logstash-input-beats 3.1.32-java → 4.0.1-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/CHANGELOG.md +5 -46
- data/Gemfile +3 -2
- data/VERSION +1 -1
- data/docs/index.asciidoc +6 -7
- data/lib/logstash-input-beats_jars.rb +6 -6
- data/lib/logstash/inputs/beats.rb +3 -19
- data/lib/tasks/build.rake +1 -1
- data/lib/tasks/test.rake +2 -3
- data/logstash-input-beats.gemspec +1 -1
- data/spec/inputs/beats_spec.rb +14 -27
- data/spec/integration/filebeat_spec.rb +5 -11
- data/spec/integration/logstash_forwarder_spec.rb +1 -0
- data/spec/support/client_process_helpers.rb +2 -15
- data/spec/support/flores_extensions.rb +29 -52
- data/spec/support/integration_shared_context.rb +1 -1
- data/vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-annotations/2.7.5/jackson-annotations-2.7.5.jar +0 -0
- data/vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-core/2.7.5/jackson-core-2.7.5.jar +0 -0
- data/vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-databind/2.7.5/jackson-databind-2.7.5.jar +0 -0
- data/vendor/jar-dependencies/com/fasterxml/jackson/module/jackson-module-afterburner/2.7.5/jackson-module-afterburner-2.7.5.jar +0 -0
- data/vendor/jar-dependencies/log4j/log4j/1.2.17/log4j-1.2.17.jar +0 -0
- data/vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/4.0.1/logstash-input-beats-4.0.1.jar +0 -0
- metadata +20 -16
- data/vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-annotations/2.9.5/jackson-annotations-2.9.5.jar +0 -0
- data/vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-core/2.9.5/jackson-core-2.9.5.jar +0 -0
- data/vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-databind/2.9.5/jackson-databind-2.9.5.jar +0 -0
- data/vendor/jar-dependencies/com/fasterxml/jackson/module/jackson-module-afterburner/2.9.5/jackson-module-afterburner-2.9.5.jar +0 -0
- data/vendor/jar-dependencies/org/apache/logging/log4j/log4j-api/2.6.2/log4j-api-2.6.2.jar +0 -0
- data/vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/3.1.32/logstash-input-beats-3.1.32.jar +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: c9aa6c0daffddf441754db642f9cc9a089c8b699
|
4
|
+
data.tar.gz: 19964fcdf384d408cc239add4841b7030a2c62d3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f7f547e41df1115a94d5a41b1b2d97d96304b43c13db7313819b8d0c3a989883c3db44772737b0d5e1d2df746ecb9cdd4332f9c3bc3cc99172906f2af098687d
|
7
|
+
data.tar.gz: 9e027ab384eda03be67df92c025d16d500e94b07d26eb5eda8caff72ab8fc5c7e2d22d7c1e5ab8851f557fac966fb3a359810e9ba203244f3884938731de0b20
|
data/CHANGELOG.md
CHANGED
@@ -1,52 +1,11 @@
|
|
1
|
-
##
|
2
|
-
-
|
1
|
+
## 4.0.1
|
2
|
+
- Breaking change: Logstash will no longer start when multiline codec is used with the Beats input plugin
|
3
3
|
|
4
|
-
##
|
5
|
-
|
4
|
+
## 4.0.0
|
5
|
+
- Verion yanked from RubyGems for packaging issues
|
6
6
|
|
7
|
-
## 3.1.
|
8
|
-
- Ensure that the keep-alive is sent for ALL pending batches when the pipeline is blocked, not only the batches attempting to write to the queue. #310
|
9
|
-
|
10
|
-
## 3.1.29
|
11
|
-
- Update jackson deps to 2.9.4
|
12
|
-
|
13
|
-
## 3.1.28
|
14
|
-
- Improvements to back pressure handling and memory management #301
|
15
|
-
|
16
|
-
## 3.1.27
|
17
|
-
- Update jackson deps to 2.9.1
|
18
|
-
|
19
|
-
## 3.1.26
|
20
|
-
- Re-order Netty pipeline to avoid NullPointerExceptions in KeepAliveHandler when Logstash is under load
|
21
|
-
- Improve exception logging
|
22
|
-
|
23
|
-
## 3.1.25
|
24
|
-
- Fix an issue with close_wait connection and making sure the keep alive are send back to the client all the time. #272
|
25
|
-
|
26
|
-
## 3.1.24
|
27
|
-
- Documentation changes
|
28
|
-
|
29
|
-
## 3.1.23
|
30
|
-
- Fix logging from Java #236
|
31
|
-
|
32
|
-
## 3.1.22
|
33
|
-
- Additional default cipher PR#242
|
34
|
-
|
35
|
-
## 3.1.21
|
36
|
-
- Remove duplicate jars
|
37
|
-
|
38
|
-
## 3.1.20
|
39
|
-
- Document changes
|
40
|
-
|
41
|
-
## 3.1.19
|
42
|
-
- Fix ability to set SSL protocols #228
|
43
|
-
|
44
|
-
## 3.1.18
|
45
|
-
- Relax version of concurrent-ruby to `~> 1.0`
|
46
|
-
|
47
|
-
## 3.1.17
|
7
|
+
## 3.1.16
|
48
8
|
- Docs: Add note indicating that the multiline codec should not be used with the Beats input plugin
|
49
|
-
- Deprecate warning for multiline codec with the Beats input plugin
|
50
9
|
|
51
10
|
## 3.1.15
|
52
11
|
- DEBUG: Add information about the remote when an exception is catched #192
|
data/Gemfile
CHANGED
@@ -2,9 +2,10 @@ source 'https://rubygems.org'
|
|
2
2
|
|
3
3
|
gemspec
|
4
4
|
|
5
|
-
logstash_path = "../../logstash"
|
5
|
+
logstash_path = ENV["LOGSTASH_PATH"] || "../../logstash"
|
6
|
+
use_logstash_source = ENV["LOGSTASH_SOURCE"] && ENV["LOGSTASH_SOURCE"].to_s == "1"
|
6
7
|
|
7
|
-
if Dir.exist?(logstash_path) &&
|
8
|
+
if Dir.exist?(logstash_path) && use_logstash_source
|
8
9
|
gem 'logstash-core', :path => "#{logstash_path}/logstash-core"
|
9
10
|
gem 'logstash-core-plugin-api', :path => "#{logstash_path}/logstash-core-plugin-api"
|
10
11
|
end
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
|
1
|
+
4.0.1
|
data/docs/index.asciidoc
CHANGED
@@ -7,14 +7,14 @@ START - GENERATED VARIABLES, DO NOT EDIT!
|
|
7
7
|
:version: %VERSION%
|
8
8
|
:release_date: %RELEASE_DATE%
|
9
9
|
:changelog_url: %CHANGELOG_URL%
|
10
|
-
:include_path:
|
10
|
+
:include_path: ../../../logstash/docs/include
|
11
11
|
///////////////////////////////////////////
|
12
12
|
END - GENERATED VARIABLES, DO NOT EDIT!
|
13
13
|
///////////////////////////////////////////
|
14
14
|
|
15
|
-
[id="plugins-{type}
|
15
|
+
[id="plugins-{type}-{plugin}"]
|
16
16
|
|
17
|
-
=== Beats
|
17
|
+
=== Beats
|
18
18
|
|
19
19
|
include::{include_path}/plugin_header.asciidoc[]
|
20
20
|
|
@@ -59,7 +59,7 @@ result in the failure to start Logstash.
|
|
59
59
|
[id="plugins-{type}s-{plugin}-options"]
|
60
60
|
==== Beats Input Configuration Options
|
61
61
|
|
62
|
-
This plugin supports the following configuration options plus the <<plugins-{type}s-
|
62
|
+
This plugin supports the following configuration options plus the <<plugins-{type}s-common-options>> described later.
|
63
63
|
|
64
64
|
[cols="<,<,<",options="header",]
|
65
65
|
|=======================================================================
|
@@ -80,7 +80,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
|
|
80
80
|
| <<plugins-{type}s-{plugin}-tls_min_version>> |<<number,number>>|No
|
81
81
|
|=======================================================================
|
82
82
|
|
83
|
-
Also see <<plugins-{type}s-
|
83
|
+
Also see <<plugins-{type}s-common-options>> for a list of options supported by all
|
84
84
|
input plugins.
|
85
85
|
|
86
86
|
|
@@ -89,7 +89,7 @@ input plugins.
|
|
89
89
|
===== `cipher_suites`
|
90
90
|
|
91
91
|
* Value type is <<array,array>>
|
92
|
-
* Default value is `java.lang.String[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
|
92
|
+
* Default value is `java.lang.String[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]@459cfcca`
|
93
93
|
|
94
94
|
The list of ciphers suite to use, listed by priorities.
|
95
95
|
|
@@ -237,5 +237,4 @@ The minimum TLS version allowed for the encrypted connections. The value must be
|
|
237
237
|
|
238
238
|
|
239
239
|
|
240
|
-
[id="plugins-{type}s-{plugin}-common-options"]
|
241
240
|
include::{include_path}/{type}.asciidoc[]
|
@@ -4,9 +4,9 @@ require 'jar_dependencies'
|
|
4
4
|
require_jar('io.netty', 'netty-all', '4.1.3.Final')
|
5
5
|
require_jar('io.netty', 'netty-tcnative-boringssl-static', '1.1.33.Fork23')
|
6
6
|
require_jar('org.javassist', 'javassist', '3.20.0-GA')
|
7
|
-
require_jar('com.fasterxml.jackson.core', 'jackson-core', '2.
|
8
|
-
require_jar('com.fasterxml.jackson.core', 'jackson-annotations', '2.
|
9
|
-
require_jar('com.fasterxml.jackson.core', 'jackson-databind', '2.
|
10
|
-
require_jar('com.fasterxml.jackson.module', 'jackson-module-afterburner', '2.
|
11
|
-
require_jar('
|
12
|
-
require_jar('org.logstash.beats', 'logstash-input-beats', '
|
7
|
+
require_jar('com.fasterxml.jackson.core', 'jackson-core', '2.7.5')
|
8
|
+
require_jar('com.fasterxml.jackson.core', 'jackson-annotations', '2.7.5')
|
9
|
+
require_jar('com.fasterxml.jackson.core', 'jackson-databind', '2.7.5')
|
10
|
+
require_jar('com.fasterxml.jackson.module', 'jackson-module-afterburner', '2.7.5')
|
11
|
+
require_jar('log4j', 'log4j', '1.2.17')
|
12
|
+
require_jar('org.logstash.beats', 'logstash-input-beats', '4.0.1')
|
@@ -2,7 +2,6 @@
|
|
2
2
|
require "logstash/inputs/base"
|
3
3
|
require "logstash/namespace"
|
4
4
|
require "logstash/timestamp"
|
5
|
-
require "logstash/codecs/identity_map_codec"
|
6
5
|
require "logstash/codecs/multiline"
|
7
6
|
require "logstash/util"
|
8
7
|
require "logstash-input-beats_jars"
|
@@ -121,9 +120,6 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
|
|
121
120
|
# Close Idle clients after X seconds of inactivity.
|
122
121
|
config :client_inactivity_timeout, :validate => :number, :default => 60
|
123
122
|
|
124
|
-
# Beats handler executor thread
|
125
|
-
config :executor_threads, :validate => :number, :default => LogStash::Config::CpuCoreStrategy.maximum
|
126
|
-
|
127
123
|
def register
|
128
124
|
# For Logstash 2.4 we need to make sure that the logger is correctly set for the
|
129
125
|
# java classes before actually loading them.
|
@@ -150,26 +146,18 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
|
|
150
146
|
raise LogStash::ConfigurationError, "Using `verify_mode` set to PEER or FORCE_PEER, requires the configuration of `certificate_authorities`"
|
151
147
|
end
|
152
148
|
|
149
|
+
# Logstash 6.x breaking change (introduced with 4.0.0 of this gem)
|
153
150
|
if @codec.kind_of? LogStash::Codecs::Multiline
|
154
|
-
|
151
|
+
raise LogStash::ConfigurationError, "Multiline codec with beats input is not supported. Please refer to the beats documentation for how to best manage multiline data. See https://www.elastic.co/guide/en/beats/filebeat/current/multiline-examples.html"
|
155
152
|
end
|
156
153
|
|
157
154
|
@logger.info("Beats inputs: Starting input listener", :address => "#{@host}:#{@port}")
|
158
155
|
|
159
|
-
# wrap the configured codec to support identity stream
|
160
|
-
# from the producers if running with the multiline codec.
|
161
|
-
#
|
162
|
-
# If they dont need an identity map, codec are stateless and can be reused
|
163
|
-
# accross multiples connections.
|
164
|
-
if need_identity_map?
|
165
|
-
@codec = LogStash::Codecs::IdentityMapCodec.new(@codec)
|
166
|
-
end
|
167
|
-
|
168
156
|
@server = create_server
|
169
157
|
end # def register
|
170
158
|
|
171
159
|
def create_server
|
172
|
-
server = org.logstash.beats.Server.new(@host, @port, @client_inactivity_timeout
|
160
|
+
server = org.logstash.beats.Server.new(@host, @port, @client_inactivity_timeout)
|
173
161
|
if @ssl
|
174
162
|
|
175
163
|
begin
|
@@ -213,10 +201,6 @@ class LogStash::Inputs::Beats < LogStash::Inputs::Base
|
|
213
201
|
@server.stop unless @server.nil?
|
214
202
|
end
|
215
203
|
|
216
|
-
def need_identity_map?
|
217
|
-
@codec.kind_of?(LogStash::Codecs::Multiline)
|
218
|
-
end
|
219
|
-
|
220
204
|
def client_authentification?
|
221
205
|
@ssl_certificate_authorities && @ssl_certificate_authorities.size > 0
|
222
206
|
end
|
data/lib/tasks/build.rake
CHANGED
data/lib/tasks/test.rake
CHANGED
@@ -2,11 +2,10 @@
|
|
2
2
|
OS_PLATFORM = RbConfig::CONFIG["host_os"]
|
3
3
|
VENDOR_PATH = File.expand_path(File.join(File.dirname(__FILE__), "..", "..", "vendor"))
|
4
4
|
|
5
|
-
#TODO: Figure out better means to keep this version in sync
|
6
5
|
if OS_PLATFORM == "linux"
|
7
|
-
FILEBEAT_URL = "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-
|
6
|
+
FILEBEAT_URL = "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-5.0.0-linux-x86_64.tar.gz"
|
8
7
|
elsif OS_PLATFORM == "darwin"
|
9
|
-
FILEBEAT_URL = "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-
|
8
|
+
FILEBEAT_URL = "https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-5.0.0-darwin-x86_64.tar.gz"
|
10
9
|
end
|
11
10
|
|
12
11
|
LSF_URL = "https://download.elastic.co/logstash-forwarder/binaries/logstash-forwarder_#{OS_PLATFORM}_amd64"
|
@@ -23,7 +23,7 @@ Gem::Specification.new do |s|
|
|
23
23
|
s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
|
24
24
|
|
25
25
|
s.add_runtime_dependency "logstash-codec-plain"
|
26
|
-
s.add_runtime_dependency "concurrent-ruby", "
|
26
|
+
s.add_runtime_dependency "concurrent-ruby", [ ">= 0.9.2", "<= 1.0.0" ]
|
27
27
|
s.add_runtime_dependency "thread_safe", "~> 0.3.5"
|
28
28
|
s.add_runtime_dependency "logstash-codec-multiline", ">= 2.0.5"
|
29
29
|
s.add_runtime_dependency 'jar-dependencies', '~> 0.3.4'
|
data/spec/inputs/beats_spec.rb
CHANGED
@@ -16,44 +16,19 @@ describe LogStash::Inputs::Beats do
|
|
16
16
|
|
17
17
|
context "#register" do
|
18
18
|
context "host related configuration" do
|
19
|
-
let(:config) { super.merge!({ "host" => host, "port" => port, "client_inactivity_timeout" => client_inactivity_timeout
|
19
|
+
let(:config) { super.merge!({ "host" => host, "port" => port, "client_inactivity_timeout" => client_inactivity_timeout }) }
|
20
20
|
let(:host) { "192.168.1.20" }
|
21
21
|
let(:port) { 9000 }
|
22
22
|
let(:client_inactivity_timeout) { 400 }
|
23
|
-
let(:threads) { 10 }
|
24
23
|
|
25
24
|
subject(:plugin) { LogStash::Inputs::Beats.new(config) }
|
26
25
|
|
27
26
|
it "sends the required options to the server" do
|
28
|
-
expect(org.logstash.beats.Server).to receive(:new).with(host, port, client_inactivity_timeout
|
27
|
+
expect(org.logstash.beats.Server).to receive(:new).with(host, port, client_inactivity_timeout)
|
29
28
|
subject.register
|
30
29
|
end
|
31
30
|
end
|
32
31
|
|
33
|
-
context "identity map" do
|
34
|
-
subject(:plugin) { LogStash::Inputs::Beats.new(config) }
|
35
|
-
before { plugin.register }
|
36
|
-
|
37
|
-
context "when using the multiline codec" do
|
38
|
-
let(:codec) { LogStash::Codecs::Multiline.new("pattern" => '^2015',
|
39
|
-
"what" => "previous",
|
40
|
-
"negate" => true) }
|
41
|
-
let(:config) { super.merge({ "codec" => codec }) }
|
42
|
-
|
43
|
-
it "wraps the codec with the identity_map" do
|
44
|
-
expect(plugin.codec).to be_kind_of(LogStash::Codecs::IdentityMapCodec)
|
45
|
-
end
|
46
|
-
end
|
47
|
-
|
48
|
-
context "when using non buffered codecs" do
|
49
|
-
let(:config) { super.merge({ "codec" => "json" }) }
|
50
|
-
|
51
|
-
it "doesnt wrap the codec with the identity map" do
|
52
|
-
expect(plugin.codec).to be_kind_of(LogStash::Codecs::JSON)
|
53
|
-
end
|
54
|
-
end
|
55
|
-
end
|
56
|
-
|
57
32
|
it "raise no exception" do
|
58
33
|
plugin = LogStash::Inputs::Beats.new(config)
|
59
34
|
expect { plugin.register }.not_to raise_error
|
@@ -147,6 +122,18 @@ describe LogStash::Inputs::Beats do
|
|
147
122
|
end
|
148
123
|
end
|
149
124
|
end
|
125
|
+
|
126
|
+
context "with multiline codec" do
|
127
|
+
let(:codec) { LogStash::Codecs::Multiline.new("pattern" => '^2015',
|
128
|
+
"what" => "previous",
|
129
|
+
"negate" => true) }
|
130
|
+
let(:config) { super.merge({ "codec" => codec }) }
|
131
|
+
|
132
|
+
it "raise a ConfigurationError when multiline codec is set" do
|
133
|
+
plugin = LogStash::Inputs::Beats.new(config)
|
134
|
+
expect {plugin.register}.to raise_error(LogStash::ConfigurationError, "Multiline codec with beats input is not supported. Please refer to the beats documentation for how to best manage multiline data. See https://www.elastic.co/guide/en/beats/filebeat/current/multiline-examples.html")
|
135
|
+
end
|
136
|
+
end
|
150
137
|
end
|
151
138
|
|
152
139
|
context "when interrupting the plugin" do
|
@@ -52,7 +52,6 @@ describe "Filebeat", :integration => true do
|
|
52
52
|
before :each do
|
53
53
|
FileUtils.rm_rf(File.join(File.dirname(__FILE__), "..", "..", "vendor", "filebeat", "data"))
|
54
54
|
start_client
|
55
|
-
raise 'Filebeat did not start in alloted time' unless is_alive
|
56
55
|
sleep(20) # give some time to FB to send something
|
57
56
|
end
|
58
57
|
|
@@ -77,7 +76,7 @@ describe "Filebeat", :integration => true do
|
|
77
76
|
end
|
78
77
|
|
79
78
|
############################################################
|
80
|
-
# Actuals tests
|
79
|
+
# Actuals tests
|
81
80
|
context "Plain TCP" do
|
82
81
|
include_examples "send events"
|
83
82
|
end
|
@@ -191,9 +190,6 @@ describe "Filebeat", :integration => true do
|
|
191
190
|
context "CA root" do
|
192
191
|
include_context "Root CA"
|
193
192
|
|
194
|
-
let_tmp_file(:certificate_key_file) { convert_to_pkcs8(certificate_data.last) }
|
195
|
-
let_tmp_file(:certificate_file) { certificate_data.first }
|
196
|
-
|
197
193
|
context "directly signed client certificate" do
|
198
194
|
let(:certificate_authorities) { [root_ca_certificate_file] }
|
199
195
|
let(:certificate_data) { Flores::PKI.create_client_certicate("CN=localhost", root_ca_certificate, root_ca_key) }
|
@@ -206,7 +202,7 @@ describe "Filebeat", :integration => true do
|
|
206
202
|
|
207
203
|
let(:certificate_data) { Flores::PKI.create_client_certicate("CN=localhost", intermediate_ca_certificate, intermediate_ca_key) }
|
208
204
|
let(:certificate_authorities) { [certificate_authorities_chain] }
|
209
|
-
|
205
|
+
|
210
206
|
include_examples "send events"
|
211
207
|
end
|
212
208
|
end
|
@@ -228,7 +224,7 @@ describe "Filebeat", :integration => true do
|
|
228
224
|
end
|
229
225
|
|
230
226
|
let(:input_config) do
|
231
|
-
super.merge({
|
227
|
+
super.merge({
|
232
228
|
"ssl" => true,
|
233
229
|
"ssl_certificate_authorities" => certificate_authorities,
|
234
230
|
"ssl_certificate" => server_certificate_file,
|
@@ -253,8 +249,6 @@ describe "Filebeat", :integration => true do
|
|
253
249
|
|
254
250
|
let_tmp_file(:server_certificate_file) { server_certificate_data.first }
|
255
251
|
let_tmp_file(:server_certificate_key_file) { convert_to_pkcs8(server_certificate_data.last) }
|
256
|
-
let_tmp_file(:certificate_file) { certificate_data.first }
|
257
|
-
let_tmp_file(:certificate_key_file) { convert_to_pkcs8(certificate_data.last) }
|
258
252
|
|
259
253
|
context "directly signed client certificate" do
|
260
254
|
let(:certificate_authorities) { [root_ca_certificate_file] }
|
@@ -268,7 +262,7 @@ describe "Filebeat", :integration => true do
|
|
268
262
|
include_context "Intermediate CA"
|
269
263
|
|
270
264
|
let(:certificate_data) { Flores::PKI.create_client_certicate("CN=localhost", intermediate_ca_certificate, intermediate_ca_key) }
|
271
|
-
let(:server_certificate_data) { Flores::PKI.create_client_certicate("CN=localhost", intermediate_ca_certificate, intermediate_ca_key) }
|
265
|
+
let(:server_certificate_data) { Flores::PKI.create_client_certicate("CN=localhost", intermediate_ca_certificate, intermediate_ca_key) }
|
272
266
|
let(:certificate_authorities) { [intermediate_ca_certificate_file] }
|
273
267
|
|
274
268
|
include_examples "send events"
|
@@ -304,7 +298,7 @@ describe "Filebeat", :integration => true do
|
|
304
298
|
|
305
299
|
let(:server_certificate_data) { Flores::PKI.create_client_certicate("CN=localhost", root_ca_certificate, root_ca_key) }
|
306
300
|
|
307
|
-
context "client from primary CA" do
|
301
|
+
context "client from primary CA" do
|
308
302
|
include_examples "send events"
|
309
303
|
end
|
310
304
|
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# encoding: utf-8
|
2
2
|
require "childprocess"
|
3
3
|
module ClientProcessHelpers
|
4
|
-
def start_client(timeout =
|
4
|
+
def start_client(timeout = 1)
|
5
5
|
@client_out = Stud::Temporary.file
|
6
6
|
@client_out.sync
|
7
7
|
|
@@ -11,26 +11,13 @@ module ClientProcessHelpers
|
|
11
11
|
ChildProcess.posix_spawn = true
|
12
12
|
@process.start
|
13
13
|
|
14
|
-
|
15
|
-
max_iterations = (timeout / sleep_interval).to_i
|
16
|
-
max_iterations.times do
|
17
|
-
sleep(sleep_interval)
|
18
|
-
if @process.alive?
|
19
|
-
break
|
20
|
-
end
|
21
|
-
end
|
22
|
-
#Note - can not raise error here if process failed to start, since some tests expects for the process to not start due to invalid configuration
|
23
|
-
|
14
|
+
sleep(0.1)
|
24
15
|
@client_out.rewind
|
25
16
|
|
26
17
|
# can be used to helper debugging when a test fails
|
27
18
|
@execution_output = @client_out.read
|
28
19
|
end
|
29
20
|
|
30
|
-
def is_alive
|
31
|
-
return @process.alive?
|
32
|
-
end
|
33
|
-
|
34
21
|
def stop_client
|
35
22
|
begin
|
36
23
|
@process.poll_for_exit(5)
|
@@ -1,68 +1,49 @@
|
|
1
1
|
# encoding: utf-8
|
2
2
|
require "flores/pki"
|
3
3
|
require "flores/random"
|
4
|
-
require "socket"
|
5
4
|
|
6
5
|
module Flores
|
7
6
|
module Random
|
8
7
|
DEFAULT_PORT_RANGE = 1024..65535
|
8
|
+
DEFAULT_PORT_CHECK_TIMEOUT = 1
|
9
|
+
DEFAULT_MAXIMUM_PORT_FIND_TRY = 15
|
10
|
+
|
9
11
|
class << self
|
10
12
|
def port(range = DEFAULT_PORT_RANGE)
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
CertificateSigningRequest.class_eval do
|
21
|
-
def create
|
22
|
-
validate!
|
23
|
-
extensions = OpenSSL::X509::ExtensionFactory.new
|
24
|
-
extensions.subject_certificate = certificate
|
25
|
-
extensions.issuer_certificate = self_signed? ? certificate : signing_certificate
|
26
|
-
|
27
|
-
certificate.issuer = extensions.issuer_certificate.subject
|
28
|
-
certificate.add_extension(extensions.create_extension("subjectKeyIdentifier", "hash", false))
|
29
|
-
|
30
|
-
if want_signature_ability?
|
31
|
-
# Create a CA.
|
32
|
-
certificate.add_extension(extensions.create_extension("basicConstraints", "CA:TRUE", true))
|
33
|
-
# Rough googling seems to indicate at least keyCertSign is required for CA and intermediate certs.
|
34
|
-
certificate.add_extension(extensions.create_extension("keyUsage", "keyCertSign, cRLSign, digitalSignature", true))
|
35
|
-
else
|
36
|
-
# Create a client+server certificate
|
37
|
-
#
|
38
|
-
# It feels weird to create a certificate that's valid as both server and client, but a brief inspection of major
|
39
|
-
# web properties (apple.com, google.com, yahoo.com, github.com, fastly.com, mozilla.com, amazon.com) reveals that
|
40
|
-
# major web properties have certificates with both clientAuth and serverAuth extended key usages. Further,
|
41
|
-
# these major server certificates all have digitalSignature and keyEncipherment for key usage.
|
42
|
-
#
|
43
|
-
# Here's the command I used to check this:
|
44
|
-
# echo mozilla.com apple.com github.com google.com yahoo.com fastly.com elastic.co amazon.com \
|
45
|
-
# | xargs -n1 sh -c 'openssl s_client -connect $1:443 \
|
46
|
-
# | sed -ne "/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p" \
|
47
|
-
# | openssl x509 -text -noout | sed -ne "/X509v3 extensions/,/Signature Algorithm/p" | sed -e "s/^/$1 /"' - \
|
48
|
-
# | grep -A2 'Key Usage'
|
49
|
-
certificate.add_extension(extensions.create_extension("keyUsage", "digitalSignature, keyEncipherment", true))
|
50
|
-
certificate.add_extension(extensions.create_extension("extendedKeyUsage", "clientAuth, serverAuth", false))
|
13
|
+
try = 0
|
14
|
+
while try < DEFAULT_MAXIMUM_PORT_FIND_TRY
|
15
|
+
candidate = integer(range)
|
16
|
+
|
17
|
+
if port_available?(candidate)
|
18
|
+
break
|
19
|
+
else
|
20
|
+
try += 1
|
21
|
+
end
|
51
22
|
end
|
23
|
+
|
24
|
+
raise "Flores.random_port: Cannot find an available port, tried #{DEFAULT_MAXIMUM_PORT_FIND_TRY} times, range was: #{range}" if try == DEFAULT_MAXIMUM_PORT_FIND_TRY
|
52
25
|
|
53
|
-
|
54
|
-
|
26
|
+
candidate
|
27
|
+
end
|
28
|
+
|
29
|
+
def port_available?(port)
|
30
|
+
begin
|
31
|
+
server = TCPServer.new(port)
|
32
|
+
available = true
|
33
|
+
rescue # Assume that any errors can do this
|
34
|
+
available = false
|
35
|
+
ensure
|
36
|
+
server.close if server
|
55
37
|
end
|
56
38
|
|
57
|
-
|
58
|
-
certificate.sign(signing_key, digest_method)
|
59
|
-
certificate
|
39
|
+
return available
|
60
40
|
end
|
61
41
|
end
|
42
|
+
end
|
62
43
|
|
63
|
-
|
44
|
+
module PKI
|
64
45
|
DEFAULT_CERTIFICATE_OPTIONS = {
|
65
|
-
:duration =>
|
46
|
+
:duration => Flores::Random.number(100..2000),
|
66
47
|
:key_size => GENERATE_DEFAULT_KEY_SIZE,
|
67
48
|
:exponent => GENERATE_DEFAULT_EXPONENT,
|
68
49
|
:want_signature_ability => false
|
@@ -97,9 +78,5 @@ module Flores
|
|
97
78
|
|
98
79
|
[csr.create, client_key]
|
99
80
|
end
|
100
|
-
|
101
|
-
|
102
|
-
|
103
81
|
end
|
104
82
|
end
|
105
|
-
|
@@ -3,7 +3,7 @@ require "flores/random"
|
|
3
3
|
|
4
4
|
shared_examples "send events" do
|
5
5
|
it "successfully send the events" do
|
6
|
-
try(
|
6
|
+
try(50) { expect(queue.size).to eq(number_of_events), "Expected: #{number_of_events} got: #{queue.size}, execution output:\n #{@execution_output}" }
|
7
7
|
expect(queue.collect { |e| e.get("message") }).to eq(events)
|
8
8
|
end
|
9
9
|
end
|
Binary file
|
data/vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-core/2.7.5/jackson-core-2.7.5.jar
ADDED
Binary file
|
Binary file
|
Binary file
|
Binary file
|
Binary file
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-input-beats
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 4.0.1
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2017-06-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -47,17 +47,23 @@ dependencies:
|
|
47
47
|
- !ruby/object:Gem::Dependency
|
48
48
|
requirement: !ruby/object:Gem::Requirement
|
49
49
|
requirements:
|
50
|
-
- - "
|
50
|
+
- - ">="
|
51
|
+
- !ruby/object:Gem::Version
|
52
|
+
version: 0.9.2
|
53
|
+
- - "<="
|
51
54
|
- !ruby/object:Gem::Version
|
52
|
-
version:
|
55
|
+
version: 1.0.0
|
53
56
|
name: concurrent-ruby
|
54
57
|
prerelease: false
|
55
58
|
type: :runtime
|
56
59
|
version_requirements: !ruby/object:Gem::Requirement
|
57
60
|
requirements:
|
58
|
-
- - "
|
61
|
+
- - ">="
|
62
|
+
- !ruby/object:Gem::Version
|
63
|
+
version: 0.9.2
|
64
|
+
- - "<="
|
59
65
|
- !ruby/object:Gem::Version
|
60
|
-
version:
|
66
|
+
version: 1.0.0
|
61
67
|
- !ruby/object:Gem::Dependency
|
62
68
|
requirement: !ruby/object:Gem::Requirement
|
63
69
|
requirements:
|
@@ -212,9 +218,7 @@ dependencies:
|
|
212
218
|
- - ">="
|
213
219
|
- !ruby/object:Gem::Version
|
214
220
|
version: '0'
|
215
|
-
description: This gem is a Logstash plugin required to be installed on top of the
|
216
|
-
Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This
|
217
|
-
gem is not a stand-alone program
|
221
|
+
description: This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program
|
218
222
|
email: info@elastic.co
|
219
223
|
executables: []
|
220
224
|
extensions: []
|
@@ -258,15 +262,15 @@ files:
|
|
258
262
|
- spec/support/integration_shared_context.rb
|
259
263
|
- spec/support/logstash_test.rb
|
260
264
|
- spec/support/shared_examples.rb
|
261
|
-
- vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-annotations/2.
|
262
|
-
- vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-core/2.
|
263
|
-
- vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-databind/2.
|
264
|
-
- vendor/jar-dependencies/com/fasterxml/jackson/module/jackson-module-afterburner/2.
|
265
|
+
- vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-annotations/2.7.5/jackson-annotations-2.7.5.jar
|
266
|
+
- vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-core/2.7.5/jackson-core-2.7.5.jar
|
267
|
+
- vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-databind/2.7.5/jackson-databind-2.7.5.jar
|
268
|
+
- vendor/jar-dependencies/com/fasterxml/jackson/module/jackson-module-afterburner/2.7.5/jackson-module-afterburner-2.7.5.jar
|
265
269
|
- vendor/jar-dependencies/io/netty/netty-all/4.1.3.Final/netty-all-4.1.3.Final.jar
|
266
270
|
- vendor/jar-dependencies/io/netty/netty-tcnative-boringssl-static/1.1.33.Fork23/netty-tcnative-boringssl-static-1.1.33.Fork23.jar
|
267
|
-
- vendor/jar-dependencies/
|
271
|
+
- vendor/jar-dependencies/log4j/log4j/1.2.17/log4j-1.2.17.jar
|
268
272
|
- vendor/jar-dependencies/org/javassist/javassist/3.20.0-GA/javassist-3.20.0-GA.jar
|
269
|
-
- vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/
|
273
|
+
- vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/4.0.1/logstash-input-beats-4.0.1.jar
|
270
274
|
homepage: http://www.elastic.co/guide/en/logstash/current/index.html
|
271
275
|
licenses:
|
272
276
|
- Apache License (2.0)
|
@@ -290,7 +294,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
290
294
|
version: '0'
|
291
295
|
requirements: []
|
292
296
|
rubyforge_project:
|
293
|
-
rubygems_version: 2.
|
297
|
+
rubygems_version: 2.4.8
|
294
298
|
signing_key:
|
295
299
|
specification_version: 4
|
296
300
|
summary: Receive events using the lumberjack protocol.
|
Binary file
|
data/vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-core/2.9.5/jackson-core-2.9.5.jar
DELETED
Binary file
|
Binary file
|
Binary file
|
Binary file
|