logstash-codec-cef 5.0.6-java → 6.0.0-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/docs/index.asciidoc +7 -21
- data/lib/logstash/codecs/cef.rb +0 -5
- data/logstash-codec-cef.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 30965bf1274a21adf481546aeef0435748e4ff33758d5dac3f02ff40191a0f88
|
|
4
|
+
data.tar.gz: f8860f9eeb553c05e960b75836a1a82aaa1dcd0559251c124434b07660964566
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4d52df92912ea498c721d70e02619d879c3d900e721b67b215bbf87bcc14184655b7e4af6bbc52e3e2e79e73e54565e59ab11982734d931d80b810f568fdda35
|
|
7
|
+
data.tar.gz: d951daf3544ce79a61efef3fe2038c91f0eb219bd5874aeab0623c8225b4ca0bd9ed1a025a69001d9670e4f514a56cabbf58f16ef345c0f33021fd12a7dea5dc
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,10 @@
|
|
|
1
|
+
## 6.0.0
|
|
2
|
+
- Removed obsolete `sev` and `deprecated_v1_fields` fields
|
|
3
|
+
|
|
4
|
+
## 5.0.7
|
|
5
|
+
- Fixed minor doc inconsistencies (added reverse_mapping to options table, moved it to alpha order in option descriptions, fixed typo)
|
|
6
|
+
[#60](https://github.com/logstash-plugins/logstash-codec-cef/pull/60)
|
|
7
|
+
|
|
1
8
|
## 5.0.6
|
|
2
9
|
- Added reverse_mapping option, which can be used to make encoder compliant to spec [#51](https://github.com/logstash-plugins/logstash-codec-cef/pull/51)
|
|
3
10
|
|
data/docs/index.asciidoc
CHANGED
|
@@ -37,6 +37,7 @@ produce an event with the payload as the 'message' field and a '_cefparsefailure
|
|
|
37
37
|
| <<plugins-{type}s-{plugin}-fields>> |<<array,array>>|No
|
|
38
38
|
| <<plugins-{type}s-{plugin}-name>> |<<string,string>>|No
|
|
39
39
|
| <<plugins-{type}s-{plugin}-product>> |<<string,string>>|No
|
|
40
|
+
| <<plugins-{type}s-{plugin}-reverse_mapping>> |<<boolean,boolean>>|No
|
|
40
41
|
| <<plugins-{type}s-{plugin}-severity>> |<<string,string>>|No
|
|
41
42
|
| <<plugins-{type}s-{plugin}-signature>> |<<string,string>>|No
|
|
42
43
|
| <<plugins-{type}s-{plugin}-vendor>> |<<string,string>>|No
|
|
@@ -68,21 +69,6 @@ This setting allows the following character sequences to have special meaning:
|
|
|
68
69
|
* `\\r` (backslash "r") - means carriage return (ASCII 0x0D)
|
|
69
70
|
* `\\n` (backslash "n") - means newline (ASCII 0x0A)
|
|
70
71
|
|
|
71
|
-
[id="plugins-{type}s-{plugin}-deprecated_v1_fields"]
|
|
72
|
-
===== `deprecated_v1_fields` (OBSOLETE)
|
|
73
|
-
|
|
74
|
-
* OBSOLETE WARNING: This configuration item is obsolete and will prevent the pipeline from starting if used
|
|
75
|
-
* Value type is <<boolean,boolean>>
|
|
76
|
-
* There is no default value for this setting.
|
|
77
|
-
|
|
78
|
-
[id="plugins-{type}s-{plugin}-reverse_mapping"]
|
|
79
|
-
===== `reverse_mapping`
|
|
80
|
-
|
|
81
|
-
* Value type is <<<boolean,boolean>>
|
|
82
|
-
* Default value is `false`
|
|
83
|
-
|
|
84
|
-
Set to true to adhere to the specifications and encode using the CEF key name (short name) for the CEF field names.
|
|
85
|
-
|
|
86
72
|
[id="plugins-{type}s-{plugin}-fields"]
|
|
87
73
|
===== `fields`
|
|
88
74
|
|
|
@@ -109,14 +95,14 @@ to help you build a new value from other parts of the event.
|
|
|
109
95
|
Device product field in CEF header. The new value can include `%{foo}` strings
|
|
110
96
|
to help you build a new value from other parts of the event.
|
|
111
97
|
|
|
112
|
-
[id="plugins-{type}s-{plugin}-sev"]
|
|
113
|
-
===== `sev` (OBSOLETE)
|
|
114
98
|
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
* There is no default value for this setting.
|
|
99
|
+
[id="plugins-{type}s-{plugin}-reverse_mapping"]
|
|
100
|
+
===== `reverse_mapping`
|
|
118
101
|
|
|
119
|
-
|
|
102
|
+
* Value type is <<boolean,boolean>>
|
|
103
|
+
* Default value is `false`
|
|
104
|
+
|
|
105
|
+
Set to true to adhere to the specifications and encode using the CEF key name (short name) for the CEF field names.
|
|
120
106
|
|
|
121
107
|
[id="plugins-{type}s-{plugin}-severity"]
|
|
122
108
|
===== `severity`
|
data/lib/logstash/codecs/cef.rb
CHANGED
|
@@ -33,9 +33,6 @@ class LogStash::Codecs::CEF < LogStash::Codecs::Base
|
|
|
33
33
|
# to help you build a new value from other parts of the event.
|
|
34
34
|
config :name, :validate => :string, :default => "Logstash"
|
|
35
35
|
|
|
36
|
-
# Obsolete severity field for CEF header
|
|
37
|
-
config :sev, :validate => :string, :obsolete => "This setting is obsolete, use :severity instead."
|
|
38
|
-
|
|
39
36
|
# Severity field in CEF header. The new value can include `%{foo}` strings
|
|
40
37
|
# to help you build a new value from other parts of the event.
|
|
41
38
|
#
|
|
@@ -53,8 +50,6 @@ class LogStash::Codecs::CEF < LogStash::Codecs::Base
|
|
|
53
50
|
# version of the CEF field names.
|
|
54
51
|
config :reverse_mapping, :validate => :boolean, :default => false
|
|
55
52
|
|
|
56
|
-
config :deprecated_v1_fields, :validate => :boolean, :obsolete => "This setting is obsolete"
|
|
57
|
-
|
|
58
53
|
# If your input puts a delimiter between each CEF event, you'll want to set
|
|
59
54
|
# this to be that delimiter.
|
|
60
55
|
#
|
data/logstash-codec-cef.gemspec
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-codec-cef
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 6.0.0
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-01-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|