RubyGems - logstash-input-beats - Versions diffs - 6.9.4-java → 7.0.0-java - Mend

logstash-input-beats 6.9.4-java → 7.0.0-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cf46020a995a77beb65e7dad4578fe2c69dfa192096ce8f2ecf5b6884e55bd08
-  data.tar.gz: 11e442993264268537955000a3ba2b3027c5a9b1c973950e4777843e4af0cbaa
+  metadata.gz: 0f99bdf1800764220d652953474bd4b98195cca6dec131e73fdbfdfae37c7d86
+  data.tar.gz: 3bafe83e5f676a384f2c7ecc473a600b922d31e6a3f1f6c3e9b3c6b4008f73da
 SHA512:
-  metadata.gz: '078bf0168fe22b661ee04c73aaf6592af059468490f3eb97ee8951c163703096557e28cbefe58746703ea80b177481ae03b9ec5b47301223ce8145c2ba1f59a0'
-  data.tar.gz: d31c2ee149daf90a08b200da0d1b84e17e4f33144aae7c8d32d2e1af8f203ebbd2961e8feb4f88e060c552b536c892bd87cc053c4296acaf4f58ab2361c28572
+  metadata.gz: 4d7ad1989c834ef2b9230904b0cf4bf19e168de73db12a7e06ea1a90edc546c4823b32cb823f68ee815740760716d315537c682adb91b7d5ab8b18b3d251f3c0
+  data.tar.gz: 709f7c0e404c009390fc94468ebdaa55a9cba2b702e2cf38b294ac81f00e2c227fd4242838a70bdd3e3b33236a45d16dd0177c08756e8075a503864f95acd52b

data/CHANGELOG.md CHANGED Viewed

@@ -1,11 +1,14 @@
-## 6.9.4
-  - Upgrade netty to 4.1.126 [#518](https://github.com/logstash-plugins/logstash-input-beats/pull/518)
-## 6.9.3
-  - Upgrade netty to 4.1.118 [#514](https://github.com/logstash-plugins/logstash-input-beats/pull/514)
-## 6.9.2
-  - Name netty threads according to their purpose and the plugin id [#511](https://github.com/logstash-plugins/logstash-input-beats/pull/511)
+## 7.0.0
+  - Remove deprecated SSL settings
+  - SSL settings that were marked deprecated in version `6.6.0` are now marked obsolete, and will prevent the plugin from starting.
+  - These settings are:
+    - `cipher_suites`, replaced by `ssl_cipher_suites`
+    - `ssl`, replaced by `ssl_enabled`
+    - `ssl_peer_metadata`, replaced by `enrich`
+    - `ssl_verify_mode`, replaced by `ssl_client_authentication`
+    - `tls_max_version`, replaced by `ssl_supported_protocols`
+    - `tls_min_version`, replaced by `ssl_supported_protocols`
+    - [#508](https://github.com/logstash-plugins/logstash-input-beats/pull/508)
 ## 6.9.1
   - Upgrade netty to 4.1.115 [#507](https://github.com/logstash-plugins/logstash-input-beats/pull/507)

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 6.9.4
1	+ 7.0.0

data/docs/index.asciidoc CHANGED Viewed

@@ -209,11 +209,13 @@ e|N/A
 This plugin supports the following configuration options plus the <<plugins-{type}s-{plugin}-common-options>> described later.
+NOTE: As of version `7.0.0` of this plugin, a number of previously deprecated settings related to SSL have been removed.
+Please check out <<plugins-{type}s-{plugin}-obsolete-options>> for details.
 [cols="<,<,<",options="header",]
 |=======================================================================
 |Setting |Input type|Required
 | <<plugins-{type}s-{plugin}-add_hostname>> |<<boolean,boolean>>|__Deprecated__
-| <<plugins-{type}s-{plugin}-cipher_suites>> |<<array,array>>|__Deprecated__
 | <<plugins-{type}s-{plugin}-client_inactivity_timeout>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-ecs_compatibility>> | <<string,string>>|No
 | <<plugins-{type}s-{plugin}-enrich>> |<<string,string>>|No
@@ -222,7 +224,6 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-host>> |<<string,string>>|No
 | <<plugins-{type}s-{plugin}-include_codec_tag>> |<<boolean,boolean>>|__Deprecated__
 | <<plugins-{type}s-{plugin}-port>> |<<number,number>>|Yes
-| <<plugins-{type}s-{plugin}-ssl>> |<<boolean,boolean>>|__Deprecated__
 | <<plugins-{type}s-{plugin}-ssl_certificate>> |a valid filesystem path|No
 | <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> |<<array,array>>|No
 | <<plugins-{type}s-{plugin}-ssl_cipher_suites>> |<<array,array>>|No
@@ -231,11 +232,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
 | <<plugins-{type}s-{plugin}-ssl_handshake_timeout>> |<<number,number>>|No
 | <<plugins-{type}s-{plugin}-ssl_key>> |a valid filesystem path|No
 | <<plugins-{type}s-{plugin}-ssl_key_passphrase>> |<<password,password>>|No
-| <<plugins-{type}s-{plugin}-ssl_peer_metadata>> |<<boolean,boolean>>|__Deprecated__
 | <<plugins-{type}s-{plugin}-ssl_supported_protocols>> |<<array,array>>|No
-| <<plugins-{type}s-{plugin}-ssl_verify_mode>> |<<string,string>>, one of `["none", "peer", "force_peer"]`|__Deprecated__
-| <<plugins-{type}s-{plugin}-tls_max_version>> |<<number,number>>|__Deprecated__
-| <<plugins-{type}s-{plugin}-tls_min_version>> |<<number,number>>|__Deprecated__
 |=======================================================================
 Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
@@ -253,14 +250,6 @@ input plugins.
 Flag to determine whether to add `host` field to event using the value supplied by the {plugin-singular} in the `hostname` field.
-[id="plugins-{type}s-{plugin}-cipher_suites"]
-===== `cipher_suites`
-deprecated[6.4.0, Replaced by <<plugins-{type}s-{plugin}-ssl_cipher_suites>>]
-  * Value type is <<array,array>>
-The list of cipher suites to use, listed by priorities.
 [id="plugins-{type}s-{plugin}-client_inactivity_timeout"]
 ===== `client_inactivity_timeout`
@@ -399,17 +388,6 @@ deprecated[6.5.0, Replaced by <<plugins-{type}s-{plugin}-enrich>>]
 The port to listen on.
-[id="plugins-{type}s-{plugin}-ssl"]
-===== `ssl`
-deprecated[6.6.0, Replaced by <<plugins-{type}s-{plugin}-ssl_enabled>>]
-  * Value type is <<boolean,boolean>>
-  * Default value is `false`
-Events are by default sent in plain text. You can
-enable encryption by setting `ssl` to true and configuring
-the `ssl_certificate` and `ssl_key` options.
 [id="plugins-{type}s-{plugin}-ssl_certificate"]
 ===== `ssl_certificate`
@@ -497,18 +475,6 @@ openssl pkcs8 -inform PEM -in path/to/logstash.key -topk8 -nocrypt -outform PEM
 SSL key passphrase to use.
-[id="plugins-{type}s-{plugin}-ssl_peer_metadata"]
-===== `ssl_peer_metadata`
-deprecated[6.5.0, Replaced by <<plugins-{type}s-{plugin}-enrich>>]
-  * Value type is <<boolean,boolean>>
-  * Default value is `false`
-Enables storing client certificate information in event's metadata.
-This option is only valid when <<plugins-{type}s-{plugin}-ssl_client_authentication>> is set to `optional` or `required`.
 [id="plugins-{type}s-{plugin}-ssl_supported_protocols"]
 ===== `ssl_supported_protocols`
@@ -526,45 +492,23 @@ NOTE: If you configure the plugin to use `'TLSv1.1'` on any recent JVM, such as
 the protocol is disabled by default and needs to be enabled manually by changing `jdk.tls.disabledAlgorithms` in
 the *$JDK_HOME/conf/security/java.security* configuration file. That is, `TLSv1.1` needs to be removed from the list.
-[id="plugins-{type}s-{plugin}-ssl_verify_mode"]
-===== `ssl_verify_mode`
-deprecated[6.6.0, Replaced by <<plugins-{type}s-{plugin}-ssl_client_authentication>>]
-  * Value can be any of: `none`, `peer`, `force_peer`
-  * Default value is `"none"`
-By default, the server doesn't do any client verification. If the <<plugins-{type}s-{plugin}-ssl_certificate_authorities>>
-is configured, and no value or `none` is provided for this option, it defaults to `force_peer` instead of `none`.
-`peer` will make the server ask the client to provide a certificate.
-If the client provides a certificate, it will be validated.
-`force_peer` will make the server ask the client to provide a certificate.
-If the client doesn't provide a certificate, the connection will be closed.
+[id="plugins-{type}s-{plugin}-obsolete-options"]
+==== Beats Input Obsolete Configuration Options
-When mutual TLS is enabled (`peer` or `force_peer`), the certificate presented by the client must be signed by trusted
-<<plugins-{type}s-{plugin}-ssl_certificate_authorities>> (CAs).
-Please note that the server does not validate the client certificate CN (Common Name) or SAN (Subject Alternative Name).
-NOTE: This setting can be used only if <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> is set.
+WARNING: As of version `7.0.0` of this plugin, some configuration options have been replaced.
+The plugin will fail to start if it contains any of these obsolete options.
-[id="plugins-{type}s-{plugin}-tls_max_version"]
-===== `tls_max_version`
-deprecated[6.4.0, Replaced by <<plugins-{type}s-{plugin}-ssl_supported_protocols>>]
-  * Value type is <<number,number>>
-The maximum TLS version allowed for the encrypted connections.
-The value must be the one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLSv1.3
-[id="plugins-{type}s-{plugin}-tls_min_version"]
-===== `tls_min_version`
-deprecated[6.4.0, Replaced by <<plugins-{type}s-{plugin}-ssl_supported_protocols>>]
-  * Value type is <<number,number>>
-The minimum TLS version allowed for the encrypted connections.
-The value must be one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLS 1.3
+[cols="<,<",options="header",]
+|=======================================================================
+|Setting|Replaced by
+| cipher_suites |<<plugins-{type}s-{plugin}-ssl_cipher_suites>>
+| ssl |<<plugins-{type}s-{plugin}-ssl_enabled>>
+| ssl_peer_metadata |<<plugins-{type}s-{plugin}-enrich>>
+| ssl_verify_mode |<<plugins-{type}s-{plugin}-ssl_client_authentication>>
+| tls_max_version |<<plugins-{type}s-{plugin}-ssl_supported_protocols>>
+| tls_min_version |<<plugins-{type}s-{plugin}-ssl_supported_protocols>>
+|=======================================================================
 [id="plugins-{type}s-{plugin}-common-options"]

data/lib/logstash/inputs/beats.rb CHANGED Viewed

@@ -7,7 +7,6 @@ require "logstash/util"
 require "logstash-input-beats_jars"
 require "logstash/plugin_mixins/ecs_compatibility_support"
 require 'logstash/plugin_mixins/plugin_factory_support'
-require "logstash/plugin_mixins/normalize_config_support"
 require 'logstash/plugin_mixins/event_support/event_factory_adapter'
 require_relative "beats/patch"
@@ -51,7 +50,6 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   require "logstash/inputs/beats/decoded_event_transform"
   require "logstash/inputs/beats/raw_event_transform"
   require "logstash/inputs/beats/message_listener"
-  require "logstash/inputs/beats/tls"
   java_import 'org.logstash.netty.SslContextBuilder'
@@ -62,8 +60,6 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   include LogStash::PluginMixins::PluginFactorySupport
-  include LogStash::PluginMixins::NormalizeConfigSupport
   config_name "beats"
   default :codec, "plain"
@@ -74,11 +70,6 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   # The port to listen on.
   config :port, :validate => :number, :required => true
-  # Events are by default sent in plain text. You can
-  # enable encryption by setting `ssl` to true and configuring
-  # the `ssl_certificate` and `ssl_key` options.
-  config :ssl, :validate => :boolean, :default => false, :deprecated => "Use 'ssl_enabled' instead."
   # SSL certificate to use.
   config :ssl_certificate, :validate => :path
@@ -97,8 +88,8 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   # Validate client certificates against these authorities.
   # You can define multiple files or paths. All the certificates will
-  # be read and added to the trust store. You need to configure the `ssl_verify_mode`
-  # to `peer` or `force_peer` to enable the verification.
+  # be read and added to the trust store. You need to configure the `ssl_client_authentication`
+  # to `optional` or `required` to enable the client verification.
   #
   config :ssl_certificate_authorities, :validate => :array, :default => []
@@ -110,21 +101,6 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   # This option needs to be used with `ssl_certificate_authorities` and a defined list of CAs.
   config :ssl_client_authentication, :validate => %w[none optional required], :default => 'none'
-  # By default the server doesn't do any client verification.
-  #
-  # `peer` will make the server ask the client to provide a certificate.
-  # If the client provides a certificate, it will be validated.
-  #
-  # `force_peer` will make the server ask the client to provide a certificate.
-  # If the client doesn't provide a certificate, the connection will be closed.
-  #
-  # This option needs to be used with `ssl_certificate_authorities` and a defined list of CAs.
-  config :ssl_verify_mode, :validate => ["none", "peer", "force_peer"], :default => "none", :deprecated => "Set 'ssl_client_authentication' instead."
-  # Enables storing client certificate information in event's metadata. You need
-  # to configure the `ssl_verify_mode` to `peer` or `force_peer` to enable this.
-  config :ssl_peer_metadata, :validate => :boolean, :default => false, :deprecated => "use `enrich` option to configure which enrichments to perform"
   config :include_codec_tag, :validate => :boolean, :default => true, :deprecated => "use `enrich` option to configure which enrichments to perform"
   # Time in milliseconds for an incomplete ssl handshake to timeout
@@ -148,21 +124,18 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   # Flag to determine whether to add host information (provided by the beat in the 'hostname' field) to the event
   config :add_hostname, :validate => :boolean, :default => false, :deprecated => 'This option will be removed in the future as beats determine the event schema'
-  # The list of ciphers suite to use, listed by priorities.
-  config :cipher_suites, :validate => :array, :default => [], :deprecated => "Set 'ssl_cipher_suites' instead."
-  # The minimum TLS version allowed for the encrypted connections. The value must be one of the following:
-  # 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2
-  config :tls_min_version, :validate => :number, :default => TLS.min.version, :deprecated => "Set 'ssl_supported_protocols' instead."
-  # The maximum TLS version allowed for the encrypted connections. The value must be the one of the following:
-  # 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2
-  config :tls_max_version, :validate => :number, :default => TLS.max.version, :deprecated => "Set 'ssl_supported_protocols' instead."
+  # removed options
+  config :ssl,                :obsolete => "Use 'ssl_enabled' instead."
+  config :ssl_peer_metadata,  :obsolete => "Use 'enrich' instead."
+  config :ssl_verify_mode,    :obsolete => "Use 'ssl_client_authentication' instead."
+  config :cipher_suites,      :obsolete => "Use 'ssl_cipher_suites' instead."
+  config :tls_min_version,    :obsolete => "Use 'ssl_supported_protocols' instead."
+  config :tls_max_version,    :obsolete => "Use 'ssl_supported_protocols' instead."
   ENRICH_DEFAULTS = {
     'source_metadata'   => true,
     'codec_metadata'    => true,
-    'ssl_peer_metadata' => false,
+    'ssl_peer_metadata' => false, # adds client certificate information in event's metadata
   }.freeze
   ENRICH_ALL = ENRICH_DEFAULTS.keys.freeze
@@ -174,29 +147,16 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   attr_reader :field_hostname, :field_hostip
   attr_reader :field_tls_protocol_version, :field_tls_peer_subject, :field_tls_cipher
+  attr_reader :include_ssl_peer_metadata
   attr_reader :include_source_metadata
-  NON_PREFIXED_SSL_CONFIGS = Set[
-    'tls_min_version',
-    'tls_max_version',
-    'cipher_suites',
-  ].freeze
   SSL_CLIENT_AUTH_NONE = 'none'.freeze
   SSL_CLIENT_AUTH_OPTIONAL = 'optional'.freeze
   SSL_CLIENT_AUTH_REQUIRED = 'required'.freeze
-  SSL_VERIFY_MODE_TO_CLIENT_AUTHENTICATION_MAP = {
-    'none' => SSL_CLIENT_AUTH_NONE,
-    'peer' => SSL_CLIENT_AUTH_OPTIONAL,
-    'force_peer' => SSL_CLIENT_AUTH_REQUIRED
-  }.freeze
   private_constant :SSL_CLIENT_AUTH_NONE
   private_constant :SSL_CLIENT_AUTH_OPTIONAL
   private_constant :SSL_CLIENT_AUTH_REQUIRED
-  private_constant :NON_PREFIXED_SSL_CONFIGS
-  private_constant :SSL_VERIFY_MODE_TO_CLIENT_AUTHENTICATION_MAP
   def register
     # For Logstash 2.4 we need to make sure that the logger is correctly set for the
@@ -208,15 +168,13 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
       LogStash::Logger.setup_log4j(@logger)
     end
-    setup_ssl_params!
     validate_ssl_config!
     active_enrichments = resolve_enriches
     @include_source_metadata = active_enrichments.include?('source_metadata')
+    @include_ssl_peer_metadata = active_enrichments.include?('ssl_peer_metadata')
     @include_codec_tag = original_params.include?('include_codec_tag') ? params['include_codec_tag'] : active_enrichments.include?('codec_metadata')
-    @ssl_peer_metadata = original_params.include?('ssl_peer_metadata') ? params['ssl_peer_metadata'] : active_enrichments.include?('ssl_peer_metadata')
     # intentionally ask users to provide codec when they want to use the codec metadata
     # second layer enrich is also a controller, provide enrich => ['codec_metadata' or/with 'source_metadata'] with codec if you override event original
@@ -247,7 +205,7 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   end # def register
   def create_server
-    server = org.logstash.beats.Server.new(@id, @host, @port, @client_inactivity_timeout, @event_loop_threads, @executor_threads)
+    server = org.logstash.beats.Server.new(@host, @port, @client_inactivity_timeout, @event_loop_threads, @executor_threads)
     server.setSslHandlerProvider(new_ssl_handshake_provider(new_ssl_context_builder)) if @ssl_enabled
     server
   end
@@ -275,9 +233,7 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
       return client_authentication_optional? || client_authentication_required?
     end
-    # Keep backward compatibility with the deprecated `ssl_verify_mode` until it's not removed.
-    # When it's explicitly set (or both settings are absent), it should use the ssl_certificate_authorities
-    # to enable/disable the client authentication. (even if ssl_verify_mode => none)
+    # also uses the ssl_certificate_authorities to enable/disable the client authentication
     certificate_authorities_configured?
   end
@@ -286,7 +242,7 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   end
   def client_authentication_metadata?
-    @ssl_enabled && @ssl_peer_metadata && ssl_configured? && client_authentication_enabled?
+    @ssl_enabled && @include_ssl_peer_metadata && ssl_configured? && client_authentication_enabled?
   end
   def client_authentication_required?
@@ -312,10 +268,10 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   private
   def validate_ssl_config!
-    ssl_config_name = original_params.include?('ssl') ? 'ssl' : 'ssl_enabled'
+    ssl_config_name = 'ssl_enabled'
     unless @ssl_enabled
-      ignored_ssl_settings = original_params.select { |k| k != 'ssl_enabled' && k.start_with?('ssl_') || NON_PREFIXED_SSL_CONFIGS.include?(k) }
+      ignored_ssl_settings = original_params.select { |k| k != 'ssl_enabled' && k.start_with?('ssl_') }
       @logger.warn("Configured SSL settings are not used when `#{ssl_config_name}` is set to `false`: #{ignored_ssl_settings.keys}") if ignored_ssl_settings.any?
       return
     end
@@ -329,13 +285,11 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
     end
     if require_certificate_authorities? && !certificate_authorities_configured?
-      config_name, config_value = provided_client_authentication_config
-      configuration_error "ssl_certificate_authorities => is a required setting when #{config_name} => '#{config_value}' is configured"
+      configuration_error "ssl_certificate_authorities => is a required setting when `ssl_client_authentication => '#{@ssl_client_authentication}'` is configured"
     end
     if client_authentication_metadata? && !require_certificate_authorities?
-      config_name, optional, required = provided_client_authentication_config([SSL_CLIENT_AUTH_OPTIONAL, SSL_CLIENT_AUTH_REQUIRED])
-      configuration_error "Configuring ssl_peer_metadata => true requires #{config_name} => to be configured with '#{optional}' or '#{required}'"
+      configuration_error "Configuring `enrich => [ssl_peer_metadata]` requires `ssl_client_authentication` to be configured with '#{SSL_CLIENT_AUTH_OPTIONAL}' or '#{SSL_CLIENT_AUTH_REQUIRED}'"
     end
     if original_params.include?('ssl_client_authentication') && certificate_authorities_configured? && !require_certificate_authorities?
@@ -343,43 +297,6 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
     end
   end
-  def provided_client_authentication_config(values = [@ssl_client_authentication])
-    if original_params.include?('ssl_verify_mode')
-      ['ssl_verify_mode', *values.map { |v| SSL_VERIFY_MODE_TO_CLIENT_AUTHENTICATION_MAP.key(v) }]
-    else
-      ['ssl_client_authentication', *values]
-    end
-  end
-  def setup_ssl_params!
-    @ssl_enabled = normalize_config(:ssl_enabled) do |normalizer|
-      normalizer.with_deprecated_alias(:ssl)
-    end
-    @ssl_cipher_suites = normalize_config(:ssl_cipher_suites) do |normalizer|
-      normalizer.with_deprecated_alias(:cipher_suites)
-    end
-    @ssl_supported_protocols = normalize_config(:ssl_supported_protocols) do |normalizer|
-      normalizer.with_deprecated_mapping(:tls_min_version, :tls_max_version) do |tls_min_version, tls_max_version|
-        TLS.get_supported(tls_min_version..tls_max_version).map(&:name)
-      end
-    end
-    @ssl_client_authentication = normalize_config(:ssl_client_authentication) do |normalizer|
-      normalizer.with_deprecated_mapping(:ssl_verify_mode) do |ssl_verify_mode|
-        normalized_value = SSL_VERIFY_MODE_TO_CLIENT_AUTHENTICATION_MAP[ssl_verify_mode.downcase]
-        fail(LogStash::ConfigurationError, "Unsupported value #{ssl_verify_mode} for deprecated option `ssl_verify_mode`") unless normalized_value
-        normalized_value
-      end
-    end
-    params['ssl_enabled'] = @ssl_enabled unless @ssl_enabled.nil?
-    params['ssl_cipher_suites'] = @ssl_cipher_suites unless @ssl_cipher_suites.nil?
-    params['ssl_supported_protocols'] = @ssl_supported_protocols unless @ssl_supported_protocols.nil?
-    params['ssl_client_authentication'] = @ssl_client_authentication unless @ssl_client_authentication.nil?
-  end
   def new_ssl_handshake_provider(ssl_context_builder)
     begin
       org.logstash.netty.SslHandlerProvider.new(ssl_context_builder.build_context, @ssl_handshake_timeout)
@@ -414,7 +331,6 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
     return SslContextBuilder::SslClientVerifyMode::OPTIONAL if client_authentication_optional?
     return SslContextBuilder::SslClientVerifyMode::REQUIRED if client_authentication_required?
-    # Backward compatibility with the deprecated `ssl_verify_mode` and the current `none` overrides
     if !original_params.include?('ssl_client_authentication') && certificate_authorities_configured?
       return SslContextBuilder::SslClientVerifyMode::REQUIRED
     end
@@ -444,9 +360,8 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
   end
   def resolve_enriches
-    deprecated_flags_provided = %w(ssl_peer_metadata include_codec_tag) & original_params.keys
-    if deprecated_flags_provided.any? && original_params.include?('enrich')
-      raise LogStash::ConfigurationError, "both `enrich` and (deprecated) #{deprecated_flags_provided.join(',')} were provided; use only `enrich`"
+    if original_params.include?('include_codec_tag') && original_params.include?('enrich')
+      raise LogStash::ConfigurationError, "both `enrich` and (deprecated) `include_codec_tag` were provided; use only `enrich`"
     end
     aliases_provided = ENRICH_ALIASES & (@enrich || [])

data/lib/logstash-input-beats_jars.rb CHANGED Viewed

@@ -1,11 +1,11 @@
 # AUTOGENERATED BY THE GRADLE SCRIPT. DO NOT EDIT.
 require 'jar_dependencies'
-require_jar('io.netty', 'netty-buffer', '4.1.126.Final')
-require_jar('io.netty', 'netty-codec', '4.1.126.Final')
-require_jar('io.netty', 'netty-common', '4.1.126.Final')
-require_jar('io.netty', 'netty-transport', '4.1.126.Final')
-require_jar('io.netty', 'netty-handler', '4.1.126.Final')
-require_jar('io.netty', 'netty-transport-native-unix-common', '4.1.126.Final')
+require_jar('io.netty', 'netty-buffer', '4.1.115.Final')
+require_jar('io.netty', 'netty-codec', '4.1.115.Final')
+require_jar('io.netty', 'netty-common', '4.1.115.Final')
+require_jar('io.netty', 'netty-transport', '4.1.115.Final')
+require_jar('io.netty', 'netty-handler', '4.1.115.Final')
+require_jar('io.netty', 'netty-transport-native-unix-common', '4.1.115.Final')
 require_jar('org.javassist', 'javassist', '3.24.0-GA')
-require_jar('org.logstash.beats', 'logstash-input-beats', '6.9.4')
+require_jar('org.logstash.beats', 'logstash-input-beats', '7.0.0')

data/logstash-input-beats.gemspec CHANGED Viewed

@@ -26,10 +26,10 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency "concurrent-ruby", "~> 1.0"
   s.add_runtime_dependency "thread_safe", "~> 0.3.5"
   s.add_runtime_dependency "logstash-codec-multiline", ">= 2.0.5"
+  s.add_runtime_dependency 'jar-dependencies', '~> 0.3', '>= 0.3.4'
   s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~>1.3'
   s.add_runtime_dependency 'logstash-mixin-event_support', '~>1.0'
   s.add_runtime_dependency 'logstash-mixin-plugin_factory_support', '~>1.0'
-  s.add_runtime_dependency 'logstash-mixin-normalize_config_support', '~>1.0'
   s.add_development_dependency "flores", "~>0.0.6"
   s.add_development_dependency "rspec"

data/spec/inputs/beats_spec.rb CHANGED Viewed

@@ -38,7 +38,7 @@ describe LogStash::Inputs::Beats do
       let(:port) { 9001 }
       it "sends the required options to the server" do
-        expect(org.logstash.beats.Server).to receive(:new).with(plugin.id, host, port, client_inactivity_timeout, event_loop_threads, executor_threads)
+        expect(org.logstash.beats.Server).to receive(:new).with(host, port, client_inactivity_timeout, event_loop_threads, executor_threads)
         subject.register
       end
     end
@@ -83,92 +83,14 @@ describe LogStash::Inputs::Beats do
       end
       context "with invalid ciphers" do
-        let(:config) { super().merge("cipher_suites" => "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38") }
+        let(:config) { super().merge("ssl_cipher_suites" => "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38") }
         it "should raise a configuration error" do
-          plugin = LogStash::Inputs::Beats.new(config)
-          expect( plugin.logger ).to receive(:error) do |msg, opts|
-            expect( msg ).to match /.*?configuration invalid/
-            expect( opts[:message] ).to match /TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38.*? not available/
-          end
-          expect { plugin.register }.to raise_error(LogStash::ConfigurationError)
-        end
-      end
-      context "deprecated ssl_verify_mode set to 'none'" do
-        let(:config) { super().merge("ssl_verify_mode" => "none") }
-        context "and ssl_certificate_authorities is set" do
-          let(:config) { super().merge("ssl_certificate_authorities" => [certificate.ssl_cert]) }
-          it "should ignore the ssl_verify_mode and use force_peer" do
-            plugin = LogStash::Inputs::Beats.new(config)
-            plugin.register
-            context_builder = plugin.send(:new_ssl_context_builder)
-            expect(context_builder.isClientAuthenticationRequired()).to be_truthy
-          end
+          expect { LogStash::Inputs::Beats.new(config) }.to raise_error(LogStash::ConfigurationError, a_string_including("Something is wrong with your configuration."))
         end
       end
       context "ssl_client_authentication" do
-        context "normalized from ssl_verify_mode 'none'" do
-          let(:config) { super().merge("ssl_verify_mode" => "none") }
-          it "should transform the value to 'none'" do
-            plugin = LogStash::Inputs::Beats.new(config)
-            plugin.register
-            expect(plugin.params).to match hash_including("ssl_client_authentication" => "none")
-            expect(plugin.instance_variable_get(:@ssl_client_authentication)).to eql("none")
-          end
-          context "and ssl_certificate_authorities is set" do
-            let(:config) { super().merge("ssl_certificate_authorities" => [certificate.ssl_cert]) }
-            it "should not raise an error" do
-              plugin = LogStash::Inputs::Beats.new(config)
-              expect { plugin.register }.to_not raise_error
-            end
-          end
-        end
-        context "normalized from ssl_verify_mode 'peer'" do
-          let(:config) { super().merge("ssl_verify_mode" => "peer", "ssl_certificate_authorities" => [certificate.ssl_cert]) }
-          it 'should transform the value to OPTIONAL' do
-            plugin = LogStash::Inputs::Beats.new(config)
-            plugin.register
-            expect(plugin.params).to match hash_including("ssl_client_authentication" => "optional")
-            expect(plugin.instance_variable_get(:@ssl_client_authentication)).to eql("optional")
-          end
-          context "with no ssl_certificate_authorities set " do
-            let(:config) { super().reject { |key| "ssl_certificate_authorities".eql?(key) } }
-            it "raise a configuration error" do
-              plugin = LogStash::Inputs::Beats.new(config)
-              expect {plugin.register}.to raise_error(LogStash::ConfigurationError, "ssl_certificate_authorities => is a required setting when ssl_verify_mode => 'peer' is configured")
-            end
-          end
-        end
-        context "normalized from ssl_verify_mode 'force_peer'" do
-          let(:config) { super().merge("ssl_verify_mode" => "force_peer", "ssl_certificate_authorities" => [certificate.ssl_cert]) }
-          it "should transform the value to 'required'" do
-            plugin = LogStash::Inputs::Beats.new(config)
-            plugin.register
-            expect(plugin.params).to match hash_including("ssl_client_authentication" => "required")
-            expect(plugin.instance_variable_get(:@ssl_client_authentication)).to eql("required")
-          end
-          context "with no ssl_certificate_authorities set " do
-            let(:config) { super().reject { |key| "ssl_certificate_authorities".eql?(key) } }
-            it "raise a configuration error" do
-              plugin = LogStash::Inputs::Beats.new(config)
-              expect {plugin.register}.to raise_error(LogStash::ConfigurationError, "ssl_certificate_authorities => is a required setting when ssl_verify_mode => 'force_peer' is configured")
-            end
-          end
-        end
         context "configured to 'none'" do
           let(:config) { super().merge("ssl_client_authentication" => "none") }
@@ -193,7 +115,7 @@ describe LogStash::Inputs::Beats do
           it "raise a ConfigurationError when certificate_authorities is not set" do
             plugin = LogStash::Inputs::Beats.new(config)
-            expect {plugin.register}.to raise_error(LogStash::ConfigurationError, "ssl_certificate_authorities => is a required setting when ssl_client_authentication => 'required' is configured")
+            expect {plugin.register}.to raise_error(LogStash::ConfigurationError, "ssl_certificate_authorities => is a required setting when `ssl_client_authentication => 'required'` is configured")
           end
           context "with certificate_authorities set" do
@@ -211,7 +133,7 @@ describe LogStash::Inputs::Beats do
           it "raise a ConfigurationError when certificate_authorities is not set" do
             plugin = LogStash::Inputs::Beats.new(config)
-            expect {plugin.register}.to raise_error(LogStash::ConfigurationError, "ssl_certificate_authorities => is a required setting when ssl_client_authentication => 'optional' is configured")
+            expect {plugin.register}.to raise_error(LogStash::ConfigurationError, "ssl_certificate_authorities => is a required setting when `ssl_client_authentication => 'optional'` is configured")
           end
           context "with certificate_authorities set" do
@@ -224,59 +146,10 @@ describe LogStash::Inputs::Beats do
           end
         end
-        context "with ssl_cipher_suites and cipher_suites set" do
-          let(:config) do
-            super().merge('ssl_cipher_suites' => ['TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384'],
-                          'cipher_suites' => ['TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384'])
-          end
-          it "should raise a configuration error" do
-            plugin = LogStash::Inputs::Beats.new(config)
-            expect { plugin.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_cipher_suites.?/i
-          end
-        end
-        context "with ssl_supported_protocols and tls_min_version set" do
-          let(:config) do
-            super().merge('ssl_supported_protocols' => ['TLSv1.2'], 'tls_min_version' => 1.2)
-          end
-          it "should raise a configuration error" do
-            plugin = LogStash::Inputs::Beats.new(config)
-            expect { plugin.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_supported_protocols.?/i
-          end
-        end
-        context "with ssl_supported_protocols and tls_max_version set" do
-          let(:config) do
-            super().merge('ssl_supported_protocols' => ['TLSv1.2'], 'tls_max_version' => 1.2)
-          end
-          it "should raise a configuration error" do
-            plugin = LogStash::Inputs::Beats.new(config)
-            expect { plugin.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_supported_protocols.?/i
-          end
-        end
-        context "with ssl_client_authentication and ssl_verify_mode set" do
-          let(:config) { super().merge("ssl_verify_mode" => "none", "ssl_client_authentication" => "none") }
-          it "raise a configuration error" do
-            plugin = LogStash::Inputs::Beats.new(config)
-            expect { plugin.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_client_authentication.?/i
-          end
-        end
-      end
-      context "with ssl and ssl_enabled set" do
-        let(:config) { super().merge("ssl" => true) }
-        it "raise a configuration error" do
-          plugin = LogStash::Inputs::Beats.new(config)
-          expect { plugin.register }.to raise_error LogStash::ConfigurationError, /Use only .?ssl_enabled.?/i
-        end
       end
     end
-    context "with ssl disabled" do
+    context "with SSL disabled" do
       context "and certificate configuration" do
         let(:config) { { "port" => 0, "ssl_enabled" => false, "ssl_certificate" => certificate.ssl_cert, "type" => "example", "tags" => "Beats" } }
@@ -305,11 +178,11 @@ describe LogStash::Inputs::Beats do
       end
       context "and `ssl_` settings provided" do
-        let(:config) { { "port" => 0, "ssl_enabled" => false, "ssl_certificate" => certificate.ssl_cert, "ssl_client_authentication" => "none", "cipher_suites" => ["FOO"] } }
+        let(:config) { { "port" => 0, "ssl_enabled" => false, "ssl_certificate" => certificate.ssl_cert, "ssl_client_authentication" => "none", "ssl_cipher_suites" => ["TLS_RSA_WITH_AES_128_CBC_SHA256"] } }
         it "should warn about not using the configs" do
           plugin = LogStash::Inputs::Beats.new(config)
-          expect( plugin.logger ).to receive(:warn).with('Configured SSL settings are not used when `ssl_enabled` is set to `false`: ["ssl_certificate", "ssl_client_authentication", "cipher_suites"]')
+          expect( plugin.logger ).to receive(:warn).with('Configured SSL settings are not used when `ssl_enabled` is set to `false`: ["ssl_certificate", "ssl_client_authentication", "ssl_cipher_suites"]')
           plugin.register
@@ -397,28 +270,22 @@ describe LogStash::Inputs::Beats do
       end
       shared_examples "ssl_peer_metadata enabled" do
-        it "is configured to enrich ssl_peer_metadata" do
-          expect(registered_plugin.ssl_peer_metadata).to be_truthy
+        it "is configured to include the SSL peer tag" do
+          expect(registered_plugin.include_ssl_peer_metadata).to be true
         end
       end
       shared_examples "ssl_peer_metadata disabled" do
-        it "is configured to NOT enrich ssl_peer_metadata" do
-          expect(registered_plugin.ssl_peer_metadata).to be_falsey
+        it "is configured to NOT include the SSL peer tag" do
+          expect(registered_plugin.include_ssl_peer_metadata).to be false
         end
       end
-      shared_examples "reject deprecated enrichment flags" do
-        context "with deprecated `ssl_peer_metadata`" do
-          let(:config) { super().merge("ssl_peer_metadata" => true) }
-          it 'rejects the configuration with a helpful error message' do
-            expect { plugin.register }.to raise_exception(LogStash::ConfigurationError, "both `enrich` and (deprecated) ssl_peer_metadata were provided; use only `enrich`")
-          end
-        end
+      shared_examples "reject deprecated enrichment flag" do
         context "with deprecated `include_codec_tag`" do
           let(:config) { super().merge("include_codec_tag" => false) }
           it 'rejects the configuration with a helpful error message' do
-            expect { plugin.register }.to raise_exception(LogStash::ConfigurationError, "both `enrich` and (deprecated) include_codec_tag were provided; use only `enrich`")
+            expect { plugin.register }.to raise_exception(LogStash::ConfigurationError, "both `enrich` and (deprecated) `include_codec_tag` were provided; use only `enrich`")
           end
         end
       end
@@ -429,18 +296,6 @@ describe LogStash::Inputs::Beats do
         include_examples "source_metadata enabled"
         include_examples "ssl_peer_metadata disabled"
-        # validate interaction with deprecated settings
-        context "with deprecated `ssl_peer_metadata => true`" do
-          let(:config) { super().merge("ssl_peer_metadata" => true) }
-          # intended delta
-          include_examples "ssl_peer_metadata enabled"
-          # ensure no side-effects
-          include_examples "codec_metadata enabled"
-          include_examples "source_metadata enabled"
-        end
         context "with deprecated `include_codec_tag => false`" do
           let(:config) { super().merge("include_codec_tag" => false) }
@@ -463,7 +318,7 @@ describe LogStash::Inputs::Beats do
           include_examples "source_metadata enabled"
           include_examples "ssl_peer_metadata enabled"
-          include_examples "reject deprecated enrichment flags"
+          include_examples "reject deprecated enrichment flag"
         end
         context "with alias `enrich => none`" do
@@ -473,7 +328,7 @@ describe LogStash::Inputs::Beats do
           include_examples "source_metadata disabled"
           include_examples "ssl_peer_metadata disabled"
-          include_examples "reject deprecated enrichment flags"
+          include_examples "reject deprecated enrichment flag"
         end
       end
@@ -491,7 +346,7 @@ describe LogStash::Inputs::Beats do
             include_examples "#{enrichment} #{activated.include?(enrichment) ? 'enabled' : 'disabled'}"
           end
-          include_examples "reject deprecated enrichment flags"
+          include_examples "reject deprecated enrichment flag"
         end
       end
@@ -516,8 +371,8 @@ describe LogStash::Inputs::Beats do
       super().merge(
           "host" => host,
           "ssl_enabled" => true,
-          "ssl_verify_mode" => 'force_peer',
-          "ssl_peer_metadata" => true,
+          "enrich" => ["ssl_peer_metadata"],
+          "ssl_client_authentication" => "required",
           "ssl_certificate_authorities" => [ certificate.ssl_cert ],
           "ecs_compatibility" => 'disabled'
       )
@@ -531,8 +386,8 @@ describe LogStash::Inputs::Beats do
     subject(:plugin) { LogStash::Inputs::Beats.new(config) }
     before do
-      @server = org.logstash.beats.Server.new(plugin.id, host, port, client_inactivity_timeout, event_loop_threads, executor_threads)
-      expect( org.logstash.beats.Server ).to receive(:new).with(plugin.id, host, port, client_inactivity_timeout, event_loop_threads, executor_threads).and_return @server
+      @server = org.logstash.beats.Server.new(host, port, client_inactivity_timeout, event_loop_threads, executor_threads)
+      expect( org.logstash.beats.Server ).to receive(:new).with(host, port, client_inactivity_timeout, event_loop_threads, executor_threads).and_return @server
       expect( @server ).to receive(:listen)
       subject.register
@@ -595,7 +450,7 @@ describe LogStash::Inputs::Beats do
     context 'with ssl disabled' do
       let(:config) { super().merge("ssl_enabled" => false) }
-      it 'do not set tls fields' do
+      it 'does not set tls fields' do
         @message_listener.onNewMessage(ctx, message)
         expect( queue.size ).to be 1
@@ -609,4 +464,23 @@ describe LogStash::Inputs::Beats do
   context "when interrupting the plugin" do
     it_behaves_like "an interruptible input plugin"
   end
+  describe "obsolete settings" do
+    let(:config) { { "port" => 1234 } }
+    [{:name => 'ssl', :canonical_name => 'ssl_enabled'},
+     {:name => 'ssl_peer_metadata', :canonical_name => 'enrich'},
+     {:name => 'ssl_verify_mode', :canonical_name => 'ssl_client_authentication'},
+     {:name => 'cipher_suites', :canonical_name => 'ssl_cipher_suites'},
+     {:name => 'tls_min_version', :canonical_name => 'ssl_supported_protocols'},
+     {:name => 'tls_max_version', :canonical_name => 'ssl_supported_protocols'}
+    ].each do |settings|
+      context "with option #{settings[:name]}" do
+        let(:obsolete_config) { config.merge(settings[:name] => 'test_value') }
+        it "emits an error about the setting `#{settings[:name]}` now being obsolete and provides guidance to use `#{settings[:canonical_name]}`" do
+          error_text = "The setting `#{settings[:name]}` in plugin `beats` is obsolete and is no longer available. Use '#{settings[:canonical_name]}' instead."
+          expect { LogStash::Inputs::Beats.new(obsolete_config) }.to raise_error LogStash::ConfigurationError, a_string_including(error_text)
+        end
+      end
+    end
+  end
 end

data/spec/integration/filebeat_spec.rb CHANGED Viewed

@@ -51,7 +51,7 @@ describe "Filebeat", :integration => true do
   before :each do
     FileUtils.rm_rf(File.join(File.dirname(__FILE__), "..", "..", "vendor", "filebeat", "data"))
     start_client
-    raise 'Filebeat did not start in alloted time' unless is_alive
+    raise 'Filebeat did not start in allocated time' unless is_alive
     sleep(20) # give some time to FB to send something
   end
@@ -76,7 +76,7 @@ describe "Filebeat", :integration => true do
   end
   ############################################################
-  # Actuals tests
+  # Actual tests
   context "Plain TCP" do
     include_examples "send events"
@@ -147,7 +147,7 @@ describe "Filebeat", :integration => true do
           let(:input_config) {
             super().merge({
               "ssl_cipher_suites" => [logstash_cipher],
-              "tls_min_version" => "1.2"
+              "ssl_supported_protocols" => ["TLSv1.2"]
             })
           }
@@ -193,9 +193,7 @@ describe "Filebeat", :integration => true do
           context "when TLSv1.3 enforced in plugin" do
             let(:input_config) {
-              super().merge({
-                "tls_min_version" => "1.3"
-              })
+              super().merge({ "ssl_supported_protocols" => ["TLSv1.3"] })
             }
             include_examples "send events"

data/vendor/jar-dependencies/io/netty/netty-buffer/{4.1.126.Final/netty-buffer-4.1.126.Final.jar → 4.1.115.Final/netty-buffer-4.1.115.Final.jar} RENAMED Viewed

Binary file

data/vendor/jar-dependencies/io/netty/netty-codec/{4.1.126.Final/netty-codec-4.1.126.Final.jar → 4.1.115.Final/netty-codec-4.1.115.Final.jar} RENAMED Viewed

Binary file

data/vendor/jar-dependencies/io/netty/netty-common/{4.1.126.Final/netty-common-4.1.126.Final.jar → 4.1.115.Final/netty-common-4.1.115.Final.jar} RENAMED Viewed

Binary file

data/vendor/jar-dependencies/io/netty/netty-handler/{4.1.126.Final/netty-handler-4.1.126.Final.jar → 4.1.115.Final/netty-handler-4.1.115.Final.jar} RENAMED Viewed

Binary file

data/vendor/jar-dependencies/io/netty/netty-transport/{4.1.126.Final/netty-transport-4.1.126.Final.jar → 4.1.115.Final/netty-transport-4.1.115.Final.jar} RENAMED Viewed

Binary file

data/vendor/jar-dependencies/io/netty/netty-transport-native-unix-common/{4.1.126.Final/netty-transport-native-unix-common-4.1.126.Final.jar → 4.1.115.Final/netty-transport-native-unix-common-4.1.115.Final.jar} RENAMED Viewed

Binary file

data/vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/7.0.0/logstash-input-beats-7.0.0.jar ADDED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-input-beats
 version: !ruby/object:Gem::Version
-  version: 6.9.4
+  version: 7.0.0
 platform: java
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-09-04 00:00:00.000000000 Z
+date: 2024-12-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -91,36 +91,42 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
-  name: logstash-mixin-ecs_compatibility_support
+        version: '0.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.3.4
+  name: jar-dependencies
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '0.3'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 0.3.4
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
-  name: logstash-mixin-event_support
+        version: '1.3'
+  name: logstash-mixin-ecs_compatibility_support
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '1.3'
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
-  name: logstash-mixin-plugin_factory_support
+  name: logstash-mixin-event_support
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -134,7 +140,7 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
-  name: logstash-mixin-normalize_config_support
+  name: logstash-mixin-plugin_factory_support
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -279,7 +285,6 @@ files:
 - lib/logstash/inputs/beats/message_listener.rb
 - lib/logstash/inputs/beats/patch.rb
 - lib/logstash/inputs/beats/raw_event_transform.rb
-- lib/logstash/inputs/beats/tls.rb
 - lib/tasks/build.rake
 - lib/tasks/test.rake
 - logstash-input-beats.gemspec
@@ -288,7 +293,6 @@ files:
 - spec/inputs/beats/event_transform_common_spec.rb
 - spec/inputs/beats/message_listener_spec.rb
 - spec/inputs/beats/raw_event_transform_spec.rb
-- spec/inputs/beats/tls_spec.rb
 - spec/inputs/beats_spec.rb
 - spec/integration/filebeat_spec.rb
 - spec/spec_helper.rb
@@ -299,14 +303,14 @@ files:
 - spec/support/integration_shared_context.rb
 - spec/support/logstash_test.rb
 - spec/support/shared_examples.rb
-- vendor/jar-dependencies/io/netty/netty-buffer/4.1.126.Final/netty-buffer-4.1.126.Final.jar
-- vendor/jar-dependencies/io/netty/netty-codec/4.1.126.Final/netty-codec-4.1.126.Final.jar
-- vendor/jar-dependencies/io/netty/netty-common/4.1.126.Final/netty-common-4.1.126.Final.jar
-- vendor/jar-dependencies/io/netty/netty-handler/4.1.126.Final/netty-handler-4.1.126.Final.jar
-- vendor/jar-dependencies/io/netty/netty-transport-native-unix-common/4.1.126.Final/netty-transport-native-unix-common-4.1.126.Final.jar
-- vendor/jar-dependencies/io/netty/netty-transport/4.1.126.Final/netty-transport-4.1.126.Final.jar
+- vendor/jar-dependencies/io/netty/netty-buffer/4.1.115.Final/netty-buffer-4.1.115.Final.jar
+- vendor/jar-dependencies/io/netty/netty-codec/4.1.115.Final/netty-codec-4.1.115.Final.jar
+- vendor/jar-dependencies/io/netty/netty-common/4.1.115.Final/netty-common-4.1.115.Final.jar
+- vendor/jar-dependencies/io/netty/netty-handler/4.1.115.Final/netty-handler-4.1.115.Final.jar
+- vendor/jar-dependencies/io/netty/netty-transport-native-unix-common/4.1.115.Final/netty-transport-native-unix-common-4.1.115.Final.jar
+- vendor/jar-dependencies/io/netty/netty-transport/4.1.115.Final/netty-transport-4.1.115.Final.jar
 - vendor/jar-dependencies/org/javassist/javassist/3.24.0-GA/javassist-3.24.0-GA.jar
-- vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/6.9.4/logstash-input-beats-6.9.4.jar
+- vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/7.0.0/logstash-input-beats-7.0.0.jar
 homepage: http://www.elastic.co/guide/en/logstash/current/index.html
 licenses:
 - Apache License (2.0)
@@ -339,7 +343,6 @@ test_files:
 - spec/inputs/beats/event_transform_common_spec.rb
 - spec/inputs/beats/message_listener_spec.rb
 - spec/inputs/beats/raw_event_transform_spec.rb
-- spec/inputs/beats/tls_spec.rb
 - spec/inputs/beats_spec.rb
 - spec/integration/filebeat_spec.rb
 - spec/spec_helper.rb

data/lib/logstash/inputs/beats/tls.rb DELETED Viewed

@@ -1,41 +0,0 @@
-# encoding: utf-8
-module LogStash module Inputs class Beats
-  class TLS
-    class TLSOption
-      include Comparable
-      attr_reader :name, :version
-      def initialize(name, version)
-        @name = name
-        @version = version
-      end
-      def <=>(other)
-        version <=> other.version
-      end
-    end
-    TLS_PROTOCOL_OPTIONS = [
-      TLSOption.new("TLSv1", 1),
-      TLSOption.new("TLSv1.1", 1.1),
-      TLSOption.new("TLSv1.2", 1.2),
-      TLSOption.new("TLSv1.3", 1.3)
-    ]
-    def self.min
-      TLS_PROTOCOL_OPTIONS.min
-    end
-    def self.max
-      TLS_PROTOCOL_OPTIONS.max
-    end
-    def self.get_supported(versions)
-      if versions.is_a?(Range)
-        TLS_PROTOCOL_OPTIONS.select { |tls| versions.cover?(tls.version) }
-      else
-        TLS_PROTOCOL_OPTIONS.select { |tls| versions == tls.version }
-      end
-    end
-  end
-end; end; end

data/spec/inputs/beats/tls_spec.rb DELETED Viewed

@@ -1,39 +0,0 @@
-# encoding: utf-8
-require "logstash/inputs/beats/tls"
-describe LogStash::Inputs::Beats::TLS do
-  subject { described_class }
-  it "returns the minimum supported tls" do
-    expect(subject.min.version).to eq(1)
-    expect(subject.min.name).to eq("TLSv1")
-  end
-  it "returns the maximum supported tls" do
-    expect(subject.max.version).to eq(1.3)
-    expect(subject.max.name).to eq("TLSv1.3")
-  end
-  describe ".get_supported" do
-    context "when a range is given" do
-      it "returns the list of compatible TLS from a range" do
-        expect(subject.get_supported((1.1)..(1.2)).map(&:version)).to match([1.1, 1.2])
-      end
-      it "it return an empty array when nothing match" do
-        expect(subject.get_supported((3.1)..(8.2))).to be_empty
-      end
-    end
-    context "when a scalar is given" do
-      it "when a scalar is given we return the compatible value" do
-        expect(subject.get_supported(1.1).map(&:version)).to match([1.1])
-      end
-      it "it return an empty array when nothing match" do
-        expect(subject.get_supported(9)).to be_empty
-      end
-    end
-  end
-end

data/vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/6.9.4/logstash-input-beats-6.9.4.jar DELETED Viewed

Binary file