logstash_auditor 0.0.7 → 0.0.8
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/lib/logstash_auditor/auditor.rb +3 -3
- data/lib/logstash_auditor/version.rb +1 -1
- data/logstash_auditor.gemspec +1 -1
- data/sanity/Gemfile +1 -1
- data/sanity/sanity.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 882c1ca29fc2bc0bf9202abf6b31240d7e5fd90e
|
|
4
|
+
data.tar.gz: 3336daf8bfef8e22133f59f093b778b7f38fd801
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7f8e54b991ff0ce5a34460e1fd0ba4221712e2e6f3986fcd2b4771243adcabedad1a3ea6f50615b3221c838fb51f73a284bca831032b8b7f36a73b9db6cdde58
|
|
7
|
+
data.tar.gz: 0191741246b45a0b11f33ede43a0dea57d21870693d87ce1e43eddc7d6dbaf7c9e807c926e02e83ee3aa6e6cc626e59ff2e31a35ac23c0f8a680ff78b03b2ea1
|
data/README.md
CHANGED
|
@@ -57,7 +57,7 @@ Initialize and configure the auditor so:
|
|
|
57
57
|
@iut.configure(@logstash_configuration)
|
|
58
58
|
```
|
|
59
59
|
|
|
60
|
-
Audit using the API methods inherited from SoarAuditorApi::
|
|
60
|
+
Audit using the API methods inherited from SoarAuditorApi::AuditorAPI, e.g.:
|
|
61
61
|
|
|
62
62
|
```ruby
|
|
63
63
|
@iut.warn("#{flow_id}:This is a test event")
|
|
@@ -2,16 +2,16 @@ require "net/http"
|
|
|
2
2
|
require "soar_auditor_api"
|
|
3
3
|
|
|
4
4
|
module LogstashAuditor
|
|
5
|
-
class LogstashAuditor < SoarAuditorApi::
|
|
5
|
+
class LogstashAuditor < SoarAuditorApi::AuditorAPI
|
|
6
6
|
|
|
7
|
-
#inversion of control method required by the
|
|
7
|
+
#inversion of control method required by the AuditorAPI
|
|
8
8
|
def configuration_is_valid(configuration)
|
|
9
9
|
required_parameters = ["host_url", "username", "password"]
|
|
10
10
|
required_parameters.each { |parameter| return false unless configuration.include?(parameter) }
|
|
11
11
|
return true
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
-
#inversion of control method required by the
|
|
14
|
+
#inversion of control method required by the AuditorAPI
|
|
15
15
|
def audit(audit_data)
|
|
16
16
|
request = create_request(audit_data)
|
|
17
17
|
http = create_http_transport
|
data/logstash_auditor.gemspec
CHANGED
data/sanity/Gemfile
CHANGED
data/sanity/sanity.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash_auditor
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.8
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Barney de Villiers
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-05-
|
|
11
|
+
date: 2016-05-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -100,14 +100,14 @@ dependencies:
|
|
|
100
100
|
requirements:
|
|
101
101
|
- - "~>"
|
|
102
102
|
- !ruby/object:Gem::Version
|
|
103
|
-
version:
|
|
103
|
+
version: 0.0.4
|
|
104
104
|
type: :runtime
|
|
105
105
|
prerelease: false
|
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
107
|
requirements:
|
|
108
108
|
- - "~>"
|
|
109
109
|
- !ruby/object:Gem::Version
|
|
110
|
-
version:
|
|
110
|
+
version: 0.0.4
|
|
111
111
|
description: Logstash implementation of SOAR architecture auditing allowing easy publishing
|
|
112
112
|
of events to a centralized logstash collection engine
|
|
113
113
|
email:
|