logstash-filter-sphinx 0.0.3 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.idea/workspace.xml +134 -38
- data/Gemfile +3 -0
- data/lib/logstash/filters/sphinx.rb +41 -0
- data/logstash-filter-sphinx.gemspec +2 -3
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: da03cf7de02a34ce508dc237caf763ab39d156be
|
|
4
|
+
data.tar.gz: f57121f5f5834e153dab489d7262abd5e84da391
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c0e9dacc696b68735aa00a01cca7a802a6f6a0fc75daf02e82df8d60810d0280b7435fd8c8f2a3880c7d3efd7f9139131a705576867ac29f5cd77818791f8967
|
|
7
|
+
data.tar.gz: 19afd7f631107e3f847ac4d8480449dc5a92b180811deb6d8e894d10d3f33acac0cf25ba7bbcf2df4ae8b7250cda7124dfa33a7ac70ee3920cb29e094e1a7ddf
|
data/.idea/workspace.xml
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
<project version="4">
|
|
3
3
|
<component name="ChangeListManager">
|
|
4
4
|
<list default="true" id="30fe0730-fe49-472a-b4e0-49784c549ce1" name="Default" comment="">
|
|
5
|
+
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/Gemfile" afterPath="$PROJECT_DIR$/Gemfile" />
|
|
5
6
|
<change type="MODIFICATION" beforePath="$PROJECT_DIR$/logstash-filter-sphinx.gemspec" afterPath="$PROJECT_DIR$/logstash-filter-sphinx.gemspec" />
|
|
6
7
|
</list>
|
|
7
8
|
<ignored path="logstash-filter-sphinx.iws" />
|
|
@@ -33,28 +34,38 @@
|
|
|
33
34
|
<file leaf-file-name="Gemfile" pinned="false" current-in-tab="false">
|
|
34
35
|
<entry file="file://$PROJECT_DIR$/Gemfile">
|
|
35
36
|
<provider selected="true" editor-type-id="text-editor">
|
|
36
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="
|
|
37
|
-
<caret line="
|
|
37
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="374">
|
|
38
|
+
<caret line="7" column="0" selection-start-line="7" selection-start-column="0" selection-end-line="7" selection-end-column="0" />
|
|
38
39
|
<folding />
|
|
39
40
|
</state>
|
|
40
41
|
</provider>
|
|
41
42
|
</entry>
|
|
42
43
|
</file>
|
|
43
|
-
<file leaf-file-name="
|
|
44
|
+
<file leaf-file-name="Rakefile" pinned="false" current-in-tab="false">
|
|
45
|
+
<entry file="file://$PROJECT_DIR$/Rakefile">
|
|
46
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
47
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="119">
|
|
48
|
+
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
|
|
49
|
+
<folding />
|
|
50
|
+
</state>
|
|
51
|
+
</provider>
|
|
52
|
+
</entry>
|
|
53
|
+
</file>
|
|
54
|
+
<file leaf-file-name="logstash-filter-sphinx.gemspec" pinned="false" current-in-tab="true">
|
|
44
55
|
<entry file="file://$PROJECT_DIR$/logstash-filter-sphinx.gemspec">
|
|
45
56
|
<provider selected="true" editor-type-id="text-editor">
|
|
46
|
-
<state vertical-scroll-proportion="0.
|
|
47
|
-
<caret line="
|
|
57
|
+
<state vertical-scroll-proportion="0.669697" vertical-offset="0" max-vertical-offset="660">
|
|
58
|
+
<caret line="26" column="2" selection-start-line="26" selection-start-column="2" selection-end-line="26" selection-end-column="2" />
|
|
48
59
|
<folding />
|
|
49
60
|
</state>
|
|
50
61
|
</provider>
|
|
51
62
|
</entry>
|
|
52
63
|
</file>
|
|
53
|
-
<file leaf-file-name="README.md" pinned="false" current-in-tab="
|
|
64
|
+
<file leaf-file-name="README.md" pinned="false" current-in-tab="false">
|
|
54
65
|
<entry file="file://$PROJECT_DIR$/README.md">
|
|
55
66
|
<provider selected="true" editor-type-id="text-editor">
|
|
56
|
-
<state vertical-scroll-proportion="
|
|
57
|
-
<caret line="
|
|
67
|
+
<state vertical-scroll-proportion="-11.56" vertical-offset="340" max-vertical-offset="1547">
|
|
68
|
+
<caret line="37" column="3" selection-start-line="37" selection-start-column="3" selection-end-line="37" selection-end-column="3" />
|
|
58
69
|
<folding />
|
|
59
70
|
</state>
|
|
60
71
|
</provider>
|
|
@@ -93,8 +104,8 @@
|
|
|
93
104
|
<file leaf-file-name="sphinx.rb" pinned="false" current-in-tab="false">
|
|
94
105
|
<entry file="file://$PROJECT_DIR$/lib/logstash/filters/sphinx.rb">
|
|
95
106
|
<provider selected="true" editor-type-id="text-editor">
|
|
96
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="
|
|
97
|
-
<caret line="
|
|
107
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="8761" max-vertical-offset="13124">
|
|
108
|
+
<caret line="706" column="9" selection-start-line="706" selection-start-column="9" selection-end-line="706" selection-end-column="9" />
|
|
98
109
|
<folding />
|
|
99
110
|
</state>
|
|
100
111
|
</provider>
|
|
@@ -120,8 +131,8 @@
|
|
|
120
131
|
<list>
|
|
121
132
|
<option value="C:/logstash-1.5.0-rc3/lib/logstash/runner.rb" />
|
|
122
133
|
<option value="$PROJECT_DIR$/Gemfile.lock" />
|
|
123
|
-
<option value="$PROJECT_DIR$/Gemfile" />
|
|
124
134
|
<option value="$PROJECT_DIR$/lib/logstash/filters/sphinx.rb" />
|
|
135
|
+
<option value="$PROJECT_DIR$/Gemfile" />
|
|
125
136
|
<option value="$PROJECT_DIR$/logstash-filter-sphinx.gemspec" />
|
|
126
137
|
</list>
|
|
127
138
|
</option>
|
|
@@ -130,9 +141,10 @@
|
|
|
130
141
|
<detection-done>true</detection-done>
|
|
131
142
|
</component>
|
|
132
143
|
<component name="ProjectFrameBounds">
|
|
133
|
-
<option name="x" value="
|
|
134
|
-
<option name="
|
|
135
|
-
<option name="
|
|
144
|
+
<option name="x" value="-9" />
|
|
145
|
+
<option name="y" value="-9" />
|
|
146
|
+
<option name="width" value="1938" />
|
|
147
|
+
<option name="height" value="1170" />
|
|
136
148
|
</component>
|
|
137
149
|
<component name="ProjectLevelVcsManager" settingsEditedManually="false">
|
|
138
150
|
<OptionsSetting value="true" id="Add" />
|
|
@@ -329,7 +341,7 @@
|
|
|
329
341
|
<servers />
|
|
330
342
|
</component>
|
|
331
343
|
<component name="ToolWindowManager">
|
|
332
|
-
<frame x="
|
|
344
|
+
<frame x="-9" y="-9" width="1938" height="1170" extended-state="6" />
|
|
333
345
|
<editor active="true" />
|
|
334
346
|
<layout>
|
|
335
347
|
<window_info id="Changes" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.32959327" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
|
|
@@ -339,9 +351,9 @@
|
|
|
339
351
|
<window_info id="Structure" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.25" sideWeight="0.5" order="1" side_tool="false" content_ui="tabs" />
|
|
340
352
|
<window_info id="Application Servers" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
|
|
341
353
|
<window_info id="Remote Host" active="false" anchor="right" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
|
|
342
|
-
<window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" weight="0.
|
|
354
|
+
<window_info id="Project" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" weight="0.18477103" sideWeight="0.5" order="0" side_tool="false" content_ui="combo" />
|
|
343
355
|
<window_info id="Debug" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.2293666" sideWeight="0.5" order="3" side_tool="false" content_ui="tabs" />
|
|
344
|
-
<window_info id="Run" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="
|
|
356
|
+
<window_info id="Run" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="true" weight="0.3287805" sideWeight="0.5" order="2" side_tool="false" content_ui="tabs" />
|
|
345
357
|
<window_info id="Favorites" active="false" anchor="left" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="2" side_tool="true" content_ui="tabs" />
|
|
346
358
|
<window_info id="Event Log" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.33" sideWeight="0.5" order="7" side_tool="true" content_ui="tabs" />
|
|
347
359
|
<window_info id="Version Control" active="false" anchor="bottom" auto_hide="false" internal_type="DOCKED" type="DOCKED" visible="false" weight="0.32959327" sideWeight="0.5" order="7" side_tool="false" content_ui="tabs" />
|
|
@@ -386,6 +398,86 @@
|
|
|
386
398
|
</watches-manager>
|
|
387
399
|
</component>
|
|
388
400
|
<component name="editorHistoryManager">
|
|
401
|
+
<entry file="file://$PROJECT_DIR$/lib/logstash/filters/sphinx.rb">
|
|
402
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
403
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="12427">
|
|
404
|
+
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
|
|
405
|
+
<folding />
|
|
406
|
+
</state>
|
|
407
|
+
</provider>
|
|
408
|
+
</entry>
|
|
409
|
+
<entry file="file://C:/logstash-1.5.0-rc3/vendor/bundle/jruby/1.9/gems/ipaddress-0.8.0/lib/ipaddress.rb">
|
|
410
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
411
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="1373" max-vertical-offset="3536">
|
|
412
|
+
<caret line="132" column="3" selection-start-line="132" selection-start-column="3" selection-end-line="132" selection-end-column="3" />
|
|
413
|
+
<folding />
|
|
414
|
+
</state>
|
|
415
|
+
</provider>
|
|
416
|
+
</entry>
|
|
417
|
+
<entry file="file://$PROJECT_DIR$/Gemfile">
|
|
418
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
419
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="221" max-vertical-offset="323">
|
|
420
|
+
<caret line="13" column="0" selection-start-line="13" selection-start-column="0" selection-end-line="13" selection-end-column="0" />
|
|
421
|
+
<folding />
|
|
422
|
+
</state>
|
|
423
|
+
</provider>
|
|
424
|
+
</entry>
|
|
425
|
+
<entry file="file://$PROJECT_DIR$/logstash-filter-sphinx.gemspec">
|
|
426
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
427
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="204" max-vertical-offset="595">
|
|
428
|
+
<caret line="12" column="23" selection-start-line="12" selection-start-column="23" selection-end-line="12" selection-end-column="23" />
|
|
429
|
+
<folding />
|
|
430
|
+
</state>
|
|
431
|
+
</provider>
|
|
432
|
+
</entry>
|
|
433
|
+
<entry file="file://$PROJECT_DIR$/README.md">
|
|
434
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
435
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="340" max-vertical-offset="1547">
|
|
436
|
+
<caret line="20" column="0" selection-start-line="20" selection-start-column="0" selection-end-line="20" selection-end-column="0" />
|
|
437
|
+
<folding />
|
|
438
|
+
</state>
|
|
439
|
+
</provider>
|
|
440
|
+
</entry>
|
|
441
|
+
<entry file="file://C:/logstash-1.5.0-rc3/vendor/bundle/jruby/1.9/gems/cabin-0.7.1/lib/cabin/mixins/logger.rb">
|
|
442
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
443
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="414" max-vertical-offset="2244">
|
|
444
|
+
<caret line="45" column="0" selection-start-line="45" selection-start-column="0" selection-end-line="45" selection-end-column="0" />
|
|
445
|
+
<folding />
|
|
446
|
+
</state>
|
|
447
|
+
</provider>
|
|
448
|
+
</entry>
|
|
449
|
+
<entry file="file://C:/logstash-1.5.0-rc3/lib/logstash/environment.rb">
|
|
450
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
451
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="1989" max-vertical-offset="2261">
|
|
452
|
+
<caret line="117" column="0" selection-start-line="117" selection-start-column="0" selection-end-line="117" selection-end-column="0" />
|
|
453
|
+
<folding />
|
|
454
|
+
</state>
|
|
455
|
+
</provider>
|
|
456
|
+
</entry>
|
|
457
|
+
<entry file="file://C:/logstash-1.5.0-rc3/lib/logstash/runner.rb">
|
|
458
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
459
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="918" max-vertical-offset="3060">
|
|
460
|
+
<caret line="12" column="0" selection-start-line="12" selection-start-column="0" selection-end-line="12" selection-end-column="0" />
|
|
461
|
+
<folding />
|
|
462
|
+
</state>
|
|
463
|
+
</provider>
|
|
464
|
+
</entry>
|
|
465
|
+
<entry file="file://$PROJECT_DIR$/lib/logstash/filters/sphinx.rb">
|
|
466
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
467
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="12427">
|
|
468
|
+
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
|
|
469
|
+
<folding />
|
|
470
|
+
</state>
|
|
471
|
+
</provider>
|
|
472
|
+
</entry>
|
|
473
|
+
<entry file="file://C:/logstash-1.5.0-rc3/vendor/bundle/jruby/1.9/gems/ipaddress-0.8.0/lib/ipaddress.rb">
|
|
474
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
475
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="1373" max-vertical-offset="3536">
|
|
476
|
+
<caret line="132" column="3" selection-start-line="132" selection-start-column="3" selection-end-line="132" selection-end-column="3" />
|
|
477
|
+
<folding />
|
|
478
|
+
</state>
|
|
479
|
+
</provider>
|
|
480
|
+
</entry>
|
|
389
481
|
<entry file="file://$PROJECT_DIR$/Gemfile">
|
|
390
482
|
<provider selected="true" editor-type-id="text-editor">
|
|
391
483
|
<state vertical-scroll-proportion="0.0" vertical-offset="221" max-vertical-offset="323">
|
|
@@ -446,7 +538,6 @@
|
|
|
446
538
|
<provider selected="true" editor-type-id="text-editor">
|
|
447
539
|
<state vertical-scroll-proportion="0.0" vertical-offset="33860" max-vertical-offset="44880">
|
|
448
540
|
<caret line="2013" column="0" selection-start-line="2013" selection-start-column="0" selection-end-line="2013" selection-end-column="0" />
|
|
449
|
-
<folding />
|
|
450
541
|
</state>
|
|
451
542
|
</provider>
|
|
452
543
|
</entry>
|
|
@@ -510,7 +601,6 @@
|
|
|
510
601
|
<provider selected="true" editor-type-id="text-editor">
|
|
511
602
|
<state vertical-scroll-proportion="0.0" vertical-offset="33860" max-vertical-offset="44880">
|
|
512
603
|
<caret line="2013" column="0" selection-start-line="2013" selection-start-column="0" selection-end-line="2013" selection-end-column="0" />
|
|
513
|
-
<folding />
|
|
514
604
|
</state>
|
|
515
605
|
</provider>
|
|
516
606
|
</entry>
|
|
@@ -574,7 +664,6 @@
|
|
|
574
664
|
<provider selected="true" editor-type-id="text-editor">
|
|
575
665
|
<state vertical-scroll-proportion="0.0" vertical-offset="33860" max-vertical-offset="44880">
|
|
576
666
|
<caret line="2013" column="0" selection-start-line="2013" selection-start-column="0" selection-end-line="2013" selection-end-column="0" />
|
|
577
|
-
<folding />
|
|
578
667
|
</state>
|
|
579
668
|
</provider>
|
|
580
669
|
</entry>
|
|
@@ -632,14 +721,6 @@
|
|
|
632
721
|
</state>
|
|
633
722
|
</provider>
|
|
634
723
|
</entry>
|
|
635
|
-
<entry file="file://$PROJECT_DIR$/Gemfile">
|
|
636
|
-
<provider selected="true" editor-type-id="text-editor">
|
|
637
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="323">
|
|
638
|
-
<caret line="13" column="0" selection-start-line="13" selection-start-column="0" selection-end-line="13" selection-end-column="0" />
|
|
639
|
-
<folding />
|
|
640
|
-
</state>
|
|
641
|
-
</provider>
|
|
642
|
-
</entry>
|
|
643
724
|
<entry file="file://C:/logstash-1.5.0-rc3/vendor/bundle/jruby/1.9/gems/ipaddress-0.8.0/lib/ipaddress.rb">
|
|
644
725
|
<provider selected="true" editor-type-id="text-editor">
|
|
645
726
|
<state vertical-scroll-proportion="0.0" vertical-offset="1373" max-vertical-offset="3536">
|
|
@@ -672,37 +753,52 @@
|
|
|
672
753
|
</state>
|
|
673
754
|
</provider>
|
|
674
755
|
</entry>
|
|
756
|
+
<entry file="file://C:/logstash-1.5.0-rc3/vendor/bundle/jruby/1.9/gems/redis-3.2.1/lib/redis.rb">
|
|
757
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
758
|
+
<state vertical-scroll-proportion="0.35531497" vertical-offset="33860" max-vertical-offset="44880">
|
|
759
|
+
<caret line="2013" column="0" selection-start-line="2013" selection-start-column="0" selection-end-line="2013" selection-end-column="0" />
|
|
760
|
+
</state>
|
|
761
|
+
</provider>
|
|
762
|
+
</entry>
|
|
675
763
|
<entry file="file://$PROJECT_DIR$/lib/logstash/filters/sphinx.rb">
|
|
676
764
|
<provider selected="true" editor-type-id="text-editor">
|
|
677
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="
|
|
678
|
-
<caret line="
|
|
765
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="8761" max-vertical-offset="13124">
|
|
766
|
+
<caret line="706" column="9" selection-start-line="706" selection-start-column="9" selection-end-line="706" selection-end-column="9" />
|
|
679
767
|
<folding />
|
|
680
768
|
</state>
|
|
681
769
|
</provider>
|
|
682
770
|
</entry>
|
|
683
|
-
<entry file="file
|
|
771
|
+
<entry file="file://$PROJECT_DIR$/README.md">
|
|
684
772
|
<provider selected="true" editor-type-id="text-editor">
|
|
685
|
-
<state vertical-scroll-proportion="
|
|
686
|
-
<caret line="
|
|
773
|
+
<state vertical-scroll-proportion="-11.56" vertical-offset="340" max-vertical-offset="1547">
|
|
774
|
+
<caret line="37" column="3" selection-start-line="37" selection-start-column="3" selection-end-line="37" selection-end-column="3" />
|
|
687
775
|
<folding />
|
|
688
776
|
</state>
|
|
689
777
|
</provider>
|
|
690
778
|
</entry>
|
|
691
|
-
<entry file="file://$PROJECT_DIR$/
|
|
779
|
+
<entry file="file://$PROJECT_DIR$/Gemfile">
|
|
692
780
|
<provider selected="true" editor-type-id="text-editor">
|
|
693
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="
|
|
694
|
-
<caret line="
|
|
781
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="374">
|
|
782
|
+
<caret line="7" column="0" selection-start-line="7" selection-start-column="0" selection-end-line="7" selection-end-column="0" />
|
|
695
783
|
<folding />
|
|
696
784
|
</state>
|
|
697
785
|
</provider>
|
|
698
786
|
</entry>
|
|
699
|
-
<entry file="file://$PROJECT_DIR$/
|
|
787
|
+
<entry file="file://$PROJECT_DIR$/Rakefile">
|
|
700
788
|
<provider selected="true" editor-type-id="text-editor">
|
|
701
|
-
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="
|
|
789
|
+
<state vertical-scroll-proportion="0.0" vertical-offset="0" max-vertical-offset="997">
|
|
702
790
|
<caret line="0" column="0" selection-start-line="0" selection-start-column="0" selection-end-line="0" selection-end-column="0" />
|
|
703
791
|
<folding />
|
|
704
792
|
</state>
|
|
705
793
|
</provider>
|
|
706
794
|
</entry>
|
|
795
|
+
<entry file="file://$PROJECT_DIR$/logstash-filter-sphinx.gemspec">
|
|
796
|
+
<provider selected="true" editor-type-id="text-editor">
|
|
797
|
+
<state vertical-scroll-proportion="0.669697" vertical-offset="0" max-vertical-offset="660">
|
|
798
|
+
<caret line="26" column="2" selection-start-line="26" selection-start-column="2" selection-end-line="26" selection-end-column="2" />
|
|
799
|
+
<folding />
|
|
800
|
+
</state>
|
|
801
|
+
</provider>
|
|
802
|
+
</entry>
|
|
707
803
|
</component>
|
|
708
804
|
</project>
|
data/Gemfile
CHANGED
|
@@ -403,6 +403,18 @@ class SphinxEventFilterFactory
|
|
|
403
403
|
|
|
404
404
|
end
|
|
405
405
|
|
|
406
|
+
class SphinxEventType
|
|
407
|
+
|
|
408
|
+
PROCESS_CREATION = 'ProcessCreation'
|
|
409
|
+
FILE_CREATION_TIME_CHANGE = 'FileCreationTimeChange'
|
|
410
|
+
NETWORK_CONNECTION = 'NetworkConnection'
|
|
411
|
+
SERVICE_STATE_CHANGE = 'ServiceStateChange'
|
|
412
|
+
PROCESS_TERMINATION = 'ProcessTermination'
|
|
413
|
+
DRIVER_LOAD = 'DriverLoad'
|
|
414
|
+
IMAGE_LOAD = 'ImageLoad'
|
|
415
|
+
REMOTE_THREAD_CREATION = 'RemoteThreadCreation'
|
|
416
|
+
|
|
417
|
+
end
|
|
406
418
|
|
|
407
419
|
|
|
408
420
|
class SphinxEventFilter
|
|
@@ -462,34 +474,52 @@ class SphinxWindowsSysmonEventFilter < SphinxWindowsEventFilter
|
|
|
462
474
|
|
|
463
475
|
# process creation
|
|
464
476
|
when 1
|
|
477
|
+
set_document_id(event)
|
|
478
|
+
set_document_type(event, SphinxEventType::PROCESS_CREATION)
|
|
465
479
|
add_process_name(event)
|
|
466
480
|
add_reputation_data(event)
|
|
467
481
|
|
|
482
|
+
|
|
468
483
|
# file creation
|
|
469
484
|
when 2
|
|
485
|
+
set_document_type(event, SphinxEventType::FILE_CREATION_TIME_CHANGE)
|
|
486
|
+
set_document_parent(event)
|
|
470
487
|
add_process_name(event)
|
|
471
488
|
add_target_file_name(event)
|
|
472
489
|
add_reputation_data(event)
|
|
473
490
|
|
|
474
491
|
# network conn
|
|
475
492
|
when 3
|
|
493
|
+
set_document_type(event, SphinxEventType::NETWORK_CONNECTION)
|
|
494
|
+
set_document_parent(event)
|
|
476
495
|
extend_ipaddress(event)
|
|
477
496
|
add_process_name(event)
|
|
478
497
|
|
|
498
|
+
# process termination
|
|
499
|
+
when 5
|
|
500
|
+
set_document_type(event, SphinxEventType::PROCESS_TERMINATION)
|
|
501
|
+
set_document_parent(event)
|
|
502
|
+
|
|
479
503
|
# driver load
|
|
480
504
|
when 6
|
|
505
|
+
set_document_type(event, SphinxEventType::DRIVER_LOAD)
|
|
506
|
+
set_document_parent(event)
|
|
481
507
|
add_file_name(event)
|
|
482
508
|
add_reputation_data(event)
|
|
483
509
|
|
|
484
510
|
|
|
485
511
|
# dll load
|
|
486
512
|
when 7
|
|
513
|
+
set_document_type(event, SphinxEventType::IMAGE_LOAD)
|
|
514
|
+
set_document_parent(event)
|
|
487
515
|
add_process_name(event)
|
|
488
516
|
add_file_name(event)
|
|
489
517
|
add_reputation_data(event)
|
|
490
518
|
|
|
491
519
|
# remote thread
|
|
492
520
|
when 8
|
|
521
|
+
set_document_type(event, SphinxEventType::REMOTE_THREAD_CREATION)
|
|
522
|
+
set_document_parent(event)
|
|
493
523
|
#TODO
|
|
494
524
|
|
|
495
525
|
end
|
|
@@ -498,6 +528,17 @@ class SphinxWindowsSysmonEventFilter < SphinxWindowsEventFilter
|
|
|
498
528
|
|
|
499
529
|
end
|
|
500
530
|
|
|
531
|
+
def set_document_id(event)
|
|
532
|
+
event['_id'] = event['ProcessGuid']
|
|
533
|
+
end
|
|
534
|
+
|
|
535
|
+
def set_document_type(event, type)
|
|
536
|
+
event['type'] = type
|
|
537
|
+
end
|
|
538
|
+
|
|
539
|
+
def set_document_parent(event)
|
|
540
|
+
event['parent'] = event['ProcessGuid']
|
|
541
|
+
end
|
|
501
542
|
|
|
502
543
|
def extend_ipaddress(event)
|
|
503
544
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
s.name = 'logstash-filter-sphinx'
|
|
3
|
-
s.version = '0.0.
|
|
3
|
+
s.version = '0.0.4'
|
|
4
4
|
s.licenses = ['Apache License (2.0)']
|
|
5
5
|
s.summary = "Sphinx filter for updating event logs"
|
|
6
6
|
s.description = "This gem is a logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -24,6 +24,5 @@ Gem::Specification.new do |s|
|
|
|
24
24
|
s.add_runtime_dependency 'ipaddress', '0.8.0'
|
|
25
25
|
s.add_runtime_dependency 'connection_pool', '2.2.0'
|
|
26
26
|
|
|
27
|
-
|
|
28
|
-
s.add_development_dependency 'logstash-devutils'
|
|
27
|
+
s.add_development_dependency 'logstash-devutils'
|
|
29
28
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-filter-sphinx
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Takehiro Takahashi
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-08-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -149,7 +149,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
149
149
|
version: '0'
|
|
150
150
|
requirements: []
|
|
151
151
|
rubyforge_project:
|
|
152
|
-
rubygems_version: 2.4.
|
|
152
|
+
rubygems_version: 2.4.5
|
|
153
153
|
signing_key:
|
|
154
154
|
specification_version: 4
|
|
155
155
|
summary: Sphinx filter for updating event logs
|