logstash-input-elastic_serverless_forwarder 0.1.0-java → 0.1.2-java
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 14190aec17bc2282d956db77e43a6118fbbe8ed156e53ca295f9064b202706b1
|
|
4
|
+
data.tar.gz: 2bcb76de61764a863882b3f40d9af35d2ff9867b0d8a00d31346e81a677c00f7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: db6ad54b41a91e677c45a4b73534499b892b34788abb1dcbba699d30df0fdf389b193f459727bac9af6c3010c82d2b4c30d6afb1eb663da5e61117a4f826feea
|
|
7
|
+
data.tar.gz: 65f652cf3a00c6a17006c15567b26d5ded49674c31c75ccfa03e6663c9d3494cbcc009f941c3227a36d5af8897853b4ece9a3fc598ad444877c7558594cd0797
|
data/CHANGELOG.md
CHANGED
|
@@ -1,2 +1,8 @@
|
|
|
1
|
+
## 0.1.2
|
|
2
|
+
- [DOC] Adds "Technical Preview" call-out to documentation [#4](https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/4)
|
|
3
|
+
|
|
4
|
+
## 0.1.1
|
|
5
|
+
- Fixes an issue that prevents this prototype from being instantiated in an actual Logstash pipeline [#3](https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/3)
|
|
6
|
+
|
|
1
7
|
## 0.1.0
|
|
2
8
|
- Working Prototype: New input to receive events from Elastic Serverless Forwarder (ESF) over HTTP(S) [#1](https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/1)
|
data/docs/index.asciidoc
CHANGED
|
@@ -26,45 +26,58 @@ include::{include_path}/plugin_header.asciidoc[]
|
|
|
26
26
|
Using this input you can receive events from {esf-name} over http(s) connections to the configured <<plugins-{type}s-{plugin}-port>>.
|
|
27
27
|
|
|
28
28
|
[id="plugins-{type}s-{plugin}-ext-field"]
|
|
29
|
-
|
|
29
|
+
===== Minimum Configuration
|
|
30
30
|
[cols="3a,2a"]
|
|
31
31
|
|=======================================================================================================================
|
|
32
32
|
|SSL Enabled |SSL Disabled
|
|
33
33
|
|
|
34
34
|
|
|
|
35
35
|
|
|
36
|
-
[source
|
|
36
|
+
[source]
|
|
37
37
|
----
|
|
38
38
|
input {
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
39
|
+
elastic_serverless_forwarder {
|
|
40
|
+
port => 8080
|
|
41
|
+
ssl_certificate => "/path/to/logstash.crt"
|
|
42
|
+
ssl_key => "/path/to/logstash.key"
|
|
43
43
|
}
|
|
44
44
|
}
|
|
45
45
|
----
|
|
46
46
|
|
|
47
47
|
|
|
|
48
48
|
|
|
49
|
-
[source
|
|
49
|
+
[source]
|
|
50
50
|
----
|
|
51
51
|
input {
|
|
52
52
|
elastic_serverless_forwarder {
|
|
53
|
-
|
|
54
|
-
|
|
53
|
+
port => 8080
|
|
54
|
+
ssl => false
|
|
55
55
|
}
|
|
56
56
|
}
|
|
57
57
|
----
|
|
58
58
|
|
|
59
59
|
|=======================================================================================================================
|
|
60
60
|
|
|
61
|
+
.Technical Preview
|
|
62
|
+
****
|
|
63
|
+
This {esf-name} input plugin is part of a _Technical Preview_, which means that both configuration options and implementation details are subject to change in minor releases without being preceded by deprecation warnings.
|
|
64
|
+
|
|
65
|
+
Before upgrading this plugin or Logstash itself, please pay special attention to this plugin's https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/blob/main/CHANGELOG.md[CHANGELOG.md] to avoid being caught by surprise.
|
|
66
|
+
****
|
|
67
|
+
|
|
68
|
+
|
|
61
69
|
[id="plugins-{type}s-{plugin}-enrichment"]
|
|
62
70
|
==== Enrichment
|
|
63
71
|
|
|
64
72
|
This input provides _minimal enrichment_ on events, and avoids including information about itself, the client from which it received the data, or about the original event as-decoded from the request.
|
|
65
|
-
If the decoded event has a valid ISO8601-encoded `@timestamp`, it will be used. Otherwise this required field will be populated with the current time.
|
|
66
73
|
|
|
67
74
|
NOTE: Senders are advised to use care with respect to fields that are {logstash-ref}/processing.html#reserved-fields[reserved in Logstash].
|
|
75
|
+
ESF sends the Logstash-required `@timestamp` field by default, but if this value is missing it will be populated with the current time.
|
|
76
|
+
|
|
77
|
+
|
|
78
|
+
////
|
|
79
|
+
// BEGIN: Elastic-internal implementation details
|
|
80
|
+
//
|
|
68
81
|
|
|
69
82
|
[id="plugins-{type}s-{plugin}-blocking"]
|
|
70
83
|
==== Blocking Behavior
|
|
@@ -76,6 +89,10 @@ A client that receives an HTTP request timeout is expected to retry the entire r
|
|
|
76
89
|
When this plugin is blocked, it will reject _new_ requests with HTTP `429 Too Many Requests`.
|
|
77
90
|
Clients that receive `429`-s are expected to wait a moment before retrying the request — exponential back-off is encouraged to ease flood recovery.
|
|
78
91
|
|
|
92
|
+
//
|
|
93
|
+
// END: Elastic-internal implementation details
|
|
94
|
+
////
|
|
95
|
+
|
|
79
96
|
[id="plugins-{type}s-{plugin}-security"]
|
|
80
97
|
==== Security
|
|
81
98
|
|
|
@@ -87,7 +104,7 @@ Additionally, you may wish to authenticate clients using SSL client authenticati
|
|
|
87
104
|
|
|
88
105
|
===== SSL Identity
|
|
89
106
|
|
|
90
|
-
In order to establish SSL with a client, this input plugin will need to present an SSL certificate that the client trusts and have access to the associated key.
|
|
107
|
+
In order to establish SSL with a client, this input plugin will need to present an SSL certificate that the client trusts, and have access to the associated key.
|
|
91
108
|
These are configurable with <<plugins-{type}s-{plugin}-ssl_certificate>>, <<plugins-{type}s-{plugin}-ssl_key>>, and optionally <<plugins-{type}s-{plugin}-ssl_key_passphrase>>.
|
|
92
109
|
|
|
93
110
|
===== SSL Client Authentication
|
|
@@ -98,6 +115,8 @@ It can be configured to either request or require client certificates using <<pl
|
|
|
98
115
|
which often also requires configuring it with a list of <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> to trust.
|
|
99
116
|
When validating a certificate that is presented, <<plugins-{type}s-{plugin}-ssl_verification_mode>> controls how certificates are verified.
|
|
100
117
|
|
|
118
|
+
NOTE: ESF does not currently support _presenting_ client certificates, so requesting or requiring clients to present identity is only useful when combined with an SSL-terminating proxy.
|
|
119
|
+
|
|
101
120
|
===== SSL Advanced Configuration
|
|
102
121
|
|
|
103
122
|
This plugin exposes several advanced SSL configurations:
|
|
@@ -233,7 +252,7 @@ For example, the ChaCha20 family of ciphers is not supported in older versions.
|
|
|
233
252
|
* Default value is `"none"`
|
|
234
253
|
|
|
235
254
|
By default the server doesn't do any client authentication.
|
|
236
|
-
This means that connections from clients are
|
|
255
|
+
This means that connections from clients are _private_ when SSL is enabled, but that this input will allow SSL connections from _any_ client.
|
|
237
256
|
If you wish to configure this plugin to reject connections from untrusted hosts, you will need to configure this plugin to authenticate clients, and may also need to configure it with a list of `ssl_certificate_authorities`.
|
|
238
257
|
|
|
239
258
|
[id="plugins-{type}s-{plugin}-ssl_handshake_timeout"]
|
|
@@ -12,9 +12,6 @@ class LogStash::Inputs::ElasticServerlessForwarder < LogStash::Inputs::Base
|
|
|
12
12
|
|
|
13
13
|
config_name "elastic_serverless_forwarder"
|
|
14
14
|
|
|
15
|
-
# no-codec
|
|
16
|
-
config :codec, obsolete: 'The elastic_serverless_forwarder input does not have an externally-configurable codec'
|
|
17
|
-
|
|
18
15
|
# bind address
|
|
19
16
|
config :host, :validate => :string, :default => "0.0.0.0"
|
|
20
17
|
config :port, :validate => :number, :required => true
|
|
@@ -54,6 +51,11 @@ class LogStash::Inputs::ElasticServerlessForwarder < LogStash::Inputs::Base
|
|
|
54
51
|
|
|
55
52
|
def initialize(*a)
|
|
56
53
|
super
|
|
54
|
+
|
|
55
|
+
if original_params.include?('codec')
|
|
56
|
+
fail LogStash::ConfigurationError, 'The `elastic_serverless_forwarder` input does not have an externally-configurable `codec`'
|
|
57
|
+
end
|
|
58
|
+
|
|
57
59
|
@internal_http = plugin_factory.input('http').new(inner_http_input_options)
|
|
58
60
|
end
|
|
59
61
|
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = 'logstash-input-elastic_serverless_forwarder'
|
|
5
|
-
s.version = '0.1.
|
|
5
|
+
s.version = '0.1.2'
|
|
6
6
|
s.licenses = ['Apache License (2.0)']
|
|
7
7
|
s.summary = "Receives events from Elastic Serverless Forwarder over HTTP or HTTPS"
|
|
8
8
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -41,6 +41,38 @@ describe LogStash::Inputs::ElasticServerlessForwarder do
|
|
|
41
41
|
esf_input.stop
|
|
42
42
|
end
|
|
43
43
|
|
|
44
|
+
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
context 'no user-defined codec' do
|
|
48
|
+
let(:config) { super().merge('ssl' => false) } # minimal config
|
|
49
|
+
|
|
50
|
+
##
|
|
51
|
+
# @codec ivar is required PENDING https://github.com/elastic/logstash/issues/14828
|
|
52
|
+
context 'codec handling' do
|
|
53
|
+
it 'has an `@codec` ivar that inherits from `LogStash::Codecs::Base`' do
|
|
54
|
+
expect(esf_input).to be_instance_variable_defined(:@codec)
|
|
55
|
+
codec = esf_input.instance_variable_get(:@codec)
|
|
56
|
+
|
|
57
|
+
expect(codec).to_not be_nil
|
|
58
|
+
expect(codec.class).to be < LogStash::Codecs::Base # LogStash::Codecs::Delegator shenanigans
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
context 'when instantiated with a string codec' do
|
|
63
|
+
let(:config) { super().merge("codec" => "json_lines") }
|
|
64
|
+
it 'fails with a helpful configuration error' do
|
|
65
|
+
expect { described_class.new(config) }.to raise_exception(LogStash::ConfigurationError, a_string_including("codec"))
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
context 'when instantiated with a codec instance' do
|
|
70
|
+
let(:codec_instance) { Class.new(LogStash::Codecs::Base) { config_name 'test'}.new("id" => "123") }
|
|
71
|
+
let(:config) { super().merge("codec" => codec_instance) }
|
|
72
|
+
it 'fails with a helpful configuration error' do
|
|
73
|
+
expect { described_class.new(config) }.to raise_exception(LogStash::ConfigurationError, a_string_including("codec"))
|
|
74
|
+
end
|
|
75
|
+
end
|
|
44
76
|
end
|
|
45
77
|
|
|
46
78
|
shared_context "basic request handling" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-input-elastic_serverless_forwarder
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-02-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|