bro_ids-dns-log 0.0.1

data/.gitignore

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/README.txt

@@ -0,0 +1 @@
+TODO: Make a readme

data/Rakefile

@@ -0,0 +1 @@
+require "bundler/gem_tasks"

data/bro_ids-dns-log.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require 'bro_ids/dns/log/version'
+
+Gem::Specification.new do |s|
+  s.name        = "bro_ids-dns-log"
+  s.version     = BroIds::Dns::Log::VERSION
+  s.authors     = ["Elliott Cutright"]
+  s.email       = ["elliott.cutright@gmail.com"]
+  s.homepage    = ""
+  s.summary     = %q{Ruby Gem for Parsing Bro IDS DNS Logs}
+  s.description = %q{Ruby Gem for Parsing Bro IDS DNS Logs}
+
+  s.rubyforge_project = "bro_ids-dns-log"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  # specify any dependencies here; for example:
+  # s.add_development_dependency "rspec"
+  # s.add_runtime_dependency "rest-client"
+end

data/lib/bro_ids/dns/log.rb

@@ -0,0 +1,2 @@
+require 'bro_ids/dns/log/log'
+require 'bro_ids/dns/log/version'

data/lib/bro_ids/dns/log/log.rb

@@ -0,0 +1,53 @@
+require "bro_ids/dns/log/version"
+
+module BroIds
+  module Dns
+    module Log
+      def self.parse(filename, &block)
+        parse_file(filename, &block)
+      end
+
+      private
+        def self.parse_line(line)
+          m =  line.split(' ')
+          if m
+          {:timestamp     => m[0],
+           :uid           => m[1],
+           :id_orig_h     => m[2],
+           :id_orig_p     => m[3],
+           :id_resp_h     => m[4],
+           :id_resp_p     => m[5],
+           :proto         => m[6],
+           :trans_id      => m[7],
+           :query         => m[8],
+           :qclass        => m[9],
+           :qclass_name   => m[10],
+           :qtype         => m[11],
+           :qtype_name    => m[12],
+           :rcode         => m[13],
+           :rcode_name    => m[14],
+           :qr            => m[15],
+           :aa            => m[16],
+           :tc            => m[17],
+           :rd            => m[18],
+           :ra            => m[19],
+           :z             => m[20],
+           :answers       => m[21],
+           :ttls          => m[22]}
+        else
+          {}
+        end
+      end
+
+      def self.parse_file(filename, &block)
+        File.foreach(filename) do |line|
+          unless line =~ /^\#/
+            parsed = parse_line(line)
+            yield parsed
+          end
+        end
+      end
+    end
+  end
+end
+

data/lib/bro_ids/dns/log/version.rb

@@ -0,0 +1,7 @@
+module BroIds
+  module Dns
+    module Log
+      VERSION = "0.0.1"
+    end
+  end
+end

metadata

@@ -0,0 +1,52 @@
+--- !ruby/object:Gem::Specification
+name: bro_ids-dns-log
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+  prerelease: 
+platform: ruby
+authors:
+- Elliott Cutright
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2012-01-31 00:00:00.000000000Z
+dependencies: []
+description: Ruby Gem for Parsing Bro IDS DNS Logs
+email:
+- elliott.cutright@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- README.txt
+- Rakefile
+- bro_ids-dns-log.gemspec
+- lib/bro_ids/dns/log.rb
+- lib/bro_ids/dns/log/log.rb
+- lib/bro_ids/dns/log/version.rb
+homepage: ''
+licenses: []
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: bro_ids-dns-log
+rubygems_version: 1.8.10
+signing_key: 
+specification_version: 3
+summary: Ruby Gem for Parsing Bro IDS DNS Logs
+test_files: []