hpess-logstash-codec-cef 0.2.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/logstash/codecs/cef.rb +1 -1
  3. data/logstash-codec-cef.gemspec +1 -1
  4. data/spec/codecs/cef_spec.rb +3 -3
  5. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 57330ab16e56eb40f97c35161a31a89ef0a53db1
4
- data.tar.gz: 279a1861c849597fa62833fb3bcb674dfd913c51
3
+ metadata.gz: 81a21440a62cb5391b36db282d926053bba698cb
4
+ data.tar.gz: 6186ee0d447ca21d76e74312b31ff7105be48b8e
5
5
  SHA512:
6
- metadata.gz: ca205a4e25ec02147459e40d90608b861a4b308c33bab64b400c9bfee6637bb7cf55e265ffaa3b16480f968dc1cd3c99a50d47c9dffc29a10f8b233bf0a1b737
7
- data.tar.gz: eb5375a8477c2a1f8c74e9a0c8c6ea7535d8190e5a86bee7782d20d8e8e599acdd6fe7a047e2458a1a4b229fe20ef114ac96d9d2b1c2e9473a03cbab8cdd2f3b
6
+ metadata.gz: 64823415d3340bff3627b6bd7ee5fd1acc4c5fa0b3baa31b397697d1f976c0f8975c0a6d89d0100060339ce0ff044df6b7155f37ef4bcd1c87d40d0612f0fff0
7
+ data.tar.gz: 2d308146c252b6ae4decd9a0318a39c6191e7f096f43610551c409633137726082df60df65b9d04210b346fd8a134608da96939a7b1bccd7f2e3d2985458c7c5
data/lib/logstash/codecs/cef.rb CHANGED
@@ -36,7 +36,7 @@ class LogStash::Codecs::CEF < LogStash::Codecs::Base
36
36
  }
37
37
 
38
38
  # And save the new has as the extensions
39
- event['cef_extension'] = extensions
39
+ event['cef_ext'] = extensions
40
40
  end
41
41
  yield event
42
42
  end
data/logstash-codec-cef.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'hpess-logstash-codec-cef'
4
- s.version = '0.2.0'
4
+ s.version = '0.2.1'
5
5
  s.licenses = ['Apache License (2.0)']
6
6
  s.summary = "CEF codec to parse CEF formated logs"
7
7
  s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
data/spec/codecs/cef_spec.rb CHANGED
@@ -28,7 +28,7 @@ describe LogStash::Codecs::CEF do
28
28
  it "should parse the cef headers" do
29
29
  subject.decode(message) do |e|
30
30
  validate(e)
31
- ext = e['cef_extension']
31
+ ext = e['cef_ext']
32
32
  insist { e["cef_vendor"] } == "security"
33
33
  insist { e["cef_product"] } == "threatmanager"
34
34
  end
@@ -36,7 +36,7 @@ describe LogStash::Codecs::CEF do
36
36
 
37
37
  it "should parse the cef body" do
38
38
  subject.decode(message) do |e|
39
- ext = e['cef_extension']
39
+ ext = e['cef_ext']
40
40
  insist { ext['src'] } == "10.0.0.192"
41
41
  insist { ext['dst'] } == "12.121.122.82"
42
42
  insist { ext['spt'] } == "1232"
@@ -62,7 +62,7 @@ describe LogStash::Codecs::CEF do
62
62
  let (:escaped_pipes) { 'CEF:0|security|threatmanager|1.0|100|trojan successfully stopped|10|moo=this\|has an escaped pipe' }
63
63
  it "should be OK with escaped pipes in the message" do
64
64
  subject.decode(escaped_pipes) do |e|
65
- ext = e['cef_extension']
65
+ ext = e['cef_ext']
66
66
  insist { ext['moo'] } == 'this\|has an escaped pipe'
67
67
  end
68
68
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: hpess-logstash-codec-cef
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elasticsearch