coralogix · eirikm · Oct 28, 2019 · Oct 28, 2019 · Oct 28, 2019
diff --git a/README.md b/README.md
@@ -54,6 +54,8 @@ output {
         }
         log_key_name => "message"
         timestamp_key_name => "@timestamp"
+        severity_key_name => "severity"
+        category_key_name => "category"
         is_json => true
     }
 }
@@ -92,6 +94,15 @@ Coralogix automatically generates the timestamp based on the log arrival time. I
 
 **Note:** We accepts only logs which are not older than `24 hours`.
 
+### Category
+
+This plugin puts everything in the category `CORALOGIX`. If you want to take control over which category is to be used, use the `category_key_name` to specify your category field.
+
+### Severity
+
+By default everything is sent as severity `DEBUG`. You can use a value in the incoming log entry to dictate which severity is to be used, use the `severity_key_name`. The valid log levels are:
+ `debug`, `verbose`, `info`, `warning`, `error`, `critical`. Values other than this ends up as debug
+
 ### JSON support
 
 In case your raw log message is a JSON object you should set `is_json` key to a **true** value, otherwise you can ignore it.
@@ -113,4 +124,4 @@ output {
         } 
     }
 }
-```
+```
diff --git a/lib/logstash/outputs/coralogix.rb b/lib/logstash/outputs/coralogix.rb
@@ -14,6 +14,8 @@ class LogStash::Outputs::Coralogix < LogStash::Outputs::Base
   config :config_params, :validate => :hash, :required => true
   config :timestamp_key_name, :validate => :string, :required => false
   config :log_key_name, :validate => :string, :required => false
+  config :severity_key_name, :validate => :string, :required => false
+  config :category_key_name, :validate => :string, :required => false
   config :is_json, :validate => :boolean, :required => false
   config :force_compression, :validate => :boolean, :required => false, :default => false
   config :debug, :validate => :boolean, :required => false, :default => false
@@ -35,21 +37,41 @@ class LogStash::Outputs::Coralogix < LogStash::Outputs::Base
       log_record = log_record.to_s.empty? ? record : log_record
 
       timestamp = record.fetch(timestamp_key_name, nil)
+      severity = record.fetch(severity_key_name, nil)
+      category = record.fetch(category_key_name, nil)
+
       if (timestamp.nil?)
-        logger.debug log_record
+        log logger, severity, category, log_record
       else
         begin
           float_timestamp = DateTime.parse(timestamp.to_s).to_time.to_f * 1000
-          logger.debug log_record, nil, timestamp: float_timestamp
+          log logger, severity, category, log_record, timestamp: float_timestamp
         rescue Exception => e
-          logger.debug log_record
+          log logger, severity, category, log_record
         end
       end
     end
 
     return 1
   end
 
+  def log(logger, severity, category, log_record, timestamp = {})
+    case severity
+    when "critical"
+      logger.critical log_record, category, timestamp
+    when "error"
+      logger.error log_record, category, timestamp
+    when "warning"
+      logger.warning log_record, category, timestamp
+    when "info"
+      logger.info log_record, category, timestamp
+    when "verbose"
+      logger.verbose log_record, category, timestamp
+    else
+      logger.debug log_record, category, timestamp
+    end
+  end
+
   def version?
     begin
       Gem.loaded_specs['logstash-output-coralogix'].version.to_s

diff --git a/spec/outputs/coralogix_spec.rb b/spec/outputs/coralogix_spec.rb
@@ -1,6 +1,6 @@
 # encoding: utf-8
 require "logstash/devutils/rspec/spec_helper"
-require "logstash/outputs/coralogix_logger"
+require "logstash/outputs/coralogix"
 require "logstash/codecs/plain"
 require "logstash/event"