fluent-plugin-port_to_service 0.1.3

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 3a303afeb1a7730be1393142b0d0f9984109fb68
+  data.tar.gz: 8803ef0f7f7976485deedf63577e1243eedd2452
+SHA512:
+  metadata.gz: 52ab5ec5595fc117ca1ab3e0db988097658dd4e1db4b3a838bfb8ef987ed033be3198b19adbc34c109fab22e20a18c4d297bd4949e246c05c9c06d8e250ede7f
+  data.tar.gz: c297bf29621745a867f566b2697fd74298b3acb5eba02320fe7f5e7d1362c004545f036dad254b910b57bb5ed5c29c9038b4389c4d5b276e792f7b66386828ca

data/.gitignore

@@ -0,0 +1,55 @@
+*.gem
+*.rbc
+/.config
+/coverage/
+/InstalledFiles
+/pkg/
+/spec/reports/
+/spec/examples.txt
+test/*.db
+/test/tmp/
+/test/version_tmp/
+/tmp/
+
+## Created with script/db-build.sh
+lib/fluent/plugin/port_to_service.db
+lib/fluent/plugin/port_to_service.sql
+
+# Used by dotenv library to load environment variables.
+# .env
+
+## Specific to RubyMotion:
+.dat*
+.repl_history
+build/
+*.bridgesupport
+build-iPhoneOS/
+build-iPhoneSimulator/
+
+## Specific to RubyMotion (use of CocoaPods):
+#
+# We recommend against adding the Pods directory to your .gitignore. However
+# you should judge for yourself, the pros and cons are mentioned at:
+# https://guides.cocoapods.org/using/using-cocoapods.html#should-i-check-the-pods-directory-into-source-control
+#
+# vendor/Pods/
+
+## Documentation cache and generated files:
+/.yardoc/
+/_yardoc/
+/doc/
+/rdoc/
+
+## Environment normalization:
+/.bundle/
+/vendor/bundle
+/lib/bundler/man/
+
+# for a library or gem, you might want to ignore these files since the code is
+# intended to run in multiple environments; otherwise, check them in:
+Gemfile.lock
+.ruby-version
+.ruby-gemset
+
+# unless supporting rvm < 1.11.0 or doing something fancy, ignore this:
+.rvmrc

data/.travis.yml

@@ -0,0 +1,11 @@
+language: ruby
+sudo: required
+
+before_install:
+  - sudo apt-get update
+  - sudo apt-get install -y sqlite3
+  - gem update --system
+  - gem install bundler
+  - gem install fluentd
+  - gem install sqlite3
+  - sqlite3 test/test_port_to_service.db < test/test_port_to_service.sql

data/Gemfile

@@ -0,0 +1,3 @@
+source "https://rubygems.org"
+
+gemspec

data/LICENSE

@@ -0,0 +1,24 @@
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <http://unlicense.org>

data/README.md

@@ -0,0 +1,111 @@
+# Fluent::Plugin::PortToService
+[![Build Status](https://travis-ci.org/cpedro/fluent-plugin-port_to_service.svg?branch=master)](https://travis-ci.org/cpedro/fluent-plugin-port_to_service)
+[![Gem Version](https://badge.fury.io/rb/fluent-plugin-port_to_service.svg)](https://badge.fury.io/rb/fluent-plugin-port_to_service)
+
+## Overview
+
+[Fluentd](http://fluentd.org/) filter plugin to map TCP/UDP ports to service
+names. Values are stored in a [SQLite](https://sqlite.org/index.html) database
+for simplicity.
+
+## Requirements
+| fluent-plugin-port_to_service | fluentd    | ruby   | sqlite3  |
+| ----------------------------- | ---------- | ------ | -------- |
+| > 0.0.9                       | >= v0.14.0 | >= 2.1 | >= 1.3.7 |
+
+## Dependency
+
+Before use, install dependant libraries, namely sqlite3.
+
+```bash
+# for RHEL/CentOS
+$ sudo yum groupinstall "Development Tools"
+$ sudo yum install sqlite sqlite-devel
+
+# for Ubuntu/Debian
+$ sudo apt-get install build-essential
+$ sudo apt-get install sqlite3 libsqlite3-dev
+
+# for MacOS
+$ brew install sqlite3
+```
+
+## Installation
+
+Use RubyGems to install sqlite3 first, then copy plugin over.
+install with `gem` or td-agent provided command as:
+
+```bash
+# for fluentd
+$ gem install sqlite3
+
+# for td-agent
+$ sudo fluent-gem install sqlite3
+
+# for td-agent2
+$ sudo td-agent-gem install sqlite3
+```
+
+## Configuration
+
+```conf
+<filter **>
+  @type port_to_service
+
+  # Required parameters
+  path          /etc/td-agent/plugin/port_to_service.db
+
+  # Optional parameters
+  port_key      port
+  protocol_key  protocol
+  service_key   service
+</filter>
+```
+
+If the following record is passed in:
+```json
+{"protocol": "tcp", "port": "22", "foo": "bar"}
+```
+
+The filtered record will be:
+```json
+{"protocol": "tcp", "port": "22", "service": "ssh", "foo": "bar"}
+```
+
+## SQLite3 Database Setup
+
+The plugin requires a SQLite database to be built. The database just needs a
+single table called `services` with 3 **mandatory** columns:
+* `port` - Integer
+* `protocol` - Text
+* `service` - Text
+
+You can also add a primary key, `id`, but it's only required for posterity.
+
+Example:
+```bash
+$ sqlite3 /etc/td-agent/plugin/port_to_service.db
+sqlite> CREATE TABLE services(id INTEGER PRIMARY KEY, port INTEGER, protocol TEXT, service TEXT);
+sqlite> INSERT INTO services(port, protocol, service) VALUES (22, 'tcp', 'ssh');
+...
+```
+
+Alternatively, there is a script provided that parses `/etc/services` and
+creates the required database with the services.  This should be run from the
+fluent-plugin-port_to_service directory and creates the the SQLite database
+at `lib/fluent/plugin/port_to_service.db`.  The SQL to create the database will
+be in `lib/fluent/plugin/port_to_service.sql`.
+
+```bash
+$ pwd
+/path/to/fluent-plugin-port_to_service
+$ script/db-build.sh
+```
+
+## Copyright
+​
+Copyright(c) 2019- [Chris Pedro](https://chris.thepedros.com/)
+
+## License
+
+[The Unlicense](https://unlicense.org/)

data/Rakefile

@@ -0,0 +1,13 @@
+require "bundler"
+Bundler::GemHelper.install_tasks
+
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs.push("lib", "test")
+  t.test_files = FileList["test/**/test_*.rb"]
+  t.verbose = true
+  t.warning = true
+end
+
+task default: [:test]

data/bin/fluent-plugin-port_to_service_build_db

@@ -0,0 +1,40 @@
+#!/usr/bin/env ruby
+
+require 'sqlite3'
+
+services_f = "/etc/services"
+db_path = ARGV[0]
+
+# Sanity checks
+raise "Must provide database filename to write to." unless db_path
+raise "File #{services_f} must exist on system." unless File.file?(services_f)
+
+# Delete database if it exists, and create a new one.
+File.delete(db_path) if File.file?(db_path)
+db = ::SQLite3::Database.new db_path
+db.execute <<SQL
+CREATE TABLE services(
+  id INTEGER PRIMARY KEY,
+  port INTEGER,
+  protocol TEXT,
+  service TEXT);
+SQL
+
+insert = "INSERT INTO services(port, protocol, service) VALUES (?, ?, ?);"
+# Loop through services file and insert entries into database.
+File.open(services_f, "r") do |file_handle|
+  file_handle.each_line do |line|
+    next if line =~ /^[#\s]/ or line =~ /^\s*$/
+    service, prot_port, *rest = line.split(/\s+/)
+    port, protocol = prot_port.split(/\//)
+
+    stmt = db.prepare insert
+    stmt.bind_param 1, port
+    stmt.bind_param 2, protocol
+    stmt.bind_param 3, service
+    stmt.execute
+    stmt.close if stmt
+  end
+end
+
+db.close if db

data/fluent-plugin-port_to_service.gemspec

@@ -0,0 +1,30 @@
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+
+Gem::Specification.new do |spec|
+  spec.name    = "fluent-plugin-port_to_service"
+  spec.version = "0.1.3"
+  spec.authors = ["Chris Pedro"]
+  spec.email   = ["chris@thepedros.com"]
+
+  spec.summary       = %q{Fluentd filter plugin to include TCP/UDP services based on port information.}
+  spec.description   = %q{Filter plugin to include TCP/UDP services.}
+  spec.homepage      = "https://github.com/cpedro/fluent-plugin-port_to_service.git"
+  spec.license       = "Unlicense"
+
+  test_files, files  = `git ls-files -z`.split("\x0").partition do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.files         = files
+  spec.executables   = files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = test_files
+  spec.require_paths = ["lib"]
+
+  spec.add_development_dependency "bundler", "~> 2.0"
+  spec.add_development_dependency "rake", "~> 12.0"
+  spec.add_development_dependency "test-unit", "~> 3.0"
+  spec.add_runtime_dependency "fluentd", [">= 0.14.10", "< 2"]
+  spec.add_runtime_dependency "sqlite3", "~> 1.3"
+
+  spec.executables << "fluent-plugin-port_to_service_build_db"
+end

data/lib/fluent/plugin/filter_port_to_service.rb

@@ -0,0 +1,102 @@
+# filter_port_to_service.rb
+
+require "fluent/plugin/filter"
+require "sqlite3"
+
+module Fluent::Plugin
+  class PortToServiceFilter < Fluent::Plugin::Filter
+    Fluent::Plugin.register_filter("port_to_service", self)
+
+    SQUERY = "SELECT service FROM services WHERE protocol = ? and port = ?;"
+
+    PROTOCOLS = ["tcp", "udp"]
+    PORTS = (1..65535)
+
+    helpers :compat_parameters, :inject, :record_accessor
+
+    desc "Protocol key"
+    config_param :protocol_key, :string, default: "protocol"
+    desc "Port number key"
+    config_param :port_key, :string, default: "port"
+    desc "Key name to use to store service description"
+    config_param :service_key, :string, default: "service"
+    desc "SQLite3 database path"
+    config_param :path, :string
+
+    def initialize
+      super
+    end
+
+    def configure(conf)
+      compat_parameters_convert(conf, :inject)
+      super
+    end
+
+    def start
+      super
+      log.info "filter_port_to_service.rb - database path: #{@path}"
+      @db = ::SQLite3::Database.new @path
+      @db.results_as_hash = true
+    end
+
+    def shutdown
+      @db.close if @db
+      super
+    end
+
+    def filter(tag, time, record)
+      filtered_record = add_service(record)
+      if filtered_record
+        record = filtered_record
+      end
+
+      record = inject_values_to_record(tag, time, record)
+      record
+    end
+
+    def add_service(record)
+      # Return if any of the fields are not found.
+      return record unless record[@protocol_key] && record[@port_key]
+
+      # Reading in parameters from sources aren't always UTF-8.
+      protocol = record[@protocol_key].downcase.encode("UTF-8")
+      port = record[@port_key].to_i
+
+      # Return if protocol or port is out of range.
+      return record unless PROTOCOLS.include?(protocol) && PORTS.include?(port)
+
+      service = get_service(protocol, port)
+      if service
+        record[@service_key] = service
+      end
+      record
+    end
+
+    def get_service(protocol, port)
+      begin
+        log.debug "filter_port_to_service.rb - protocol: #{protocol}
+          class: #{protocol.class} encoding: #{protocol.encoding}"
+        log.debug "filter_port_to_service.rb - port: #{port}
+          class: #{port.class}"
+
+        stmt = @db.prepare SQUERY
+        stmt.bind_param 1, protocol
+        stmt.bind_param 2, port
+
+        rs = stmt.execute
+        if row = rs.next
+          service = row["service"]
+        end
+
+        log.debug "filter_port_to_service.rb - Service: #{service}"
+      rescue ::SQLite3::Exception => e
+        log.error "filter_port_to_service.rb - Error: #{e}"
+      ensure
+        stmt.close if stmt
+      end
+
+      service
+    end
+  end
+end
+

data/test/helper.rb

@@ -0,0 +1,8 @@
+$LOAD_PATH.unshift(File.expand_path("../../", __FILE__))
+require "test-unit"
+require "fluent/test"
+require "fluent/test/driver/filter"
+require "fluent/test/helpers"
+
+Test::Unit::TestCase.include(Fluent::Test::Helpers)
+Test::Unit::TestCase.extend(Fluent::Test::Helpers)

data/test/plugin/test_filter_port_to_service.rb

@@ -0,0 +1,218 @@
+require "helper"
+require "fluent/plugin/filter_port_to_service.rb"
+require "fluent/test/driver/filter"
+
+=begin
+Unit tests require test database.  It can be created by running the below
+command with included SQL file:
+
+$ sqlite3 test/test_port_to_service.db < test/test_port_to_service.sql
+
+OR build by just running:
+
+$ cat <<EOF | sqlite3 test/test_port_to_service.db
+CREATE TABLE services(
+  id INTEGER PRIMARY KEY,
+  port INTEGER,
+  protocol TEXT,
+  service TEXT);
+INSERT INTO services(port, protocol, service) VALUES (22, 'tcp', 'ssh');
+INSERT INTO services(port, protocol, service) VALUES (53, 'udp', 'domain');
+INSERT INTO services(port, protocol, service) VALUES (80, 'tcp', 'http');
+INSERT INTO services(port, protocol, service) VALUES (123, 'udp', 'ntp');
+INSERT INTO services(port, protocol, service) VALUES (123, 'tcp', 'ntp');
+INSERT INTO services(port, protocol, service) VALUES (161, "udp", "snmp");
+INSERT INTO services(port, protocol, service) VALUES (161, "tcp", "snmp");
+EOF
+=end
+
+class PortToServiceFilterTest < Test::Unit::TestCase
+
+  DB_PATH = "test/test_port_to_service.db"
+  DB_ERROR = %[Test SQLite database, doesn't exist.
+    Unit tests require test database.  It can be created by running the below
+    command with included SQL file:
+
+    $ sqlite3 test/test_port_to_service.db < test/test_port_to_service.sql
+
+    OR build by just running:
+
+    $ cat <<EOF | sqlite3 test/test_port_to_service.db
+    CREATE TABLE services(
+      id INTEGER PRIMARY KEY,
+      port INTEGER,
+      protocol TEXT,
+      service TEXT);
+    INSERT INTO services(port, protocol, service) VALUES (22, 'tcp', 'ssh');
+    INSERT INTO services(port, protocol, service) VALUES (53, 'udp', 'domain');
+    INSERT INTO services(port, protocol, service) VALUES (80, 'tcp', 'http');
+    INSERT INTO services(port, protocol, service) VALUES (123, 'udp', 'ntp');
+    INSERT INTO services(port, protocol, service) VALUES (123, 'tcp', 'ntp');
+    INSERT INTO services(port, protocol, service) VALUES (161, "udp", "snmp");
+    INSERT INTO services(port, protocol, service) VALUES (161, "tcp", "snmp");
+    EOF
+  ]
+
+  BASIC_CONFIG = %[
+    @type         port_to_service
+
+    # Required parameters
+    path          #{DB_PATH}
+
+    # Optional parameters
+    port_key      port
+    protocol_key  protocol
+    service_key   service
+  ]
+
+  setup do
+    Fluent::Test.setup
+    @tag = "test.tag"
+    @time = Fluent::Engine.now
+    raise DB_ERROR unless File.file?(DB_PATH)
+  end
+
+  test "single_tcp_record" do
+    filter_and_test(BASIC_CONFIG,
+      [{"protocol"=> "tcp", "port"=> "22", "foo"=> "bar"}],
+      [{"protocol"=> "tcp", "port"=> "22", "service"=> "ssh", "foo"=> "bar"}])
+  end
+
+  test "single_udp_record" do
+    filter_and_test(BASIC_CONFIG,
+      [{"protocol"=> "udp", "port"=> "123", "foo"=> "bar"}],
+      [{"protocol"=> "udp", "port"=> "123", "service"=> "ntp", "foo"=> "bar"}])
+  end
+
+  test "mutliple_records" do
+    filter_and_test(BASIC_CONFIG,
+      [
+        {"protocol"=> "tcp", "port"=> "22", "foo"=> "bar"},
+        {"protocol"=> "udp", "port"=> "53"}
+      ],
+      [
+        {"protocol"=> "tcp", "port"=> "22", "service"=> "ssh", "foo"=> "bar"},
+        {"protocol"=> "udp", "port"=> "53", "service"=> "domain"}
+      ])
+  end
+
+  test "multiple_records_same_port" do
+    filter_and_test(BASIC_CONFIG,
+      [
+        {"protocol"=> "tcp", "port"=> "161"},
+        {"protocol"=> "udp", "port"=> "161"}
+      ],
+      [
+        {"protocol"=> "tcp", "port"=> "161", "service"=> "snmp"},
+        {"protocol"=> "udp", "port"=> "161", "service"=> "snmp"}
+      ])
+  end
+
+  test "multiple_records_same_protocol" do
+    filter_and_test(BASIC_CONFIG,
+      [
+        {"protocol"=> "tcp", "port"=> "80"},
+        {"protocol"=> "tcp", "port"=> "123"}
+      ],
+      [
+        {"protocol"=> "tcp", "port"=> "80", "service"=> "http"},
+        {"protocol"=> "tcp", "port"=> "123", "service"=> "ntp"}
+      ])
+  end
+
+  test "records_with_missing_fields" do
+    filter_and_test(BASIC_CONFIG,
+      [
+        {"protocol"=> "tcp"},
+        {"port"=> "80"},
+        {"foo"=> "bar"}
+      ],
+      [
+        {"protocol"=> "tcp"},
+        {"port"=> "80"},
+        {"foo"=> "bar"}
+      ])
+  end
+
+  test "not_found" do
+    filter_and_test(BASIC_CONFIG,
+      [
+        {"protocol"=> "tcp", "port"=> "1024"},
+        {"protocol"=> "udp", "port"=> "22"},
+        {"protocol"=> "icmp", "port"=> "1024"}
+      ],
+      [
+        {"protocol"=> "tcp", "port"=> "1024"},
+        {"protocol"=> "udp", "port"=> "22"},
+        {"protocol"=> "icmp", "port"=> "1024"}
+      ])
+  end
+
+  test "with_defaults" do
+    filter_and_test(
+      %[
+        @type port_to_service
+        path  #{DB_PATH}
+      ],
+      [
+        {"protocol"=> "tcp", "port"=> "22"},
+        {"protocol"=> "udp", "port"=> "53"},
+        {"protocol"=> "udp", "port"=> "161"},
+        {"protocol"=> "tcp", "port"=> "161"},
+        {"protocol"=> "tcp"},
+        {"port"=> "161"},
+        {"foo"=> "bar"}
+      ],
+      [
+        {"protocol"=> "tcp", "port"=> "22", "service"=> "ssh"},
+        {"protocol"=> "udp", "port"=> "53", "service"=> "domain"},
+        {"protocol"=> "udp", "port"=> "161", "service"=> "snmp"},
+        {"protocol"=> "tcp", "port"=> "161", "service"=> "snmp"},
+        {"protocol"=> "tcp"},
+        {"port"=> "161"},
+        {"foo"=> "bar"}
+      ])
+  end
+
+  test "with_diff_optional" do
+    filter_and_test(
+      %[
+        @type         port_to_service
+        path          #{DB_PATH}
+        port_key      a_port
+        protocol_key  a_protocol
+        service_key   a_service
+      ],
+      [
+        {"a_protocol"=> "tcp", "a_port"=> "22"},
+        {"a_protocol"=> "tcp", "port"=> "22"},
+        {"protocol"=> "tcp", "a_port"=> "22"},
+        {"protocol"=> "tcp", "port"=> "22"}
+      ],
+      [
+        {"a_protocol"=> "tcp", "a_port"=> "22", "a_service"=> "ssh"},
+        {"a_protocol"=> "tcp", "port"=> "22"},
+        {"protocol"=> "tcp", "a_port"=> "22"},
+        {"protocol"=> "tcp", "port"=> "22"}
+      ])
+  end
+
+  private
+
+  def create_driver(config)
+    Fluent::Test::Driver::Filter.new(
+      Fluent::Plugin::PortToServiceFilter).configure(config)
+  end
+
+  def filter_and_test(config, original, expected)
+    d = create_driver(config)
+    yield d if block_given?
+    d.run(default_tag: @tag) {
+      original.each {|message|
+        d.feed(@time, message)
+      }
+    }
+    filtered = d.filtered_records
+    assert_equal expected, filtered
+  end
+end

data/test/test_port_to_service.sql

@@ -0,0 +1,12 @@
+CREATE TABLE services(
+  id INTEGER PRIMARY KEY,
+  port INTEGER,
+  protocol TEXT,
+  service TEXT);
+INSERT INTO services(port, protocol, service) VALUES (22, 'tcp', 'ssh');
+INSERT INTO services(port, protocol, service) VALUES (53, 'udp', 'domain');
+INSERT INTO services(port, protocol, service) VALUES (80, 'tcp', 'http');
+INSERT INTO services(port, protocol, service) VALUES (123, 'udp', 'ntp');
+INSERT INTO services(port, protocol, service) VALUES (123, 'tcp', 'ntp');
+INSERT INTO services(port, protocol, service) VALUES (161, "udp", "snmp");
+INSERT INTO services(port, protocol, service) VALUES (161, "tcp", "snmp");

metadata

@@ -0,0 +1,136 @@
+--- !ruby/object:Gem::Specification
+name: fluent-plugin-port_to_service
+version: !ruby/object:Gem::Version
+  version: 0.1.3
+platform: ruby
+authors:
+- Chris Pedro
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2019-08-09 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '12.0'
+- !ruby/object:Gem::Dependency
+  name: test-unit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+- !ruby/object:Gem::Dependency
+  name: fluentd
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.14.10
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.14.10
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.3'
+description: Filter plugin to include TCP/UDP services.
+email:
+- chris@thepedros.com
+executables:
+- fluent-plugin-port_to_service_build_db
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".travis.yml"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- bin/fluent-plugin-port_to_service_build_db
+- fluent-plugin-port_to_service.gemspec
+- lib/fluent/plugin/filter_port_to_service.rb
+- test/helper.rb
+- test/plugin/test_filter_port_to_service.rb
+- test/test_port_to_service.sql
+homepage: https://github.com/cpedro/fluent-plugin-port_to_service.git
+licenses:
+- Unlicense
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.5.2.3
+signing_key: 
+specification_version: 4
+summary: Fluentd filter plugin to include TCP/UDP services based on port information.
+test_files:
+- test/helper.rb
+- test/plugin/test_filter_port_to_service.rb
+- test/test_port_to_service.sql