logstash-input-beats 6.2.5-java → 6.3.1-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -0
- data/README.md +8 -1
- data/VERSION +1 -1
- data/docs/index.asciidoc +15 -7
- data/lib/logstash/inputs/beats/message_listener.rb +2 -2
- data/lib/logstash/inputs/beats/tls.rb +2 -1
- data/lib/logstash-input-beats_jars.rb +1 -1
- data/lib/tasks/test.rake +2 -2
- data/spec/inputs/beats/tls_spec.rb +2 -2
- data/spec/integration/filebeat_spec.rb +29 -1
- data/spec/support/file_helpers.rb +1 -1
- data/vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/6.3.1/logstash-input-beats-6.3.1.jar +0 -0
- metadata +3 -3
- data/vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/6.2.5/logstash-input-beats-6.2.5.jar +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: eeb3630816005a9bf63f0a831957db5524bc6034e70d540468e9c06471a86c92
|
|
4
|
+
data.tar.gz: 8e9c847d79438cd87c4aed76c0d083453d3a4ae165b0bb8954a6ae63810ec7d0
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3e395b1889ebb19ad169ac91049a4de6a8a4254012de7ee2be6161d080fc02e50fe89c0631ce2c053235870c31a708d15306000a68d32c06c6875c69632c94be
|
|
7
|
+
data.tar.gz: 0bbcea2692c569d98c418259dc3c2be32a4ab6b83a8466f7c10f07e1ac7ee3a134125a649c54c59cbe472d6cfe138af24a2aaa39d647629245e4f26749c94369
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,12 @@
|
|
|
1
|
+
## 6.3.1
|
|
2
|
+
- Fix: Removed use of deprecated `import` of java classes in ruby [#449](https://github.com/logstash-plugins/logstash-input-beats/pull/449)
|
|
3
|
+
|
|
4
|
+
## 6.3.0
|
|
5
|
+
- Added support for TLSv1.3. [#447](https://github.com/logstash-plugins/logstash-input-beats/pull/447)
|
|
6
|
+
|
|
7
|
+
## 6.2.6
|
|
8
|
+
- Update guidance regarding the private key format and encoding [#445](https://github.com/logstash-plugins/logstash-input-beats/pull/445)
|
|
9
|
+
|
|
1
10
|
## 6.2.5
|
|
2
11
|
- Build: do not package log4j-api dependency [#441](https://github.com/logstash-plugins/logstash-input-beats/pull/441).
|
|
3
12
|
Logstash provides the log4j framework and the dependency is not needed except testing and compiling.
|
data/README.md
CHANGED
|
@@ -45,6 +45,13 @@ bundle install
|
|
|
45
45
|
bundle exec rspec
|
|
46
46
|
```
|
|
47
47
|
|
|
48
|
+
- Run integration tests
|
|
49
|
+
|
|
50
|
+
```sh
|
|
51
|
+
bundle exec rake test:integration:setup
|
|
52
|
+
bundle exec rspec spec --tag integration -fd
|
|
53
|
+
```
|
|
54
|
+
|
|
48
55
|
### 2. Running your unpublished Plugin in Logstash
|
|
49
56
|
|
|
50
57
|
#### 2.1 Run in a local Logstash clone
|
|
@@ -95,4 +102,4 @@ Programming is not a required skill. Whatever you've seen about open source and
|
|
|
95
102
|
|
|
96
103
|
It is more important to the community that you are able to contribute.
|
|
97
104
|
|
|
98
|
-
For more information about contributing, see the [CONTRIBUTING](https://github.com/elastic/logstash/blob/master/CONTRIBUTING.md) file.
|
|
105
|
+
For more information about contributing, see the [CONTRIBUTING](https://github.com/elastic/logstash/blob/master/CONTRIBUTING.md) file.
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
6.
|
|
1
|
+
6.3.1
|
data/docs/index.asciidoc
CHANGED
|
@@ -199,9 +199,12 @@ Flag to determine whether to add `host` field to event using the value supplied
|
|
|
199
199
|
===== `cipher_suites`
|
|
200
200
|
|
|
201
201
|
* Value type is <<array,array>>
|
|
202
|
-
* Default value is `java.lang.String[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]@459cfcca`
|
|
202
|
+
* Default value is `java.lang.String[TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]@459cfcca`
|
|
203
203
|
|
|
204
204
|
The list of ciphers suite to use, listed by priorities.
|
|
205
|
+
This default list applies for OpenJDK 11.0.14 and higher.
|
|
206
|
+
For older JDK versions, the default list includes only suites supported by that version.
|
|
207
|
+
For example, the ChaCha20 family of ciphers is not supported in older versions.
|
|
205
208
|
|
|
206
209
|
[id="plugins-{type}s-{plugin}-client_inactivity_timeout"]
|
|
207
210
|
===== `client_inactivity_timeout`
|
|
@@ -313,8 +316,14 @@ Time in milliseconds for an incomplete ssl handshake to timeout
|
|
|
313
316
|
* There is no default value for this setting.
|
|
314
317
|
|
|
315
318
|
SSL key to use.
|
|
316
|
-
|
|
317
|
-
|
|
319
|
+
This key must be in the PKCS8 format and PEM encoded.
|
|
320
|
+
You can use the https://www.openssl.org/docs/man1.1.1/man1/openssl-pkcs8.html[openssl pkcs8] command to complete the conversion.
|
|
321
|
+
For example, the command to convert a PEM encoded PKCS1 private key to a PEM encoded, non-encrypted PKCS8 key is:
|
|
322
|
+
|
|
323
|
+
[source,sh]
|
|
324
|
+
-----
|
|
325
|
+
openssl pkcs8 -inform PEM -in path/to/logstash.key -topk8 -nocrypt -outform PEM -out path/to/logstash.pkcs8.key
|
|
326
|
+
-----
|
|
318
327
|
|
|
319
328
|
[id="plugins-{type}s-{plugin}-ssl_key_passphrase"]
|
|
320
329
|
===== `ssl_key_passphrase`
|
|
@@ -354,10 +363,10 @@ This option is only valid when `ssl_verify_mode` is set to `peer` or `force_peer
|
|
|
354
363
|
===== `tls_max_version`
|
|
355
364
|
|
|
356
365
|
* Value type is <<number,number>>
|
|
357
|
-
* Default value is `1.
|
|
366
|
+
* Default value is `1.3`
|
|
358
367
|
|
|
359
368
|
The maximum TLS version allowed for the encrypted connections. The value must be the one of the following:
|
|
360
|
-
1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2
|
|
369
|
+
1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLS 1.3
|
|
361
370
|
|
|
362
371
|
[id="plugins-{type}s-{plugin}-tls_min_version"]
|
|
363
372
|
===== `tls_min_version`
|
|
@@ -366,7 +375,7 @@ The maximum TLS version allowed for the encrypted connections. The value must be
|
|
|
366
375
|
* Default value is `1`
|
|
367
376
|
|
|
368
377
|
The minimum TLS version allowed for the encrypted connections. The value must be one of the following:
|
|
369
|
-
1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2
|
|
378
|
+
1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLS 1.3
|
|
370
379
|
|
|
371
380
|
|
|
372
381
|
|
|
@@ -374,4 +383,3 @@ The minimum TLS version allowed for the encrypted connections. The value must be
|
|
|
374
383
|
include::{include_path}/{type}.asciidoc[]
|
|
375
384
|
|
|
376
385
|
:default_codec!:
|
|
377
|
-
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
# encoding: utf-8
|
|
2
2
|
require "thread_safe"
|
|
3
3
|
require "logstash-input-beats_jars"
|
|
4
|
-
|
|
5
|
-
|
|
4
|
+
java_import "javax.net.ssl.SSLPeerUnverifiedException"
|
|
5
|
+
java_import "org.logstash.beats.MessageListener"
|
|
6
6
|
|
|
7
7
|
module LogStash module Inputs class Beats
|
|
8
8
|
class MessageListener
|
|
@@ -7,4 +7,4 @@ require_jar('com.fasterxml.jackson.core', 'jackson-core', '2.9.10')
|
|
|
7
7
|
require_jar('com.fasterxml.jackson.core', 'jackson-annotations', '2.9.10')
|
|
8
8
|
require_jar('com.fasterxml.jackson.core', 'jackson-databind', '2.9.10.8')
|
|
9
9
|
require_jar('com.fasterxml.jackson.module', 'jackson-module-afterburner', '2.9.10')
|
|
10
|
-
require_jar('org.logstash.beats', 'logstash-input-beats', '6.
|
|
10
|
+
require_jar('org.logstash.beats', 'logstash-input-beats', '6.3.1')
|
data/lib/tasks/test.rake
CHANGED
|
@@ -4,9 +4,9 @@ VENDOR_PATH = File.expand_path(File.join(File.dirname(__FILE__), "..", "..", "ve
|
|
|
4
4
|
|
|
5
5
|
#TODO: Figure out better means to keep this version in sync
|
|
6
6
|
if OS_PLATFORM == "linux"
|
|
7
|
-
FILEBEAT_URL = "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.
|
|
7
|
+
FILEBEAT_URL = "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.6.0-linux-x86_64.tar.gz"
|
|
8
8
|
elsif OS_PLATFORM == "darwin"
|
|
9
|
-
FILEBEAT_URL = "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-6.
|
|
9
|
+
FILEBEAT_URL = "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-7.6.0-darwin-x86_64.tar.gz"
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
LSF_URL = "https://download.elastic.co/logstash-forwarder/binaries/logstash-forwarder_#{OS_PLATFORM}_amd64"
|
|
@@ -10,8 +10,8 @@ describe LogStash::Inputs::Beats::TLS do
|
|
|
10
10
|
end
|
|
11
11
|
|
|
12
12
|
it "returns the maximum supported tls" do
|
|
13
|
-
expect(subject.max.version).to eq(1.
|
|
14
|
-
expect(subject.max.name).to eq("TLSv1.
|
|
13
|
+
expect(subject.max.version).to eq(1.3)
|
|
14
|
+
expect(subject.max.name).to eq("TLSv1.3")
|
|
15
15
|
end
|
|
16
16
|
|
|
17
17
|
describe ".get_supported" do
|
|
@@ -37,7 +37,7 @@ describe "Filebeat", :integration => true do
|
|
|
37
37
|
let(:filebeat_config) do
|
|
38
38
|
{
|
|
39
39
|
"filebeat" => {
|
|
40
|
-
"
|
|
40
|
+
"inputs" => [{ "paths" => [log_file], "type" => "log" }],
|
|
41
41
|
"scan_frequency" => "1s"
|
|
42
42
|
},
|
|
43
43
|
"output" => {
|
|
@@ -174,6 +174,34 @@ describe "Filebeat", :integration => true do
|
|
|
174
174
|
end
|
|
175
175
|
end
|
|
176
176
|
|
|
177
|
+
context "with TLSv1.3 client" do
|
|
178
|
+
let(:filebeat_config) do
|
|
179
|
+
super().merge({
|
|
180
|
+
"output" => {
|
|
181
|
+
"logstash" => {
|
|
182
|
+
"hosts" => ["#{host}:#{port}"],
|
|
183
|
+
"ssl" => {
|
|
184
|
+
"certificate_authorities" => certificate_authorities,
|
|
185
|
+
"versions" => ["TLSv1.3"],
|
|
186
|
+
}
|
|
187
|
+
}
|
|
188
|
+
},
|
|
189
|
+
"logging" => { "level" => "debug" }
|
|
190
|
+
})
|
|
191
|
+
end
|
|
192
|
+
include_examples "send events"
|
|
193
|
+
|
|
194
|
+
context "when TLSv1.3 enforced in plugin" do
|
|
195
|
+
let(:input_config) {
|
|
196
|
+
super().merge({
|
|
197
|
+
"tls_min_version" => "1.3"
|
|
198
|
+
})
|
|
199
|
+
}
|
|
200
|
+
|
|
201
|
+
include_examples "send events"
|
|
202
|
+
end
|
|
203
|
+
end
|
|
204
|
+
|
|
177
205
|
# Refactor this to use Flores's PKI instead of openssl command line
|
|
178
206
|
# see: https://github.com/jordansissel/ruby-flores/issues/7
|
|
179
207
|
context "with a passphrase" do
|
|
Binary file
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-input-beats
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.3.1
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-04-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -298,7 +298,7 @@ files:
|
|
|
298
298
|
- vendor/jar-dependencies/com/fasterxml/jackson/module/jackson-module-afterburner/2.9.10/jackson-module-afterburner-2.9.10.jar
|
|
299
299
|
- vendor/jar-dependencies/io/netty/netty-all/4.1.65.Final/netty-all-4.1.65.Final.jar
|
|
300
300
|
- vendor/jar-dependencies/org/javassist/javassist/3.24.0-GA/javassist-3.24.0-GA.jar
|
|
301
|
-
- vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/6.
|
|
301
|
+
- vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/6.3.1/logstash-input-beats-6.3.1.jar
|
|
302
302
|
homepage: http://www.elastic.co/guide/en/logstash/current/index.html
|
|
303
303
|
licenses:
|
|
304
304
|
- Apache License (2.0)
|