logstash-filter-grok 3.4.2 → 3.4.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/docs/index.asciidoc +3 -4
- data/logstash-filter-grok.gemspec +1 -1
- data/spec/filters/grok_spec.rb +7 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e75767b808314a560dccd43de2a2c3078eea5f2c
|
4
|
+
data.tar.gz: 0ecfce6ccaec76d3ba463cc77c830d073ab34179
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9bec6fd0dc609ec7e6e0dee11514230cd796f7bf922bb10f7f4426d1741363bb61029df5a4792f9aff7d8cb4e910eb9273dae576376fb8dae0cedfabf0cd61cb
|
7
|
+
data.tar.gz: 9a8d7479617d411ad99f27889fbf41eaa3b5cf9a7a68e7b1545ee27f4cde58dca52e3bba1f2688ecb0d090ba32b3d380996d3c0071cc0724965adcae873c442a
|
data/CHANGELOG.md
CHANGED
data/docs/index.asciidoc
CHANGED
@@ -12,7 +12,7 @@ START - GENERATED VARIABLES, DO NOT EDIT!
|
|
12
12
|
END - GENERATED VARIABLES, DO NOT EDIT!
|
13
13
|
///////////////////////////////////////////
|
14
14
|
|
15
|
-
[id="plugins-{type}-{plugin}"]
|
15
|
+
[id="plugins-{type}s-{plugin}"]
|
16
16
|
|
17
17
|
=== Grok filter plugin
|
18
18
|
|
@@ -22,8 +22,7 @@ include::{include_path}/plugin_header.asciidoc[]
|
|
22
22
|
|
23
23
|
Parse arbitrary text and structure it.
|
24
24
|
|
25
|
-
Grok is
|
26
|
-
data into something structured and queryable.
|
25
|
+
Grok is a great way to parse unstructured log data into something structured and queryable.
|
27
26
|
|
28
27
|
This tool is perfect for syslog logs, apache and other webserver logs, mysql
|
29
28
|
logs, and in general, any log format that is generally written for humans
|
@@ -330,4 +329,4 @@ Set to 0 to disable timeouts
|
|
330
329
|
|
331
330
|
|
332
331
|
[id="plugins-{type}s-{plugin}-common-options"]
|
333
|
-
include::{include_path}/{type}.asciidoc[]
|
332
|
+
include::{include_path}/{type}.asciidoc[]
|
@@ -1,7 +1,7 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
|
3
3
|
s.name = 'logstash-filter-grok'
|
4
|
-
s.version = '3.4.
|
4
|
+
s.version = '3.4.3'
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
6
6
|
s.summary = "Parse arbitrary text and structure it."
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
data/spec/filters/grok_spec.rb
CHANGED
@@ -883,7 +883,13 @@ describe LogStash::Filters::Grok do
|
|
883
883
|
insist { subject.get("src_ip") } == "1.1.1.1"
|
884
884
|
insist { LogStash::Json.dump(subject.get('username')) } == "\"testuser\""
|
885
885
|
|
886
|
-
insist { subject.to_json } =~ %r|
|
886
|
+
insist { subject.to_json } =~ %r|"src_ip":"1.1.1.1"|
|
887
|
+
insist { subject.to_json } =~ %r|"@timestamp":"20\d\d-\d\d-\d\dT\d\d:\d\d:\d\d\.\d\d\dZ"|
|
888
|
+
insist { subject.to_json } =~ %r|"port":"22"|
|
889
|
+
insist { subject.to_json } =~ %r|"@version":"1"|
|
890
|
+
insist { subject.to_json } =~ %r|"username"|i
|
891
|
+
insist { subject.to_json } =~ %r|"testuser"|
|
892
|
+
insist { subject.to_json } =~ %r|"tags":\["ssh_failure"\]}|
|
887
893
|
end
|
888
894
|
end
|
889
895
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-filter-grok
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.4.
|
4
|
+
version: 3.4.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2017-
|
11
|
+
date: 2017-08-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|