fluent-plugin-nginx-nap-decode 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7c6bc5c9e6662d0a5e99daceaf98327957f455b7bc70b1f9fbff451aa1942fa9
|
|
4
|
+
data.tar.gz: 20a6b04d2e619121301a55abc7b579d954d57816117c84a4213f034a5b7fab5a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e5142a5f9ca2317db77187db2e7b047b766ab78f6d0a703cee6f80124371b4bb5c29f40725b3d535661957fc8341b35f1d81ec18bf36f92dfe8784e276dfcec7
|
|
7
|
+
data.tar.gz: 52ce8896cd051667e9c53dc8f091ee17de746ee6f642bc1df2a4f06674ba2ef8e8f79cf3d61c7bea3ba325ea850ab88e0df85bd192f8ee098b50460623ae0518
|
|
@@ -3,7 +3,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
|
3
3
|
|
|
4
4
|
Gem::Specification.new do |spec|
|
|
5
5
|
spec.name = "fluent-plugin-nginx-nap-decode"
|
|
6
|
-
spec.version = "1.0.
|
|
6
|
+
spec.version = "1.0.2"
|
|
7
7
|
spec.authors = ["Kostas Skenderidis"]
|
|
8
8
|
spec.email = ["skenderidis@gmail.com"]
|
|
9
9
|
|
|
@@ -86,7 +86,7 @@ module Fluent
|
|
|
86
86
|
when 'VIOL_COOKIE_LENGTH', 'VIOL_HEADER_LENGTH', 'VIOL_URL_METACHAR'
|
|
87
87
|
record['violations']['observedEntity']['name-decode']=Base64.decode64(record['violations']['observedEntity']['name']) #base64 decode
|
|
88
88
|
|
|
89
|
-
when 'VIOL_PARAMETER_VALUE_METACHAR', 'VIOL_PARAMETER_DATA_TYPE', 'VIOL_PARAMETER_NUMERIC_VALUE', 'VIOL_PARAMETER_VALUE_LENGTH', 'VIOL_PARAMETER_ARRAY_VALUE', 'VIOL_PARAMETER_LOCATION', 'VIOL_PARAMETER_STATIC_VALUE'
|
|
89
|
+
when 'VIOL_PARAMETER_VALUE_METACHAR', 'VIOL_PARAMETER_NAME_METACHAR', 'VIOL_PARAMETER_DATA_TYPE', 'VIOL_PARAMETER_NUMERIC_VALUE', 'VIOL_PARAMETER_VALUE_LENGTH', 'VIOL_PARAMETER_ARRAY_VALUE', 'VIOL_PARAMETER_LOCATION', 'VIOL_PARAMETER_STATIC_VALUE'
|
|
90
90
|
record['violations']['observedEntity']['value-decode']=Base64.decode64(record['violations']['observedEntity']['value']) #base64 decode
|
|
91
91
|
# If parameter is explicit then the NAP does NOT provide the "observedEntity". This creates a problem with reporting later on, so we added the record "name"
|
|
92
92
|
# Notes: Why is parameters an array!!
|
|
@@ -116,7 +116,10 @@ module Fluent
|
|
|
116
116
|
if record['violations']['observedEntity']['scope']=="parameter"
|
|
117
117
|
record['violations']['observedEntity']['name-decode']=Base64.decode64(record['violations']['observedEntity']['name']) #base64 decode
|
|
118
118
|
record['violations']['observedEntity']['value-decode']=Base64.decode64(record['violations']['observedEntity']['value']) #base64 decode
|
|
119
|
-
|
|
119
|
+
|
|
120
|
+
record['violations']['snippet']['buffer-decode']=Base64.decode64(record['violations']['snippet']['buffer']) if record['violations'].has_key?('snippet')
|
|
121
|
+
|
|
122
|
+
end
|
|
120
123
|
end
|
|
121
124
|
record
|
|
122
125
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: fluent-plugin-nginx-nap-decode
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Kostas Skenderidis
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-04-
|
|
11
|
+
date: 2024-04-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: fluentd
|
|
@@ -42,7 +42,6 @@ files:
|
|
|
42
42
|
- LICENSE
|
|
43
43
|
- README.md
|
|
44
44
|
- Rakefile
|
|
45
|
-
- fluent-plugin-nginx-nap-decode-0.4.64.gem
|
|
46
45
|
- fluent-plugin-nginx-nap-decode.gemspec
|
|
47
46
|
- lib/fluent/plugin/filter_nginx_nap_decode.rb
|
|
48
47
|
- publish.md
|
|
Binary file
|