fluent-plugin-parser-winevt_xml 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ee87b2aba2bb075ae2eccb709a087e7f1f9aa68c4ea7d888e4028a0440878e3c
|
4
|
+
data.tar.gz: 5cc6013edc37cc5a1e38afafea4c7c67f5bfea7b199a75a13cf7997a619d61e7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 70b3c74b625a4e2f5bc559623f108a1f9fd60317d630ba62be89df35b31149338ec663b40bf1722f94bbae5e95452938aa7a3d784675e3d943f417dc2fd3cb26
|
7
|
+
data.tar.gz: 4c8a1a359397d56af43e944377c8a88933809a22e0804a0bd85dc7d9d32a85ffdc749ed41a16ff04394b80f09fa49565b8af62e8199bf8b7a56df9837c06632d
|
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
4
4
|
|
5
5
|
Gem::Specification.new do |spec|
|
6
6
|
spec.name = "fluent-plugin-parser-winevt_xml"
|
7
|
-
spec.version = "0.1.
|
7
|
+
spec.version = "0.1.1"
|
8
8
|
spec.authors = ["Hiroshi Hatake", "Masahiro Nakagawa"]
|
9
9
|
spec.email = ["cosmo0920.oucc@gmail.com", "repeatedly@gmail.com"]
|
10
10
|
spec.summary = %q{Fluentd Parser plugin to parse XML rendered windows event log.}
|
@@ -26,7 +26,7 @@ module Fluent::Plugin
|
|
26
26
|
record["Computer"] = (system_elem/"Computer").text rescue nil
|
27
27
|
record["UserID"] = (system_elem/'Security').attribute("UserID").text rescue nil
|
28
28
|
record["Version"] = (system_elem/'Version').text rescue nil
|
29
|
-
record["
|
29
|
+
record["InsertStrings"] = [] # These parameters are processed in winevt_c.
|
30
30
|
time = @estimate_current_event ? Fluent::EventTime.now : nil
|
31
31
|
yield time, record
|
32
32
|
end
|
@@ -33,7 +33,7 @@ class WinevtXMLparserTest < Test::Unit::TestCase
|
|
33
33
|
"Computer" => "Fluentd-Developing-Windows",
|
34
34
|
"UserID" => nil,
|
35
35
|
"Version" => "2",
|
36
|
-
"
|
36
|
+
"InsertStrings" => []}
|
37
37
|
d.instance.parse(xml) do |time, record|
|
38
38
|
assert_equal(expected, record)
|
39
39
|
end
|