logstash_auditor 0.0.2 → 0.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +25 -55
- data/lib/logstash_auditor/version.rb +1 -1
- data/sanity/Gemfile +1 -5
- data/sanity/sanity.rb +5 -7
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6f8dec6ba0d7de7778cc515f4e80f3d69a4a00b3
|
4
|
+
data.tar.gz: 2d65e403c26b261d8fc0f191764bc76ec46422f7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 65c93f8af9c1856a081a4f3464b3570d82004d57a727cb9975c27e5c37d69850d94610d92bf051759308c31721f7d783f76ae7d89994173612c038d1ec9a37a4
|
7
|
+
data.tar.gz: be829566efe2a0716662bf828c7449b9e5c482806e90f97b4215d8cc7f149d7a7d05a502e964f3e8b15174473f55d42c29c41b5a2c179822bee6af8616d71362
|
data/README.md
CHANGED
@@ -24,7 +24,7 @@ Or install it yourself as:
|
|
24
24
|
|
25
25
|
## Testing
|
26
26
|
|
27
|
-
Behavioural driven testing can be performed by testing against
|
27
|
+
Behavioural driven testing can be performed by testing against a local ELK docker image:
|
28
28
|
|
29
29
|
$ sudo docker run -d -v $(pwd)/spec/support/logstash_conf.d:/etc/logstash/conf.d -p 9300:9300 -p 9200:9200 -p 5000:5000 -p 5044:5044 -p 5601:5601 -p 8080:8080 sebp/elk
|
30
30
|
|
@@ -44,75 +44,45 @@ Debugging the docker image:
|
|
44
44
|
|
45
45
|
## Usage
|
46
46
|
|
47
|
-
|
48
|
-
#TODO complete this section
|
49
|
-
#TODO Extend the LogstashAuditor::AuditingProviderAPI to create an auditing provider:
|
50
|
-
|
51
|
-
```
|
52
|
-
class MyAuditingProvider < LogstashAuditor::AuditingProviderAPI
|
53
|
-
end
|
54
|
-
```
|
55
|
-
|
56
|
-
Provide the required inversion of control method to configure (an) injected auditor(s):
|
47
|
+
Initialize and configure the auditor so:
|
57
48
|
|
58
49
|
```
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
auditor = MyAuditor.new
|
68
|
-
auditor_configuration = { 'some' => 'configuration' }
|
69
|
-
@iut = MyAuditingProvider.new(auditor, auditor_configuration)
|
50
|
+
@iut = LogstashAuditor::LogstashAuditor.new
|
51
|
+
@logstash_configuration =
|
52
|
+
{ "host_url" => "http://localhost:8080",
|
53
|
+
"use_ssl" => false,
|
54
|
+
"username" => "something",
|
55
|
+
"password" => "something",
|
56
|
+
"timeout" => 3}
|
57
|
+
@iut.configure(@valid_logstash_configuration)
|
70
58
|
```
|
71
59
|
|
72
60
|
Audit using the API methods, e.g.:
|
73
61
|
|
74
62
|
```
|
75
|
-
@iut.
|
76
|
-
@iut.debug(some_debug_object)
|
77
|
-
@iut.warn("Statistics show that dropped packets have increased to #{dropped}%")
|
78
|
-
@iut.error("Could not resend some dropped packets. They have been lost. All is still OK, I could compensate")
|
79
|
-
@iut.fatal("Unable to perform action, too many dropped packets. Functional degradation.")
|
80
|
-
@iut << 'Rack::CommonLogger requires this'
|
81
|
-
```
|
82
|
-
|
83
|
-
The API also supports appending as below, enabling support, e.g. for Rack::CommonLogger, etc.:
|
84
|
-
|
85
|
-
```
|
86
|
-
<<
|
63
|
+
@iut.event(flow_id, "This is a test event")
|
87
64
|
```
|
88
65
|
|
89
66
|
## Detailed example
|
90
67
|
|
91
68
|
```
|
92
|
-
require 'log4r'
|
93
69
|
require 'logstash_auditor'
|
94
70
|
|
95
|
-
class Log4rAuditingProvider < LogstashAuditor::AuditingProviderAPI
|
96
|
-
def configure_auditor(configuration = nil)
|
97
|
-
@auditor.outputters = configuration['outputter']
|
98
|
-
end
|
99
|
-
end
|
100
|
-
|
101
71
|
class Main
|
102
|
-
include Log4r
|
103
|
-
|
104
72
|
def test_sanity
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
73
|
+
@iut = LogstashAuditor::LogstashAuditor.new
|
74
|
+
@valid_logstash_configuration =
|
75
|
+
{ "host_url" => "http://localhost:8080",
|
76
|
+
"use_ssl" => false,
|
77
|
+
"username" => "something",
|
78
|
+
"password" => "something",
|
79
|
+
"timeout" => 3}
|
80
|
+
@iut.configure(@valid_logstash_configuration)
|
81
|
+
|
82
|
+
require 'digest'
|
83
|
+
flow_id = Digest::SHA256.hexdigest("#{Time.now.to_i}#{rand(4000000)}")
|
84
|
+
|
85
|
+
@iut.event(flow_id, "This is a test event")
|
116
86
|
end
|
117
87
|
end
|
118
88
|
|
@@ -126,7 +96,7 @@ Bug reports and feature requests are welcome by email to barney dot de dot villi
|
|
126
96
|
|
127
97
|
## Notes
|
128
98
|
|
129
|
-
|
99
|
+
The interface for auditors is still not stable and therefore subject to change.
|
130
100
|
|
131
101
|
## License
|
132
102
|
|
data/sanity/Gemfile
CHANGED
data/sanity/sanity.rb
CHANGED
@@ -1,12 +1,6 @@
|
|
1
1
|
require 'logstash_auditor'
|
2
|
-
require 'digest'
|
3
|
-
|
4
2
|
|
5
3
|
class Main
|
6
|
-
def create_flow_id
|
7
|
-
return Digest::SHA256.hexdigest("#{Time.now.to_i}#{rand(4000000)}")
|
8
|
-
end
|
9
|
-
|
10
4
|
def test_sanity
|
11
5
|
@iut = LogstashAuditor::LogstashAuditor.new
|
12
6
|
@valid_logstash_configuration =
|
@@ -16,7 +10,11 @@ class Main
|
|
16
10
|
"password" => "something",
|
17
11
|
"timeout" => 3}
|
18
12
|
@iut.configure(@valid_logstash_configuration)
|
19
|
-
|
13
|
+
|
14
|
+
require 'digest'
|
15
|
+
flow_id = Digest::SHA256.hexdigest("#{Time.now.to_i}#{rand(4000000)}")
|
16
|
+
|
17
|
+
@iut.event(flow_id, "This is a test event")
|
20
18
|
end
|
21
19
|
end
|
22
20
|
|