fluent-plugin-pan-anonymizer 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: e2a2096566adc99fe1643de5c70647c02ee9c8fd
+  data.tar.gz: 6298e53f30b28d786a0a0e63c016d50f07ffe332
+SHA512:
+  metadata.gz: '09d07c442d389a04d1c312fee7b4617bee74f0152a901bbf8bc0fef214d75d726ca0825c9e0087e17e09dc1a4e91b0c120a2c91ad63163773d4bce4001568316'
+  data.tar.gz: 16f0a355f3156c24011fe90bce23036dbd3a9a87f1cc616d14a9b1f7e83beeba79e613f1b7270c019ee7e78c2c77d2e18702b804c075e824fa8b5c079bec95b7

data/.gitignore

@@ -0,0 +1,6 @@
+.ruby-version
+*.gem
+.bundle
+Gemfile.lock
+pkg/*
+vendor/*

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in fluent-plugin-sendgrid-event.gemspec
+gemspec

data/LICENSE

@@ -0,0 +1,13 @@
+Copyright (c) 2018- Kanmu, Inc.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

data/README.md

@@ -0,0 +1,67 @@
+# fluent-plugin-pan-anonymizer
+
+A Fluent filter plugin to anonymize records which have PAN (Primary Account Number = Credit card number). The plugin validates PAN using [Luhn algorithm](https://en.wikipedia.org/wiki/Luhn_algorithm) after matching.
+
+Inspired by [fluent-plugin-anonymizer](https://github.com/y-ken/fluent-plugin-anonymizer).
+
+# Requirements
+
+- fluentd: v0.14.x or later
+- Ruby: 2.4 or later
+
+# Installation
+
+```
+gem install fluent-plugin-pan-anonymizer
+```
+
+# Configuration
+
+NOTE: Card numbers in the example don't exist in the world.
+
+```
+<source>
+  @type dummy
+  tag dummy
+  dummy [
+    {"time": 12345678901234567, "subject": "xxxxxx", "user_inquiry": "hi, my card number is 4019249331712145 !"},
+    {"time": 12345678901234568, "subject": "xxxxxx", "user_inquiry": "hello inquiry code is 4567890123456789"},
+    {"time": 12345678901234569, "subject": "I am 4019 2493 3171 2145", "user_inquiry": "4019-2493-3171-2145 is my number"},
+    {"time": 14019249331712145, "subject": "ユーザーです", "user_inquiry": "４０１９２４９３３１７１２１４５ のカードを使っています"}
+  ]
+</source>
+
+<filter **>
+  @type pan_anonymizer
+  ignore_keys time
+  <pan>
+    formats /4\d{15}/, /４[０-９]{15}/
+    checksum_algorithm luhn
+    mask 9999999999999999
+  </pan>
+  <pan>
+    formats /4\d{3}-\d{4}-\d{4}-\d{4}/, /4\d{3}\s*\d{4}\s*\d{4}\s*\d{4}/
+    checksum_algorithm luhn
+    mask xxxx-xxxx-xxxx-xxxx
+  </pan>
+</filter>
+
+<match **>
+  @type stdout
+</match>
+```
+
+## The result of the example given above
+
+```
+2018-11-13 22:01:35.074963000 +0900 dummy: {"time":12345678901234567,"subject":"xxxxxx","user_inquiry":"hi, my card number is 9999999999999999 !"}
+2018-11-13 22:01:36.001053000 +0900 dummy: {"time":12345678901234568,"subject":"xxxxxx","user_inquiry":"hello inquiry code is 4567890123456789"}
+2018-11-13 22:01:37.021032000 +0900 dummy: {"time":12345678901234569,"subject":"I am xxxx-xxxx-xxxx-xxxx","user_inquiry":"xxxx-xxxx-xxxx-xxxx is my number"}
+2018-11-13 22:01:38.050578000 +0900 dummy: {"time":14019249331712145,"subject":"ユーザーです","user_inquiry":"9999999999999999 のカードを使っています"}
+```
+
+Card numbers were masked with given configuration except `time` key and `4567890123456789` in "hello inquiry code is 4567890123456789". `4567890123456789` is not a valid card number.
+
+# License
+
+Apache License, Version 2.0

data/Rakefile

@@ -0,0 +1,9 @@
+require "bundler/gem_tasks"
+require "rake/testtask"
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+task :default => :test

data/fluent-plugin-pan-anonymizer.gemspec

@@ -0,0 +1,25 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+
+Gem::Specification.new do |spec|
+  spec.name          = "fluent-plugin-pan-anonymizer"
+  spec.version       = "0.0.1"
+  spec.authors       = ["Hiroaki Sano"]
+  spec.email         = ["hiroaki.sano.9stories@gmail.com"]
+
+  spec.summary       = %q{Fluentd filter plugin to anonymize credit card numbers.}
+  spec.homepage      = "https://github.com/kanmu/fluent-plugin-pan-anonymizer"
+  spec.license       = "Apache License, Version 2.0"
+
+  spec.files         = `git ls-files`.split("\n")
+  spec.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  spec.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "test-unit"
+
+  spec.add_runtime_dependency "fluentd", ">= 0.14.0"
+end

data/lib/fluent/plugin/filter_pan_anonymizer.rb

@@ -0,0 +1,44 @@
+require 'fluent/plugin/filter'
+require 'fluent/plugin/pan/masker'
+
+module Fluent::Plugin
+  class PANAnonymizerFilter < Filter
+    Fluent::Plugin.register_filter("pan_anonymizer", self)
+
+    config_section :pan, param_name: :pan_configs, required: true, multi: true do
+      config_param :formats,            :array,  value_type: :regexp, default: []
+      config_param :checksum_algorithm, :enum,   list: Fluent::PAN::Masker::CHECKSUM_FUNC.keys, default: :luhn
+      config_param :mask,               :string, default: "****"
+      config_param :force,              :bool,   default: false
+    end
+    config_param :ignore_keys,          :array,  default: []
+
+    def initialize
+      super
+    end
+
+    def configure(conf)
+      super
+
+      @pan_masker = @pan_configs.map do |i|
+        i[:formats].map do |format|
+          Fluent::PAN::Masker.new(format, i[:checksum_algorithm], i[:mask], i[:force])
+        end
+      end.flatten
+    end
+
+    def filter(tag, time, record)
+      record.map do |key, value|
+        if @ignore_keys.include? key.to_s
+          [key, value]
+        else
+          _value = value
+          @pan_masker.each do |i|
+            _value = i.mask_if_found_pan(_value)
+          end
+          [key, _value]
+        end
+      end.to_h
+    end
+  end
+end

data/lib/fluent/plugin/pan/masker.rb

@@ -0,0 +1,71 @@
+module Fluent::PAN
+  class Masker
+
+    CHECKSUM_FUNC = {
+      luhn: ->(digits){
+        sum = 0
+        alt = false
+        digits.reverse.each do |i|
+          if alt
+            i *= 2
+            if i > 9
+              i -= 9
+            end
+          end
+          sum += i
+          alt = !alt
+        end
+        (sum % 10).zero?
+      },
+      none: ->digits{
+        # Do nothing. always satisfied.
+        true
+      }
+    }
+
+    def initialize(regexp, checksum_algorithm, mask, force=false)
+      @regexp = regexp
+      @mask = mask
+      @force = force
+      @checksum_func = CHECKSUM_FUNC[checksum_algorithm]
+    end
+
+    def mask_if_found_pan(orgval)
+      filtered = orgval.to_s.gsub(@regexp) do |match|
+        pan = match.split("").select { |i| i =~ /\d/ }.map { |j| j.to_i }
+
+        if valid?(pan)
+          match = @mask
+        else
+          match
+        end
+      end
+
+      retval = filtered
+      if orgval.is_a? Integer
+        if numerals_mask?
+          retval = filtered.to_i
+        else
+          if @force
+            retval = filtered
+          else
+            retval = orgval
+          end
+        end
+      end
+      retval
+    end
+
+    def valid?(pan)
+      @checksum_func.call(pan)
+    end
+
+    def numerals_mask?
+      if @mask.to_s =~ /^\d+$/
+        true
+      else
+        false
+      end
+    end
+  end
+end

data/test/helper.rb

@@ -0,0 +1,7 @@
+require 'bundler/setup'
+require 'test/unit'
+
+$LOAD_PATH.unshift(File.join(__dir__, '..', 'lib'))
+$LOAD_PATH.unshift(__dir__)
+require 'fluent/test'
+require 'fluent/test/helpers'

data/test/plugin/test_filter_pan_anonymizer.rb

@@ -0,0 +1,308 @@
+require_relative '../helper'
+require 'fluent/test/driver/filter'
+
+require 'fluent/plugin/filter_pan_anonymizer'
+
+# NOTE: The card number in the test doesn't exist in the world!
+
+class PANAnonymizerFilterTest < Test::Unit::TestCase
+  def setup
+    Fluent::Test::setup
+    @time = Fluent::Engine.now
+  end
+
+  CONFIG = %[
+    <pan>
+      formats /4\\d{15}/
+      checksum_algorithm luhn
+      mask xxxx
+    </pan>
+    <pan>
+      formats /4\\d{15}/
+      checksum_algorithm none
+      mask xxxx
+    </pan>
+    <pan>
+      formats /4019-\\d{4}-\\d{4}-\\d{4}/
+      checksum_algorithm luhn
+      mask xxxx
+    </pan>
+    <pan>
+      formats /4019\\d{10}/, /4019-\\d{4}-\\d{4}-\\d{4}/
+      checksum_algorithm luhn
+      mask xxxx
+    </pan>
+    ignore_keys ignore1, ignore2
+  ]
+
+  def create_driver(conf=CONFIG)
+    Fluent::Test::Driver::Filter.new(Fluent::Plugin::PANAnonymizerFilter).configure(conf)
+  end
+
+  def filter(conf, messages)
+    d = create_driver(conf)
+    d.run(default_tag: 'test') do
+      messages.each do |message|
+        d.feed(message)
+      end
+    end
+    d.filtered_records
+  end
+
+  sub_test_case 'configured with invalid configuration' do
+    test 'empty configuration' do
+      assert_raise(Fluent::ConfigError) do
+        create_driver("")
+      end
+    end
+    test '<pan></pan> is required' do
+      conf = %[
+      ]
+			assert_raise(Fluent::ConfigError) do
+			  create_driver(conf)
+			end
+		end
+    test 'ok if <pan> exists' do
+      conf = %[
+			  <pan>
+			  </pan>
+      ]
+			assert_nothing_raised(Fluent::ConfigError) do
+		    create_driver(conf)
+			end
+    end
+    test 'valid config' do
+      conf = %[
+			  <pan>
+			  	formats /4\d{15}/
+			  	checksum_algorithm luhn
+			  	mask xxxx
+			  </pan>
+        ignore_keys key1, key2
+      ]
+			assert_nothing_raised(Fluent::ConfigError) do
+		    create_driver(conf)
+			end
+    end
+    test 'multi <pan> block' do
+      conf = %[
+			  <pan>
+			  	formats /40192491\d{8}/
+			  	checksum_algorithm luhn
+			  	mask xxxx
+			  </pan>
+			  <pan>
+			  	formats /40192492\d{8}/
+			  	checksum_algorithm luhn
+			  	mask xxxx
+			  </pan>
+        ignore_keys key1, key2
+      ]
+			assert_nothing_raised(Fluent::ConfigError) do
+		    create_driver(conf)
+			end
+		end
+    test 'multi <pan> block with multi formats fields' do
+      conf = %[
+			  <pan>
+			  	formats /40192491\d{8}/, /4019-2491-\d{4}-\d{4}/
+			  	checksum_algorithm luhn
+			  	mask xxxx
+			  </pan>
+			  <pan>
+			  	formats /40192492\d{8}/, /4019-2492-\d{4}-\d{4}/
+			  	checksum_algorithm luhn
+			  	mask xxxx
+			  </pan>
+        ignore_keys key1, key2
+      ]
+			assert_nothing_raised(Fluent::ConfigError) do
+		    create_driver(conf)
+			end
+		end
+	end
+
+  sub_test_case 'normal case' do
+    test "in case of nnnnnnnnnnnnnnnn" do
+      conf = %[
+        <pan>
+          formats /4\\d{15}/
+          checksum_algorithm luhn
+          mask xxxx
+        </pan>
+      ]
+      messages = [
+        {
+          "key": "9994019249331712145999"
+        }
+      ]
+      expected = [
+        {
+          "key": "999xxxx999"
+        }
+      ]
+      filtered = filter(conf, messages)
+      assert_equal(expected, filtered)
+    end
+    test "in case of nnnn-nnnn-nnnn-nnnn" do
+      conf = %[
+        <pan>
+          formats /4\\d{3}-\\d{4}-\\d{4}-\\d{4}/
+          checksum_algorithm luhn
+          mask xxxx
+        </pan>
+      ]
+      messages = [
+        {
+          "key": "9994019-2493-3171-2145999"
+        }
+      ]
+      expected = [
+        {
+          "key": "999xxxx999"
+        }
+      ]
+      filtered = filter(conf, messages)
+      assert_equal(expected, filtered)
+    end
+  end
+
+  sub_test_case 'checksum_algorithm' do
+    test "not be masked if PAN is not satisfied luhn" do
+      conf = %[
+        <pan>
+          formats /4\\d{15}/
+          checksum_algorithm luhn
+          mask xxxx
+        </pan>
+      ]
+      messages = [
+        {
+          "key": "9994019111122223333999"
+        }
+      ]
+      expected = [
+        {
+          "key": "9994019111122223333999"
+        }
+      ]
+      filtered = filter(conf, messages)
+      assert_equal(expected, filtered)
+    end
+    test "be masked if checksum_algorithm is none" do
+      conf = %[
+        <pan>
+          formats /4\\d{15}/
+          checksum_algorithm none
+          mask xxxx
+        </pan>
+      ]
+      messages = [
+        {
+          "key": "9994019111122223333999"
+        }
+      ]
+      expected = [
+        {
+          "key": "999xxxx999"
+        }
+      ]
+      filtered = filter(conf, messages)
+      assert_equal(expected, filtered)
+    end
+  end
+
+  sub_test_case 'integer value' do
+    test "not be masked if mask is string" do
+      conf = %[
+        <pan>
+          formats /4\\d{15}/
+          checksum_algorithm luhn
+          mask xxxx
+        </pan>
+      ]
+      messages = [
+        {
+          "key": 9994019249331712145999
+        }
+      ]
+      expected = [
+        {
+          "key": 9994019249331712145999
+        }
+      ]
+      filtered = filter(conf, messages)
+      assert_equal(expected, filtered)
+    end
+    test "be masked if force flag exists" do
+      conf = %[
+        <pan>
+          formats /4\\d{15}/
+          checksum_algorithm luhn
+          mask xxxx
+          force true
+        </pan>
+      ]
+      messages = [
+        {
+          "key": 9994019249331712145999
+        }
+      ]
+      expected = [
+        {
+          "key": "999xxxx999"
+        }
+      ]
+      filtered = filter(conf, messages)
+      assert_equal(expected, filtered)
+    end
+    test "be masked if mask is integer value" do
+      conf = %[
+        <pan>
+          formats /4\\d{15}/
+          checksum_algorithm luhn
+          mask 1111111111111111
+        </pan>
+      ]
+      messages = [
+        {
+          "key": 9994019249331712145999
+        }
+      ]
+      expected = [
+        {
+          "key": 9991111111111111111999
+        }
+      ]
+      filtered = filter(conf, messages)
+      assert_equal(expected, filtered)
+    end
+  end
+
+  sub_test_case 'ignore keys' do
+    test "not be masked" do
+      conf = %[
+        <pan>
+          formats /4\\d{15}/
+          checksum_algorithm luhn
+          mask 9999999999999999
+        </pan>
+        ignore_keys time
+      ]
+      messages = [
+        {
+          "time": 40192493317121459,
+          "key":  40192493317121459
+        }
+      ]
+      expected = [
+        {
+          "time": 40192493317121459,
+          "key":  99999999999999999
+        }
+      ]
+      filtered = filter(conf, messages)
+      assert_equal(expected, filtered)
+    end
+  end
+end

data/test/plugin/test_pan_masker.rb

@@ -0,0 +1,184 @@
+require 'helper'
+require 'fluent/plugin/pan/masker'
+
+# NOTE: The card number in the test doesn't exist in the world!
+
+class PANMaskerTest < Test::Unit::TestCase
+
+  sub_test_case "valid?" do
+    test "valid digits" do
+      valid_card_number = [4, 0, 1, 9, 2, 4, 9, 3, 3, 1, 7, 1, 2, 1, 4, 5]
+      f = Fluent::PAN::Masker.new(//, :luhn, "")
+      assert_equal(true, f.valid?(valid_card_number))
+    end
+
+    test "invalid digits" do
+      invalid_card_number = [4, 0, 1, 9, 2, 4, 9, 3, 9, 9, 9, 9, 9, 9, 9, 9]
+      f = Fluent::PAN::Masker.new(//, :luhn, "")
+      assert_equal(false, f.valid?(invalid_card_number))
+    end
+
+    test "always true when checksum algorithm is none" do
+      valid_card_number = [4, 0, 1, 9, 2, 4, 9, 3, 3, 1, 7, 1, 2, 1, 4, 5]
+      f = Fluent::PAN::Masker.new(//, :none, "")
+      assert_equal(true, f.valid?(valid_card_number))
+
+      invalid_card_number = [4, 0, 1, 9, 2, 4, 9, 3, 9, 9, 9, 9, 9, 9, 9, 9]
+      f = Fluent::PAN::Masker.new(//, :none, "")
+      assert_equal(true, f.valid?(invalid_card_number))
+
+      invalid_card_number = [9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9, 9]
+      f = Fluent::PAN::Masker.new(//, :none, "")
+      assert_equal(true, f.valid?(invalid_card_number))
+    end
+  end
+
+  sub_test_case "numerals_mask?" do
+    test "true" do
+      mask = 0
+      f = Fluent::PAN::Masker.new(//, :none, mask)
+      assert_equal(true, f.numerals_mask?)
+
+      mask = 00
+      f = Fluent::PAN::Masker.new(//, :none, mask)
+      assert_equal(true, f.numerals_mask?)
+
+      mask = 100
+      f = Fluent::PAN::Masker.new(//, :none, mask)
+      assert_equal(true, f.numerals_mask?)
+
+      mask = "0"
+      f = Fluent::PAN::Masker.new(//, :none, mask)
+      assert_equal(true, f.numerals_mask?)
+
+      mask = "00"
+      f = Fluent::PAN::Masker.new(//, :none, mask)
+      assert_equal(true, f.numerals_mask?)
+
+      mask = "100"
+      f = Fluent::PAN::Masker.new(//, :none, mask)
+      assert_equal(true, f.numerals_mask?)
+    end
+
+    test "false" do
+      mask = "*"
+      f = Fluent::PAN::Masker.new(//, :none, mask)
+      assert_equal(false, f.numerals_mask?)
+
+      mask = "*00"
+      f = Fluent::PAN::Masker.new(//, :none, mask)
+      assert_equal(false, f.numerals_mask?)
+
+      mask = "100*"
+      f = Fluent::PAN::Masker.new(//, :none, mask)
+      assert_equal(false, f.numerals_mask?)
+    end
+  end
+
+  sub_test_case "mask_if_pan_found?" do
+    test "with numerals string mask" do
+      mask = "0000000000000000"
+      f = Fluent::PAN::Masker.new(/4\d{15}/, :luhn, mask)
+
+      filtered = f.mask_if_found_pan("4019249331712145")
+      assert_equal(String, filtered.class)
+      assert_equal("#{mask}", filtered)
+
+      filtered = f.mask_if_found_pan("XXXX4019249331712145XXXX")
+      assert_equal(String, filtered.class)
+      assert_equal("XXXX#{mask}XXXX", filtered)
+
+      filtered = f.mask_if_found_pan(4019249331712145)
+      assert_equal(Integer, filtered.class)
+      assert_equal("#{mask}".to_i, filtered)
+
+      filtered = f.mask_if_found_pan(140192493317121459)
+      assert_equal(Integer, filtered.class)
+      assert_equal("1#{mask}9".to_i, filtered)
+    end
+
+    test "with numerals mask" do
+      mask = 4019111111111111
+      f = Fluent::PAN::Masker.new(/4\d{15}/, :luhn, mask)
+
+      filtered = f.mask_if_found_pan("4019249331712145")
+      assert_equal(String, filtered.class)
+      assert_equal("#{mask}", filtered)
+
+      filtered = f.mask_if_found_pan("XXXX4019249331712145XXXX")
+      assert_equal(String, filtered.class)
+      assert_equal("XXXX#{mask}XXXX", filtered)
+
+      filtered = f.mask_if_found_pan(4019249331712145)
+      assert_equal(Integer, filtered.class)
+      assert_equal("#{mask}".to_i, filtered)
+
+      filtered = f.mask_if_found_pan(140192493317121459)
+      assert_equal(Integer, filtered.class)
+      assert_equal("1#{mask}9".to_i, filtered)
+    end
+
+    test "with 0000000000000000 mask" do
+      mask = 0000000000000000
+      f = Fluent::PAN::Masker.new(/4\d{15}/, :luhn, mask)
+
+      filtered = f.mask_if_found_pan("4019249331712145")
+      assert_equal(String, filtered.class)
+      assert_equal("0", filtered)
+
+      filtered = f.mask_if_found_pan("XXXX4019249331712145XXXX")
+      assert_equal(String, filtered.class)
+      assert_equal("XXXX0XXXX", filtered)
+
+      filtered = f.mask_if_found_pan(4019249331712145)
+      assert_equal(Integer, filtered.class)
+      assert_equal(0, filtered)
+
+      filtered = f.mask_if_found_pan(140192493317121459)
+      assert_equal(Integer, filtered.class)
+      assert_equal(109, filtered)
+    end
+
+    test "with string mask" do
+      mask = "****"
+      f = Fluent::PAN::Masker.new(/4\d{15}/, :luhn, mask)
+
+      filtered = f.mask_if_found_pan("4019249331712145")
+      assert_equal(String, filtered.class)
+      assert_equal("#{mask}", filtered)
+
+      filtered = f.mask_if_found_pan("XXXX4019249331712145XXXX")
+      assert_equal(String, filtered.class)
+      assert_equal("XXXX#{mask}XXXX", filtered)
+
+      filtered = f.mask_if_found_pan(4019249331712145)
+      assert_equal(Integer, filtered.class)
+      assert_equal(4019249331712145, filtered)
+
+      filtered = f.mask_if_found_pan(140192493317121459)
+      assert_equal(Integer, filtered.class)
+      assert_equal(140192493317121459, filtered)
+    end
+
+    test "with string mask and force: true" do
+      mask = "****"
+      f = Fluent::PAN::Masker.new(/4\d{15}/, :luhn, mask, force: true)
+
+      filtered = f.mask_if_found_pan("4019249331712145")
+      assert_equal(String, filtered.class)
+      assert_equal("#{mask}", filtered)
+
+      filtered = f.mask_if_found_pan("XXXX4019249331712145XXXX")
+      assert_equal(String, filtered.class)
+      assert_equal("XXXX#{mask}XXXX", filtered)
+
+      filtered = f.mask_if_found_pan(4019249331712145)
+      assert_equal(String, filtered.class)
+      assert_equal("#{mask}", filtered)
+
+      filtered = f.mask_if_found_pan(140192493317121459)
+      assert_equal(String, filtered.class)
+      assert_equal("1#{mask}9", filtered)
+    end
+  end
+end

metadata

@@ -0,0 +1,114 @@
+--- !ruby/object:Gem::Specification
+name: fluent-plugin-pan-anonymizer
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Hiroaki Sano
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2018-11-14 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: test-unit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: fluentd
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.14.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.14.0
+description: 
+email:
+- hiroaki.sano.9stories@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- fluent-plugin-pan-anonymizer.gemspec
+- lib/fluent/plugin/filter_pan_anonymizer.rb
+- lib/fluent/plugin/pan/masker.rb
+- test/helper.rb
+- test/plugin/test_filter_pan_anonymizer.rb
+- test/plugin/test_pan_masker.rb
+homepage: https://github.com/kanmu/fluent-plugin-pan-anonymizer
+licenses:
+- Apache License, Version 2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.14.1
+signing_key: 
+specification_version: 4
+summary: Fluentd filter plugin to anonymize credit card numbers.
+test_files:
+- test/helper.rb
+- test/plugin/test_filter_pan_anonymizer.rb
+- test/plugin/test_pan_masker.rb