Added graylog-plugin-function-xmllookupfunction

graylog-plugin-function-xmllookupfunction/.mvn/jvm.config

@@ -0,0 +1,10 @@
+--add-exports jdk.compiler/com.sun.tools.javac.api=ALL-UNNAMED
+--add-exports jdk.compiler/com.sun.tools.javac.file=ALL-UNNAMED
+--add-exports jdk.compiler/com.sun.tools.javac.main=ALL-UNNAMED
+--add-exports jdk.compiler/com.sun.tools.javac.model=ALL-UNNAMED
+--add-exports jdk.compiler/com.sun.tools.javac.parser=ALL-UNNAMED
+--add-exports jdk.compiler/com.sun.tools.javac.processing=ALL-UNNAMED
+--add-exports jdk.compiler/com.sun.tools.javac.tree=ALL-UNNAMED
+--add-exports jdk.compiler/com.sun.tools.javac.util=ALL-UNNAMED
+--add-opens jdk.compiler/com.sun.tools.javac.code=ALL-UNNAMED
+--add-opens jdk.compiler/com.sun.tools.javac.comp=ALL-UNNAMED

graylog-plugin-function-xmllookupfunction/GETTING-STARTED.md

@@ -0,0 +1,8 @@
+Getting started with your new Graylog plugin
+============================================
+
+Welcome to your new Graylog plugin!
+
+Please refer to https://docs.graylog.org/docs/plugins for documentation on how to write
+plugins for Graylog.
+

graylog-plugin-function-xmllookupfunction/README.md

@@ -0,0 +1,56 @@
+# XmlLookupFunction Plugin for Graylog
+
+__Use this paragraph to enter a description of your plugin.__
+
+**Required Graylog version:** 2.0 and later
+
+Installation
+------------
+
+[Download the plugin](https://github.com/vshulkin/graylog-plugin-function-xmllookupfunction/releases)
+and place the `.jar` file in your Graylog plugin directory. The plugin directory
+is the `plugins/` folder relative from your `graylog-server` directory by default
+and can be configured in your `graylog.conf` file.
+
+Restart `graylog-server` and you are done.
+
+Development
+-----------
+
+You can improve your development experience for the web interface part of your plugin
+dramatically by making use of hot reloading. To do this, do the following:
+
+* `git clone https://github.com/Graylog2/graylog2-server.git`
+* `cd graylog2-server/graylog2-web-interface`
+* `ln -s $YOURPLUGIN plugin/`
+* `npm install && npm start`
+
+Usage
+-----
+
+__Use this paragraph to document the usage of your plugin__
+
+
+Getting started
+---------------
+
+This project is using Maven 3 and requires Java 8 or higher.
+
+* Clone this repository.
+* Run `mvn package` to build a JAR file.
+* Optional: Run `mvn jdeb:jdeb` and `mvn rpm:rpm` to create a DEB and RPM package respectively.
+* Copy generated JAR file in target directory to your Graylog plugin directory.
+* Restart the Graylog.
+
+Plugin Release
+--------------
+
+We are using the maven release plugin:
+
+```
+$ mvn release:prepare
+[...]
+$ mvn release:perform
+```
+
+This sets the version numbers, creates a tag and pushes to GitHub.

graylog-plugin-function-xmllookupfunction/build.config.js

@@ -0,0 +1,6 @@
+const path = require('path');
+
+module.exports = {
+  // Make sure that this is the correct path to the web interface part of the Graylog server repository.
+  web_src_path: path.resolve(__dirname, '../graylog2-server', 'graylog2-web-interface'),
+};

graylog-plugin-function-xmllookupfunction/package.json

@@ -0,0 +1,28 @@
+{
+  "name": "XmlLookupFunction",
+  "version": "1.0.0-SNAPSHOT",
+  "description": "",
+  "repository": {
+    "type": "git",
+    "url": "vshulkin/graylog-plugin-function-xmllookupfunction"
+  },
+  "scripts": {
+    "build": "webpack",
+    "lint": "eslint src",
+    "lint:path": "eslint",
+    "test": "jest"
+  },
+  "keywords": [
+    "graylog"
+  ],
+  "author": "John Doe <you@example.org>",
+  "license": "MIT",
+  "eslintConfig": {
+    "extends": "graylog"
+  },
+  "dependencies": {
+  },
+  "devDependencies": {
+    "graylog-web-plugin": "file:../graylog2-server/graylog2-web-interface/packages/graylog-web-plugin"
+  }
+}

graylog-plugin-function-xmllookupfunction/pom.xml

@@ -0,0 +1,248 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright (C) 2020 Graylog, Inc.
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the Server Side Public License, version 1,
+    as published by MongoDB, Inc.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+    Server Side Public License for more details.
+
+    You should have received a copy of the Server Side Public License
+    along with this program. If not, see
+    <http://www.mongodb.com/licensing/server-side-public-license>.
+
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>org.graylog.plugins</groupId>
+        <artifactId>graylog-plugin-parent</artifactId>
+        <version>5.1.5</version>
+    </parent>
+
+    <groupId>org.graylog.plugins</groupId>
+    <artifactId>graylog-plugin-function-xmllookupfunction</artifactId>
+    <version>1.0.0-SNAPSHOT</version>
+    <packaging>jar</packaging>
+
+    <name>${project.artifactId}</name>
+    <description>Graylog ${project.artifactId} plugin.</description>
+    <url>https://www.graylog.org</url>
+
+    <developers>
+        <developer>
+            <name>John Doe</name>
+            <email>you@example.org</email>
+        </developer>
+    </developers>
+
+    <scm>
+        <connection>scm:git:git@github.com:vshulkin/graylog-plugin-function-xmllookupfunction.git</connection>
+        <developerConnection>scm:git:git@github.com:vshulkin/graylog-plugin-function-xmllookupfunction.git</developerConnection>
+        <url>https://github.com/vshulkin/graylog-plugin-function-xmllookupfunction</url>
+        <tag>HEAD</tag>
+    </scm>
+
+    <properties>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <maven.compiler.source>17</maven.compiler.source>
+        <maven.compiler.target>17</maven.compiler.target>
+
+        <!-- Plugins will not be deployed by default - set to `false` if you actually want to deploy it -->
+        <maven.deploy.skip>true</maven.deploy.skip>
+
+        <graylog.version>${project.parent.version}</graylog.version>
+        <graylog.plugin-dir>/usr/share/graylog-server/plugin</graylog.plugin-dir>
+    </properties>
+
+    <distributionManagement>
+        <snapshotRepository>
+            <id>sonatype-nexus-snapshots</id>
+            <name>Sonatype Nexus Snapshots</name>
+            <url>https://oss.sonatype.org/content/repositories/snapshots</url>
+        </snapshotRepository>
+        <repository>
+            <id>sonatype-nexus-staging</id>
+            <name>Nexus Release Repository</name>
+            <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
+        </repository>
+    </distributionManagement>
+
+    <repositories>
+        <!-- to make our snapshot releases work with CI platforms -->
+        <repository>
+            <id>sonatype-nexus-snapshots</id>
+            <name>Sonatype Nexus Snapshots</name>
+            <url>https://oss.sonatype.org/content/repositories/snapshots</url>
+            <releases>
+                <enabled>false</enabled>
+            </releases>
+            <snapshots>
+                <enabled>true</enabled>
+            </snapshots>
+        </repository>
+        <repository>
+            <id>sonatype-nexus-releases</id>
+            <name>Sonatype Nexus Releases</name>
+            <url>https://oss.sonatype.org/content/repositories/releases</url>
+            <releases>
+                <enabled>true</enabled>
+            </releases>
+            <snapshots>
+                <enabled>false</enabled>
+            </snapshots>
+        </repository>
+    </repositories>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.graylog2</groupId>
+            <artifactId>graylog2-server</artifactId>
+            <version>${graylog.version}</version>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.graylog.plugins</groupId>
+            <artifactId>graylog-plugin-pipeline-processor</artifactId>
+            <version>2.5.2</version>
+            <scope>provided</scope>
+        </dependency>
+        <!-- Include source from test-jar to reuse test classes. -->
+        <dependency>
+            <groupId>org.graylog2</groupId>
+            <artifactId>graylog2-server</artifactId>
+            <version>${graylog.version}</version>
+            <type>test-jar</type>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <resources>
+            <resource><directory>${web.build-dir}</directory></resource>
+            <resource>
+              <directory>src/main/resources</directory>
+              <filtering>true</filtering>
+            </resource>
+        </resources>
+        <plugins>
+            <plugin>
+                <artifactId>maven-assembly-plugin</artifactId>
+                <configuration>
+                    <skipAssembly>true</skipAssembly>
+                </configuration>
+            </plugin>
+
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-jar-plugin</artifactId>
+                <version>2.6</version>
+                <configuration>
+                    <archive>
+                        <manifestEntries>
+                            <Graylog-Plugin-Properties-Path>${project.groupId}.${project.artifactId}</Graylog-Plugin-Properties-Path>
+                        </manifestEntries>
+                    </archive>
+                </configuration>
+            </plugin>
+
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-shade-plugin</artifactId>
+                <version>2.4.1</version>
+                <configuration>
+                    <minimizeJar>false</minimizeJar>
+                </configuration>
+                <executions>
+                    <execution>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>shade</goal>
+                        </goals>
+                        <configuration>
+                            <transformers>
+                                <transformer implementation="org.apache.maven.plugins.shade.resource.ServicesResourceTransformer"/>
+                            </transformers>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-release-plugin</artifactId>
+                <version>2.5.2</version>
+                <configuration>
+                    <autoVersionSubmodules>true</autoVersionSubmodules>
+                    <mavenExecutorId>forked-path</mavenExecutorId>
+                    <tagNameFormat>@{project.version}</tagNameFormat>
+                    <preparationGoals>clean test</preparationGoals>
+                    <goals>package</goals>
+                </configuration>
+            </plugin>
+
+            <plugin>
+                <artifactId>jdeb</artifactId>
+                <groupId>org.vafer</groupId>
+                <version>1.4</version>
+                <configuration>
+                    <deb>${project.build.directory}/${project.artifactId}-${project.version}.deb</deb>
+                    <dataSet>
+                        <data>
+                            <src>${project.build.directory}/${project.build.finalName}.jar</src>
+                            <type>file</type>
+                            <mapper>
+                                <type>perm</type>
+                                <prefix>${graylog.plugin-dir}</prefix>
+                                <filemode>644</filemode>
+                                <user>root</user>
+                                <group>root</group>
+                            </mapper>
+                        </data>
+                    </dataSet>
+                </configuration>
+            </plugin>
+
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>rpm-maven-plugin</artifactId>
+                <version>2.1.4</version>
+                <configuration>
+                    <group>Application/Internet</group>
+                    <prefixes>
+                        <prefix>/usr</prefix>
+                    </prefixes>
+                    <defineStatements>
+                        <defineStatement>_unpackaged_files_terminate_build 0</defineStatement>
+                        <defineStatement>_binaries_in_noarch_packages_terminate_build 0</defineStatement>
+                    </defineStatements>
+                    <defaultFilemode>644</defaultFilemode>
+                    <defaultDirmode>755</defaultDirmode>
+                    <defaultUsername>root</defaultUsername>
+                    <defaultGroupname>root</defaultGroupname>
+                    <mappings>
+                        <mapping>
+                            <directory>${graylog.plugin-dir}</directory>
+                            <sources>
+                                <source>
+                                    <location>${project.build.directory}/</location>
+                                    <includes>
+                                        <include>${project.build.finalName}.jar</include>
+                                    </includes>
+                                </source>
+                            </sources>
+                        </mapping>
+                    </mappings>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+</project>

graylog-plugin-function-xmllookupfunction/src/deb/control/control

@@ -0,0 +1,8 @@
+Package: [[name]]
+Version: [[version]]
+Architecture: all
+Maintainer: John Doe <you@example.org>
+Section: web
+Priority: optional
+Depends: graylog-server | graylog-radio
+Description: [[description]]

graylog-plugin-function-xmllookupfunction/src/main/java/org/graylog/plugins/custom/XmlLookupFunction.java

@@ -0,0 +1,102 @@
+/*
+ * Copyright (C) 2020 Graylog, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the Server Side Public License, version 1,
+ * as published by MongoDB, Inc.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * Server Side Public License for more details.
+ *
+ * You should have received a copy of the Server Side Public License
+ * along with this program. If not, see
+ * <http://www.mongodb.com/licensing/server-side-public-license>.
+ */
+
+package org.graylog.plugins.custom;
+
+import com.google.common.collect.ImmutableList;
+import org.graylog.plugins.pipelineprocessor.EvaluationContext;
+import org.graylog.plugins.pipelineprocessor.ast.expressions.Expression;
+import org.graylog.plugins.pipelineprocessor.ast.functions.AbstractFunction;
+import org.graylog.plugins.pipelineprocessor.ast.functions.Function;
+import org.graylog.plugins.pipelineprocessor.ast.functions.FunctionArgs;
+import org.graylog.plugins.pipelineprocessor.ast.functions.FunctionDescriptor;
+import org.graylog.plugins.pipelineprocessor.ast.functions.ParameterDescriptor;
+import org.w3c.dom.*;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.xml.parsers.DocumentBuilderFactory;
+import java.io.ByteArrayInputStream;
+import java.nio.charset.StandardCharsets;
+import java.util.List;
+
+public class XmlLookupFunction extends AbstractFunction<String> {
+    private static final Logger LOG = LoggerFactory.getLogger(XmlLookupFunction.class);
+    public static final String NAME = "xml_lookup";
+
+    private final ParameterDescriptor<String, String> input =
+            ParameterDescriptor.string("input").description("XML input string").build();
+    private final ParameterDescriptor<String, String> query =
+            ParameterDescriptor.string("query").description("Tag name or tag@attribute").build();
+
+    @Override
+    public FunctionDescriptor<String> descriptor() {
+        return FunctionDescriptor.<String>builder()
+                .name(NAME)
+                .description("Extracts value from XML input using tag name or tag@attribute")
+                .params(ImmutableList.of(input, query))
+                .returnType(String.class)
+                .build();
+    }
+
+    @Override
+    public String evaluate(FunctionArgs args, EvaluationContext context) {
+        final String xmlInput = input.required(args, context);
+        final String lookup = query.required(args, context);
+
+        try {
+            DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+            factory.setNamespaceAware(true);
+            Document doc = factory.newDocumentBuilder().parse(
+                    new ByteArrayInputStream(xmlInput.getBytes(StandardCharsets.UTF_8)));
+
+            if (lookup.contains("@")) {
+                String[] parts = lookup.split("@", 2);
+                return getAttribute(doc, parts[0], parts[1]);
+            } else {
+                return getTagValue(doc, lookup);
+            }
+        } catch (Exception e) {
+            LOG.error("Failed to evaluate xml_lookup: {}", e.getMessage(), e);
+            return null;
+        }
+    }
+
+    private String getTagValue(Document doc, String tagName) {
+        NodeList nodes = doc.getElementsByTagNameNS("*", tagName);
+        if (nodes.getLength() > 0) {
+            return nodes.item(0).getTextContent().trim();
+        }
+        return null;
+    }
+
+    private String getAttribute(Document doc, String tagName, String attrName) {
+        NodeList nodes = doc.getElementsByTagNameNS("*", tagName);
+        for (int i = 0; i < nodes.getLength(); i++) {
+            NamedNodeMap attrs = nodes.item(i).getAttributes();
+            if (attrs != null) {
+                Node attr = attrs.getNamedItem(attrName);
+                if (attr != null) {
+                    return attr.getTextContent();
+                }
+            }
+        }
+        return null;
+    }
+}
+
+

graylog-plugin-function-xmllookupfunction/src/main/java/org/graylog/plugins/custom/XmlLookupFunctionMetaData.java

@@ -0,0 +1,73 @@
+/*
+ * Copyright (C) 2020 Graylog, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the Server Side Public License, version 1,
+ * as published by MongoDB, Inc.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * Server Side Public License for more details.
+ *
+ * You should have received a copy of the Server Side Public License
+ * along with this program. If not, see
+ * <http://www.mongodb.com/licensing/server-side-public-license>.
+ */
+package org.graylog.plugins.custom;
+
+import org.graylog2.plugin.PluginMetaData;
+import org.graylog2.plugin.ServerStatus;
+import org.graylog2.plugin.Version;
+
+import java.net.URI;
+import java.util.Collections;
+import java.util.Set;
+
+/**
+ * Implement the PluginMetaData interface here.
+ */
+public class XmlLookupFunctionMetaData implements PluginMetaData {
+    private static final String PLUGIN_PROPERTIES = "org.graylog.plugins.graylog-plugin-function-xmllookupfunction/graylog-plugin.properties";
+
+    @Override
+    public String getUniqueId() {
+        return "org.graylog.plugins.custom.XmlLookupFunctionPlugin";
+    }
+
+    @Override
+    public String getName() {
+        return "XmlLookupFunction";
+    }
+
+    @Override
+    public String getAuthor() {
+        return "John Doe <you@example.org>";
+    }
+
+    @Override
+    public URI getURL() {
+        return URI.create("https://github.com/vshulkin/graylog-plugin-function-xmllookupfunction");
+    }
+
+    @Override
+    public Version getVersion() {
+        return Version.fromPluginProperties(getClass(), PLUGIN_PROPERTIES, "version", Version.from(0, 0, 0, "unknown"));
+    }
+
+    @Override
+    public String getDescription() {
+        // TODO Insert correct plugin description
+        return "Description of XmlLookupFunction plugin";
+    }
+
+    @Override
+    public Version getRequiredVersion() {
+        return Version.fromPluginProperties(getClass(), PLUGIN_PROPERTIES, "graylog.version", Version.from(0, 0, 0, "unknown"));
+    }
+
+    @Override
+    public Set<ServerStatus.Capability> getRequiredCapabilities() {
+        return Collections.emptySet();
+    }
+}

graylog-plugin-function-xmllookupfunction/src/main/java/org/graylog/plugins/custom/XmlLookupFunctionModule.java

@@ -0,0 +1,61 @@
+/*
+ * Copyright (C) 2020 Graylog, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the Server Side Public License, version 1,
+ * as published by MongoDB, Inc.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * Server Side Public License for more details.
+ *
+ * You should have received a copy of the Server Side Public License
+ * along with this program. If not, see
+ * <http://www.mongodb.com/licensing/server-side-public-license>.
+ */
+
+package org.graylog.plugins.custom;
+
+import com.google.inject.Binder;
+import com.google.inject.TypeLiteral;
+import com.google.inject.multibindings.MapBinder;
+import org.graylog.plugins.pipelineprocessor.ast.functions.Function;
+import org.graylog2.plugin.PluginConfigBean;
+import org.graylog2.plugin.PluginModule;
+
+
+
+import java.util.Collections;
+import java.util.Set;
+
+/**
+ * Extend the PluginModule abstract class here to add you plugin to the system.
+ */
+public class XmlLookupFunctionModule extends PluginModule {
+    /**
+     * Returns all configuration beans required by this plugin.
+     *
+     * Implementing this method is optional. The default method returns an empty {@link Set}.
+     */
+    @Override
+    public Set<? extends PluginConfigBean> getConfigBeans() {
+        return Collections.emptySet();
+    }
+
+    @Override
+    protected void configure() {
+         addMessageProcessorFunction(XmlLookupFunction.NAME, XmlLookupFunction.class);
+    }
+    protected void addMessageProcessorFunction(String name, Class<? extends Function<?>> functionClass) {
+        addMessageProcessorFunction(binder(), name, functionClass);
+    }
+
+    public static MapBinder<String, Function<?>> processorFunctionBinder(Binder binder) {
+        return MapBinder.newMapBinder(binder, TypeLiteral.get(String.class), new TypeLiteral<Function<?>>() {});
+    }
+
+    public static void addMessageProcessorFunction(Binder binder, String name, Class<? extends Function<?>> functionClass) {
+        processorFunctionBinder(binder).addBinding(name).to(functionClass);
+    }
+}

graylog-plugin-function-xmllookupfunction/src/main/java/org/graylog/plugins/custom/XmlLookupFunctionPlugin.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright (C) 2020 Graylog, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the Server Side Public License, version 1,
+ * as published by MongoDB, Inc.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * Server Side Public License for more details.
+ *
+ * You should have received a copy of the Server Side Public License
+ * along with this program. If not, see
+ * <http://www.mongodb.com/licensing/server-side-public-license>.
+ */
+package org.graylog.plugins.custom;
+
+import org.graylog2.plugin.Plugin;
+import org.graylog2.plugin.PluginMetaData;
+import org.graylog2.plugin.PluginModule;
+
+import java.util.Collection;
+import java.util.Collections;
+
+/**
+ * Implement the Plugin interface here.
+ */
+public class XmlLookupFunctionPlugin implements Plugin {
+    @Override
+    public PluginMetaData metadata() {
+        return new XmlLookupFunctionMetaData();
+    }
+
+    @Override
+    public Collection<PluginModule> modules () {
+        return Collections.<PluginModule>singletonList(new XmlLookupFunctionModule());
+    }
+}

graylog-plugin-function-xmllookupfunction/src/main/resources/META-INF/services/org.graylog2.plugin.Plugin

@@ -0,0 +1 @@
+org.graylog.plugins.custom.XmlLookupFunctionPlugin

graylog-plugin-function-xmllookupfunction/src/main/resources/org.graylog.plugins.graylog-plugin-function-xmllookupfunction/graylog-plugin.properties

@@ -0,0 +1,12 @@
+# The plugin version
+version=${project.version}
+
+# The required Graylog server version
+graylog.version=${graylog.version}
+
+# When set to true (the default) the plugin gets a separate class loader
+# when loading the plugin. When set to false, the plugin shares a class loader
+# with other plugins that have isolated=false.
+#
+# Do not disable this unless this plugin depends on another plugin!
+isolated=true

graylog-plugin-function-xmllookupfunction/src/web/index.jsx

@@ -0,0 +1,26 @@
+import 'webpack-entry';
+
+import { PluginManifest, PluginStore } from 'graylog-web-plugin/plugin';
+
+import packageJson from '../../package.json';
+
+const manifest = new PluginManifest(packageJson, {
+  /* This is the place where you define which entities you are providing to the web interface.
+     Right now you can add routes and navigation elements to it.
+
+     Examples: */
+
+  // Adding a route to /sample, rendering YourReactComponent when called:
+
+  // routes: [
+  //  { path: '/sample', component: YourReactComponent, permissions: 'inputs:create' },
+  // ],
+
+  // Adding an element to the top navigation pointing to /sample named "Sample":
+
+  // navigation: [
+  //  { path: '/sample', description: 'Sample' },
+  // ]
+});
+
+PluginStore.register(manifest);

graylog-plugin-function-xmllookupfunction/target/classes/META-INF/services/org.graylog2.plugin.Plugin

@@ -0,0 +1 @@
+org.graylog.plugins.custom.XmlLookupFunctionPlugin

graylog-plugin-function-xmllookupfunction/target/classes/org.graylog.plugins.graylog-plugin-function-xmllookupfunction/graylog-plugin.properties

@@ -0,0 +1,12 @@
+# The plugin version
+version=1.0.0-SNAPSHOT
+
+# The required Graylog server version
+graylog.version=5.1.5
+
+# When set to true (the default) the plugin gets a separate class loader
+# when loading the plugin. When set to false, the plugin shares a class loader
+# with other plugins that have isolated=false.
+#
+# Do not disable this unless this plugin depends on another plugin!
+isolated=true

graylog-plugin-function-xmllookupfunction/target/maven-archiver/pom.properties

@@ -0,0 +1,5 @@
+#Generated by Apache Maven
+#Fri May 09 12:06:43 EDT 2025
+artifactId=graylog-plugin-function-xmllookupfunction
+groupId=org.graylog.plugins
+version=1.0.0-SNAPSHOT

graylog-plugin-function-xmllookupfunction/webpack.config.js

@@ -0,0 +1,8 @@
+const path = require('path');
+const { PluginWebpackConfig } = require('graylog-web-plugin');
+const { loadBuildConfig } = require('graylog-web-plugin');
+
+// Remember to use the same name here and in `getUniqueId()` in the java MetaData class
+module.exports = new PluginWebpackConfig(__dirname, 'org.graylog.plugins.custom.XmlLookupFunctionPlugin', loadBuildConfig(path.resolve(__dirname, './build.config')), {
+  // Here goes your additional webpack configuration.
+});