cef 0.6.0 → 0.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. data/README.rdoc +46 -1
  2. data/Rakefile +2 -5
  3. data/VERSION +1 -1
  4. data/spec/cef_spec.rb +4 -11
  5. data/spec/spec_helper.rb +11 -0
  6. metadata +5 -6
  7. data/cef.gemspec +0 -69
data/README.rdoc CHANGED
@@ -1,6 +1,51 @@
1
1
  = cef
2
2
 
3
- Description goes here.
3
+ This is an implementation of the Common Event Formatting standard.
4
+
5
+ http://www.arcsight.com/solutions/solutions-cef/
6
+
7
+
8
+ Included is a library implementing a formatter/emitter and a client program
9
+ that can be called from a shell script or some other external source. The
10
+ library currently hardcodes the syslog format|priority if you choose to send
11
+ vi UDP to a receiver.
12
+
13
+ Most of the standard dictionary is implemented.
14
+ http://www.arcsight.com/collateral/CEFstandards.pdf
15
+
16
+ == Example API Usage
17
+
18
+
19
+ # instantiate a sender object
20
+ sender=CEF::Sender.new(
21
+ :receiver=>"loghost.mycompany.com",
22
+ :eventDefaults=>{
23
+ :deviceProduct => "MySnazzyLogger",
24
+ :deviceVendor => "My Company"
25
+ }
26
+ )
27
+ # instantiate an event
28
+ event=CEF::Event.new(
29
+ :sourceAddress => "192.168.1.1",
30
+ :destinationAddress => "192.168.1.2",
31
+ :name => "i think something happened"
32
+ )
33
+
34
+ # fire away!
35
+ sender.emit(e)
36
+
37
+ == Example client usage
38
+
39
+ cef_sender --receiver="myloghost.company.com"\
40
+ --deviceProduct="MySnazzyLogger" \
41
+ --deviceVendor="My Company" \
42
+ --sourceAddress="192.168.1.1" \
43
+ --destinationAddress="192.168.1.2" \
44
+ --name="i think something happened"
45
+
46
+ To see the supported event attributes:
47
+
48
+ cef_sender --schema
4
49
 
5
50
  == Contributing to cef
6
51
 
data/Rakefile CHANGED
@@ -15,13 +15,10 @@ Jeweler::Tasks.new do |gem|
15
15
  gem.name = "cef"
16
16
  gem.homepage = "http://github.com/ryanbreed/cef"
17
17
  gem.license = "MIT"
18
- gem.summary = %Q{CEF Generation }
19
- gem.description = %Q{Library and client }
18
+ gem.summary = %Q{ CEF Generation Library and Client }
19
+ gem.description = %Q{ format/send CEF logs via API+syslog or client program }
20
20
  gem.email = "opensource@breed.org"
21
21
  gem.authors = ["Ryan Breed"]
22
- # Include your dependencies below. Runtime dependencies are required when using your gem,
23
- # and development dependencies are only needed for development (ie running rake tasks, tests, etc)
24
- #gem.add_runtime_dependency 'escape', '~> 0.0.4'
25
22
  gem.add_development_dependency 'rspec', '~> 2.3.0'
26
23
  gem.files.include('VERSION')
27
24
  end
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.6.0
1
+ 0.6.1
data/spec/cef_spec.rb CHANGED
@@ -2,18 +2,11 @@ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
2
 
3
3
  describe "CEF Event Format" do
4
4
  it "should output a preamble" do
5
- test_prefix_vals={
6
- :deviceVendor => "breed",
7
- :deviceProduct => "CEF Sender",
8
- :deviceVersion => "0.1",
9
- :deviceEventClassId => "0:debug",
10
- :name => "test",
11
- :deviceSeverity => "1"
12
- }
5
+ prefix_vals=test_prefix_vals
13
6
  e=CEF::Event.new
14
- test_prefix_vals.each {|k,v| e.send("%s="%k,v) }
7
+ prefix_vals.each {|k,v| e.send("%s="%k,v) }
15
8
  s=CEF::Sender.new
16
- formatted=CEF::PREFIX_FORMAT % [ 131, *test_prefix_vals.values ]
17
- s.format_event(e) ==formatted
9
+ formatted=CEF::PREFIX_FORMAT % [ 131, *prefix_vals.values ]
10
+ s.format_event(e)==formatted
18
11
  end
19
12
  end
data/spec/spec_helper.rb CHANGED
@@ -10,3 +10,14 @@ Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
10
10
  RSpec.configure do |config|
11
11
 
12
12
  end
13
+
14
+ def test_prefix_vals
15
+ test_prefix_vals={
16
+ :deviceVendor => "breed",
17
+ :deviceProduct => "CEF Sender",
18
+ :deviceVersion => "0.1",
19
+ :deviceEventClassId => "0:debug",
20
+ :name => "test",
21
+ :deviceSeverity => "1"
22
+ }
23
+ end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cef
3
3
  version: !ruby/object:Gem::Version
4
- hash: 7
4
+ hash: 5
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 6
9
- - 0
10
- version: 0.6.0
9
+ - 1
10
+ version: 0.6.1
11
11
  platform: ruby
12
12
  authors:
13
13
  - Ryan Breed
@@ -96,7 +96,7 @@ dependencies:
96
96
  prerelease: false
97
97
  type: :development
98
98
  requirement: *id005
99
- description: "Library and client "
99
+ description: " format/send CEF logs via API+syslog or client program "
100
100
  email: opensource@breed.org
101
101
  executables:
102
102
  - cef_sender
@@ -114,7 +114,6 @@ files:
114
114
  - Rakefile
115
115
  - VERSION
116
116
  - bin/cef_sender
117
- - cef.gemspec
118
117
  - lib/cef.rb
119
118
  - spec/cef_spec.rb
120
119
  - spec/spec_helper.rb
@@ -151,7 +150,7 @@ rubyforge_project:
151
150
  rubygems_version: 1.5.2
152
151
  signing_key:
153
152
  specification_version: 3
154
- summary: CEF Generation
153
+ summary: CEF Generation Library and Client
155
154
  test_files:
156
155
  - spec/cef_spec.rb
157
156
  - spec/spec_helper.rb
data/cef.gemspec DELETED
@@ -1,69 +0,0 @@
1
- # Generated by jeweler
2
- # DO NOT EDIT THIS FILE DIRECTLY
3
- # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
4
- # -*- encoding: utf-8 -*-
5
-
6
- Gem::Specification.new do |s|
7
- s.name = %q{cef}
8
- s.version = "0.6.0"
9
-
10
- s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
- s.authors = ["Ryan Breed"]
12
- s.date = %q{2011-02-20}
13
- s.default_executable = %q{cef_sender}
14
- s.description = %q{Library and client }
15
- s.email = %q{opensource@breed.org}
16
- s.executables = ["cef_sender"]
17
- s.extra_rdoc_files = [
18
- "LICENSE.txt",
19
- "README.rdoc"
20
- ]
21
- s.files = [
22
- ".document",
23
- ".rspec",
24
- "Gemfile",
25
- "LICENSE.txt",
26
- "README.rdoc",
27
- "Rakefile",
28
- "VERSION",
29
- "bin/cef_sender",
30
- "cef.gemspec",
31
- "lib/cef.rb",
32
- "spec/cef_spec.rb",
33
- "spec/spec_helper.rb"
34
- ]
35
- s.homepage = %q{http://github.com/ryanbreed/cef}
36
- s.licenses = ["MIT"]
37
- s.require_paths = ["lib"]
38
- s.rubygems_version = %q{1.5.2}
39
- s.summary = %q{CEF Generation}
40
- s.test_files = [
41
- "spec/cef_spec.rb",
42
- "spec/spec_helper.rb"
43
- ]
44
-
45
- if s.respond_to? :specification_version then
46
- s.specification_version = 3
47
-
48
- if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
49
- s.add_development_dependency(%q<rspec>, ["~> 2.3.0"])
50
- s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
51
- s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
52
- s.add_development_dependency(%q<rcov>, [">= 0"])
53
- s.add_development_dependency(%q<rspec>, ["~> 2.3.0"])
54
- else
55
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
56
- s.add_dependency(%q<bundler>, ["~> 1.0.0"])
57
- s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
58
- s.add_dependency(%q<rcov>, [">= 0"])
59
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
60
- end
61
- else
62
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
63
- s.add_dependency(%q<bundler>, ["~> 1.0.0"])
64
- s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
65
- s.add_dependency(%q<rcov>, [">= 0"])
66
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
67
- end
68
- end
69
-