fluent-plugin-jfrog-siem 0.1.7 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rspec +1 -0
- data/CHANGELOG.md +36 -0
- data/Gemfile.lock +90 -0
- data/README.md +10 -3
- data/Rakefile +1 -1
- data/fluent-plugin-jfrog-siem.gemspec +8 -3
- data/lib/fluent/plugin/in_jfrog_siem.rb +41 -215
- data/lib/fluent/plugin/position_file.rb +32 -0
- data/lib/fluent/plugin/violations.json +380 -0
- data/lib/fluent/plugin/xray.rb +164 -0
- data/spec/position_file_spec.rb +56 -0
- data/spec/spec_helper.rb +111 -0
- data/spec/xray_spec.rb +135 -0
- data/test/helper.rb +1 -0
- data/test/plugin/test_in_jfrog_siem.rb +31 -5
- metadata +76 -10
- data/elastic.conf +0 -18
- data/splunk.conf +0 -18
data/elastic.conf
DELETED
@@ -1,18 +0,0 @@
|
|
1
|
-
<source>
|
2
|
-
@type jfrog_siem
|
3
|
-
tag elastic_jfrog
|
4
|
-
jpd_url <jpd_url>
|
5
|
-
access_token <access_token>
|
6
|
-
pos_file "elastic_pos.txt"
|
7
|
-
</source>
|
8
|
-
<match elastic*>
|
9
|
-
@type elasticsearch
|
10
|
-
@id elasticsearch
|
11
|
-
host elasticsearch
|
12
|
-
port 9200
|
13
|
-
user <username>
|
14
|
-
password <password>
|
15
|
-
index_name xray_siem
|
16
|
-
include_tag_key true
|
17
|
-
type_name fluentd
|
18
|
-
</match>
|
data/splunk.conf
DELETED
@@ -1,18 +0,0 @@
|
|
1
|
-
<source>
|
2
|
-
@type jfrog_siem
|
3
|
-
tag splunk_jfrog
|
4
|
-
jpd_url <jpd_url>
|
5
|
-
access_token <access_token>
|
6
|
-
pos_file "splunk_pos.txt"
|
7
|
-
</source>
|
8
|
-
<match splunk*>
|
9
|
-
@type splunk_hec
|
10
|
-
host HEC_HOST
|
11
|
-
port HEC_PORT
|
12
|
-
token HEC_TOKEN
|
13
|
-
format json
|
14
|
-
sourcetype_key log_source
|
15
|
-
use_fluentd_time false
|
16
|
-
index violations
|
17
|
-
flush_interval 10s
|
18
|
-
</match>
|