logstash-codec-cef 6.2.2-java → 6.2.3-java

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -3
  3. data/docs/index.asciidoc +1 -3
  4. data/lib/logstash/codecs/cef.rb +5 -3
  5. data/logstash-codec-cef.gemspec +3 -2
  6. data/spec/codecs/cef_spec.rb +1 -1
  7. metadata +22 -9
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d6769d2631f2bd27a0e5d4efebcdf5522eb2e1e843fef3d195ca804d4e68e1cb
4
- data.tar.gz: 97a5acd21e5041dbb91129819ed13b4989f269acaccbc134a26be5c6a83535e6
3
+ metadata.gz: d45c024f0bdb71f6056b553e138fff8d57479d021ab3ba8b98ba69384bf9898f
4
+ data.tar.gz: 7ddb2bd1427fcf5c2ca91e762a326d0a9e73e17d911dbadaf4dffc4fdcfc50e8
5
5
  SHA512:
6
- metadata.gz: 7a1021a17d1c87f07bf61f5583acda25f69e69c7946191056d93f0c8c0e9f1ad3aea6489b14fb78754c92507114d588ba36513d7ba9d39e861550d02aeaa7cab
7
- data.tar.gz: ff9ce9b27c9c4ae1cc5440cecd9e6113989507e030bf609683de344645536eb1a713149e70da2f87638dd553e493145c750f54e5e560d5b938829b8d0b6404e8
6
+ metadata.gz: 4e1afac1d4c0c05fa8bc4db6f61063d591e47ba85623b8e2530cddbf599e4e2cc6e3b968f1effbe23bb196a1864111d70eee6b354d7404cabb6f27b1fa431be2
7
+ data.tar.gz: 872d25b0b8f8b2aa3f2e884794df1afd614cb26408ce7bdcdc4fc9e7a90cd9b6750659b2da37b4072229cec8f83ebbbd5eca691af32926404e967e1a00c4c628
data/CHANGELOG.md CHANGED
@@ -1,16 +1,19 @@
1
+ ## 6.2.3
2
+ - Feat: event_factory support [#94](https://github.com/logstash-plugins/logstash-codec-cef/pull/94)
3
+
1
4
  ## 6.2.2
2
5
  - Fixed invalid Field Reference that could occur when ECS mode was enabled and the CEF field `fileHash` was parsed.
3
- - Added expanded mapping for numbered `deviceCustom*` and `deviceCustom*Label` fields so that all now include numbers 1 through 15.
6
+ - Added expanded mapping for numbered `deviceCustom*` and `deviceCustom*Label` fields so that all now include numbers 1 through 15. [#89](https://github.com/logstash-plugins/logstash-codec-cef/pull/89).
4
7
 
5
8
  ## 6.2.1
6
9
  - Added field mapping to docs.
7
- - Fixed ECS mapping of `deviceMacAddress` field.
10
+ - Fixed ECS mapping of `deviceMacAddress` field. [#88](https://github.com/logstash-plugins/logstash-codec-cef/pull/88).
8
11
 
9
12
  ## 6.2.0
10
13
  - Introduce ECS Compatibility mode [#83](https://github.com/logstash-plugins/logstash-codec-cef/pull/83).
11
14
 
12
15
  ## 6.1.2
13
- - Added error log with full payload when something bad happens in decoding a message[#84](https://github.com/logstash-plugins/logstash-codec-cef/pull/84)
16
+ - Added error log with full payload when something bad happens in decoding a message [#84](https://github.com/logstash-plugins/logstash-codec-cef/pull/84)
14
17
 
15
18
  ## 6.1.1
16
19
  - Improved encoding performance, especially when encoding many extension fields [#81](https://github.com/logstash-plugins/logstash-codec-cef/pull/81)
data/docs/index.asciidoc CHANGED
@@ -484,9 +484,7 @@ If the codec handles data from a variety of sources, the ECS recommendation is t
484
484
  ** When Logstash provides a `pipeline.ecs_compatibility` setting, its value is used as the default
485
485
  ** Otherwise, the default value is `disabled`.
486
486
 
487
- Controls this plugin's compatibility with the
488
- {ecs-ref}[Elastic Common Schema (ECS)]
489
- (ECS)].
487
+ Controls this plugin's compatibility with the {ecs-ref}[Elastic Common Schema (ECS)].
490
488
 
491
489
  [id="plugins-{type}s-{plugin}-fields"]
492
490
  ===== `fields`
data/lib/logstash/codecs/cef.rb CHANGED
@@ -6,6 +6,7 @@ require "json"
6
6
  require "time"
7
7
 
8
8
  require 'logstash/plugin_mixins/ecs_compatibility_support'
9
+ require 'logstash/plugin_mixins/event_support/event_factory_adapter'
9
10
 
10
11
  # Implementation of a Logstash codec for the ArcSight Common Event Format (CEF)
11
12
  # Based on Revision 20 of Implementing ArcSight CEF, dated from June 05, 2013
@@ -16,7 +17,8 @@ require 'logstash/plugin_mixins/ecs_compatibility_support'
16
17
  class LogStash::Codecs::CEF < LogStash::Codecs::Base
17
18
  config_name "cef"
18
19
 
19
- include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1)
20
+ include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1, :v8 => :v1)
21
+ include LogStash::PluginMixins::EventSupport::EventFactoryAdapter
20
22
 
21
23
  InvalidTimestamp = Class.new(StandardError)
22
24
 
@@ -201,7 +203,7 @@ class LogStash::Codecs::CEF < LogStash::Codecs::Base
201
203
 
202
204
  def handle(data, &block)
203
205
  original_data = data.dup
204
- event = LogStash::Event.new
206
+ event = event_factory.new_event
205
207
  event.set(raw_data_field, data) unless raw_data_field.nil?
206
208
 
207
209
  @utf8_charset.convert(data)
@@ -282,7 +284,7 @@ class LogStash::Codecs::CEF < LogStash::Codecs::Base
282
284
  rescue => e
283
285
  @logger.error("Failed to decode CEF payload. Generating failure event with payload in message field.",
284
286
  :exception => e.class, :message => e.message, :backtrace => e.backtrace, :original_data => original_data)
285
- yield LogStash::Event.new("message" => data, "tags" => ["_cefparsefailure"])
287
+ yield event_factory.new_event("message" => data, "tags" => ["_cefparsefailure"])
286
288
  end
287
289
 
288
290
  public
data/logstash-codec-cef.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'logstash-codec-cef'
4
- s.version = '6.2.2'
4
+ s.version = '6.2.3'
5
5
  s.platform = 'java'
6
6
  s.licenses = ['Apache License (2.0)']
7
7
  s.summary = "Reads the ArcSight Common Event Format (CEF)."
@@ -22,7 +22,8 @@ Gem::Specification.new do |s|
22
22
 
23
23
  # Gem dependencies
24
24
  s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
25
- s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~>1.1'
25
+ s.add_runtime_dependency "logstash-mixin-ecs_compatibility_support", '~> 1.3'
26
+ s.add_runtime_dependency "logstash-mixin-event_support", '~> 1.0'
26
27
 
27
28
  s.add_development_dependency 'logstash-devutils'
28
29
  s.add_development_dependency 'insist'
data/spec/codecs/cef_spec.rb CHANGED
@@ -873,7 +873,7 @@ describe LogStash::Codecs::CEF do
873
873
 
874
874
  let(:results) { [] }
875
875
 
876
- ecs_compatibility_matrix(:disabled,:v1) do |ecs_select|
876
+ ecs_compatibility_matrix(:disabled, :v1, :v8 => :v1) do |ecs_select|
877
877
  before(:each) do
878
878
  allow_any_instance_of(described_class).to receive(:ecs_compatibility).and_return(ecs_compatibility)
879
879
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-codec-cef
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.2.2
4
+ version: 6.2.3
5
5
  platform: java
6
6
  authors:
7
7
  - Elastic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-06-22 00:00:00.000000000 Z
11
+ date: 2021-07-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -20,8 +20,8 @@ dependencies:
20
20
  - !ruby/object:Gem::Version
21
21
  version: '2.99'
22
22
  name: logstash-core-plugin-api
23
- prerelease: false
24
23
  type: :runtime
24
+ prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
26
26
  requirements:
27
27
  - - ">="
@@ -35,15 +35,29 @@ dependencies:
35
35
  requirements:
36
36
  - - "~>"
37
37
  - !ruby/object:Gem::Version
38
- version: '1.1'
38
+ version: '1.3'
39
39
  name: logstash-mixin-ecs_compatibility_support
40
+ type: :runtime
40
41
  prerelease: false
42
+ version_requirements: !ruby/object:Gem::Requirement
43
+ requirements:
44
+ - - "~>"
45
+ - !ruby/object:Gem::Version
46
+ version: '1.3'
47
+ - !ruby/object:Gem::Dependency
48
+ requirement: !ruby/object:Gem::Requirement
49
+ requirements:
50
+ - - "~>"
51
+ - !ruby/object:Gem::Version
52
+ version: '1.0'
53
+ name: logstash-mixin-event_support
41
54
  type: :runtime
55
+ prerelease: false
42
56
  version_requirements: !ruby/object:Gem::Requirement
43
57
  requirements:
44
58
  - - "~>"
45
59
  - !ruby/object:Gem::Version
46
- version: '1.1'
60
+ version: '1.0'
47
61
  - !ruby/object:Gem::Dependency
48
62
  requirement: !ruby/object:Gem::Requirement
49
63
  requirements:
@@ -51,8 +65,8 @@ dependencies:
51
65
  - !ruby/object:Gem::Version
52
66
  version: '0'
53
67
  name: logstash-devutils
54
- prerelease: false
55
68
  type: :development
69
+ prerelease: false
56
70
  version_requirements: !ruby/object:Gem::Requirement
57
71
  requirements:
58
72
  - - ">="
@@ -65,8 +79,8 @@ dependencies:
65
79
  - !ruby/object:Gem::Version
66
80
  version: '0'
67
81
  name: insist
68
- prerelease: false
69
82
  type: :development
83
+ prerelease: false
70
84
  version_requirements: !ruby/object:Gem::Requirement
71
85
  requirements:
72
86
  - - ">="
@@ -113,8 +127,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
113
127
  - !ruby/object:Gem::Version
114
128
  version: '0'
115
129
  requirements: []
116
- rubyforge_project:
117
- rubygems_version: 2.6.13
130
+ rubygems_version: 3.0.6
118
131
  signing_key:
119
132
  specification_version: 4
120
133
  summary: Reads the ArcSight Common Event Format (CEF).