Created
February 14, 2018 09:02
-
-
Save cite/0a6d594bc019874aa8f41f4c963dcfca to your computer and use it in GitHub Desktop.
ES aliases
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
group_attrs = ["name", "member"] | |
group_base = "<%= @ldap_linux_groupbase -%>" | |
user_filter = Net::LDAP::Filter.present("sAMAccountName") | |
user_attrs = ["sAMAccountName"] | |
ldap.search(:base => group_base, :filter => group_filter, :attributes => group_attrs) do |group| | |
if mapping[group.name.first] | |
groupright = mapping[group.name.first] | |
group.member.each do |member| | |
ldap.search(:base => member, :filter => user_filter, :attributes => user_attrs) do |user| | |
if !rights[user.sAMAccountName.first] | |
rights[user.sAMAccountName.first] = [] | |
end | |
rights[user.sAMAccountName.first] = groupright + rights[user.sAMAccountName.first] | |
end | |
end | |
end | |
end | |
# clean aliases | |
aliases = Hashie::Mash.new es.indices.get_aliases | |
aliases.each_pair do |index,aliases| | |
# Match the all the Logstash indexes and get the Logstash | |
# date stamp from the index name. | |
matches = /logstash-(\d{4}.\d{2}.\d{2})/.match index | |
if matches | |
# generate all user aliases | |
rights.keys.each do |user| | |
aliasName = "logstash-#{matches[1]}-#{user}" | |
begin | |
es.indices.delete_alias(:index => index, :name => aliasName) | |
rescue | |
# if we are unable to delete an alias, the world will not end, so ignore | |
end | |
begin | |
es.indices.put_alias( | |
:index => index, | |
:name => aliasName, | |
:body => { | |
'filter' => { | |
'terms' => { | |
'type' => rights[user] | |
} | |
} | |
} | |
) | |
rescue StandardError => e | |
# this might very well be fatal :) | |
puts "Failed to create alias #{aliasName}. Error was:" | |
puts e.message | |
puts e.backtrace.inspect | |
end | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment