logstash-filter-elasticsearch 3.15.0 → 3.15.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +6 -0
  3. data/docs/index.asciidoc +2 -0
  4. data/lib/logstash/filters/elasticsearch.rb +14 -1
  5. data/logstash-filter-elasticsearch.gemspec +1 -1
  6. data/spec/filters/elasticsearch_spec.rb +20 -3
  7. data/spec/filters/elasticsearch_ssl_spec.rb +8 -6
  8. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c988a59e14c49b5b169b0b797cc2844d747d1cb67c7daef426d1008b10064c79
4
- data.tar.gz: 20febabc910c17435dca65e5d326e73ea48b3897743e19102101fba316a5e96c
3
+ metadata.gz: 64700ddd93547ed4e08abfb73028ab17f7dc6bd6d591840c622b5f7e24b3d5c3
4
+ data.tar.gz: 9cdf64fc9afe9a2a66c453850d2b4c0d910af5251567799bfd6612737045ba50
5
5
  SHA512:
6
- metadata.gz: 6d22b647190c79c1ef8ce703a2212ca7bbedd2f6ce621b81a0bd305c9e523371eb1f6e6bc2435952c2d5d776779588aba7e45fb3e4e07227648f399ed41651b3
7
- data.tar.gz: 529b58bb8a8a7097cfc4c205044f2eb3d478300f9c6d5273446063afdf55402a5f76157f7e98e51bf4491a9ddc3a6e2ed572ae1fd4110737b2bbd2be829c52f7
6
+ metadata.gz: 54c710f94a363bb2f8c9b1ecf450ec3397b50792fb7d4c2035a2ee7c70b347c7a41a4c8d7959bcd0eb8403a5df786bdfbebb5bb600f54a4668d6f4905d429054
7
+ data.tar.gz: 4f788bb3592c42fc2003e22c94c49d53272063ec2fadbe85f49e3653ba7bdfbbf81024cb34d8e81cec7f7eaf9968fc2be8fd704da5678d34eae60a3fd47d184f
data/CHANGELOG.md CHANGED
@@ -1,3 +1,9 @@
1
+ ## 3.15.2
2
+ - Added checking for `query` and `query_template`. [#171](https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/171)
3
+
4
+ ## 3.15.1
5
+ - Fixes a regression introduced in 3.15.0 which could prevent a connection from being established to Elasticsearch in some SSL configurations
6
+
1
7
  ## 3.15.0
2
8
  - Added SSL settings for: [#168](https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/168)
3
9
  - `ssl_enabled`: Enable/disable the SSL settings. If not provided, the value is inferred from the hosts scheme
data/docs/index.asciidoc CHANGED
@@ -320,6 +320,7 @@ environment variables e.g. `proxy => '${LS_PROXY:}'`.
320
320
  Elasticsearch query string. More information is available in the
321
321
  {ref}/query-dsl-query-string-query.html#query-string-syntax[Elasticsearch query
322
322
  string documentation].
323
+ Use either `query` or `query_template`.
323
324
 
324
325
 
325
326
  [id="plugins-{type}s-{plugin}-query_template"]
@@ -330,6 +331,7 @@ string documentation].
330
331
 
331
332
  File path to elasticsearch query in DSL format. More information is available in
332
333
  the {ref}/query-dsl.html[Elasticsearch query documentation].
334
+ Use either `query` or `query_template`.
333
335
 
334
336
  [id="plugins-{type}s-{plugin}-result_size"]
335
337
  ===== `result_size`
data/lib/logstash/filters/elasticsearch.rb CHANGED
@@ -170,6 +170,7 @@ class LogStash::Filters::Elasticsearch < LogStash::Filters::Base
170
170
  @query_dsl = file.read
171
171
  end
172
172
 
173
+ validate_query_settings
173
174
  fill_hosts_from_cloud_id
174
175
  setup_ssl_params!
175
176
  validate_authentication
@@ -317,7 +318,9 @@ class LogStash::Filters::Elasticsearch < LogStash::Filters::Base
317
318
  "to make sure your data is secure set `ssl_verification_mode => full`"
318
319
  ssl_options[:verify] = :disable
319
320
  else
320
- ssl_options[:verify] = :strict
321
+ # Manticore's :default maps to Apache HTTP Client's DefaultHostnameVerifier,
322
+ # which is the modern STRICT verifier that replaces the deprecated StrictHostnameVerifier
323
+ ssl_options[:verify] = :default
321
324
  end
322
325
  end
323
326
 
@@ -389,6 +392,16 @@ class LogStash::Filters::Elasticsearch < LogStash::Filters::Base
389
392
  hosts.is_a?(Array) && hosts.size == 1 && !original_params.key?('hosts')
390
393
  end
391
394
 
395
+ def validate_query_settings
396
+ unless @query || @query_template
397
+ raise LogStash::ConfigurationError, "Both `query` and `query_template` are empty. Require either `query` or `query_template`."
398
+ end
399
+
400
+ if @query && @query_template
401
+ raise LogStash::ConfigurationError, "Both `query` and `query_template` are set. Use either `query` or `query_template`."
402
+ end
403
+ end
404
+
392
405
  def validate_authentication
393
406
  authn_options = 0
394
407
  authn_options += 1 if @cloud_auth
data/logstash-filter-elasticsearch.gemspec CHANGED
@@ -1,7 +1,7 @@
1
1
  Gem::Specification.new do |s|
2
2
 
3
3
  s.name = 'logstash-filter-elasticsearch'
4
- s.version = '3.15.0'
4
+ s.version = '3.15.2'
5
5
  s.licenses = ['Apache License (2.0)']
6
6
  s.summary = "Copies fields from previous log events in Elasticsearch to current events "
7
7
  s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
data/spec/filters/elasticsearch_spec.rb CHANGED
@@ -15,9 +15,11 @@ describe LogStash::Filters::Elasticsearch do
15
15
 
16
16
  context "registration" do
17
17
 
18
- let(:plugin) { LogStash::Plugin.lookup("filter", "elasticsearch").new({}) }
18
+ let(:plugin) { LogStash::Plugin.lookup("filter", "elasticsearch").new(config) }
19
19
 
20
20
  context "against authentic Elasticsearch" do
21
+ let(:config) { { "query" => "*" } }
22
+
21
23
  before do
22
24
  allow(plugin).to receive(:test_connection!)
23
25
  end
@@ -28,6 +30,7 @@ describe LogStash::Filters::Elasticsearch do
28
30
  end
29
31
 
30
32
  context "against not authentic Elasticsearch" do
33
+ let(:config) { { "query" => "*" } }
31
34
  let(:failing_client) do
32
35
  client = double("client")
33
36
  allow(client).to receive(:ping).and_raise Elasticsearch::UnsupportedProductError
@@ -45,6 +48,19 @@ describe LogStash::Filters::Elasticsearch do
45
48
  expect {plugin.register}.to raise_error(LogStash::ConfigurationError)
46
49
  end
47
50
  end
51
+
52
+ context "query settings" do
53
+ it "raise an exception when query and query_template are empty" do
54
+ plugin = described_class.new({})
55
+ expect {plugin.register}.to raise_error(LogStash::ConfigurationError)
56
+ end
57
+
58
+ it "raise an exception when query and query_template are set" do
59
+ config = { "query" => "*", "query_template" => File.join(File.dirname(__FILE__), "fixtures", "query_template_unicode.json") }
60
+ plugin = described_class.new(config)
61
+ expect {plugin.register}.to raise_error(LogStash::ConfigurationError)
62
+ end
63
+ end
48
64
  end
49
65
 
50
66
  describe "data fetch" do
@@ -594,7 +610,7 @@ describe LogStash::Filters::Elasticsearch do
594
610
 
595
611
  describe "ca_trusted_fingerprint" do
596
612
  let(:ca_trusted_fingerprint) { SecureRandom.hex(32) }
597
- let(:config) { {"ssl_enabled" => true, "ca_trusted_fingerprint" => ca_trusted_fingerprint}}
613
+ let(:config) { {"ssl_enabled" => true, "ca_trusted_fingerprint" => ca_trusted_fingerprint, "query" => "*"}}
598
614
 
599
615
  subject(:plugin) { described_class.new(config) }
600
616
 
@@ -633,6 +649,7 @@ describe LogStash::Filters::Elasticsearch do
633
649
  'hosts' => 'https://localhost:9200',
634
650
  'ssl_keystore_path' => keystore_path,
635
651
  'ssl_keystore_password' => keystore_password,
652
+ 'query' => '*'
636
653
  }
637
654
  end
638
655
 
@@ -663,7 +680,7 @@ describe LogStash::Filters::Elasticsearch do
663
680
 
664
681
  describe "defaults" do
665
682
 
666
- let(:config) { Hash.new }
683
+ let(:config) { {"query" => "*"} }
667
684
  let(:plugin) { described_class.new(config) }
668
685
 
669
686
  before { allow(plugin).to receive(:test_connection!) }
data/spec/filters/elasticsearch_ssl_spec.rb CHANGED
@@ -5,7 +5,7 @@ require "logstash/codecs/base"
5
5
  describe "SSL options" do
6
6
  let(:es_client_double) { double("Elasticsearch::Client #{self.inspect}") }
7
7
  let(:hosts) {["localhost"]}
8
- let(:settings) { { "ssl_enabled" => true, "hosts" => hosts } }
8
+ let(:settings) { { "ssl_enabled" => true, "hosts" => hosts, "query" => "*" } }
9
9
 
10
10
  subject do
11
11
  require "logstash/filters/elasticsearch"
@@ -36,7 +36,8 @@ describe "SSL options" do
36
36
  context "false and cloud_id resolved host is https" do
37
37
  let(:settings) {{
38
38
  "ssl_enabled" => false,
39
- "cloud_id" => "sample:dXMtY2VudHJhbDEuZ2NwLmNsb3VkLmVzLmlvJGFjMzFlYmI5MDI0MTc3MzE1NzA0M2MzNGZkMjZmZDQ2OjkyNDMkYTRjMDYyMzBlNDhjOGZjZTdiZTg4YTA3NGEzYmIzZTA6OTI0NA=="
39
+ "cloud_id" => "sample:dXMtY2VudHJhbDEuZ2NwLmNsb3VkLmVzLmlvJGFjMzFlYmI5MDI0MTc3MzE1NzA0M2MzNGZkMjZmZDQ2OjkyNDMkYTRjMDYyMzBlNDhjOGZjZTdiZTg4YTA3NGEzYmIzZTA6OTI0NA==",
40
+ "query" => "*"
40
41
  }}
41
42
 
42
43
  it "should not infer the ssl_enabled value" do
@@ -82,7 +83,8 @@ describe "SSL options" do
82
83
 
83
84
  context "and cloud_id resolved host is https" do
84
85
  let(:settings) {{
85
- "cloud_id" => "sample:dXMtY2VudHJhbDEuZ2NwLmNsb3VkLmVzLmlvJGFjMzFlYmI5MDI0MTc3MzE1NzA0M2MzNGZkMjZmZDQ2OjkyNDMkYTRjMDYyMzBlNDhjOGZjZTdiZTg4YTA3NGEzYmIzZTA6OTI0NA=="
86
+ "cloud_id" => "sample:dXMtY2VudHJhbDEuZ2NwLmNsb3VkLmVzLmlvJGFjMzFlYmI5MDI0MTc3MzE1NzA0M2MzNGZkMjZmZDQ2OjkyNDMkYTRjMDYyMzBlNDhjOGZjZTdiZTg4YTA3NGEzYmIzZTA6OTI0NA==",
87
+ "query" => "*"
86
88
  }}
87
89
 
88
90
  it "should infer the ssl_enabled value to false" do
@@ -122,7 +124,7 @@ describe "SSL options" do
122
124
 
123
125
  it "should pass the flag to the ES client" do
124
126
  expect(::Elasticsearch::Client).to receive(:new) do |args|
125
- expect(args[:ssl]).to match hash_including(:enabled => true, :verify => :strict)
127
+ expect(args[:ssl]).to match hash_including(:enabled => true, :verify => :default)
126
128
  end.and_return(es_client_double)
127
129
 
128
130
  subject.register
@@ -199,7 +201,7 @@ describe "SSL options" do
199
201
  :truststore => ssl_truststore_path,
200
202
  :truststore_type => "jks",
201
203
  :truststore_password => "foo",
202
- :verify => :strict,
204
+ :verify => :default,
203
205
  :cipher_suites => ["TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"],
204
206
  :protocols => ["TLSv1.3"],
205
207
  )
@@ -235,7 +237,7 @@ describe "SSL options" do
235
237
  :ca_file => ssl_certificate_authorities_path,
236
238
  :client_cert => ssl_certificate_path,
237
239
  :client_key => ssl_key_path,
238
- :verify => :strict,
240
+ :verify => :default,
239
241
  :cipher_suites => ["TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"],
240
242
  :protocols => ["TLSv1.3"],
241
243
  )
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-filter-elasticsearch
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.15.0
4
+ version: 3.15.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Elastic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-03-10 00:00:00.000000000 Z
11
+ date: 2023-07-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -195,7 +195,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
195
195
  - !ruby/object:Gem::Version
196
196
  version: '0'
197
197
  requirements: []
198
- rubygems_version: 3.1.6
198
+ rubygems_version: 3.2.33
199
199
  signing_key:
200
200
  specification_version: 4
201
201
  summary: Copies fields from previous log events in Elasticsearch to current events