fluent-plugin-jfrog-siem 2.0.6 → 2.0.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/fluent-plugin-jfrog-siem.gemspec +1 -1
  3. data/lib/fluent/plugin/test_violations.rb +421 -0
  4. data/lib/fluent/plugin/xray.rb +199 -195
  5. data/test/plugin/test_in_jfrog_siem.rb +41 -41
  6. metadata +7 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fa44f9a815aa280de6977f666e2da6ea8be2bae24cc8c7365430cbfd6bc3496b
4
- data.tar.gz: ad2eec36ca931720158e21e9abcf7d99e4c32618365ef300ca465df59339e307
3
+ metadata.gz: 1de86065fece9f251b49bc69e3ae44fce255f3ea1362cbc6f1397a8d4fd01581
4
+ data.tar.gz: dbeb11c0337e979bfdbb8ba8b7f5df89868f479f1aec9c57cbe4271ade6b7859
5
5
  SHA512:
6
- metadata.gz: f7cca01dc886183ad29fb99151f0c25f56900cce252f4c17eb88c5a4ec2e9c4dc9571049540b2dc5e1d36b5db612f4ee347d063e6c26a3d2506586a35b04ebf0
7
- data.tar.gz: 7691c4e9dd2bdb3c6df6e562bd497842de79b086c46f28af0924b19c021350effa2b382e3cb8ab948af1a30ea6a52e470ba4467e4e9adcea38157fde9cb65dde
6
+ metadata.gz: 55e58bbb623f54ed8099541b2fc0b28ff609e2693af9d2ae405ecfc55f7c41cbe42acaea3532294e69ef76391d745a159dc1bf0e4c174ca3f90efe215f60be83
7
+ data.tar.gz: b1b2a632f52a89156c46e362b065aea36dc53dc82aeb68e1283857071a779c7b743d962e5d448edf282041a5daba37fae6a4a80459e01929a3febb08d2824e3a
data/fluent-plugin-jfrog-siem.gemspec CHANGED
@@ -3,7 +3,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
3
3
 
4
4
  Gem::Specification.new do |spec|
5
5
  spec.name = "fluent-plugin-jfrog-siem"
6
- spec.version = "2.0.6"
6
+ spec.version = "2.0.7"
7
7
  spec.authors = ["Mahitha Byreddy", "Sudhindra Rao","Giridharan Ramasamy"]
8
8
  spec.email = ["mahithab@jfrog.com", "sudhindrar@jfrog.com", "girir@jfrog.com"]
9
9
 
data/lib/fluent/plugin/test_violations.rb ADDED
@@ -0,0 +1,421 @@
1
+
2
+ def get_violations_details_test()
3
+ response = '{
4
+ "violation_id": "1710136527020015616",
5
+ "description": "Root access could be granted to a stranger",
6
+ "summary": "Custom issue 1",
7
+ "severity": "High",
8
+ "type": "Security",
9
+ "provider": "MB",
10
+ "infected_components": [
11
+ "generic://sha256:242fe18ca64a362e4088096447c8f815fb2aa2c569c5f342de1c82318eb4973a/artifact_1.zip"
12
+ ],
13
+ "created": "2023-10-06T03:34:55Z",
14
+ "watch_name": "test_all-repositories_7005086_security",
15
+ "matched_policies": [
16
+ {
17
+ "policy": "test_security_policy_7005086",
18
+ "rule": "securityRule",
19
+ "is_blocking": false
20
+ }
21
+ ],
22
+ "issue_id": "XRAYS1-artifact_1.zip7005086",
23
+ "properties": [
24
+ {
25
+ "cve": "CVE-2018-2000568",
26
+ "cvss_v2": "5.0/CVSS:2.0/AV:N/AC:L/Au:N/C:N/I:P/A:N"
27
+ }
28
+ ],
29
+ "impacted_artifacts": [
30
+ "mw-maven-repository-manager/inhouse_snapshot/com/mathworks/team/recruiting/recruiting/2.41.3-SNAPSHOT/recruiting-2.41.3-20230920.193355-4.war"
31
+ ],
32
+ "applicability": null
33
+ }'
34
+ resp_obj = JSON.parse(response)
35
+ return resp_obj
36
+ end
37
+
38
+ def get_violations_test()
39
+ response = '{
40
+ "total_violations":54,
41
+ "violations":[
42
+ {
43
+ "description":"Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a org.apache.struts.taglib.html.Constants.CANCEL parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check.",
44
+ "severity":"High",
45
+ "type":"Security",
46
+ "infected_components":[
47
+ "gav://struts:struts:1.1"
48
+ ],
49
+ "created":"2021-06-16T21:22:18Z",
50
+ "watch_name":"maven-watch1",
51
+ "issue_id":"XRAY-55418",
52
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=ff9cf61f42a095cd97ea0ec0&issue_id=XRAY-55418&comp_id=gav:%2F%2Fstruts:struts:1.1",
53
+ "impacted_artifacts":[
54
+ "mw-maven-repository-manager/inhouse_snapshot/com/mathworks/team/recruiting/recruiting/2.41.3-SNAPSHOT/recruiting-2.41.3-20230920.193355-4.war"
55
+ ]
56
+ },
57
+ {
58
+ "description":"The Apache Software License, Version 1.1",
59
+ "severity":"High",
60
+ "type":"License",
61
+ "infected_components":[
62
+ "gav://struts:struts:1.1"
63
+ ],
64
+ "created":"2021-06-16T21:22:18Z",
65
+ "watch_name":"license-watch",
66
+ "issue_id":"Apache-1.1",
67
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=b241c1986818d68993093e35&issue_id=Apache-1.1&comp_id=gav:%2F%2Fstruts:struts:1.1",
68
+ "impacted_artifacts":[
69
+ "default/maven-repo-1/struts/struts/1.1/struts-1.1.jar"
70
+ ]
71
+ },
72
+ {
73
+ "description":"The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter.",
74
+ "severity":"High",
75
+ "type":"Security",
76
+ "infected_components":[
77
+ "gav://struts:struts:1.1"
78
+ ],
79
+ "created":"2021-06-16T21:22:18Z",
80
+ "watch_name":"maven-watch1",
81
+ "issue_id":"XRAY-55648",
82
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=ff9cf61f42a095cd97ea0ec0&issue_id=XRAY-55648&comp_id=gav:%2F%2Fstruts:struts:1.1",
83
+ "impacted_artifacts":[
84
+ "default/maven-repo-1/struts/struts/1.1/struts-1.1.jar"
85
+ ]
86
+ },
87
+ {
88
+ "description":"Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to \"insufficient quoting of parameters.\"",
89
+ "severity":"Medium",
90
+ "type":"Security",
91
+ "infected_components":[
92
+ "gav://struts:struts:1.1"
93
+ ],
94
+ "created":"2021-06-16T21:22:18Z",
95
+ "watch_name":"maven-watch1",
96
+ "issue_id":"XRAY-55444",
97
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=ff9cf61f42a095cd97ea0ec0&issue_id=XRAY-55444&comp_id=gav:%2F%2Fstruts:struts:1.1",
98
+ "impacted_artifacts":[
99
+ "default/maven-repo-1/struts/struts/1.1/struts-1.1.jar"
100
+ ]
101
+ },
102
+ {
103
+ "description":"Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message.",
104
+ "severity":"Medium",
105
+ "type":"Security",
106
+ "infected_components":[
107
+ "gav://struts:struts:1.1"
108
+ ],
109
+ "created":"2021-06-16T21:22:18Z",
110
+ "watch_name":"maven-watch1",
111
+ "issue_id":"XRAY-55420",
112
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=ff9cf61f42a095cd97ea0ec0&issue_id=XRAY-55420&comp_id=gav:%2F%2Fstruts:struts:1.1",
113
+ "impacted_artifacts":[
114
+ "default/maven-repo-1/struts/struts/1.1/struts-1.1.jar"
115
+ ]
116
+ },
117
+ {
118
+ "description":"ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.",
119
+ "severity":"High",
120
+ "type":"Security",
121
+ "infected_components":[
122
+ "gav://struts:struts:1.1"
123
+ ],
124
+ "created":"2021-06-16T21:22:18Z",
125
+ "watch_name":"maven-watch1",
126
+ "issue_id":"XRAY-55419",
127
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=ff9cf61f42a095cd97ea0ec0&issue_id=XRAY-55419&comp_id=gav:%2F%2Fstruts:struts:1.1",
128
+ "impacted_artifacts":[
129
+ "default/maven-repo-1/struts/struts/1.1/struts-1.1.jar"
130
+ ]
131
+ },
132
+ {
133
+ "description":"The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter.",
134
+ "severity":"High",
135
+ "type":"Security",
136
+ "infected_components":[
137
+ "gav://struts:struts:1.2.4"
138
+ ],
139
+ "created":"2021-06-16T21:22:27Z",
140
+ "watch_name":"maven-watch-2",
141
+ "issue_id":"XRAY-55648",
142
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2a3ee020bf1a86b84d122c0c&issue_id=XRAY-55648&comp_id=gav:%2F%2Fstruts:struts:1.2.4",
143
+ "impacted_artifacts":[
144
+ "default/maven-repo-2/struts/struts/1.2.4/struts-1.2.4.jar"
145
+ ]
146
+ },
147
+ {
148
+ "description":"ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.",
149
+ "severity":"High",
150
+ "type":"Security",
151
+ "infected_components":[
152
+ "gav://struts:struts:1.2.4"
153
+ ],
154
+ "created":"2021-06-16T21:22:27Z",
155
+ "watch_name":"maven-watch-2",
156
+ "issue_id":"XRAY-55419",
157
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2a3ee020bf1a86b84d122c0c&issue_id=XRAY-55419&comp_id=gav:%2F%2Fstruts:struts:1.2.4",
158
+ "impacted_artifacts":[
159
+ "default/maven-repo-2/struts/struts/1.2.4/struts-1.2.4.jar"
160
+ ]
161
+ },
162
+ {
163
+ "description":"Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message.",
164
+ "severity":"Medium",
165
+ "type":"Security",
166
+ "infected_components":[
167
+ "gav://struts:struts:1.2.4"
168
+ ],
169
+ "created":"2021-06-16T21:22:27Z",
170
+ "watch_name":"maven-watch-2",
171
+ "issue_id":"XRAY-55420",
172
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2a3ee020bf1a86b84d122c0c&issue_id=XRAY-55420&comp_id=gav:%2F%2Fstruts:struts:1.2.4",
173
+ "impacted_artifacts":[
174
+ "default/maven-repo-2/struts/struts/1.2.4/struts-1.2.4.jar"
175
+ ]
176
+ },
177
+ {
178
+ "description":"The Apache Software License, Version 2.0",
179
+ "severity":"High",
180
+ "type":"License",
181
+ "infected_components":[
182
+ "gav://struts:struts:1.2.4"
183
+ ],
184
+ "created":"2021-06-16T21:22:27Z",
185
+ "watch_name":"license-watch",
186
+ "issue_id":"Apache-2.0",
187
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=b241c1986818d68993093e35&issue_id=Apache-2.0&comp_id=gav:%2F%2Fstruts:struts:1.2.4",
188
+ "impacted_artifacts":[
189
+ "default/maven-repo-2/struts/struts/1.2.4/struts-1.2.4.jar"
190
+ ]
191
+ },
192
+ {
193
+ "description":"Cross-site scripting (XSS) vulnerability in Apache Struts before 1.2.9-162.31.1 on SUSE Linux Enterprise (SLE) 11, before 1.2.9-108.2 on SUSE openSUSE 10.3, before 1.2.9-198.2 on SUSE openSUSE 11.0, and before 1.2.9-162.163.2 on SUSE openSUSE 11.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to \"insufficient quoting of parameters.\"",
194
+ "severity":"Medium",
195
+ "type":"Security",
196
+ "infected_components":[
197
+ "gav://struts:struts:1.2.4"
198
+ ],
199
+ "created":"2021-06-16T21:22:27Z",
200
+ "watch_name":"maven-watch-2",
201
+ "issue_id":"XRAY-55444",
202
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2a3ee020bf1a86b84d122c0c&issue_id=XRAY-55444&comp_id=gav:%2F%2Fstruts:struts:1.2.4",
203
+ "impacted_artifacts":[
204
+ "default/maven-repo-2/struts/struts/1.2.4/struts-1.2.4.jar"
205
+ ]
206
+ },
207
+ {
208
+ "description":"Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a org.apache.struts.taglib.html.Constants.CANCEL parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check.",
209
+ "severity":"High",
210
+ "type":"Security",
211
+ "infected_components":[
212
+ "gav://struts:struts:1.2.4"
213
+ ],
214
+ "created":"2021-06-16T21:22:27Z",
215
+ "watch_name":"maven-watch-2",
216
+ "issue_id":"XRAY-55418",
217
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2a3ee020bf1a86b84d122c0c&issue_id=XRAY-55418&comp_id=gav:%2F%2Fstruts:struts:1.2.4",
218
+ "impacted_artifacts":[
219
+ "default/maven-repo-2/struts/struts/1.2.4/struts-1.2.4.jar"
220
+ ]
221
+ },
222
+ {
223
+ "description":"Unicode Terms of Use",
224
+ "severity":"High",
225
+ "type":"License",
226
+ "infected_components":[
227
+ "gav://org.apache.struts:struts2-core:2.0.9"
228
+ ],
229
+ "created":"2021-06-16T21:22:37Z",
230
+ "watch_name":"license-watch",
231
+ "issue_id":"Unicode-TOU",
232
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=b241c1986818d68993093e35&issue_id=Unicode-TOU&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
233
+ "impacted_artifacts":[
234
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
235
+ ]
236
+ },
237
+ {
238
+ "description":"BSD 3-Clause \"New\" or \"Revised\" License",
239
+ "severity":"High",
240
+ "type":"License",
241
+ "infected_components":[
242
+ "gav://org.apache.struts:struts2-core:2.0.9"
243
+ ],
244
+ "created":"2021-06-16T21:22:37Z",
245
+ "watch_name":"license-watch",
246
+ "issue_id":"BSD-3-Clause",
247
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=b241c1986818d68993093e35&issue_id=BSD-3-Clause&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
248
+ "impacted_artifacts":[
249
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
250
+ ]
251
+ },
252
+ {
253
+ "description":"The Apache Software License, Version 2.0",
254
+ "severity":"High",
255
+ "type":"License",
256
+ "infected_components":[
257
+ "gav://org.apache.struts:struts2-core:2.0.9"
258
+ ],
259
+ "created":"2021-06-16T21:22:37Z",
260
+ "watch_name":"license-watch",
261
+ "issue_id":"Apache-2.0",
262
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=b241c1986818d68993093e35&issue_id=Apache-2.0&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
263
+ "impacted_artifacts":[
264
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
265
+ ]
266
+ },
267
+ {
268
+ "description":"The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the \"#\" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504.",
269
+ "severity":"Medium",
270
+ "type":"Security",
271
+ "infected_components":[
272
+ "gav://org.apache.struts:struts2-core:2.0.9"
273
+ ],
274
+ "created":"2021-06-16T21:22:37Z",
275
+ "watch_name":"maven-watch-3",
276
+ "issue_id":"XRAY-55471",
277
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2c5ecab8172f24086f4b3bf4&issue_id=XRAY-55471&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
278
+ "impacted_artifacts":[
279
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
280
+ ]
281
+ },
282
+ {
283
+ "description":"Academic Free License v2.1",
284
+ "severity":"High",
285
+ "type":"License",
286
+ "infected_components":[
287
+ "gav://org.apache.struts:struts2-core:2.0.9"
288
+ ],
289
+ "created":"2021-06-16T21:22:37Z",
290
+ "watch_name":"license-watch",
291
+ "issue_id":"AFL-2.1",
292
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=b241c1986818d68993093e35&issue_id=AFL-2.1&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
293
+ "impacted_artifacts":[
294
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
295
+ ]
296
+ },
297
+ {
298
+ "description":"ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) references to context objects, which allows remote attackers to execute Object-Graph Navigation Language (OGNL) statements and modify server-side context objects, as demonstrated by use of a \\u0023 representation for the # character.",
299
+ "severity":"Medium",
300
+ "type":"Security",
301
+ "infected_components":[
302
+ "gav://org.apache.struts:struts2-core:2.0.9"
303
+ ],
304
+ "created":"2021-06-16T21:22:38Z",
305
+ "watch_name":"maven-watch-3",
306
+ "issue_id":"XRAY-55446",
307
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2c5ecab8172f24086f4b3bf4&issue_id=XRAY-55446&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
308
+ "impacted_artifacts":[
309
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
310
+ ]
311
+ },
312
+ {
313
+ "description":"Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via vectors associated with improper handling of (1) \" (double quote) characters in the href attribute of an s:a tag and (2) parameters in the action attribute of an s:url tag.",
314
+ "severity":"Medium",
315
+ "type":"Security",
316
+ "infected_components":[
317
+ "gav://org.apache.struts:struts2-core:2.0.9"
318
+ ],
319
+ "created":"2021-06-16T21:22:38Z",
320
+ "watch_name":"maven-watch-3",
321
+ "issue_id":"XRAY-55448",
322
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2c5ecab8172f24086f4b3bf4&issue_id=XRAY-55448&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
323
+ "impacted_artifacts":[
324
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
325
+ ]
326
+ },
327
+ {
328
+ "description":"Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.",
329
+ "severity":"Critical",
330
+ "type":"Security",
331
+ "infected_components":[
332
+ "gav://org.apache.struts:struts2-core:2.0.9"
333
+ ],
334
+ "created":"2021-06-16T21:22:38Z",
335
+ "watch_name":"maven-watch-3",
336
+ "issue_id":"XRAY-129844",
337
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2c5ecab8172f24086f4b3bf4&issue_id=XRAY-129844&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
338
+ "impacted_artifacts":[
339
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
340
+ ]
341
+ },
342
+ {
343
+ "description":"The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.",
344
+ "severity":"High",
345
+ "type":"Security",
346
+ "infected_components":[
347
+ "gav://org.apache.struts:struts2-core:2.0.9"
348
+ ],
349
+ "created":"2021-06-16T21:22:38Z",
350
+ "watch_name":"maven-watch-3",
351
+ "issue_id":"XRAY-55522",
352
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2c5ecab8172f24086f4b3bf4&issue_id=XRAY-55522&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
353
+ "impacted_artifacts":[
354
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
355
+ ]
356
+ },
357
+ {
358
+ "description":"Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both \"${}\" and \"%{}\" sequences, which causes the OGNL code to be evaluated twice.",
359
+ "severity":"High",
360
+ "type":"Security",
361
+ "infected_components":[
362
+ "gav://org.apache.struts:struts2-core:2.0.9"
363
+ ],
364
+ "created":"2021-06-16T21:22:38Z",
365
+ "watch_name":"maven-watch-3",
366
+ "issue_id":"XRAY-55575",
367
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2c5ecab8172f24086f4b3bf4&issue_id=XRAY-55575&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
368
+ "impacted_artifacts":[
369
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
370
+ ]
371
+ },
372
+ {
373
+ "description":"Apache Struts JSP Page Handling Unspecified XSS",
374
+ "severity":"Medium",
375
+ "type":"Security",
376
+ "infected_components":[
377
+ "gav://org.apache.struts:struts2-core:2.0.9"
378
+ ],
379
+ "created":"2021-06-16T21:22:38Z",
380
+ "watch_name":"maven-watch-3",
381
+ "issue_id":"XRAY-81164",
382
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2c5ecab8172f24086f4b3bf4&issue_id=XRAY-81164&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
383
+ "impacted_artifacts":[
384
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
385
+ ]
386
+ },
387
+ {
388
+ "description":"Apache Struts <s:textfield> Tag <s:include> Handling XSS",
389
+ "severity":"Medium",
390
+ "type":"Security",
391
+ "infected_components":[
392
+ "gav://org.apache.struts:struts2-core:2.0.9"
393
+ ],
394
+ "created":"2021-06-16T21:22:38Z",
395
+ "watch_name":"maven-watch-3",
396
+ "issue_id":"XRAY-81187",
397
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2c5ecab8172f24086f4b3bf4&issue_id=XRAY-81187&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
398
+ "impacted_artifacts":[
399
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
400
+ ]
401
+ },
402
+ {
403
+ "description":"Apache Struts EL / OGNL Interpretation Unspecified Remote Code Execution",
404
+ "severity":"High",
405
+ "type":"Security",
406
+ "infected_components":[
407
+ "gav://org.apache.struts:struts2-core:2.0.9"
408
+ ],
409
+ "created":"2021-06-16T21:22:38Z",
410
+ "watch_name":"maven-watch-3",
411
+ "issue_id":"XRAY-87424",
412
+ "violation_details_url":"http://localhost:8046/xray/api/v1/violations?watch_id=2c5ecab8172f24086f4b3bf4&issue_id=XRAY-87424&comp_id=gav:%2F%2Forg.apache.struts:struts2-core:2.0.9",
413
+ "impacted_artifacts":[
414
+ "default/maven-repo-3/org/apache/struts/struts2-core/2.0.9/struts2-core-2.0.9.jar"
415
+ ]
416
+ }
417
+ ]
418
+ }'
419
+ resp_obj = JSON.parse(response)
420
+ return resp_obj
421
+ end
data/lib/fluent/plugin/xray.rb CHANGED
@@ -1,195 +1,199 @@
1
- require 'concurrent'
2
- require 'concurrent-edge'
3
- require 'json'
4
- require "fluent/plugin/position_file"
5
-
6
- class Xray
7
- def initialize(jpd_url, username, api_key, token, wait_interval, batch_size, pos_file_path, router, tag)
8
- @jpd_url = jpd_url
9
- @username = username
10
- @api_key = api_key
11
- @token = token
12
- @wait_interval = wait_interval
13
- @batch_size = batch_size
14
- @pos_file_path = pos_file_path
15
- @router = router
16
- @tag = tag
17
- end
18
-
19
- def violations(date_since)
20
- violations_channel = Concurrent::Channel.new(capacity: @batch_size)
21
- page_number = 1
22
- timer_task = Concurrent::TimerTask.new(execution_interval: @wait_interval, timeout_interval: 30) do
23
- xray_json = {"filters": { "created_from": date_since }, "pagination": {"order_by": "created","limit": @batch_size ,"offset": page_number } }
24
- puts "Fetching Xray Violations with #{xray_json} parameters"
25
- resp = get_violations(xray_json)
26
- page_violation_count = resp['violations'].length
27
- puts "Total violations count is #{resp['total_violations']}"
28
- if resp['total_violations'] > 0
29
- puts "Number of Violations in page #{page_number} are #{page_violation_count}"
30
- resp['violations'].each {|v| violations_channel = process(v, violations_channel) }
31
- page_number += 1 if next_page?(page_violation_count)
32
- end
33
- end
34
- timer_task.execute
35
-
36
- violations_channel
37
- end
38
-
39
- def violation_details(violations_channel)
40
- violations_channel.each do |v|
41
- Concurrent::Promises.future(v) do |v|
42
- process_violation_details(v['violation_details_url'])
43
- pos_file = PositionFile.new(@pos_file_path)
44
- puts "Adding issue #{v['issue_id']} to position file at #{@pos_file_path}"
45
- pos_file.write(v)
46
- end
47
- end
48
- end
49
-
50
- def process_violation_details(xray_violation_detail_url)
51
- begin
52
- detailResp_json = data_normalization(get_violations_detail(xray_violation_detail_url))
53
- time = Fluent::Engine.now
54
- puts "Emitting normalized Xray Violation #{detailResp_json['issue_id']}"
55
- @router.emit(@tag, time, detailResp_json)
56
- rescue => e
57
- puts "Process Violation details error: #{e}"
58
- raise Fluent::ConfigError, "Process Violation details error: #{e}"
59
- end
60
- end
61
-
62
- def get_violations_detail(xray_violation_detail_url)
63
- if !@token.nil? && @token != ''
64
- response = RestClient::Request.new(
65
- :method => :get,
66
- :url => @jpd_url + xray_violation_detail_url[xray_violation_detail_url.index('/xray/'),xray_violation_detail_url.length],
67
- :headers => { :accept => :json, :content_type => :json, Authorization:'Bearer ' + @token }
68
- )
69
- elsif !@api_key.nil? && @api_key != ''
70
- response = RestClient::Request.new(
71
- :method => :get,
72
- :url => @jpd_url + xray_violation_detail_url[xray_violation_detail_url.index('/xray/'),xray_violation_detail_url.length],
73
- :user => @username,
74
- :password => @api_key
75
- )
76
- end
77
-
78
- response.execute do |response, request, result|
79
- case response.code
80
- when 200
81
- return JSON.parse(response.to_s)
82
- else
83
- puts "Validation failed error (cannot reach Artifactory to pull Xray Violation details): #{response.to_json}"
84
- raise Fluent::ConfigError, "Validation failed error (cannot reach Artifactory to pull Xray Violation details): #{response.to_json}"
85
- end
86
- end
87
- end
88
-
89
- def data_normalization(detailResp_json)
90
- cve = []
91
- cvss_v2_list = []
92
- cvss_v3_list = []
93
- policy_list = []
94
- rule_list = []
95
- impacted_artifact_url_list = []
96
- if detailResp_json.key?('properties')
97
- properties = detailResp_json['properties']
98
- for index in 0..properties.length-1 do
99
- if properties[index].key?('cve')
100
- cve.push(properties[index]['cve'])
101
- end
102
- if properties[index].key?('cvss_v2')
103
- cvss_v2_list.push(properties[index]['cvss_v2'])
104
- end
105
- if properties[index].key?('cvss_v3')
106
- cvss_v3_list.push(properties[index]['cvss_v3'])
107
- end
108
- end
109
-
110
- detailResp_json["cve"] = cve.sort.reverse[0]
111
- cvss_v2 = cvss_v2_list.sort.reverse[0]
112
- cvss_v3 = cvss_v3_list.sort.reverse[0]
113
- if !cvss_v3.nil?
114
- cvss = cvss_v3
115
- elsif !cvss_v2.nil?
116
- cvss = cvss_v2
117
- end
118
- cvss_score = cvss[0..2]
119
- cvss_version = cvss.split(':')[1][0..2]
120
- detailResp_json["cvss_score"] = cvss_score
121
- detailResp_json["cvss_version"] = cvss_version
122
- end
123
-
124
- if detailResp_json.key?('matched_policies')
125
- matched_policies = detailResp_json['matched_policies']
126
- for index in 0..matched_policies.length-1 do
127
- if matched_policies[index].key?('policy')
128
- policy_list.push(matched_policies[index]['policy'])
129
- end
130
- if matched_policies[index].key?('rule')
131
- rule_list.push(matched_policies[index]['rule'])
132
- end
133
- end
134
- detailResp_json['policies'] = policy_list
135
- detailResp_json['rules'] = rule_list
136
- end
137
-
138
- detailResp_json['impacted_artifacts'].each do |impacted_artifact|
139
- matchdata = impacted_artifact.match /default\/(?<repo_name>[^\/]*)\/(?<path>.*)/
140
- impacted_artifact_url = matchdata['repo_name'] + ":" + matchdata['path'] + " "
141
- impacted_artifact_url_list.append(impacted_artifact_url)
142
- end
143
- detailResp_json['impacted_artifacts_url'] = impacted_artifact_url_list
144
- return detailResp_json
145
- end
146
-
147
- def process(violation, violations_channel)
148
- pos_file = PositionFile.new(@pos_file_path)
149
- unless pos_file.processed?(violation)
150
- violations_channel << violation
151
- else
152
- puts "Violation #{violation['issue_id']} is already processed"
153
- end
154
- #violations_channel << violation unless pos_file.processed?(violation)
155
- violations_channel
156
- end
157
-
158
- private
159
- def get_violations(xray_json)
160
- if !@token.nil? && @token != ''
161
- puts "Validating JPD access token and fetching violations"
162
- response = RestClient::Request.new(
163
- :method => :post,
164
- :url => @jpd_url + "/xray/api/v1/violations",
165
- :payload => xray_json.to_json,
166
- :headers => { :accept => :json, :content_type => :json, Authorization:'Bearer ' + @token }
167
- )
168
- elsif !@api_key.nil? && @api_key != ''
169
- puts "Validating JPD API Key and fetching violations"
170
- response = RestClient::Request.new(
171
- :method => :post,
172
- :url => @jpd_url + "/xray/api/v1/violations",
173
- :payload => xray_json.to_json,
174
- :user => @username,
175
- :password => @api_key,
176
- :headers => { :accept => :json, :content_type => :json }
177
- )
178
- end
179
- response.execute do |response, request, result|
180
- case response.code
181
- when 200
182
- return JSON.parse(response.to_str)
183
- else
184
- puts "Validation failed error (cannot reach Artifactory to pull Xray Violations): #{response.to_json}"
185
- raise Fluent::ConfigError, "Validation failed error (cannot reach Artifactory to pull Xray Violations): #{response.to_json}"
186
- end
187
- end
188
- end
189
-
190
- def next_page?(count)
191
- count == @batch_size
192
- end
193
-
194
- end
195
-
1
+ require 'concurrent'
2
+ require 'concurrent-edge'
3
+ require 'json'
4
+ require "fluent/plugin/position_file"
5
+
6
+ class Xray
7
+ def initialize(jpd_url, username, api_key, token, wait_interval, batch_size, pos_file_path, router, tag)
8
+ @jpd_url = jpd_url
9
+ @username = username
10
+ @api_key = api_key
11
+ @token = token
12
+ @wait_interval = wait_interval
13
+ @batch_size = batch_size
14
+ @pos_file_path = pos_file_path
15
+ @router = router
16
+ @tag = tag
17
+ end
18
+
19
+ def violations(date_since)
20
+ violations_channel = Concurrent::Channel.new(capacity: @batch_size)
21
+ page_number = 1
22
+ timer_task = Concurrent::TimerTask.new(execution_interval: @wait_interval, timeout_interval: 30) do
23
+ xray_json = {"filters": { "created_from": date_since }, "pagination": {"order_by": "created","limit": @batch_size ,"offset": page_number } }
24
+ puts "Fetching Xray Violations with #{xray_json} parameters"
25
+ resp = get_violations(xray_json)
26
+ page_violation_count = resp['violations'].length
27
+ puts "Total violations count is #{resp['total_violations']}"
28
+ if resp['total_violations'] > 0
29
+ puts "Number of Violations in page #{page_number} are #{page_violation_count}"
30
+ resp['violations'].each {|v| violations_channel = process(v, violations_channel) }
31
+ page_number += 1 if next_page?(page_violation_count)
32
+ end
33
+ end
34
+ timer_task.execute
35
+
36
+ violations_channel
37
+ end
38
+
39
+ def violation_details(violations_channel)
40
+ violations_channel.each do |v|
41
+ Concurrent::Promises.future(v) do |v|
42
+ process_violation_details(v['violation_details_url'])
43
+ pos_file = PositionFile.new(@pos_file_path)
44
+ puts "Adding issue #{v['issue_id']} to position file at #{@pos_file_path}"
45
+ pos_file.write(v)
46
+ end
47
+ end
48
+ end
49
+
50
+ def process_violation_details(xray_violation_detail_url)
51
+ begin
52
+ detailResp_json = data_normalization(get_violations_detail(xray_violation_detail_url))
53
+ time = Fluent::Engine.now
54
+ puts "Emitting normalized Xray Violation #{detailResp_json['issue_id']}"
55
+ @router.emit(@tag, time, detailResp_json)
56
+ rescue => e
57
+ puts "Process Violation details error: #{e}"
58
+ raise Fluent::ConfigError, "Process Violation details error: #{e}"
59
+ end
60
+ end
61
+
62
+ def get_violations_detail(xray_violation_detail_url)
63
+ if !@token.nil? && @token != ''
64
+ response = RestClient::Request.new(
65
+ :method => :get,
66
+ :url => @jpd_url + xray_violation_detail_url[xray_violation_detail_url.index('/xray/'),xray_violation_detail_url.length],
67
+ :headers => { :accept => :json, :content_type => :json, Authorization:'Bearer ' + @token }
68
+ )
69
+ elsif !@api_key.nil? && @api_key != ''
70
+ response = RestClient::Request.new(
71
+ :method => :get,
72
+ :url => @jpd_url + xray_violation_detail_url[xray_violation_detail_url.index('/xray/'),xray_violation_detail_url.length],
73
+ :user => @username,
74
+ :password => @api_key
75
+ )
76
+ end
77
+
78
+ response.execute do |response, request, result|
79
+ case response.code
80
+ when 200
81
+ return JSON.parse(response.to_s)
82
+ else
83
+ puts "Validation failed error (cannot reach Artifactory to pull Xray Violation details): #{response.to_json}"
84
+ raise Fluent::ConfigError, "Validation failed error (cannot reach Artifactory to pull Xray Violation details): #{response.to_json}"
85
+ end
86
+ end
87
+ end
88
+
89
+ def data_normalization(detailResp_json)
90
+ cve = []
91
+ cvss_v2_list = []
92
+ cvss_v3_list = []
93
+ policy_list = []
94
+ rule_list = []
95
+ impacted_artifact_url_list = []
96
+ if detailResp_json.key?('properties')
97
+ properties = detailResp_json['properties']
98
+ for index in 0..properties.length-1 do
99
+ if properties[index].key?('cve')
100
+ cve.push(properties[index]['cve'])
101
+ end
102
+ if properties[index].key?('cvss_v2')
103
+ cvss_v2_list.push(properties[index]['cvss_v2'])
104
+ end
105
+ if properties[index].key?('cvss_v3')
106
+ cvss_v3_list.push(properties[index]['cvss_v3'])
107
+ end
108
+ end
109
+
110
+ detailResp_json["cve"] = cve.sort.reverse[0]
111
+ cvss_v2 = cvss_v2_list.sort.reverse[0]
112
+ cvss_v3 = cvss_v3_list.sort.reverse[0]
113
+ if !cvss_v3.nil?
114
+ cvss = cvss_v3
115
+ elsif !cvss_v2.nil?
116
+ cvss = cvss_v2
117
+ end
118
+ cvss_score = cvss[0..2]
119
+ cvss_version = cvss.split(':')[1][0..2]
120
+ detailResp_json["cvss_score"] = cvss_score
121
+ detailResp_json["cvss_version"] = cvss_version
122
+ end
123
+
124
+ if detailResp_json.key?('matched_policies')
125
+ matched_policies = detailResp_json['matched_policies']
126
+ for index in 0..matched_policies.length-1 do
127
+ if matched_policies[index].key?('policy')
128
+ policy_list.push(matched_policies[index]['policy'])
129
+ end
130
+ if matched_policies[index].key?('rule')
131
+ rule_list.push(matched_policies[index]['rule'])
132
+ end
133
+ end
134
+ detailResp_json['policies'] = policy_list
135
+ detailResp_json['rules'] = rule_list
136
+ end
137
+
138
+ detailResp_json['impacted_artifacts'].each do |impacted_artifact|
139
+ matchdata = impacted_artifact.match /default\/(?<repo_name>[^\/]*)\/(?<path>.*)/
140
+ if matchdata
141
+ impacted_artifact_url = matchdata['repo_name'] + ":" + matchdata['path'] + " "
142
+ impacted_artifact_url_list.append(impacted_artifact_url)
143
+ else
144
+ impacted_artifact_url_list.append(impacted_artifact)
145
+ end
146
+ end
147
+ detailResp_json['impacted_artifacts_url'] = impacted_artifact_url_list
148
+ return detailResp_json
149
+ end
150
+
151
+ def process(violation, violations_channel)
152
+ pos_file = PositionFile.new(@pos_file_path)
153
+ unless pos_file.processed?(violation)
154
+ violations_channel << violation
155
+ else
156
+ puts "Violation #{violation['issue_id']} is already processed"
157
+ end
158
+ #violations_channel << violation unless pos_file.processed?(violation)
159
+ violations_channel
160
+ end
161
+
162
+ private
163
+ def get_violations(xray_json)
164
+ if !@token.nil? && @token != ''
165
+ puts "Validating JPD access token and fetching violations"
166
+ response = RestClient::Request.new(
167
+ :method => :post,
168
+ :url => @jpd_url + "/xray/api/v1/violations",
169
+ :payload => xray_json.to_json,
170
+ :headers => { :accept => :json, :content_type => :json, Authorization:'Bearer ' + @token }
171
+ )
172
+ elsif !@api_key.nil? && @api_key != ''
173
+ puts "Validating JPD API Key and fetching violations"
174
+ response = RestClient::Request.new(
175
+ :method => :post,
176
+ :url => @jpd_url + "/xray/api/v1/violations",
177
+ :payload => xray_json.to_json,
178
+ :user => @username,
179
+ :password => @api_key,
180
+ :headers => { :accept => :json, :content_type => :json }
181
+ )
182
+ end
183
+ response.execute do |response, request, result|
184
+ case response.code
185
+ when 200
186
+ return JSON.parse(response.to_str)
187
+ else
188
+ puts "Validation failed error (cannot reach Artifactory to pull Xray Violations): #{response.to_json}"
189
+ raise Fluent::ConfigError, "Validation failed error (cannot reach Artifactory to pull Xray Violations): #{response.to_json}"
190
+ end
191
+ end
192
+ end
193
+
194
+ def next_page?(count)
195
+ count == @batch_size
196
+ end
197
+
198
+ end
199
+
data/test/plugin/test_in_jfrog_siem.rb CHANGED
@@ -1,41 +1,41 @@
1
- require "helper"
2
- require "fluent/plugin/in_jfrog_siem.rb"
3
-
4
- class JfrogSiemInputTest < Test::Unit::TestCase
5
- setup do
6
- Fluent::Test.setup
7
- end
8
-
9
- test "failure" do
10
- #flunk
11
- end
12
-
13
- # Default configuration for tests
14
- CONFIG = %[
15
- tag "jfrog.xray.siem.vulnerabilities"
16
- jpd_url "JPDURL"
17
- username "admin"
18
- apikey "APIKEY"
19
- pos_file_path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/"
20
- wait_interval 10
21
- from_date "2016-01-01"
22
- batch_size 25
23
- ]
24
-
25
- private
26
-
27
- def create_driver(conf = CONFIG)
28
- Fluent::Test::Driver::Input.new(Fluent::Plugin::JfrogSiemInput).configure(conf)
29
- end
30
-
31
- sub_test_case 'Testing' do
32
- test 'Testing plugin in_jfrog_siem' do
33
- d = create_driver(CONFIG)
34
- begin
35
- d.run
36
- rescue => e
37
- raise "Test failed due to #{e}"
38
- end
39
- end
40
- end
41
- end
1
+ require "helper"
2
+ require "fluent/plugin/in_jfrog_siem.rb"
3
+
4
+ class JfrogSiemInputTest < Test::Unit::TestCase
5
+ setup do
6
+ Fluent::Test.setup
7
+ end
8
+
9
+ test "failure" do
10
+ #flunk
11
+ end
12
+
13
+ # Default configuration for tests
14
+ CONFIG = %[
15
+ tag "jfrog.xray.siem.vulnerabilities"
16
+ jpd_url "JPDURL"
17
+ username "admin"
18
+ apikey "APIKEY"
19
+ pos_file_path "#{ENV['JF_PRODUCT_DATA_INTERNAL']}/log/"
20
+ wait_interval 10
21
+ from_date "2016-01-01"
22
+ batch_size 25
23
+ ]
24
+
25
+ private
26
+
27
+ def create_driver(conf = CONFIG)
28
+ Fluent::Test::Driver::Input.new(Fluent::Plugin::JfrogSiemInput).configure(conf)
29
+ end
30
+
31
+ sub_test_case 'Testing' do
32
+ test 'Testing plugin in_jfrog_siem' do
33
+ d = create_driver(CONFIG)
34
+ begin
35
+ d.run
36
+ rescue => e
37
+ raise "Test failed due to #{e}"
38
+ end
39
+ end
40
+ end
41
+ end
metadata CHANGED
@@ -1,16 +1,16 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: fluent-plugin-jfrog-siem
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.6
4
+ version: 2.0.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mahitha Byreddy
8
8
  - Sudhindra Rao
9
9
  - Giridharan Ramasamy
10
- autorequire:
10
+ autorequire:
11
11
  bindir: bin
12
12
  cert_chain: []
13
- date: 2023-03-10 00:00:00.000000000 Z
13
+ date: 2023-10-23 00:00:00.000000000 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: bundler
@@ -203,6 +203,7 @@ files:
203
203
  - fluent-plugin-jfrog-siem.gemspec
204
204
  - lib/fluent/plugin/in_jfrog_siem.rb
205
205
  - lib/fluent/plugin/position_file.rb
206
+ - lib/fluent/plugin/test_violations.rb
206
207
  - lib/fluent/plugin/violations.json
207
208
  - lib/fluent/plugin/xray.rb
208
209
  - spec/position_file_spec.rb
@@ -214,7 +215,7 @@ homepage: https://github.com/jfrog/fluent-plugin-jfrog-siem
214
215
  licenses:
215
216
  - Apache-2.0
216
217
  metadata: {}
217
- post_install_message:
218
+ post_install_message:
218
219
  rdoc_options: []
219
220
  require_paths:
220
221
  - lib
@@ -229,8 +230,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
229
230
  - !ruby/object:Gem::Version
230
231
  version: '0'
231
232
  requirements: []
232
- rubygems_version: 3.0.3.1
233
- signing_key:
233
+ rubygems_version: 3.1.6
234
+ signing_key:
234
235
  specification_version: 4
235
236
  summary: JFrog SIEM fluent input plugin will send the SIEM events from JFrog Xray
236
237
  to Fluentd