logstash-input-syslog 3.5.0 → 3.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/docs/index.asciidoc +1 -1
- data/lib/logstash/inputs/syslog.rb +1 -1
- data/logstash-input-syslog.gemspec +4 -4
- data/spec/inputs/syslog_spec.rb +6 -5
- metadata +11 -12
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ef06714d6d1b2383646d6ec53550171592e1dbcd97e3e7b1e847edcceba41d4a
|
4
|
+
data.tar.gz: acd1005f0b2db5ad66ff95c7d74027ead6841d97b4805c05ed19225fa5af3cf5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ea924072e2e8904864649a6be3706523dca20a01c1c7aef441fea1c643f93e78dcb12d869ffb1f4d16ee2ebbdcdf4a396f45d6b3fc77909ad247941a849f9e6d
|
7
|
+
data.tar.gz: d3d658703fa56537a9818f65b92ddba37e8f56e760beda02698b1782c5f89eb9dc6c279c18a0611ecf653f3c9b07894549edf5b750855fc0f42500862f7d6f4a
|
data/CHANGELOG.md
CHANGED
data/docs/index.asciidoc
CHANGED
@@ -71,7 +71,7 @@ input plugins.
|
|
71
71
|
* Value type is <<string,string>>
|
72
72
|
* Supported values are:
|
73
73
|
** `disabled`: does not use ECS-compatible field names (for example, `priority` for syslog priority)
|
74
|
-
** `v1`: uses fields that are compatible with Elastic Common Schema (for example, `[log][syslog][priority]`)
|
74
|
+
** `v1`,`v8`: uses fields that are compatible with Elastic Common Schema (for example, `[log][syslog][priority]`)
|
75
75
|
* Default value depends on which version of Logstash is running:
|
76
76
|
** When Logstash provides a `pipeline.ecs_compatibility` setting, its value is used as the default
|
77
77
|
** Otherwise, the default value is `disabled`.
|
@@ -26,7 +26,7 @@ require "stud/interval"
|
|
26
26
|
# Note: This input will start listeners on both TCP and UDP.
|
27
27
|
#
|
28
28
|
class LogStash::Inputs::Syslog < LogStash::Inputs::Base
|
29
|
-
include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1)
|
29
|
+
include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1, :v8 => :v1)
|
30
30
|
|
31
31
|
config_name "syslog"
|
32
32
|
|
@@ -1,7 +1,7 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
|
3
3
|
s.name = 'logstash-input-syslog'
|
4
|
-
s.version = '3.
|
4
|
+
s.version = '3.6.0'
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
6
6
|
s.summary = "Reads syslog messages as events"
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
@@ -21,16 +21,16 @@ Gem::Specification.new do |s|
|
|
21
21
|
|
22
22
|
# Gem dependencies
|
23
23
|
s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
|
24
|
-
s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~> 1.
|
24
|
+
s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~> 1.2'
|
25
25
|
|
26
26
|
s.add_runtime_dependency 'concurrent-ruby'
|
27
27
|
s.add_runtime_dependency 'stud', '>= 0.0.22', '< 0.1.0'
|
28
28
|
|
29
29
|
s.add_runtime_dependency 'logstash-codec-plain'
|
30
|
-
s.add_runtime_dependency 'logstash-filter-grok', '>= 4.4.
|
30
|
+
s.add_runtime_dependency 'logstash-filter-grok', '>= 4.4.1'
|
31
31
|
s.add_runtime_dependency 'logstash-filter-date'
|
32
32
|
|
33
|
-
s.add_development_dependency 'logstash-devutils'
|
33
|
+
s.add_development_dependency 'logstash-devutils', '~> 2.3'
|
34
34
|
s.add_development_dependency 'logstash-codec-cef'
|
35
35
|
end
|
36
36
|
|
data/spec/inputs/syslog_spec.rb
CHANGED
@@ -100,7 +100,7 @@ describe LogStash::Inputs::Syslog do
|
|
100
100
|
end
|
101
101
|
|
102
102
|
context 'tag', :ecs_compatibility_support do
|
103
|
-
ecs_compatibility_matrix(:disabled, :v1) do
|
103
|
+
ecs_compatibility_matrix(:disabled, :v1, :v8 => :v1) do
|
104
104
|
|
105
105
|
before(:each) do
|
106
106
|
allow_any_instance_of(described_class).to receive(:ecs_compatibility).and_return(ecs_compatibility)
|
@@ -172,7 +172,7 @@ describe LogStash::Inputs::Syslog do
|
|
172
172
|
|
173
173
|
expect( events.length ).to eql event_count
|
174
174
|
events.each do |event|
|
175
|
-
expect( event.get("@timestamp")
|
175
|
+
expect( event.get("@timestamp") ).to be_a_logstash_timestamp_equivalent_to("#{Time.now.year}-10-26T15:19:25Z")
|
176
176
|
end
|
177
177
|
end
|
178
178
|
|
@@ -196,8 +196,9 @@ describe LogStash::Inputs::Syslog do
|
|
196
196
|
queue.pop
|
197
197
|
end
|
198
198
|
|
199
|
-
# chances platform timezone is not UTC so
|
200
|
-
|
199
|
+
# chances platform timezone is not UTC, so parse without offset to create expectation
|
200
|
+
equivalent_time = Time.parse("#{Time.now.year}-10-26T15:19:25")
|
201
|
+
expect( event.get("@timestamp") ).to be_a_logstash_timestamp_equivalent_to(equivalent_time)
|
201
202
|
end
|
202
203
|
|
203
204
|
it "should support non UTC timezone" do
|
@@ -209,7 +210,7 @@ describe LogStash::Inputs::Syslog do
|
|
209
210
|
syslog_event = LogStash::Event.new({ "message" => "<164>Oct 26 15:19:25 1.2.3.4 %ASA-4-106023: Deny udp src DRAC:10.1.2.3/43434" })
|
210
211
|
input.syslog_relay(syslog_event)
|
211
212
|
|
212
|
-
expect( syslog_event.get("@timestamp")
|
213
|
+
expect( syslog_event.get("@timestamp") ).to be_a_logstash_timestamp_equivalent_to("#{Time.now.year}-10-26T20:19:25Z")
|
213
214
|
|
214
215
|
input.close
|
215
216
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-input-syslog
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.6.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-11-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -35,7 +35,7 @@ dependencies:
|
|
35
35
|
requirements:
|
36
36
|
- - "~>"
|
37
37
|
- !ruby/object:Gem::Version
|
38
|
-
version: '1.
|
38
|
+
version: '1.2'
|
39
39
|
name: logstash-mixin-ecs_compatibility_support
|
40
40
|
prerelease: false
|
41
41
|
type: :runtime
|
@@ -43,7 +43,7 @@ dependencies:
|
|
43
43
|
requirements:
|
44
44
|
- - "~>"
|
45
45
|
- !ruby/object:Gem::Version
|
46
|
-
version: '1.
|
46
|
+
version: '1.2'
|
47
47
|
- !ruby/object:Gem::Dependency
|
48
48
|
requirement: !ruby/object:Gem::Requirement
|
49
49
|
requirements:
|
@@ -97,7 +97,7 @@ dependencies:
|
|
97
97
|
requirements:
|
98
98
|
- - ">="
|
99
99
|
- !ruby/object:Gem::Version
|
100
|
-
version: 4.4.
|
100
|
+
version: 4.4.1
|
101
101
|
name: logstash-filter-grok
|
102
102
|
prerelease: false
|
103
103
|
type: :runtime
|
@@ -105,7 +105,7 @@ dependencies:
|
|
105
105
|
requirements:
|
106
106
|
- - ">="
|
107
107
|
- !ruby/object:Gem::Version
|
108
|
-
version: 4.4.
|
108
|
+
version: 4.4.1
|
109
109
|
- !ruby/object:Gem::Dependency
|
110
110
|
requirement: !ruby/object:Gem::Requirement
|
111
111
|
requirements:
|
@@ -123,17 +123,17 @@ dependencies:
|
|
123
123
|
- !ruby/object:Gem::Dependency
|
124
124
|
requirement: !ruby/object:Gem::Requirement
|
125
125
|
requirements:
|
126
|
-
- - "
|
126
|
+
- - "~>"
|
127
127
|
- !ruby/object:Gem::Version
|
128
|
-
version: '
|
128
|
+
version: '2.3'
|
129
129
|
name: logstash-devutils
|
130
130
|
prerelease: false
|
131
131
|
type: :development
|
132
132
|
version_requirements: !ruby/object:Gem::Requirement
|
133
133
|
requirements:
|
134
|
-
- - "
|
134
|
+
- - "~>"
|
135
135
|
- !ruby/object:Gem::Version
|
136
|
-
version: '
|
136
|
+
version: '2.3'
|
137
137
|
- !ruby/object:Gem::Dependency
|
138
138
|
requirement: !ruby/object:Gem::Requirement
|
139
139
|
requirements:
|
@@ -187,8 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
187
187
|
- !ruby/object:Gem::Version
|
188
188
|
version: '0'
|
189
189
|
requirements: []
|
190
|
-
|
191
|
-
rubygems_version: 2.6.13
|
190
|
+
rubygems_version: 3.1.6
|
192
191
|
signing_key:
|
193
192
|
specification_version: 4
|
194
193
|
summary: Reads syslog messages as events
|