fluent-plugin-port_to_service

Release 0.1.3

Filter plugin to include TCP/UDP services.

Homepage Repository Rubygems Ruby Documentation Download

License
Unlicense
Install
gem install fluent-plugin-port_to_service -v 0.1.3

Documentation

Fluent::Plugin::PortToService

Build Status Gem Version

Overview

Fluentd filter plugin to map TCP/UDP ports to service names. Values are stored in a SQLite database for simplicity.

Requirements

fluent-plugin-port_to_service fluentd ruby sqlite3
> 0.0.9 >= v0.14.0 >= 2.1 >= 1.3.7

Dependency

Before use, install dependant libraries, namely sqlite3.

# for RHEL/CentOS
$ sudo yum groupinstall "Development Tools"
$ sudo yum install sqlite sqlite-devel

# for Ubuntu/Debian
$ sudo apt-get install build-essential
$ sudo apt-get install sqlite3 libsqlite3-dev

# for MacOS
$ brew install sqlite3

Installation

Use RubyGems to install sqlite3 first, then copy plugin over. install with gem or td-agent provided command as:

# for fluentd
$ gem install sqlite3

# for td-agent
$ sudo fluent-gem install sqlite3

# for td-agent2
$ sudo td-agent-gem install sqlite3

Configuration

<filter **>
  @type port_to_service

  # Required parameters
  path          /etc/td-agent/plugin/port_to_service.db

  # Optional parameters
  port_key      port
  protocol_key  protocol
  service_key   service
</filter>

If the following record is passed in:

{"protocol": "tcp", "port": "22", "foo": "bar"}

The filtered record will be:

{"protocol": "tcp", "port": "22", "service": "ssh", "foo": "bar"}

SQLite3 Database Setup

The plugin requires a SQLite database to be built. The database just needs a single table called services with 3 mandatory columns:

  • port - Integer
  • protocol - Text
  • service - Text

You can also add a primary key, id, but it's only required for posterity.

Example:

$ sqlite3 /etc/td-agent/plugin/port_to_service.db
sqlite> CREATE TABLE services(id INTEGER PRIMARY KEY, port INTEGER, protocol TEXT, service TEXT);
sqlite> INSERT INTO services(port, protocol, service) VALUES (22, 'tcp', 'ssh');
...

Alternatively, there is a script provided that parses /etc/services and creates the required database with the services. This should be run from the fluent-plugin-port_to_service directory and creates the the SQLite database at lib/fluent/plugin/port_to_service.db. The SQL to create the database will be in lib/fluent/plugin/port_to_service.sql.

$ pwd
/path/to/fluent-plugin-port_to_service
$ script/db-build.sh

Copyright

​ Copyright(c) 2019- Chris Pedro

License

The Unlicense

Stats

Dependencies
2
Dependent packages
0
Dependent repositories
0
Total releases
4
Latest release
First release
Stars
0
Forks
0
Watchers
0
Contributors
1
Repository size
63.5 KB
SourceRank
7

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.1.3
0.1.2
0.1.1
0.1.0

Maintainers

cpedro

Contributors

Chris Pedro


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2019-08-09 19:03:03 UTC

Login to resync this project