Sha256: 0a19812895c017485e94764e6f209844a8f5e475e5a1129d2076f6c27997764d
Contents?: true
Size: 981 Bytes
Versions: 4
Compression:
Stored size: 981 Bytes
Contents
# {
# "scan": {
# "field": "",
# "pattern": "",
# "target": ""
# }
# }
module Anschel
class Filter
def scan conf, log
field = conf.delete :field
pattern = Regexp.new conf.delete(:pattern)
target = conf.delete :target
raise 'Missing required "field" for "scan" filter' if field.nil?
raise 'Missing required "pattern" for "scan" filter' if pattern.nil?
raise 'Missing required "target" for "convert" filter' if target.nil?
field = field.to_sym
target = target.to_sym
log.trace event: 'filter-compiled', kind: 'scan', \
field: field, pattern: pattern, target: target
lambda do |event|
return event unless event.has_key? field
results = event[field].scan(pattern).flatten.uniq
if results.empty?
event
else
event[target] ||= []
event[target] += results
filtered event, conf
end
end
end
end
end
Version data entries
4 entries across 4 versions & 1 rubygems
| Version | Path |
|---|---|
| anschel-0.6.5 | lib/anschel/filter/scan.rb |
| anschel-0.6.4 | lib/anschel/filter/scan.rb |
| anschel-0.6.3 | lib/anschel/filter/scan.rb |
| anschel-0.6.2 | lib/anschel/filter/scan.rb |