fluent-plugin-netflow 1.0.0.rc2 → 1.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/README.md +14 -4
- data/VERSION +1 -1
- data/fluent-plugin-netflow.gemspec +0 -1
- data/lib/fluent/plugin/in_netflow.rb +5 -1
- data/lib/fluent/plugin/netflow_records.rb +3 -2
- data/lib/fluent/plugin/parser_netflow.rb +10 -1
- metadata +5 -6
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: f1fd86450ab2ad4b1c125ee6b58e7aa1fceb80778d0fd693ab5b1192b8de9b28
|
4
|
+
data.tar.gz: c9aadcfb6475585c180baaff51732672cc67fdde183a0dc41827192bc0fecddc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3e44e5a9d7d1e672e88c99e2df9ea21d851fb6b30323a6aa1b9573d5cef5e71c5c6feeefdfac85ab1288f3c6946e7df04d92c5076686518c0da71a59a4a6478f
|
7
|
+
data.tar.gz: 22f41cd759942b12a6aedf19d6b4a9c6dbfa2565609c42aa432930fd0d9d56d9572c5d57458b0e9c1e9513e7d8c84348955c904749f77dc0ab06496f46cccf14
|
data/README.md
CHANGED
@@ -7,6 +7,13 @@
|
|
7
7
|
|
8
8
|
[Fluentd](http://fluentd.org/) input plugin that acts as Netflow v5/v9 collector.
|
9
9
|
|
10
|
+
## Requirements
|
11
|
+
|
12
|
+
| fluent-plugin-netflow | fluentd | ruby |
|
13
|
+
|------------------------|---------|------|
|
14
|
+
| >= 1.0.0 | >= v0.14.0 | >= 2.1 |
|
15
|
+
| < 1.0.0 | >= v0.12.0 | >= 1.9 |
|
16
|
+
|
10
17
|
|
11
18
|
## Installation
|
12
19
|
|
@@ -58,10 +65,13 @@ When set to true, the plugin stores system uptime for ```first_switched``` and `
|
|
58
65
|
|
59
66
|
YAML file containing Netflow field definitions to overfide pre-defined templates. Example is like below
|
60
67
|
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
68
|
+
```yaml
|
69
|
+
---
|
70
|
+
option:
|
71
|
+
4: # field value
|
72
|
+
- :uint8 # field length
|
73
|
+
- :protocol # field type
|
74
|
+
```
|
65
75
|
|
66
76
|
|
67
77
|
## Performance Evaluation
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.1.0
|
@@ -9,7 +9,6 @@ Gem::Specification.new do |gem|
|
|
9
9
|
gem.version = File.read("VERSION").strip
|
10
10
|
gem.authors = ["Masahiro Nakagawa"]
|
11
11
|
gem.email = "repeatedly@gmail.com"
|
12
|
-
gem.has_rdoc = false
|
13
12
|
#gem.platform = Gem::Platform::RUBY
|
14
13
|
gem.license = 'Apache License (2.0)'
|
15
14
|
gem.files = `git ls-files`.split("\n")
|
@@ -38,6 +38,10 @@ module Fluent::Plugin
|
|
38
38
|
end
|
39
39
|
config_param :max_bytes, :integer, default: 2048
|
40
40
|
|
41
|
+
def multi_workers_ready?
|
42
|
+
true
|
43
|
+
end
|
44
|
+
|
41
45
|
def configure(conf)
|
42
46
|
super
|
43
47
|
|
@@ -68,7 +72,7 @@ module Fluent::Plugin
|
|
68
72
|
end
|
69
73
|
|
70
74
|
record['host'] = host
|
71
|
-
router.emit(@tag, time, record)
|
75
|
+
router.emit(@tag, Integer(time), record)
|
72
76
|
}
|
73
77
|
rescue => e
|
74
78
|
log.warn "unexpected error on parsing", data: data.dump, error_class: e.class, error: e.message
|
@@ -133,8 +133,9 @@ module Fluent
|
|
133
133
|
uint16 :field_type
|
134
134
|
uint16 :field_length
|
135
135
|
end
|
136
|
-
|
137
|
-
|
136
|
+
# 10 is byte length of fields. flowset_id, floset_length, template_id, option_scope_length, option_length
|
137
|
+
skip length: lambda { flowset_length - 10 - templates[0][:scope_length] - templates[0][:option_length] }
|
138
|
+
end
|
138
139
|
end
|
139
140
|
|
140
141
|
class Netflow9PDU < BinData::Record
|
@@ -40,7 +40,16 @@ module Fluent
|
|
40
40
|
if @definitions
|
41
41
|
raise Fluent::ConfigError, "definitions file #{@definitions} doesn't exist" unless File.exist?(@definitions)
|
42
42
|
begin
|
43
|
-
|
43
|
+
template_fields_custom = YAML.load_file(@definitions)
|
44
|
+
if template_fields_custom.first.last.is_a?(Array) # compatibility for older definition files
|
45
|
+
@template_fields['option'].merge!(template_fields_custom)
|
46
|
+
else
|
47
|
+
@template_fields.each do |key, _|
|
48
|
+
if template_fields_custom.key?(key)
|
49
|
+
@template_fields[key].merge!(template_fields_custom[key])
|
50
|
+
end
|
51
|
+
end
|
52
|
+
end
|
44
53
|
rescue => e
|
45
54
|
raise Fluent::ConfigError, "Bad syntax in definitions file #{@definitions}, error_class = #{e.class.name}, error = #{e.message}"
|
46
55
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: fluent-plugin-netflow
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Masahiro Nakagawa
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-06-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: fluentd
|
@@ -120,12 +120,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
120
120
|
version: '0'
|
121
121
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
122
122
|
requirements:
|
123
|
-
- - "
|
123
|
+
- - ">="
|
124
124
|
- !ruby/object:Gem::Version
|
125
|
-
version:
|
125
|
+
version: '0'
|
126
126
|
requirements: []
|
127
|
-
|
128
|
-
rubygems_version: 2.6.11
|
127
|
+
rubygems_version: 3.1.6
|
129
128
|
signing_key:
|
130
129
|
specification_version: 4
|
131
130
|
summary: Netflow plugin for Fluentd
|