RubyGems - gelfd - Versions diffs - 0.0.1 - Mend

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

data/.gitignore ADDED Viewed

@@ -0,0 +1,4 @@
+*.gem
+.bundle
+Gemfile.lock
+pkg/*

data/Gemfile ADDED Viewed

@@ -0,0 +1,4 @@
+source "http://rubygems.org"
+# Specify your gem's dependencies in gelfd.gemspec
+gemspec

data/README.md ADDED Viewed

@@ -0,0 +1,6 @@
+# gelfd
+gelfd is a standalone implementation of GELF (Graylog2 Extended Log Format).
+This is used by the graylog2 server as an extended format for handling log messages.
+## Rationale
+This was originally concieved as a way to provide a graylog2-compatible input for logstash.

data/Rakefile ADDED Viewed

	@@ -0,0 +1 @@
1	+ require "bundler/gem_tasks"

data/bin/gelfd ADDED Viewed

@@ -0,0 +1,19 @@
+#!/usr/bin/env ruby
+$:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
+require 'socket'
+require 'gelfd'
+server = UDPSocket.new
+puts "Starting up"
+server.bind(nil, 11211)
+trap("INT") { puts "Shutting down"; exit }
+loop do
+  data, addr = server.recvfrom(8192)
+  begin
+    res = Gelfd::Parser.parse(data)
+  rescue Exception => e
+    puts e.message
+  end
+  puts res unless res.nil?
+end

data/gelfd.gemspec ADDED Viewed

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "gelfd/version"
+Gem::Specification.new do |s|
+  s.name        = "gelfd"
+  s.version     = Gelfd::VERSION
+  s.authors     = ["John E. Vincent"]
+  s.email       = ["lusis.org+github.com@gmail.com"]
+  s.homepage    = ""
+  s.summary     = %q{Pure ruby gelf server and decoding library}
+  s.description = %q{Standalone implementation of the Graylog Extended Log Format}
+  s.rubyforge_project = "gelfd"
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+  # specify any dependencies here; for example:
+  # s.add_development_dependency "rspec"
+  # s.add_runtime_dependency "rest-client"
+end

data/lib/gelfd.rb ADDED Viewed

@@ -0,0 +1,16 @@
+require "gelfd/version"
+module Gelfd
+  CHUNKED_MAGIC = [0x1e,0x0f].pack('C*').freeze
+  ZLIB_MAGIC = [0x78,0x9c].pack('C*').freeze
+  GZIP_MAGIC = [0x1f,0x8b].pack('C*').freeze
+  HEADER_LENGTH = 12
+  DATA_LENGTH = 8192 - HEADER_LENGTH
+  MAX_CHUNKS = 128
+end
+require File.join(File.dirname(__FILE__), 'gelfd', 'exceptions')
+require File.join(File.dirname(__FILE__), 'gelfd', 'zlib_parser')
+require File.join(File.dirname(__FILE__), 'gelfd', 'gzip_parser')
+require File.join(File.dirname(__FILE__), 'gelfd', 'chunked_parser')
+require File.join(File.dirname(__FILE__), 'gelfd', 'parser')

data/lib/gelfd/chunked_parser.rb ADDED Viewed

@@ -0,0 +1,46 @@
+module Gelfd
+  class ChunkedParser
+    @@chunk_map = Hash.new {|hash,key| hash[key] = {:total_chunks => 0, :chunks => {} } }
+    attr_accessor :message_id, :max_chunks, :decoded_data, :chunks, :seen
+    def self.parse(data)
+      msg_id = self.parse_chunk(data)
+      if @@chunk_map[msg_id][:chunks].size == @@chunk_map[msg_id][:total_chunks]
+        assemble_chunks(msg_id)
+      end
+    end
+    def self.assemble_chunks(msg_id)
+      buff = ''
+      chunks = @@chunk_map[msg_id][:chunks]
+      chunks.keys.sort.each do |k|
+        buff += chunks[k]
+      end
+      begin
+        # TODO
+        # This has a chance for an DoS
+        # you can send a chunked message as a chunked message
+        t = Parser.parse(buff.clone)
+        t
+      rescue Exception => e
+        "Exception: #{e.message}"
+      end
+    end
+    private
+    def self.parse_chunk(data)
+      header = data[0..1]
+      raise NotChunkedDataError, "This doesn't look like a Chunked GELF message!" if header != CHUNKED_MAGIC
+      begin
+        msg_id = data[2..9].unpack('C*').join
+        seq_number, total_number = data[10].ord, data[11].ord
+        zlib_chunk = data[12..-1]
+        raise TooManyChunksError, "#{total_number} greater than #{MAX_CHUNKS}" if total_number > MAX_CHUNKS
+        @@chunk_map[msg_id][:total_chunks] = total_number.to_i
+        @@chunk_map[msg_id][:chunks].merge!({seq_number.to_i => zlib_chunk})
+        msg_id
+      end
+    end
+  end
+end

data/lib/gelfd/exceptions.rb ADDED Viewed

@@ -0,0 +1,8 @@
+module Gelfd
+  class NotChunkedDataError < StandardError; end
+  class DuplicateChunkError < StandardError; end
+  class TooManyChunksError < StandardError; end
+  class UnknownHeaderError < StandardError; end
+  class DecodeError < StandardError; end
+  class NotYetImplementedError < StandardError; end
+end

data/lib/gelfd/gzip_parser.rb ADDED Viewed

@@ -0,0 +1,9 @@
+module Gelfd
+  class GzipParser
+    def self.parse(data)
+      raise NotYetImplementedError, "GZip decoding is not yet implemented"
+    end
+  end
+end

data/lib/gelfd/parser.rb ADDED Viewed

@@ -0,0 +1,21 @@
+module Gelfd
+  class Parser
+    def self.parse(data)
+      header = data[0..1]
+      case header
+      when ZLIB_MAGIC
+        ZlibParser.parse(data)
+      when CHUNKED_MAGIC
+        ChunkedParser.parse(data)
+      when GZIP_MAGIC
+        GzipParser.parse(data)
+      else
+        raise UnknownHeaderError, "Could not find parser for header: #{header.unpack('C*').to_s}"
+      end
+    end
+  end
+end

data/lib/gelfd/version.rb ADDED Viewed

@@ -0,0 +1,3 @@
+module Gelfd
+  VERSION = "0.0.1"
+end

data/lib/gelfd/zlib_parser.rb ADDED Viewed

@@ -0,0 +1,15 @@
+require 'zlib'
+module Gelfd
+  class ZlibParser
+    def self.parse(data)
+      begin
+        t = Zlib::Inflate.inflate(data)
+        t
+      rescue Exception => e
+        raise DecodeError, "Failed to decode data: #{e}"
+      end
+    end
+  end
+end

data/test/fixtures/unchunked.zl ADDED Viewed

Binary file

metadata ADDED Viewed

@@ -0,0 +1,68 @@
+--- !ruby/object:Gem::Specification
+name: gelfd
+version: !ruby/object:Gem::Version
+  prerelease:
+  version: 0.0.1
+platform: ruby
+authors:
+- John E. Vincent
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2011-09-09 00:00:00 Z
+dependencies: []
+description: Standalone implementation of the Graylog Extended Log Format
+email:
+- lusis.org+github.com@gmail.com
+executables:
+- gelfd
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- README.md
+- Rakefile
+- bin/gelfd
+- gelfd.gemspec
+- lib/gelfd.rb
+- lib/gelfd/chunked_parser.rb
+- lib/gelfd/exceptions.rb
+- lib/gelfd/gzip_parser.rb
+- lib/gelfd/parser.rb
+- lib/gelfd/version.rb
+- lib/gelfd/zlib_parser.rb
+- test/fixtures/unchunked.zl
+homepage: ""
+licenses: []
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+required_rubygems_version: !ruby/object:Gem::Requirement
+  none: false
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: "0"
+requirements: []
+rubyforge_project: gelfd
+rubygems_version: 1.8.6
+signing_key:
+specification_version: 3
+summary: Pure ruby gelf server and decoding library
+test_files: []

gelfd 0.0.1