logstash-filter-LDAPresolve 0.1.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 3d8cee25a04c992f639bf3007edc11cc618503ef
+  data.tar.gz: 9c99de7ed399ac6c2429d4a0dca4f0aa01e209c5
+SHA512:
+  metadata.gz: c3a8a7bb0e9c246047811f2d707366af818bb6a3b045341fa3afd08c60d34ba195483ecf8d17fdf0ab2630e223060784c163b6049e74347cfaaf94a0e7b5ffa4
+  data.tar.gz: 1bc3391cfac2e608d3b97482f0cd9e28aeb109bc293646ac24d3c1c953b6fa79118cd1d1962da0d311469a45f69d25852b36074bd30a57404c4965d456dbd5a2

data/.gitignore

@@ -0,0 +1,5 @@
+*.gem
+Gemfile.lock
+Gemfile.bak
+.bundle
+vendor

data/CONTRIBUTORS

@@ -0,0 +1,11 @@
+The following is a list of people who have contributed ideas, code, bug
+reports, or in general have helped logstash along its way.
+
+Contributors:
+* Aaron Mildenstein (untergeek)
+* Pier-Hugues Pellerin (ph)
+
+Note: If you've sent us patches, bug reports, or otherwise contributed to
+Logstash, and you aren't on the list above and want to be, please let us know
+and we'll make sure you're here. Contributions from folks like you are what make
+open source awesome.

data/DEVELOPER.md

@@ -0,0 +1,2 @@
+# logstash-filter-LDAPresolve
+filter plugin to resolve user full name and user group from uid using LDAP

data/Gemfile

@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gemspec

data/LICENSE

@@ -0,0 +1,13 @@
+Copyright (c) 2012–2015 Elasticsearch <http://www.elastic.co>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

data/NOTICE.TXT

@@ -0,0 +1,5 @@
+Elasticsearch
+Copyright 2012-2015 Elasticsearch
+
+This product includes software developed by The Apache Software
+Foundation (http://www.apache.org/).

data/README.md

@@ -0,0 +1,156 @@
+# LDAPresolve Logstash Plugin
+
+This is a plugin for [Logstash](https://github.com/elasticsearch/logstash).
+
+It is fully free and fully open source. The license is Apache 2.0, meaning you are pretty much free to use it however you want in whatever way.
+
+## Documentation
+
+LDAPresolve filter will add to the event the fields 'login', 'user' and 'group' based on LDAP request 
+ with provided uidNumber information. 
+ and add LDAP_OK tag on success, otherwise error tag 
+    LDAP_ERR: some LDAP connection or schema error
+    LDAP_UNK_USER: unknow uidNumber 
+    LDAP_UNK_GROUP: unknow group 
+
+ This filter useby default LDAPS but can be configure to use plain LDAP.
+ you can select the protocol you want to use via the use_ssl config setting
+
+ As all filters, this filter only processes 1 event at a time, so using this plugin can 
+ significantly slow down your pipeline's throughput if you have a high latency network.
+ In order to reduce the slow down a cache mechanism is provided. 
+ Cache holds the relevant information for a given uidNumber (full user name, group), and cache 
+ entries are tagged with a timestamp of cache introduction
+ Basicaly uidNumber is first searched using the cache on the cache, checked for the timestamp.
+ if cache introduction time is older than persistence time then it is considered as not found and a LDAP
+ request is performed and cache updated for this specific uidNumber.
+
+ cache use and cache persistence time are adjustable form the config.
+
+ LDAP tree naming and schema may vary. 
+ You must specify the DN where to lookcup for user and group information
+ User and group attributes are set to some reasonable values and are overwritable via the config
+    user attributes : 'uid', 'gidNumber', 'givenName', 'sn'
+    group attributes: 'dn'
+
+ If uidNumber is not found in LDAP, for user and group are set to default values, eg: Unknown.
+
+## Example
+
+assume we have on LDAPS (with no authent) an user John DOE with uidNumber 25377 that pertains to group nobody
+For example with following envent structure.
+``` 
+ {
+     "@version" => "1",
+   "@timestamp" => "2015-06-29:00:00.000Z",
+   "some_infos" => 'foo bar"
+ }
+```
+
+and the following init configuration 
+``` 
+LDAPresolve {
+    uidNumber => 25377
+    host      => "ldaps.pasteur.fr"
+    userdn    => "ou=utilisateurs,dc=pasteur,dc=fr"
+    groupdn   => "ou=entites,ou=groupes,dc=pasteur,dc=fr"
+}
+```
+
+we will get this output
+```
+ {
+     "@version" => "1",
+   "@timestamp" => "2015-06-29:00:00.000Z",
+   "some_infos" => 'foo bar"
+         "user" => "John DOE"
+        "group" => "nobody"
+        "login" => "jdoe"
+ }
+```
+
+# Usage
+
+## 1 Installation
+
+You can use the built-in plugin tool from Logstash to install the filter from https://rubygems.org/gems/logstash-filter-LDAPresolve
+
+```
+$LS_HOME/bin/plugin install logstash-filter-LDAPresolve
+```
+
+Or you can build it yourself:
+
+```
+git clone https://github.com/EricDeveaud/logstash_filter_LDAPresolve
+cd logstash_filter_LDAPresolve
+bundle install
+bundle exec rspec
+gem build logstash-filter-LDAPresolve.gemspec
+$LS_HOME/bin/plugin install ./logstash-filter-rest-0.1.0.gem
+```
+
+## 2 Configuration
+
+Add the following to the #filter# section of your logstash configuration 
+
+#### mandatory elements
+```sh
+LDAPresolve {
+    uidNumber  => 7225
+    host       => "ldap.somewhere.org"
+    userdn     => "ou=users,dc=somewhere,dc=org"
+    groupdn    => "ou=groups,dc=somewhere,dc=org"
+}
+```
+
+#### auxiliary arguments
+
+if your LDAP server use another port than the (339) default one 
+```sh
+    ldap_port  => 1234
+```
+
+if your LDAPS server use another port than the (636) default one 
+```sh
+   ldaps_port  => 1234
+```
+
+if you use a login//passord to log to your LDAP server
+```sh
+   username    => "some_loggin"
+   passord     => "secretPassword"
+```
+
+if your LDAP use some specific attributes you can specify them for the filtering request
+```sh
+   userattrs   => ['attr1', 'attr2', ..] 
+   groupattrs  => ['attr1', 'attr2', ..]
+```
+
+defaut atributes used by LDAPresolve are the following:
+```sh
+   userattrs => ['uid', 'gidNumber', 'givenName', 'sn'] that suits the posix account definitions.
+   groupattrs  => ['dn']
+```
+
+## 3 Cache or not cache
+
+LDAPresolve uses a basic cache mechanism by default. This cache mechanism can be disabled using the following configuration options
+
+```sh
+   usecache    => false
+```
+
+Cache retention is set by default to 300 second. you can change the cache retention duration using the following configuration options
+
+```sh
+   cache_interval => number_of_seconds 
+```
+
+# Contributing
+All contributions are welcome: ideas, patches, documentation, bug reports, complaints, usggestions ... 
+
+
+
+

data/Rakefile

@@ -0,0 +1 @@
+require "logstash/devutils/rake"

data/lib/logstash/filters/LDAPresolve.rb

@@ -0,0 +1,259 @@
+# encoding: utf-8
+require "logstash/filters/base"
+require "logstash/namespace"
+
+# LDAPresolve filter will add to the event the fields 'login', 'user' and 'group' based on LDAP request 
+# with provided uidNumber information. 
+# and add LDAP_OK on success, otherwise  error tags are added to the event
+#   * LDAP_ERR: some LDAP connection or schema error
+#   * LDAP_UNK_USER: unknow uidNumber 
+#   * LDAP_UNK_GROUP: unknow group 
+#
+# This filter use by default LDAPS but can be configured to use plain LDAP.
+# you can select the protocol you want to use via the use_ssl config setting
+#
+# As all filters, this filter only processes 1 event at a time, so using this plugin can 
+# significantly slow down your pipeline's throughput if you have a high latency network.
+# In order to reduce the slow down a cache mechanism is provided. 
+# Cache holds the relevant information for a given uidNumber (full user name, group), and cache 
+# entries are tagged with a timestamp of cache introduction
+# Basicaly uidNumber is first searched using the cache on the cache, checked for the timestamp.
+# if cache introduction time is older than persistence time then it is considered as not found and a LDAP
+# request is performed and cache updated for this specific uidNumber.
+#
+# cache use and cache persistence time are adjustable form the config.
+#
+# LDAP tree naming and schema may vary. 
+# You must specify the DN where to lookcup for user and group information
+# User and group attributes are set to some reasonable values and are overwritable via the config
+#    user attributes : 'uid', 'gidNumber', 'givenName', 'sn'
+#    group attributes: 'dn'
+#
+# If uidNumber is not found in LDAP, for user and group are set to default values, eg: Unknown
+#
+#
+# configure this filter from your Logstash filter config.
+# [source, ruby] 
+# filter {
+#   LDAPresolve {
+#     uidNumber  => uidNumber to resolve
+#     host       => "my.LDAP.Server" 
+#     userdn     => "Domain Name to search for users information"
+#     groupdn    => "Domain Name to search for group information"
+#     ldap_port  => LDAP Server port (Default: 389)
+#     ldaps_port => LDAPS Server port (Default: 636)
+#     use_ssl    => boolean (Default: true)
+#     username   => "username to log on LDAP server" (Default '')
+#     password   => "password to log on the LDAP server" Default '')
+#   }
+# }
+#
+# Example
+#
+# assume we have on LDAPS (with no authent) an user John DOE with uidNumber 25377 that pertains to group nobody
+# For example with following envent structure.
+#  {
+#      "@version" => "1",
+#    "@timestamp" => "2015-06-29:00:00.000Z",
+#    "some_infos" => 'foo bar"
+#  }
+#
+# and the following init configuration 
+#
+# LDAPresolve {
+#     uidNumber => 25377
+#     host      => "ldaps.pasteur.fr"
+#     userdn    => "ou=utilisateurs,dc=pasteur,dc=fr"
+#     groupdn   => "ou=entites,ou=groupes,dc=pasteur,dc=fr"
+# }
+# 
+# we will get this output
+#
+#  {
+#      "@version" => "1",
+#    "@timestamp" => "2015-06-29:00:00.000Z",
+#    "some_infos" => 'foo bar"
+#          "user" => "John DOE"
+#         "group" => "nobody"
+#         "login" => "jdoe"  
+#  }
+
+class LogStash::Filters::LDAPresolve < LogStash::Filters::Base
+
+  config_name "LDAPresolve"
+
+  # uidNumber to resolve.
+  config :uidNumber, :validate => :string, :required => true
+
+  ##--- LDAP server specific configuration
+  # LDAP host name
+  config :host, :validate => :string, :required => true
+  # LDAP//LDAPS port
+  config :ldap_port, :validate => :number, :required => false, :default => 389
+  config :ldaps_port, :validate => :number, :required => false, :default => 636
+  # use SSL ?
+  config :use_ssl, :validate => :boolean, :required => false, :default => false
+  # LDAP username used to log to LDAP server
+  config :username, :validate => :username, :required => false
+  # LDAP password used to log to LDAP server
+  config :password, :validate => :password, :required => false
+  # as LDAP tree naming convention may vary, you must specify the dn to use for OU's user
+  config :userdn, :validate => :string, :required => true 
+  config :userattrs, :validate => :array, :required => false,  :default => ['uid', 'gidNumber', 'givenName', 'sn']
+  # as LDAP tree naming convention may vary, you must specify the dn to use for OU's group
+  config :groupdn, :validate => :string, :required => true 
+  config :groupattrs, :validate => :array, :required => false, :default => ['dn']
+
+  ##--- cache settings true//false and time of cache renewal in sec
+  # shall we use caching true//false
+  config :useCache, :validate => :boolean, :required => false, :default => true
+  # cache persistence in second.
+  config :cache_interval, :validate => :number, :required => false, :default => 300
+
+  
+  public
+  def register
+    require 'ldap'
+    @cache = {}
+    @DEFAULT = "Unknown"
+    @SUCCESS = "LDAP_OK"
+    @FAILURE = "LDAP_ERR"
+    @UNKNOWN = "LDAP_UNK"
+  end 
+
+  public
+  def filter(event)
+    exitstatus = @SUCCESS
+    ##--- first check cache for provided uidNumber
+    cached = false
+    if @useCache
+        cached = cached?(@uidNumber) 
+    end
+
+    if cached
+        login, user , group = cached
+    else
+        @logger.info("prompt LDAP for #{@uidNumber} informations")
+        if use_ssl
+            conn = LDAP::SSLConn.new(host=@host, port=@ldaps_port)
+        else
+            conn = LDAP::Conn.new(host=@host, port=@ldap_port)
+        end
+        
+        res = ldapsearch(conn, uidNumber)
+        user = res['user']
+        group = res['group']
+        login = res['login']
+        exitstatus = res['status']
+        errmsg = res['err']
+
+        ##--- cache infos.
+        cacheUID(@uidNumber, login, user, group)
+    end 
+
+    ##--- finaly change event to embed login, user and group information
+    event["user"] = user
+    event["group"] = group
+    event["login"] = login
+
+    ##--- add LDAPresolve exit tag, We can use this later to reparse+reindex logs if necessaryi.
+    if event["tags"] 
+        event["tags"] << exitstatus
+    else
+        event["tags"]=[exitstatus]
+    end
+
+    # filter_matched should go in the last line of our successful code
+    filter_matched(event)
+  end # def filter
+
+
+  private
+
+  def cached?(uidNumber) 
+    # checks if pgiven uidNumber appear in the cache
+    # then check for time it resides on the cache. 
+    # if cache introdution time > cache_interval. claim that uidNumber is not cached to force 
+    # update by the caller .
+    cached = @cache.fetch(uidNumber, false) 
+    if cached and Time.now - cached[3] <= @cache_interval
+        return cached[0], cached[1], cached[2]
+    end
+    return false
+  end
+        
+  def cacheUID(uidNumber, login, user, group)
+    # basic caching mechanism using a hash 
+    # caveats, no size control.
+    @cache[uidNumber] = [login, user, group, Time.now]
+  end 
+
+  def ldapsearch(conn, uidNumber)
+    ret = { 'login' => @DEFAULT, 'user'  => @DEFAULT, 'group' => @DEFAULT, 'status' => @SUCCESS, 'err' => "" }
+    gid = 0
+
+    begin 
+        conn.bind(username, password) 
+    rescue LDAP::Error => err
+        @logger.error("Error: #{err.message}")
+        ret['err'] = err
+        ret['status']  = @FAILURE
+        return ret
+    end 
+
+
+    # ok we bound, start search
+    scope = LDAP::LDAP_SCOPE_SUBTREE 
+    ##--- search LDAP for the user name
+    begin
+        conn.search(@userdn, scope, "(& (objectclass=posixAccount) (uidNumber=#{@uidNumber}))", @userattrs) { |entry|
+            
+            # convert entry object to hash for easier manipulation
+            hashEntry = {}
+            for k in entry.get_attributes
+                hashEntry[k] = entry.vals(k).join(" ")
+            end 
+            # generate user full name.
+            # in posix account we expect at least uid, gidNumber
+            # givenName and sn may be ommited so provide default value 
+            ret['user']  = "#{hashEntry.fetch("givenName", "")} #{hashEntry.fetch("sn", @DEFAULT)}".strip
+            ret['login'] = "#{hashEntry.fetch("uid")}"
+    
+            # extract gid for further interogation
+            gid = hashEntry.fetch("gidNumber", 0)
+            match = 1
+        }
+    rescue LDAP::Error => err
+        @logger.error("Error: #{err.message}")
+        ret['err'] = err
+        ret['status']  = @FAILURE
+        return ret
+    end 
+
+    if ret['user'] == @DEFAULT
+        ret['status'] = "#{@UNKNOWN}_USER"
+        return ret
+    end    
+
+    ##--- search for GROUP name
+    filter = "(& (objectclass=posixGroup) (gidNumber=#{gid}))" 
+    begin
+        conn.search(@groupdn, scope, filter, @groupattrs) { |entry|
+            ret['group'] = entry.dn.split(',')[0].split('=')[1]
+        }
+    rescue LDAP::Error => err
+        @logger.error("Error: #{err.message}")
+        ret['err'] = err
+        ret['status']  = @FAILURE
+        return ret
+    end
+
+    if ret['group'] == @DEFAULT
+        ret['status'] = "#{@UNKNOWN}_GROUP"
+        ret['group'] =ret['user']
+        return ret
+    end
+ 
+    return ret
+  end 
+end # class LogStash::Filters::LDAPresolve

data/logstash-filter-LDAPresolve.gemspec

@@ -0,0 +1,24 @@
+Gem::Specification.new do |s|
+  s.name = 'logstash-filter-LDAPresolve'
+  s.version         = '0.1.1'
+  s.licenses = ['Apache License (2.0)']
+  s.summary = "This filter adds infodrmation fields from LDAP server based on the provided uid."
+  s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
+  s.authors = ["Eric Deveaud"]
+  s.email = 'edeveaud@pasteur.fr'
+  s.homepage = "http://projets.pasteur.fr"
+  s.require_paths = ["lib"]
+
+  # Files
+  s.files = `git ls-files`.split($\)
+   # Tests
+  s.test_files = s.files.grep(%r{^(test|spec|features)/})
+
+  # Special flag to let us know this is actually a logstash plugin
+  s.metadata = { "logstash_plugin" => "true", "logstash_group" => "filter" }
+
+  # Gem dependencies
+  s.add_runtime_dependency "logstash-core", '>= 1.4.0', '< 2.0.0'
+  s.add_runtime_dependency "jruby-ldap"
+  s.add_development_dependency 'logstash-devutils'
+end

data/spec/filters/LDAPresolve_spec.rb

@@ -0,0 +1,127 @@
+require 'spec_helper'
+require "logstash/filters/LDAPresolve"
+
+describe LogStash::Filters::LDAPresolve do
+
+  describe "check bind error" do
+    let(:config) do <<-CONFIG
+      filter {
+        LDAPresolve {
+          host    => "none.pasteur.fr"
+          userdn  => "ou=utilisateurs,dc=pasteur,dc=fr"
+          groupdn => "ou=entites,ou=groupes,dc=pasteur,dc=fr"
+          uidNumber     => 1234
+        }
+      }
+    CONFIG
+    end
+
+    sample("test" => "test" ) do
+      expect(subject).to include('tags')
+      expect(subject["tags"]).to eq(["LDAP_ERR"])
+
+    end
+  end # bind test
+   
+#  describe "unknown uidNumber" do
+#    let(:config) do <<-CONFIG
+#      filter {
+#        LDAPresolve {
+#          host    => "ldap.pasteur.fr"
+#          userdn  => "ou=utilisateurs,dc=pasteur,dc=fr"
+#          groupdn => "ou=entites,ou=groupes,dc=pasteur,dc=fr"
+#          uidNumber     => 1234567890
+#        }
+#      }
+#    CONFIG
+#    end
+#
+#    sample("test" => "test" ) do
+#      expect(subject).to include('user')
+#      expect(subject["user"]).to eq('Unknown')
+#      expect(subject).to include('group')
+#      expect(subject["group"]).to eq('Unknown')
+#      expect(subject).to include('tags')
+#      expect(subject["tags"]).to eq(["LDAP_UNK_USER"])
+#
+#    end
+#  end # end unknow uid
+#
+#  
+#  describe "uidNumber with no associated group" do
+#    let(:config) do <<-CONFIG
+#      filter {
+#        LDAPresolve {
+#          host    => "ldap.pasteur.fr"
+#          userdn  => "ou=utilisateurs,dc=pasteur,dc=fr"
+#          groupdn => "ou=entites,ou=groupes,dc=pasteur,dc=fr"
+#          uidNumber     => 23865
+#        }
+#      }
+#    CONFIG
+#    end
+#
+#    sample("test" => "test") do
+#      expect(subject).to include('user')
+#      expect(subject["user"]).to eq('biomaj')
+#      expect(subject).to include('group')
+#      expect(subject["group"]).to eq('biomaj')
+#      expect(subject).to include('tags')
+#      expect(subject["tags"]).to eq(["LDAP_UNK_GROUP"])
+#
+#    end
+#  end #end no group name user
+#
+#  describe "LDAP test" do
+#    let(:config) do <<-CONFIG
+#      filter {
+#        LDAPresolve {
+#          host    => "ldap.pasteur.fr"
+#          userdn  => "ou=utilisateurs,dc=pasteur,dc=fr"
+#          groupdn => "ou=entites,ou=groupes,dc=pasteur,dc=fr"
+#          use_ssl => false
+#          uidNumber     => 7225
+#        }
+#      }
+#    CONFIG
+#    end
+#
+#    sample("test" => "test") do
+#      expect(subject).to include('user')
+#      expect(subject["user"]).to eq('Eric DEVEAUD')
+#      expect(subject).to include('group')
+#      expect(subject["group"]).to eq('CIB')
+#      expect(subject).to include('login')
+#      expect(subject["login"]).to eq('edeveaud')
+#      expect(subject).to include('tags')
+#      expect(subject["tags"]).to eq(["LDAP_OK"])
+#
+#    end
+#  end #end LDAP test
+#
+#  describe "LDAPS test" do
+#    let(:config) do <<-CONFIG
+#      filter {
+#        LDAPresolve {
+#          host    => "ldap.pasteur.fr"
+#          userdn  => "ou=utilisateurs,dc=pasteur,dc=fr"
+#          groupdn => "ou=entites,ou=groupes,dc=pasteur,dc=fr"
+#          use_ssl => true
+#          uidNumber     => 7225
+#        }
+#      }
+#    CONFIG
+#    end
+#
+#    sample("test" => "test") do
+#      expect(subject).to include('user')
+#      expect(subject["user"]).to eq('Eric DEVEAUD')
+#      expect(subject).to include('group')
+#      expect(subject["group"]).to eq('CIB')
+#      expect(subject).to include('tags')
+#      expect(subject["tags"]).to eq(["LDAP_OK"])
+#
+#    end
+#  end # end LDAPS test
+
+end

data/spec/spec_helper.rb

@@ -0,0 +1 @@
+require "logstash/devutils/rspec/spec_helper"

metadata

@@ -0,0 +1,108 @@
+--- !ruby/object:Gem::Specification
+name: logstash-filter-LDAPresolve
+version: !ruby/object:Gem::Version
+  version: 0.1.1
+platform: ruby
+authors:
+- Eric Deveaud
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2015-07-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: logstash-core
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 1.4.0
+    - - <
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: 1.4.0
+    - - <
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+  prerelease: false
+  type: :runtime
+- !ruby/object:Gem::Dependency
+  name: jruby-ldap
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  prerelease: false
+  type: :runtime
+- !ruby/object:Gem::Dependency
+  name: logstash-devutils
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  prerelease: false
+  type: :development
+description: This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program
+email: edeveaud@pasteur.fr
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- CHANGELOG.md
+- CONTRIBUTORS
+- DEVELOPER.md
+- Gemfile
+- LICENSE
+- NOTICE.TXT
+- README.md
+- Rakefile
+- lib/logstash/filters/LDAPresolve.rb
+- logstash-filter-LDAPresolve.gemspec
+- spec/filters/LDAPresolve_spec.rb
+- spec/spec_helper.rb
+homepage: http://projets.pasteur.fr
+licenses:
+- Apache License (2.0)
+metadata:
+  logstash_plugin: 'true'
+  logstash_group: filter
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project:
+rubygems_version: 2.4.8
+signing_key:
+specification_version: 4
+summary: This filter adds infodrmation fields from LDAP server based on the provided uid.
+test_files:
+- spec/filters/LDAPresolve_spec.rb
+- spec/spec_helper.rb