fluent-plugin-jfrog-siem 2.0.0 → 2.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/fluent-plugin-jfrog-siem.gemspec +4 -4
- data/lib/fluent/plugin/in_jfrog_siem.rb +1 -1
- data/lib/fluent/plugin/xray.rb +1 -1
- data/test/plugin/test_in_jfrog_siem.rb +9 -27
- metadata +11 -10
- data/CHANGELOG.md +0 -36
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 76d23b95fd222cac88bfbd167fbf6d493b9aae3430c16cf130b4ed58416cdeb8
|
|
4
|
+
data.tar.gz: 98e8252cf0d65c4334b263d4d06deec94f9813c442da6b9eed1e1c50aa899add
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d2944a1d52eedc69d7a681cd4121f42f8e5bb963339186bfa71b57da5eacae2268d12123fa7b2a4fc20998e81354f1b63ad86d0d80f891873ad7abe9ceff890e
|
|
7
|
+
data.tar.gz: 28223be2c6646a5878330df60c4f6803c7ed534b13c12204af11804dc68494a97af18d6a95fc5c5c8d70679867b0ad35f71a2a2cb01a0024be0e7b8129d56cd6
|
|
@@ -3,13 +3,13 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
|
3
3
|
|
|
4
4
|
Gem::Specification.new do |spec|
|
|
5
5
|
spec.name = "fluent-plugin-jfrog-siem"
|
|
6
|
-
spec.version = "2.0.
|
|
7
|
-
spec.authors = ["
|
|
8
|
-
spec.email = ["
|
|
6
|
+
spec.version = "2.0.3"
|
|
7
|
+
spec.authors = ["Mahitha Byreddy", "Sudhindra Rao","Giridharan Ramasamy"]
|
|
8
|
+
spec.email = ["mahithab@jfrog.com", "sudhindrar@jfrog.com", "girir@jfrog.com"]
|
|
9
9
|
|
|
10
10
|
spec.summary = %q{JFrog SIEM fluent input plugin will send the SIEM events from JFrog Xray to Fluentd}
|
|
11
11
|
spec.description = %q{JFrog SIEM fluent input plugin will send the SIEM events from JFrog Xray to Fluentd which can then be delivered to whatever output plugin specified}
|
|
12
|
-
spec.homepage = "https://github.com/jfrog/
|
|
12
|
+
spec.homepage = "https://github.com/jfrog/fluent-plugin-jfrog-siem"
|
|
13
13
|
spec.license = "Apache-2.0"
|
|
14
14
|
|
|
15
15
|
test_files, files = `git ls-files -z`.split("\x0").partition do |f|
|
|
@@ -31,7 +31,7 @@ module Fluent
|
|
|
31
31
|
config_param :tag, :string, default: ""
|
|
32
32
|
config_param :jpd_url, :string, default: ""
|
|
33
33
|
config_param :username, :string, default: ""
|
|
34
|
-
config_param :apikey, :string, default: ""
|
|
34
|
+
config_param :apikey, :string, default: "", :secret => true
|
|
35
35
|
config_param :batch_size, :integer, default: 25
|
|
36
36
|
config_param :wait_interval, :integer, default: 60
|
|
37
37
|
config_param :from_date, :string, default: ""
|
data/lib/fluent/plugin/xray.rb
CHANGED
|
@@ -58,7 +58,7 @@ class Xray
|
|
|
58
58
|
def get_violations_detail(xray_violation_detail_url)
|
|
59
59
|
response = RestClient::Request.new(
|
|
60
60
|
:method => :get,
|
|
61
|
-
:url => xray_violation_detail_url,
|
|
61
|
+
:url => @jpd_url + xray_violation_detail_url[xray_violation_detail_url.index('/xray/'),xray_violation_detail_url.length],
|
|
62
62
|
:user => @username,
|
|
63
63
|
:password => @api_key
|
|
64
64
|
).execute do |response, request, result|
|
|
@@ -11,34 +11,16 @@ class JfrogSiemInputTest < Test::Unit::TestCase
|
|
|
11
11
|
end
|
|
12
12
|
|
|
13
13
|
# Default configuration for tests
|
|
14
|
-
# CONFIG = %[
|
|
15
|
-
# tag "partnership.test_tag"
|
|
16
|
-
# jpd_url "https://partnership.jfrog.io/"
|
|
17
|
-
# username "sudhindrar"
|
|
18
|
-
# apikey "AKCp8ihpNg2JE5PV3nRXZQsmMGmzX9VTX6wN51hQBFRC1CXQWzGrKQvFL1tsw7aochjoQXAZq"
|
|
19
|
-
# pos_file "test_pos.txt"
|
|
20
|
-
# wait_interval 30
|
|
21
|
-
# ]
|
|
22
|
-
|
|
23
14
|
CONFIG = %[
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
# tag "jfrog.xray.siem.vulnerabilities"
|
|
34
|
-
# jpd_url "JPDURL"
|
|
35
|
-
# username "admin"
|
|
36
|
-
# apikey "APIKEY"
|
|
37
|
-
# pos_file_path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/"
|
|
38
|
-
# wait_interval 10
|
|
39
|
-
# from_date "2016-01-01"
|
|
40
|
-
# batch_size 25
|
|
41
|
-
# ]
|
|
15
|
+
tag "jfrog.xray.siem.vulnerabilities"
|
|
16
|
+
jpd_url "JPDURL"
|
|
17
|
+
username "admin"
|
|
18
|
+
apikey "APIKEY"
|
|
19
|
+
pos_file_path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/"
|
|
20
|
+
wait_interval 10
|
|
21
|
+
from_date "2016-01-01"
|
|
22
|
+
batch_size 25
|
|
23
|
+
]
|
|
42
24
|
|
|
43
25
|
private
|
|
44
26
|
|
metadata
CHANGED
|
@@ -1,15 +1,16 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fluent-plugin-jfrog-siem
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
|
-
- John Peterson
|
|
8
7
|
- Mahitha Byreddy
|
|
9
|
-
|
|
8
|
+
- Sudhindra Rao
|
|
9
|
+
- Giridharan Ramasamy
|
|
10
|
+
autorequire:
|
|
10
11
|
bindir: bin
|
|
11
12
|
cert_chain: []
|
|
12
|
-
date:
|
|
13
|
+
date: 2022-03-16 00:00:00.000000000 Z
|
|
13
14
|
dependencies:
|
|
14
15
|
- !ruby/object:Gem::Dependency
|
|
15
16
|
name: bundler
|
|
@@ -174,14 +175,14 @@ dependencies:
|
|
|
174
175
|
description: JFrog SIEM fluent input plugin will send the SIEM events from JFrog Xray
|
|
175
176
|
to Fluentd which can then be delivered to whatever output plugin specified
|
|
176
177
|
email:
|
|
177
|
-
- johnp@jfrog.com
|
|
178
178
|
- mahithab@jfrog.com
|
|
179
|
+
- sudhindrar@jfrog.com
|
|
180
|
+
- girir@jfrog.com
|
|
179
181
|
executables: []
|
|
180
182
|
extensions: []
|
|
181
183
|
extra_rdoc_files: []
|
|
182
184
|
files:
|
|
183
185
|
- ".rspec"
|
|
184
|
-
- CHANGELOG.md
|
|
185
186
|
- Gemfile
|
|
186
187
|
- Gemfile.lock
|
|
187
188
|
- LICENSE
|
|
@@ -197,11 +198,11 @@ files:
|
|
|
197
198
|
- spec/xray_spec.rb
|
|
198
199
|
- test/helper.rb
|
|
199
200
|
- test/plugin/test_in_jfrog_siem.rb
|
|
200
|
-
homepage: https://github.com/jfrog/
|
|
201
|
+
homepage: https://github.com/jfrog/fluent-plugin-jfrog-siem
|
|
201
202
|
licenses:
|
|
202
203
|
- Apache-2.0
|
|
203
204
|
metadata: {}
|
|
204
|
-
post_install_message:
|
|
205
|
+
post_install_message:
|
|
205
206
|
rdoc_options: []
|
|
206
207
|
require_paths:
|
|
207
208
|
- lib
|
|
@@ -216,8 +217,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
216
217
|
- !ruby/object:Gem::Version
|
|
217
218
|
version: '0'
|
|
218
219
|
requirements: []
|
|
219
|
-
rubygems_version: 3.
|
|
220
|
-
signing_key:
|
|
220
|
+
rubygems_version: 3.1.6
|
|
221
|
+
signing_key:
|
|
221
222
|
specification_version: 4
|
|
222
223
|
summary: JFrog SIEM fluent input plugin will send the SIEM events from JFrog Xray
|
|
223
224
|
to Fluentd
|
data/CHANGELOG.md
DELETED
|
@@ -1,36 +0,0 @@
|
|
|
1
|
-
# JFrog Fluentd SIEM Input Plugin Changelog
|
|
2
|
-
All changes to the SIEM plugin will be documented in this file.
|
|
3
|
-
|
|
4
|
-
## [1.0.0] - May 18, 2020
|
|
5
|
-
* [BREAKING] Using JFrog API Key for authentication
|
|
6
|
-
|
|
7
|
-
## [0.1.9] - May 17, 2021
|
|
8
|
-
* Handling the case where violations are left in a batch to be processed
|
|
9
|
-
|
|
10
|
-
## [0.1.8] - May 10, 2021
|
|
11
|
-
* Fixing persist, not persist item conditions
|
|
12
|
-
|
|
13
|
-
## [0.1.7] - April 21, 2021
|
|
14
|
-
* Adding policies and rules to payload
|
|
15
|
-
|
|
16
|
-
## [0.1.6] - April 13, 2021
|
|
17
|
-
* Adding additonal parameters to match with access logs for correlation
|
|
18
|
-
|
|
19
|
-
## [0.1.5] - March 29, 2021
|
|
20
|
-
* Normalizing the format of Impacted Artifact, fixing properties not found case
|
|
21
|
-
|
|
22
|
-
## [0.1.4] - February 02, 2021
|
|
23
|
-
* Adding dependencies, gemspec updates
|
|
24
|
-
|
|
25
|
-
## [0.1.3] - January 21, 2021
|
|
26
|
-
* Fixing thread pool issues (moving loop inside a thread pool)
|
|
27
|
-
|
|
28
|
-
## [0.1.2] - November 17, 2020
|
|
29
|
-
* Changes to better README
|
|
30
|
-
|
|
31
|
-
## [0.1.1] - November 17, 2020
|
|
32
|
-
* Adding dependencies to gemspec
|
|
33
|
-
|
|
34
|
-
## [0.1.0] - October 05, 2020
|
|
35
|
-
* Initial release of Jfrog Logs Analytic integration
|
|
36
|
-
|