logstash-codec-nmap 0.0.11 → 0.0.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +9 -0
  3. data/lib/logstash/codecs/nmap.rb +14 -3
  4. data/logstash-codec-nmap.gemspec +2 -2
  5. data/spec/codecs/nmap_spec.rb +9 -0
  6. metadata +21 -27
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ebf05a1ad0bf425d2a15b825abf327e0a1a77647
4
- data.tar.gz: 45f9bd20918f3650de8ba7b6f3cd443bc7bf32ab
3
+ metadata.gz: c4283b1e2e5d98d0059a583a7ce15da6556c3863
4
+ data.tar.gz: ae28a0e2d6175d454aaf4b0d865d262599479359
5
5
  SHA512:
6
- metadata.gz: c4a1b180f4390fc46f9e8b16d67df42c8ec0bb38297701a03c8ca3ca5fc434eb36f535286f7c4b77e269631d5a64dded66bec6f618ecc5a205ac7a3ce56f7e2d
7
- data.tar.gz: 7d87b7c877292beffc5aa60f649a96dcaee8302ed0a22c01d7aaeb539b598c0934e2e258361d9d981c48d10f6e2cf85c1caf214914cf1fec797c18bc0a5d5a36
6
+ metadata.gz: 50a779318b18519ec4d2260635420e05678318b859be479e0f3b1b0d8993dcce69aa193299fd7a01f442f881eb6c8c7961576f7bcd5dee346713d9f67f817bda
7
+ data.tar.gz: f30d57dc4a61e340c24262842bdc424baefc84e4f54badb87089a68aa1c02eda626b62ff727b8a75ba93bdb432fe5c77a4a13835ba92fb495ad245f225069dcd
data/CHANGELOG.md CHANGED
@@ -1,3 +1,12 @@
1
+ # 0.0.15
2
+ - Depend on logstash-core-plugin-api instead of logstash-core, removing the need to mass update plugins on major releases of logstash
3
+ # 0.0.14
4
+ - New dependency requirements for logstash-core for the 5.0 release
5
+ ## 0.0.13
6
+ - Actually include 'times' element
7
+ ## 0.0.12
8
+ - Improve mapping examples
9
+ - Fix IDs for nmap_scan_metadata
1
10
  ## 0.0.11
2
11
  - Add start/end times for nmap_scan_metadata documents
3
12
  ## 0.0.10
data/lib/logstash/codecs/nmap.rb CHANGED
@@ -53,11 +53,12 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
53
53
 
54
54
  if @emit_scan_metadata
55
55
  yield LogStash::Event.new(base.merge({
56
+ 'id' => scan_id,
56
57
  'type' => 'nmap_scan_metadata',
57
58
  'host_stats' => scan_host_stats,
58
- 'run_stats' => run_stats,
59
59
  'start_time' => timeify(xml.scanner.start_time),
60
- 'end_time' => run_stats["finished"]["time"]
60
+ 'end_time' => run_stats["finished"]["time"],
61
+ 'run_stats' => hashify_run_stats(xml.run_stats.first)
61
62
  }))
62
63
  end
63
64
 
@@ -122,6 +123,10 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
122
123
  h['start_time'] = timeify(host.start_time, scan_start)
123
124
  h['end_time'] = timeify(host.end_time, scan_start)
124
125
 
126
+ # Needs to be pached in ruby-nmap
127
+ times = host.instance_variable_get(:@node).xpath("times").first
128
+ h['times'] = Hash[times.first.map {|k,v| [k,v.to_i]}] if times
129
+
125
130
  # These two are actually different.
126
131
  # Address may contain a MAC, addresses will not AFAICT
127
132
  h['addresses'] = hashify_structs(host.addresses)
@@ -139,6 +144,12 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
139
144
  h
140
145
  end
141
146
 
147
+ def hashify_run_stats(run_stats)
148
+ h = hashify_struct(run_stats)
149
+ h["elapsed"] = h["elapsed"].to_f
150
+ h
151
+ end
152
+
142
153
  def hashify_status(status)
143
154
  return unless status
144
155
 
@@ -246,7 +257,7 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
246
257
  end
247
258
 
248
259
  def hashify_struct(struct)
249
- Hash[struct.each_pair.map {|k,v| [k, de_keyword(v)]}]
260
+ Hash[struct.each_pair.map {|k,v| [de_keyword(k), de_keyword(v)]}]
250
261
  end
251
262
 
252
263
  def de_keyword(value)
data/logstash-codec-nmap.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'logstash-codec-nmap'
4
- s.version = '0.0.11'
4
+ s.version = '0.0.15'
5
5
  s.licenses = ['Apache License (2.0)']
6
6
  s.summary = "This codec may be used to decode Nmap XML"
7
7
  s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
20
20
  s.metadata = { "logstash_plugin" => "true", "logstash_group" => "codec" }
21
21
 
22
22
  # Gem dependencies
23
- s.add_runtime_dependency "logstash-core", ">= 2.0.0", "< 3.0.0"
23
+ s.add_runtime_dependency "logstash-core-plugin-api", "~> 1.0"
24
24
  s.add_runtime_dependency 'ruby-nmap'
25
25
 
26
26
  s.add_development_dependency 'logstash-devutils'
data/spec/codecs/nmap_spec.rb CHANGED
@@ -27,6 +27,15 @@ describe LogStash::Codecs::Nmap do
27
27
  expect(event).to be_a(LogStash::Event)
28
28
  end
29
29
  end
30
+
31
+ let(:ids) { subject.map {|e| e["id"] } }
32
+ it "should add a unique id field to all events" do
33
+ expect(ids).to eql(ids.uniq)
34
+ end
35
+
36
+ it "should not have any null id fields" do
37
+ expect(ids.include?(nil)).to be_falsey
38
+ end
30
39
  end
31
40
 
32
41
  describe "parsing traceroutes" do
metadata CHANGED
@@ -1,63 +1,57 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-codec-nmap
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.11
4
+ version: 0.0.15
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elastic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-01-27 00:00:00.000000000 Z
11
+ date: 2016-03-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: logstash-core
15
- version_requirements: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - '>='
18
- - !ruby/object:Gem::Version
19
- version: 2.0.0
20
- - - <
21
- - !ruby/object:Gem::Version
22
- version: 3.0.0
23
14
  requirement: !ruby/object:Gem::Requirement
24
15
  requirements:
25
- - - '>='
26
- - !ruby/object:Gem::Version
27
- version: 2.0.0
28
- - - <
16
+ - - "~>"
29
17
  - !ruby/object:Gem::Version
30
- version: 3.0.0
18
+ version: '1.0'
19
+ name: logstash-core-plugin-api
31
20
  prerelease: false
32
21
  type: :runtime
33
- - !ruby/object:Gem::Dependency
34
- name: ruby-nmap
35
22
  version_requirements: !ruby/object:Gem::Requirement
36
23
  requirements:
37
- - - '>='
24
+ - - "~>"
38
25
  - !ruby/object:Gem::Version
39
- version: '0'
26
+ version: '1.0'
27
+ - !ruby/object:Gem::Dependency
40
28
  requirement: !ruby/object:Gem::Requirement
41
29
  requirements:
42
- - - '>='
30
+ - - ">="
43
31
  - !ruby/object:Gem::Version
44
32
  version: '0'
33
+ name: ruby-nmap
45
34
  prerelease: false
46
35
  type: :runtime
47
- - !ruby/object:Gem::Dependency
48
- name: logstash-devutils
49
36
  version_requirements: !ruby/object:Gem::Requirement
50
37
  requirements:
51
- - - '>='
38
+ - - ">="
52
39
  - !ruby/object:Gem::Version
53
40
  version: '0'
41
+ - !ruby/object:Gem::Dependency
54
42
  requirement: !ruby/object:Gem::Requirement
55
43
  requirements:
56
- - - '>='
44
+ - - ">="
57
45
  - !ruby/object:Gem::Version
58
46
  version: '0'
47
+ name: logstash-devutils
59
48
  prerelease: false
60
49
  type: :development
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
61
55
  description: This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program
62
56
  email: info@elastic.co
63
57
  executables: []
@@ -94,12 +88,12 @@ require_paths:
94
88
  - lib
95
89
  required_ruby_version: !ruby/object:Gem::Requirement
96
90
  requirements:
97
- - - '>='
91
+ - - ">="
98
92
  - !ruby/object:Gem::Version
99
93
  version: '0'
100
94
  required_rubygems_version: !ruby/object:Gem::Requirement
101
95
  requirements:
102
- - - '>='
96
+ - - ">="
103
97
  - !ruby/object:Gem::Version
104
98
  version: '0'
105
99
  requirements: []