fluent-plugin-fortigate-log-parser 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
4
4
 
5
5
  Gem::Specification.new do |spec|
6
6
  spec.name = "fluent-plugin-fortigate-log-parser"
7
- spec.version = "0.1.1"
7
+ spec.version = "0.2.0"
8
8
  spec.authors = ["Yoshinori TERAOKA"]
9
9
  spec.email = ["jyobijyoba@gmail.com"]
10
10
  spec.summary = %q{fluentd plugin for parse FortiGate log}
@@ -99,14 +99,18 @@ module Fluent
99
99
  end
100
100
  end
101
101
 
102
+ # rsyslog workaround (remove the unnecessary white space)
103
+ # rsyslog insert a space (0x20) after first semi-colon
104
+ # (eg. time=12:34:56 -> time=12: 34:56)
105
+ record['time'].gsub!(' ', '')
106
+
102
107
  time_str = record['date'] + ' ' + record['time']
103
108
  time = nil
104
109
 
105
110
  if @prev_time && time_str == @prev_time_str
106
111
  time = @prev_time
107
112
  else
108
- # XXX FortiGate BUG (time format)
109
- time = Time.strptime(time_str, '%Y-%m-%d %H: %M:%S').to_i
113
+ time = Time.strptime(time_str, '%Y-%m-%d %H:%M:%S').to_i
110
114
  @prev_time = time
111
115
  @prev_time_str = time_str
112
116
  end
@@ -57,17 +57,17 @@ class FortigateSyslogParserOutputTest < Test::Unit::TestCase
57
57
  def test_emit
58
58
  d1 = create_driver(CONFIG)
59
59
  d1.run do
60
- d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23: 59:59,devname=TEST_NAME,devid=TEST_ID,logid=0000000001'})
60
+ d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23:59:59,devname=TEST_NAME,devid=TEST_ID,logid=0000000001'})
61
61
  end
62
62
  emits = d1.emits
63
63
  assert_equal 1, emits.length
64
64
  assert_equal '0000000001', emits[0][2]['logid']
65
65
  end
66
66
 
67
- def test_emit_rewrite_tag
67
+ def test_emit_uri_escape
68
68
  d1 = create_driver(CONFIG)
69
69
  d1.run do
70
- d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23: 59:59,file=あああ,filename=いいい'})
70
+ d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23:59:59,file=あああ,filename=いいい'})
71
71
  end
72
72
  emits = d1.emits
73
73
  assert_equal 1, emits.length
@@ -78,7 +78,7 @@ class FortigateSyslogParserOutputTest < Test::Unit::TestCase
78
78
  def test_emit_rewrite_tag
79
79
  d1 = create_driver(CONFIG_REWRITE_TAG, 'before.test')
80
80
  d1.run do
81
- d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23: 59:59'})
81
+ d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23:59:59'})
82
82
  end
83
83
  emits = d1.emits
84
84
  assert_equal 1, emits.length
@@ -88,7 +88,7 @@ class FortigateSyslogParserOutputTest < Test::Unit::TestCase
88
88
  def test_emit_message_key
89
89
  d1 = create_driver(CONFIG_MESSAGE_KEY)
90
90
  d1.run do
91
- d1.emit({'mykey' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23: 59:59,key1=value1,key2=value2'})
91
+ d1.emit({'mykey' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23:59:59,key1=value1,key2=value2'})
92
92
  end
93
93
  emits = d1.emits
94
94
  assert_equal 1, emits.length
@@ -97,6 +97,16 @@ class FortigateSyslogParserOutputTest < Test::Unit::TestCase
97
97
  end
98
98
 
99
99
  def test_emit_date_parse
100
+ d1 = create_driver()
101
+ d1.run do
102
+ d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23:59:59'})
103
+ end
104
+ emits = d1.emits
105
+ assert_equal 1, emits.length
106
+ assert_equal 1408201199, emits[0][1]
107
+ end
108
+
109
+ def test_rsync_workaround
100
110
  d1 = create_driver()
101
111
  d1.run do
102
112
  d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23: 59:59'})
@@ -109,7 +119,7 @@ class FortigateSyslogParserOutputTest < Test::Unit::TestCase
109
119
  def test_emit_country_map
110
120
  d1 = create_driver(CONFIG_COUNTRY_MAP)
111
121
  d1.run do
112
- d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23: 59:59,srccountry=Japan,dstcountry=United States'})
122
+ d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23:59:59,srccountry=Japan,dstcountry=United States'})
113
123
  end
114
124
  emits = d1.emits
115
125
  assert_equal 1, emits.length
@@ -122,7 +132,7 @@ class FortigateSyslogParserOutputTest < Test::Unit::TestCase
122
132
  def test_emit_os_version4
123
133
  d1 = create_driver(CONFIG_OS_VERSION4)
124
134
  d1.run do
125
- d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23: 59:59,src_country=Japan,dst_country=United States'})
135
+ d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23:59:59,src_country=Japan,dst_country=United States'})
126
136
  end
127
137
  emits = d1.emits
128
138
  assert_equal 1, emits.length
@@ -135,7 +145,7 @@ class FortigateSyslogParserOutputTest < Test::Unit::TestCase
135
145
  def test_emit_keys
136
146
  d1 = create_driver(CONFIG_KEYS)
137
147
  d1.run do
138
- d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23: 59:59,a=A,b=B,c=C,x=X,y=Y,z=Z'})
148
+ d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23:59:59,a=A,b=B,c=C,x=X,y=Y,z=Z'})
139
149
  end
140
150
  expected = {'a' => 'A', 'b' => 'B', 'c' => 'C'}
141
151
  emits = d1.emits
@@ -146,7 +156,7 @@ class FortigateSyslogParserOutputTest < Test::Unit::TestCase
146
156
  def test_emit_remove_keys
147
157
  d1 = create_driver(CONFIG_REMOVE_KEYS)
148
158
  d1.run do
149
- d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23: 59:59,a=A,b=B,c=C,x=X,y=Y,z=Z'})
159
+ d1.emit({'message' => 'Aug 17 00:00:00 fortigate date=2014-08-16,time=23:59:59,a=A,b=B,c=C,x=X,y=Y,z=Z'})
150
160
  end
151
161
  expected = {'x' => 'X', 'y' => 'Y', 'z' => 'Z'}
152
162
  emits = d1.emits
metadata CHANGED
@@ -1,32 +1,36 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-fortigate-log-parser
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.1
4
+ version: 0.2.0
5
+ prerelease:
5
6
  platform: ruby
6
7
  authors:
7
8
  - Yoshinori TERAOKA
8
9
  autorequire:
9
10
  bindir: bin
10
11
  cert_chain: []
11
- date: 2014-08-18 00:00:00.000000000 Z
12
+ date: 2015-03-20 00:00:00.000000000 Z
12
13
  dependencies:
13
14
  - !ruby/object:Gem::Dependency
14
15
  name: fluentd
15
16
  requirement: !ruby/object:Gem::Requirement
17
+ none: false
16
18
  requirements:
17
- - - '>='
19
+ - - ! '>='
18
20
  - !ruby/object:Gem::Version
19
21
  version: '0'
20
22
  type: :runtime
21
23
  prerelease: false
22
24
  version_requirements: !ruby/object:Gem::Requirement
25
+ none: false
23
26
  requirements:
24
- - - '>='
27
+ - - ! '>='
25
28
  - !ruby/object:Gem::Version
26
29
  version: '0'
27
30
  - !ruby/object:Gem::Dependency
28
31
  name: bundler
29
32
  requirement: !ruby/object:Gem::Requirement
33
+ none: false
30
34
  requirements:
31
35
  - - ~>
32
36
  - !ruby/object:Gem::Version
@@ -34,6 +38,7 @@ dependencies:
34
38
  type: :development
35
39
  prerelease: false
36
40
  version_requirements: !ruby/object:Gem::Requirement
41
+ none: false
37
42
  requirements:
38
43
  - - ~>
39
44
  - !ruby/object:Gem::Version
@@ -41,6 +46,7 @@ dependencies:
41
46
  - !ruby/object:Gem::Dependency
42
47
  name: rake
43
48
  requirement: !ruby/object:Gem::Requirement
49
+ none: false
44
50
  requirements:
45
51
  - - ~>
46
52
  - !ruby/object:Gem::Version
@@ -48,6 +54,7 @@ dependencies:
48
54
  type: :development
49
55
  prerelease: false
50
56
  version_requirements: !ruby/object:Gem::Requirement
57
+ none: false
51
58
  requirements:
52
59
  - - ~>
53
60
  - !ruby/object:Gem::Version
@@ -74,26 +81,27 @@ files:
74
81
  homepage: https://github.com/yteraoka/fluent-plugin-fortigate-log-parser
75
82
  licenses:
76
83
  - MIT
77
- metadata: {}
78
84
  post_install_message:
79
85
  rdoc_options: []
80
86
  require_paths:
81
87
  - lib
82
88
  required_ruby_version: !ruby/object:Gem::Requirement
89
+ none: false
83
90
  requirements:
84
- - - '>='
91
+ - - ! '>='
85
92
  - !ruby/object:Gem::Version
86
93
  version: '0'
87
94
  required_rubygems_version: !ruby/object:Gem::Requirement
95
+ none: false
88
96
  requirements:
89
- - - '>='
97
+ - - ! '>='
90
98
  - !ruby/object:Gem::Version
91
99
  version: '0'
92
100
  requirements: []
93
101
  rubyforge_project:
94
- rubygems_version: 2.0.0
102
+ rubygems_version: 1.8.23
95
103
  signing_key:
96
- specification_version: 4
104
+ specification_version: 3
97
105
  summary: fluentd plugin for parse FortiGate log
98
106
  test_files:
99
107
  - test/helper.rb
checksums.yaml DELETED
@@ -1,7 +0,0 @@
1
- ---
2
- SHA1:
3
- metadata.gz: c33c6ce6da8275fca39ff791e778d17585e2a357
4
- data.tar.gz: c91268bdff674aeb2f50fe2d6274211e2fa62a94
5
- SHA512:
6
- metadata.gz: f3c4a395b9f7f71243382e93a875c0e7bb3404382b4e51a79cbd2d790cf99014bac3f805fc74199308f19036b64bfa37ea776487f8ba5d0a67174b335bc7f95e
7
- data.tar.gz: a15d3d154bc6ed865b5c3e1a44fc35471491bcc335e134e4296cbb3e2f5374e67afb8d3e4c30d8174f44b09406253e4edcf6a7e2ee64e0bdd0529263da06910b