commit ccd97117995d4551e931dddc807f3902ac56cd07 Author: Vadim Shulkin Date: Thu May 8 11:38:10 2025 -0400 first commit diff --git a/graylog-plugin-function-base64inflate/.mvn/jvm.config b/graylog-plugin-function-base64inflate/.mvn/jvm.config new file mode 100644 index 0000000..32599ce --- /dev/null +++ b/graylog-plugin-function-base64inflate/.mvn/jvm.config @@ -0,0 +1,10 @@ +--add-exports jdk.compiler/com.sun.tools.javac.api=ALL-UNNAMED +--add-exports jdk.compiler/com.sun.tools.javac.file=ALL-UNNAMED +--add-exports jdk.compiler/com.sun.tools.javac.main=ALL-UNNAMED +--add-exports jdk.compiler/com.sun.tools.javac.model=ALL-UNNAMED +--add-exports jdk.compiler/com.sun.tools.javac.parser=ALL-UNNAMED +--add-exports jdk.compiler/com.sun.tools.javac.processing=ALL-UNNAMED +--add-exports jdk.compiler/com.sun.tools.javac.tree=ALL-UNNAMED +--add-exports jdk.compiler/com.sun.tools.javac.util=ALL-UNNAMED +--add-opens jdk.compiler/com.sun.tools.javac.code=ALL-UNNAMED +--add-opens jdk.compiler/com.sun.tools.javac.comp=ALL-UNNAMED diff --git a/graylog-plugin-function-base64inflate/GETTING-STARTED.md b/graylog-plugin-function-base64inflate/GETTING-STARTED.md new file mode 100644 index 0000000..23880c9 --- /dev/null +++ b/graylog-plugin-function-base64inflate/GETTING-STARTED.md @@ -0,0 +1,8 @@ +Getting started with your new Graylog plugin +============================================ + +Welcome to your new Graylog plugin! + +Please refer to https://docs.graylog.org/docs/plugins for documentation on how to write +plugins for Graylog. + diff --git a/graylog-plugin-function-base64inflate/README.md b/graylog-plugin-function-base64inflate/README.md new file mode 100644 index 0000000..bebbe45 --- /dev/null +++ b/graylog-plugin-function-base64inflate/README.md @@ -0,0 +1,56 @@ +# Base64InflateFunction Plugin for Graylog + +__Use this paragraph to enter a description of your plugin.__ + +**Required Graylog version:** 2.0 and later + +Installation +------------ + +[Download the plugin](https://github.com/vshulkin/graylog-plugin-function-base64inflate/releases) +and place the `.jar` file in your Graylog plugin directory. The plugin directory +is the `plugins/` folder relative from your `graylog-server` directory by default +and can be configured in your `graylog.conf` file. + +Restart `graylog-server` and you are done. + +Development +----------- + +You can improve your development experience for the web interface part of your plugin +dramatically by making use of hot reloading. To do this, do the following: + +* `git clone https://github.com/Graylog2/graylog2-server.git` +* `cd graylog2-server/graylog2-web-interface` +* `ln -s $YOURPLUGIN plugin/` +* `npm install && npm start` + +Usage +----- + +__Use this paragraph to document the usage of your plugin__ + + +Getting started +--------------- + +This project is using Maven 3 and requires Java 8 or higher. + +* Clone this repository. +* Run `mvn package` to build a JAR file. +* Optional: Run `mvn jdeb:jdeb` and `mvn rpm:rpm` to create a DEB and RPM package respectively. +* Copy generated JAR file in target directory to your Graylog plugin directory. +* Restart the Graylog. + +Plugin Release +-------------- + +We are using the maven release plugin: + +``` +$ mvn release:prepare +[...] +$ mvn release:perform +``` + +This sets the version numbers, creates a tag and pushes to GitHub. diff --git a/graylog-plugin-function-base64inflate/build.config.js b/graylog-plugin-function-base64inflate/build.config.js new file mode 100644 index 0000000..500cf49 --- /dev/null +++ b/graylog-plugin-function-base64inflate/build.config.js @@ -0,0 +1,6 @@ +const path = require('path'); + +module.exports = { + // Make sure that this is the correct path to the web interface part of the Graylog server repository. + web_src_path: path.resolve(__dirname, '../graylog2-server', 'graylog2-web-interface'), +}; diff --git a/graylog-plugin-function-base64inflate/dependency-reduced-pom.xml b/graylog-plugin-function-base64inflate/dependency-reduced-pom.xml new file mode 100644 index 0000000..cc366c0 --- /dev/null +++ b/graylog-plugin-function-base64inflate/dependency-reduced-pom.xml @@ -0,0 +1,1163 @@ + + + + graylog-plugin-parent + org.graylog.plugins + 5.1.5 + ../pom.xml/pom.xml + + 4.0.0 + com.example.plugins + graylog-plugin-function-base64inflate + ${project.artifactId} + 1.0.0-SNAPSHOT + Graylog ${project.artifactId} plugin. + https://www.graylog.org + + + Vadim Shulkin + vshulkin@gmail.com + + + + scm:git:git@github.com:vshulkin/graylog-plugin-function-base64inflate.git + scm:git:git@github.com:vshulkin/graylog-plugin-function-base64inflate.git + https://github.com/vshulkin/graylog-plugin-function-base64inflate + + + + + ${web.build-dir} + + + true + src/main/resources + + + + + maven-assembly-plugin + + true + + + + maven-jar-plugin + 2.6 + + + + ${project.groupId}.${project.artifactId} + + + + + + maven-shade-plugin + 2.4.1 + + + package + + shade + + + + + + + + + + false + + + + maven-release-plugin + 2.5.2 + + true + forked-path + @{project.version} + clean test + package + + + + org.vafer + jdeb + 1.4 + + ${project.build.directory}/${project.artifactId}-${project.version}.deb + + + ${project.build.directory}/${project.build.finalName}.jar + file + + perm + ${graylog.plugin-dir} + 644 + root + root + + + + + + + org.codehaus.mojo + rpm-maven-plugin + 2.1.4 + + Application/Internet + + /usr + + + _unpackaged_files_terminate_build 0 + _binaries_in_noarch_packages_terminate_build 0 + + 644 + 755 + root + root + + + ${graylog.plugin-dir} + + + ${project.build.directory}/ + + ${project.build.finalName}.jar + + + + + + + + + + + + + false + + + sonatype-nexus-snapshots + Sonatype Nexus Snapshots + https://oss.sonatype.org/content/repositories/snapshots + + + + + false + + sonatype-nexus-releases + Sonatype Nexus Releases + https://oss.sonatype.org/content/repositories/releases + + + + + org.graylog2 + graylog2-server + 5.1.5 + provided + + + opentelemetry-api + io.opentelemetry + + + opentelemetry-instrumentation-annotations + io.opentelemetry.instrumentation + + + opentelemetry-semconv + io.opentelemetry + + + airline + com.github.rvesse + + + guava + com.google.guava + + + caffeine + com.github.ben-manes.caffeine + + + guava-retrying + com.github.rholder + + + shiro-core + org.apache.shiro + + + api-all + org.apache.directory.api + + + guice + com.google.inject + + + guice-assistedinject + com.google.inject.extensions + + + javax.inject + javax.inject + + + jadconfig + org.graylog + + + mongodb-driver-sync + org.mongodb + + + mongodb-driver-legacy + org.mongodb + + + mongojack + org.graylog.repackaged.mongojack + + + okhttp + com.squareup.okhttp3 + + + jackson-core + com.fasterxml.jackson.core + + + jackson-databind + com.fasterxml.jackson.core + + + jackson-annotations + com.fasterxml.jackson.core + + + jackson-jaxrs-base + com.fasterxml.jackson.jaxrs + + + jackson-datatype-guava + com.fasterxml.jackson.datatype + + + jackson-datatype-jdk8 + com.fasterxml.jackson.datatype + + + jackson-datatype-jsr310 + com.fasterxml.jackson.datatype + + + jackson-datatype-joda + com.fasterxml.jackson.datatype + + + jackson-module-jsonSchema + com.fasterxml.jackson.module + + + jackson-jaxrs-json-provider + com.fasterxml.jackson.jaxrs + + + jackson-dataformat-yaml + com.fasterxml.jackson.dataformat + + + jackson-dataformat-csv + com.fasterxml.jackson.dataformat + + + metrics-annotation + io.dropwizard.metrics + + + metrics-core + io.dropwizard.metrics + + + metrics-log4j2 + io.dropwizard.metrics + + + metrics-jvm + io.dropwizard.metrics + + + metrics-jmx + io.dropwizard.metrics + + + metrics-json + io.dropwizard.metrics + + + simpleclient_dropwizard + io.prometheus + + + simpleclient_hotspot + io.prometheus + + + simpleclient_httpserver + io.prometheus + + + siv-mode + org.cryptomator + + + commons-email + org.apache.commons + + + commons-validator + commons-validator + + + jersey-hk2 + org.glassfish.jersey.inject + + + jersey-bean-validation + org.glassfish.jersey.ext + + + jersey-media-multipart + org.glassfish.jersey.media + + + jersey-container-grizzly2-http + org.glassfish.jersey.containers + + + guice-bridge + org.glassfish.hk2 + + + hk2-api + org.glassfish.hk2 + + + hk2-locator + org.glassfish.hk2 + + + javax.ws.rs-api + javax.ws.rs + + + jaxb-api + javax.xml.bind + + + reflections + org.reflections + + + opencsv + net.sf.opencsv + + + commons-io + commons-io + + + natty + com.joestelmach + + + jmte + com.floreysoft + + + disruptor + com.lmax + + + joda-time + joda-time + + + uuid + org.graylog2.repackaged + + + de.huxhorn.sulky.ulid + de.huxhorn.sulky + + + commons-codec + commons-codec + + + grok + org.graylog2.repackaged + + + gelfclient + org.graylog2 + + + swagger-annotations + io.swagger + + + hibernate-validator + org.hibernate.validator + + + bcpkix-jdk15on + org.bouncycastle + + + lucene-queryparser + org.apache.lucene + + + lucene-analysis-common + org.apache.lucene + + + classgraph + io.github.classgraph + + + s3 + software.amazon.awssdk + + + log4j-api + org.apache.logging.log4j + + + log4j-core + org.apache.logging.log4j + + + log4j-slf4j-impl + org.apache.logging.log4j + + + jcl-over-slf4j + org.slf4j + + + log4j-over-slf4j + org.slf4j + + + log4j-jul + org.apache.logging.log4j + + + jbcrypt + org.mindrot + + + unboundid-ldapsdk + com.unboundid + + + retrofit + com.squareup.retrofit2 + + + converter-jackson + com.squareup.retrofit2 + + + os-platform-finder + org.graylog.repackaged + + + javax.el-api + javax.el + + + netty-common + io.netty + + + netty-buffer + io.netty + + + netty-handler + io.netty + + + netty-codec + io.netty + + + netty-codec-dns + io.netty + + + netty-codec-http + io.netty + + + netty-resolver-dns + io.netty + + + netty-transport-native-epoll + io.netty + + + netty-transport-native-kqueue + io.netty + + + netty-tcnative-boringssl-static + io.netty + + + netty-tcnative-boringssl-static + io.netty + + + javax.annotation-api + javax.annotation + + + HdrHistogram + org.hdrhistogram + + + oshi-core + com.github.oshi + + + amqp-client + com.rabbitmq + + + kafka09_2.11 + org.graylog.shaded + + + kafka_2.13 + org.apache.kafka + + + syslog4j + org.graylog2 + + + json-path + com.jayway.jsonpath + + + java-semver + com.github.zafarkhaja + + + semver4j + org.graylog.repackaged + + + protobuf-java + com.google.protobuf + + + validation-api + javax.validation + + + geoip2 + com.maxmind.geoip2 + + + cef-parser + org.graylog.cef + + + antlr4-runtime + org.antlr + + + jool + org.jooq + + + freemarker + org.freemarker + + + asciitable + de.vandermeer + + + commons-net + commons-net + + + slf4j-api + org.slf4j + + + auto-value-annotations + com.google.auto.value + + + jdot + info.leadinglight + + + streamex + one.util + + + cron-utils + com.cronutils + + + rate-limited-logger + com.swrve + + + + + org.graylog.plugins + graylog-plugin-pipeline-processor + 2.5.2 + provided + + + javapoet + com.squareup + + + antlr4-runtime + org.antlr + + + jool + org.jooq + + + + + org.graylog2 + graylog2-server + 5.1.5 + test-jar + test + + + opentelemetry-api + io.opentelemetry + + + opentelemetry-instrumentation-annotations + io.opentelemetry.instrumentation + + + opentelemetry-semconv + io.opentelemetry + + + airline + com.github.rvesse + + + guava + com.google.guava + + + caffeine + com.github.ben-manes.caffeine + + + guava-retrying + com.github.rholder + + + shiro-core + org.apache.shiro + + + api-all + org.apache.directory.api + + + guice + com.google.inject + + + guice-assistedinject + com.google.inject.extensions + + + javax.inject + javax.inject + + + jadconfig + org.graylog + + + mongodb-driver-sync + org.mongodb + + + mongodb-driver-legacy + org.mongodb + + + mongojack + org.graylog.repackaged.mongojack + + + okhttp + com.squareup.okhttp3 + + + jackson-core + com.fasterxml.jackson.core + + + jackson-databind + com.fasterxml.jackson.core + + + jackson-annotations + com.fasterxml.jackson.core + + + jackson-jaxrs-base + com.fasterxml.jackson.jaxrs + + + jackson-datatype-guava + com.fasterxml.jackson.datatype + + + jackson-datatype-jdk8 + com.fasterxml.jackson.datatype + + + jackson-datatype-jsr310 + com.fasterxml.jackson.datatype + + + jackson-datatype-joda + com.fasterxml.jackson.datatype + + + jackson-module-jsonSchema + com.fasterxml.jackson.module + + + jackson-jaxrs-json-provider + com.fasterxml.jackson.jaxrs + + + jackson-dataformat-yaml + com.fasterxml.jackson.dataformat + + + jackson-dataformat-csv + com.fasterxml.jackson.dataformat + + + metrics-annotation + io.dropwizard.metrics + + + metrics-core + io.dropwizard.metrics + + + metrics-log4j2 + io.dropwizard.metrics + + + metrics-jvm + io.dropwizard.metrics + + + metrics-jmx + io.dropwizard.metrics + + + metrics-json + io.dropwizard.metrics + + + simpleclient_dropwizard + io.prometheus + + + simpleclient_hotspot + io.prometheus + + + simpleclient_httpserver + io.prometheus + + + siv-mode + org.cryptomator + + + commons-email + org.apache.commons + + + commons-validator + commons-validator + + + jersey-hk2 + org.glassfish.jersey.inject + + + jersey-bean-validation + org.glassfish.jersey.ext + + + jersey-media-multipart + org.glassfish.jersey.media + + + jersey-container-grizzly2-http + org.glassfish.jersey.containers + + + guice-bridge + org.glassfish.hk2 + + + hk2-api + org.glassfish.hk2 + + + hk2-locator + org.glassfish.hk2 + + + javax.ws.rs-api + javax.ws.rs + + + jaxb-api + javax.xml.bind + + + reflections + org.reflections + + + opencsv + net.sf.opencsv + + + commons-io + commons-io + + + natty + com.joestelmach + + + jmte + com.floreysoft + + + disruptor + com.lmax + + + joda-time + joda-time + + + uuid + org.graylog2.repackaged + + + de.huxhorn.sulky.ulid + de.huxhorn.sulky + + + commons-codec + commons-codec + + + grok + org.graylog2.repackaged + + + gelfclient + org.graylog2 + + + swagger-annotations + io.swagger + + + hibernate-validator + org.hibernate.validator + + + bcpkix-jdk15on + org.bouncycastle + + + lucene-queryparser + org.apache.lucene + + + lucene-analysis-common + org.apache.lucene + + + classgraph + io.github.classgraph + + + s3 + software.amazon.awssdk + + + log4j-api + org.apache.logging.log4j + + + log4j-core + org.apache.logging.log4j + + + log4j-slf4j-impl + org.apache.logging.log4j + + + jcl-over-slf4j + org.slf4j + + + log4j-over-slf4j + org.slf4j + + + log4j-jul + org.apache.logging.log4j + + + jbcrypt + org.mindrot + + + unboundid-ldapsdk + com.unboundid + + + retrofit + com.squareup.retrofit2 + + + converter-jackson + com.squareup.retrofit2 + + + os-platform-finder + org.graylog.repackaged + + + javax.el-api + javax.el + + + netty-common + io.netty + + + netty-buffer + io.netty + + + netty-handler + io.netty + + + netty-codec + io.netty + + + netty-codec-dns + io.netty + + + netty-codec-http + io.netty + + + netty-resolver-dns + io.netty + + + netty-transport-native-epoll + io.netty + + + netty-transport-native-kqueue + io.netty + + + netty-tcnative-boringssl-static + io.netty + + + netty-tcnative-boringssl-static + io.netty + + + javax.annotation-api + javax.annotation + + + HdrHistogram + org.hdrhistogram + + + oshi-core + com.github.oshi + + + amqp-client + com.rabbitmq + + + kafka09_2.11 + org.graylog.shaded + + + kafka_2.13 + org.apache.kafka + + + syslog4j + org.graylog2 + + + json-path + com.jayway.jsonpath + + + java-semver + com.github.zafarkhaja + + + semver4j + org.graylog.repackaged + + + protobuf-java + com.google.protobuf + + + validation-api + javax.validation + + + geoip2 + com.maxmind.geoip2 + + + cef-parser + org.graylog.cef + + + freemarker + org.freemarker + + + asciitable + de.vandermeer + + + commons-net + commons-net + + + slf4j-api + org.slf4j + + + auto-value-annotations + com.google.auto.value + + + jdot + info.leadinglight + + + streamex + one.util + + + cron-utils + com.cronutils + + + rate-limited-logger + com.swrve + + + antlr4-runtime + org.antlr + + + jool + org.jooq + + + + + com.google.auto.value + auto-value + 1.7.4 + provided + + + + + sonatype-nexus-staging + Nexus Release Repository + https://oss.sonatype.org/service/local/staging/deploy/maven2/ + + + sonatype-nexus-snapshots + Sonatype Nexus Snapshots + https://oss.sonatype.org/content/repositories/snapshots + + + + /usr/share/graylog-server/plugin + 17 + ${project.parent.version} + 17 + UTF-8 + true + + + diff --git a/graylog-plugin-function-base64inflate/package.json b/graylog-plugin-function-base64inflate/package.json new file mode 100644 index 0000000..ec14916 --- /dev/null +++ b/graylog-plugin-function-base64inflate/package.json @@ -0,0 +1,28 @@ +{ + "name": "Base64InflateFunction", + "version": "1.0.0-SNAPSHOT", + "description": "", + "repository": { + "type": "git", + "url": "vshulkin/graylog-plugin-function-base64inflate" + }, + "scripts": { + "build": "webpack", + "lint": "eslint src", + "lint:path": "eslint", + "test": "jest" + }, + "keywords": [ + "graylog" + ], + "author": "John Doe ", + "license": "MIT", + "eslintConfig": { + "extends": "graylog" + }, + "dependencies": { + }, + "devDependencies": { + "graylog-web-plugin": "file:../graylog2-server/graylog2-web-interface/packages/graylog-web-plugin" + } +} diff --git a/graylog-plugin-function-base64inflate/pom.xml b/graylog-plugin-function-base64inflate/pom.xml new file mode 100644 index 0000000..c7c423b --- /dev/null +++ b/graylog-plugin-function-base64inflate/pom.xml @@ -0,0 +1,255 @@ + + + + 4.0.0 + + + org.graylog.plugins + graylog-plugin-parent + 5.1.5 + + + com.example.plugins + graylog-plugin-function-base64inflate + 1.0.0-SNAPSHOT + jar + + ${project.artifactId} + Graylog ${project.artifactId} plugin. + https://www.graylog.org + + + + Vadim Shulkin + vshulkin@gmail.com + + + + + scm:git:git@github.com:vshulkin/graylog-plugin-function-base64inflate.git + scm:git:git@github.com:vshulkin/graylog-plugin-function-base64inflate.git + https://github.com/vshulkin/graylog-plugin-function-base64inflate + HEAD + + + + UTF-8 + 17 + 17 + + + true + + ${project.parent.version} + /usr/share/graylog-server/plugin + + + + + sonatype-nexus-snapshots + Sonatype Nexus Snapshots + https://oss.sonatype.org/content/repositories/snapshots + + + sonatype-nexus-staging + Nexus Release Repository + https://oss.sonatype.org/service/local/staging/deploy/maven2/ + + + + + + + sonatype-nexus-snapshots + Sonatype Nexus Snapshots + https://oss.sonatype.org/content/repositories/snapshots + + false + + + true + + + + sonatype-nexus-releases + Sonatype Nexus Releases + https://oss.sonatype.org/content/repositories/releases + + true + + + false + + + + + + + org.graylog2 + graylog2-server + ${graylog.version} + provided + + + org.graylog.plugins + graylog-plugin-pipeline-processor + 2.5.2 + provided + + + com.google.auto.service + auto-service-annotations + 1.1.1 + + + + + org.graylog2 + graylog2-server + ${graylog.version} + test-jar + test + + + + + + + ${web.build-dir} + + src/main/resources + true + + + + + maven-assembly-plugin + + true + + + + + org.apache.maven.plugins + maven-jar-plugin + 2.6 + + + + ${project.groupId}.${project.artifactId} + + + + + + + org.apache.maven.plugins + maven-shade-plugin + 2.4.1 + + false + + + + package + + shade + + + + + + + + + + + + org.apache.maven.plugins + maven-release-plugin + 2.5.2 + + true + forked-path + @{project.version} + clean test + package + + + + + jdeb + org.vafer + 1.4 + + ${project.build.directory}/${project.artifactId}-${project.version}.deb + + + ${project.build.directory}/${project.build.finalName}.jar + file + + perm + ${graylog.plugin-dir} + 644 + root + root + + + + + + + + org.codehaus.mojo + rpm-maven-plugin + 2.1.4 + + Application/Internet + + /usr + + + _unpackaged_files_terminate_build 0 + _binaries_in_noarch_packages_terminate_build 0 + + 644 + 755 + root + root + + + ${graylog.plugin-dir} + + + ${project.build.directory}/ + + ${project.build.finalName}.jar + + + + + + + + + + diff --git a/graylog-plugin-function-base64inflate/src/deb/control/control b/graylog-plugin-function-base64inflate/src/deb/control/control new file mode 100644 index 0000000..dd855d6 --- /dev/null +++ b/graylog-plugin-function-base64inflate/src/deb/control/control @@ -0,0 +1,8 @@ +Package: [[name]] +Version: [[version]] +Architecture: all +Maintainer: John Doe +Section: web +Priority: optional +Depends: graylog-server | graylog-radio +Description: [[description]] diff --git a/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunction.java b/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunction.java new file mode 100644 index 0000000..d2c2bbb --- /dev/null +++ b/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunction.java @@ -0,0 +1,79 @@ +/* + * Copyright (C) 2020 Graylog, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the Server Side Public License, version 1, + * as published by MongoDB, Inc. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * Server Side Public License for more details. + * + * You should have received a copy of the Server Side Public License + * along with this program. If not, see + * . + */ + + +package org.graylog.plugins.custom; + +import com.google.auto.service.AutoService; +import org.graylog.plugins.pipelineprocessor.EvaluationContext; +import org.graylog.plugins.pipelineprocessor.ast.expressions.Expression; +import org.graylog.plugins.pipelineprocessor.ast.functions.AbstractFunction; +import org.graylog.plugins.pipelineprocessor.ast.functions.FunctionArgs; +import org.graylog.plugins.pipelineprocessor.ast.functions.FunctionDescriptor; +import org.graylog.plugins.pipelineprocessor.ast.functions.ParameterDescriptor; + +import java.io.ByteArrayInputStream; +import java.io.InputStreamReader; +import java.io.BufferedReader; +import java.nio.charset.StandardCharsets; +import java.util.Base64; +import java.util.zip.GZIPInputStream; + +// @Function(name = "Base64Inflate", description = "Decodes a URL-safe Base64-encoded and GZIP-compressed string") +public class Base64InflateFunction extends AbstractFunction { + + public static final String NAME = "urlsafe_base64_decode"; + + private final ParameterDescriptor inputParam = ParameterDescriptor + .string("input") + .description("The URL-safe Base64-encoded string to decode") + .build(); + + + @Override + public FunctionDescriptor descriptor() { + return FunctionDescriptor.builder() + .name("Base64Inflate") + .description("Decodes a URL-safe Base64-encoded and GZIP-compressed string") + .params(inputParam) + .returnType(String.class) + .build(); + } + + @Override + public String evaluate(FunctionArgs args, EvaluationContext context) { + final String input = inputParam.required(args, context); + try { + byte[] decoded = Base64.getUrlDecoder().decode(input); + try (GZIPInputStream gis = new GZIPInputStream(new ByteArrayInputStream(decoded)); + InputStreamReader isr = new InputStreamReader(gis, StandardCharsets.UTF_8); + BufferedReader br = new BufferedReader(isr)) { + + StringBuilder out = new StringBuilder(); + String line; + while ((line = br.readLine()) != null) { + out.append(line); + } + return out.toString(); + } + } catch (Exception e) { + // You may choose to log this or return null + return null; + } + } +} + diff --git a/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunctionMetaData.java b/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunctionMetaData.java new file mode 100644 index 0000000..1cabdea --- /dev/null +++ b/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunctionMetaData.java @@ -0,0 +1,73 @@ +/* + * Copyright (C) 2020 Graylog, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the Server Side Public License, version 1, + * as published by MongoDB, Inc. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * Server Side Public License for more details. + * + * You should have received a copy of the Server Side Public License + * along with this program. If not, see + * . + */ +package org.graylog.plugins.custom; + +import org.graylog2.plugin.PluginMetaData; +import org.graylog2.plugin.ServerStatus; +import org.graylog2.plugin.Version; + +import java.net.URI; +import java.util.Collections; +import java.util.Set; + +/** + * Implement the PluginMetaData interface here. + */ +public class Base64InflateFunctionMetaData implements PluginMetaData { + private static final String PLUGIN_PROPERTIES = "org.graylog.plugins.graylog-plugin-function-base64inflate/graylog-plugin.properties"; + + @Override + public String getUniqueId() { + return "org.graylog.plugins.custom.Base64InflateFunctionPlugin"; + } + + @Override + public String getName() { + return "Base64InflateFunction"; + } + + @Override + public String getAuthor() { + return "John Doe "; + } + + @Override + public URI getURL() { + return URI.create("https://github.com/vshulkin/graylog-plugin-function-base64inflate"); + } + + @Override + public Version getVersion() { + return Version.fromPluginProperties(getClass(), PLUGIN_PROPERTIES, "version", Version.from(0, 0, 0, "unknown")); + } + + @Override + public String getDescription() { + // TODO Insert correct plugin description + return "Description of Base64InflateFunction plugin"; + } + + @Override + public Version getRequiredVersion() { + return Version.fromPluginProperties(getClass(), PLUGIN_PROPERTIES, "graylog.version", Version.from(0, 0, 0, "unknown")); + } + + @Override + public Set getRequiredCapabilities() { + return Collections.emptySet(); + } +} diff --git a/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunctionModule.java b/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunctionModule.java new file mode 100644 index 0000000..eee45e3 --- /dev/null +++ b/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunctionModule.java @@ -0,0 +1,60 @@ +/* + * Copyright (C) 2020 Graylog, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the Server Side Public License, version 1, + * as published by MongoDB, Inc. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * Server Side Public License for more details. + * + * You should have received a copy of the Server Side Public License + * along with this program. If not, see + * . + */ +package org.graylog.plugins.custom; + +import org.graylog2.plugin.PluginConfigBean; +import org.graylog2.plugin.PluginModule; + +import java.util.Collections; +import java.util.Set; + +/** + * Extend the PluginModule abstract class here to add you plugin to the system. + */ +public class Base64InflateFunctionModule extends PluginModule { + /** + * Returns all configuration beans required by this plugin. + * + * Implementing this method is optional. The default method returns an empty {@link Set}. + */ + @Override + public Set getConfigBeans() { + return Collections.emptySet(); + } + + @Override + protected void configure() { + /* + * Register your plugin types here. + * + * Examples: + * + * addMessageInput(Class); + * addMessageFilter(Class); + * addMessageOutput(Class); + * addPeriodical(Class); + * addAlarmCallback(Class); + * addInitializer(Class); + * addRestResource(Class); + * + * + * Add all configuration beans returned by getConfigBeans(): + * + * addConfigBeans(); + */ + } +} diff --git a/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunctionPlugin.java b/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunctionPlugin.java new file mode 100644 index 0000000..f2080ae --- /dev/null +++ b/graylog-plugin-function-base64inflate/src/main/java/org/graylog/plugins/custom/Base64InflateFunctionPlugin.java @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2020 Graylog, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the Server Side Public License, version 1, + * as published by MongoDB, Inc. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * Server Side Public License for more details. + * + * You should have received a copy of the Server Side Public License + * along with this program. If not, see + * . + */ +package org.graylog.plugins.custom; + +import org.graylog2.plugin.Plugin; +import org.graylog2.plugin.PluginMetaData; +import org.graylog2.plugin.PluginModule; + +import java.util.Collection; +import java.util.Collections; + +/** + * Implement the Plugin interface here. + */ +public class Base64InflateFunctionPlugin implements Plugin { + @Override + public PluginMetaData metadata() { + return new Base64InflateFunctionMetaData(); + } + + @Override + public Collection modules () { + return Collections.singletonList(new Base64InflateFunctionModule()); + } +} diff --git a/graylog-plugin-function-base64inflate/src/main/resources/META-INF/services/org.graylog2.plugin.Plugin b/graylog-plugin-function-base64inflate/src/main/resources/META-INF/services/org.graylog2.plugin.Plugin new file mode 100644 index 0000000..41cf435 --- /dev/null +++ b/graylog-plugin-function-base64inflate/src/main/resources/META-INF/services/org.graylog2.plugin.Plugin @@ -0,0 +1 @@ +org.graylog.plugins.custom.Base64InflateFunctionPlugin \ No newline at end of file diff --git a/graylog-plugin-function-base64inflate/src/main/resources/org.graylog.plugins.graylog-plugin-function-base64inflate/graylog-plugin.properties b/graylog-plugin-function-base64inflate/src/main/resources/org.graylog.plugins.graylog-plugin-function-base64inflate/graylog-plugin.properties new file mode 100644 index 0000000..63e3eb5 --- /dev/null +++ b/graylog-plugin-function-base64inflate/src/main/resources/org.graylog.plugins.graylog-plugin-function-base64inflate/graylog-plugin.properties @@ -0,0 +1,12 @@ +# The plugin version +version=${project.version} + +# The required Graylog server version +graylog.version=${graylog.version} + +# When set to true (the default) the plugin gets a separate class loader +# when loading the plugin. When set to false, the plugin shares a class loader +# with other plugins that have isolated=false. +# +# Do not disable this unless this plugin depends on another plugin! +isolated=true diff --git a/graylog-plugin-function-base64inflate/src/web/index.jsx b/graylog-plugin-function-base64inflate/src/web/index.jsx new file mode 100644 index 0000000..23fc2f6 --- /dev/null +++ b/graylog-plugin-function-base64inflate/src/web/index.jsx @@ -0,0 +1,26 @@ +import 'webpack-entry'; + +import { PluginManifest, PluginStore } from 'graylog-web-plugin/plugin'; + +import packageJson from '../../package.json'; + +const manifest = new PluginManifest(packageJson, { + /* This is the place where you define which entities you are providing to the web interface. + Right now you can add routes and navigation elements to it. + + Examples: */ + + // Adding a route to /sample, rendering YourReactComponent when called: + + // routes: [ + // { path: '/sample', component: YourReactComponent, permissions: 'inputs:create' }, + // ], + + // Adding an element to the top navigation pointing to /sample named "Sample": + + // navigation: [ + // { path: '/sample', description: 'Sample' }, + // ] +}); + +PluginStore.register(manifest); diff --git a/graylog-plugin-function-base64inflate/target/classes/META-INF/services/org.graylog2.plugin.Plugin b/graylog-plugin-function-base64inflate/target/classes/META-INF/services/org.graylog2.plugin.Plugin new file mode 100644 index 0000000..41cf435 --- /dev/null +++ b/graylog-plugin-function-base64inflate/target/classes/META-INF/services/org.graylog2.plugin.Plugin @@ -0,0 +1 @@ +org.graylog.plugins.custom.Base64InflateFunctionPlugin \ No newline at end of file diff --git a/graylog-plugin-function-base64inflate/target/classes/org.graylog.plugins.graylog-plugin-function-base64inflate/graylog-plugin.properties b/graylog-plugin-function-base64inflate/target/classes/org.graylog.plugins.graylog-plugin-function-base64inflate/graylog-plugin.properties new file mode 100644 index 0000000..364ac82 --- /dev/null +++ b/graylog-plugin-function-base64inflate/target/classes/org.graylog.plugins.graylog-plugin-function-base64inflate/graylog-plugin.properties @@ -0,0 +1,12 @@ +# The plugin version +version=1.0.0-SNAPSHOT + +# The required Graylog server version +graylog.version=5.1.5 + +# When set to true (the default) the plugin gets a separate class loader +# when loading the plugin. When set to false, the plugin shares a class loader +# with other plugins that have isolated=false. +# +# Do not disable this unless this plugin depends on another plugin! +isolated=true diff --git a/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunction.class b/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunction.class new file mode 100644 index 0000000..467c8d5 Binary files /dev/null and b/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunction.class differ diff --git a/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunctionMetaData.class b/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunctionMetaData.class new file mode 100644 index 0000000..5926b0f Binary files /dev/null and b/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunctionMetaData.class differ diff --git a/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunctionModule.class b/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunctionModule.class new file mode 100644 index 0000000..58b74e4 Binary files /dev/null and b/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunctionModule.class differ diff --git a/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunctionPlugin.class b/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunctionPlugin.class new file mode 100644 index 0000000..f8779f3 Binary files /dev/null and b/graylog-plugin-function-base64inflate/target/classes/org/graylog/plugins/custom/Base64InflateFunctionPlugin.class differ diff --git a/graylog-plugin-function-base64inflate/target/graylog-plugin-function-base64inflate-1.0.0-SNAPSHOT.jar b/graylog-plugin-function-base64inflate/target/graylog-plugin-function-base64inflate-1.0.0-SNAPSHOT.jar new file mode 100644 index 0000000..9ec4c69 Binary files /dev/null and b/graylog-plugin-function-base64inflate/target/graylog-plugin-function-base64inflate-1.0.0-SNAPSHOT.jar differ diff --git a/graylog-plugin-function-base64inflate/target/maven-archiver/pom.properties b/graylog-plugin-function-base64inflate/target/maven-archiver/pom.properties new file mode 100644 index 0000000..a83b8f4 --- /dev/null +++ b/graylog-plugin-function-base64inflate/target/maven-archiver/pom.properties @@ -0,0 +1,5 @@ +#Generated by Apache Maven +#Thu May 08 11:05:30 EDT 2025 +artifactId=graylog-plugin-function-base64inflate +groupId=com.example.plugins +version=1.0.0-SNAPSHOT diff --git a/graylog-plugin-function-base64inflate/target/original-graylog-plugin-function-base64inflate-1.0.0-SNAPSHOT.jar b/graylog-plugin-function-base64inflate/target/original-graylog-plugin-function-base64inflate-1.0.0-SNAPSHOT.jar new file mode 100644 index 0000000..ec2abcb Binary files /dev/null and b/graylog-plugin-function-base64inflate/target/original-graylog-plugin-function-base64inflate-1.0.0-SNAPSHOT.jar differ diff --git a/graylog-plugin-function-base64inflate/webpack.config.js b/graylog-plugin-function-base64inflate/webpack.config.js new file mode 100644 index 0000000..1a8d948 --- /dev/null +++ b/graylog-plugin-function-base64inflate/webpack.config.js @@ -0,0 +1,8 @@ +const path = require('path'); +const { PluginWebpackConfig } = require('graylog-web-plugin'); +const { loadBuildConfig } = require('graylog-web-plugin'); + +// Remember to use the same name here and in `getUniqueId()` in the java MetaData class +module.exports = new PluginWebpackConfig(__dirname, 'org.graylog.plugins.custom.Base64InflateFunctionPlugin', loadBuildConfig(path.resolve(__dirname, './build.config')), { + // Here goes your additional webpack configuration. +}); diff --git a/graylog-plugin-function-strlen b/graylog-plugin-function-strlen new file mode 160000 index 0000000..d0d8773 --- /dev/null +++ b/graylog-plugin-function-strlen @@ -0,0 +1 @@ +Subproject commit d0d877357a2c809777328d131758e1b1601fb78e