As a requirement for large scale installations using hpfeeds logging e.g. for sissden.eu, I replaced the sensor_addr and sensor_port from the information I get from the socket in use. In case the host uses several IP addresses, glastopf now distinguishes between the destination IPs targeted.
Further, I added the http host header to the json, which might directly reveal the domain / IP accessed and split the source/sensor_ip and source/sensor_port in distinct fields for better processing using logstash. I still left the list [ source_addr, source_port ] for backward compatibility, just added fields.
I think this might also be of value for other users.
As a requirement for large scale installations using hpfeeds logging e.g. for sissden.eu, I replaced the
sensor_addrandsensor_portfrom the information I get from the socket in use. In case the host uses several IP addresses, glastopf now distinguishes between the destination IPs targeted.Further, I added the http host header to the json, which might directly reveal the domain / IP accessed and split the source/sensor_ip and source/sensor_port in distinct fields for better processing using logstash. I still left the list [ source_addr, source_port ] for backward compatibility, just added fields.
I think this might also be of value for other users.