logstash-filter-sphinx 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.idea/workspace.xml +134 -38
- data/Gemfile +3 -0
- data/lib/logstash/filters/sphinx.rb +41 -0
- data/logstash-filter-sphinx.gemspec +2 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: da03cf7de02a34ce508dc237caf763ab39d156be
|
|
4
|
+
data.tar.gz: f57121f5f5834e153dab489d7262abd5e84da391
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c0e9dacc696b68735aa00a01cca7a802a6f6a0fc75daf02e82df8d60810d0280b7435fd8c8f2a3880c7d3efd7f9139131a705576867ac29f5cd77818791f8967
|
|
7
|
+
data.tar.gz: 19afd7f631107e3f847ac4d8480449dc5a92b180811deb6d8e894d10d3f33acac0cf25ba7bbcf2df4ae8b7250cda7124dfa33a7ac70ee3920cb29e094e1a7ddf
|
data/.idea/workspace.xml
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
<project version="4">
|
|
3
3
|
<component name="ChangeListManager">
|
|
4
4
|
<list default="true" id="30fe0730-fe49-472a-b4e0-49784c549ce1" name="Default" comment="">
|
|
5
|
+
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/Gemfile" afterPath="$PROJECT_DIR$/Gemfile" />
|
|
5
6
|
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/logstash-filter-sphinx.gemspec" afterPath="$PROJECT_DIR$/logstash-filter-sphinx.gemspec" />
|
|
6
7
|
</list>
|
|
7
8
|
<ignored path="logstash-filter-sphinx.iws" />
|
|
@@ -33,28 +34,38 @@
|
|
|
33
34
|
<file leaf-file-name="Gemfile" pinned="false" current-in-tab="false">
|
|
34
35
|
<entry file="file://$PROJECT_DIR$/Gemfile">
|
|
35
36
|
<provider selected="true" editor-type-id="text-editor">
|
|
36
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="
|
|
37
|
-
<caret line="
|
|
37
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="374">
|
|
38
|
+
<caret line="7" column="0" selection-start-line="7" selection-start-column="0" selection-end-line="7" selection-end-column="0" />
|
|
38
39
|
<folding />
|
|
39
40
|
</state>
|
|
40
41
|
</provider>
|
|
41
42
|
</entry>
|
|
42
43
|
</file>
|
|
43
|
-
<file leaf-file-name="
|
|
44
|
+
<file leaf-file-name="Rakefile" pinned="false" current-in-tab="false">
|
|
45
|
+
<entry file="file://$PROJECT_DIR$/Rakefile">
|
|
46
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
47
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="119">
|
|
48
|
+
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
|
|
49
|
+
<folding />
|
|
50
|
+
</state>
|
|
51
|
+
</provider>
|
|
52
|
+
</entry>
|
|
53
|
+
</file>
|
|
54
|
+
<file leaf-file-name="logstash-filter-sphinx.gemspec" pinned="false" current-in-tab="true">
|
|
44
55
|
<entry file="file://$PROJECT_DIR$/logstash-filter-sphinx.gemspec">
|
|
45
56
|
<provider selected="true" editor-type-id="text-editor">
|
|
46
|
-
<state vertical-scroll-proportion="0.
|
|
47
|
-
<caret line="
|
|
57
|
+
<state vertical-scroll-proportion="0.669697" vertical-offset="0" max-vertical-offset="660">
|
|
58
|
+
<caret line="26" column="2" selection-start-line="26" selection-start-column="2" selection-end-line="26" selection-end-column="2" />
|
|
48
59
|
<folding />
|
|
49
60
|
</state>
|
|
50
61
|
</provider>
|
|
51
62
|
</entry>
|
|
52
63
|
</file>
|
|
53
|
-
<file leaf-file-name="README.md" pinned="false" current-in-tab="
|
|
64
|
+
<file leaf-file-name="README.md" pinned="false" current-in-tab="false">
|
|
54
65
|
<entry file="file://$PROJECT_DIR$/README.md">
|
|
55
66
|
<provider selected="true" editor-type-id="text-editor">
|
|
56
|
-
<state vertical-scroll-proportion="
|
|
57
|
-
<caret line="
|
|
67
|
+
<state vertical-scroll-proportion="-11.56" vertical-offset="340" max-vertical-offset="1547">
|
|
68
|
+
<caret line="37" column="3" selection-start-line="37" selection-start-column="3" selection-end-line="37" selection-end-column="3" />
|
|
58
69
|
<folding />
|
|
59
70
|
</state>
|
|
60
71
|
</provider>
|
|
@@ -93,8 +104,8 @@
|
|
|
93
104
|
<file leaf-file-name="sphinx.rb" pinned="false" current-in-tab="false">
|
|
94
105
|
<entry file="file://$PROJECT_DIR$/lib/logstash/filters/sphinx.rb">
|
|
95
106
|
<provider selected="true" editor-type-id="text-editor">
|
|
96
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="
|
|
97
|
-
<caret line="
|
|
107
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="8761" max-vertical-offset="13124">
|
|
108
|
+
<caret line="706" column="9" selection-start-line="706" selection-start-column="9" selection-end-line="706" selection-end-column="9" />
|
|
98
109
|
<folding />
|
|
99
110
|
</state>
|
|
100
111
|
</provider>
|
|
@@ -120,8 +131,8 @@
|
|
|
120
131
|
<list>
|
|
121
132
|
<option value="C:/logstash-1.5.0-rc3/lib/logstash/runner.rb" />
|
|
122
133
|
<option value="$PROJECT_DIR$/Gemfile.lock" />
|
|
123
|
-
<option value="$PROJECT_DIR$/Gemfile" />
|
|
124
134
|
<option value="$PROJECT_DIR$/lib/logstash/filters/sphinx.rb" />
|
|
135
|
+
<option value="$PROJECT_DIR$/Gemfile" />
|
|
125
136
|
<option value="$PROJECT_DIR$/logstash-filter-sphinx.gemspec" />
|
|
126
137
|
</list>
|
|
127
138
|
</option>
|
|
@@ -130,9 +141,10 @@
|
|
|
130
141
|
<detection-done>true</detection-done>
|
|
131
142
|
</component>
|
|
132
143
|
<component name="ProjectFrameBounds">
|
|
133
|
-
<option name="x" value="
|
|
134
|
-
<option name="
|
|
135
|
-
<option name="
|
|
144
|
+
<option name="x" value="-9" />
|
|
145
|
+
<option name="y" value="-9" />
|
|
146
|
+
<option name="width" value="1938" />
|
|
147
|
+
<option name="height" value="1170" />
|
|
136
148
|
</component>
|
|
137
149
|
<component name="ProjectLevelVcsManager" settingsEditedManually="false">
|
|
138
150
|
<OptionsSetting value="true" id="Add" />
|
|
@@ -329,7 +341,7 @@
|
|
|
329
341
|
<servers />
|
|
330
342
|
</component>
|
|
331
343
|
<component name="ToolWindowManager">
|
|
332
|
-
<frame x="
|
|
344
|
+
<frame x="-9" y="-9" width="1938" height="1170" extended-state="6" />
|
|
333
345
|
<editor active="true" />
|
|
334
346
|
<layout>
|
|
335
347
|
<window_info id="Changes" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.32959327" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
|
|
@@ -339,9 +351,9 @@
|
|
|
339
351
|
<window_info id="Structure" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.25" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
|
|
340
352
|
<window_info id="Application Servers" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
|
|
341
353
|
<window_info id="Remote Host" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
|
|
342
|
-
<window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" weight="0.
|
|
354
|
+
<window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" weight="0.18477103" sideWeight="0.5" order="0" side_tool="false" content_ui="combo" />
|
|
343
355
|
<window_info id="Debug" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.2293666" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
|
|
344
|
-
<window_info id="Run" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="
|
|
356
|
+
<window_info id="Run" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" weight="0.3287805" sideWeight="0.5" order="2" side_tool="false" content_ui="tabs" />
|
|
345
357
|
<window_info id="Favorites" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="2" side_tool="true" content_ui="tabs" />
|
|
346
358
|
<window_info id="Event Log" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="7" side_tool="true" content_ui="tabs" />
|
|
347
359
|
<window_info id="Version Control" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.32959327" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
|
|
@@ -386,6 +398,86 @@
|
|
|
386
398
|
</watches-manager>
|
|
387
399
|
</component>
|
|
388
400
|
<component name="editorHistoryManager">
|
|
401
|
+
<entry file="file://$PROJECT_DIR$/lib/logstash/filters/sphinx.rb">
|
|
402
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
403
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="12427">
|
|
404
|
+
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
|
|
405
|
+
<folding />
|
|
406
|
+
</state>
|
|
407
|
+
</provider>
|
|
408
|
+
</entry>
|
|
409
|
+
<entry file="file://C:/logstash-1.5.0-rc3/vendor/bundle/jruby/1.9/gems/ipaddress-0.8.0/lib/ipaddress.rb">
|
|
410
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
411
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="1373" max-vertical-offset="3536">
|
|
412
|
+
<caret line="132" column="3" selection-start-line="132" selection-start-column="3" selection-end-line="132" selection-end-column="3" />
|
|
413
|
+
<folding />
|
|
414
|
+
</state>
|
|
415
|
+
</provider>
|
|
416
|
+
</entry>
|
|
417
|
+
<entry file="file://$PROJECT_DIR$/Gemfile">
|
|
418
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
419
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="221" max-vertical-offset="323">
|
|
420
|
+
<caret line="13" column="0" selection-start-line="13" selection-start-column="0" selection-end-line="13" selection-end-column="0" />
|
|
421
|
+
<folding />
|
|
422
|
+
</state>
|
|
423
|
+
</provider>
|
|
424
|
+
</entry>
|
|
425
|
+
<entry file="file://$PROJECT_DIR$/logstash-filter-sphinx.gemspec">
|
|
426
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
427
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="204" max-vertical-offset="595">
|
|
428
|
+
<caret line="12" column="23" selection-start-line="12" selection-start-column="23" selection-end-line="12" selection-end-column="23" />
|
|
429
|
+
<folding />
|
|
430
|
+
</state>
|
|
431
|
+
</provider>
|
|
432
|
+
</entry>
|
|
433
|
+
<entry file="file://$PROJECT_DIR$/README.md">
|
|
434
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
435
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="340" max-vertical-offset="1547">
|
|
436
|
+
<caret line="20" column="0" selection-start-line="20" selection-start-column="0" selection-end-line="20" selection-end-column="0" />
|
|
437
|
+
<folding />
|
|
438
|
+
</state>
|
|
439
|
+
</provider>
|
|
440
|
+
</entry>
|
|
441
|
+
<entry file="file://C:/logstash-1.5.0-rc3/vendor/bundle/jruby/1.9/gems/cabin-0.7.1/lib/cabin/mixins/logger.rb">
|
|
442
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
443
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="414" max-vertical-offset="2244">
|
|
444
|
+
<caret line="45" column="0" selection-start-line="45" selection-start-column="0" selection-end-line="45" selection-end-column="0" />
|
|
445
|
+
<folding />
|
|
446
|
+
</state>
|
|
447
|
+
</provider>
|
|
448
|
+
</entry>
|
|
449
|
+
<entry file="file://C:/logstash-1.5.0-rc3/lib/logstash/environment.rb">
|
|
450
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
451
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="1989" max-vertical-offset="2261">
|
|
452
|
+
<caret line="117" column="0" selection-start-line="117" selection-start-column="0" selection-end-line="117" selection-end-column="0" />
|
|
453
|
+
<folding />
|
|
454
|
+
</state>
|
|
455
|
+
</provider>
|
|
456
|
+
</entry>
|
|
457
|
+
<entry file="file://C:/logstash-1.5.0-rc3/lib/logstash/runner.rb">
|
|
458
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
459
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="918" max-vertical-offset="3060">
|
|
460
|
+
<caret line="12" column="0" selection-start-line="12" selection-start-column="0" selection-end-line="12" selection-end-column="0" />
|
|
461
|
+
<folding />
|
|
462
|
+
</state>
|
|
463
|
+
</provider>
|
|
464
|
+
</entry>
|
|
465
|
+
<entry file="file://$PROJECT_DIR$/lib/logstash/filters/sphinx.rb">
|
|
466
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
467
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="12427">
|
|
468
|
+
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
|
|
469
|
+
<folding />
|
|
470
|
+
</state>
|
|
471
|
+
</provider>
|
|
472
|
+
</entry>
|
|
473
|
+
<entry file="file://C:/logstash-1.5.0-rc3/vendor/bundle/jruby/1.9/gems/ipaddress-0.8.0/lib/ipaddress.rb">
|
|
474
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
475
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="1373" max-vertical-offset="3536">
|
|
476
|
+
<caret line="132" column="3" selection-start-line="132" selection-start-column="3" selection-end-line="132" selection-end-column="3" />
|
|
477
|
+
<folding />
|
|
478
|
+
</state>
|
|
479
|
+
</provider>
|
|
480
|
+
</entry>
|
|
389
481
|
<entry file="file://$PROJECT_DIR$/Gemfile">
|
|
390
482
|
<provider selected="true" editor-type-id="text-editor">
|
|
391
483
|
<state vertical-scroll-proportion="0.0" vertical-offset="221" max-vertical-offset="323">
|
|
@@ -446,7 +538,6 @@
|
|
|
446
538
|
<provider selected="true" editor-type-id="text-editor">
|
|
447
539
|
<state vertical-scroll-proportion="0.0" vertical-offset="33860" max-vertical-offset="44880">
|
|
448
540
|
<caret line="2013" column="0" selection-start-line="2013" selection-start-column="0" selection-end-line="2013" selection-end-column="0" />
|
|
449
|
-
<folding />
|
|
450
541
|
</state>
|
|
451
542
|
</provider>
|
|
452
543
|
</entry>
|
|
@@ -510,7 +601,6 @@
|
|
|
510
601
|
<provider selected="true" editor-type-id="text-editor">
|
|
511
602
|
<state vertical-scroll-proportion="0.0" vertical-offset="33860" max-vertical-offset="44880">
|
|
512
603
|
<caret line="2013" column="0" selection-start-line="2013" selection-start-column="0" selection-end-line="2013" selection-end-column="0" />
|
|
513
|
-
<folding />
|
|
514
604
|
</state>
|
|
515
605
|
</provider>
|
|
516
606
|
</entry>
|
|
@@ -574,7 +664,6 @@
|
|
|
574
664
|
<provider selected="true" editor-type-id="text-editor">
|
|
575
665
|
<state vertical-scroll-proportion="0.0" vertical-offset="33860" max-vertical-offset="44880">
|
|
576
666
|
<caret line="2013" column="0" selection-start-line="2013" selection-start-column="0" selection-end-line="2013" selection-end-column="0" />
|
|
577
|
-
<folding />
|
|
578
667
|
</state>
|
|
579
668
|
</provider>
|
|
580
669
|
</entry>
|
|
@@ -632,14 +721,6 @@
|
|
|
632
721
|
</state>
|
|
633
722
|
</provider>
|
|
634
723
|
</entry>
|
|
635
|
-
<entry file="file://$PROJECT_DIR$/Gemfile">
|
|
636
|
-
<provider selected="true" editor-type-id="text-editor">
|
|
637
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="323">
|
|
638
|
-
<caret line="13" column="0" selection-start-line="13" selection-start-column="0" selection-end-line="13" selection-end-column="0" />
|
|
639
|
-
<folding />
|
|
640
|
-
</state>
|
|
641
|
-
</provider>
|
|
642
|
-
</entry>
|
|
643
724
|
<entry file="file://C:/logstash-1.5.0-rc3/vendor/bundle/jruby/1.9/gems/ipaddress-0.8.0/lib/ipaddress.rb">
|
|
644
725
|
<provider selected="true" editor-type-id="text-editor">
|
|
645
726
|
<state vertical-scroll-proportion="0.0" vertical-offset="1373" max-vertical-offset="3536">
|
|
@@ -672,37 +753,52 @@
|
|
|
672
753
|
</state>
|
|
673
754
|
</provider>
|
|
674
755
|
</entry>
|
|
756
|
+
<entry file="file://C:/logstash-1.5.0-rc3/vendor/bundle/jruby/1.9/gems/redis-3.2.1/lib/redis.rb">
|
|
757
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
758
|
+
<state vertical-scroll-proportion="0.35531497" vertical-offset="33860" max-vertical-offset="44880">
|
|
759
|
+
<caret line="2013" column="0" selection-start-line="2013" selection-start-column="0" selection-end-line="2013" selection-end-column="0" />
|
|
760
|
+
</state>
|
|
761
|
+
</provider>
|
|
762
|
+
</entry>
|
|
675
763
|
<entry file="file://$PROJECT_DIR$/lib/logstash/filters/sphinx.rb">
|
|
676
764
|
<provider selected="true" editor-type-id="text-editor">
|
|
677
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="
|
|
678
|
-
<caret line="
|
|
765
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="8761" max-vertical-offset="13124">
|
|
766
|
+
<caret line="706" column="9" selection-start-line="706" selection-start-column="9" selection-end-line="706" selection-end-column="9" />
|
|
679
767
|
<folding />
|
|
680
768
|
</state>
|
|
681
769
|
</provider>
|
|
682
770
|
</entry>
|
|
683
|
-
<entry file="file
|
|
771
|
+
<entry file="file://$PROJECT_DIR$/README.md">
|
|
684
772
|
<provider selected="true" editor-type-id="text-editor">
|
|
685
|
-
<state vertical-scroll-proportion="
|
|
686
|
-
<caret line="
|
|
773
|
+
<state vertical-scroll-proportion="-11.56" vertical-offset="340" max-vertical-offset="1547">
|
|
774
|
+
<caret line="37" column="3" selection-start-line="37" selection-start-column="3" selection-end-line="37" selection-end-column="3" />
|
|
687
775
|
<folding />
|
|
688
776
|
</state>
|
|
689
777
|
</provider>
|
|
690
778
|
</entry>
|
|
691
|
-
<entry file="file://$PROJECT_DIR$/
|
|
779
|
+
<entry file="file://$PROJECT_DIR$/Gemfile">
|
|
692
780
|
<provider selected="true" editor-type-id="text-editor">
|
|
693
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="
|
|
694
|
-
<caret line="
|
|
781
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="374">
|
|
782
|
+
<caret line="7" column="0" selection-start-line="7" selection-start-column="0" selection-end-line="7" selection-end-column="0" />
|
|
695
783
|
<folding />
|
|
696
784
|
</state>
|
|
697
785
|
</provider>
|
|
698
786
|
</entry>
|
|
699
|
-
<entry file="file://$PROJECT_DIR$/
|
|
787
|
+
<entry file="file://$PROJECT_DIR$/Rakefile">
|
|
700
788
|
<provider selected="true" editor-type-id="text-editor">
|
|
701
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="
|
|
789
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="997">
|
|
702
790
|
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
|
|
703
791
|
<folding />
|
|
704
792
|
</state>
|
|
705
793
|
</provider>
|
|
706
794
|
</entry>
|
|
795
|
+
<entry file="file://$PROJECT_DIR$/logstash-filter-sphinx.gemspec">
|
|
796
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
797
|
+
<state vertical-scroll-proportion="0.669697" vertical-offset="0" max-vertical-offset="660">
|
|
798
|
+
<caret line="26" column="2" selection-start-line="26" selection-start-column="2" selection-end-line="26" selection-end-column="2" />
|
|
799
|
+
<folding />
|
|
800
|
+
</state>
|
|
801
|
+
</provider>
|
|
802
|
+
</entry>
|
|
707
803
|
</component>
|
|
708
804
|
</project>
|
data/Gemfile
CHANGED
|
@@ -403,6 +403,18 @@ class SphinxEventFilterFactory
|
|
|
403
403
|
|
|
404
404
|
end
|
|
405
405
|
|
|
406
|
+
class SphinxEventType
|
|
407
|
+
|
|
408
|
+
PROCESS_CREATION = 'ProcessCreation'
|
|
409
|
+
FILE_CREATION_TIME_CHANGE = 'FileCreationTimeChange'
|
|
410
|
+
NETWORK_CONNECTION = 'NetworkConnection'
|
|
411
|
+
SERVICE_STATE_CHANGE = 'ServiceStateChange'
|
|
412
|
+
PROCESS_TERMINATION = 'ProcessTermination'
|
|
413
|
+
DRIVER_LOAD = 'DriverLoad'
|
|
414
|
+
IMAGE_LOAD = 'ImageLoad'
|
|
415
|
+
REMOTE_THREAD_CREATION = 'RemoteThreadCreation'
|
|
416
|
+
|
|
417
|
+
end
|
|
406
418
|
|
|
407
419
|
|
|
408
420
|
class SphinxEventFilter
|
|
@@ -462,34 +474,52 @@ class SphinxWindowsSysmonEventFilter < SphinxWindowsEventFilter
|
|
|
462
474
|
|
|
463
475
|
# process creation
|
|
464
476
|
when 1
|
|
477
|
+
set_document_id(event)
|
|
478
|
+
set_document_type(event, SphinxEventType::PROCESS_CREATION)
|
|
465
479
|
add_process_name(event)
|
|
466
480
|
add_reputation_data(event)
|
|
467
481
|
|
|
482
|
+
|
|
468
483
|
# file creation
|
|
469
484
|
when 2
|
|
485
|
+
set_document_type(event, SphinxEventType::FILE_CREATION_TIME_CHANGE)
|
|
486
|
+
set_document_parent(event)
|
|
470
487
|
add_process_name(event)
|
|
471
488
|
add_target_file_name(event)
|
|
472
489
|
add_reputation_data(event)
|
|
473
490
|
|
|
474
491
|
# network conn
|
|
475
492
|
when 3
|
|
493
|
+
set_document_type(event, SphinxEventType::NETWORK_CONNECTION)
|
|
494
|
+
set_document_parent(event)
|
|
476
495
|
extend_ipaddress(event)
|
|
477
496
|
add_process_name(event)
|
|
478
497
|
|
|
498
|
+
# process termination
|
|
499
|
+
when 5
|
|
500
|
+
set_document_type(event, SphinxEventType::PROCESS_TERMINATION)
|
|
501
|
+
set_document_parent(event)
|
|
502
|
+
|
|
479
503
|
# driver load
|
|
480
504
|
when 6
|
|
505
|
+
set_document_type(event, SphinxEventType::DRIVER_LOAD)
|
|
506
|
+
set_document_parent(event)
|
|
481
507
|
add_file_name(event)
|
|
482
508
|
add_reputation_data(event)
|
|
483
509
|
|
|
484
510
|
|
|
485
511
|
# dll load
|
|
486
512
|
when 7
|
|
513
|
+
set_document_type(event, SphinxEventType::IMAGE_LOAD)
|
|
514
|
+
set_document_parent(event)
|
|
487
515
|
add_process_name(event)
|
|
488
516
|
add_file_name(event)
|
|
489
517
|
add_reputation_data(event)
|
|
490
518
|
|
|
491
519
|
# remote thread
|
|
492
520
|
when 8
|
|
521
|
+
set_document_type(event, SphinxEventType::REMOTE_THREAD_CREATION)
|
|
522
|
+
set_document_parent(event)
|
|
493
523
|
#TODO
|
|
494
524
|
|
|
495
525
|
end
|
|
@@ -498,6 +528,17 @@ class SphinxWindowsSysmonEventFilter < SphinxWindowsEventFilter
|
|
|
498
528
|
|
|
499
529
|
end
|
|
500
530
|
|
|
531
|
+
def set_document_id(event)
|
|
532
|
+
event['_id'] = event['ProcessGuid']
|
|
533
|
+
end
|
|
534
|
+
|
|
535
|
+
def set_document_type(event, type)
|
|
536
|
+
event['type'] = type
|
|
537
|
+
end
|
|
538
|
+
|
|
539
|
+
def set_document_parent(event)
|
|
540
|
+
event['parent'] = event['ProcessGuid']
|
|
541
|
+
end
|
|
501
542
|
|
|
502
543
|
def extend_ipaddress(event)
|
|
503
544
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
s.name = 'logstash-filter-sphinx'
|
|
3
|
-
s.version = '0.0.
|
|
3
|
+
s.version = '0.0.4'
|
|
4
4
|
s.licenses = ['Apache License (2.0)']
|
|
5
5
|
s.summary = "Sphinx filter for updating event logs"
|
|
6
6
|
s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -24,6 +24,5 @@ Gem::Specification.new do |s|
|
|
|
24
24
|
s.add_runtime_dependency 'ipaddress', '0.8.0'
|
|
25
25
|
s.add_runtime_dependency 'connection_pool', '2.2.0'
|
|
26
26
|
|
|
27
|
-
|
|
28
|
-
s.add_development_dependency 'logstash-devutils'
|
|
27
|
+
s.add_development_dependency 'logstash-devutils'
|
|
29
28
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-filter-sphinx
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Takehiro Takahashi
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-08-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -149,7 +149,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
149
149
|
version: '0'
|
|
150
150
|
requirements: []
|
|
151
151
|
rubyforge_project:
|
|
152
|
-
rubygems_version: 2.4.
|
|
152
|
+
rubygems_version: 2.4.5
|
|
153
153
|
signing_key:
|
|
154
154
|
specification_version: 4
|
|
155
155
|
summary: Sphinx filter for updating event logs
|