log-export-container 1.0.53

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. checksums.yaml +7 -0
  2. data/bin/log-export-container +11 -0
  3. data/conf-utils.rb +106 -0
  4. data/create-conf.rb +22 -0
  5. data/fluentd/etc/classify-default-csv.conf +39 -0
  6. data/fluentd/etc/classify-default-json.conf +38 -0
  7. data/fluentd/etc/classify-syslog-csv.conf +94 -0
  8. data/fluentd/etc/classify-tcp-csv.conf +89 -0
  9. data/fluentd/etc/input-extract-audit-entities.conf +9 -0
  10. data/fluentd/etc/input-file-csv.conf +10 -0
  11. data/fluentd/etc/input-file-json.conf +9 -0
  12. data/fluentd/etc/input-json-chunk.conf +3 -0
  13. data/fluentd/etc/input-syslog-csv.conf +13 -0
  14. data/fluentd/etc/input-syslog-json.conf +12 -0
  15. data/fluentd/etc/input-tcp-csv.conf +12 -0
  16. data/fluentd/etc/input-tcp-json.conf +11 -0
  17. data/fluentd/etc/monitoring.conf +25 -0
  18. data/fluentd/etc/output-azure-loganalytics.conf +9 -0
  19. data/fluentd/etc/output-bigquery.conf +13 -0
  20. data/fluentd/etc/output-cloudwatch.conf +11 -0
  21. data/fluentd/etc/output-datadog.conf +10 -0
  22. data/fluentd/etc/output-elasticsearch-8.conf +5 -0
  23. data/fluentd/etc/output-kafka.conf +11 -0
  24. data/fluentd/etc/output-logz.conf +8 -0
  25. data/fluentd/etc/output-loki.conf +5 -0
  26. data/fluentd/etc/output-mongo.conf +9 -0
  27. data/fluentd/etc/output-remote-syslog.conf +11 -0
  28. data/fluentd/etc/output-s3.conf +15 -0
  29. data/fluentd/etc/output-splunk-hec.conf +12 -0
  30. data/fluentd/etc/output-stdout.conf +3 -0
  31. data/fluentd/etc/output-sumologic.conf +10 -0
  32. data/fluentd/etc/output-template.conf +4 -0
  33. data/fluentd/etc/process.conf +19 -0
  34. data/fluentd/plugins/filter_sdm_decode_chunk_events.rb +71 -0
  35. data/fluentd/plugins/parser_sdm_json.rb +29 -0
  36. data/fluentd/scripts/dump_sdm_entities.rb +117 -0
  37. data/start.rb +34 -0
  38. metadata +365 -0
data/fluentd/etc/output-splunk-hec.conf ADDED
@@ -0,0 +1,12 @@
1
+ <store>
2
+ @type splunk_hec
3
+ hec_host "#{ENV['SPLUNK_HEC_HOST']}"
4
+ hec_port "#{ENV['SPLUNK_HEC_PORT']}"
5
+ hec_token "#{ENV['SPLUNK_HEC_TOKEN']}"
6
+
7
+ # ssl params
8
+ insecure_ssl true
9
+
10
+ # for more config options
11
+ # see https://github.com/splunk/fluent-plugin-splunk-hec
12
+ </store>
data/fluentd/etc/output-stdout.conf ADDED
@@ -0,0 +1,3 @@
1
+ <store>
2
+ @type stdout
3
+ </store>
data/fluentd/etc/output-sumologic.conf ADDED
@@ -0,0 +1,10 @@
1
+ <store>
2
+ @type sumologic
3
+ endpoint "#{ENV['SUMOLOGIC_ENDPOINT']}"
4
+ log_format json
5
+ source_name sdm
6
+ source_category "#{ENV['SUMOLOGIC_SOURCE_CATEGORY']}"
7
+
8
+ # for more config options
9
+ # see https://github.com/SumoLogic/fluentd-output-sumologic
10
+ </store>
data/fluentd/etc/output-template.conf ADDED
@@ -0,0 +1,4 @@
1
+ <match **>
2
+ @type copy
3
+ $stores
4
+ </match>
data/fluentd/etc/process.conf ADDED
@@ -0,0 +1,19 @@
1
+ # Config file for processing log traces
2
+
3
+ # Sanitizer Rules
4
+ # see https://github.com/fluent/fluent-plugin-sanitizer
5
+
6
+ # <filter **>
7
+ # @type sanitizer
8
+ # hash_salt sdmsalt
9
+ # <rule>
10
+ # keys query
11
+ # pattern_regex /SET PASSWORD .*/
12
+ # pattern_regex_prefix "CHANGE_PASSWORD"
13
+ # </rule>
14
+ # <rule>
15
+ # keys query
16
+ # pattern_regex /ALTER USER .+ IDENTIFIED BY .+/
17
+ # pattern_regex_prefix "CHANGE_PASSWORD"
18
+ # </rule>
19
+ # </filter>
data/fluentd/plugins/filter_sdm_decode_chunk_events.rb ADDED
@@ -0,0 +1,71 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'fluent/plugin/parser'
4
+ require 'fluent/plugin/parser_json'
5
+
6
+ module Fluent::Plugin
7
+ class SDMDecodeChunkEventsFilter < Filter
8
+ Fluent::Plugin.register_filter('sdm_decode_chunk_events', self)
9
+
10
+ def filter(tag, time, record)
11
+ decode_chunk_log(record)
12
+ end
13
+
14
+ private
15
+
16
+ def decode_chunk_log(record)
17
+ decoded_events = []
18
+
19
+ full_cmd_entry = ''
20
+ total_elapsed_millis = 0
21
+ start_time_regular = zulu_date_to_regular(record['timestamp'])
22
+ begin
23
+ record['events'].each do |event|
24
+ duration, command = extract_cmd_entry_info(event)
25
+ one_line_cmd_entry = command.gsub("\r", '')
26
+ total_elapsed_millis += duration
27
+ full_cmd_entry = "#{full_cmd_entry}#{one_line_cmd_entry}"
28
+
29
+ next unless end_of_line(one_line_cmd_entry)
30
+
31
+ end_time_regular = add_millis(start_time_regular, total_elapsed_millis)
32
+
33
+ item = {
34
+ 'data' => full_cmd_entry.split("\n"),
35
+ 'startTimestamp' => start_time_regular,
36
+ 'endTimestamp' => end_time_regular
37
+ }
38
+
39
+ decoded_events << item
40
+
41
+ full_cmd_entry = ''
42
+ total_elapsed_millis = 0
43
+ start_time_regular = end_time_regular
44
+ end
45
+
46
+ record['decodedEvents'] = decoded_events unless record['decodedEvents']
47
+ rescue StandardError => _e
48
+ puts "An error ocurred: #{_e.message}"
49
+ end
50
+
51
+ record
52
+ end
53
+
54
+ def end_of_line(line)
55
+ line.include? "\n"
56
+ end
57
+
58
+ def zulu_date_to_regular(input_date)
59
+ input_date.gsub(/[0-9]{,3} \+[0-9]{,4} UTC$/, '')
60
+ end
61
+
62
+ def extract_cmd_entry_info(line)
63
+ [line['duration'], Base64.decode64(line['data']).force_encoding('utf-8')]
64
+ end
65
+
66
+ def add_millis(input_date, input_millis)
67
+ new_date = Time.parse input_date
68
+ (new_date.to_time + input_millis / 1000.0).iso8601(3).to_s
69
+ end
70
+ end
71
+ end
data/fluentd/plugins/parser_sdm_json.rb ADDED
@@ -0,0 +1,29 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'fluent/plugin/parser'
4
+ require 'fluent/plugin/parser_json'
5
+
6
+ # Remove characters before JSON from SDM log lines, format:
7
+ # 2021-06-22T17:15:19Z ip-172-31-3-25 strongDM[734548]: {\"type\":\"complete\",\"timestamp\":\"2021-06-22T17:15:19.758785454Z\",\"uuid\":\"01uJSIaxJKEf6y85VRAoypiPJUGJ\",\"duration\":0,\"records\":1}
8
+ module Fluent::Plugin
9
+ class SDMJsonParser < Parser
10
+ Fluent::Plugin.register_parser('sdm_json', self)
11
+
12
+ def configure(conf)
13
+ super
14
+ @parser = Fluent::Plugin::JSONParser.new
15
+ @parser.configure(Fluent::Config::Element.new('ROOT', '', {}, []))
16
+ end
17
+
18
+ def parse(text)
19
+ idx = text.index('{')
20
+ if idx
21
+ text = text[idx..-1]
22
+ end
23
+ @parser.parse(text) do |_, r|
24
+ text = r
25
+ end
26
+ yield Fluent::EventTime.now, text
27
+ end
28
+ end
29
+ end
data/fluentd/scripts/dump_sdm_entities.rb ADDED
@@ -0,0 +1,117 @@
1
+ require 'json'
2
+ require 'date'
3
+ require 'open3'
4
+ require 'socket'
5
+
6
+ SIGTERM = 15
7
+
8
+ AUDIT_ENTITY_TYPES = {
9
+ "activities" => "activity",
10
+ "resources" => "resource",
11
+ "users" => "user",
12
+ "roles" => "role",
13
+ }
14
+
15
+ def get_audit_rows(entity_name)
16
+ if entity_name == "activities"
17
+ return get_audit_activities_rows
18
+ end
19
+ output = `sdm audit #{entity_name} -j`
20
+ output.split("\n")
21
+ end
22
+
23
+ def get_audit_activities_rows
24
+ interval_time = extract_activities_interval
25
+ if interval_time == nil
26
+ stream_activities
27
+ return
28
+ end
29
+ datetime_from = DateTime.now - (interval_time + 1.0)/(24*60)
30
+ datetime_to = DateTime.now - 1.0/(24*60)
31
+ output = `sdm audit activities -j -e --from "#{datetime_from.to_s}" --to "#{datetime_to.to_s}"`
32
+ output.split("\n")
33
+ end
34
+
35
+ def extract_activities_interval
36
+ extract_entities = ENV['LOG_EXPORT_CONTAINER_EXTRACT_AUDIT']
37
+ if ENV['LOG_EXPORT_CONTAINER_EXTRACT_AUDIT_ACTIVITIES_INTERVAL'] != nil
38
+ interval = ENV['LOG_EXPORT_CONTAINER_EXTRACT_AUDIT_ACTIVITIES_INTERVAL'].to_i
39
+ elsif extract_entities&.match /activities\/stream/
40
+ return nil
41
+ else
42
+ interval_match = extract_entities&.match /activities\/+(\d+)/
43
+ interval = interval_match ? interval_match[1].to_i : 15
44
+ end
45
+ interval
46
+ end
47
+
48
+ def stream_activities
49
+ stdout_and_stderr, thread = open_activities_stream
50
+ process_activity_stream(stdout_and_stderr)
51
+ Process.kill(SIGTERM, thread.pid)
52
+ end
53
+
54
+ def open_activities_stream
55
+ must_stream_json = ENV['LOG_EXPORT_CONTAINER_INPUT'].include?("json")
56
+ command = "sdm audit activities -e -f"
57
+ if must_stream_json
58
+ command += " -j"
59
+ end
60
+ _, stdout_and_stderr, thread = Open3.popen2e(command)
61
+ [stdout_and_stderr, thread]
62
+ end
63
+
64
+ def send_socket_message(message)
65
+ client = TCPSocket.open('localhost', 5140)
66
+ client.puts "<5>#{message}"
67
+ client.close
68
+ end
69
+
70
+ def parse_entity(entity, entity_name)
71
+ parsed_entity = JSON.parse(entity)
72
+ parsed_entity['type'] = AUDIT_ENTITY_TYPES[entity_name]
73
+ parsed_entity
74
+ end
75
+
76
+ def process_activity_stream(stdout)
77
+ must_stream_json = ENV['LOG_EXPORT_CONTAINER_INPUT'].include?("json")
78
+ stdout.each do |line|
79
+ if must_stream_json
80
+ message = JSON.generate(parse_entity(line, 'activities'))
81
+ else
82
+ message = line.gsub("\n", "") + ",activity"
83
+ end
84
+ send_socket_message(message)
85
+ end
86
+ end
87
+
88
+ def parse_rows(rows, entity_name)
89
+ parsed_rows = []
90
+ rows.each do |row|
91
+ parsed_rows << parse_entity(row, AUDIT_ENTITY_TYPES[entity_name])
92
+ end
93
+ parsed_rows
94
+ end
95
+
96
+ def print_rows(rows)
97
+ rows.each { |row| puts "#{JSON.generate(row)}" }
98
+ end
99
+
100
+ def dump_entities(entity_name)
101
+ unless AUDIT_ENTITY_TYPES.keys.include?(entity_name.to_s)
102
+ return
103
+ end
104
+ begin
105
+ rows = get_audit_rows(entity_name)
106
+ unless rows
107
+ return
108
+ end
109
+ parsed_rows = parse_rows(rows, entity_name)
110
+ print_rows(parsed_rows)
111
+ rescue StandardError => _e
112
+ error = {"error" => "An error ocurred while extracting the audit #{entity_name.to_s} data: #{_e}", "type" => "unclass"}
113
+ send_socket_message(JSON.generate(error))
114
+ end
115
+ end
116
+
117
+ dump_entities(ARGV[0])
data/start.rb ADDED
@@ -0,0 +1,34 @@
1
+ ::USING_WINDOWS = !!((RUBY_PLATFORM =~ /(win|w)(32|64)$/) || (RUBY_PLATFORM =~ /mswin|mingw/))
2
+
3
+ if ENV["SDM_ADMIN_TOKEN"]
4
+ puts('Starting SDM')
5
+ result = system("sdm --admin-token #{ENV['SDM_ADMIN_TOKEN']} login")
6
+ unless result
7
+ puts "You need to install SDM CLI."
8
+ return
9
+ end
10
+ listen_thread = Thread.new { system('sdm listen', :out => File::NULL, :err => File::NULL) }
11
+ until system('sdm status', :out => File::NULL) do
12
+ sleep(1)
13
+ end
14
+ end
15
+
16
+ puts("Creating Fluentd conf file")
17
+ require "#{ENV['FLUENTD_DIR']}/../create-conf.rb"
18
+
19
+ fluentd_pkg_name = "fluentd"
20
+ fluentd_pkg_version = "> 0.a"
21
+
22
+ puts("Starting Fluentd")
23
+
24
+ if ::USING_WINDOWS
25
+ fluentd_path = "fluentd"
26
+ elsif Gem.respond_to?(:activate_bin_path)
27
+ # when using Linux sometimes the "fluentd" binary is not called,
28
+ # so to ensure the proper execution we need to provide the full binary path
29
+ fluentd_path = Gem.activate_bin_path(fluentd_pkg_name, fluentd_pkg_name, fluentd_pkg_version)
30
+ else
31
+ fluentd_path = Gem.bin_path(fluentd_pkg_name, fluentd_pkg_name, fluentd_pkg_version)
32
+ end
33
+
34
+ system("#{fluentd_path} -c #{ENV['FLUENTD_DIR']}/etc/fluent.conf -p #{ENV['FLUENTD_DIR']}/plugins")
metadata ADDED
@@ -0,0 +1,365 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: log-export-container
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.53
5
+ platform: ruby
6
+ authors:
7
+ - StrongDM
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2022-10-31 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: fluentd
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: fluent
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: fluent-plugin-rewrite-tag-filter
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: fluent-plugin-s3
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :runtime
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: fluent-plugin-cloudwatch-logs
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :runtime
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: fluent-plugin-splunk-hec
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
90
+ type: :runtime
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: fluent-plugin-datadog
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :runtime
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: fluent-plugin-azure-loganalytics
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ">="
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :runtime
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ">="
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
125
+ - !ruby/object:Gem::Dependency
126
+ name: fluent-plugin-sumologic_output
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - ">="
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ type: :runtime
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - ">="
137
+ - !ruby/object:Gem::Version
138
+ version: '0'
139
+ - !ruby/object:Gem::Dependency
140
+ name: fluent-plugin-sanitizer
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - ">="
144
+ - !ruby/object:Gem::Version
145
+ version: '0'
146
+ type: :runtime
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: '0'
153
+ - !ruby/object:Gem::Dependency
154
+ name: fluent-plugin-kafka
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - ">="
158
+ - !ruby/object:Gem::Version
159
+ version: '0'
160
+ type: :runtime
161
+ prerelease: false
162
+ version_requirements: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - ">="
165
+ - !ruby/object:Gem::Version
166
+ version: '0'
167
+ - !ruby/object:Gem::Dependency
168
+ name: fluent-plugin-mongo
169
+ requirement: !ruby/object:Gem::Requirement
170
+ requirements:
171
+ - - ">="
172
+ - !ruby/object:Gem::Version
173
+ version: '0'
174
+ type: :runtime
175
+ prerelease: false
176
+ version_requirements: !ruby/object:Gem::Requirement
177
+ requirements:
178
+ - - ">="
179
+ - !ruby/object:Gem::Version
180
+ version: '0'
181
+ - !ruby/object:Gem::Dependency
182
+ name: fluent-plugin-logzio
183
+ requirement: !ruby/object:Gem::Requirement
184
+ requirements:
185
+ - - ">="
186
+ - !ruby/object:Gem::Version
187
+ version: '0'
188
+ type: :runtime
189
+ prerelease: false
190
+ version_requirements: !ruby/object:Gem::Requirement
191
+ requirements:
192
+ - - ">="
193
+ - !ruby/object:Gem::Version
194
+ version: '0'
195
+ - !ruby/object:Gem::Dependency
196
+ name: fluent-plugin-grafana-loki
197
+ requirement: !ruby/object:Gem::Requirement
198
+ requirements:
199
+ - - ">="
200
+ - !ruby/object:Gem::Version
201
+ version: '0'
202
+ type: :runtime
203
+ prerelease: false
204
+ version_requirements: !ruby/object:Gem::Requirement
205
+ requirements:
206
+ - - ">="
207
+ - !ruby/object:Gem::Version
208
+ version: '0'
209
+ - !ruby/object:Gem::Dependency
210
+ name: fluent-plugin-remote_syslog
211
+ requirement: !ruby/object:Gem::Requirement
212
+ requirements:
213
+ - - ">="
214
+ - !ruby/object:Gem::Version
215
+ version: '0'
216
+ type: :runtime
217
+ prerelease: false
218
+ version_requirements: !ruby/object:Gem::Requirement
219
+ requirements:
220
+ - - ">="
221
+ - !ruby/object:Gem::Version
222
+ version: '0'
223
+ - !ruby/object:Gem::Dependency
224
+ name: fluent-plugin-elasticsearch
225
+ requirement: !ruby/object:Gem::Requirement
226
+ requirements:
227
+ - - '='
228
+ - !ruby/object:Gem::Version
229
+ version: 5.2.4
230
+ type: :runtime
231
+ prerelease: false
232
+ version_requirements: !ruby/object:Gem::Requirement
233
+ requirements:
234
+ - - '='
235
+ - !ruby/object:Gem::Version
236
+ version: 5.2.4
237
+ - !ruby/object:Gem::Dependency
238
+ name: fluent-plugin-bigquery
239
+ requirement: !ruby/object:Gem::Requirement
240
+ requirements:
241
+ - - ">="
242
+ - !ruby/object:Gem::Version
243
+ version: '0'
244
+ type: :runtime
245
+ prerelease: false
246
+ version_requirements: !ruby/object:Gem::Requirement
247
+ requirements:
248
+ - - ">="
249
+ - !ruby/object:Gem::Version
250
+ version: '0'
251
+ - !ruby/object:Gem::Dependency
252
+ name: fluent-plugin-prometheus
253
+ requirement: !ruby/object:Gem::Requirement
254
+ requirements:
255
+ - - ">="
256
+ - !ruby/object:Gem::Version
257
+ version: '0'
258
+ type: :runtime
259
+ prerelease: false
260
+ version_requirements: !ruby/object:Gem::Requirement
261
+ requirements:
262
+ - - ">="
263
+ - !ruby/object:Gem::Version
264
+ version: '0'
265
+ - !ruby/object:Gem::Dependency
266
+ name: test-unit
267
+ requirement: !ruby/object:Gem::Requirement
268
+ requirements:
269
+ - - ">="
270
+ - !ruby/object:Gem::Version
271
+ version: '0'
272
+ type: :runtime
273
+ prerelease: false
274
+ version_requirements: !ruby/object:Gem::Requirement
275
+ requirements:
276
+ - - ">="
277
+ - !ruby/object:Gem::Version
278
+ version: '0'
279
+ - !ruby/object:Gem::Dependency
280
+ name: rspec
281
+ requirement: !ruby/object:Gem::Requirement
282
+ requirements:
283
+ - - ">="
284
+ - !ruby/object:Gem::Version
285
+ version: '0'
286
+ type: :runtime
287
+ prerelease: false
288
+ version_requirements: !ruby/object:Gem::Requirement
289
+ requirements:
290
+ - - ">="
291
+ - !ruby/object:Gem::Version
292
+ version: '0'
293
+ description: The application acts as a syslog concentrator. Customers that want to
294
+ export their strongDM query logs to a third party logging service can use the application
295
+ to do so. They configure the application for the appropriate target. Deploy the
296
+ application. Configure their strongDM gateways to logs to a syslog destination and
297
+ set the destination to the address of the logging application host.
298
+ email:
299
+ executables:
300
+ - log-export-container
301
+ extensions: []
302
+ extra_rdoc_files: []
303
+ files:
304
+ - bin/log-export-container
305
+ - conf-utils.rb
306
+ - create-conf.rb
307
+ - fluentd/etc/classify-default-csv.conf
308
+ - fluentd/etc/classify-default-json.conf
309
+ - fluentd/etc/classify-syslog-csv.conf
310
+ - fluentd/etc/classify-tcp-csv.conf
311
+ - fluentd/etc/input-extract-audit-entities.conf
312
+ - fluentd/etc/input-file-csv.conf
313
+ - fluentd/etc/input-file-json.conf
314
+ - fluentd/etc/input-json-chunk.conf
315
+ - fluentd/etc/input-syslog-csv.conf
316
+ - fluentd/etc/input-syslog-json.conf
317
+ - fluentd/etc/input-tcp-csv.conf
318
+ - fluentd/etc/input-tcp-json.conf
319
+ - fluentd/etc/monitoring.conf
320
+ - fluentd/etc/output-azure-loganalytics.conf
321
+ - fluentd/etc/output-bigquery.conf
322
+ - fluentd/etc/output-cloudwatch.conf
323
+ - fluentd/etc/output-datadog.conf
324
+ - fluentd/etc/output-elasticsearch-8.conf
325
+ - fluentd/etc/output-kafka.conf
326
+ - fluentd/etc/output-logz.conf
327
+ - fluentd/etc/output-loki.conf
328
+ - fluentd/etc/output-mongo.conf
329
+ - fluentd/etc/output-remote-syslog.conf
330
+ - fluentd/etc/output-s3.conf
331
+ - fluentd/etc/output-splunk-hec.conf
332
+ - fluentd/etc/output-stdout.conf
333
+ - fluentd/etc/output-sumologic.conf
334
+ - fluentd/etc/output-template.conf
335
+ - fluentd/etc/process.conf
336
+ - fluentd/plugins/filter_sdm_decode_chunk_events.rb
337
+ - fluentd/plugins/parser_sdm_json.rb
338
+ - fluentd/scripts/dump_sdm_entities.rb
339
+ - start.rb
340
+ homepage: https://strongdm.github.io/log-export-container/
341
+ licenses:
342
+ - Apache-2.0
343
+ metadata:
344
+ source_code_uri: https://github.com/strongdm/log-export-container
345
+ post_install_message:
346
+ rdoc_options: []
347
+ require_paths:
348
+ - lib
349
+ required_ruby_version: !ruby/object:Gem::Requirement
350
+ requirements:
351
+ - - ">="
352
+ - !ruby/object:Gem::Version
353
+ version: '0'
354
+ required_rubygems_version: !ruby/object:Gem::Requirement
355
+ requirements:
356
+ - - ">="
357
+ - !ruby/object:Gem::Version
358
+ version: '0'
359
+ requirements: []
360
+ rubygems_version: 3.3.7
361
+ signing_key:
362
+ specification_version: 4
363
+ summary: An application that can be easily deployed and configured to export strongDM
364
+ query logs
365
+ test_files: []