Make it possible to work without Nokogiri

Nokogiri is not a mandatory dependency for this plugin, so this should work without it. Currently, we need to install Nokogiri manually. Otherwise, the following LoadError occurs: <internal:/path/to/rubygems/core_ext/kernel_require.rb>:88:in `require': cannot load such file -- nokogiri (LoadError) from <internal:/path/to/rubygems/core_ext/kernel_require.rb>:88:in `require' from /path/to/gems/fluent-plugin-windows-eventlog-0.8.3/lib/fluent/plugin/bookmark_sax_parser.rb:1:in `<top (required)>' ... Signed-off-by: Daijiro Fukuda <[email protected]>
fluent · Jun 7, 2024 · 3238d55 · 3238d55
1 parent 5a294c5
commit 3238d55
Showing 1 changed file with 30 additions and 12 deletions.
diff --git a/lib/fluent/plugin/in_windows_eventlog2.rb b/lib/fluent/plugin/in_windows_eventlog2.rb
@@ -1,10 +1,16 @@
 require 'winevt'
 require 'fluent/plugin/input'
 require 'fluent/plugin'
-require_relative 'bookmark_sax_parser'
 
 module Fluent::Plugin
   class WindowsEventLog2Input < Input
+    begin
+      require_relative 'bookmark_sax_parser'
+      @@bookmark_parser_avaiable = true
+    rescue LoadError
+      @@bookmark_parser_avaiable = false
+    end
+
     Fluent::Plugin.register_input('windows_eventlog2', self)
 
     class ReconnectError < Fluent::UnrecoverableError; end
@@ -227,11 +233,16 @@ def clear_subscritpions
     end
 
     def subscription(ch, read_existing_events, remote_session)
-      bookmarkXml = @bookmarks_storage.get(ch) || ""
       bookmark = nil
-      if bookmark_validator(bookmarkXml, ch)
-        bookmark = Winevt::EventLog::Bookmark.new(bookmarkXml)
+      bookmarkXml = @bookmarks_storage.get(ch) || ""
+      unless bookmarkXml.empty?
+        if bookmark_valid?(bookmarkXml, ch)
+          bookmark = Winevt::EventLog::Bookmark.new(bookmarkXml)
+        else
+          log.warn "This stored bookmark is incomplete for using. Referring `read_existing_events` parameter to subscribe: #{bookmarkXml}, channel: #{ch}"
+        end
       end
+
       subscribe = Winevt::EventLog::Subscribe.new
       subscribe.read_existing_events = read_existing_events
       begin
@@ -258,19 +269,26 @@ def subscribe_channels(subscriptions)
       end
     end
 
-    def bookmark_validator(bookmarkXml, channel)
-      return false if bookmarkXml.empty?
+    def bookmark_valid?(bookmarkXml, channel)
+      if @@bookmark_parser_avaiable
+        bookmark_valid_strictly?(bookmarkXml, channel)
+      else
+        bookmarklist_is_not_empty?(bookmarkXml, channel)
+      end
+    end
 
+    def bookmark_valid_strictly?(bookmarkXml, channel)
       evtxml = WinevtBookmarkDocument.new
       parser = Nokogiri::XML::SAX::Parser.new(evtxml)
       parser.parse(bookmarkXml)
       result = evtxml.result
-      if !result.empty? && (result[:channel].downcase == channel.downcase) && result[:is_current]
-        true
-      else
-        log.warn "This stored bookmark is incomplete for using. Referring `read_existing_events` parameter to subscribe: #{bookmarkXml}, channel: #{channel}"
-        false
-      end
+      !result.empty? && (result[:channel].downcase == channel.downcase) && result[:is_current]
+    end
+
+    def bookmarklist_is_not_empty?(bookmarkXml, channel)
+      # Empty example: "<BookmarkList>\r\n</BookmarkList>"
+      # Not empty example: "<BookmarkList>\r\n  <Bookmark Channel='Setup' RecordId='777' IsCurrent='true'/>\r\n</BookmarkList>"
+      bookmarkXml.include?("Channel")
     end
 
     def escape_channel(ch)