cef 0.6.0 → 0.6.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. data/README.rdoc +46 -1
  2. data/Rakefile +2 -5
  3. data/VERSION +1 -1
  4. data/spec/cef_spec.rb +4 -11
  5. data/spec/spec_helper.rb +11 -0
  6. metadata +5 -6
  7. data/cef.gemspec +0 -69
data/README.rdoc CHANGED
@@ -1,6 +1,51 @@
1
1
  = cef
2
2
 
3
- Description goes here.
3
+ This is an implementation of the Common Event Formatting standard.
4
+
5
+ http://www.arcsight.com/solutions/solutions-cef/
6
+
7
+
8
+ Included is a library implementing a formatter/emitter and a client program
9
+ that can be called from a shell script or some other external source. The
10
+ library currently hardcodes the syslog format|priority if you choose to send
11
+ vi UDP to a receiver.
12
+
13
+ Most of the standard dictionary is implemented.
14
+ http://www.arcsight.com/collateral/CEFstandards.pdf
15
+
16
+ == Example API Usage
17
+
18
+
19
+ # instantiate a sender object
20
+ sender=CEF::Sender.new(
21
+ :receiver=>"loghost.mycompany.com",
22
+ :eventDefaults=>{
23
+ :deviceProduct => "MySnazzyLogger",
24
+ :deviceVendor => "My Company"
25
+ }
26
+ )
27
+ # instantiate an event
28
+ event=CEF::Event.new(
29
+ :sourceAddress => "192.168.1.1",
30
+ :destinationAddress => "192.168.1.2",
31
+ :name => "i think something happened"
32
+ )
33
+
34
+ # fire away!
35
+ sender.emit(e)
36
+
37
+ == Example client usage
38
+
39
+ cef_sender --receiver="myloghost.company.com"\
40
+ --deviceProduct="MySnazzyLogger" \
41
+ --deviceVendor="My Company" \
42
+ --sourceAddress="192.168.1.1" \
43
+ --destinationAddress="192.168.1.2" \
44
+ --name="i think something happened"
45
+
46
+ To see the supported event attributes:
47
+
48
+ cef_sender --schema
4
49
 
5
50
  == Contributing to cef
6
51
 
data/Rakefile CHANGED
@@ -15,13 +15,10 @@ Jeweler::Tasks.new do |gem|
15
15
  gem.name = "cef"
16
16
  gem.homepage = "http://github.com/ryanbreed/cef"
17
17
  gem.license = "MIT"
18
- gem.summary = %Q{CEF Generation }
19
- gem.description = %Q{Library and client }
18
+ gem.summary = %Q{ CEF Generation Library and Client }
19
+ gem.description = %Q{ format/send CEF logs via API+syslog or client program }
20
20
  gem.email = "opensource@breed.org"
21
21
  gem.authors = ["Ryan Breed"]
22
- # Include your dependencies below. Runtime dependencies are required when using your gem,
23
- # and development dependencies are only needed for development (ie running rake tasks, tests, etc)
24
- #gem.add_runtime_dependency 'escape', '~> 0.0.4'
25
22
  gem.add_development_dependency 'rspec', '~> 2.3.0'
26
23
  gem.files.include('VERSION')
27
24
  end
data/VERSION CHANGED
@@ -1 +1 @@
1
- 0.6.0
1
+ 0.6.1
data/spec/cef_spec.rb CHANGED
@@ -2,18 +2,11 @@ require File.expand_path(File.dirname(__FILE__) + '/spec_helper')
2
2
 
3
3
  describe "CEF Event Format" do
4
4
  it "should output a preamble" do
5
- test_prefix_vals={
6
- :deviceVendor => "breed",
7
- :deviceProduct => "CEF Sender",
8
- :deviceVersion => "0.1",
9
- :deviceEventClassId => "0:debug",
10
- :name => "test",
11
- :deviceSeverity => "1"
12
- }
5
+ prefix_vals=test_prefix_vals
13
6
  e=CEF::Event.new
14
- test_prefix_vals.each {|k,v| e.send("%s="%k,v) }
7
+ prefix_vals.each {|k,v| e.send("%s="%k,v) }
15
8
  s=CEF::Sender.new
16
- formatted=CEF::PREFIX_FORMAT % [ 131, *test_prefix_vals.values ]
17
- s.format_event(e) ==formatted
9
+ formatted=CEF::PREFIX_FORMAT % [ 131, *prefix_vals.values ]
10
+ s.format_event(e)==formatted
18
11
  end
19
12
  end
data/spec/spec_helper.rb CHANGED
@@ -10,3 +10,14 @@ Dir["#{File.dirname(__FILE__)}/support/**/*.rb"].each {|f| require f}
10
10
  RSpec.configure do |config|
11
11
 
12
12
  end
13
+
14
+ def test_prefix_vals
15
+ test_prefix_vals={
16
+ :deviceVendor => "breed",
17
+ :deviceProduct => "CEF Sender",
18
+ :deviceVersion => "0.1",
19
+ :deviceEventClassId => "0:debug",
20
+ :name => "test",
21
+ :deviceSeverity => "1"
22
+ }
23
+ end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: cef
3
3
  version: !ruby/object:Gem::Version
4
- hash: 7
4
+ hash: 5
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 6
9
- - 0
10
- version: 0.6.0
9
+ - 1
10
+ version: 0.6.1
11
11
  platform: ruby
12
12
  authors:
13
13
  - Ryan Breed
@@ -96,7 +96,7 @@ dependencies:
96
96
  prerelease: false
97
97
  type: :development
98
98
  requirement: *id005
99
- description: "Library and client "
99
+ description: " format/send CEF logs via API+syslog or client program "
100
100
  email: opensource@breed.org
101
101
  executables:
102
102
  - cef_sender
@@ -114,7 +114,6 @@ files:
114
114
  - Rakefile
115
115
  - VERSION
116
116
  - bin/cef_sender
117
- - cef.gemspec
118
117
  - lib/cef.rb
119
118
  - spec/cef_spec.rb
120
119
  - spec/spec_helper.rb
@@ -151,7 +150,7 @@ rubyforge_project:
151
150
  rubygems_version: 1.5.2
152
151
  signing_key:
153
152
  specification_version: 3
154
- summary: CEF Generation
153
+ summary: CEF Generation Library and Client
155
154
  test_files:
156
155
  - spec/cef_spec.rb
157
156
  - spec/spec_helper.rb
data/cef.gemspec DELETED
@@ -1,69 +0,0 @@
1
- # Generated by jeweler
2
- # DO NOT EDIT THIS FILE DIRECTLY
3
- # Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
4
- # -*- encoding: utf-8 -*-
5
-
6
- Gem::Specification.new do |s|
7
- s.name = %q{cef}
8
- s.version = "0.6.0"
9
-
10
- s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
11
- s.authors = ["Ryan Breed"]
12
- s.date = %q{2011-02-20}
13
- s.default_executable = %q{cef_sender}
14
- s.description = %q{Library and client }
15
- s.email = %q{opensource@breed.org}
16
- s.executables = ["cef_sender"]
17
- s.extra_rdoc_files = [
18
- "LICENSE.txt",
19
- "README.rdoc"
20
- ]
21
- s.files = [
22
- ".document",
23
- ".rspec",
24
- "Gemfile",
25
- "LICENSE.txt",
26
- "README.rdoc",
27
- "Rakefile",
28
- "VERSION",
29
- "bin/cef_sender",
30
- "cef.gemspec",
31
- "lib/cef.rb",
32
- "spec/cef_spec.rb",
33
- "spec/spec_helper.rb"
34
- ]
35
- s.homepage = %q{http://github.com/ryanbreed/cef}
36
- s.licenses = ["MIT"]
37
- s.require_paths = ["lib"]
38
- s.rubygems_version = %q{1.5.2}
39
- s.summary = %q{CEF Generation}
40
- s.test_files = [
41
- "spec/cef_spec.rb",
42
- "spec/spec_helper.rb"
43
- ]
44
-
45
- if s.respond_to? :specification_version then
46
- s.specification_version = 3
47
-
48
- if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
49
- s.add_development_dependency(%q<rspec>, ["~> 2.3.0"])
50
- s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
51
- s.add_development_dependency(%q<jeweler>, ["~> 1.5.2"])
52
- s.add_development_dependency(%q<rcov>, [">= 0"])
53
- s.add_development_dependency(%q<rspec>, ["~> 2.3.0"])
54
- else
55
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
56
- s.add_dependency(%q<bundler>, ["~> 1.0.0"])
57
- s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
58
- s.add_dependency(%q<rcov>, [">= 0"])
59
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
60
- end
61
- else
62
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
63
- s.add_dependency(%q<bundler>, ["~> 1.0.0"])
64
- s.add_dependency(%q<jeweler>, ["~> 1.5.2"])
65
- s.add_dependency(%q<rcov>, [">= 0"])
66
- s.add_dependency(%q<rspec>, ["~> 2.3.0"])
67
- end
68
- end
69
-