fluent-plugin-netflow 1.0.0.rc2 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/README.md +14 -4
- data/VERSION +1 -1
- data/fluent-plugin-netflow.gemspec +0 -1
- data/lib/fluent/plugin/in_netflow.rb +5 -1
- data/lib/fluent/plugin/netflow_records.rb +3 -2
- data/lib/fluent/plugin/parser_netflow.rb +10 -1
- metadata +5 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: f1fd86450ab2ad4b1c125ee6b58e7aa1fceb80778d0fd693ab5b1192b8de9b28
|
|
4
|
+
data.tar.gz: c9aadcfb6475585c180baaff51732672cc67fdde183a0dc41827192bc0fecddc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3e44e5a9d7d1e672e88c99e2df9ea21d851fb6b30323a6aa1b9573d5cef5e71c5c6feeefdfac85ab1288f3c6946e7df04d92c5076686518c0da71a59a4a6478f
|
|
7
|
+
data.tar.gz: 22f41cd759942b12a6aedf19d6b4a9c6dbfa2565609c42aa432930fd0d9d56d9572c5d57458b0e9c1e9513e7d8c84348955c904749f77dc0ab06496f46cccf14
|
data/README.md
CHANGED
|
@@ -7,6 +7,13 @@
|
|
|
7
7
|
|
|
8
8
|
[Fluentd](http://fluentd.org/) input plugin that acts as Netflow v5/v9 collector.
|
|
9
9
|
|
|
10
|
+
## Requirements
|
|
11
|
+
|
|
12
|
+
| fluent-plugin-netflow | fluentd | ruby |
|
|
13
|
+
|------------------------|---------|------|
|
|
14
|
+
| >= 1.0.0 | >= v0.14.0 | >= 2.1 |
|
|
15
|
+
| < 1.0.0 | >= v0.12.0 | >= 1.9 |
|
|
16
|
+
|
|
10
17
|
|
|
11
18
|
## Installation
|
|
12
19
|
|
|
@@ -58,10 +65,13 @@ When set to true, the plugin stores system uptime for ```first_switched``` and `
|
|
|
58
65
|
|
|
59
66
|
YAML file containing Netflow field definitions to overfide pre-defined templates. Example is like below
|
|
60
67
|
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
68
|
+
```yaml
|
|
69
|
+
---
|
|
70
|
+
option:
|
|
71
|
+
4: # field value
|
|
72
|
+
- :uint8 # field length
|
|
73
|
+
- :protocol # field type
|
|
74
|
+
```
|
|
65
75
|
|
|
66
76
|
|
|
67
77
|
## Performance Evaluation
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.1.0
|
|
@@ -9,7 +9,6 @@ Gem::Specification.new do |gem|
|
|
|
9
9
|
gem.version = File.read("VERSION").strip
|
|
10
10
|
gem.authors = ["Masahiro Nakagawa"]
|
|
11
11
|
gem.email = "repeatedly@gmail.com"
|
|
12
|
-
gem.has_rdoc = false
|
|
13
12
|
#gem.platform = Gem::Platform::RUBY
|
|
14
13
|
gem.license = 'Apache License (2.0)'
|
|
15
14
|
gem.files = `git ls-files`.split("\n")
|
|
@@ -38,6 +38,10 @@ module Fluent::Plugin
|
|
|
38
38
|
end
|
|
39
39
|
config_param :max_bytes, :integer, default: 2048
|
|
40
40
|
|
|
41
|
+
def multi_workers_ready?
|
|
42
|
+
true
|
|
43
|
+
end
|
|
44
|
+
|
|
41
45
|
def configure(conf)
|
|
42
46
|
super
|
|
43
47
|
|
|
@@ -68,7 +72,7 @@ module Fluent::Plugin
|
|
|
68
72
|
end
|
|
69
73
|
|
|
70
74
|
record['host'] = host
|
|
71
|
-
router.emit(@tag, time, record)
|
|
75
|
+
router.emit(@tag, Integer(time), record)
|
|
72
76
|
}
|
|
73
77
|
rescue => e
|
|
74
78
|
log.warn "unexpected error on parsing", data: data.dump, error_class: e.class, error: e.message
|
|
@@ -133,8 +133,9 @@ module Fluent
|
|
|
133
133
|
uint16 :field_type
|
|
134
134
|
uint16 :field_length
|
|
135
135
|
end
|
|
136
|
-
|
|
137
|
-
|
|
136
|
+
# 10 is byte length of fields. flowset_id, floset_length, template_id, option_scope_length, option_length
|
|
137
|
+
skip length: lambda { flowset_length - 10 - templates[0][:scope_length] - templates[0][:option_length] }
|
|
138
|
+
end
|
|
138
139
|
end
|
|
139
140
|
|
|
140
141
|
class Netflow9PDU < BinData::Record
|
|
@@ -40,7 +40,16 @@ module Fluent
|
|
|
40
40
|
if @definitions
|
|
41
41
|
raise Fluent::ConfigError, "definitions file #{@definitions} doesn't exist" unless File.exist?(@definitions)
|
|
42
42
|
begin
|
|
43
|
-
|
|
43
|
+
template_fields_custom = YAML.load_file(@definitions)
|
|
44
|
+
if template_fields_custom.first.last.is_a?(Array) # compatibility for older definition files
|
|
45
|
+
@template_fields['option'].merge!(template_fields_custom)
|
|
46
|
+
else
|
|
47
|
+
@template_fields.each do |key, _|
|
|
48
|
+
if template_fields_custom.key?(key)
|
|
49
|
+
@template_fields[key].merge!(template_fields_custom[key])
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
end
|
|
44
53
|
rescue => e
|
|
45
54
|
raise Fluent::ConfigError, "Bad syntax in definitions file #{@definitions}, error_class = #{e.class.name}, error = #{e.message}"
|
|
46
55
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fluent-plugin-netflow
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Masahiro Nakagawa
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-06-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: fluentd
|
|
@@ -120,12 +120,11 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
120
120
|
version: '0'
|
|
121
121
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
122
122
|
requirements:
|
|
123
|
-
- - "
|
|
123
|
+
- - ">="
|
|
124
124
|
- !ruby/object:Gem::Version
|
|
125
|
-
version:
|
|
125
|
+
version: '0'
|
|
126
126
|
requirements: []
|
|
127
|
-
|
|
128
|
-
rubygems_version: 2.6.11
|
|
127
|
+
rubygems_version: 3.1.6
|
|
129
128
|
signing_key:
|
|
130
129
|
specification_version: 4
|
|
131
130
|
summary: Netflow plugin for Fluentd
|