logstash-input-elasticsearch 4.21.2 → 5.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -6
- data/docs/index.asciidoc +15 -45
- data/lib/logstash/inputs/elasticsearch.rb +9 -45
- data/logstash-input-elasticsearch.gemspec +1 -1
- data/spec/inputs/elasticsearch_spec.rb +13 -0
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 435dd3535dc912d60a6b363a3f04d61261106e844b21fc250b2b68867c12e3e6
|
|
4
|
+
data.tar.gz: 2b1b4677f75e491f70cfcf119c78576c5060dcfb3bb88aa4d8ac6953ec188f43
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cff6d761bea5229ce1bced81889c747a5fe04ac481d7009b1d33110b2fb598c15a0db366c3ce1fb17e26d16ef713281683cfd894b46dfb499d2de3a5af61695d
|
|
7
|
+
data.tar.gz: fcd0202d0b949194a361d1b05e813196ea8958147ba6b107b2e68d83861975144ff30139ee5f302e5abce626fbdecf05529a0f95284bdb6c7a7f1f11c0f33325
|
data/CHANGELOG.md
CHANGED
|
@@ -1,12 +1,18 @@
|
|
|
1
|
-
##
|
|
2
|
-
- Add elastic-transport client support used in elasticsearch-ruby 8.x [#
|
|
1
|
+
## 5.0.2
|
|
2
|
+
- Add elastic-transport client support used in elasticsearch-ruby 8.x [#223](https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/223)
|
|
3
3
|
|
|
4
|
-
##
|
|
5
|
-
- Fix: prevent plugin crash when hits contain illegal structure [#
|
|
4
|
+
## 5.0.1
|
|
5
|
+
- Fix: prevent plugin crash when hits contain illegal structure [#218](https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/218)
|
|
6
6
|
- When a hit cannot be converted to an event, the input now emits an event tagged with `_elasticsearch_input_failure` with an `[event][original]` containing a JSON-encoded string representation of the entire hit.
|
|
7
7
|
|
|
8
|
-
##
|
|
9
|
-
-
|
|
8
|
+
## 5.0.0
|
|
9
|
+
- SSL settings that were marked deprecated in version `4.17.0` are now marked obsolete, and will prevent the plugin from starting.
|
|
10
|
+
- These settings are:
|
|
11
|
+
- `ssl`, which should bre replaced by `ssl_enabled`
|
|
12
|
+
- `ca_file`, which should bre replaced by `ssl_certificate_authorities`
|
|
13
|
+
- `ssl_certificate_verification`, which should bre replaced by `ssl_verification_mode`
|
|
14
|
+
- [#213](https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/213)
|
|
15
|
+
- Add support for custom headers [#207](https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/207)
|
|
10
16
|
|
|
11
17
|
## 4.20.5
|
|
12
18
|
- Add `x-elastic-product-origin` header to Elasticsearch requests [#211](https://github.com/logstash-plugins/logstash-input-elasticsearch/pull/211)
|
data/docs/index.asciidoc
CHANGED
|
@@ -106,7 +106,10 @@ Common causes are:
|
|
|
106
106
|
[id="plugins-{type}s-{plugin}-options"]
|
|
107
107
|
==== Elasticsearch Input configuration options
|
|
108
108
|
|
|
109
|
-
This plugin supports
|
|
109
|
+
This plugin supports these configuration options plus the <<plugins-{type}s-{plugin}-common-options>> described later.
|
|
110
|
+
|
|
111
|
+
NOTE: As of version `5.0.0` of this plugin, a number of previously deprecated settings related to SSL have been removed.
|
|
112
|
+
Please check out <<plugins-{type}s-{plugin}-obsolete-options>> for details.
|
|
110
113
|
|
|
111
114
|
[cols="<,<,<",options="header",]
|
|
112
115
|
|=======================================================================
|
|
@@ -499,6 +502,8 @@ Enable SSL/TLS secured communication to Elasticsearch cluster.
|
|
|
499
502
|
Leaving this unspecified will use whatever scheme is specified in the URLs listed in <<plugins-{type}s-{plugin}-hosts>> or extracted from the <<plugins-{type}s-{plugin}-cloud_id>>.
|
|
500
503
|
If no explicit protocol is specified plain HTTP will be used.
|
|
501
504
|
|
|
505
|
+
When not explicitly set, SSL will be automatically enabled if any of the specified hosts use HTTPS.
|
|
506
|
+
|
|
502
507
|
[id="plugins-{type}s-{plugin}-ssl_key"]
|
|
503
508
|
===== `ssl_key`
|
|
504
509
|
* Value type is <<path,path>>
|
|
@@ -629,56 +634,21 @@ option when authenticating to the Elasticsearch server. If set to an
|
|
|
629
634
|
empty string authentication will be disabled.
|
|
630
635
|
|
|
631
636
|
|
|
632
|
-
[id="plugins-{type}s-{plugin}-
|
|
633
|
-
==== Elasticsearch Input
|
|
637
|
+
[id="plugins-{type}s-{plugin}-obsolete-options"]
|
|
638
|
+
==== Elasticsearch Input Obsolete Configuration Options
|
|
634
639
|
|
|
635
|
-
|
|
640
|
+
WARNING: As of version `5.0.0` of this plugin, some configuration options have been replaced.
|
|
641
|
+
The plugin will fail to start if it contains any of these obsolete options.
|
|
636
642
|
|
|
637
|
-
WARNING: Deprecated options are subject to removal in future releases.
|
|
638
643
|
|
|
639
|
-
[cols="
|
|
644
|
+
[cols="<,<",options="header",]
|
|
640
645
|
|=======================================================================
|
|
641
|
-
|Setting|
|
|
642
|
-
|
|
|
643
|
-
|
|
|
644
|
-
|
|
|
646
|
+
|Setting|Replaced by
|
|
647
|
+
| ca_file | <<plugins-{type}s-{plugin}-ssl_certificate_authorities>>
|
|
648
|
+
| ssl | <<plugins-{type}s-{plugin}-ssl_enabled>>
|
|
649
|
+
| ssl_certificate_verification | <<plugins-{type}s-{plugin}-ssl_verification_mode>>
|
|
645
650
|
|=======================================================================
|
|
646
651
|
|
|
647
|
-
[id="plugins-{type}s-{plugin}-ca_file"]
|
|
648
|
-
===== `ca_file`
|
|
649
|
-
deprecated[4.17.0, Replaced by <<plugins-{type}s-{plugin}-ssl_certificate_authorities>>]
|
|
650
|
-
|
|
651
|
-
* Value type is <<path,path>>
|
|
652
|
-
* There is no default value for this setting.
|
|
653
|
-
|
|
654
|
-
SSL Certificate Authority file in PEM encoded format, must also include any chain certificates as necessary.
|
|
655
|
-
|
|
656
|
-
[id="plugins-{type}s-{plugin}-ssl"]
|
|
657
|
-
===== `ssl`
|
|
658
|
-
deprecated[4.17.0, Replaced by <<plugins-{type}s-{plugin}-ssl_enabled>>]
|
|
659
|
-
|
|
660
|
-
* Value type is <<boolean,boolean>>
|
|
661
|
-
* Default value is `false`
|
|
662
|
-
|
|
663
|
-
If enabled, SSL will be used when communicating with the Elasticsearch
|
|
664
|
-
server (i.e. HTTPS will be used instead of plain HTTP).
|
|
665
|
-
|
|
666
|
-
|
|
667
|
-
[id="plugins-{type}s-{plugin}-ssl_certificate_verification"]
|
|
668
|
-
===== `ssl_certificate_verification`
|
|
669
|
-
deprecated[4.17.0, Replaced by <<plugins-{type}s-{plugin}-ssl_verification_mode>>]
|
|
670
|
-
|
|
671
|
-
* Value type is <<boolean,boolean>>
|
|
672
|
-
* Default value is `true`
|
|
673
|
-
|
|
674
|
-
Option to validate the server's certificate. Disabling this severely compromises security.
|
|
675
|
-
When certificate validation is disabled, this plugin implicitly trusts the machine
|
|
676
|
-
resolved at the given address without validating its proof-of-identity.
|
|
677
|
-
In this scenario, the plugin can transmit credentials to or process data from an untrustworthy
|
|
678
|
-
man-in-the-middle or other compromised infrastructure.
|
|
679
|
-
More information on the importance of certificate verification:
|
|
680
|
-
**https://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf**.
|
|
681
|
-
|
|
682
652
|
[id="plugins-{type}s-{plugin}-common-options"]
|
|
683
653
|
include::{include_path}/{type}.asciidoc[]
|
|
684
654
|
|
|
@@ -199,23 +199,12 @@ class LogStash::Inputs::Elasticsearch < LogStash::Inputs::Base
|
|
|
199
199
|
# Set the address of a forward HTTP proxy.
|
|
200
200
|
config :proxy, :validate => :uri_or_empty
|
|
201
201
|
|
|
202
|
-
# SSL
|
|
203
|
-
config :ssl, :validate => :boolean, :default => false, :deprecated => "Set 'ssl_enabled' instead."
|
|
204
|
-
|
|
205
|
-
# SSL Certificate Authority file in PEM encoded format, must also include any chain certificates as necessary
|
|
206
|
-
config :ca_file, :validate => :path, :deprecated => "Set 'ssl_certificate_authorities' instead."
|
|
207
|
-
|
|
208
202
|
# OpenSSL-style X.509 certificate certificate to authenticate the client
|
|
209
203
|
config :ssl_certificate, :validate => :path
|
|
210
204
|
|
|
211
205
|
# SSL Certificate Authority files in PEM encoded format, must also include any chain certificates as necessary
|
|
212
206
|
config :ssl_certificate_authorities, :validate => :path, :list => true
|
|
213
207
|
|
|
214
|
-
# Option to validate the server's certificate. Disabling this severely compromises security.
|
|
215
|
-
# For more information on the importance of certificate verification please read
|
|
216
|
-
# https://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
|
|
217
|
-
config :ssl_certificate_verification, :validate => :boolean, :default => true, :deprecated => "Set 'ssl_verification_mode' instead."
|
|
218
|
-
|
|
219
208
|
# The list of cipher suites to use, listed by priorities.
|
|
220
209
|
# Supported cipher suites vary depending on which version of Java is used.
|
|
221
210
|
config :ssl_cipher_suites, :validate => :string, :list => true
|
|
@@ -243,7 +232,6 @@ class LogStash::Inputs::Elasticsearch < LogStash::Inputs::Base
|
|
|
243
232
|
config :ssl_truststore_password, :validate => :password
|
|
244
233
|
|
|
245
234
|
# The JKS truststore to validate the server's certificate.
|
|
246
|
-
# Use either `:ssl_truststore_path` or `:ssl_certificate_authorities`
|
|
247
235
|
config :ssl_truststore_path, :validate => :path
|
|
248
236
|
|
|
249
237
|
# The format of the truststore file. It must be either jks or pkcs12
|
|
@@ -265,6 +253,11 @@ class LogStash::Inputs::Elasticsearch < LogStash::Inputs::Base
|
|
|
265
253
|
# If set, the _source of each hit will be added nested under the target instead of at the top-level
|
|
266
254
|
config :target, :validate => :field_reference
|
|
267
255
|
|
|
256
|
+
# Obsolete Settings
|
|
257
|
+
config :ssl, :obsolete => "Set 'ssl_enabled' instead."
|
|
258
|
+
config :ca_file, :obsolete => "Set 'ssl_certificate_authorities' instead."
|
|
259
|
+
config :ssl_certificate_verification, :obsolete => "Set 'ssl_verification_mode' instead."
|
|
260
|
+
|
|
268
261
|
# config :ca_trusted_fingerprint, :validate => :sha_256_hex
|
|
269
262
|
include LogStash::PluginMixins::CATrustedFingerprintSupport
|
|
270
263
|
|
|
@@ -418,8 +411,6 @@ class LogStash::Inputs::Elasticsearch < LogStash::Inputs::Base
|
|
|
418
411
|
ssl_options[:ssl] = true if @ssl_enabled
|
|
419
412
|
|
|
420
413
|
unless @ssl_enabled
|
|
421
|
-
# Keep it backward compatible with the deprecated `ssl` option
|
|
422
|
-
ssl_options[:trust_strategy] = trust_strategy_for_ca_trusted_fingerprint if original_params.include?('ssl')
|
|
423
414
|
return ssl_options
|
|
424
415
|
end
|
|
425
416
|
|
|
@@ -483,38 +474,11 @@ class LogStash::Inputs::Elasticsearch < LogStash::Inputs::Base
|
|
|
483
474
|
end
|
|
484
475
|
|
|
485
476
|
def setup_ssl_params!
|
|
486
|
-
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
|
|
490
|
-
# Infer the value if neither the deprecate `ssl` and `ssl_enabled` were set
|
|
491
|
-
infer_ssl_enabled_from_hosts
|
|
492
|
-
|
|
493
|
-
@ssl_certificate_authorities = normalize_config(:ssl_certificate_authorities) do |normalize|
|
|
494
|
-
normalize.with_deprecated_mapping(:ca_file) do |ca_file|
|
|
495
|
-
[ca_file]
|
|
496
|
-
end
|
|
477
|
+
# Only infer ssl_enabled if it wasn't explicitly set
|
|
478
|
+
unless original_params.include?('ssl_enabled')
|
|
479
|
+
@ssl_enabled = effectively_ssl?
|
|
480
|
+
params['ssl_enabled'] = @ssl_enabled
|
|
497
481
|
end
|
|
498
|
-
|
|
499
|
-
@ssl_verification_mode = normalize_config(:ssl_verification_mode) do |normalize|
|
|
500
|
-
normalize.with_deprecated_mapping(:ssl_certificate_verification) do |ssl_certificate_verification|
|
|
501
|
-
if ssl_certificate_verification == true
|
|
502
|
-
"full"
|
|
503
|
-
else
|
|
504
|
-
"none"
|
|
505
|
-
end
|
|
506
|
-
end
|
|
507
|
-
end
|
|
508
|
-
|
|
509
|
-
params['ssl_enabled'] = @ssl_enabled
|
|
510
|
-
params['ssl_certificate_authorities'] = @ssl_certificate_authorities unless @ssl_certificate_authorities.nil?
|
|
511
|
-
params['ssl_verification_mode'] = @ssl_verification_mode unless @ssl_verification_mode.nil?
|
|
512
|
-
end
|
|
513
|
-
|
|
514
|
-
def infer_ssl_enabled_from_hosts
|
|
515
|
-
return if original_params.include?('ssl') || original_params.include?('ssl_enabled')
|
|
516
|
-
|
|
517
|
-
@ssl_enabled = params['ssl_enabled'] = effectively_ssl?
|
|
518
482
|
end
|
|
519
483
|
|
|
520
484
|
def setup_hosts
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
|
|
3
3
|
s.name = 'logstash-input-elasticsearch'
|
|
4
|
-
s.version = '
|
|
4
|
+
s.version = '5.0.2'
|
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
|
6
6
|
s.summary = "Reads query results from an Elasticsearch cluster"
|
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -65,6 +65,19 @@ describe LogStash::Inputs::Elasticsearch, :ecs_compatibility_support do
|
|
|
65
65
|
end
|
|
66
66
|
end
|
|
67
67
|
|
|
68
|
+
describe 'handling obsolete settings' do
|
|
69
|
+
[{:name => 'ssl', :replacement => 'ssl_enabled', :sample_value => true},
|
|
70
|
+
{:name => 'ca_file', :replacement => 'ssl_certificate_authorities', :sample_value => 'spec/fixtures/test_certs/ca.crt'},
|
|
71
|
+
{:name => 'ssl_certificate_verification', :replacement => 'ssl_verification_mode', :sample_value => false }].each do | obsolete_setting|
|
|
72
|
+
context "with obsolete #{obsolete_setting[:name]}" do
|
|
73
|
+
let (:config) { {obsolete_setting[:name] => obsolete_setting[:sample_value]} }
|
|
74
|
+
it "should raise a config error with the appropriate message" do
|
|
75
|
+
expect { plugin.register }.to raise_error LogStash::ConfigurationError, /The setting `#{obsolete_setting[:name]}` in plugin `elasticsearch` is obsolete and is no longer available. Set '#{obsolete_setting[:replacement]}' instead/i
|
|
76
|
+
end
|
|
77
|
+
end
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
68
81
|
context "against not authentic Elasticsearch" do
|
|
69
82
|
before(:each) do
|
|
70
83
|
Elasticsearch::Client.send(:define_method, :ping) { raise Elasticsearch::UnsupportedProductError.new("Fake error") } # define error ping method
|