logstash-codec-nmap 0.0.11 → 0.0.15

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +9 -0
  3. data/lib/logstash/codecs/nmap.rb +14 -3
  4. data/logstash-codec-nmap.gemspec +2 -2
  5. data/spec/codecs/nmap_spec.rb +9 -0
  6. metadata +21 -27
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ebf05a1ad0bf425d2a15b825abf327e0a1a77647
4
- data.tar.gz: 45f9bd20918f3650de8ba7b6f3cd443bc7bf32ab
3
+ metadata.gz: c4283b1e2e5d98d0059a583a7ce15da6556c3863
4
+ data.tar.gz: ae28a0e2d6175d454aaf4b0d865d262599479359
5
5
  SHA512:
6
- metadata.gz: c4a1b180f4390fc46f9e8b16d67df42c8ec0bb38297701a03c8ca3ca5fc434eb36f535286f7c4b77e269631d5a64dded66bec6f618ecc5a205ac7a3ce56f7e2d
7
- data.tar.gz: 7d87b7c877292beffc5aa60f649a96dcaee8302ed0a22c01d7aaeb539b598c0934e2e258361d9d981c48d10f6e2cf85c1caf214914cf1fec797c18bc0a5d5a36
6
+ metadata.gz: 50a779318b18519ec4d2260635420e05678318b859be479e0f3b1b0d8993dcce69aa193299fd7a01f442f881eb6c8c7961576f7bcd5dee346713d9f67f817bda
7
+ data.tar.gz: f30d57dc4a61e340c24262842bdc424baefc84e4f54badb87089a68aa1c02eda626b62ff727b8a75ba93bdb432fe5c77a4a13835ba92fb495ad245f225069dcd
data/CHANGELOG.md CHANGED
@@ -1,3 +1,12 @@
1
+ # 0.0.15
2
+ - Depend on logstash-core-plugin-api instead of logstash-core, removing the need to mass update plugins on major releases of logstash
3
+ # 0.0.14
4
+ - New dependency requirements for logstash-core for the 5.0 release
5
+ ## 0.0.13
6
+ - Actually include 'times' element
7
+ ## 0.0.12
8
+ - Improve mapping examples
9
+ - Fix IDs for nmap_scan_metadata
1
10
  ## 0.0.11
2
11
  - Add start/end times for nmap_scan_metadata documents
3
12
  ## 0.0.10
data/lib/logstash/codecs/nmap.rb CHANGED
@@ -53,11 +53,12 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
53
53
 
54
54
  if @emit_scan_metadata
55
55
  yield LogStash::Event.new(base.merge({
56
+ 'id' => scan_id,
56
57
  'type' => 'nmap_scan_metadata',
57
58
  'host_stats' => scan_host_stats,
58
- 'run_stats' => run_stats,
59
59
  'start_time' => timeify(xml.scanner.start_time),
60
- 'end_time' => run_stats["finished"]["time"]
60
+ 'end_time' => run_stats["finished"]["time"],
61
+ 'run_stats' => hashify_run_stats(xml.run_stats.first)
61
62
  }))
62
63
  end
63
64
 
@@ -122,6 +123,10 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
122
123
  h['start_time'] = timeify(host.start_time, scan_start)
123
124
  h['end_time'] = timeify(host.end_time, scan_start)
124
125
 
126
+ # Needs to be pached in ruby-nmap
127
+ times = host.instance_variable_get(:@node).xpath("times").first
128
+ h['times'] = Hash[times.first.map {|k,v| [k,v.to_i]}] if times
129
+
125
130
  # These two are actually different.
126
131
  # Address may contain a MAC, addresses will not AFAICT
127
132
  h['addresses'] = hashify_structs(host.addresses)
@@ -139,6 +144,12 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
139
144
  h
140
145
  end
141
146
 
147
+ def hashify_run_stats(run_stats)
148
+ h = hashify_struct(run_stats)
149
+ h["elapsed"] = h["elapsed"].to_f
150
+ h
151
+ end
152
+
142
153
  def hashify_status(status)
143
154
  return unless status
144
155
 
@@ -246,7 +257,7 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
246
257
  end
247
258
 
248
259
  def hashify_struct(struct)
249
- Hash[struct.each_pair.map {|k,v| [k, de_keyword(v)]}]
260
+ Hash[struct.each_pair.map {|k,v| [de_keyword(k), de_keyword(v)]}]
250
261
  end
251
262
 
252
263
  def de_keyword(value)
data/logstash-codec-nmap.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'logstash-codec-nmap'
4
- s.version = '0.0.11'
4
+ s.version = '0.0.15'
5
5
  s.licenses = ['Apache License (2.0)']
6
6
  s.summary = "This codec may be used to decode Nmap XML"
7
7
  s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
@@ -20,7 +20,7 @@ Gem::Specification.new do |s|
20
20
  s.metadata = { "logstash_plugin" => "true", "logstash_group" => "codec" }
21
21
 
22
22
  # Gem dependencies
23
- s.add_runtime_dependency "logstash-core", ">= 2.0.0", "< 3.0.0"
23
+ s.add_runtime_dependency "logstash-core-plugin-api", "~> 1.0"
24
24
  s.add_runtime_dependency 'ruby-nmap'
25
25
 
26
26
  s.add_development_dependency 'logstash-devutils'
data/spec/codecs/nmap_spec.rb CHANGED
@@ -27,6 +27,15 @@ describe LogStash::Codecs::Nmap do
27
27
  expect(event).to be_a(LogStash::Event)
28
28
  end
29
29
  end
30
+
31
+ let(:ids) { subject.map {|e| e["id"] } }
32
+ it "should add a unique id field to all events" do
33
+ expect(ids).to eql(ids.uniq)
34
+ end
35
+
36
+ it "should not have any null id fields" do
37
+ expect(ids.include?(nil)).to be_falsey
38
+ end
30
39
  end
31
40
 
32
41
  describe "parsing traceroutes" do
metadata CHANGED
@@ -1,63 +1,57 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-codec-nmap
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.11
4
+ version: 0.0.15
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elastic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-01-27 00:00:00.000000000 Z
11
+ date: 2016-03-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
- name: logstash-core
15
- version_requirements: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - '>='
18
- - !ruby/object:Gem::Version
19
- version: 2.0.0
20
- - - <
21
- - !ruby/object:Gem::Version
22
- version: 3.0.0
23
14
  requirement: !ruby/object:Gem::Requirement
24
15
  requirements:
25
- - - '>='
26
- - !ruby/object:Gem::Version
27
- version: 2.0.0
28
- - - <
16
+ - - "~>"
29
17
  - !ruby/object:Gem::Version
30
- version: 3.0.0
18
+ version: '1.0'
19
+ name: logstash-core-plugin-api
31
20
  prerelease: false
32
21
  type: :runtime
33
- - !ruby/object:Gem::Dependency
34
- name: ruby-nmap
35
22
  version_requirements: !ruby/object:Gem::Requirement
36
23
  requirements:
37
- - - '>='
24
+ - - "~>"
38
25
  - !ruby/object:Gem::Version
39
- version: '0'
26
+ version: '1.0'
27
+ - !ruby/object:Gem::Dependency
40
28
  requirement: !ruby/object:Gem::Requirement
41
29
  requirements:
42
- - - '>='
30
+ - - ">="
43
31
  - !ruby/object:Gem::Version
44
32
  version: '0'
33
+ name: ruby-nmap
45
34
  prerelease: false
46
35
  type: :runtime
47
- - !ruby/object:Gem::Dependency
48
- name: logstash-devutils
49
36
  version_requirements: !ruby/object:Gem::Requirement
50
37
  requirements:
51
- - - '>='
38
+ - - ">="
52
39
  - !ruby/object:Gem::Version
53
40
  version: '0'
41
+ - !ruby/object:Gem::Dependency
54
42
  requirement: !ruby/object:Gem::Requirement
55
43
  requirements:
56
- - - '>='
44
+ - - ">="
57
45
  - !ruby/object:Gem::Version
58
46
  version: '0'
47
+ name: logstash-devutils
59
48
  prerelease: false
60
49
  type: :development
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
61
55
  description: This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program
62
56
  email: info@elastic.co
63
57
  executables: []
@@ -94,12 +88,12 @@ require_paths:
94
88
  - lib
95
89
  required_ruby_version: !ruby/object:Gem::Requirement
96
90
  requirements:
97
- - - '>='
91
+ - - ">="
98
92
  - !ruby/object:Gem::Version
99
93
  version: '0'
100
94
  required_rubygems_version: !ruby/object:Gem::Requirement
101
95
  requirements:
102
- - - '>='
96
+ - - ">="
103
97
  - !ruby/object:Gem::Version
104
98
  version: '0'
105
99
  requirements: []