cef 0.8.0 → 0.9.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: a5c18c726620c28b573ae7eb85cc84052f4039a7
+  data.tar.gz: 23f318734a39e5f1e4638efaba8b6baa36d755cf
+SHA512:
+  metadata.gz: 0ff31a6a533775eba16570a6637154e3a584152bcb46ff67004f1b0d408faa26648351b8597b0dd47972f66c7b62e8787c745094f5fc037357db05d24305f7ec
+  data.tar.gz: b06eaa392dc7ed43dd9b2849ac7bd1de151665c225ba69e568f50e291709ffd41532eaa4203699918b43c73b165dcfd467efbf6bf6d2004fb016ed9a3e4bc509

data/.gitignore

@@ -0,0 +1,18 @@
+.env
+*.gem
+*.rbc
+.bundle
+.config
+.yardoc
+Gemfile.lock
+InstalledFiles
+_yardoc
+coverage
+doc/
+lib/bundler/man
+pkg
+rdoc
+spec/reports
+test/tmp
+test/version_tmp
+tmp

data/.rspec

@@ -1 +1 @@
---color
+--color --format documentation --backtrace --warnings -I lib -r ./lib/cef.rb

data/Gemfile

@@ -1,13 +1,2 @@
-source "http://rubygems.org"
-# Add dependencies required to use your gem here.
-# Example:
-#   gem "activesupport", ">= 2.3.5"
-
-# Add dependencies to develop your gem here.
-# Include everything needed to run rake, tests, features, etc.
-group :development do
-  gem "rspec", "~> 2.3.0"
-  gem "bundler", "~> 1.0.0"
-  gem "jeweler", "~> 1.5.2"
-  gem "rcov", ">= 0"
-end
+source "https://rubygems.org"
+gemspec

data/Guardfile

@@ -0,0 +1,15 @@
+# A sample Guardfile
+# More info at https://github.com/guard/guard#readme
+
+guard :bundler do
+  watch('Gemfile')
+  # Uncomment next line if your Gemfile contains the `gemspec' command.
+  watch(/^.+\.gemspec/)
+end
+
+guard :rspec do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/(.+)\.rb$})     { |m| "spec/lib/#{m[1]}_spec.rb" }
+  watch('spec/spec_helper.rb')  { "spec" }
+end
+

data/Rakefile

@@ -1,54 +1 @@
-require 'rubygems'
-require 'bundler'
-begin
-  Bundler.setup(:default, :development)
-rescue Bundler::BundlerError => e
-  $stderr.puts e.message
-  $stderr.puts "Run `bundle install` to install missing gems"
-  exit e.status_code
-end
-require 'rake'
-
-require 'jeweler'
-Jeweler::Tasks.new do |gem|
-  # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
-  gem.name = "cef"
-  gem.homepage = "http://github.com/ryanbreed/cef"
-  gem.license = "MIT"
-  gem.summary = %Q{ CEF Generation Library and Client }
-  gem.description = %Q{ format/send CEF logs via API+syslog or client program }
-  gem.email = "opensource@breed.org"
-  gem.authors = ["Ryan Breed"]
-  gem.add_development_dependency 'rspec', '~> 2.3.0'
-  gem.files.include('VERSION')
-end
-Jeweler::RubygemsDotOrgTasks.new
-
-require 'rspec/core'
-require 'rspec/core/rake_task'
-RSpec::Core::RakeTask.new(:spec) do |spec|
-  spec.pattern = FileList['spec/**/*_spec.rb']
-end
-
-RSpec::Core::RakeTask.new(:rcov) do |spec|
-  spec.pattern = 'spec/**/*_spec.rb'
-  spec.rcov = true
-end
-
-task :default => :spec
-
-require 'rake/rdoctask'
-Rake::RDocTask.new do |rdoc|
-  version = File.exist?('VERSION') ? File.read('VERSION') : ""
-
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title = "cef #{version}"
-  rdoc.rdoc_files.include('README*')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
-
-task 'clean' do |t|
-  FileUtils.rm_f(Dir.glob(('{coverage,pkg}/*')))
-  FileUtils.rm_f(Dir.glob(('Gemfile.lock')))
-  %w{ coverage pkg }.each {|d| Dir.rmdir(d) if File.exists?(d)}
-end
+require 'bundler/gem_tasks'

data/VERSION

@@ -1 +1 @@
-0.8.0
+0.8.1

data/cef.gemspec

@@ -1,74 +1,37 @@
-# Generated by jeweler
-# DO NOT EDIT THIS FILE DIRECTLY
-# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
 
-Gem::Specification.new do |s|
-  s.name = %q{cef}
-  s.version = "0.8.0"
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'cef/version'
 
-  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
-  s.authors = ["Ryan Breed"]
-  s.date = %q{2011-03-30}
-  s.default_executable = %q{cef_sender}
-  s.description = %q{ format/send CEF logs via API+syslog or client program }
-  s.email = %q{opensource@breed.org}
-  s.executables = ["cef_sender"]
-  s.extra_rdoc_files = [
-    "LICENSE.txt",
-    "README.rdoc"
-  ]
-  s.files = [
-    ".document",
-    ".rspec",
-    "Gemfile",
-    "LICENSE.txt",
-    "README.rdoc",
-    "Rakefile",
-    "VERSION",
-    "bin/cef_sender",
-    "cef.gemspec",
-    "lib/cef.rb",
-    "lib/cef/constants.rb",
-    "lib/cef/event.rb",
-    "lib/cef/file_logger.rb",
-    "lib/cef/parser.rb",
-    "lib/cef/sender.rb",
-    "spec/cef_spec.rb",
-    "spec/spec_helper.rb"
-  ]
-  s.homepage = %q{http://github.com/ryanbreed/cef}
-  s.licenses = ["MIT"]
-  s.require_paths = ["lib"]
-  s.rubygems_version = %q{1.5.2}
-  s.summary = %q{CEF Generation Library and Client}
-  s.test_files = [
-    "spec/cef_spec.rb",
-    "spec/spec_helper.rb"
-  ]
+Gem::Specification.new do |spec|
+  spec.name    = "cef"
+  spec.version = CEF::VERSION
 
-  if s.respond_to? :specification_version then
-    s.specification_version = 3
+  spec.authors     = ["Ryan Breed"]
+  spec.date        = "2011-03-30"
+  spec.description = %q{ format/send CEF logs via API+syslog or client program }
+  spec.summary     = %q{ CEF Generation Library and Client }
+  spec.email       = %q{ opensource@breed.org }
 
-    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-      s.add_development_dependency(%q<rspec>, ["~> 2.3.0"])
-      s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
-      s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
-      s.add_development_dependency(%q<rcov>, [">= 0"])
-      s.add_development_dependency(%q<rspec>, ["~> 2.3.0"])
-    else
-      s.add_dependency(%q<rspec>, ["~> 2.3.0"])
-      s.add_dependency(%q<bundler>, ["~> 1.0.0"])
-      s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
-      s.add_dependency(%q<rcov>, [">= 0"])
-      s.add_dependency(%q<rspec>, ["~> 2.3.0"])
-    end
-  else
-    s.add_dependency(%q<rspec>, ["~> 2.3.0"])
-    s.add_dependency(%q<bundler>, ["~> 1.0.0"])
-    s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
-    s.add_dependency(%q<rcov>, [">= 0"])
-    s.add_dependency(%q<rspec>, ["~> 2.3.0"])
-  end
+  spec.extra_rdoc_files = [ "LICENSE.txt", "README.rdoc" ]
+  spec.homepage         = "http://github.com/ryanbreed/cef"
+  spec.licenses         = ["MIT"]
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  spec.require_paths    = ["lib"]
+
+  spec.add_dependency "chronic"
+  spec.add_development_dependency "rspec"
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "simplecov"
+  spec.add_development_dependency "pry"
+  spec.add_development_dependency "guard"
+  spec.add_development_dependency "guard-rspec"
+  spec.add_development_dependency "guard-bundler"
 end
 

data/lib/cef.rb

@@ -1,10 +1,11 @@
+require 'chronic'
+require 'socket'
+require 'cef/version'
+require 'cef/constants'
+require 'cef/constants'
+require 'cef/event'
+require 'cef/sender'
+require 'cef/file_logger'
+
 module CEF
-  require 'socket'
-  require 'parsedate'
-  require 'cef/constants'
-  require 'cef/event'
-  require 'cef/sender'
-  require 'cef/file_logger'
 end
-
-

data/lib/cef/constants.rb

@@ -1,17 +1,18 @@
 module CEF
-  PREFIX_FORMAT="<%d>%s %s CEF:0|%s|%s"
-  VERSION=File.read(File.join(File.expand_path(File.dirname(__FILE__)),'..','..','VERSION'))
+  SEVERITY_LOW="1"
+
+  LOG_FORMAT="<%d>%s %s CEF:0|%s|%s"
   LOG_TIME_FORMAT="%b %d %Y %H:%M:%S"
 
   # CEF Dictionary
   # CEF Prefix attributes
   PREFIX_ATTRIBUTES = {
     :deviceVendor       => "deviceVendor",
-    :deviceVersion      => "deviceVersion",
     :deviceProduct      => "deviceProduct",
+    :deviceVersion      => "deviceVersion",
+    :deviceEventClassId => "deviceEventClassId",
     :name               => "name",
-    :deviceSeverity     => "deviceSeverity",
-    :deviceEventClassId => "deviceEventClassId"
+    :deviceSeverity     => "deviceSeverity"
   }
 
   # these are the basic extension attributes. implementing others is as

data/lib/cef/event.rb

@@ -1,6 +1,6 @@
 module CEF
   class Event
-    attr_accessor :my_hostname, :syslog_pri, :event_time
+    attr_accessor :syslog_pri, :event_time, :my_hostname
     # set up accessors for all of the CEF event attributes. ruby meta magic.
     CEF::ATTRIBUTES.each do |k,v|
       self.instance_eval do
@@ -14,33 +14,36 @@ module CEF
   
     # so we can CEF::Event.new(:foo=>"bar")
     def initialize( *params )
-      Hash[*params].each { |k,v| self.send("%s="%k,v) }
-
-      @my_hostname ||= Socket::gethostname
+      @event_time         = Time.new
+      @deviceVendor       = "breed.org"
+      @deviceProduct      = "CEF"
+      @deviceVersion      = CEF::VERSION
+      @deviceEventClassId = "0:event"
+      @deviceSeverity     = CEF::SEVERITY_LOW
+      @name               = "unnamed event"
       # used to avoid requiring syslog.h on windoze
       #syslog_pri= Syslog::LOG_LOCAL0 | Syslog::LOG_NOTICE
-      @syslog_pri  ||= 131
+      @syslog_pri         = 131
+      @my_hostname        = Socket::gethostname
       @other_attrs={}
       @additional={}
+      Hash[*params].each { |k,v| self.send("%s="%k,v) }
+      yield self if block_given?
+      self
     end
   
     # returns a cef formatted string
-    def format_cef
-      log_time=nil
-      if event_time.nil?
-        log_time=Time.new.strftime(CEF::LOG_TIME_FORMAT)
-      else
-        log_time=event_time.strftime(CEF::LOG_TIME_FORMAT)
-      end
-
-      cef_message=CEF::PREFIX_FORMAT % [
+    def to_s
+      log_time=event_time.strftime(CEF::LOG_TIME_FORMAT)
+      
+      cef_message=sprintf(
+        CEF::LOG_FORMAT,
         syslog_pri.to_s,
-        my_hostname,
         log_time,
+        my_hostname,
         format_prefix,
         format_extension
-      ]
-      cef_message
+      )
     end
 
     # used for non-schema fields
@@ -51,83 +54,101 @@ module CEF
       @additional[k]
     end
 
-    private
+    #private
       # make a guess as to how the time was set. parse strings and convert
       # them to epoch milliseconds, or leave it alone if it looks like a number
       # bigger than epoch milliseconds when i wrote this.
       def time_convert(val)
-        converted=nil
-        #puts "converting time for #{val.class.to_s}/#{val}"
-        case val.class.to_s
-          when "String"
-            begin
+             
+        converted=case val
+          when String
+            if val.match(%r{\A[0-9]+\Z})
               converted=val.to_i
-            rescue
-              res=ParseDate.parsedate(val)
-              converted=Time.local(*res).to_i * 1000
+            else
+              res=Chronic.parse(val)
+              converted=Time.at(res).to_i * 1000
             end
-          when "Integer","Bignum"
+          when Integer,Bignum
             if val < 1232589621000 #Wed Jan 21 20:00:21 -0600 2009
-              converted=val * 1000
+              val * 1000
             else
-              converted=val
+              val
             end
           end
-        converted
+        
       end
 
       # escape only pipes and backslashes in the prefix. you bet your sweet
       # ass there's a lot of backslashes in the substitution. you can thank
       # the three levels of lexical analysis/substitution in the ruby interpreter
       # for that.
-      def prefix_escape(val)
-        val.gsub(/(\||\\)/,'\\\\\&')
+
+      def escape_prefix_value(val)
+        escapes={
+          %r{(\||\\)} => '\\\\\&'
+        }
+        escapes.reduce(val) do|memo,replace|
+          memo=memo.gsub(*replace)
+        end
       end
 
       # only equals signs need to be escaped in the extension. i think.
       # TODO: something in the spec about \n and some others.
-      def extension_escape(val)
-        val.gsub(/=/,'\=').gsub(/\n/,' ').gsub(/\\/,'\\')
+      def escape_extension_value(val)
+        escapes = {
+          %r{=}  => '\=',
+          %r{\n} => ' ',
+          %r{\\} => '\\'
+        }
+        escapes.reduce(val) do |memo,replace|
+          memo=memo.gsub(*replace)
+        end
       end
 
       # returns a pipe-delimeted list of prefix attributes
       def format_prefix
-        vendor=  self.deviceVendor       || "Breed"
-        product= self.deviceProduct      || "CEF Sender"
-        version= self.deviceVersion      || CEF::VERSION
-        declid=  self.deviceEventClassId || "generic:0"
-        name=    self.name               || "Generic Event"
-        sev=     self.deviceSeverity     || "1"
-        cef_prefix="%s|%s|%s|%s|%s|%s" % [
-          prefix_escape(vendor),
-          prefix_escape(product),
-          prefix_escape(version),
-          prefix_escape(declid),
-          prefix_escape(name),
-          prefix_escape(sev),
-        ]
+        values  = CEF::PREFIX_ATTRIBUTES.keys.map {|k| self.send(k) }
+        escaped = values.map do |value|
+          escape_prefix_value(value)
+        end
+        escaped.join('|')
+
       end
 
       # returns a space-delimeted list of attribute=value pairs for all optionals
       def format_extension
-        avpairs=[]
-        CEF::EXTENSION_ATTRIBUTES.each do |attribute,shortname|
-          unless self.send(attribute).nil?
-            avpairs.push(
-              "%s=%s" % [ shortname, extension_escape(self.send(attribute)) ]
-            )
-          end
+        
+        extensions=CEF::EXTENSION_ATTRIBUTES.keys.map do |meth|
+          value=self.send(meth)
+          next if value.nil?
+          shortname=CEF::EXTENSION_ATTRIBUTES[meth]
+          [shortname,value].join("=")
         end
 
         # make sure time comes out as milliseconds since epoch
-        CEF::TIME_ATTRIBUTES.each do |attribute,shortname|
-          unless self.send(attribute).nil?
-            avpairs.push(
-              "%s=%s" % [ shortname, time_convert(self.send(attribute)) ]
-            )
-          end
+        times=CEF::TIME_ATTRIBUTES.keys.map do |meth|
+          value=self.send(meth)
+          next if value.nil?
+          shortname = CEF::TIME_ATTRIBUTES[meth]
+          [shortname,value].join("=")
         end
-        avpairs.join(" ")
+        (extensions + times).compact.join(" ")
       end
     end
-end
+end
+
+        # vendor=  self.deviceVendor       || "Breed"
+        # product= self.deviceProduct      || "CEF Sender"
+        # version= self.deviceVersion      || CEF::VERSION
+        # declid=  self.deviceEventClassId || "generic:0"
+        # name=    self.name               || "Generic Event"
+        # sev=     self.deviceSeverity     || "1"
+        # %w{ deviceVendor deviceProduct deviceVersion deviceEvent}
+        # cef_prefix="%s|%s|%s|%s|%s|%s" % [
+        #   prefix_escape(vendor),
+        #   prefix_escape(product),
+        #   prefix_escape(version),
+        #   prefix_escape(declid),
+        #   prefix_escape(name),
+        #   prefix_escape(sev),
+        # ]

data/lib/cef/version.rb

@@ -0,0 +1,3 @@
+module CEF
+  VERSION = "0.9.0"
+end

data/spec/lib/cef/event_spec.rb

@@ -0,0 +1,32 @@
+#event_spec.rb
+require 'spec_helper'
+describe CEF::Event do
+  let(:formatted_time) { "Apr 25 1975 12:00:00" }
+  let(:time)  { Chronic.parse(formatted_time) }
+  
+  context "formatting the syslog message" do
+    let(:formatted) { "<131>Apr 25 1975 12:00:00 cefspec CEF:0|breed.org|CEF|#{CEF::VERSION}|0:event|unnamed event|1|" }
+    let(:escaped)   { "<131>Apr 25 1975 12:00:00 cefspec CEF:0|bre\\|ed|CEF|#{CEF::VERSION}|0:event|unnamed event|1|" }
+  end
+  context "formatting the CEF prefix" do
+    let(:formatted) {"breed.org|CEF|#{CEF::VERSION}|0:event|unnamed event|1"}
+    let(:escaped)   {"bre\\|ed|CEF|#{CEF::VERSION}|0:event|unnamed event|1"}
+    describe "#format_cef" do
+      it "formats prefix values" do
+        event=CEF::Event.new(
+          event_time:         time,
+          my_hostname:        "cefspec"
+        )    
+        expect(event.format_prefix).to eq(formatted)
+      end
+      it "escapes pipes in the prefix" do
+        event=CEF::Event.new(
+          event_time:         time,
+          my_hostname:        "cefspec",
+          deviceVendor:       "bre|ed"
+        )    
+        expect(event.format_prefix).to eq(escaped)
+      end
+    end
+  end
+end

data/spec/lib/cef_spec.rb

@@ -0,0 +1,14 @@
+require 'spec_helper'
+
+describe "CEF Event Formatter" do
+  describe "Cef Extension" do
+    it "should output an extension"
+    it "should escape newlines"
+    it "should escape equal signs"
+    it "should format time attributes"
+  end
+end
+
+describe "UDPSender" do
+  
+end

data/spec/spec_helper.rb

@@ -1,48 +1,8 @@
-$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
-$LOAD_PATH.unshift(File.dirname(__FILE__))
-require 'rspec'
 require 'cef'
 
-# Requires supporting files with custom matchers and macros, etc,
-# in ./support/ and its subdirectories.
-Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
-
 RSpec.configure do |config|
-  
-end
-
-def test_prefix_vals
-  test_prefix_vals={
-    :deviceVendor       => "breed",
-    :deviceProduct      => "CEF Sender",
-    :deviceVersion      => "0.1",
-    :deviceEventClassId => "0:debug",
-    :name               => "test",
-    :deviceSeverity     => "1"
-  }
-end
-
-def test_prefix_escape_vals
-  test_prefix_escape_vals={
-    :deviceVendor       => "bre|ed",
-    :deviceProduct      => "CEF Sender",
-    :deviceVersion      => "0.1",
-    :deviceEventClassId => "0:debug",
-    :name               => "test",
-    :deviceSeverity     => "1"
-  }
-end
-
-def test_extension_vals
-  test_extension_vals={
-      :sourceAddress      => "192.168.1.1",
-      :destinationAddress => "192.168.1.2"
-  }
-end
-
-def test_prefix_string
-  "breed|CEF Sender|0.1|0:debug|test|1"
-  end
-def test_prefix_escape_string
-  "bre\\|ed|CEF Sender|0.1|0:debug|test|1"
+  config.treat_symbols_as_metadata_keys_with_true_values = true
+  config.run_all_when_everything_filtered = true
+  config.filter_run :focus
+  config.order = 'random'
 end

metadata

@@ -1,114 +1,141 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: cef
-version: !ruby/object:Gem::Version 
-  hash: 63
-  prerelease: 
-  segments: 
-  - 0
-  - 8
-  - 0
-  version: 0.8.0
+version: !ruby/object:Gem::Version
+  version: 0.9.0
 platform: ruby
-authors: 
+authors:
 - Ryan Breed
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2011-03-30 00:00:00 -05:00
-default_executable: cef_sender
-dependencies: 
-- !ruby/object:Gem::Dependency 
-  name: rspec
-  version_requirements: &id001 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 2
-        - 3
-        - 0
-        version: 2.3.0
+date: 2011-03-30 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: chronic
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
   prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  requirement: *id001
-- !ruby/object:Gem::Dependency 
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
   name: bundler
-  version_requirements: &id002 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 23
-        segments: 
-        - 1
-        - 0
-        - 0
-        version: 1.0.0
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
   prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  requirement: *id002
-- !ruby/object:Gem::Dependency 
-  name: jeweler
-  version_requirements: &id003 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 7
-        segments: 
-        - 1
-        - 5
-        - 2
-        version: 1.5.2
   prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  requirement: *id003
-- !ruby/object:Gem::Dependency 
-  name: rcov
-  version_requirements: &id004 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
   prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  requirement: *id004
-- !ruby/object:Gem::Dependency 
-  name: rspec
-  version_requirements: &id005 !ruby/object:Gem::Requirement 
-    none: false
-    requirements: 
-    - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 2
-        - 3
-        - 0
-        version: 2.3.0
   prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: guard-bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  requirement: *id005
-description: " format/send CEF logs via API+syslog or client program "
-email: opensource@breed.org
-executables: 
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: ' format/send CEF logs via API+syslog or client program '
+email: ' opensource@breed.org '
+executables:
 - cef_sender
 extensions: []
-
-extra_rdoc_files: 
+extra_rdoc_files:
 - LICENSE.txt
 - README.rdoc
-files: 
+files:
 - .document
+- .gitignore
 - .rspec
 - Gemfile
+- Guardfile
 - LICENSE.txt
 - README.rdoc
 - Rakefile
@@ -121,42 +148,35 @@ files:
 - lib/cef/file_logger.rb
 - lib/cef/parser.rb
 - lib/cef/sender.rb
-- spec/cef_spec.rb
+- lib/cef/version.rb
+- spec/lib/cef/event_spec.rb
+- spec/lib/cef_spec.rb
 - spec/spec_helper.rb
-has_rdoc: true
 homepage: http://github.com/ryanbreed/cef
-licenses: 
+licenses:
 - MIT
+metadata: {}
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
-      - 0
-      version: "0"
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.5.2
+rubygems_version: 2.0.14
 signing_key: 
-specification_version: 3
+specification_version: 4
 summary: CEF Generation Library and Client
-test_files: 
-- spec/cef_spec.rb
+test_files:
+- spec/lib/cef/event_spec.rb
+- spec/lib/cef_spec.rb
 - spec/spec_helper.rb

data/spec/cef_spec.rb

@@ -1,36 +0,0 @@
-require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
-
-describe "CEF Event Formatter" do
-  describe "CEF Preamble" do
-    it "should output a preamble" do
-      prefix_vals=test_prefix_vals
-      t=Time.new
-      e=CEF::Event.new
-      e.event_time=t
-      prefix_vals.each {|k,v| e.send("%s="%k,v) }
-      preformatted=CEF::PREFIX_FORMAT % [ 131, Socket.gethostname, t.strftime(CEF::LOG_TIME_FORMAT), test_prefix_string, ""]
-      formatted=e.format_cef
-      preformatted.should == formatted
-    end
-    it "should escape pipes in the prefix" do
-      prefix_vals=test_prefix_escape_vals
-      t=Time.new
-      e=CEF::Event.new
-      e.event_time=t
-      prefix_vals.each {|k,v| e.send("%s="%k,v) }
-      preformatted=CEF::PREFIX_FORMAT % [ 131, Socket.gethostname, t.strftime(CEF::LOG_TIME_FORMAT), test_prefix_escape_string, ""]
-      formatted=e.format_cef
-      preformatted.should == formatted
-    end
-  end
-  describe "Cef Extension" do
-    it "should output an extension"
-    it "should escape newlines"
-    it "should escape equal signs"
-    it "should format time attributes"
-  end
-end
-
-describe "UDPSender" do
-  
-end