logstash-codec-nmap 0.0.10 → 0.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +2 -0
- data/lib/logstash/codecs/nmap.rb +14 -2
- data/logstash-codec-nmap.gemspec +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ebf05a1ad0bf425d2a15b825abf327e0a1a77647
|
|
4
|
+
data.tar.gz: 45f9bd20918f3650de8ba7b6f3cd443bc7bf32ab
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c4a1b180f4390fc46f9e8b16d67df42c8ec0bb38297701a03c8ca3ca5fc434eb36f535286f7c4b77e269631d5a64dded66bec6f618ecc5a205ac7a3ce56f7e2d
|
|
7
|
+
data.tar.gz: 7d87b7c877292beffc5aa60f649a96dcaee8302ed0a22c01d7aaeb539b598c0934e2e258361d9d981c48d10f6e2cf85c1caf214914cf1fec797c18bc0a5d5a36
|
data/CHANGELOG.md
CHANGED
data/lib/logstash/codecs/nmap.rb
CHANGED
|
@@ -3,7 +3,10 @@ require "logstash/codecs/base"
|
|
|
3
3
|
require "nmap/xml"
|
|
4
4
|
require 'securerandom'
|
|
5
5
|
|
|
6
|
-
# This codec
|
|
6
|
+
# This codec is used to parse https://nmap.org/[namp] output data which is serialized in XML format. Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing.
|
|
7
|
+
# For more information on nmap, see https://nmap.org/.
|
|
8
|
+
#
|
|
9
|
+
# This codec can only be used for decoding data.
|
|
7
10
|
#
|
|
8
11
|
# Event types are listed below
|
|
9
12
|
#
|
|
@@ -41,11 +44,20 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
|
|
|
41
44
|
# This really needs to be put into ruby-nmap
|
|
42
45
|
scan_host_stats = Hash[xml.instance_variable_get(:@doc).xpath('/nmaprun[@scanner="nmap"]/runstats/hosts').first.attributes.map {|k,v| [k,v.value.to_i]}]
|
|
43
46
|
|
|
47
|
+
finished_info = Hash[xml.instance_variable_get(:@doc).xpath('/nmaprun[@scanner="nmap"]/runstats/finished').first.attributes.map {|k,v| [k,v.value] }]
|
|
48
|
+
finished_info["elapsed"] = finished_info["elapsed"].to_f
|
|
49
|
+
finished_info["time"] = timeify(Time.at(finished_info["time"].to_i))
|
|
50
|
+
|
|
51
|
+
run_stats = hashify_struct(xml.run_stats.first)
|
|
52
|
+
run_stats["finished"] = finished_info
|
|
53
|
+
|
|
44
54
|
if @emit_scan_metadata
|
|
45
55
|
yield LogStash::Event.new(base.merge({
|
|
46
56
|
'type' => 'nmap_scan_metadata',
|
|
47
57
|
'host_stats' => scan_host_stats,
|
|
48
|
-
'run_stats' =>
|
|
58
|
+
'run_stats' => run_stats,
|
|
59
|
+
'start_time' => timeify(xml.scanner.start_time),
|
|
60
|
+
'end_time' => run_stats["finished"]["time"]
|
|
49
61
|
}))
|
|
50
62
|
end
|
|
51
63
|
|
data/logstash-codec-nmap.gemspec
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
|
|
3
3
|
s.name = 'logstash-codec-nmap'
|
|
4
|
-
s.version = '0.0.
|
|
4
|
+
s.version = '0.0.11'
|
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
|
6
6
|
s.summary = "This codec may be used to decode Nmap XML"
|
|
7
7
|
s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
|