logstash-input-syslog 3.5.0 → 3.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/docs/index.asciidoc +1 -1
- data/lib/logstash/inputs/syslog.rb +1 -1
- data/logstash-input-syslog.gemspec +4 -4
- data/spec/inputs/syslog_spec.rb +6 -5
- metadata +11 -12
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ef06714d6d1b2383646d6ec53550171592e1dbcd97e3e7b1e847edcceba41d4a
|
|
4
|
+
data.tar.gz: acd1005f0b2db5ad66ff95c7d74027ead6841d97b4805c05ed19225fa5af3cf5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ea924072e2e8904864649a6be3706523dca20a01c1c7aef441fea1c643f93e78dcb12d869ffb1f4d16ee2ebbdcdf4a396f45d6b3fc77909ad247941a849f9e6d
|
|
7
|
+
data.tar.gz: d3d658703fa56537a9818f65b92ddba37e8f56e760beda02698b1782c5f89eb9dc6c279c18a0611ecf653f3c9b07894549edf5b750855fc0f42500862f7d6f4a
|
data/CHANGELOG.md
CHANGED
data/docs/index.asciidoc
CHANGED
|
@@ -71,7 +71,7 @@ input plugins.
|
|
|
71
71
|
* Value type is <<string,string>>
|
|
72
72
|
* Supported values are:
|
|
73
73
|
** `disabled`: does not use ECS-compatible field names (for example, `priority` for syslog priority)
|
|
74
|
-
** `v1`: uses fields that are compatible with Elastic Common Schema (for example, `[log][syslog][priority]`)
|
|
74
|
+
** `v1`,`v8`: uses fields that are compatible with Elastic Common Schema (for example, `[log][syslog][priority]`)
|
|
75
75
|
* Default value depends on which version of Logstash is running:
|
|
76
76
|
** When Logstash provides a `pipeline.ecs_compatibility` setting, its value is used as the default
|
|
77
77
|
** Otherwise, the default value is `disabled`.
|
|
@@ -26,7 +26,7 @@ require "stud/interval"
|
|
|
26
26
|
# Note: This input will start listeners on both TCP and UDP.
|
|
27
27
|
#
|
|
28
28
|
class LogStash::Inputs::Syslog < LogStash::Inputs::Base
|
|
29
|
-
include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1)
|
|
29
|
+
include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1, :v8 => :v1)
|
|
30
30
|
|
|
31
31
|
config_name "syslog"
|
|
32
32
|
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
|
|
3
3
|
s.name = 'logstash-input-syslog'
|
|
4
|
-
s.version = '3.
|
|
4
|
+
s.version = '3.6.0'
|
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
|
6
6
|
s.summary = "Reads syslog messages as events"
|
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -21,16 +21,16 @@ Gem::Specification.new do |s|
|
|
|
21
21
|
|
|
22
22
|
# Gem dependencies
|
|
23
23
|
s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
|
|
24
|
-
s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~> 1.
|
|
24
|
+
s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~> 1.2'
|
|
25
25
|
|
|
26
26
|
s.add_runtime_dependency 'concurrent-ruby'
|
|
27
27
|
s.add_runtime_dependency 'stud', '>= 0.0.22', '< 0.1.0'
|
|
28
28
|
|
|
29
29
|
s.add_runtime_dependency 'logstash-codec-plain'
|
|
30
|
-
s.add_runtime_dependency 'logstash-filter-grok', '>= 4.4.
|
|
30
|
+
s.add_runtime_dependency 'logstash-filter-grok', '>= 4.4.1'
|
|
31
31
|
s.add_runtime_dependency 'logstash-filter-date'
|
|
32
32
|
|
|
33
|
-
s.add_development_dependency 'logstash-devutils'
|
|
33
|
+
s.add_development_dependency 'logstash-devutils', '~> 2.3'
|
|
34
34
|
s.add_development_dependency 'logstash-codec-cef'
|
|
35
35
|
end
|
|
36
36
|
|
data/spec/inputs/syslog_spec.rb
CHANGED
|
@@ -100,7 +100,7 @@ describe LogStash::Inputs::Syslog do
|
|
|
100
100
|
end
|
|
101
101
|
|
|
102
102
|
context 'tag', :ecs_compatibility_support do
|
|
103
|
-
ecs_compatibility_matrix(:disabled, :v1) do
|
|
103
|
+
ecs_compatibility_matrix(:disabled, :v1, :v8 => :v1) do
|
|
104
104
|
|
|
105
105
|
before(:each) do
|
|
106
106
|
allow_any_instance_of(described_class).to receive(:ecs_compatibility).and_return(ecs_compatibility)
|
|
@@ -172,7 +172,7 @@ describe LogStash::Inputs::Syslog do
|
|
|
172
172
|
|
|
173
173
|
expect( events.length ).to eql event_count
|
|
174
174
|
events.each do |event|
|
|
175
|
-
expect( event.get("@timestamp")
|
|
175
|
+
expect( event.get("@timestamp") ).to be_a_logstash_timestamp_equivalent_to("#{Time.now.year}-10-26T15:19:25Z")
|
|
176
176
|
end
|
|
177
177
|
end
|
|
178
178
|
|
|
@@ -196,8 +196,9 @@ describe LogStash::Inputs::Syslog do
|
|
|
196
196
|
queue.pop
|
|
197
197
|
end
|
|
198
198
|
|
|
199
|
-
# chances platform timezone is not UTC so
|
|
200
|
-
|
|
199
|
+
# chances platform timezone is not UTC, so parse without offset to create expectation
|
|
200
|
+
equivalent_time = Time.parse("#{Time.now.year}-10-26T15:19:25")
|
|
201
|
+
expect( event.get("@timestamp") ).to be_a_logstash_timestamp_equivalent_to(equivalent_time)
|
|
201
202
|
end
|
|
202
203
|
|
|
203
204
|
it "should support non UTC timezone" do
|
|
@@ -209,7 +210,7 @@ describe LogStash::Inputs::Syslog do
|
|
|
209
210
|
syslog_event = LogStash::Event.new({ "message" => "<164>Oct 26 15:19:25 1.2.3.4 %ASA-4-106023: Deny udp src DRAC:10.1.2.3/43434" })
|
|
210
211
|
input.syslog_relay(syslog_event)
|
|
211
212
|
|
|
212
|
-
expect( syslog_event.get("@timestamp")
|
|
213
|
+
expect( syslog_event.get("@timestamp") ).to be_a_logstash_timestamp_equivalent_to("#{Time.now.year}-10-26T20:19:25Z")
|
|
213
214
|
|
|
214
215
|
input.close
|
|
215
216
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-input-syslog
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-11-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -35,7 +35,7 @@ dependencies:
|
|
|
35
35
|
requirements:
|
|
36
36
|
- - "~>"
|
|
37
37
|
- !ruby/object:Gem::Version
|
|
38
|
-
version: '1.
|
|
38
|
+
version: '1.2'
|
|
39
39
|
name: logstash-mixin-ecs_compatibility_support
|
|
40
40
|
prerelease: false
|
|
41
41
|
type: :runtime
|
|
@@ -43,7 +43,7 @@ dependencies:
|
|
|
43
43
|
requirements:
|
|
44
44
|
- - "~>"
|
|
45
45
|
- !ruby/object:Gem::Version
|
|
46
|
-
version: '1.
|
|
46
|
+
version: '1.2'
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
|
48
48
|
requirement: !ruby/object:Gem::Requirement
|
|
49
49
|
requirements:
|
|
@@ -97,7 +97,7 @@ dependencies:
|
|
|
97
97
|
requirements:
|
|
98
98
|
- - ">="
|
|
99
99
|
- !ruby/object:Gem::Version
|
|
100
|
-
version: 4.4.
|
|
100
|
+
version: 4.4.1
|
|
101
101
|
name: logstash-filter-grok
|
|
102
102
|
prerelease: false
|
|
103
103
|
type: :runtime
|
|
@@ -105,7 +105,7 @@ dependencies:
|
|
|
105
105
|
requirements:
|
|
106
106
|
- - ">="
|
|
107
107
|
- !ruby/object:Gem::Version
|
|
108
|
-
version: 4.4.
|
|
108
|
+
version: 4.4.1
|
|
109
109
|
- !ruby/object:Gem::Dependency
|
|
110
110
|
requirement: !ruby/object:Gem::Requirement
|
|
111
111
|
requirements:
|
|
@@ -123,17 +123,17 @@ dependencies:
|
|
|
123
123
|
- !ruby/object:Gem::Dependency
|
|
124
124
|
requirement: !ruby/object:Gem::Requirement
|
|
125
125
|
requirements:
|
|
126
|
-
- - "
|
|
126
|
+
- - "~>"
|
|
127
127
|
- !ruby/object:Gem::Version
|
|
128
|
-
version: '
|
|
128
|
+
version: '2.3'
|
|
129
129
|
name: logstash-devutils
|
|
130
130
|
prerelease: false
|
|
131
131
|
type: :development
|
|
132
132
|
version_requirements: !ruby/object:Gem::Requirement
|
|
133
133
|
requirements:
|
|
134
|
-
- - "
|
|
134
|
+
- - "~>"
|
|
135
135
|
- !ruby/object:Gem::Version
|
|
136
|
-
version: '
|
|
136
|
+
version: '2.3'
|
|
137
137
|
- !ruby/object:Gem::Dependency
|
|
138
138
|
requirement: !ruby/object:Gem::Requirement
|
|
139
139
|
requirements:
|
|
@@ -187,8 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
187
187
|
- !ruby/object:Gem::Version
|
|
188
188
|
version: '0'
|
|
189
189
|
requirements: []
|
|
190
|
-
|
|
191
|
-
rubygems_version: 2.6.13
|
|
190
|
+
rubygems_version: 3.1.6
|
|
192
191
|
signing_key:
|
|
193
192
|
specification_version: 4
|
|
194
193
|
summary: Reads syslog messages as events
|