logstash-codec-netflow 3.7.0 → 3.7.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 6ec64d7b15d22507520ad309db31e16ba1b8a7e8
-  data.tar.gz: 220897f720240a8661433ed02bd7636a1df2da9a
+SHA256:
+  metadata.gz: 565c6ab7ab13d7903e04ee30abcc47d29af927f1689358f805036df90302ae87
+  data.tar.gz: ea82070a59a0281f891a07d98a5bebdf71478284935c869ef3253266f8eea93b
 SHA512:
-  metadata.gz: 2c2eee6eaf70600ff45c849e9ba8dee0dbef471dfa671bf76492b55e584d7563c06d7937995a9749147ebe4202c0c29b6dc8e3c51628bec68214e1367a54b108
-  data.tar.gz: 695f58fc390c7dfd0860d1ef4134e3f580e1a06a0d7f69bac3b9b3a548320109be38628d6541be05718c7a9ccb20b163592956d5ceda299a93262389bdadaa04
+  metadata.gz: c9524679b1ca9860e3be04c68563a531328aa1119363d245927788bc905da15b683f2dfae48ef8e01d6559a66e19320841fddb72bf07f48616d600d320b08a46
+  data.tar.gz: 9f6b5cff6f7662b392d7f38d672cb3fae272c2d2e28a656a2e7d7d2911f3f6f9a5a5a88aee4dd41a379605782673d1635ae7d0051a88c3f477e7a28b3027ed01

data/CHANGELOG.md

@@ -1,3 +1,11 @@
+## 3.7.1
+  - Update gemspec summary
+
+## 3.7.1
+
+  - Added support for CISCO1941/K9 software 15.1 
+
+
 ## 3.7.0
 
   - Added support for Cisco WLC 8510 software 8.2

data/CONTRIBUTORS

@@ -16,7 +16,7 @@ Contributors:
 * Jordan Sissel (jordansissel)
 * Jorrit Folmer (jorritfolmer)
 * Keenan Tims (ktims)
-* Marian Craciunescu
+* Marian Craciunescu (marian-craciunescu)
 * Matt Dainty (bodgit)
 * Paul Warren (pwarren)
 * Philipp Kahr
@@ -29,6 +29,7 @@ Contributors:
 * Yehonatan Devorkin (Devorkin)
 * Rojuinex
 * debadair
+* HenryTheSir
 * hkshirish
 * hhindlem
 * niempy

data/lib/logstash/codecs/netflow/ipfix.yaml

@@ -1830,24 +1830,102 @@
   357:
   - :uint32
   - :netscalerUnknown357
+  358:
+  - :uint32
+  - :netscalerUnknown358
+  359:
+  - :uint32
+  - :netscalerUnknown359
+  360:
+  - :uint32
+  - :netscalerUnknown360
+  361:
+  - :octetarray
+  - :netscalerUnknown361
+  362:
+  - :uint32
+  - :netscalerUnknown362
   363:
   - :octetarray
   - :netscalerUnknown363
+  364:
+  - :uint32
+  - :netscalerUnknown364
+  365:
+  - :uint32
+  - :netscalerUnknown365
+  366:
+  - :uint64
+  - :netscalerUnknown366
+  367:
+  - :octetarray
+  - :netscalerUnknown367
+  377:
+  - :uint32
+  - :netscalerUnknown377
+  380:
+  - :uint8
+  - :netscalerUnknown380
   383:
   - :octetarray
   - :netscalerUnknown383
+  384:
+  - :octetarray
+  - :netscalerUnknown384
+  385:
+  - :octetarray
+  - :netscalerUnknown385
+  386:
+  - :string
+  - :netscalerUnknown386
+  387:
+  - :string
+  - :netscalerUnknown387
+  388:
+  - :uint8
+  - :netscalerUnknown388
+  389:
+  - :string
+  - :netscalerUnknown389
   391:
   - :uint32
   - :netscalerUnknown391
+  392:
+  - :uint16
+  - :netscalerUnknown392
+  393:
+  - :uint32
+  - :netscalerUnknown393
+  394:
+  - :uint32
+  - :netscalerUnknown394
   398:
   - :uint32
   - :netscalerUnknown398
+  399:
+  - :uint32
+  - :netscalerUnknown399
+  400:
+  - :uint16
+  - :netscalerUnknown400
+  401:
+  - :uint16
+  - :netscalerUnknown401
+  402:
+  - :uint8
+  - :netscalerUnknown402
+  403:
+  - :uint8
+  - :netscalerUnknown403
   404:
   - :uint32
   - :netscalerUnknown404
   405:
   - :uint32
   - :netscalerUnknown405
+  408:
+  - :uint8
+  - :netscalerUnknown408
   427:
   - :uint64
   - :netscalerUnknown427
@@ -1860,12 +1938,168 @@
   433:
   - :uint8
   - :netscalerUnknown433
+  434:
+  - :uint8
+  - :netscalerUnknown434
+  435:
+  - :uint8
+  - :netscalerUnknown435
+  447:
+  - :uint32
+  - :netscalerUnknown447
+  448:
+  - :uint32
+  - :netscalerUnknown448
+  451:
+  - :uint64
+  - :netscalerUnknown451
+  452:
+  - :uint64
+  - :netscalerUnknown452
   453:
   - :uint64
   - :netscalerUnknown453
+  455:
+  - :uint64
+  - :netscalerUnknown455
+  458:
+  - :uint32
+  - :netscalerUnknown458
+  459:
+  - :uint32
+  - :netscalerUnknown459
+  460:
+  - :uint32
+  - :netscalerUnknown460
+  461:
+  - :uint32
+  - :netscalerUnknown461
+  463:
+  - :uint32
+  - :netscalerUnknown463
+  464:
+  - :uint32
+  - :netscalerUnknown464
   465:
   - :uint32
   - :netscalerUnknown465
+  466:
+  - :uint32
+  - :netscalerUnknown466
+  467:
+  - :uint64
+  - :netscalerUnknown467
+  468:
+  - :uint64
+  - :netscalerUnknown468
+  475:
+  - :string
+  - :netscalerUnknown475
+  476:
+  - :uint8
+  - :netscalerUnknown476
+  477:
+  - :uint32
+  - :netscalerUnknown477
+  478:
+  - :uint32
+  - :netscalerUnknown478
+  479:
+  - :string
+  - :netscalerUnknown479
+  480:
+  - :uint8
+  - :netscalerUnknown480
+  481:
+  - :uint8
+  - :netscalerUnknown481
+  487:
+  - :uint32
+  - :netscalerUnknown487
+  488:
+  - :uint32
+  - :netscalerUnknown488
+  489:
+  - :uint32
+  - :netscalerUnknown489
+  491:
+  - :uint32
+  - :netscalerUnknown491
+  492:
+  - :uint32
+  - :netscalerUnknown492
+  493:
+  - :uint64
+  - :netscalerUnknown493
+  494:
+  - :uint64
+  - :netscalerUnknown494
+  507:
+  - :uint32
+  - :netscalerUnknown507
+  508:
+  - :uint32
+  - :netscalerUnknown508
+  509:
+  - :uint32
+  - :netscalerUnknown509
+  510:
+  - :uint32
+  - :netscalerUnknown510
+  511:
+  - :uint32
+  - :netscalerUnknown511
+  512:
+  - :uint8
+  - :netscalerUnknown512
+  513:
+  - :uint16
+  - :netscalerUnknown513
+  514:
+  - :uint16
+  - :netscalerUnknown514
+  518:
+  - :uint64
+  - :netscalerUnknown518
+  519:
+  - :uint64
+  - :netscalerUnknown519
+  520:
+  - :uint64
+  - :netscalerUnknown520
+  521:
+  - :uint16
+  - :netscalerUnknown521
+  522:
+  - :uint32
+  - :netscalerUnknown522
+  523:
+  - :uint32
+  - :netscalerUnknown523
+  532:
+  - :uint64
+  - :netscalerUnknown532
+  533:
+  - :uint64
+  - :netscalerUnknown533
+  534:
+  - :uint64
+  - :netscalerUnknown534
+  535:
+  - :uint64
+  - :netscalerUnknown535
+  536:
+  - :uint32
+  - :netscalerUnknown536
+  537:
+  - :uint16
+  - :netscalerUnknown537
+  538:
+  - :uint15
+  - :netscalerUnknown538
+  541:
+  - :uint32
+  - :netscalerUnknown541
 6876:
   880:
   - :uint8

data/lib/logstash/codecs/netflow/netflow.yaml

@@ -247,6 +247,9 @@
 152:
 - 8
 - :flow_start_msec
+153:
+- 8
+- :flow_end_msec
 176:
 - :uint8
 - :icmp_type
@@ -310,6 +313,9 @@
 236:
 - :string
 - :VRFname
+243:
+- :uint16
+- :dot1qVlanId
 281:
 - :ip6_addr
 - :xlate_src_addr_ipv6

data/logstash-codec-netflow.gemspec

@@ -1,9 +1,9 @@
 Gem::Specification.new do |s|
 
   s.name            = 'logstash-codec-netflow'
-  s.version         = '3.7.0'
+  s.version         = '3.7.1'
   s.licenses        = ['Apache License (2.0)']
-  s.summary         = "The netflow codec is for decoding Netflow v5/v9/v10 (IPFIX) flows."
+  s.summary         = "Reads Netflow v5 and Netflow v9 data"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
   s.authors         = ["Elastic"]
   s.email           = 'info@elastic.co'

data/spec/codecs/netflow_spec.rb

@@ -1944,6 +1944,28 @@ describe LogStash::Codecs::Netflow do
       expect{decode.size}.not_to raise_error
     end
   end
+  
+  context "Netflow 9 Cisco 1941/K9 release 15.1 " do
+    let(:data) do
+      data = []
+      data << IO.read(File.join(File.dirname(__FILE__), "netflow9_test_cisco_1941K9.dat"), :mode => "rb")
+    end
+
+    it "should not raise_error" do
+      expect{decode.size}.not_to raise_error
+    end
+  end
+
+  context "Netflow 9 Cisco ASR1001-X " do
+    let(:data) do
+      data = []
+      data << IO.read(File.join(File.dirname(__FILE__), "netflow9_cisco_asr1001x_tpl259.dat"), :mode => "rb")
+    end
+
+    it "should not raise_error" do
+      expect{decode.size}.not_to raise_error
+    end
+  end
 
   context "IPFIX Barracuda firewall" do
     let(:data) do

metadata

@@ -1,22 +1,22 @@
 --- !ruby/object:Gem::Specification
 name: logstash-codec-netflow
 version: !ruby/object:Gem::Version
-  version: 3.7.0
+  version: 3.7.1
 platform: ruby
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-09-29 00:00:00.000000000 Z
+date: 2017-11-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.60'
-    - - <=
+    - - "<="
       - !ruby/object:Gem::Version
         version: '2.99'
   name: logstash-core-plugin-api
@@ -24,16 +24,16 @@ dependencies:
   type: :runtime
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: '1.60'
-    - - <=
+    - - "<="
       - !ruby/object:Gem::Version
         version: '2.99'
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.5.0
   name: bindata
@@ -41,13 +41,13 @@ dependencies:
   type: :runtime
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.5.0
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.0.0
   name: logstash-devutils
@@ -55,10 +55,12 @@ dependencies:
   type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '>='
+    - - ">="
       - !ruby/object:Gem::Version
         version: 1.0.0
-description: This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program
+description: This gem is a Logstash plugin required to be installed on top of the
+  Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This
+  gem is not a stand-alone program
 email: info@elastic.co
 executables: []
 extensions: []
@@ -98,7 +100,9 @@ files:
 - spec/codecs/netflow5_test_invalid02.dat
 - spec/codecs/netflow5_test_juniper_mx80.dat
 - spec/codecs/netflow5_test_microtik.dat
+- spec/codecs/netflow9_cisco_asr1001x_tpl259.dat
 - spec/codecs/netflow9_test_0length_fields_tpl_data.dat
+- spec/codecs/netflow9_test_cisco_1941K9.dat
 - spec/codecs/netflow9_test_cisco_asa_1_data.dat
 - spec/codecs/netflow9_test_cisco_asa_1_tpl.dat
 - spec/codecs/netflow9_test_cisco_asa_2_data.dat
@@ -147,20 +151,20 @@ require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.4.8
+rubygems_version: 2.6.11
 signing_key:
 specification_version: 4
-summary: The netflow codec is for decoding Netflow v5/v9/v10 (IPFIX) flows.
+summary: Reads Netflow v5 and Netflow v9 data
 test_files:
 - spec/codecs/ipfix.dat
 - spec/codecs/ipfix_test_barracuda_data256.dat
@@ -181,7 +185,9 @@ test_files:
 - spec/codecs/netflow5_test_invalid02.dat
 - spec/codecs/netflow5_test_juniper_mx80.dat
 - spec/codecs/netflow5_test_microtik.dat
+- spec/codecs/netflow9_cisco_asr1001x_tpl259.dat
 - spec/codecs/netflow9_test_0length_fields_tpl_data.dat
+- spec/codecs/netflow9_test_cisco_1941K9.dat
 - spec/codecs/netflow9_test_cisco_asa_1_data.dat
 - spec/codecs/netflow9_test_cisco_asa_1_tpl.dat
 - spec/codecs/netflow9_test_cisco_asa_2_data.dat