logstash-patterns-core 4.1.0 → 4.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 36d2a300d64eee6d5b7f294802ffe2e0bc63729e
-  data.tar.gz: f8244876e124251a382333a2b10cd35acaf2b720
+  metadata.gz: 4ac061365b77ea880d2c1d924a766cb6a272cd9e
+  data.tar.gz: 11f0271a12da9118a7e5096ec1fef1780a0f4ad5
 SHA512:
-  metadata.gz: 7aeea39d789b000f5d930ca9a7df02e4e9f7f205b16fe36c71d7f0244bd2bf891d424e5b564f466245af05e705767732ee660be8dea74a74a00fc085f1913083
-  data.tar.gz: f377108083d51399bca1ee25fafd4802c5085026e02d8caf762b89844a2b3c57f41267d93a8f4ac860ed3771a9da5a5a3a3c8893269ed502d2f11fa1c09871c1
+  metadata.gz: baefc4c4e0f10c2163a5e0b8d1744b61abd9ade09e0356f848515eca8941ff2c1816a0ac2d02367fde0b0ab3fddc2d43badd155ed97c4fb3d195a3bde99d1bdd
+  data.tar.gz: 610e906180d8656cc7c9ea73e00be59a15bd7798fc8c688df063d62ddd55cea5185df1572e150ee00bde2a93695d5bfb46ea17e9cb6d63a355a05dd4cd95183c

data/CONTRIBUTORS

@@ -36,6 +36,7 @@ Contributors:
 * Matthew Baxa (mbaxa)
 * MikeSchuette
 * Nick Padilla (NickPadilla)
+* Olaf van Zandwijk (olafz)
 * Oluf Lorenzen (Finkregh)
 * Paul Myjavec (pmyjavec)
 * Pete Fritchman (fetep)

data/logstash-patterns-core.gemspec

@@ -1,7 +1,7 @@
 Gem::Specification.new do |s|
 
   s.name            = 'logstash-patterns-core'
-  s.version         = '4.1.0'
+  s.version         = '4.1.1'
   s.licenses        = ['Apache License (2.0)']
   s.summary         = "Patterns to be used in logstash"
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

data/patterns/grok-patterns

@@ -37,7 +37,7 @@ PATH (?:%{UNIXPATH}|%{WINPATH})
 UNIXPATH (/([\w_%!$@:.,+~-]+|\\.)*)+
 TTY (?:/dev/(pts|tty([pq])?)(\w+)?/?(?:[0-9]+))
 WINPATH (?>[A-Za-z]+:|\\)(?:\\[^\\?*]*)+
-URIPROTO [A-Za-z]+(\+[A-Za-z+]+)?
+URIPROTO [A-Za-z]([A-Za-z0-9+\-.]+)+
 URIHOST %{IPORHOST}(?::%{POSINT:port})?
 # uripath comes loosely from RFC1738, but mostly from what Firefox
 # doesn't turn into %XX

data/patterns/httpd

@@ -7,9 +7,9 @@ HTTPD_COMBINEDLOG %{HTTPD_COMMONLOG} %{QS:referrer} %{QS:agent}
 
 # Error logs
 HTTPD20_ERRORLOG \[%{HTTPDERROR_DATE:timestamp}\] \[%{LOGLEVEL:loglevel}\] (?:\[client %{IPORHOST:clientip}\] ){0,1}%{GREEDYDATA:message}
-HTTPD24_ERRORLOG \[%{HTTPDERROR_DATE:timestamp}\] \[%{WORD:module}:%{LOGLEVEL:loglevel}\] \[pid %{POSINT:pid}:tid %{NUMBER:tid}\]( \(%{POSINT:proxy_errorcode}\)%{DATA:proxy_message}:)?( \[client %{IPORHOST:clientip}:%{POSINT:clientport}\])? %{DATA:errorcode}: %{GREEDYDATA:message}
+HTTPD24_ERRORLOG \[%{HTTPDERROR_DATE:timestamp}\] \[%{WORD:module}:%{LOGLEVEL:loglevel}\] \[pid %{POSINT:pid}(:tid %{NUMBER:tid})?\]( \(%{POSINT:proxy_errorcode}\)%{DATA:proxy_message}:)?( \[client %{IPORHOST:clientip}:%{POSINT:clientport}\])?( %{DATA:errorcode}:)? %{GREEDYDATA:message}
 HTTPD_ERRORLOG %{HTTPD20_ERRORLOG}|%{HTTPD24_ERRORLOG}
 
 # Deprecated
 COMMONAPACHELOG %{HTTPD_COMMONLOG}
-COMBINEDAPACHELOG %{HTTPD_COMBINEDLOG}
+COMBINEDAPACHELOG %{HTTPD_COMBINEDLOG}

data/spec/patterns/core_spec.rb

@@ -103,6 +103,26 @@ describe "UNIXPATH" do
   end
 end
 
+describe "URIPROTO" do
+  let(:pattern) { 'URIPROTO' }
+
+  context "http is a valid URIPROTO" do
+    let(:value) { 'http' }
+
+    it "should match" do
+      expect(grok_match(pattern,value)).to pass
+    end
+  end
+
+  context "android-app is a valid URIPROTO" do
+    let(:value) { 'android-app' }
+
+    it "should match" do
+      expect(grok_match(pattern,value)).to pass
+    end
+  end
+end
+
 describe "URIPATH" do
   let(:pattern) { 'URIPATH' }
 

data/spec/patterns/httpd_spec.rb

@@ -74,11 +74,11 @@ describe "HTTPD_ERRORLOG" do
   end
 
   context "HTTPD_ERRORLOG", "matches a short httpd 2.4 message" do
-    let(:value) {
+    let(:value1) {
       "[Mon Aug 31 07:15:38.664897 2015] [proxy_fcgi:error] [pid 28786:tid 140169629898496] [client 81.139.1.34:52042] AH01071: Got error 'Primary script unknown\n'"
     }
     it "generates the fields" do
-      expect(grok_match(subject, value)).to include(
+      expect(grok_match(subject, value1)).to include(
         'timestamp' => 'Mon Aug 31 07:15:38.664897 2015',
         'module' => 'proxy_fcgi',
         'loglevel' => 'error',
@@ -87,7 +87,22 @@ describe "HTTPD_ERRORLOG" do
         'clientip' => '81.139.1.34',
         'clientport' => '52042',
         'errorcode' => 'AH01071',
-        'message' => [ value, "Got error 'Primary script unknown\n'" ]
+        'message' => [ value1, "Got error 'Primary script unknown\n'" ]
+      )
+    end
+
+    let(:value2) {
+      "[Thu Apr 27 10:39:46.719636 2017] [php7:notice] [pid 17] [client 10.255.0.3:49580] Test error log record"
+    }
+	it "generates the fields" do
+      expect(grok_match(subject, value2)).to include(
+        'timestamp' => 'Thu Apr 27 10:39:46.719636 2017',
+        'module' => 'php7',
+        'loglevel' => 'notice',
+        'pid' => '17',
+        'clientip' => '10.255.0.3',
+        'clientport' => '49580',
+        'message' => [ value2, "Test error log record" ]
       )
     end
   end
@@ -124,4 +139,5 @@ describe "HTTPD_ERRORLOG" do
     end
   end
 
+  
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-patterns-core
 version: !ruby/object:Gem::Version
-  version: 4.1.0
+  version: 4.1.1
 platform: ruby
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-03-01 00:00:00.000000000 Z
+date: 2017-06-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement