fluent-plugin-fw1_loggrabber_parser 1.0.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: f79528ecaae4c3b524bdf38d0e2cf4cb0749f37f
+  data.tar.gz: 4f7cbb79ac005164fa34e414a75d11f65538e013
+SHA512:
+  metadata.gz: eb6af6d69753b33b9911e1f5fc7dc9fcc0e97dd0faadce38151ef243968eb4e56e48125e4c733f9836623ca818f27cfde0d39869eb0528e19960bded02706176
+  data.tar.gz: a858112fafd10ec4c2ca75630a42e65c273c70a5beb92ead4c140cbda9679440782773f6b9149104d87cedbd22e417370295cf8900fb2112e72cb5c1435cf8d1

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rspec

@@ -0,0 +1,3 @@
+--color
+--require spec_helper
+--format doc

data/Gemfile

@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gemspec

data/README.md

@@ -0,0 +1,32 @@
+# fluent-plugin-fw1_loggrabber_parser
+
+Parsing a LEA format file from FW1-LogGrabber.
+https://github.com/certego/fw1-loggrabber
+
+A separator of a LEA format file should be '|'(0x7c).
+
+
+## Installation
+
+```bash
+# for fluentd
+gem install fluent-plugin-fw1_loggrabber_parser
+
+# for td-agent2
+td-agent-gem install fluent-plugin-fw1_loggrabber_parser
+```
+
+## Usage
+
+```xml
+<source>
+  @type tail
+  path /var/log//fw1.log
+  pos_file /var/log/td-agent/fw1.log.pos
+  tag fw1.log
+  format fw1_loggrabber
+</source>
+```
+
+## parameters
+- n/a

data/Rakefile

@@ -0,0 +1,2 @@
+require "bundler/gem_tasks"
+task :default => :spec

data/fluent-plugin-fw1_loggrabber_parser.gemspec

@@ -0,0 +1,34 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'fluent/plugin/parser_fw1_loggrabber/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "fluent-plugin-fw1_loggrabber_parser"
+  spec.version       = Fluent::Plugin::Fw1LoggrabberParser::VERSION
+  spec.authors       = ["Tomoyuki Sugimura"]
+  spec.email         = ["tomoyuki.sugimura@gmail.com"]
+
+  spec.summary       = %q{parse checkpoint firewall-1 LEA formatted log}
+  spec.description   = %q{parse checkpoint firewall-1 LEA formatted log from file}
+  spec.homepage      = "https://localhost.localdomain"
+  spec.license       = "MIT"
+
+  # Prevent pushing this gem to RubyGems.org by setting 'allowed_push_host', or
+  # delete this section to allow pushing this gem to any host.
+  #if spec.respond_to?(:metadata)
+  #  spac.metadata['allowed_push_host'] = "TODO: Set to 'http://mygemserver.com'"
+  #else
+  #  raise "RubyGems 2.0 or newer is required to protect against public gem pushes."
+  #end
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+  spec.add_development_dependency "fluentd", "~> 0.10", ">= 0.10.43"
+  spec.add_development_dependency "bundler", "~> 1.11"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec"
+  spec.add_development_dependency "test-unit"
+end

data/lib/fluent/plugin/parser_fw1_loggrabber.rb

@@ -0,0 +1,49 @@
+# -*- coding: utf-8 -*-
+
+module Fluent
+  class TextParser
+    
+    class Fw1LoggrabberParser < Parser
+      
+      # Register this parser as a parser plugin
+      Plugin.register_parser('fw1_loggrabber', self)
+
+      # This method is called after config_params have read configuration parameter
+      def initialize
+        super
+        @pattern_key_value = /(?<=^|[^\\]\|)([^=\s]+)=((?:[^|]|(?:(?<=\\)\|))+)/
+      end
+
+      def configure(conf={})
+        super
+      end
+
+      def parse(text)
+        record = logparse(text)
+        yield Engine.now, record
+      end
+
+
+      def logparse(text)
+
+        return {} if (nil == text)
+
+        record = Hash.new
+
+        begin
+          for pair in text.scan(@pattern_key_value) do
+            record[pair[0]] = pair[1]
+          end
+        rescue => e
+          log.error e.message
+          return {}
+        end
+
+        return record
+      end
+
+    end
+
+  end
+
+end

data/lib/fluent/plugin/parser_fw1_loggrabber/version.rb

@@ -0,0 +1,7 @@
+module Fluent
+  module Plugin
+    module Fw1LoggrabberParser
+      VERSION = "1.0.0"
+    end
+  end
+end

metadata

@@ -0,0 +1,128 @@
+--- !ruby/object:Gem::Specification
+name: fluent-plugin-fw1_loggrabber_parser
+version: !ruby/object:Gem::Version
+  version: 1.0.0
+platform: ruby
+authors:
+- Tomoyuki Sugimura
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2016-05-20 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: fluentd
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.10.43
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.10.43
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: test-unit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: parse checkpoint firewall-1 LEA formatted log from file
+email:
+- tomoyuki.sugimura@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- Gemfile
+- README.md
+- Rakefile
+- fluent-plugin-fw1_loggrabber_parser.gemspec
+- lib/fluent/plugin/parser_fw1_loggrabber.rb
+- lib/fluent/plugin/parser_fw1_loggrabber/version.rb
+homepage: https://localhost.localdomain
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.1
+signing_key: 
+specification_version: 4
+summary: parse checkpoint firewall-1 LEA formatted log
+test_files: []