logstash-filter-dissect 1.0.6 → 1.0.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e8ae7e2bba795f607709e23084ba6c6603470909
-  data.tar.gz: d92b6cec5ce57c933e356b147d67d9d50d0f9602
+  metadata.gz: 4066828d764fb5671602ea92941a48c3d1c87adc
+  data.tar.gz: e9dd175b2a351effd59fc4c654d5c9be675a1aa7
 SHA512:
-  metadata.gz: 449cafef68edfd28da3b5dc6c56ad5b93cd532261251868acb5d76f02c654b824120dfa6b937ed6b32085ffd25a4c89dc0a98752840be752580c2ba20e176b93
-  data.tar.gz: dcea450f73cf8ad4f3f9845ffe1d850feec89cc02683c2d0e3f72049141844d2550f701a3c9aab24c1620f6504217ed02e52a84f283287c1efccfe88f1c903e7
+  metadata.gz: bf533ed8fd5dc76a2ca2f1dcbb4df512935bc5c0d8fa8976c1d5422762c7932d574801bd54c8ace3f7fb142a10bd2ecd1d9b29eadef31e66232a6463b2ce843e
+  data.tar.gz: 4175f2160f80bbfb5fa18b20f50e9a89283d611a7f3a3188737244dfe89d01fb1abb6aacbac554c8fc894df214089e0ed2e9bc52a92ab9a5b5dcdcb3f9e9924e

data/BUILD_INSTRUCTIONS.md

@@ -0,0 +1,23 @@
+These instructions are for the JAVA build NOT Ruby Gem build and publish.
+
+#### History
+This is a Logstash plugin with a large amount of Java code.
+
+The Java source is dependent on the logstash-core jar and the logstash-core-event jar.
+These jars can be found in the gems that are resolved via the `s.add_runtime_dependency "logstash-core-plugin-api", "~> 2.0"` line in the gemspec.
+So different versions of these gems can be installed as time goes by. The gradle build dependencies cannot refer to a static location and version.
+
+These Rake tasks allow for Gradle to be dependent on Rubygems.
+- `rake vendor` - this task calls "./gradlew vendor" but only after have done the "bundle_install" rake task
+- `rake bundle_install` - this task calls `bundle install` then puts the output of `bundle show logstash-core` and `bundle show logstash-core-event` into the "gradle.properties" file.
+
+#### Procedure
+Each time a new gem version of `logstash-core-plugin-api` is released we need to run `rake vendor` to verify that any changes to the Java in logstash-core and logstash-core-event are still compatible with their usage in this plugin.
+
+Run `rake vendor`
+
+#### Travis
+Travis is set to use `rake write_gradle_properties` before its build task
+
+#### More Information
+See the Gradle "vendor" task to understand how the the jar is generated.

data/CHANGELOG.md

@@ -1,5 +1,8 @@
+## 1.0.7
+ - Update the version and rebuild the vendored jar.
+
 ## 1.0.6
-  - Relax constraint on logstash-core-plugin-api to >= 1.60 <= 2.99
+ - Skipping this version number, it exists on Rubygems but is faulty
 
 ## 1.0.5
  - Initial commit

data/Gemfile

@@ -1,6 +1,3 @@
 source 'https://rubygems.org'
 gemspec
 
-gem 'logstash-input-generator', '~> 3.0', '>= 3.0.1'
-gem 'logstash-output-null', '~> 3.0', '>= 3.0.1'
-gem 'logstash-filter-drop', '~> 3.0', '>= 3.0.1'

data/README.md

@@ -1,3 +1,6 @@
+### NOTE
+Please read BUILD_INSTRUCTIONS.md
+
 # Logstash Plugin
 
 [![Travis Build Status](https://travis-ci.org/logstash-plugins/logstash-filter-example.svg)](https://travis-ci.org/logstash-plugins/logstash-filter-example)

data/VERSION

@@ -0,0 +1 @@
+1.0.7

data/lib/jruby-dissect-library_jars.rb

@@ -0,0 +1,4 @@
+# AUTOGENERATED BY THE GRADLE SCRIPT. DO NOT EDIT.
+
+require 'jar_dependencies'
+require_jar('org.logstash.dissect', 'jruby-dissect-library', '1.0.7')

data/lib/logstash/filters/dissect.rb

@@ -3,109 +3,134 @@ require "logstash/filters/base"
 require "logstash/namespace"
 
 require "java"
-require "jars/jruby-dissect-library.jar"
+require "jruby-dissect-library_jars"
 require "jruby_dissector"
 
-# De-structures text
-#
-# The dissect filter is a kind of split operation.
-# Unlike a regular split operation where a single delimiter is applied to the
-# whole string, this operation applies a sequence of delimiters to an Event field's
-# string value. This sequence is called a dissection.
-# The dissection is created as a string using a %{} notation:
-# ........
-#        delimiter   suffix
-#        +---+       ++
-# %{key1}/ -- %{+key2/1}: %{&key1}
-# +-----+       |            +--+
-# field         prefix       key
-# ........
-
-# Note: delimiters can't contain the `%{` `}` characters.
-
-# The config should look like this:
-# [source, ruby]
+# ==== *Dissect or how to de-structure text*
+#
+# The Dissect filter is a kind of split operation. Unlike a regular split operation where one delimiter is applied to the whole string, this operation applies a set of delimiters # to a string value. +
+# Dissect does not use regular expressions and is very fast. +
+# However, if the structure of your text varies from line to line then Grok is more suitable. +
+# There is a hybrid case where Dissect can be used to de-structure the section of the line that is reliably repeated and then Grok can be used on the remaining field values with # more regex predictability and less overall work to do. +
+#
+# A set of fields and delimiters is called a *dissection*.
+#
+# The dissection is described using a set of `%{}` sections:
+# ....
+# %{a} - %{b} - %{c}
+# ....
+#
+# A *field* is the text from `%` to `}` inclusive.
+#
+# A *delimiter* is the text between `}` and `%` characters.
+#
+# [NOTE]
+# delimiters can't contain these `}{%` characters.
+#
+# The config might look like this:
+# ....
 #   filter {
 #     dissect {
 #       mapping => {
-#         "message" => "%{timestamp} %{+timestamp} %{+timestamp} %{logsource} %{} %{program}[%{pid}]: %{msg}"
+#         "message" => "%{ts} %{+ts} %{+ts} %{src} %{} %{prog}[%{pid}]: %{msg}"
 #       }
 #     }
 #   }
-
-# When dissecting a string any text between the delimiters, a found value, will be stored
-# in the Event using that field name.
-
-# The Key:
-# The key is the text between the `%{` and `}`, exclusive of the ?, +, & prefixes and the ordinal suffix.
-# `%{?aaa}` - key is `aaa`
-# `%{+bbb/3}` - key is `bbb`
-# `%{&ccc}` - key is `ccc`
-
-# Normal field notation
-# The found value is added to the Event using the key.
-# `%{some_field}` - a normal field
-
-# Skip field notation
-# The found value is recorded internally but not added to the Event.
+# ....
+# When dissecting a string from left to right, text is captured upto the first delimiter - this captured text is stored in the first field. This is repeated for each field/# delimiter pair thereafter until the last delimiter is reached, then *the remaining text is stored in the last field*. +
+#
+# *The Key:* +
+# The key is the text between the `%{` and `}`, exclusive of the ?, +, & prefixes and the ordinal suffix. +
+# `%{?aaa}` - key is `aaa` +
+# `%{+bbb/3}` - key is `bbb` +
+# `%{&ccc}` - key is `ccc` +
+#
+# *Normal field notation:* +
+# The found value is added to the Event using the key. +
+# `%{some_field}` - a normal field has no prefix or suffix
+#
+# *Skip field notation:* +
+# The found value is stored internally but not added to the Event. +
 # The key, if supplied, is prefixed with a `?`.
-# `%{}` - an empty skip field
-# `%{?some_field} - named skip field
-
-# Append field notation
-# The value is appended to another value or stored if its the first field seen.
-# The key is prefixed with a `+`.
-# The final value is stored in the Event using the key.
-# The delimiter found before the field or a space is appended before the found value.
-# `%{+some_field}` - an append field
-# `%{+some_field/2}` - and append field with an order modifier.
-# An order modifier, `/number`, allows one to reorder the append sequence.
-# e.g. for a text of `1 2 3 go`, this `%{+a/2} %{+a/1} %{+a/4} %{+a/3}` will build a key/value of `a => 2 1 go 3`
-# Append fields without an order modifier will append in declared order.
-# e.g. for a text of `1 2 3 go`, this `%{a} %{b} %{+a}` will build two key/values of `a => 1 3 go, b => 2`
-
-# Indirect field notation
-# The found value is added to the Event using the found value of another field as the key.
-# The key is prefixed with a `&`.
-# `%{&some_field}` - an indirect field where the key is indirectly sourced from the value of `some_field`.
-# e.g. for a text of `error: some_error, description`, this `error: %{?err}, %{&desc}`will build a key/value of `'some_error' => description`
-# Hint: use a Skip field if you do not want the indirection key/value stored.
+#
+# `%{}` is an empty skip field.
+#
+# `%{?foo}` is a named skip field.
+#
+# *Append field notation:* +
+# The value is appended to another value or stored if its the first field seen. +
+# The key is prefixed with a `+`. +
+# The final value is stored in the Event using the key. +
+#
+# [NOTE]
+# ====
+# The delimiter found before the field is appended with the value. +
+# If no delimiter is found before the field, a single space character is used.
+# ====
+#
+# `%{+some_field}` is an append field. +
+# `%{+some_field/2}` is an append field with an order modifier.
+#
+# An order modifier, `/digits`, allows one to reorder the append sequence. +
+# e.g. for a text of `1 2 3 go`, this `%{+a/2} %{+a/1} %{+a/4} %{+a/3}` will build a key/value of `a => 2 1 go 3` +
+# Append fields without an order modifier will append in declared order. +
+# e.g. for a text of `1 2 3 go`, this `%{a} %{b} %{+a}` will build two key/values of `a => 1 3 go, b => 2` +
+#
+# *Indirect field notation:* +
+# The found value is added to the Event using the found value of another field as the key. +
+# The key is prefixed with a `&`. +
+# `%{&some_field}` - an indirect field where the key is indirectly sourced from the value of `some_field`. +
+# e.g. for a text of `error: some_error, some_description`, this `error: %{?err}, %{&err}` will build a key/value of `some_error => description`.
+#
+# [NOTE]
+# for append and indirect field the key can refer to a field that already exists in the event before dissection.
+#
+# [NOTE]
+# use a Skip field if you do not want the indirection key/value stored.
+#
 # e.g. for a text of `google: 77.98`, this `%{?a}: %{&a}` will build a key/value of `google => 77.98`.
-
-# Note: for append and indirect field the key can refer to a field that already exists in the event before dissection.
-# Note: append and indirect cannot be combined. This will fail validation.
-# `%{+&something}` - will add a value to the `&something` key, probably not the intended outcome.
-# `%{&+something}` will add a value to the `+something` key, again unintended.
-
-# Delimiter repetition
-# In the source text if a field has variable width padded with delimiters, the padding will be ignored.
+#
+# [NOTE]
+# ===============================
+# append and indirect cannot be combined and will fail validation. +
+# `%{+&something}` - will add a value to the `&something` key, probably not the intended outcome. +
+# `%{&+something}` will add a value to the `+something` key, again probably unintended. +
+# ===============================
+#
+# *Delimiter repetition:* +
+# In the source text if a field has variable width padded with delimiters, the padding will be ignored. +
 # e.g. for texts of:
-# ........
+# ....
 # 00000043 ViewReceiver  I
 # 000000b3 Peer          I
-# ........
-# and a dissection of `%{a} %{b} %{c}`; the padding is ignored.
+# ....
+# with a dissection of `%{a} %{b} %{c}`; the padding is ignored, `event.get([c]) -> "I"`
 #
-# You probably want to put this filter in an if block to ensure that the event
-# contains text with a suitable layout.
-# [source, ruby]
+# [NOTE]
+# ====
+# You probably want to use this filter inside an `if` block. +
+# This ensures that the event contains a field value with a suitable structure for the dissection.
+# ====
+#
+# For example...
+# ....
 # filter {
 #   if [type] == "syslog" or "syslog" in [tags] {
 #     dissect {
 #       mapping => {
-#         "message" => "%{timestamp} %{+timestamp} %{+timestamp} %{logsource} %{} %{program}[%{pid}]: %{msg}"
+#         "message" => "%{ts} %{+ts} %{+ts} %{src} %{} %{prog}[%{pid}]: %{msg}"
 #       }
 #     }
 #   }
 # }
+# ....
 
 module LogStash module Filters class Dissect < LogStash::Filters::Base
 
   config_name "dissect"
 
-  # A hash of dissections of field => value
-  # A later dissection can be done on an earlier one
-  # or they can be independent.
+  # A hash of dissections of `field => value` +
+  # A later dissection can be done on values from a previous dissection or they can be independent.
   #
   # For example
   # [source, ruby]
@@ -118,11 +143,25 @@ module LogStash module Filters class Dissect < LogStash::Filters::Base
   #   }
   # }
   #
-  # This is useful if you want to keep the field `description` also
+  # This is useful if you want to keep the field `description` but also
   # dissect it some more.
+
   config :mapping, :validate => :hash, :default => {}
 
-  # TODO add docs
+  # With this setting `int` and `float` datatype conversions can be specified. +
+  # These will be done after all `mapping` dissections have taken place. +
+  # Feel free to use this setting on its own without a `mapping` section. +
+  #
+  # For example
+  # [source, ruby]
+  # filter {
+  #   dissect {
+  #     convert_datatype => {
+  #       cpu => "float"
+  #       code => "int"
+  #     }
+  #   }
+  # }
   config :convert_datatype, :validate => :hash, :default => {}
 
   # Append values to the `tags` field when dissection fails
@@ -131,7 +170,7 @@ module LogStash module Filters class Dissect < LogStash::Filters::Base
   public
 
   def register
-     @dissector = LogStash::Dissector.new(@mapping)
+    @dissector = LogStash::Dissector.new(@mapping)
   end
 
   def filter(event)

data/logstash-filter-dissect.gemspec

@@ -1,8 +1,10 @@
+DISSECT_VERSION = File.read(File.expand_path(File.join(File.dirname(__FILE__), "VERSION"))).strip unless defined?(DISSECT_VERSION)
+
 Gem::Specification.new do |s|
   s.name = 'logstash-filter-dissect'
-  s.version         = '1.0.6'
+  s.version = DISSECT_VERSION
   s.licenses = ['Apache License (2.0)']
-  s.summary = "This dissect filter will destructurize text in multiple fields."
+  s.summary = "This dissect filter will de-structure text into multiple fields."
   s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
   s.authors = ["Elastic"]
   s.email = 'info@elastic.co'
@@ -10,7 +12,7 @@ Gem::Specification.new do |s|
   s.require_paths = ["lib"]
 
   # Files
-  s.files = Dir['lib/**/*','spec/**/*','vendor/**/*','*.gemspec','*.md','CONTRIBUTORS','Gemfile','LICENSE','NOTICE.TXT']
+  s.files = Dir['lib/**/*','spec/**/*','vendor/**/*','*.gemspec','*.md','CONTRIBUTORS','Gemfile','VERSION','LICENSE','NOTICE.TXT']
    # Tests
   s.test_files = s.files.grep(%r{^(test|spec|features)/})
 
@@ -18,6 +20,9 @@ Gem::Specification.new do |s|
   s.metadata = { "logstash_plugin" => "true", "logstash_group" => "filter" }
 
   # Gem dependencies
-  s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
-  s.add_development_dependency 'logstash-devutils', '~> 1.0.0'
+  s.add_runtime_dependency 'logstash-core-plugin-api', '>= 2.1.1', '<= 2.99'
+  s.add_runtime_dependency 'jar-dependencies'
+
+  s.add_development_dependency 'rspec'
+  s.add_development_dependency 'logstash-devutils'
 end

data/spec/filters/dissect_spec.rb

@@ -26,6 +26,16 @@ describe LogStash::Filters::Dissect do
       @msgs.push(msg[0])
       @hashes.push(msg[1])
     end
+
+    def fatal(*msg)
+      @msgs.push(msg[0])
+      @hashes.push(msg[1])
+    end
+
+    def trace(*msg)
+      @msgs.push(msg[0])
+      @hashes.push(msg[1])
+    end
   end
 
   describe "Basic dissection" do
@@ -74,6 +84,31 @@ describe LogStash::Filters::Dissect do
     end
   end
 
+  describe "Basic dissection with multibyte Unicode characters" do
+    let(:config) do <<-CONFIG
+      filter {
+        dissect {
+          mapping => {
+            message => "[%{occurred_at}]྿྿྿%{code}྿%{service}྿྿྿྿%{?ic}=%{&ic}%྿྿%{svc_message}"
+          }
+          convert_datatype => {
+            cpu => "float"
+            code => "int"
+          }
+        }
+      }
+    CONFIG
+    end
+
+    sample("message" => "[25/05/16 09:10:38:425 BST]྿྿྿00000001྿SystemOut྿྿྿྿cpu=95.43%྿྿java.lang:type=MemoryPool,name=class storage") do
+      expect(subject.get("occurred_at")).to eq("25/05/16 09:10:38:425 BST")
+      expect(subject.get("code")).to eq(1)
+      expect(subject.get("service")).to eq("SystemOut")
+      expect(subject.get("cpu")).to eq(95.43)
+      expect(subject.get("svc_message")).to eq("java.lang:type=MemoryPool,name=class storage")
+    end
+  end
+
   describe "Basic dissection with failing datatype conversion" do
     subject(:filter) {  LogStash::Filters::Dissect.new(config)  }
 
@@ -92,7 +127,7 @@ describe LogStash::Filters::Dissect do
     let(:loggr)      { LoggerMock.new }
 
     before(:each) do
-      filter.logger = loggr
+      filter.class.instance_variable_set("@logger", loggr)
     end
 
     it "tags and log messages are created" do
@@ -145,7 +180,7 @@ describe LogStash::Filters::Dissect do
     let(:loggr)      { LoggerMock.new }
 
     before(:each) do
-      filter.logger = loggr
+      filter.class.instance_variable_set("@logger", loggr)
     end
 
     it "does not raise any exceptions" do
@@ -162,11 +197,6 @@ describe LogStash::Filters::Dissect do
   describe "valid field format handling" do
     subject(:filter) {  LogStash::Filters::Dissect.new(config)  }
     let(:config)     { {"mapping" => {"message" => "%{+timestamp/2} %{+timestamp/1} %{?no_name} %{&no_name} %{} %{program}[%{pid}]: %{msg}"}}}
-    let(:loggr)      { LoggerMock.new }
-
-    before(:each) do
-      filter.logger = loggr
-    end
 
     it "does not raise an error in register" do
       expect{filter.register}.not_to raise_exception
@@ -175,16 +205,11 @@ describe LogStash::Filters::Dissect do
 
   describe "invalid field format handling" do
     subject(:filter) {  LogStash::Filters::Dissect.new(config)  }
-    let(:loggr)      { LoggerMock.new }
-
-    before(:each) do
-      filter.logger = loggr
-    end
 
     context "when field is defined as Append and Indirect (+&)" do
       let(:config)     { {"mapping" => {"message" => "%{+&timestamp}"}}}
       it "raises an error in register" do
-        msg = "org.logstash.dissect.InvalidFieldException: Field cannot prefix with both Append and Indirect Prefix (+&): +&timestamp"
+        msg = "org.logstash.dissect.fields.InvalidFieldException: Field cannot prefix with both Append and Indirect Prefix (+&): +&timestamp"
         expect{filter.register}.to raise_exception(LogStash::FieldFormatError, msg)
       end
     end
@@ -192,64 +217,9 @@ describe LogStash::Filters::Dissect do
     context "when field is defined as Indirect and Append (&+)" do
       let(:config)     { {"mapping" => {"message" => "%{&+timestamp}"}}}
       it "raises an error in register" do
-        msg = "org.logstash.dissect.InvalidFieldException: Field cannot prefix with both Append and Indirect Prefix (&+): &+timestamp"
+        msg = "org.logstash.dissect.fields.InvalidFieldException: Field cannot prefix with both Append and Indirect Prefix (&+): &+timestamp"
         expect{filter.register}.to raise_exception(LogStash::FieldFormatError, msg)
       end
     end
   end
-
-  describe "baseline performance test", :performance => true do
-    event_count = 1000000
-    min_rate = 30000
-
-    max_duration = event_count / min_rate
-    cfg_base = <<-CONFIG
-          input {
-            generator {
-              count => #{event_count}
-              message => "Mar 16 00:01:25 evita postfix/smtpd[1713]: connect from camomile.cloud9.net[168.100.1.3]"
-            }
-          }
-          output { null { } }
-        CONFIG
-
-    config(cfg_base)
-    start = Time.now.to_f
-    agent do
-      duration = (Time.now.to_f - start)
-      puts "\n\ninputs/generator baseline rate: #{"%02.0f/sec" % (event_count / duration)}, elapsed: #{duration}s\n\n"
-      insist { duration } < max_duration
-    end
-  end
-
-  describe "dissect performance test", :performance => true do
-    event_count = 1000000
-    min_rate = 30000
-    max_duration = event_count / min_rate
-
-    cfg_filter = <<-CONFIG
-          input {
-            generator {
-              count => #{event_count}
-              message => "Mar 16 00:01:25 evita postfix/smtpd[1713]: connect from camomile.cloud9.net[168.100.1.3]"
-            }
-          }
-          filter {
-            dissect {
-              mapping => {
-                "message" => "%{timestamp} %{+timestamp} %{+timestamp} %{logsource} %{program}[%{pid}]: %{msg}"
-              }
-            }
-          }
-          output { null { } }
-        CONFIG
-
-    config(cfg_filter)
-    start = Time.now.to_f
-    agent do
-      duration = (Time.now.to_f - start)
-      puts "\n\nfilters/dissect rate: #{"%02.0f/sec" % (event_count / duration)}, elapsed: #{duration}s\n\n"
-      insist { duration } < event_count / min_rate
-    end
-  end
 end

data/spec/spec_helper.rb

@@ -1,4 +1,5 @@
 # encoding: utf-8
+require "forwardable"
 require "logstash/devutils/rspec/spec_helper"
 
 module LogStash::Environment

metadata

@@ -1,21 +1,21 @@
 --- !ruby/object:Gem::Specification
 name: logstash-filter-dissect
 version: !ruby/object:Gem::Version
-  version: 1.0.6
+  version: 1.0.7
 platform: ruby
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-07-14 00:00:00.000000000 Z
+date: 2016-10-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.60'
+        version: 2.1.1
     - - "<="
       - !ruby/object:Gem::Version
         version: '2.99'
@@ -26,30 +26,59 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.60'
+        version: 2.1.1
     - - "<="
       - !ruby/object:Gem::Version
         version: '2.99'
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  name: jar-dependencies
+  prerelease: false
+  type: :runtime
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.0.0
+        version: '0'
+  name: rspec
+  prerelease: false
+  type: :development
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
   name: logstash-devutils
   prerelease: false
   type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.0.0
+        version: '0'
 description: This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program
 email: info@elastic.co
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- BUILD_INSTRUCTIONS.md
 - CHANGELOG.md
 - CONTRIBUTORS
 - DEVELOPER.md
@@ -57,11 +86,15 @@ files:
 - LICENSE
 - NOTICE.TXT
 - README.md
-- lib/jars/jruby-dissect-library.jar
+- VERSION
+- lib/jruby-dissect-library_jars.rb
 - lib/logstash/filters/dissect.rb
 - logstash-filter-dissect.gemspec
 - spec/filters/dissect_spec.rb
 - spec/spec_helper.rb
+- vendor/jars/org/jruby/jruby-core/1.7.25/jruby-core-1.7.25.jar
+- vendor/jars/org/logstash/dissect/jruby-dissect-library/1.0.5/jruby-dissect-library-1.0.5.jar
+- vendor/jars/org/logstash/dissect/jruby-dissect-library/1.0.7/jruby-dissect-library-1.0.7.jar
 homepage: http://www.elastic.co/guide/en/logstash/current/index.html
 licenses:
 - Apache License (2.0)
@@ -84,10 +117,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.3
+rubygems_version: 2.4.8
 signing_key:
 specification_version: 4
-summary: This dissect filter will destructurize text in multiple fields.
+summary: This dissect filter will de-structure text into multiple fields.
 test_files:
 - spec/filters/dissect_spec.rb
 - spec/spec_helper.rb