os.js
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
module.exports = [
|
||||||
|
'osx',
|
||||||
|
'ios',
|
||||||
|
'win xp',
|
||||||
|
'win 7',
|
||||||
|
'win 8'
|
||||||
|
];
|
||||||
24
scripts/generate/logs/samples/ram.js
Normal file
24
scripts/generate/logs/samples/ram.js
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
var gb = 1024 * 1024 * 1024;
|
||||||
|
|
||||||
|
module.exports = [
|
||||||
|
2 * gb,
|
||||||
|
3 * gb,
|
||||||
|
4 * gb,
|
||||||
|
5 * gb,
|
||||||
|
6 * gb,
|
||||||
|
7 * gb,
|
||||||
|
8 * gb,
|
||||||
|
9 * gb,
|
||||||
|
10 * gb,
|
||||||
|
11 * gb,
|
||||||
|
12 * gb,
|
||||||
|
13 * gb,
|
||||||
|
14 * gb,
|
||||||
|
15 * gb,
|
||||||
|
16 * gb,
|
||||||
|
17 * gb,
|
||||||
|
18 * gb,
|
||||||
|
19 * gb,
|
||||||
|
20 * gb,
|
||||||
|
30 * gb,
|
||||||
|
];
|
||||||
Reference in New Issue
Block a user