fluent-plugin-port_to_service
Advanced tools
Fluentd filter plugin to map TCP/UDP ports to service names. Values are stored in a SQLite database for simplicity.
| fluent-plugin-port_to_service | fluentd | ruby | sqlite3 |
|---|---|---|---|
| > 0.0.9 | >= v0.14.0 | >= 2.1 | >= 1.3.7 |
Before use, install dependant libraries, namely sqlite3.
# for RHEL/CentOS
$ sudo yum groupinstall "Development Tools"
$ sudo yum install sqlite sqlite-devel
# for Ubuntu/Debian
$ sudo apt-get install build-essential
$ sudo apt-get install sqlite3 libsqlite3-dev
# for MacOS
$ brew install sqlite3
Use RubyGems to install sqlite3 first, then copy plugin over.
install with gem or td-agent provided command as:
# for fluentd
$ gem install sqlite3
# for td-agent
$ sudo fluent-gem install sqlite3
# for td-agent2
$ sudo td-agent-gem install sqlite3
<filter **>
@type port_to_service
# Required parameters
path /etc/td-agent/plugin/port_to_service.db
# Optional parameters
port_key port
protocol_key protocol
service_key service
</filter>
If the following record is passed in:
{"protocol": "tcp", "port": "22", "foo": "bar"}
The filtered record will be:
{"protocol": "tcp", "port": "22", "service": "ssh", "foo": "bar"}
The plugin requires a SQLite database to be built. The database just needs a
single table called services with 3 mandatory columns:
port - Integerprotocol - Textservice - TextYou can also add a primary key, id, but it's only required for posterity.
Example:
$ sqlite3 /etc/td-agent/plugin/port_to_service.db
sqlite> CREATE TABLE services(id INTEGER PRIMARY KEY, port INTEGER, protocol TEXT, service TEXT);
sqlite> INSERT INTO services(port, protocol, service) VALUES (22, 'tcp', 'ssh');
...
Alternatively, there is a script provided that parses /etc/services and
creates the required database with the services. This should be run from the
fluent-plugin-port_to_service directory and creates the the SQLite database
at lib/fluent/plugin/port_to_service.db. The SQL to create the database will
be in lib/fluent/plugin/port_to_service.sql.
$ pwd
/path/to/fluent-plugin-port_to_service
$ script/db-build.sh
Copyright(c) 2019- Chris Pedro
FAQs
Unknown package
We found that fluent-plugin-port_to_service demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Socket CTO Ahmad Nassri discusses why supply chain attacks now target developer machines and what AI means for the future of enterprise security.
Security News
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.
Security News
Experts push back on new claims about AI-driven ransomware, warning that hype and sponsored research are distorting how the threat is understood.