RubyGems - fluent-plugin-splunk-hec-radiant - Versions diffs - 0.1.0 → 0.1.2 - Mend

fluent-plugin-splunk-hec-radiant 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml +4 -4
data/README.md +111 -1
data/lib/fluent/plugin/out_splunk_hec_radiant.rb +1 -1
data/lib/fluent/plugin/splunk_hec_radiant/version.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d66f2e2c6b673ba7a5c901eef6c614343c4e47923c97040019c68a1c0c6dac38
-  data.tar.gz: 91e1407dd7bb1fa19ce1241c44175499c1060a5d6446ad3f1821f7bd12b5d683
+  metadata.gz: f93916ef9c264695611a3c2fbf75c6ab6d6c3126b7a0c060e2914bb296709c58
+  data.tar.gz: 1b3f15a1a3f9460bde0f7651602ebe72024c44e10545b124c9e4911d3bf845c4
 SHA512:
-  metadata.gz: ee16c5e206a22e0976021b7962498c907c94ef02c5713593a9152b0e829ec0163c37c2ef75210cdfb6c0960407f867d9bb22982d26595b263d3fc3fddc2fb7d9
-  data.tar.gz: ec7a37f5090bbe1eb6b2627e944c8e16dc8a8aaa937940cb864ecfd1d189483aaee7908d64d27bccf3c978048e7b86946cfd8ccf21d9143c3f0d87868bb1ae18
+  metadata.gz: eb49a28f6c56d7895cbe8eb466cd2caf71d261966981aecd1ff47cd281cc4e86a0bb335cc36bd76fe8d66340e39ad89cc5824f83c20339de6f43eb1e359e802e
+  data.tar.gz: afe973e4c520ffd278a3dc2a54ba20a59cd903ad01a41715c8c87331bf688ab6dd8545d9fd498a54346af9edf9569ca4810b6176112a195e8261dbf5e5c0a915

data/README.md CHANGED Viewed

@@ -1,7 +1,10 @@
 # fluent-plugin-splunk-hec-radiant
+[![Gem Version](https://badge.fury.io/rb/fluent-plugin-splunk-hec-radiant.svg)](https://badge.fury.io/rb/fluent-plugin-splunk-hec-radiant)
+[![Downloads](https://img.shields.io/gem/dt/fluent-plugin-splunk-hec-radiant.svg)](https://rubygems.org/gems/fluent-plugin-splunk-hec-radiant)
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 [![Ruby](https://img.shields.io/badge/ruby-3.0+-red.svg)](https://www.ruby-lang.org)
+[![CI](https://github.com/gnanirahulnutakki/fluent-plugin-splunk-hec-radiant/actions/workflows/ci.yml/badge.svg)](https://github.com/gnanirahulnutakki/fluent-plugin-splunk-hec-radiant/actions/workflows/ci.yml)
 A **modernized and actively maintained** Fluentd output plugin for sending events and metrics to [Splunk](https://www.splunk.com) via the [HTTP Event Collector (HEC) API](http://dev.splunk.com/view/event-collector/SP-CAAAE7F).
@@ -10,9 +13,116 @@ This is a fork of the original [fluent-plugin-splunk-hec](https://github.com/spl
 - ✅ **Ruby 3.x support** (requires Ruby 3.0+)
 - ✅ **Modern dependencies** (Fluentd 1.16+, latest gems)
 - ✅ **Better performance** (using `oj` for JSON instead of `multi_json`)
-- ✅ **Enhanced security** (TLS 1.2+ by default)
+- ✅ **Enhanced security** (TLS 1.2+ by default, custom SSL certificates)
+- ✅ **Bug fixes** from original plugin (see [Fixed Issues](#fixed-issues-from-original-plugin))
 - ✅ **Active maintenance** and bug fixes
 - ✅ **Comprehensive test coverage**
+- ✅ **Production-ready examples** for all major use cases
+## Fixed Issues from Original Plugin
+This modernized version addresses major issues from the [original plugin's GitHub repository](https://github.com/splunk/fluent-plugin-splunk-hec/issues):
+### ✅ Issue #278: Dynamic Index Based on Tag
+**Problem**: The `index` parameter didn't accept `${tag}` variables for dynamic routing.
+**Our Fix**: Full support for dynamic placeholders in index configuration.
+```xml
+<match **>
+  @type splunk_hec_radiant
+  index ${tag}  # Works! Routes based on tag
+  <buffer tag>
+    @type memory
+  </buffer>
+</match>
+```
+**Example**: [`examples/dynamic-index.conf`](examples/dynamic-index.conf)
+### ✅ Issue #276: Unwanted Time Field in JSON
+**Problem**: Can't exclude the "time" field from JSON output.
+**Our Fix**: Set `time_key nil` to completely exclude the time field.
+```xml
+<match **>
+  @type splunk_hec_radiant
+  time_key nil  # Excludes time from event JSON
+</match>
+```
+**Example**: [`examples/exclude-time-field.conf`](examples/exclude-time-field.conf)
+### ✅ Issue #271: SSL Certificate Verification Failures
+**Problem**: "certificate verify failed (EE certificate key too weak)" errors.
+**Our Fix**:
+- Custom CA certificate support (`ca_file`, `ca_path`)
+- Client certificate authentication (`client_cert`, `client_key`)
+- Better error messages and troubleshooting guidance
+```xml
+<match **>
+  @type splunk_hec_radiant
+  ca_file /path/to/custom-ca.crt
+  client_cert /path/to/client.pem
+  client_key /path/to/client-key.pem
+</match>
+```
+**Example**: [`examples/ssl-advanced.conf`](examples/ssl-advanced.conf)
+### ✅ Issue #260: Nested Records in Fields
+**Problem**: Can't access nested record fields for dimensions/metadata.
+**Our Fix**: Modern Fluentd 1.16+ supports `$.field.subfield` syntax.
+```xml
+<match kubernetes.**>
+  @type splunk_hec_radiant
+  source ${$.kubernetes.pod_name}
+  <fields>
+    namespace ${$.kubernetes.namespace_name}
+  </fields>
+  <buffer $.kubernetes.namespace_name, $.kubernetes.pod_name>
+    @type memory
+  </buffer>
+</match>
+```
+**Example**: [`examples/nested-fields-kubernetes.conf`](examples/nested-fields-kubernetes.conf)
+### ✅ Issue #287: json-jwt Vulnerability (CVE-2023-51774)
+**Problem**: High severity vulnerability in json-jwt dependency.
+**Our Fix**: **Not applicable** - our plugin doesn't use `json-jwt` at all. No vulnerable dependencies!
+### ✅ Issue #107: SSL Ciphers Configuration
+**Problem**: No documentation for configuring SSL ciphers.
+**Our Fix**: Full support with examples for custom cipher suites.
+```xml
+<match **>
+  @type splunk_hec_radiant
+  ssl_ciphers ["ECDHE-RSA-AES256-GCM-SHA384", "AES256-GCM-SHA384"]
+</match>
+```
+**Example**: [`examples/ssl-advanced.conf`](examples/ssl-advanced.conf)
+### ✅ Issue #279 & #270: End of Support / Future Development
+**Problem**: Original plugin reached end-of-life. What are the alternatives?
+**Our Answer**: **This plugin IS the alternative!**
+- Active maintenance
+- Modern Ruby 3.x support
+- All dependencies updated
+- Regular security updates
+- Bug fixes and enhancements
+### ✅ Issue #275: CVEs and Security Vulnerabilities
+**Problem**: Multiple CVEs in dependencies.
+**Our Fix**: All dependencies updated to latest secure versions:
+- `fluentd` >= 1.16
+- `net-http-persistent` >= 4.0 (replaced `httpclient`)
+- `oj` ~> 3.16 (replaced `multi_json`)
+- `prometheus-client` >= 2.1.0
+- No known vulnerabilities
+See [`GITHUB_ISSUES_ANALYSIS.md`](GITHUB_ISSUES_ANALYSIS.md) for complete issue analysis.
 ## Installation

data/lib/fluent/plugin/out_splunk_hec_radiant.rb CHANGED Viewed

@@ -31,7 +31,7 @@ module Fluent
   module Plugin
     # Modernized Splunk HEC output plugin
     class SplunkHecRadiantOutput < Fluent::Plugin::Output
-      Fluent::Plugin.register_output("splunk_hec_radiant", self)
+      Fluent::Plugin.register_output("splunk_hec", self)
       helpers :formatter

data/lib/fluent/plugin/splunk_hec_radiant/version.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 module Fluent
   module Plugin
     module SplunkHecRadiant
-      VERSION = "0.1.0"
+      VERSION = "0.1.2"
     end
   end
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-splunk-hec-radiant
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.2
 platform: ruby
 authors:
 - G. Rahul Nutakki
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-10-31 00:00:00.000000000 Z
+date: 2025-11-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fluentd