fluent-plugin-windows-eventlog 0.9.1 → 0.9.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cbb3671770acb68849fee334459ef93b64e0e921a5addf3fbe209c7eba3fb928
-  data.tar.gz: 33e0170f55759869b70cf7691e6deec1208cbb38087aa619c1ea8de01750e2ee
+  metadata.gz: ce765b8becd1cc7835d19f2f1b9e3e0b1da48467f26434295e041887a4d8d057
+  data.tar.gz: 59129a827b949a6db83ba01f6d03da41ae0923304fcc479aecc7b37127517835
 SHA512:
-  metadata.gz: 921f6ac048e3d1e29029cd2022777a74d50e356ccd434ade597e668b464899381feb1b6c09b5e3593c042d16c4b5491c13ae01e6fc8ed85685bb186510fb2d09
-  data.tar.gz: a2d34b7fe8757a176171268d8280b33b21ec7f560346d5ab9fe06e0715672d37f3deee3c5db8378e3af8a629465d42027d248c7d2ddd6e9fd9589647b1352697
+  metadata.gz: 74b3233cd11710c90c456e313d4f87ec0fcc5392bbb12761f8e62398aa8cda1b7ec6ae9cbbe5b4c74bb26be1e804c804a7eea6c8796887bd97924b768362e56f
+  data.tar.gz: 36e9a709f939d021e75ccc1723207b1dbb524aa2f5658aeefa319476a67d142e888518f037202934fbb2458006e77ce3269bd87572ca988457872aaf47cf6242

data/.github/workflows/unit-test.yml

@@ -21,7 +21,7 @@ jobs:
             experimental: true
     name: Ruby ${{ matrix.ruby }} on ${{ matrix.os }}
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v5
     - uses: ruby/setup-ruby@v1
       with:
         ruby-version: ${{ matrix.ruby }}

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+# Release v0.9.2 - 2025/11/21
+
+* in_windows_eventlog2: remove unexpected spaces in parsing description (#121)
+
 # Release v0.9.1 - 2024/02/17
 
 * Relax required Nokogiri version (#117)

data/fluent-plugin-winevtlog.gemspec

@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 
 Gem::Specification.new do |spec|
   spec.name          = "fluent-plugin-windows-eventlog"
-  spec.version       = "0.9.1"
+  spec.version       = "0.9.2"
   spec.authors       = ["okahashi117", "Hiroshi Hatake", "Masahiro Nakagawa"]
   spec.email         = ["naruki_okahashi@jbat.co.jp", "cosmo0920.oucc@gmail.com", "repeatedly@gmail.com"]
   spec.summary       = %q{Fluentd Input plugin to read windows event log.}

data/lib/fluent/plugin/in_windows_eventlog2.rb

@@ -417,7 +417,7 @@ module Fluent::Plugin
                          r.split(NONE_FIELD_DELIMITER)
                        end
           key = "" if key.nil?
-          key.chop!  # remove ':' from key
+          key.sub!(/:\s*$/, '')  # remove ':' from key
           if value.nil?
             parent_key = to_key(key)
           else

data/test/data/eventid_4697

@@ -0,0 +1,14 @@
+A service was installed in the system.
+
+Subject:
+	Security ID:		SYSTEM
+	Account Name:		824ZWL3$
+	Account Domain:		WORKGROUP
+	Logon ID:		0x3E7
+
+Service Information:
+	Service Name: 		WpnUserService_a46b7
+	Service File Name:	C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
+	Service Type: 		0xE0
+	Service Start Type:	2
+	Service Account: 	LocalSystem

data/test/plugin/test_in_windows_eventlog2.rb

@@ -325,6 +325,27 @@ DESC
     assert_equal(expected, h)
   end
 
+  test "A service was installed in the system." do
+    d = create_driver
+    desc = nil
+    File.open('./test/data/eventid_4697', 'r') do |f|
+      desc = f.read.gsub(/\R/, "\r\n")
+    end
+    h = {"Description" => desc}
+    expected = {"DescriptionTitle"                       => "A service was installed in the system.",
+                "service_information.service_account"    => "LocalSystem",
+                "service_information.service_file_name"  => "C:\\WINDOWS\\system32\\svchost.exe -k UnistackSvcGroup",
+                "service_information.service_name"       => "WpnUserService_a46b7",
+                "service_information.service_start_type" => "2",
+                "service_information.service_type"       => "0xE0",
+                "subject.account_domain" => "WORKGROUP",
+                "subject.account_name"   => "824ZWL3$",
+                "subject.logon_id"       => "0x3E7",
+                "subject.security_id"    => "SYSTEM"}
+    d.instance.parse_desc(h)
+    assert_equal(expected, h)
+  end
+
   def test_write
     d = create_driver XML_RENDERING_CONFIG
 

metadata

@@ -1,16 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: fluent-plugin-windows-eventlog
 version: !ruby/object:Gem::Version
-  version: 0.9.1
+  version: 0.9.2
 platform: ruby
 authors:
 - okahashi117
 - Hiroshi Hatake
 - Masahiro Nakagawa
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-02-18 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -152,6 +151,7 @@ files:
 - lib/fluent/plugin/bookmark_sax_parser.rb
 - lib/fluent/plugin/in_windows_eventlog.rb
 - lib/fluent/plugin/in_windows_eventlog2.rb
+- test/data/eventid_4697
 - test/data/eventid_6416
 - test/generate-windows-event.rb
 - test/helper.rb
@@ -162,7 +162,6 @@ homepage: https://github.com/fluent/fluent-plugin-windows-eventlog
 licenses:
 - Apache-2.0
 metadata: {}
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -177,11 +176,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.22
-signing_key:
+rubygems_version: 3.6.9
 specification_version: 4
 summary: Fluentd Input plugin to read windows event log.
 test_files:
+- test/data/eventid_4697
 - test/data/eventid_6416
 - test/generate-windows-event.rb
 - test/helper.rb