RubyGems - logstash-codec-netflow - Versions diffs - 3.13.0 → 3.13.1 - Mend

logstash-codec-netflow 3.13.0 → 3.13.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +4 -0
data/lib/logstash/codecs/netflow.rb +4 -3
data/logstash-codec-netflow.gemspec +1 -1
data/spec/codecs/ipfix_stress.py +30 -0
metadata +136 -132

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2e7dc24e899f3afdf8980d5815727b8394cf9b69
-  data.tar.gz: 3fa3f494f7ad39af68d3b99e6c918b995cd8cae7
+  metadata.gz: c23e37ebce85ad5d7ee957761e1f16cc37772955
+  data.tar.gz: e09afae9e5e63bf778eb12462d07c82aff476bd8
 SHA512:
-  metadata.gz: d81ead3c2fe61b83376d7a97fa7c9ded2039d42b2f95d7d80e39727bb60dd305a80367775d75f060accd7ec611e06f3c355ca75a3d8a76ae8535d72b4f24dddf
-  data.tar.gz: fe71e6a1e05f666a8b43c3de974b98e59f7a4663f12dcad0879cf5ca7b41f02740d5fe30bbfd3476c3c5bad76866ca06961afabcd5f14b4de6620b703f696b9d
+  metadata.gz: 665ba52fd62e594ca0058d7c3ff0e1fa34f81295db93c5c8bbf1b8537ce19870305d16d04090118427473f411da4ac230c2ca4eaf95c689bde8865c054eacbb6
+  data.tar.gz: a02bc82d767aaccfce8551787563d453c8fcc627afc744c24077b0824b0f0df3a84f74dbc9fd33a8b9e035c08bb928d9920b3c98271ed5f4d1f3d73b1951ea92

data/CHANGELOG.md CHANGED Viewed

@@ -1,3 +1,7 @@
+## 3.13.1
+  - Fixes exceptions due to concurrent access of IPFIX templates, see issue #134
 ## 3.13.0
   - Added support for Netflow 9 reduced-size encoding support

data/lib/logstash/codecs/netflow.rb CHANGED Viewed

@@ -344,9 +344,10 @@ class LogStash::Codecs::Netflow < LogStash::Codecs::Base
     when 256..65535
       # Data flowset
       key = "#{flowset.observation_domain_id}|#{record.flowset_id}"
-      if @ipfix_templates[key] != nil
-        template = @ipfix_templates[key]
-      else
+      template = @decode_mutex_ipfix.synchronize { @ipfix_templates[key] }
+      if !template
         @logger.warn("Can't (yet) decode flowset id #{record.flowset_id} from observation domain id #{flowset.observation_domain_id}, because no template to decode it with has been received. This message will usually go away after 1 minute.")
         return events
       end

data/logstash-codec-netflow.gemspec CHANGED Viewed

@@ -1,7 +1,7 @@
 Gem::Specification.new do |s|
   s.name            = 'logstash-codec-netflow'
-  s.version         = '3.13.0'
+  s.version         = '3.13.1'
   s.licenses        = ['Apache License (2.0)']
   s.summary         = "Reads Netflow v5, Netflow v9 and IPFIX data"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

data/spec/codecs/ipfix_stress.py ADDED Viewed

@@ -0,0 +1,30 @@
+import socket
+import sys
+import time
+import random
+## Standalone IPFIX stressor
+## Used to reproduce issue 134 https://github.com/logstash-plugins/logstash-codec-netflow/issues/134
+host = 'host02'
+port = 2055
+tpl = '\x00\n\x00\xa4Z\xd2\xc6\xfc\x00\x00K\xce\xabfn\xab\x00\x02\x00\x94\xce\xc7\x00\x17\x00\x08\x00\x04\x00\x1b\x00\x10\x00\x07\x00\x02\x00\x0c\x00\x04\x00\x1c\x00\x10\x00\x0b\x00\x02\x00\x10\x00\x04\x00\x11\x00\x04\x00\x04\x00\x01\x80\x01\xff\xff\x00\x00<%\x80\x1c\xff\xff\x00\x00<%\x00\x96\x00\x04\x00\x97\x00\x04\x80\x03\x00\x08\x00\x00<%\x80\x04\x00\x08\x00\x00<%\x80\x15\xff\xff\x00\x00<%\x80\x19\x00\x04\x00\x00<%\x80\x1a\xff\xff\x00\x00<%\x80\x16\xff\xff\x00\x00<%\x80\x0f\xff\xff\x00\x00<%\x80\x02\xff\xff\x00\x00<%\x80\x10\xff\xff\x00\x00<%\x80/\xff\xff\x00\x00<%'
+# 8 flows:
+data = '\x00\n\x05KZ\xd2\xc78\x00\x00K\xd4\xabfn\xab\xce\xc7\x05;\xb5\xd6WG\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd2\x1b\x8a,\xa1\x0e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xba\xde\x00\x00\x1d\x97\x00\x00\x1d\x97\x06\x0eBeing analyzed\x00Z\xd2\xc6zZ\xd2\xc6\xfe\x00\x00\x00\x00\x00\x00\x00<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00!INITIAL,SERVER_IS_LOCAL,BEGINNING\x0eBeing analyzed\x00\x05IPFIX\x00\x00\x00\x00 \x01\x03\x88\xcf\n\x00\x06\x00\x00\x00\x00\x00\x00\x00\x01\x00\x88\x00\x00\x00\x00 \x01\x03\x88\xcf\n\x00\x06\x00\x00\x00\x00\x00\x00\x00\x02\x00\x87\x00\x00\x00\x00\x00\x00\x00\x00:\x1aIP protocol 58 (IPv6-ICMP)\x00Z\xd2\xc6\xecZ\xd2\xc6\xfe\x00\x00\x00\x00\x00\x00\x00V\x00\x00\x00\x00\x00\x00\x00N\x00\x00\x00\x00\x00\x00\x00-INITIAL,SERVER_IS_LOCAL,BEGINNING,ESTABLISHED\x1aIP protocol 58 (IPv6-ICMP)\x00\x05IPFIX\x05\xbc\x0b#\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xac{\x8a,\xa1\x0e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00V\xec\x00\x00\x1d\x97\x00\x00\x1d\x97\x06\x0eBeing analyzed\x00Z\xd2\xc6\x84Z\xd2\xc7\x02\x00\x00\x00\x00\x00\x00\x00<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00!INITIAL,SERVER_IS_LOCAL,BEGINNING\x0eBeing analyzed\x00\x05IPFIX\xceu\x19Y\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8a,\xa1\x0e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x08\x00\x00\x00\xe2\x00\x00\x1d\x97\x01\x14IP protocol 1 (ICMP)\x00Z\xd2\xc6\xfeZ\xd2\xc7*\x00\x00\x00\x00\x00\x00\x00<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00!INITIAL,SERVER_IS_LOCAL,BEGINNING\x14IP protocol 1 (ICMP)\x00\x05IPFIX\x00\x00\x00\x00 \x01\x03\x88\xcf\n\x00\x06\x00\x00\x00\x00\x00\x00\x00\x01\x00\x88\x00\x00\x00\x00 \x01\x03\x88\xcf\n\x00\x06\x00\x00\x00\x00\x00\x00\x00\x02\x00\x87\x00\x00\x00\x00\x00\x00\x00\x00:\x1aIP protocol 58 (IPv6-ICMP)\x00Z\xd2\xc7\nZ\xd2\xc7*\x00\x00\x00\x00\x00\x00\x00V\x00\x00\x00\x00\x00\x00\x00N\x00\x00\x00\x00\x00\x00\x00-INITIAL,SERVER_IS_LOCAL,BEGINNING,ESTABLISHED\x1aIP protocol 58 (IPv6-ICMP)\x00\x05IPFIX\xb9\xe8\x1d\xc7\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xda=\x8a,\xa1\x0e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1d\x1b\x00\x00\x1d\x97\x00\x00\x1d\x97\x06\x0eBeing analyzed\x00Z\xd2\xc6\xfbZ\xd2\xc78\x00\x00\x00\x00\x00\x00\x00<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00!INITIAL,SERVER_IS_LOCAL,BEGINNING\x0eBeing analyzed\x00\x05IPFIX\xb1\xbc\xe4\x89\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00$\xd6\x8a,\xa1\x0e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07\xd0\x00\x00\x1d\x97\x00\x00\x1d\x97\x06\x0eBeing analyzed\x00Z\xd2\xc7\x1aZ\xd2\xc78\x00\x00\x00\x00\x00\x00\x00<\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00!INITIAL,SERVER_IS_LOCAL,BEGINNING\x0eBeing analyzed\x00\x05IPFIX\x8a,\xa1\x0e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x83\x99\x8a,\xa1\r\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb3\x00\x00\x1d\x97\x00\x00\x1d\x97\x06\x05BGP-4\x00Z\xd2\xc6\x0cZ\xd2\xc78\x00\x00\x00\x00\x00\x00\x1b\xa4\x00\x00\x00\x00\x00\x00\x0c\xee\x00\x00\x00\x00\x00\x00\x006INTERACTIVE,CLIENT_IS_LOCAL,INBOUND,ESTABLISHED,ACTIVE\x05BGP-4\x00\x05IPFIX'
+sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+print("IPFIX v9: sending 1 template 1 data packet in an infinite loop")
+duration = 0.0
+while True:
+    for i in range(0,400):
+        sock.sendto(tpl, (host, port))
+        sock.sendto(data, (host, port))
+    sys.stdout.write('.')
+    sys.stdout.flush()
+    time.sleep(random.random())
+print

metadata CHANGED Viewed

@@ -1,124 +1,107 @@
 --- !ruby/object:Gem::Specification
 name: logstash-codec-netflow
 version: !ruby/object:Gem::Version
-  version: 3.13.0
+  version: 3.13.1
 platform: ruby
 authors:
 - Elastic
-autorequire:
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-04-28 00:00:00.000000000 Z
+date: 2018-04-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
+  name: logstash-core-plugin-api
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
         version: '2.0'
-  name: logstash-core-plugin-api
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ~>
       - !ruby/object:Gem::Version
         version: '2.0'
 - !ruby/object:Gem::Dependency
+  name: bindata
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
         version: 1.5.0
-  name: bindata
-  prerelease: false
   type: :runtime
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
         version: 1.5.0
 - !ruby/object:Gem::Dependency
+  name: logstash-devutils
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
         version: 1.0.0
-  name: logstash-devutils
-  prerelease: false
   type: :development
+  prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '>='
       - !ruby/object:Gem::Version
         version: 1.0.0
-description: This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program
+description: This gem is a Logstash plugin required to be installed on top of the
+  Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This
+  gem is not a stand-alone program
 email: info@elastic.co
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- CHANGELOG.md
-- CONTRIBUTORS
-- Gemfile
-- LICENSE
-- NOTICE.TXT
-- README.md
-- RFC_COMPLIANCE_IPFIX.md
-- RFC_COMPLIANCE_NETFLOW_v9.md
-- docs/index.asciidoc
-- lib/logstash/codecs/netflow.rb
 - lib/logstash/codecs/netflow/iana2yaml.rb
-- lib/logstash/codecs/netflow/ipfix.yaml
 - lib/logstash/codecs/netflow/netflow.yaml
 - lib/logstash/codecs/netflow/util.rb
-- logstash-codec-netflow.gemspec
-- spec/codecs/benchmarks/ACLidASA.rb
-- spec/codecs/benchmarks/IP6Addr.rb
-- spec/codecs/benchmarks/IPAddr.rb
-- spec/codecs/benchmarks/MacAddr.rb
-- spec/codecs/benchmarks/netflow_bench_cisco_asa.py
-- spec/codecs/benchmarks/netflow_bench_cisco_asr.py
+- lib/logstash/codecs/netflow/ipfix.yaml
+- lib/logstash/codecs/netflow.rb
 - spec/codecs/ipfix.dat
-- spec/codecs/ipfix_test_barracuda_data256.dat
-- spec/codecs/ipfix_test_barracuda_extended_uniflow_data256.dat
-- spec/codecs/ipfix_test_barracuda_extended_uniflow_tpl256.dat
-- spec/codecs/ipfix_test_barracuda_tpl.dat
-- spec/codecs/ipfix_test_mikrotik_data258.dat
-- spec/codecs/ipfix_test_mikrotik_data259.dat
-- spec/codecs/ipfix_test_mikrotik_tpl.dat
-- spec/codecs/ipfix_test_netscaler_data.dat
-- spec/codecs/ipfix_test_netscaler_tpl.dat
-- spec/codecs/ipfix_test_nokia_bras_data256.dat
-- spec/codecs/ipfix_test_nokia_bras_tpl.dat
 - spec/codecs/ipfix_test_openbsd_pflow_data.dat
 - spec/codecs/ipfix_test_openbsd_pflow_tpl.dat
-- spec/codecs/ipfix_test_procera_data52935.dat
-- spec/codecs/ipfix_test_procera_tpl52935.dat
-- spec/codecs/ipfix_test_viptela_data257.dat
-- spec/codecs/ipfix_test_viptela_tpl257.dat
-- spec/codecs/ipfix_test_vmware_vds_data264.dat
-- spec/codecs/ipfix_test_vmware_vds_data266.dat
-- spec/codecs/ipfix_test_vmware_vds_data266_267.dat
-- spec/codecs/ipfix_test_vmware_vds_tpl.dat
-- spec/codecs/ipfix_test_yaf_data45841.dat
-- spec/codecs/ipfix_test_yaf_data45873.dat
-- spec/codecs/ipfix_test_yaf_data53248.dat
-- spec/codecs/ipfix_test_yaf_tpl45841.dat
-- spec/codecs/ipfix_test_yaf_tpls_option_tpl.dat
 - spec/codecs/netflow5.dat
 - spec/codecs/netflow5_test_invalid01.dat
 - spec/codecs/netflow5_test_invalid02.dat
 - spec/codecs/netflow5_test_juniper_mx80.dat
 - spec/codecs/netflow5_test_microtik.dat
-- spec/codecs/netflow9_cisco_asr1001x_tpl259.dat
-- spec/codecs/netflow9_test_0length_fields_tpl_data.dat
-- spec/codecs/netflow9_test_cisco_1941K9.dat
 - spec/codecs/netflow9_test_cisco_asa_1_data.dat
 - spec/codecs/netflow9_test_cisco_asa_1_tpl.dat
 - spec/codecs/netflow9_test_cisco_asa_2_data.dat
 - spec/codecs/netflow9_test_cisco_asa_2_tpl_26x.dat
 - spec/codecs/netflow9_test_cisco_asa_2_tpl_27x.dat
+- spec/codecs/netflow9_test_invalid01.dat
+- spec/codecs/netflow9_test_macaddr_data.dat
+- spec/codecs/netflow9_test_macaddr_tpl.dat
+- spec/codecs/netflow9_test_nprobe_data.dat
+- spec/codecs/netflow9_test_nprobe_tpl.dat
+- spec/codecs/netflow9_test_softflowd_tpl_data.dat
+- spec/codecs/netflow9_test_valid01.dat
+- spec/codecs/netflow9_test_ubnt_edgerouter_tpl.dat
+- spec/codecs/netflow9_test_ubnt_edgerouter_data1024.dat
+- spec/codecs/netflow9_test_ubnt_edgerouter_data1025.dat
+- spec/codecs/ipfix_test_netscaler_data.dat
+- spec/codecs/ipfix_test_netscaler_tpl.dat
+- spec/codecs/ipfix_test_vmware_vds_data264.dat
+- spec/codecs/ipfix_test_vmware_vds_data266.dat
+- spec/codecs/ipfix_test_vmware_vds_data266_267.dat
+- spec/codecs/ipfix_test_vmware_vds_tpl.dat
+- spec/codecs/ipfix_test_barracuda_data256.dat
+- spec/codecs/ipfix_test_barracuda_tpl.dat
+- spec/codecs/ipfix_test_mikrotik_data258.dat
+- spec/codecs/ipfix_test_mikrotik_data259.dat
+- spec/codecs/ipfix_test_mikrotik_tpl.dat
+- spec/codecs/ipfix_test_nokia_bras_tpl.dat
+- spec/codecs/netflow9_test_0length_fields_tpl_data.dat
+- spec/codecs/netflow_spec.rb
 - spec/codecs/netflow9_test_cisco_asr9k_data256.dat
 - spec/codecs/netflow9_test_cisco_asr9k_data260.dat
 - spec/codecs/netflow9_test_cisco_asr9k_opttpl256.dat
@@ -129,43 +112,63 @@ files:
 - spec/codecs/netflow9_test_cisco_nbar_data262.dat
 - spec/codecs/netflow9_test_cisco_nbar_opttpl260.dat
 - spec/codecs/netflow9_test_cisco_nbar_tpl262.dat
-- spec/codecs/netflow9_test_cisco_wlc_8510_tpl_262.dat
+- spec/codecs/netflow9_test_unknown_tpl266_292_data.dat
 - spec/codecs/netflow9_test_cisco_wlc_data261.dat
 - spec/codecs/netflow9_test_cisco_wlc_tpl.dat
-- spec/codecs/netflow9_test_field_layer2segmentid_data.dat
-- spec/codecs/netflow9_test_field_layer2segmentid_tpl.dat
 - spec/codecs/netflow9_test_fortigate_fortios_521_data256.dat
 - spec/codecs/netflow9_test_fortigate_fortios_521_data257.dat
 - spec/codecs/netflow9_test_fortigate_fortios_521_tpl.dat
-- spec/codecs/netflow9_test_huawei_netstream_data.dat
-- spec/codecs/netflow9_test_huawei_netstream_tpl.dat
-- spec/codecs/netflow9_test_invalid01.dat
-- spec/codecs/netflow9_test_iptnetflow_reduced_size_encoding_tpldata260.dat
 - spec/codecs/netflow9_test_juniper_srx_tplopt.dat
-- spec/codecs/netflow9_test_macaddr_data.dat
-- spec/codecs/netflow9_test_macaddr_tpl.dat
-- spec/codecs/netflow9_test_nprobe_data.dat
 - spec/codecs/netflow9_test_nprobe_dpi.dat
-- spec/codecs/netflow9_test_nprobe_tpl.dat
-- spec/codecs/netflow9_test_paloalto_panos_data.dat
-- spec/codecs/netflow9_test_paloalto_panos_tpl.dat
-- spec/codecs/netflow9_test_softflowd_tpl_data.dat
 - spec/codecs/netflow9_test_streamcore_tpl_data256.dat
 - spec/codecs/netflow9_test_streamcore_tpl_data260.dat
-- spec/codecs/netflow9_test_ubnt_edgerouter_data1024.dat
-- spec/codecs/netflow9_test_ubnt_edgerouter_data1025.dat
-- spec/codecs/netflow9_test_ubnt_edgerouter_tpl.dat
-- spec/codecs/netflow9_test_unknown_tpl266_292_data.dat
-- spec/codecs/netflow9_test_valid01.dat
-- spec/codecs/netflow_spec.rb
+- spec/codecs/ipfix_test_yaf_data45841.dat
+- spec/codecs/ipfix_test_yaf_data45873.dat
+- spec/codecs/ipfix_test_yaf_data53248.dat
+- spec/codecs/ipfix_test_yaf_tpl45841.dat
+- spec/codecs/ipfix_test_yaf_tpls_option_tpl.dat
+- spec/codecs/netflow9_cisco_asr1001x_tpl259.dat
+- spec/codecs/netflow9_test_cisco_1941K9.dat
+- spec/codecs/netflow9_test_cisco_wlc_8510_tpl_262.dat
+- spec/codecs/netflow9_test_paloalto_panos_data.dat
+- spec/codecs/netflow9_test_paloalto_panos_tpl.dat
 - spec/codecs/netflow_stress.py
+- spec/codecs/ipfix_test_viptela_tpl257.dat
+- spec/codecs/ipfix_test_viptela_data257.dat
+- spec/codecs/ipfix_test_nokia_bras_data256.dat
+- spec/codecs/netflow9_test_field_layer2segmentid_data.dat
+- spec/codecs/ipfix_test_procera_tpl52935.dat
+- spec/codecs/ipfix_test_procera_data52935.dat
+- spec/codecs/ipfix_test_barracuda_extended_uniflow_tpl256.dat
+- spec/codecs/benchmarks/netflow_bench_cisco_asa.py
+- spec/codecs/benchmarks/netflow_bench_cisco_asr.py
+- spec/codecs/benchmarks/ACLidASA.rb
+- spec/codecs/benchmarks/MacAddr.rb
+- spec/codecs/benchmarks/IPAddr.rb
+- spec/codecs/benchmarks/IP6Addr.rb
+- spec/codecs/ipfix_test_barracuda_extended_uniflow_data256.dat
+- spec/codecs/netflow9_test_field_layer2segmentid_tpl.dat
+- spec/codecs/netflow9_test_huawei_netstream_tpl.dat
+- spec/codecs/netflow9_test_huawei_netstream_data.dat
+- spec/codecs/ipfix_stress.py
+- spec/codecs/netflow9_test_iptnetflow_reduced_size_encoding_tpldata260.dat
+- logstash-codec-netflow.gemspec
+- CHANGELOG.md
+- README.md
+- RFC_COMPLIANCE_IPFIX.md
+- RFC_COMPLIANCE_NETFLOW_v9.md
+- CONTRIBUTORS
+- Gemfile
+- LICENSE
+- NOTICE.TXT
+- docs/index.asciidoc
 homepage: http://www.elastic.co/guide/en/logstash/current/index.html
 licenses:
 - Apache License (2.0)
 metadata:
   logstash_plugin: 'true'
   logstash_group: codec
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -180,58 +183,49 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.4.8
-signing_key:
+rubyforge_project:
+rubygems_version: 2.0.14.1
+signing_key:
 specification_version: 4
 summary: Reads Netflow v5, Netflow v9 and IPFIX data
 test_files:
-- spec/codecs/benchmarks/ACLidASA.rb
-- spec/codecs/benchmarks/IP6Addr.rb
-- spec/codecs/benchmarks/IPAddr.rb
-- spec/codecs/benchmarks/MacAddr.rb
-- spec/codecs/benchmarks/netflow_bench_cisco_asa.py
-- spec/codecs/benchmarks/netflow_bench_cisco_asr.py
 - spec/codecs/ipfix.dat
-- spec/codecs/ipfix_test_barracuda_data256.dat
-- spec/codecs/ipfix_test_barracuda_extended_uniflow_data256.dat
-- spec/codecs/ipfix_test_barracuda_extended_uniflow_tpl256.dat
-- spec/codecs/ipfix_test_barracuda_tpl.dat
-- spec/codecs/ipfix_test_mikrotik_data258.dat
-- spec/codecs/ipfix_test_mikrotik_data259.dat
-- spec/codecs/ipfix_test_mikrotik_tpl.dat
-- spec/codecs/ipfix_test_netscaler_data.dat
-- spec/codecs/ipfix_test_netscaler_tpl.dat
-- spec/codecs/ipfix_test_nokia_bras_data256.dat
-- spec/codecs/ipfix_test_nokia_bras_tpl.dat
 - spec/codecs/ipfix_test_openbsd_pflow_data.dat
 - spec/codecs/ipfix_test_openbsd_pflow_tpl.dat
-- spec/codecs/ipfix_test_procera_data52935.dat
-- spec/codecs/ipfix_test_procera_tpl52935.dat
-- spec/codecs/ipfix_test_viptela_data257.dat
-- spec/codecs/ipfix_test_viptela_tpl257.dat
-- spec/codecs/ipfix_test_vmware_vds_data264.dat
-- spec/codecs/ipfix_test_vmware_vds_data266.dat
-- spec/codecs/ipfix_test_vmware_vds_data266_267.dat
-- spec/codecs/ipfix_test_vmware_vds_tpl.dat
-- spec/codecs/ipfix_test_yaf_data45841.dat
-- spec/codecs/ipfix_test_yaf_data45873.dat
-- spec/codecs/ipfix_test_yaf_data53248.dat
-- spec/codecs/ipfix_test_yaf_tpl45841.dat
-- spec/codecs/ipfix_test_yaf_tpls_option_tpl.dat
 - spec/codecs/netflow5.dat
 - spec/codecs/netflow5_test_invalid01.dat
 - spec/codecs/netflow5_test_invalid02.dat
 - spec/codecs/netflow5_test_juniper_mx80.dat
 - spec/codecs/netflow5_test_microtik.dat
-- spec/codecs/netflow9_cisco_asr1001x_tpl259.dat
-- spec/codecs/netflow9_test_0length_fields_tpl_data.dat
-- spec/codecs/netflow9_test_cisco_1941K9.dat
 - spec/codecs/netflow9_test_cisco_asa_1_data.dat
 - spec/codecs/netflow9_test_cisco_asa_1_tpl.dat
 - spec/codecs/netflow9_test_cisco_asa_2_data.dat
 - spec/codecs/netflow9_test_cisco_asa_2_tpl_26x.dat
 - spec/codecs/netflow9_test_cisco_asa_2_tpl_27x.dat
+- spec/codecs/netflow9_test_invalid01.dat
+- spec/codecs/netflow9_test_macaddr_data.dat
+- spec/codecs/netflow9_test_macaddr_tpl.dat
+- spec/codecs/netflow9_test_nprobe_data.dat
+- spec/codecs/netflow9_test_nprobe_tpl.dat
+- spec/codecs/netflow9_test_softflowd_tpl_data.dat
+- spec/codecs/netflow9_test_valid01.dat
+- spec/codecs/netflow9_test_ubnt_edgerouter_tpl.dat
+- spec/codecs/netflow9_test_ubnt_edgerouter_data1024.dat
+- spec/codecs/netflow9_test_ubnt_edgerouter_data1025.dat
+- spec/codecs/ipfix_test_netscaler_data.dat
+- spec/codecs/ipfix_test_netscaler_tpl.dat
+- spec/codecs/ipfix_test_vmware_vds_data264.dat
+- spec/codecs/ipfix_test_vmware_vds_data266.dat
+- spec/codecs/ipfix_test_vmware_vds_data266_267.dat
+- spec/codecs/ipfix_test_vmware_vds_tpl.dat
+- spec/codecs/ipfix_test_barracuda_data256.dat
+- spec/codecs/ipfix_test_barracuda_tpl.dat
+- spec/codecs/ipfix_test_mikrotik_data258.dat
+- spec/codecs/ipfix_test_mikrotik_data259.dat
+- spec/codecs/ipfix_test_mikrotik_tpl.dat
+- spec/codecs/ipfix_test_nokia_bras_tpl.dat
+- spec/codecs/netflow9_test_0length_fields_tpl_data.dat
+- spec/codecs/netflow_spec.rb
 - spec/codecs/netflow9_test_cisco_asr9k_data256.dat
 - spec/codecs/netflow9_test_cisco_asr9k_data260.dat
 - spec/codecs/netflow9_test_cisco_asr9k_opttpl256.dat
@@ -242,33 +236,43 @@ test_files:
 - spec/codecs/netflow9_test_cisco_nbar_data262.dat
 - spec/codecs/netflow9_test_cisco_nbar_opttpl260.dat
 - spec/codecs/netflow9_test_cisco_nbar_tpl262.dat
-- spec/codecs/netflow9_test_cisco_wlc_8510_tpl_262.dat
+- spec/codecs/netflow9_test_unknown_tpl266_292_data.dat
 - spec/codecs/netflow9_test_cisco_wlc_data261.dat
 - spec/codecs/netflow9_test_cisco_wlc_tpl.dat
-- spec/codecs/netflow9_test_field_layer2segmentid_data.dat
-- spec/codecs/netflow9_test_field_layer2segmentid_tpl.dat
 - spec/codecs/netflow9_test_fortigate_fortios_521_data256.dat
 - spec/codecs/netflow9_test_fortigate_fortios_521_data257.dat
 - spec/codecs/netflow9_test_fortigate_fortios_521_tpl.dat
-- spec/codecs/netflow9_test_huawei_netstream_data.dat
-- spec/codecs/netflow9_test_huawei_netstream_tpl.dat
-- spec/codecs/netflow9_test_invalid01.dat
-- spec/codecs/netflow9_test_iptnetflow_reduced_size_encoding_tpldata260.dat
 - spec/codecs/netflow9_test_juniper_srx_tplopt.dat
-- spec/codecs/netflow9_test_macaddr_data.dat
-- spec/codecs/netflow9_test_macaddr_tpl.dat
-- spec/codecs/netflow9_test_nprobe_data.dat
 - spec/codecs/netflow9_test_nprobe_dpi.dat
-- spec/codecs/netflow9_test_nprobe_tpl.dat
-- spec/codecs/netflow9_test_paloalto_panos_data.dat
-- spec/codecs/netflow9_test_paloalto_panos_tpl.dat
-- spec/codecs/netflow9_test_softflowd_tpl_data.dat
 - spec/codecs/netflow9_test_streamcore_tpl_data256.dat
 - spec/codecs/netflow9_test_streamcore_tpl_data260.dat
-- spec/codecs/netflow9_test_ubnt_edgerouter_data1024.dat
-- spec/codecs/netflow9_test_ubnt_edgerouter_data1025.dat
-- spec/codecs/netflow9_test_ubnt_edgerouter_tpl.dat
-- spec/codecs/netflow9_test_unknown_tpl266_292_data.dat
-- spec/codecs/netflow9_test_valid01.dat
-- spec/codecs/netflow_spec.rb
+- spec/codecs/ipfix_test_yaf_data45841.dat
+- spec/codecs/ipfix_test_yaf_data45873.dat
+- spec/codecs/ipfix_test_yaf_data53248.dat
+- spec/codecs/ipfix_test_yaf_tpl45841.dat
+- spec/codecs/ipfix_test_yaf_tpls_option_tpl.dat
+- spec/codecs/netflow9_cisco_asr1001x_tpl259.dat
+- spec/codecs/netflow9_test_cisco_1941K9.dat
+- spec/codecs/netflow9_test_cisco_wlc_8510_tpl_262.dat
+- spec/codecs/netflow9_test_paloalto_panos_data.dat
+- spec/codecs/netflow9_test_paloalto_panos_tpl.dat
 - spec/codecs/netflow_stress.py
+- spec/codecs/ipfix_test_viptela_tpl257.dat
+- spec/codecs/ipfix_test_viptela_data257.dat
+- spec/codecs/ipfix_test_nokia_bras_data256.dat
+- spec/codecs/netflow9_test_field_layer2segmentid_data.dat
+- spec/codecs/ipfix_test_procera_tpl52935.dat
+- spec/codecs/ipfix_test_procera_data52935.dat
+- spec/codecs/ipfix_test_barracuda_extended_uniflow_tpl256.dat
+- spec/codecs/benchmarks/netflow_bench_cisco_asa.py
+- spec/codecs/benchmarks/netflow_bench_cisco_asr.py
+- spec/codecs/benchmarks/ACLidASA.rb
+- spec/codecs/benchmarks/MacAddr.rb
+- spec/codecs/benchmarks/IPAddr.rb
+- spec/codecs/benchmarks/IP6Addr.rb
+- spec/codecs/ipfix_test_barracuda_extended_uniflow_data256.dat
+- spec/codecs/netflow9_test_field_layer2segmentid_tpl.dat
+- spec/codecs/netflow9_test_huawei_netstream_tpl.dat
+- spec/codecs/netflow9_test_huawei_netstream_data.dat
+- spec/codecs/ipfix_stress.py
+- spec/codecs/netflow9_test_iptnetflow_reduced_size_encoding_tpldata260.dat