logstash-input-elastic_serverless_forwarder 0.1.0-java → 0.1.2-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 14190aec17bc2282d956db77e43a6118fbbe8ed156e53ca295f9064b202706b1
|
|
4
|
+
data.tar.gz: 2bcb76de61764a863882b3f40d9af35d2ff9867b0d8a00d31346e81a677c00f7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: db6ad54b41a91e677c45a4b73534499b892b34788abb1dcbba699d30df0fdf389b193f459727bac9af6c3010c82d2b4c30d6afb1eb663da5e61117a4f826feea
|
|
7
|
+
data.tar.gz: 65f652cf3a00c6a17006c15567b26d5ded49674c31c75ccfa03e6663c9d3494cbcc009f941c3227a36d5af8897853b4ece9a3fc598ad444877c7558594cd0797
|
data/CHANGELOG.md
CHANGED
|
@@ -1,2 +1,8 @@
|
|
|
1
|
+
## 0.1.2
|
|
2
|
+
- [DOC] Adds "Technical Preview" call-out to documentation [#4](https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/4)
|
|
3
|
+
|
|
4
|
+
## 0.1.1
|
|
5
|
+
- Fixes an issue that prevents this prototype from being instantiated in an actual Logstash pipeline [#3](https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/3)
|
|
6
|
+
|
|
1
7
|
## 0.1.0
|
|
2
8
|
- Working Prototype: New input to receive events from Elastic Serverless Forwarder (ESF) over HTTP(S) [#1](https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/pull/1)
|
data/docs/index.asciidoc
CHANGED
|
@@ -26,45 +26,58 @@ include::{include_path}/plugin_header.asciidoc[]
|
|
|
26
26
|
Using this input you can receive events from {esf-name} over http(s) connections to the configured <<plugins-{type}s-{plugin}-port>>.
|
|
27
27
|
|
|
28
28
|
[id="plugins-{type}s-{plugin}-ext-field"]
|
|
29
|
-
|
|
29
|
+
===== Minimum Configuration
|
|
30
30
|
[cols="3a,2a"]
|
|
31
31
|
|=======================================================================================================================
|
|
32
32
|
|SSL Enabled |SSL Disabled
|
|
33
33
|
|
|
34
34
|
|
|
|
35
35
|
|
|
36
|
-
[source
|
|
36
|
+
[source]
|
|
37
37
|
----
|
|
38
38
|
input {
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
39
|
+
elastic_serverless_forwarder {
|
|
40
|
+
port => 8080
|
|
41
|
+
ssl_certificate => "/path/to/logstash.crt"
|
|
42
|
+
ssl_key => "/path/to/logstash.key"
|
|
43
43
|
}
|
|
44
44
|
}
|
|
45
45
|
----
|
|
46
46
|
|
|
47
47
|
|
|
|
48
48
|
|
|
49
|
-
[source
|
|
49
|
+
[source]
|
|
50
50
|
----
|
|
51
51
|
input {
|
|
52
52
|
elastic_serverless_forwarder {
|
|
53
|
-
|
|
54
|
-
|
|
53
|
+
port => 8080
|
|
54
|
+
ssl => false
|
|
55
55
|
}
|
|
56
56
|
}
|
|
57
57
|
----
|
|
58
58
|
|
|
59
59
|
|=======================================================================================================================
|
|
60
60
|
|
|
61
|
+
.Technical Preview
|
|
62
|
+
****
|
|
63
|
+
This {esf-name} input plugin is part of a _Technical Preview_, which means that both configuration options and implementation details are subject to change in minor releases without being preceded by deprecation warnings.
|
|
64
|
+
|
|
65
|
+
Before upgrading this plugin or Logstash itself, please pay special attention to this plugin's https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/blob/main/CHANGELOG.md[CHANGELOG.md] to avoid being caught by surprise.
|
|
66
|
+
****
|
|
67
|
+
|
|
68
|
+
|
|
61
69
|
[id="plugins-{type}s-{plugin}-enrichment"]
|
|
62
70
|
==== Enrichment
|
|
63
71
|
|
|
64
72
|
This input provides _minimal enrichment_ on events, and avoids including information about itself, the client from which it received the data, or about the original event as-decoded from the request.
|
|
65
|
-
If the decoded event has a valid ISO8601-encoded `@timestamp`, it will be used. Otherwise this required field will be populated with the current time.
|
|
66
73
|
|
|
67
74
|
NOTE: Senders are advised to use care with respect to fields that are {logstash-ref}/processing.html#reserved-fields[reserved in Logstash].
|
|
75
|
+
ESF sends the Logstash-required `@timestamp` field by default, but if this value is missing it will be populated with the current time.
|
|
76
|
+
|
|
77
|
+
|
|
78
|
+
////
|
|
79
|
+
// BEGIN: Elastic-internal implementation details
|
|
80
|
+
//
|
|
68
81
|
|
|
69
82
|
[id="plugins-{type}s-{plugin}-blocking"]
|
|
70
83
|
==== Blocking Behavior
|
|
@@ -76,6 +89,10 @@ A client that receives an HTTP request timeout is expected to retry the entire r
|
|
|
76
89
|
When this plugin is blocked, it will reject _new_ requests with HTTP `429 Too Many Requests`.
|
|
77
90
|
Clients that receive `429`-s are expected to wait a moment before retrying the request — exponential back-off is encouraged to ease flood recovery.
|
|
78
91
|
|
|
92
|
+
//
|
|
93
|
+
// END: Elastic-internal implementation details
|
|
94
|
+
////
|
|
95
|
+
|
|
79
96
|
[id="plugins-{type}s-{plugin}-security"]
|
|
80
97
|
==== Security
|
|
81
98
|
|
|
@@ -87,7 +104,7 @@ Additionally, you may wish to authenticate clients using SSL client authenticati
|
|
|
87
104
|
|
|
88
105
|
===== SSL Identity
|
|
89
106
|
|
|
90
|
-
In order to establish SSL with a client, this input plugin will need to present an SSL certificate that the client trusts and have access to the associated key.
|
|
107
|
+
In order to establish SSL with a client, this input plugin will need to present an SSL certificate that the client trusts, and have access to the associated key.
|
|
91
108
|
These are configurable with <<plugins-{type}s-{plugin}-ssl_certificate>>, <<plugins-{type}s-{plugin}-ssl_key>>, and optionally <<plugins-{type}s-{plugin}-ssl_key_passphrase>>.
|
|
92
109
|
|
|
93
110
|
===== SSL Client Authentication
|
|
@@ -98,6 +115,8 @@ It can be configured to either request or require client certificates using <<pl
|
|
|
98
115
|
which often also requires configuring it with a list of <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> to trust.
|
|
99
116
|
When validating a certificate that is presented, <<plugins-{type}s-{plugin}-ssl_verification_mode>> controls how certificates are verified.
|
|
100
117
|
|
|
118
|
+
NOTE: ESF does not currently support _presenting_ client certificates, so requesting or requiring clients to present identity is only useful when combined with an SSL-terminating proxy.
|
|
119
|
+
|
|
101
120
|
===== SSL Advanced Configuration
|
|
102
121
|
|
|
103
122
|
This plugin exposes several advanced SSL configurations:
|
|
@@ -233,7 +252,7 @@ For example, the ChaCha20 family of ciphers is not supported in older versions.
|
|
|
233
252
|
* Default value is `"none"`
|
|
234
253
|
|
|
235
254
|
By default the server doesn't do any client authentication.
|
|
236
|
-
This means that connections from clients are
|
|
255
|
+
This means that connections from clients are _private_ when SSL is enabled, but that this input will allow SSL connections from _any_ client.
|
|
237
256
|
If you wish to configure this plugin to reject connections from untrusted hosts, you will need to configure this plugin to authenticate clients, and may also need to configure it with a list of `ssl_certificate_authorities`.
|
|
238
257
|
|
|
239
258
|
[id="plugins-{type}s-{plugin}-ssl_handshake_timeout"]
|
|
@@ -12,9 +12,6 @@ class LogStash::Inputs::ElasticServerlessForwarder < LogStash::Inputs::Base
|
|
|
12
12
|
|
|
13
13
|
config_name "elastic_serverless_forwarder"
|
|
14
14
|
|
|
15
|
-
# no-codec
|
|
16
|
-
config :codec, obsolete: 'The elastic_serverless_forwarder input does not have an externally-configurable codec'
|
|
17
|
-
|
|
18
15
|
# bind address
|
|
19
16
|
config :host, :validate => :string, :default => "0.0.0.0"
|
|
20
17
|
config :port, :validate => :number, :required => true
|
|
@@ -54,6 +51,11 @@ class LogStash::Inputs::ElasticServerlessForwarder < LogStash::Inputs::Base
|
|
|
54
51
|
|
|
55
52
|
def initialize(*a)
|
|
56
53
|
super
|
|
54
|
+
|
|
55
|
+
if original_params.include?('codec')
|
|
56
|
+
fail LogStash::ConfigurationError, 'The `elastic_serverless_forwarder` input does not have an externally-configurable `codec`'
|
|
57
|
+
end
|
|
58
|
+
|
|
57
59
|
@internal_http = plugin_factory.input('http').new(inner_http_input_options)
|
|
58
60
|
end
|
|
59
61
|
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |s|
|
|
4
4
|
s.name = 'logstash-input-elastic_serverless_forwarder'
|
|
5
|
-
s.version = '0.1.
|
|
5
|
+
s.version = '0.1.2'
|
|
6
6
|
s.licenses = ['Apache License (2.0)']
|
|
7
7
|
s.summary = "Receives events from Elastic Serverless Forwarder over HTTP or HTTPS"
|
|
8
8
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -41,6 +41,38 @@ describe LogStash::Inputs::ElasticServerlessForwarder do
|
|
|
41
41
|
esf_input.stop
|
|
42
42
|
end
|
|
43
43
|
|
|
44
|
+
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
context 'no user-defined codec' do
|
|
48
|
+
let(:config) { super().merge('ssl' => false) } # minimal config
|
|
49
|
+
|
|
50
|
+
##
|
|
51
|
+
# @codec ivar is required PENDING https://github.com/elastic/logstash/issues/14828
|
|
52
|
+
context 'codec handling' do
|
|
53
|
+
it 'has an `@codec` ivar that inherits from `LogStash::Codecs::Base`' do
|
|
54
|
+
expect(esf_input).to be_instance_variable_defined(:@codec)
|
|
55
|
+
codec = esf_input.instance_variable_get(:@codec)
|
|
56
|
+
|
|
57
|
+
expect(codec).to_not be_nil
|
|
58
|
+
expect(codec.class).to be < LogStash::Codecs::Base # LogStash::Codecs::Delegator shenanigans
|
|
59
|
+
end
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
context 'when instantiated with a string codec' do
|
|
63
|
+
let(:config) { super().merge("codec" => "json_lines") }
|
|
64
|
+
it 'fails with a helpful configuration error' do
|
|
65
|
+
expect { described_class.new(config) }.to raise_exception(LogStash::ConfigurationError, a_string_including("codec"))
|
|
66
|
+
end
|
|
67
|
+
end
|
|
68
|
+
|
|
69
|
+
context 'when instantiated with a codec instance' do
|
|
70
|
+
let(:codec_instance) { Class.new(LogStash::Codecs::Base) { config_name 'test'}.new("id" => "123") }
|
|
71
|
+
let(:config) { super().merge("codec" => codec_instance) }
|
|
72
|
+
it 'fails with a helpful configuration error' do
|
|
73
|
+
expect { described_class.new(config) }.to raise_exception(LogStash::ConfigurationError, a_string_including("codec"))
|
|
74
|
+
end
|
|
75
|
+
end
|
|
44
76
|
end
|
|
45
77
|
|
|
46
78
|
shared_context "basic request handling" do
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-input-elastic_serverless_forwarder
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.1.
|
|
4
|
+
version: 0.1.2
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-02-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|