fluent-plugin-anonymizer 0.5.1 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +2 -10
- data/README.md +16 -6
- data/fluent-plugin-anonymizer.gemspec +1 -1
- data/lib/fluent/plugin/filter_anonymizer.rb +2 -10
- data/lib/fluent/plugin/out_anonymizer.rb +1 -0
- data/test/plugin/test_filter_anonymizer.rb +14 -14
- metadata +2 -4
- data/gemfiles/fluentd_v0.10.gemfile +0 -7
- data/gemfiles/fluentd_v0.12.gemfile +0 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a1fc717a156c6b19fea2d19f4522c3b2d8be7dda
|
4
|
+
data.tar.gz: 9c7ff4fda067571c4becc5f29c5be0a5452e9653
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bc870e37f4a1b30b543d53497208e9af52ac1c901bc77ec32c1bb772fb30d9cd4a8ebd2eb1782550757fd4763c93e84248c8e2f2c46826e3c3b688113e1f6a5c
|
7
|
+
data.tar.gz: 0bcc4eaecfceb6f5a00a14d587bd81f77efe17d8500384d73bee0d8f4e63c0e92897fb81aaa7e5809362fdbaf2cf329a85b0361d085ffdae55ab3450993064f7
|
data/.travis.yml
CHANGED
@@ -2,11 +2,10 @@ sudo: false
|
|
2
2
|
language: ruby
|
3
3
|
|
4
4
|
rvm:
|
5
|
-
- 2.
|
5
|
+
- 2.4.0
|
6
|
+
- 2.3.3
|
6
7
|
- 2.2
|
7
8
|
- 2.1
|
8
|
-
- 2.0.0
|
9
|
-
- 1.9.3
|
10
9
|
|
11
10
|
# to avoid travis-ci issue since 2015-12-25
|
12
11
|
before_install:
|
@@ -14,10 +13,3 @@ before_install:
|
|
14
13
|
|
15
14
|
gemfile:
|
16
15
|
- Gemfile
|
17
|
-
- gemfiles/fluentd_v0.10.gemfile
|
18
|
-
- gemfiles/fluentd_v0.12.gemfile
|
19
|
-
|
20
|
-
matrix:
|
21
|
-
allow_failures:
|
22
|
-
- rvm: 1.9.3
|
23
|
-
- rvm: 2.0.0
|
data/README.md
CHANGED
@@ -4,21 +4,31 @@
|
|
4
4
|
|
5
5
|
Fluentd filter output plugin to anonymize records with [OpenSSL::Digest](https://docs.ruby-lang.org/ja/latest/class/OpenSSL=3a=3aDigest.html) of MD5/SHA1/SHA256/SHA384/SHA512 algorithms. This data masking plugin protects privacy data such as UserID, Email, Phone number, IPv4/IPv6 address and so on.
|
6
6
|
|
7
|
+
## Requirements
|
8
|
+
|
9
|
+
| fluent-plugin-anonymizer | fluentd | ruby |
|
10
|
+
|--------------------|------------|--------|
|
11
|
+
| 1.0.0 | v0.14.x | >= 2.1 |
|
12
|
+
| 0.5.1 | v0.12.x | >= 1.9 |
|
13
|
+
|
14
|
+
|
7
15
|
## Installation
|
8
16
|
|
9
|
-
install with gem or
|
17
|
+
install with gem or td-agent-gem command as:
|
10
18
|
|
11
19
|
`````
|
12
|
-
# for fluentd
|
20
|
+
# for system installed fluentd
|
13
21
|
$ gem install fluent-plugin-anonymizer
|
14
22
|
|
15
|
-
# for td-
|
16
|
-
$ sudo /usr/lib64/fluent/ruby/bin/fluent-gem install fluent-plugin-anonymizer -v 0.5.1
|
17
|
-
|
18
|
-
# for td-agent2
|
23
|
+
# for td-agent2 (with fluentd v0.12)
|
19
24
|
$ sudo td-agent-gem install fluent-plugin-anonymizer -v 0.5.1
|
25
|
+
|
26
|
+
# for td-agent3 (with fluentd v0.14)
|
27
|
+
$ sudo td-agent-gem install fluent-plugin-anonymizer -v 1.0.0
|
20
28
|
`````
|
21
29
|
|
30
|
+
For more details, see [Plugin Management](https://docs.fluentd.org/v0.14/articles/plugin-management)
|
31
|
+
|
22
32
|
## Tutorial
|
23
33
|
|
24
34
|
### Filter Plugin
|
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
4
|
|
5
5
|
Gem::Specification.new do |spec|
|
6
6
|
spec.name = "fluent-plugin-anonymizer"
|
7
|
-
spec.version = "0.
|
7
|
+
spec.version = "1.0.0"
|
8
8
|
spec.authors = ["Kentaro Yoshida"]
|
9
9
|
spec.email = ["y.ken.studio@gmail.com"]
|
10
10
|
spec.summary = %q{Fluentd filter output plugin to anonymize records with HMAC of MD5/SHA1/SHA256/SHA384/SHA512 algorithms. This data masking plugin protects privacy data such as UserID, Email, Phone number, IPv4/IPv6 address and so on.}
|
@@ -1,4 +1,4 @@
|
|
1
|
-
require 'fluent/filter'
|
1
|
+
require 'fluent/plugin/filter'
|
2
2
|
require 'openssl'
|
3
3
|
require 'uri'
|
4
4
|
require 'ipaddr'
|
@@ -28,7 +28,7 @@ require 'ipaddr'
|
|
28
28
|
# </mask>
|
29
29
|
# </filter>
|
30
30
|
|
31
|
-
module Fluent
|
31
|
+
module Fluent::Plugin
|
32
32
|
class AnonymizerFilter < Filter
|
33
33
|
Fluent::Plugin.register_filter('anonymizer', self)
|
34
34
|
|
@@ -174,14 +174,6 @@ module Fluent
|
|
174
174
|
record.update(@masks.reduce(record){|r,mask| mask.call(r)})
|
175
175
|
end
|
176
176
|
|
177
|
-
def filter_stream(tag, es)
|
178
|
-
new_es = MultiEventStream.new
|
179
|
-
es.each do |time, record|
|
180
|
-
new_es.add(time, @masks.reduce(record){|r,mask| mask.call(r) })
|
181
|
-
end
|
182
|
-
new_es
|
183
|
-
end
|
184
|
-
|
185
177
|
def salt_determine(key)
|
186
178
|
return @salt_map[key] if @salt_map.has_key?(key)
|
187
179
|
keystr = key.to_s
|
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'helper'
|
2
|
+
require 'fluent/test/driver/filter'
|
2
3
|
|
3
4
|
class AnonymizerFilterTest < Test::Unit::TestCase
|
4
5
|
def setup
|
@@ -18,50 +19,50 @@ class AnonymizerFilterTest < Test::Unit::TestCase
|
|
18
19
|
ipv4_mask_subnet 24
|
19
20
|
]
|
20
21
|
|
21
|
-
def create_driver(conf=CONFIG
|
22
|
-
Fluent::Test::
|
22
|
+
def create_driver(conf=CONFIG)
|
23
|
+
Fluent::Test::Driver::Filter.new(Fluent::Plugin::AnonymizerFilter).configure(conf)
|
23
24
|
end
|
24
25
|
|
25
26
|
def filter(conf, messages)
|
26
27
|
d = create_driver(conf)
|
27
|
-
d.run {
|
28
|
+
d.run(default_tag: 'test') {
|
28
29
|
messages.each {|message|
|
29
|
-
d.
|
30
|
+
d.feed(@time, message)
|
30
31
|
}
|
31
32
|
}
|
32
|
-
filtered = d.
|
33
|
-
filtered.map {|m| m
|
33
|
+
filtered = d.filtered
|
34
|
+
filtered.map {|m| m.last }
|
34
35
|
end
|
35
36
|
|
36
37
|
require 'ostruct'
|
37
38
|
test 'method md5 works correctly' do
|
38
|
-
conv = Fluent::AnonymizerFilter::MASK_METHODS[:md5].call(OpenStruct.new)
|
39
|
+
conv = Fluent::Plugin::AnonymizerFilter::MASK_METHODS[:md5].call(OpenStruct.new)
|
39
40
|
digest = conv.call('value1', 'salt')
|
40
41
|
assert_equal 'd21fe9523421f12daad064fd082913fd', digest
|
41
42
|
end
|
42
43
|
test 'method sha1 works correctly' do
|
43
|
-
conv = Fluent::AnonymizerFilter::MASK_METHODS[:sha1].call(OpenStruct.new)
|
44
|
+
conv = Fluent::Plugin::AnonymizerFilter::MASK_METHODS[:sha1].call(OpenStruct.new)
|
44
45
|
digest = conv.call('value2', 'salt')
|
45
46
|
assert_equal 'd2ed8e797065322371012fd8c1a39682987ddb71', digest
|
46
47
|
end
|
47
48
|
test 'method sha256 works correctly' do
|
48
|
-
conv = Fluent::AnonymizerFilter::MASK_METHODS[:sha256].call(OpenStruct.new)
|
49
|
+
conv = Fluent::Plugin::AnonymizerFilter::MASK_METHODS[:sha256].call(OpenStruct.new)
|
49
50
|
digest = conv.call('value3', 'salt')
|
50
51
|
assert_equal 'd70daf9654b8a3ba335f8f9f9638a93e8eba6763a0012ac44a928857871abe82', digest
|
51
52
|
end
|
52
53
|
test 'method sha384 works correctly' do
|
53
|
-
conv = Fluent::AnonymizerFilter::MASK_METHODS[:sha384].call(OpenStruct.new)
|
54
|
+
conv = Fluent::Plugin::AnonymizerFilter::MASK_METHODS[:sha384].call(OpenStruct.new)
|
54
55
|
digest = conv.call('value4', 'salt')
|
55
56
|
assert_equal '646192f8b1ea905238df589a00a10598a53eb245df4ab14b7e9eccf80c37386c99abe5259ccb2ba950003423fa0790ee', digest
|
56
57
|
end
|
57
58
|
test 'method sha512 works correctly' do
|
58
|
-
conv = Fluent::AnonymizerFilter::MASK_METHODS[:sha512].call(OpenStruct.new)
|
59
|
+
conv = Fluent::Plugin::AnonymizerFilter::MASK_METHODS[:sha512].call(OpenStruct.new)
|
59
60
|
digest = conv.call('value5', 'salt')
|
60
61
|
expected = '47c82bfea3783c20e3ba3629f0f827bebf0fa65a9104ada5339e5776e5958f061fe7114bfbe1e9d410aff43c6bee8365adf4fdd072e54ab4fffad820f354f545'
|
61
62
|
assert_equal expected, digest
|
62
63
|
end
|
63
64
|
test 'method uri_path removes path, query parameters, fragment, user and password of uri strings' do
|
64
|
-
conv = Fluent::AnonymizerFilter::MASK_METHODS[:uri_path].call(OpenStruct.new)
|
65
|
+
conv = Fluent::Plugin::AnonymizerFilter::MASK_METHODS[:uri_path].call(OpenStruct.new)
|
65
66
|
assert_equal '/my/path', conv.call('/my/path', '')
|
66
67
|
assert_equal 'yay/unknown/format', conv.call('yay/unknown/format', '')
|
67
68
|
assert_equal 'http://example.com/', conv.call('http://example.com/path/to/secret', '')
|
@@ -74,7 +75,7 @@ class AnonymizerFilterTest < Test::Unit::TestCase
|
|
74
75
|
end
|
75
76
|
test 'method network masks ipaddresses with specified mask bit lengths' do
|
76
77
|
conf = OpenStruct.new(ipv4_mask_bits: 24, ipv6_mask_bits: 104)
|
77
|
-
conv = Fluent::AnonymizerFilter::MASK_METHODS[:network].call(conf)
|
78
|
+
conv = Fluent::Plugin::AnonymizerFilter::MASK_METHODS[:network].call(conf)
|
78
79
|
assert_equal '192.168.1.0', conv.call('192.168.1.1', '')
|
79
80
|
assert_equal '10.110.18.0', conv.call('10.110.18.9', '')
|
80
81
|
assert_equal '2001:db8:0:8d3:0:8a2e::', conv.call('2001:db8:0:8d3:0:8a2e:70:7344', '')
|
@@ -302,4 +303,3 @@ CONF
|
|
302
303
|
assert_equal(expected, filtered)
|
303
304
|
end
|
304
305
|
end
|
305
|
-
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fluent-plugin-anonymizer
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Kentaro Yoshida
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-12-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -109,8 +109,6 @@ files:
|
|
109
109
|
- README.md
|
110
110
|
- Rakefile
|
111
111
|
- fluent-plugin-anonymizer.gemspec
|
112
|
-
- gemfiles/fluentd_v0.10.gemfile
|
113
|
-
- gemfiles/fluentd_v0.12.gemfile
|
114
112
|
- lib/fluent/plugin/anonymizer.rb
|
115
113
|
- lib/fluent/plugin/filter_anonymizer.rb
|
116
114
|
- lib/fluent/plugin/out_anonymizer.rb
|