logstash-codec-cef 5.0.6-java → 6.0.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/docs/index.asciidoc +7 -21
- data/lib/logstash/codecs/cef.rb +0 -5
- data/logstash-codec-cef.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 30965bf1274a21adf481546aeef0435748e4ff33758d5dac3f02ff40191a0f88
|
|
4
|
+
data.tar.gz: f8860f9eeb553c05e960b75836a1a82aaa1dcd0559251c124434b07660964566
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4d52df92912ea498c721d70e02619d879c3d900e721b67b215bbf87bcc14184655b7e4af6bbc52e3e2e79e73e54565e59ab11982734d931d80b810f568fdda35
|
|
7
|
+
data.tar.gz: d951daf3544ce79a61efef3fe2038c91f0eb219bd5874aeab0623c8225b4ca0bd9ed1a025a69001d9670e4f514a56cabbf58f16ef345c0f33021fd12a7dea5dc
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
## 6.0.0
|
|
2
|
+
- Removed obsolete `sev` and `deprecated_v1_fields` fields
|
|
3
|
+
|
|
4
|
+
## 5.0.7
|
|
5
|
+
- Fixed minor doc inconsistencies (added reverse_mapping to options table, moved it to alpha order in option descriptions, fixed typo)
|
|
6
|
+
[#60](https://github.com/logstash-plugins/logstash-codec-cef/pull/60)
|
|
7
|
+
|
|
1
8
|
## 5.0.6
|
|
2
9
|
- Added reverse_mapping option, which can be used to make encoder compliant to spec [#51](https://github.com/logstash-plugins/logstash-codec-cef/pull/51)
|
|
3
10
|
|
data/docs/index.asciidoc
CHANGED
|
@@ -37,6 +37,7 @@ produce an event with the payload as the 'message' field and a '_cefparsefailure
|
|
|
37
37
|
| <<plugins-{type}s-{plugin}-fields>> |<<array,array>>|No
|
|
38
38
|
| <<plugins-{type}s-{plugin}-name>> |<<string,string>>|No
|
|
39
39
|
| <<plugins-{type}s-{plugin}-product>> |<<string,string>>|No
|
|
40
|
+
| <<plugins-{type}s-{plugin}-reverse_mapping>> |<<boolean,boolean>>|No
|
|
40
41
|
| <<plugins-{type}s-{plugin}-severity>> |<<string,string>>|No
|
|
41
42
|
| <<plugins-{type}s-{plugin}-signature>> |<<string,string>>|No
|
|
42
43
|
| <<plugins-{type}s-{plugin}-vendor>> |<<string,string>>|No
|
|
@@ -68,21 +69,6 @@ This setting allows the following character sequences to have special meaning:
|
|
|
68
69
|
* `\\r` (backslash "r") - means carriage return (ASCII 0x0D)
|
|
69
70
|
* `\\n` (backslash "n") - means newline (ASCII 0x0A)
|
|
70
71
|
|
|
71
|
-
[id="plugins-{type}s-{plugin}-deprecated_v1_fields"]
|
|
72
|
-
===== `deprecated_v1_fields` (OBSOLETE)
|
|
73
|
-
|
|
74
|
-
* OBSOLETE WARNING: This configuration item is obsolete and will prevent the pipeline from starting if used
|
|
75
|
-
* Value type is <<boolean,boolean>>
|
|
76
|
-
* There is no default value for this setting.
|
|
77
|
-
|
|
78
|
-
[id="plugins-{type}s-{plugin}-reverse_mapping"]
|
|
79
|
-
===== `reverse_mapping`
|
|
80
|
-
|
|
81
|
-
* Value type is <<<boolean,boolean>>
|
|
82
|
-
* Default value is `false`
|
|
83
|
-
|
|
84
|
-
Set to true to adhere to the specifications and encode using the CEF key name (short name) for the CEF field names.
|
|
85
|
-
|
|
86
72
|
[id="plugins-{type}s-{plugin}-fields"]
|
|
87
73
|
===== `fields`
|
|
88
74
|
|
|
@@ -109,14 +95,14 @@ to help you build a new value from other parts of the event.
|
|
|
109
95
|
Device product field in CEF header. The new value can include `%{foo}` strings
|
|
110
96
|
to help you build a new value from other parts of the event.
|
|
111
97
|
|
|
112
|
-
[id="plugins-{type}s-{plugin}-sev"]
|
|
113
|
-
===== `sev` (OBSOLETE)
|
|
114
98
|
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
* There is no default value for this setting.
|
|
99
|
+
[id="plugins-{type}s-{plugin}-reverse_mapping"]
|
|
100
|
+
===== `reverse_mapping`
|
|
118
101
|
|
|
119
|
-
|
|
102
|
+
* Value type is <<boolean,boolean>>
|
|
103
|
+
* Default value is `false`
|
|
104
|
+
|
|
105
|
+
Set to true to adhere to the specifications and encode using the CEF key name (short name) for the CEF field names.
|
|
120
106
|
|
|
121
107
|
[id="plugins-{type}s-{plugin}-severity"]
|
|
122
108
|
===== `severity`
|
data/lib/logstash/codecs/cef.rb
CHANGED
|
@@ -33,9 +33,6 @@ class LogStash::Codecs::CEF < LogStash::Codecs::Base
|
|
|
33
33
|
# to help you build a new value from other parts of the event.
|
|
34
34
|
config :name, :validate => :string, :default => "Logstash"
|
|
35
35
|
|
|
36
|
-
# Obsolete severity field for CEF header
|
|
37
|
-
config :sev, :validate => :string, :obsolete => "This setting is obsolete, use :severity instead."
|
|
38
|
-
|
|
39
36
|
# Severity field in CEF header. The new value can include `%{foo}` strings
|
|
40
37
|
# to help you build a new value from other parts of the event.
|
|
41
38
|
#
|
|
@@ -53,8 +50,6 @@ class LogStash::Codecs::CEF < LogStash::Codecs::Base
|
|
|
53
50
|
# version of the CEF field names.
|
|
54
51
|
config :reverse_mapping, :validate => :boolean, :default => false
|
|
55
52
|
|
|
56
|
-
config :deprecated_v1_fields, :validate => :boolean, :obsolete => "This setting is obsolete"
|
|
57
|
-
|
|
58
53
|
# If your input puts a delimiter between each CEF event, you'll want to set
|
|
59
54
|
# this to be that delimiter.
|
|
60
55
|
#
|
data/logstash-codec-cef.gemspec
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-codec-cef
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 6.0.0
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-01-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|