logstash-filter-elasticsearch 3.15.0 → 3.15.2
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 64700ddd93547ed4e08abfb73028ab17f7dc6bd6d591840c622b5f7e24b3d5c3
|
|
4
|
+
data.tar.gz: 9cdf64fc9afe9a2a66c453850d2b4c0d910af5251567799bfd6612737045ba50
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 54c710f94a363bb2f8c9b1ecf450ec3397b50792fb7d4c2035a2ee7c70b347c7a41a4c8d7959bcd0eb8403a5df786bdfbebb5bb600f54a4668d6f4905d429054
|
|
7
|
+
data.tar.gz: 4f788bb3592c42fc2003e22c94c49d53272063ec2fadbe85f49e3653ba7bdfbbf81024cb34d8e81cec7f7eaf9968fc2be8fd704da5678d34eae60a3fd47d184f
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,9 @@
|
|
|
1
|
+
## 3.15.2
|
|
2
|
+
- Added checking for `query` and `query_template`. [#171](https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/171)
|
|
3
|
+
|
|
4
|
+
## 3.15.1
|
|
5
|
+
- Fixes a regression introduced in 3.15.0 which could prevent a connection from being established to Elasticsearch in some SSL configurations
|
|
6
|
+
|
|
1
7
|
## 3.15.0
|
|
2
8
|
- Added SSL settings for: [#168](https://github.com/logstash-plugins/logstash-filter-elasticsearch/pull/168)
|
|
3
9
|
- `ssl_enabled`: Enable/disable the SSL settings. If not provided, the value is inferred from the hosts scheme
|
data/docs/index.asciidoc
CHANGED
|
@@ -320,6 +320,7 @@ environment variables e.g. `proxy => '${LS_PROXY:}'`.
|
|
|
320
320
|
Elasticsearch query string. More information is available in the
|
|
321
321
|
{ref}/query-dsl-query-string-query.html#query-string-syntax[Elasticsearch query
|
|
322
322
|
string documentation].
|
|
323
|
+
Use either `query` or `query_template`.
|
|
323
324
|
|
|
324
325
|
|
|
325
326
|
[id="plugins-{type}s-{plugin}-query_template"]
|
|
@@ -330,6 +331,7 @@ string documentation].
|
|
|
330
331
|
|
|
331
332
|
File path to elasticsearch query in DSL format. More information is available in
|
|
332
333
|
the {ref}/query-dsl.html[Elasticsearch query documentation].
|
|
334
|
+
Use either `query` or `query_template`.
|
|
333
335
|
|
|
334
336
|
[id="plugins-{type}s-{plugin}-result_size"]
|
|
335
337
|
===== `result_size`
|
|
@@ -170,6 +170,7 @@ class LogStash::Filters::Elasticsearch < LogStash::Filters::Base
|
|
|
170
170
|
@query_dsl = file.read
|
|
171
171
|
end
|
|
172
172
|
|
|
173
|
+
validate_query_settings
|
|
173
174
|
fill_hosts_from_cloud_id
|
|
174
175
|
setup_ssl_params!
|
|
175
176
|
validate_authentication
|
|
@@ -317,7 +318,9 @@ class LogStash::Filters::Elasticsearch < LogStash::Filters::Base
|
|
|
317
318
|
"to make sure your data is secure set `ssl_verification_mode => full`"
|
|
318
319
|
ssl_options[:verify] = :disable
|
|
319
320
|
else
|
|
320
|
-
|
|
321
|
+
# Manticore's :default maps to Apache HTTP Client's DefaultHostnameVerifier,
|
|
322
|
+
# which is the modern STRICT verifier that replaces the deprecated StrictHostnameVerifier
|
|
323
|
+
ssl_options[:verify] = :default
|
|
321
324
|
end
|
|
322
325
|
end
|
|
323
326
|
|
|
@@ -389,6 +392,16 @@ class LogStash::Filters::Elasticsearch < LogStash::Filters::Base
|
|
|
389
392
|
hosts.is_a?(Array) && hosts.size == 1 && !original_params.key?('hosts')
|
|
390
393
|
end
|
|
391
394
|
|
|
395
|
+
def validate_query_settings
|
|
396
|
+
unless @query || @query_template
|
|
397
|
+
raise LogStash::ConfigurationError, "Both `query` and `query_template` are empty. Require either `query` or `query_template`."
|
|
398
|
+
end
|
|
399
|
+
|
|
400
|
+
if @query && @query_template
|
|
401
|
+
raise LogStash::ConfigurationError, "Both `query` and `query_template` are set. Use either `query` or `query_template`."
|
|
402
|
+
end
|
|
403
|
+
end
|
|
404
|
+
|
|
392
405
|
def validate_authentication
|
|
393
406
|
authn_options = 0
|
|
394
407
|
authn_options += 1 if @cloud_auth
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
|
|
3
3
|
s.name = 'logstash-filter-elasticsearch'
|
|
4
|
-
s.version = '3.15.
|
|
4
|
+
s.version = '3.15.2'
|
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
|
6
6
|
s.summary = "Copies fields from previous log events in Elasticsearch to current events "
|
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -15,9 +15,11 @@ describe LogStash::Filters::Elasticsearch do
|
|
|
15
15
|
|
|
16
16
|
context "registration" do
|
|
17
17
|
|
|
18
|
-
let(:plugin) { LogStash::Plugin.lookup("filter", "elasticsearch").new(
|
|
18
|
+
let(:plugin) { LogStash::Plugin.lookup("filter", "elasticsearch").new(config) }
|
|
19
19
|
|
|
20
20
|
context "against authentic Elasticsearch" do
|
|
21
|
+
let(:config) { { "query" => "*" } }
|
|
22
|
+
|
|
21
23
|
before do
|
|
22
24
|
allow(plugin).to receive(:test_connection!)
|
|
23
25
|
end
|
|
@@ -28,6 +30,7 @@ describe LogStash::Filters::Elasticsearch do
|
|
|
28
30
|
end
|
|
29
31
|
|
|
30
32
|
context "against not authentic Elasticsearch" do
|
|
33
|
+
let(:config) { { "query" => "*" } }
|
|
31
34
|
let(:failing_client) do
|
|
32
35
|
client = double("client")
|
|
33
36
|
allow(client).to receive(:ping).and_raise Elasticsearch::UnsupportedProductError
|
|
@@ -45,6 +48,19 @@ describe LogStash::Filters::Elasticsearch do
|
|
|
45
48
|
expect {plugin.register}.to raise_error(LogStash::ConfigurationError)
|
|
46
49
|
end
|
|
47
50
|
end
|
|
51
|
+
|
|
52
|
+
context "query settings" do
|
|
53
|
+
it "raise an exception when query and query_template are empty" do
|
|
54
|
+
plugin = described_class.new({})
|
|
55
|
+
expect {plugin.register}.to raise_error(LogStash::ConfigurationError)
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
it "raise an exception when query and query_template are set" do
|
|
59
|
+
config = { "query" => "*", "query_template" => File.join(File.dirname(__FILE__), "fixtures", "query_template_unicode.json") }
|
|
60
|
+
plugin = described_class.new(config)
|
|
61
|
+
expect {plugin.register}.to raise_error(LogStash::ConfigurationError)
|
|
62
|
+
end
|
|
63
|
+
end
|
|
48
64
|
end
|
|
49
65
|
|
|
50
66
|
describe "data fetch" do
|
|
@@ -594,7 +610,7 @@ describe LogStash::Filters::Elasticsearch do
|
|
|
594
610
|
|
|
595
611
|
describe "ca_trusted_fingerprint" do
|
|
596
612
|
let(:ca_trusted_fingerprint) { SecureRandom.hex(32) }
|
|
597
|
-
let(:config) { {"ssl_enabled" => true, "ca_trusted_fingerprint" => ca_trusted_fingerprint}}
|
|
613
|
+
let(:config) { {"ssl_enabled" => true, "ca_trusted_fingerprint" => ca_trusted_fingerprint, "query" => "*"}}
|
|
598
614
|
|
|
599
615
|
subject(:plugin) { described_class.new(config) }
|
|
600
616
|
|
|
@@ -633,6 +649,7 @@ describe LogStash::Filters::Elasticsearch do
|
|
|
633
649
|
'hosts' => 'https://localhost:9200',
|
|
634
650
|
'ssl_keystore_path' => keystore_path,
|
|
635
651
|
'ssl_keystore_password' => keystore_password,
|
|
652
|
+
'query' => '*'
|
|
636
653
|
}
|
|
637
654
|
end
|
|
638
655
|
|
|
@@ -663,7 +680,7 @@ describe LogStash::Filters::Elasticsearch do
|
|
|
663
680
|
|
|
664
681
|
describe "defaults" do
|
|
665
682
|
|
|
666
|
-
let(:config) {
|
|
683
|
+
let(:config) { {"query" => "*"} }
|
|
667
684
|
let(:plugin) { described_class.new(config) }
|
|
668
685
|
|
|
669
686
|
before { allow(plugin).to receive(:test_connection!) }
|
|
@@ -5,7 +5,7 @@ require "logstash/codecs/base"
|
|
|
5
5
|
describe "SSL options" do
|
|
6
6
|
let(:es_client_double) { double("Elasticsearch::Client #{self.inspect}") }
|
|
7
7
|
let(:hosts) {["localhost"]}
|
|
8
|
-
let(:settings) { { "ssl_enabled" => true, "hosts" => hosts } }
|
|
8
|
+
let(:settings) { { "ssl_enabled" => true, "hosts" => hosts, "query" => "*" } }
|
|
9
9
|
|
|
10
10
|
subject do
|
|
11
11
|
require "logstash/filters/elasticsearch"
|
|
@@ -36,7 +36,8 @@ describe "SSL options" do
|
|
|
36
36
|
context "false and cloud_id resolved host is https" do
|
|
37
37
|
let(:settings) {{
|
|
38
38
|
"ssl_enabled" => false,
|
|
39
|
-
"cloud_id" => "sample:dXMtY2VudHJhbDEuZ2NwLmNsb3VkLmVzLmlvJGFjMzFlYmI5MDI0MTc3MzE1NzA0M2MzNGZkMjZmZDQ2OjkyNDMkYTRjMDYyMzBlNDhjOGZjZTdiZTg4YTA3NGEzYmIzZTA6OTI0NA=="
|
|
39
|
+
"cloud_id" => "sample:dXMtY2VudHJhbDEuZ2NwLmNsb3VkLmVzLmlvJGFjMzFlYmI5MDI0MTc3MzE1NzA0M2MzNGZkMjZmZDQ2OjkyNDMkYTRjMDYyMzBlNDhjOGZjZTdiZTg4YTA3NGEzYmIzZTA6OTI0NA==",
|
|
40
|
+
"query" => "*"
|
|
40
41
|
}}
|
|
41
42
|
|
|
42
43
|
it "should not infer the ssl_enabled value" do
|
|
@@ -82,7 +83,8 @@ describe "SSL options" do
|
|
|
82
83
|
|
|
83
84
|
context "and cloud_id resolved host is https" do
|
|
84
85
|
let(:settings) {{
|
|
85
|
-
"cloud_id" => "sample:dXMtY2VudHJhbDEuZ2NwLmNsb3VkLmVzLmlvJGFjMzFlYmI5MDI0MTc3MzE1NzA0M2MzNGZkMjZmZDQ2OjkyNDMkYTRjMDYyMzBlNDhjOGZjZTdiZTg4YTA3NGEzYmIzZTA6OTI0NA=="
|
|
86
|
+
"cloud_id" => "sample:dXMtY2VudHJhbDEuZ2NwLmNsb3VkLmVzLmlvJGFjMzFlYmI5MDI0MTc3MzE1NzA0M2MzNGZkMjZmZDQ2OjkyNDMkYTRjMDYyMzBlNDhjOGZjZTdiZTg4YTA3NGEzYmIzZTA6OTI0NA==",
|
|
87
|
+
"query" => "*"
|
|
86
88
|
}}
|
|
87
89
|
|
|
88
90
|
it "should infer the ssl_enabled value to false" do
|
|
@@ -122,7 +124,7 @@ describe "SSL options" do
|
|
|
122
124
|
|
|
123
125
|
it "should pass the flag to the ES client" do
|
|
124
126
|
expect(::Elasticsearch::Client).to receive(:new) do |args|
|
|
125
|
-
expect(args[:ssl]).to match hash_including(:enabled => true, :verify => :
|
|
127
|
+
expect(args[:ssl]).to match hash_including(:enabled => true, :verify => :default)
|
|
126
128
|
end.and_return(es_client_double)
|
|
127
129
|
|
|
128
130
|
subject.register
|
|
@@ -199,7 +201,7 @@ describe "SSL options" do
|
|
|
199
201
|
:truststore => ssl_truststore_path,
|
|
200
202
|
:truststore_type => "jks",
|
|
201
203
|
:truststore_password => "foo",
|
|
202
|
-
:verify => :
|
|
204
|
+
:verify => :default,
|
|
203
205
|
:cipher_suites => ["TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"],
|
|
204
206
|
:protocols => ["TLSv1.3"],
|
|
205
207
|
)
|
|
@@ -235,7 +237,7 @@ describe "SSL options" do
|
|
|
235
237
|
:ca_file => ssl_certificate_authorities_path,
|
|
236
238
|
:client_cert => ssl_certificate_path,
|
|
237
239
|
:client_key => ssl_key_path,
|
|
238
|
-
:verify => :
|
|
240
|
+
:verify => :default,
|
|
239
241
|
:cipher_suites => ["TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"],
|
|
240
242
|
:protocols => ["TLSv1.3"],
|
|
241
243
|
)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-filter-elasticsearch
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.15.
|
|
4
|
+
version: 3.15.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-07-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -195,7 +195,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
195
195
|
- !ruby/object:Gem::Version
|
|
196
196
|
version: '0'
|
|
197
197
|
requirements: []
|
|
198
|
-
rubygems_version: 3.
|
|
198
|
+
rubygems_version: 3.2.33
|
|
199
199
|
signing_key:
|
|
200
200
|
specification_version: 4
|
|
201
201
|
summary: Copies fields from previous log events in Elasticsearch to current events
|