logstash-codec-nmap 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/logstash/codecs/nmap.rb +14 -7
- data/logstash-codec-nmap.gemspec +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5969f730565fa962d58219e6dd6032cccbe14a49
|
|
4
|
+
data.tar.gz: 072c6037821a359b1072fa0a05b0bd9ed7e57e13
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9957baa3f0a96376016da2916fdc4cf879c14d3ce4687f348d21e0b2e58da2f4f6898b43dba6296cf24f97977d0a4cc004ceafdc13331eef15bc634145b843c1
|
|
7
|
+
data.tar.gz: d51793dc81e262fbcd06171c83ce134ac0237cc4d7dfe5bf50ef4b5c609c7bb63a1e850b911ed0e0bfb6151c102461d6d2a2d13fa6e65ed548b0a161d8b8cfe3
|
data/lib/logstash/codecs/nmap.rb
CHANGED
|
@@ -8,7 +8,6 @@ require "nmap/xml"
|
|
|
8
8
|
class LogStash::Codecs::Nmap < LogStash::Codecs::Base
|
|
9
9
|
config_name "nmap"
|
|
10
10
|
|
|
11
|
-
|
|
12
11
|
public
|
|
13
12
|
def register
|
|
14
13
|
end
|
|
@@ -25,7 +24,6 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
|
|
|
25
24
|
yield event
|
|
26
25
|
end
|
|
27
26
|
rescue StandardError => e
|
|
28
|
-
raise e #TODO: REMOVEME
|
|
29
27
|
@logger.warn("An unexpected error occurred parsing nmap XML",
|
|
30
28
|
:input => data,
|
|
31
29
|
:message => e.message,
|
|
@@ -35,8 +33,8 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
|
|
|
35
33
|
|
|
36
34
|
def host_to_event(host)
|
|
37
35
|
event = LogStash::Event.new()
|
|
38
|
-
event['start_time'.freeze] = host.start_time
|
|
39
|
-
event['end_time'.freeze] = host.end_time
|
|
36
|
+
event['start_time'.freeze] = timeify(host.start_time)
|
|
37
|
+
event['end_time'.freeze] = timeify(host.end_time)
|
|
40
38
|
|
|
41
39
|
# These two are actually different.
|
|
42
40
|
# Address may contain a MAC, addresses will not AFAICT
|
|
@@ -61,7 +59,7 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
|
|
|
61
59
|
return unless status
|
|
62
60
|
|
|
63
61
|
{
|
|
64
|
-
'state'.freeze => status.state, # str
|
|
62
|
+
'state'.freeze => status.state.to_s, # str
|
|
65
63
|
'reason'.freeze => status.reason # str
|
|
66
64
|
}
|
|
67
65
|
end
|
|
@@ -105,7 +103,7 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
|
|
|
105
103
|
|
|
106
104
|
{
|
|
107
105
|
'seconds'.freeze => uptime.seconds,
|
|
108
|
-
'last_boot'.freeze => uptime.last_boot
|
|
106
|
+
'last_boot'.freeze => timeify(uptime.last_boot)
|
|
109
107
|
}
|
|
110
108
|
end
|
|
111
109
|
|
|
@@ -159,6 +157,15 @@ class LogStash::Codecs::Nmap < LogStash::Codecs::Base
|
|
|
159
157
|
end
|
|
160
158
|
|
|
161
159
|
def hashify_struct(struct)
|
|
162
|
-
Hash[struct.each_pair.
|
|
160
|
+
Hash[struct.each_pair.map {|k,v| [k, de_keyword(v)]}]
|
|
161
|
+
end
|
|
162
|
+
|
|
163
|
+
def de_keyword(value)
|
|
164
|
+
value.is_a?(Symbol) ? value.to_s : value
|
|
163
165
|
end
|
|
166
|
+
|
|
167
|
+
def timeify(time)
|
|
168
|
+
time ? LogStash::Timestamp.new(time) : nil
|
|
169
|
+
end
|
|
170
|
+
|
|
164
171
|
end
|
data/logstash-codec-nmap.gemspec
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
|
|
3
3
|
s.name = 'logstash-codec-nmap'
|
|
4
|
-
s.version = '0.0.
|
|
4
|
+
s.version = '0.0.2'
|
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
|
6
6
|
s.summary = "This codec may be used to decode Nmap XML"
|
|
7
7
|
s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
|