fix srcx and hostx for syslog and bump for release

8 months ago · eb0d2f5e28
3 changed files with 39 additions and 36 deletions
--- a/63
+++ b/63
@ -1,43 +1,46 @@
 Revision history for Search-ESsearcher

-0.4.3	 2021-11-04/04:00
-		 -Remove mutate from geoip on fail2ban.
+0.4.4	2021-11-04/20:30
+		-Fix srcx and hostx for syslog.
+
+0.4.3	2021-11-04/04:00
+		-Remove mutate from geoip on fail2ban.
 		  This removes the need for mappings in Elasticsearch.
-		 -Add back in GeoIP for Postfix.
+		-Add back in GeoIP for Postfix.

-0.4.2	 2021-10-21/23:15
-		 - Include logstash examples.
-		 - Update Postfix logstash bits.
+0.4.2	2021-10-21/23:15
+		- Include logstash examples.
+		- Update Postfix logstash bits.

-0.4.1	 2019-12-08/04:05
-		 - Remove accidentally included emacs save.
-		 - Correct datestamp on previous change log entry.
+0.4.1	2019-12-08/04:05
+		- Remove accidentally included emacs save.
+		- Correct datestamp on previous change log entry.

-0.4.0	 2019-12-08/04:00
-		 - Make host searching work better. Thanks, Kevin Greene.
-		 - Add the aonHost.
+0.4.0	2019-12-08/04:00
+		- Make host searching work better. Thanks, Kevin Greene.
+		- Add the aonHost.

-0.3.1	 2019-06-05/05:0
-		 - Add missing options to postfix pod.
+0.3.1	2019-06-05/05:0
+		- Add missing options to postfix pod.

-0.3.0	 2019-06-05/01:30
-		 - Add postfix support.
-		 - Add repo info.
+0.3.0	2019-06-05/01:30
+		- Add postfix support.
+		- Add repo info.

-0.2.0	 2019-06-03/04:30
-		 - The bf2b template now properly processes --ip
-		 - Add the httpAccess template.
-		 - Add a missing flag to the help for bf2b.
-		 - Added the option for pretty printing -S via -p
+0.2.0	2019-06-03/04:30
+		- The bf2b template now properly processes --ip
+		- Add the httpAccess template.
+		- Add a missing flag to the help for bf2b.
+		- Added the option for pretty printing -S via -p


-0.1.0	 2019-06-02/09:00
-		 - Add bf2b, beats fail2ban support.
-		 - Actually set the output template now.
-		 - name validation no longer chokes on numbers.
-		 - Now prints the proper help info instead of the
-		   one for the default, syslog.
+0.1.0	2019-06-02/09:00
+		- Add bf2b, beats fail2ban support.
+		- Actually set the output template now.
+		- name validation no longer chokes on numbers.
+		- Now prints the proper help info instead of the
+		  one for the default, syslog.

-0.0.0	 2019-06-02/04:40
-		 - Initial release.
+0.0.0	2019-06-02/04:40
+		- Initial release.

--- a/lib/Search/ESsearcher.pm
+++ b/lib/Search/ESsearcher.pm
@ -17,11 +17,11 @@ Search::ESsearcher - Provides a handy system for doing templated elasticsearch s

 =head1 VERSION

-Version 0.4.3
+Version 0.4.4

 =cut

-our $VERSION = '0.4.3';
+our $VERSION = '0.4.4';


 =head1 SYNOPSIS
--- a/lib/Search/ESsearcher/Templates/syslog.pm
+++ b/lib/Search/ESsearcher/Templates/syslog.pm
@ -10,11 +10,11 @@ Search::ESsearcher::Templates::syslog - Provides syslog support for essearcher.

 =head1 VERSION

-Version 1.1.0
+Version 1.1.1

 =cut

-our $VERSION = '1.1.0';
+our $VERSION = '1.1.1';

 =head1 LOGSTASH

@ -189,14 +189,14 @@ return '
 					  [% IF o.hostx %]
 					  {"query_string": {
 						  "default_field": "host.keyword",
-						  "query": [% o.host.json %]
+						  "query": [% o.hostx.json %]
 					  }
 					   },
 					  [% END %]
 					  [% IF o.srcx %]
 					  {"query_string": {
 						  "default_field": "logsource.keyword",
-						  "query": [% o.src.json %]
+						  "query": [% o.srcx.json %]
 					  }
 					   },
 					  [% END %]