fluent-plugin-ufw 0.0.2 → 0.0.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1ce14b9ba65d679b766d8272ff2fecd874092232
-  data.tar.gz: 60da6bd04292d7195c4a4a3be9ecd56ed6244130
+  metadata.gz: c71257b4fae307040cd23f60bed50163d90b8697
+  data.tar.gz: 07e224c028339bfc0e9c4fb6b86324ed2e85c8b6
 SHA512:
-  metadata.gz: 3080699686fc25a7a66edb52e2b191f32de2ea006372e827a292f04c55d7196a26689fd13a2128878c8b5c32e222ce22e5fbdfcc2e786f7eff094d2363974108
-  data.tar.gz: 7512b05ca4bd9aeddd749afe94b487a82381f0bc9fd8634f1096e476aacc8ec723c6d55bf36f18a502f5b614357eecc77342c4f042909ec809b942b311940226
+  metadata.gz: aa814ea8afb5b0e17c6029abbafb34a0f635bc6b232e79885dff49bc96cc680779618276a3d733712edf730896673084d5d91dc035815d6556fbf61c935f5624
+  data.tar.gz: 5724616c78a568c9a6c13d5588ce9a69ae3c1ed8a7150070717e76b7718899f3de60aa8cfc473dedf0412cf08ebfd0183a7b0c15239aaf19367b65bd0d2c3397

data/.gitignore

@@ -0,0 +1,5 @@
+Gemfile.lock
+*~
+gemfiles
+pkg/
+

data/.travis.yml

@@ -2,6 +2,7 @@ language: ruby
 sudo: true
 before_install:
   - gem update bundler
+  - gem update
 
 rvm:
 #  - 1.9.3	
@@ -13,7 +14,3 @@ rvm:
 
 gemfile:
   - Gemfile
-
-install:
-  - bundle exec rake build
-  - sudo fluent-gem install --local pkg/fluent-plugin-ufw-0.0.1.gem

data/Appraisals

@@ -0,0 +1,61 @@
+appraise "fluentd-0.12.39" do
+  gem "fluentd", "0.12.39"
+end
+
+appraise "test-unit-3" do
+  gem "fluentd", "0.12.39"
+  gem "test-unit", "3.0.0"
+end
+
+appraise "test-unit-2" do
+  gem "fluentd", "0.12.39"
+  gem "test-unit", "2.0.0"
+end
+
+# ok
+appraise "test-unit-1" do
+  gem "fluentd", "0.12.39"
+  gem "test-unit", "1.2.3"
+end
+
+appraise "rake-0.9.2" do
+  gem "fluentd", "0.12.39"
+  gem "test-unit", "1.2.3"
+  gem "rake", "0.9.2"
+end
+
+appraise "appraisal-1.0.0" do
+  gem "fluentd", "0.12.39"
+  gem "test-unit", "1.2.3"
+  gem "rake", "0.9.2"
+  gem "appraisal", "1.0.0"
+end
+
+# ok
+appraise "fluentd-0.12.30" do
+  gem "fluentd", "0.12.30"
+end
+
+# ng
+appraise "fluentd-0.12.29" do
+  gem "fluentd", "0.12.29"
+end
+
+# ok
+appraise "fluentd-0.12.25" do
+  gem "fluentd", "0.12.25"
+end
+
+# ok
+appraise "fluentd-0.12.22" do
+  gem "fluentd", "0.12.22"
+end
+
+appraise "fluentd-0.12.21" do
+  gem "fluentd", "0.12.21"
+end
+
+# failed
+#appraise "fluentd-0.12.20" do
+#  gem "fluentd", "0.12.20"
+#end

data/Dockerfile

@@ -0,0 +1,8 @@
+FROM fluent/fluentd:v0.14.20
+
+COPY pkg/fluent-plugin-ufw-*.gem .
+RUN gem install --local fluent-plugin-ufw-*.gem
+
+COPY docker/etc/fluent.conf /fluentd/etc/
+RUN mkdir /var/log/ufw/
+COPY docker/var/log/ufw/ufw.log /var/log/ufw/

data/Dockerfile.template

@@ -0,0 +1,8 @@
+FROM fluent/fluentd:%%IMAGE_VERSION%%
+
+COPY pkg/fluent-plugin-ufw-*.gem .
+RUN gem install --local fluent-plugin-ufw-*.gem
+
+COPY docker/etc/fluent.conf /fluentd/etc/
+RUN mkdir /var/log/ufw/
+COPY docker/var/log/ufw/ufw.log /var/log/ufw/

data/Gemfile

@@ -1,6 +1,3 @@
 source "https://rubygems.org"
 
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
-
-# Specify your gem's dependencies in fluent-plugin-ufw.gemspec
 gemspec

data/README.md

@@ -2,22 +2,12 @@ fluent-plugin-ufw
 ==================
 [![Build Status](https://travis-ci.org/mamewotoko/fluent-plugin-ufw.svg?branch=master)](https://travis-ci.org/mamewotoko/fluent-plugin-ufw)
 
-A fluent plugin to parse [ufw](https://help.ubuntu.com/community/UFW) log
+A [fluent](https://www.fluentd.org/) plugin to parse [ufw](https://help.ubuntu.com/community/UFW) log
 
 ## Installation
-either A or B
-
-### A. build gem file and install
 
 ```
-bundle exec rake build
-sudo fluent-gem install --local pkg/fluent-plugin-ufw-0.0.1.gem
-```
-
-### B. copy plugin file
-
-```
-cp lib/fluent/plugin/parser_ufw.rb /etc/fluent/plugin/
+gem install fluent-plugin-ufw
 ```
 
 ## fluentd config
@@ -29,7 +19,7 @@ specify `format ufw` in fluent.config like example below.
  read_from_head true
  format ufw
  
- path /var/log/ufw/ufw.log*
+ path /var/log/ufw/ufw.log
  pos_file /var/log/ufw/ufw.pos
  tag ufw.combined
 </source>
@@ -39,14 +29,47 @@ specify `format ufw` in fluent.config like example below.
 * read [Interpreting Log Entries of UFW](https://help.ubuntu.com/community/UFW#Interpreting_Log_Entries)
 
 ## Test
-
+### A. Using installed fluetntd
 ```
 bundle install
 bundle exec rake
 ```
 
-## TODO
-* release gem
+### B. Multiple version of fluentd with appraisal tool
+
+```
+bundle install
+appraisal install
+appraisal rake test
+```
+
+### C. Install gem and run with fluentd as docker container
+
+Run for fluentd version specified in Dockerfile
+
+```
+sh run_docker_test.sh
+```
+
+Run for multiple fluentd version
+
+```
+sh run_docker_test.sh
+```
+
+## Install for development
+### A. build gem file and install
+
+```
+bundle exec rake build
+gem install --local pkg/fluent-plugin-ufw-0.0.1.gem
+```
+
+### B. copy plugin file
+
+```
+cp lib/fluent/plugin/parser_ufw.rb /etc/fluent/plugin/
+```
 
 ## License
 

data/Rakefile

@@ -1,3 +1,5 @@
+require "rubygems"
+require "bundler/setup"
 require "bundler/gem_tasks"
 require "rake/testtask"
 
@@ -5,6 +7,7 @@ Rake::TestTask.new(:test) do |t|
   t.libs << "test"
   t.libs << "lib"
   t.test_files = FileList["test/**/test_*.rb"]
+  t.warning = false
 end
 
 task :default => :test

data/docker-compose.yml

@@ -0,0 +1,6 @@
+version: '2'
+
+services:
+  fluent-plugin-ufw:
+    build: .
+

data/docker/Dockerfile

@@ -0,0 +1,8 @@
+FROM fluent/fluentd:v0.12.39
+
+COPY pkg/fluent-plugin-ufw-*.gem .
+RUN gem install --local fluent-plugin-ufw-*.gem
+
+COPY docker/etc/fluent.conf /fluentd/etc/
+RUN mkdir /var/log/ufw/
+COPY docker/var/log/ufw/ufw.log /var/log/ufw/

data/docker/etc/fluent.conf

@@ -0,0 +1,18 @@
+<source>
+  @type tail
+  time_key time
+  read_from_head true
+  format ufw
+ 
+  path /var/log/ufw/ufw.log
+  pos_file /home/fluent/ufw.pos
+  tag ufw.combined
+</source>
+
+<match ufw.*>
+  @type file
+  path /home/fluent/ufw.output
+  time_slice_format %Y%m%d
+  time_slice_wait 10m
+  time_format %Y%m%dT%H%M%S%z
+</match>

data/docker/var/log/ufw/ufw.log

@@ -0,0 +1,4 @@
+Jul 30 19:11:59 myhost kernel: [169367.853115] [UFW BLOCK] IN=ens3 OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=0.0.0.0 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 
+Jul 30 19:14:03 myhost kernel: [169491.362232] [UFW BLOCK] IN=ens3 OUT= MAC=9c:a3:ba:01:f0:06:cc:4e:24:93:d1:00:08:00 SRC=185.35.62.142 DST=1.2.3.4 LEN=76 TOS=0x00 PREC=0x00 TTL=234 ID=54321 PROTO=UDP SPT=60282 DPT=123 LEN=56 
+Jul 30 19:14:04 myhost kernel: [169492.853269] [UFW BLOCK] IN=ens3 OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC=0.0.0.0 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=0 DF PROTO=2 
+Jul 30 19:14:30 myhost kernel: [169518.429545] [UFW BLOCK] IN=ens3 OUT= MAC=9c:a3:ba:01:f0:06:cc:4e:24:93:d2:00:08:00 SRC=78.170.69.46 DST=1.2.3.4 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=37633 PROTO=TCP SPT=42772 DPT=23 WINDOW=14600 RES=0x00 SYN URGP=0 

data/fluent-plugin-ufw.gemspec

@@ -3,7 +3,7 @@ $:.push File.expand_path("../lib", __FILE__)
 
 Gem::Specification.new do |s|
   s.name        = "fluent-plugin-ufw"
-  s.version     = "0.0.2"
+  s.version     = "0.0.3"
   s.authors     = ["Takashi Masuyama"]
   s.email       = ["mamewotoko@gmail.com"]
   s.homepage    = "https://github.com/mamewotoko/fluent-plugin-ufw"
@@ -11,12 +11,14 @@ Gem::Specification.new do |s|
   s.description = %q{Fluentd plugin to parse ufw log}
 
   s.files         = `git ls-files`.split("\n")
-  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.test_files    = `git ls-files -- test/*`.split("\n")
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
   s.license       = "Apache-2.0"
 
-  s.add_development_dependency "rake"
-  s.add_development_dependency "test-unit"
-  s.add_runtime_dependency "fluentd"
+  s.add_runtime_dependency "fluentd", [">= 0.12.21"]
+
+  s.add_development_dependency "rake", [">= 0.9.2"]
+  s.add_development_dependency "test-unit", [">= 1.2.3"]
+  s.add_development_dependency "appraisal" 
 end

data/lib/fluent/plugin/parser_ufw.rb

@@ -4,7 +4,7 @@ module Fluent
   class TextParser
     class UFWParser < Parser
       # Register this parser as "time_key_value"
-      Plugin.register_parser("ufw", self)
+      Fluent::Plugin.register_parser("ufw", self)
 
       def configure(conf)
         super
@@ -15,6 +15,7 @@ module Fluent
         # TimeParser class is already given. It takes a single argument as the time format
         # to parse the time string with.
         @time_parser = TimeParser.new(@time_format)
+        @mutex = Mutex.new
       end
 
       def parse(text)
@@ -25,7 +26,7 @@ module Fluent
           return
         end
         time = m['time']
-        time = @time_parser.parse(time)
+        time = @mutex.synchronize { @time_parser.parse(time) }
         host = m['host']
         action = m['action']
 
@@ -39,11 +40,8 @@ module Fluent
           key, value = pair.split('=', 2)
           record[key] = value
         end
-
-#        record.each { |key,value|
-#          $log.info "#{key} #{value}"
-#        }
-        time, record = convert_values(time, record)
+        record['time'] = m['time'] if @keep_time_key
+        
         yield time, record
       end
     end

data/run_docker_all_test.sh

@@ -0,0 +1,8 @@
+#! /bin/bash
+IMAGE_VERSION="v0.12.39 v0.14.20"
+
+for v in $IMAGE_VERSION; do
+    sed "s/%%IMAGE_VERSION%%/$v/" Dockerfile.template > Dockerfile
+    sh run_docker_test.sh
+done
+

data/run_docker_test.sh

@@ -0,0 +1,7 @@
+#! /bin/sh
+set -e
+docker-compose up --build -d
+sleep 10
+docker-compose exec fluent-plugin-ufw sh -c "cat /home/fluent/ufw.output.*" | grep SRC && echo ok
+docker-compose logs
+docker-compose down

data/test/fluent/plugin/test_parser_ufw.rb

@@ -32,8 +32,8 @@ class UFWTest < Test::Unit::TestCase
 
   def test_parse
     @parser.instance.parse('Aug  1 19:03:54 hostnm kernel: [341682.476244] [UFW BLOCK] IN=br-9e24f5d888e0 OUT= PHYSIN=veth9f1178d MAC=02:42:e1:a2:93:db:02:42:ac:13:00:02:08:00 SRC=172.19.0.2 DST=172.19.0.1 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=38516 DF PROTO=TCP SPT=7777 DPT=49338 WINDOW=0 RES=0x00 RST URGP=0 ') { |time, record|
-      expected_time = Fluent::EventTime.from_time(Time.strptime('1/Aug 19:03:54', '%d/%b %H:%M:%S'))
-      assert_equal(expected_time, time)
+      expected_time = Time.strptime('1/Aug 19:03:54', '%d/%b %H:%M:%S')
+      assert_equal(expected_time.to_i, time.to_i)
       assert_equal(@expected, record)
     }
   end

data/test/test_helper.rb

@@ -3,4 +3,3 @@ require 'fluent/plugin/parser_ufw'
 
 require 'test/unit'
 require 'fluent/test'
-require 'fluent/test/helpers'

metadata

@@ -1,55 +1,69 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-ufw
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
 platform: ruby
 authors:
 - Takashi Masuyama
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-08-04 00:00:00.000000000 Z
+date: 2017-08-05 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: fluentd
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.12.21
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 0.12.21
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.9.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.9.2
 - !ruby/object:Gem::Dependency
   name: test-unit
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.2.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.2.3
 - !ruby/object:Gem::Dependency
-  name: fluentd
+  name: appraisal
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
-  type: :runtime
+  type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '>='
       - !ruby/object:Gem::Version
         version: '0'
 description: Fluentd plugin to parse ufw log
@@ -59,13 +73,23 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".travis.yml"
+- .gitignore
+- .travis.yml
+- Appraisals
+- Dockerfile
+- Dockerfile.template
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
+- docker-compose.yml
+- docker/Dockerfile
+- docker/etc/fluent.conf
+- docker/var/log/ufw/ufw.log
 - fluent-plugin-ufw.gemspec
 - lib/fluent/plugin/parser_ufw.rb
+- run_docker_all_test.sh
+- run_docker_test.sh
 - test/fluent/plugin/test_parser_ufw.rb
 - test/test_helper.rb
 homepage: https://github.com/mamewotoko/fluent-plugin-ufw
@@ -78,18 +102,20 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - '>='
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.0.14.1
 signing_key: 
 specification_version: 4
 summary: Fluentd plugin to parse ufw log
-test_files: []
+test_files:
+- test/fluent/plugin/test_parser_ufw.rb
+- test/test_helper.rb