logstash-input-okta_enterprise 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8d9e8104fd93142a38dda0c356c17c2683f7c786
4
- data.tar.gz: 62d0cf3957e8b6e8402b2b47464aae208a159501
3
+ metadata.gz: b34210b7e44a465d7076fd2e3992f0c0f456edec
4
+ data.tar.gz: c64c72d6963933eec6eb214eab4228e2d2bd6138
5
5
  SHA512:
6
- metadata.gz: 6ec0cd5914f7af3ebb110ea5890caef8582575521a9c29bd77f3ec49a38c97d344a31d28a602c4cd6ad9d1e40915a6557a8d2f4e5ae413596eee4c8cadc49492
7
- data.tar.gz: 1840ab41b09a997ea52bb6ffd503f94990f5066a5ddfb66c73ca6a2c8e36b2052685689953a73ba76d9cf086af93249f56a88bfa6ba2d88955f96415d48d8a2c
6
+ metadata.gz: bfa6a760c4583967263d019432138727b3d9c58c4b30195330d0a15fb5687d48032278f09c77f79627720418a5b6e77b45310de161c0aa03f64bd58c4c075af1
7
+ data.tar.gz: 27ef0db080a75a1a08d02a804d9359a1a112f4ca6b70123cf38e9fe1437a1fbb4ef3cc3df0efa6e38dc3c0c1e6115387f7eed86e07fc6742c94a2590ae2bbb1a
data/Gemfile CHANGED
@@ -1,3 +1,11 @@
1
1
  source 'https://rubygems.org'
2
+
2
3
  gemspec
3
4
 
5
+ logstash_path = ENV["LOGSTASH_PATH"] || "../../logstash"
6
+ use_logstash_source = ENV["LOGSTASH_SOURCE"] && ENV["LOGSTASH_SOURCE"].to_s == "1"
7
+
8
+ if Dir.exist?(logstash_path) && use_logstash_source
9
+ gem 'logstash-core', :path => "#{logstash_path}/logstash-core"
10
+ gem 'logstash-core-plugin-api', :path => "#{logstash_path}/logstash-core-plugin-api"
11
+ end
@@ -209,9 +209,9 @@ class LogStash::Inputs::OktaEnterprise < LogStash::Inputs::Base
209
209
  @auth_token = @auth_token_env
210
210
  end
211
211
 
212
- unless (@auth_token.index(/[^A-Za-z0-9-]/).nil?)
212
+ unless (@auth_token.index(/[^A-Za-z0-9\-_~]/).nil?)
213
213
  raise LogStash::ConfigurationError, "The auth_token should be" +
214
- "alpha-numeric characters only, please check the token to ensure it is correct."
214
+ "unreserved characters only, please check the token to ensure it is correct."
215
215
  end
216
216
 
217
217
  if (@start_date and @filter)
@@ -437,15 +437,26 @@ class LogStash::Inputs::OktaEnterprise < LogStash::Inputs::Base
437
437
  end
438
438
  end
439
439
 
440
- @codec.decode(response.body) do |decoded|
441
- event = @target ? LogStash::Event.new(@target => decoded.to_hash) : decoded
442
- apply_metadata(event, requested_url, response, exec_time)
443
- decorate(event)
444
- queue << event
440
+ if (response.body.length > 0)
441
+ @codec.decode(response.body) do |decoded|
442
+ event = @target ? LogStash::Event.new(@target => decoded.to_hash) : decoded
443
+ apply_metadata(event, requested_url, response, exec_time)
444
+ decorate(event)
445
+ queue << event
446
+ end
447
+ else
448
+ @codec.decode("{}") do |decoded|
449
+ event = @target ? LogStash::Event.new(@target => decoded.to_hash) : decoded
450
+ apply_metadata(event, requested_url, response, exec_time)
451
+ decorate(event)
452
+ queue << event
453
+ end
445
454
  end
455
+
446
456
 
447
457
  if (Array(response.headers["link"]).count > 1)
448
458
  @continue = true
459
+ @logger.debug("Continue status", :continue => @continue )
449
460
  end
450
461
 
451
462
  @logger.info("Successful response returned", :code => response.code, :headers => response.headers)
@@ -455,9 +466,9 @@ class LogStash::Inputs::OktaEnterprise < LogStash::Inputs::Base
455
466
  @codec.decode(response.body) do |decoded|
456
467
  event = @target ? LogStash::Event.new(@target => decoded.to_hash) : decoded
457
468
  apply_metadata(event, requested_url, response, exec_time)
458
- event["Okta-Plugin-Status"] = "Auth_token supplied is not valid, " +
459
- "validate the auth_token and update the plugin config."
460
- event["HTTP-Code"] = 401
469
+ event.set("Okta-Plugin-Status","Auth_token supplied is not valid, " +
470
+ "validate the auth_token and update the plugin config.")
471
+ event.set("HTTP-Code",401)
461
472
  event.tag("_okta_response_error")
462
473
  decorate(event)
463
474
  queue << event
@@ -473,8 +484,8 @@ class LogStash::Inputs::OktaEnterprise < LogStash::Inputs::Base
473
484
  @codec.decode(response.body) do |decoded|
474
485
  event = @target ? LogStash::Event.new(@target => decoded.to_hash) : decoded
475
486
  apply_metadata(event, requested_url, response, exec_time)
476
- event["Okta-Plugin-Status"] = "Filter string was not valid."
477
- event["HTTP-Code"] = 400
487
+ event.set("Okta-Plugin-Status","Filter string was not valid.")
488
+ event.set("HTTP-Code",400)
478
489
  event.tag("_okta_response_error")
479
490
  decorate(event)
480
491
  queue << event
@@ -494,8 +505,8 @@ class LogStash::Inputs::OktaEnterprise < LogStash::Inputs::Base
494
505
  @codec.decode(response.body) do |decoded|
495
506
  event = @target ? LogStash::Event.new(@target => decoded.to_hash) : decoded
496
507
  apply_metadata(event, requested_url, response, exec_time)
497
- event["Okta-Plugin-Status"] = "Date was not formatted correctly."
498
- event["HTTP-Code"] = 400
508
+ event.set("Okta-Plugin-Status","Date was not formatted correctly.")
509
+ event.set("HTTP-Code",400)
499
510
  event.tag("_okta_response_error")
500
511
  decorate(event)
501
512
  queue << event
@@ -526,8 +537,8 @@ class LogStash::Inputs::OktaEnterprise < LogStash::Inputs::Base
526
537
  @codec.decode(response.body) do |decoded|
527
538
  event = @target ? LogStash::Event.new(@target => decoded.to_hash) : decoded
528
539
  apply_metadata(event, requested_url, response, exec_time)
529
- event["Okta-Plugin-Status"] = "Unknown error, see Okta error"
530
- event["HTTP-Code"] = response.code
540
+ event.set("Okta-Plugin-Status","Unknown error, see Okta error")
541
+ event.set("HTTP-Code",response.code)
531
542
  event.tag("_okta_response_error")
532
543
  decorate(event)
533
544
  queue << event
@@ -548,11 +559,11 @@ class LogStash::Inputs::OktaEnterprise < LogStash::Inputs::Base
548
559
 
549
560
  event = LogStash::Event.new
550
561
  apply_metadata(event, requested_url, nil, exec_time)
551
- event["http_request_failure"] = {
562
+ event.set("http_request_failure", {
552
563
  "Okta-Plugin-Status" => "Client Connection Error",
553
564
  "Connection-Error" => exception.message,
554
565
  "backtrace" => exception.backtrace
555
- }
566
+ })
556
567
  event.tag("_http_request_failure")
557
568
  decorate(event)
558
569
  queue << event
@@ -563,6 +574,7 @@ class LogStash::Inputs::OktaEnterprise < LogStash::Inputs::Base
563
574
  def apply_metadata(event, requested_url, response=nil, exec_time=nil)
564
575
  return unless @metadata_target
565
576
 
577
+ m = {}
566
578
  m = {
567
579
  "host" => @host,
568
580
  "url" => requested_url,
@@ -576,7 +588,7 @@ class LogStash::Inputs::OktaEnterprise < LogStash::Inputs::Base
576
588
  m["retry_count"] = response.times_retried
577
589
  end
578
590
 
579
- event[@metadata_target] = m
591
+ event.set(@metadata_target,m)
580
592
 
581
593
  end
582
594
 
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = 'logstash-input-okta_enterprise'
3
- s.version = '0.1.0'
3
+ s.version = '0.2.0'
4
4
  s.licenses = ['Apache License (2.0)']
5
5
  s.summary = 'This plugin fetches log events from Okta'
6
6
  s.description = 'This plugin fetches log events from Okta'
@@ -10,7 +10,8 @@ Gem::Specification.new do |s|
10
10
  s.require_paths = ['lib']
11
11
 
12
12
  # Files
13
- s.files = Dir['lib/**/*','spec/**/*','vendor/**/*','*.gemspec','*.md','CONTRIBUTORS','Gemfile','LICENSE','NOTICE.TXT']
13
+ s.files = Dir["lib/**/*","spec/**/*","*.gemspec","*.md","CONTRIBUTORS","Gemfile","LICENSE","NOTICE.TXT", "vendor/jar-dependencies/**/*.jar", "vendor/jar-dependencies/**/*.rb", "VERSION", "docs/**/*"]
14
+
14
15
  # Tests
15
16
  s.test_files = s.files.grep(%r{^(test|spec|features)/})
16
17
 
@@ -18,11 +19,12 @@ Gem::Specification.new do |s|
18
19
  s.metadata = { "logstash_plugin" => "true", "logstash_group" => "input" }
19
20
 
20
21
  # Gem dependencies
21
- #s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
22
- s.add_runtime_dependency "logstash-core", ">= 2.0.0", "< 3.0.0"
22
+ s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
23
23
  s.add_runtime_dependency 'logstash-codec-plain'
24
- s.add_runtime_dependency 'stud', '>= 0.0.22'
25
- s.add_runtime_dependency 'logstash-mixin-http_client', ">=2.2.4", "< 5.0.0"
24
+ s.add_runtime_dependency 'stud', '~> 0.0.22'
25
+ # Retaining logstash 2.4 compat
26
+ s.add_runtime_dependency 'logstash-mixin-http_client', ">= 2.2.4", "< 7.0.0"
27
+ #s.add_runtime_dependency 'logstash-mixin-http_client', ">= 5.2.0", "< 7.0.0"
26
28
  s.add_runtime_dependency 'manticore', ">=0.6.1"
27
29
  s.add_runtime_dependency 'rufus-scheduler', "~>3.0.9"
28
30
 
metadata CHANGED
@@ -1,35 +1,35 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-input-okta_enterprise
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Security Risk Advisors
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-02-24 00:00:00.000000000 Z
11
+ date: 2017-09-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
15
15
  requirements:
16
16
  - - ">="
17
17
  - !ruby/object:Gem::Version
18
- version: 2.0.0
19
- - - "<"
18
+ version: '1.60'
19
+ - - "<="
20
20
  - !ruby/object:Gem::Version
21
- version: 3.0.0
22
- name: logstash-core
21
+ version: '2.99'
22
+ name: logstash-core-plugin-api
23
23
  prerelease: false
24
24
  type: :runtime
25
25
  version_requirements: !ruby/object:Gem::Requirement
26
26
  requirements:
27
27
  - - ">="
28
28
  - !ruby/object:Gem::Version
29
- version: 2.0.0
30
- - - "<"
29
+ version: '1.60'
30
+ - - "<="
31
31
  - !ruby/object:Gem::Version
32
- version: 3.0.0
32
+ version: '2.99'
33
33
  - !ruby/object:Gem::Dependency
34
34
  requirement: !ruby/object:Gem::Requirement
35
35
  requirements:
@@ -47,7 +47,7 @@ dependencies:
47
47
  - !ruby/object:Gem::Dependency
48
48
  requirement: !ruby/object:Gem::Requirement
49
49
  requirements:
50
- - - ">="
50
+ - - "~>"
51
51
  - !ruby/object:Gem::Version
52
52
  version: 0.0.22
53
53
  name: stud
@@ -55,7 +55,7 @@ dependencies:
55
55
  type: :runtime
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  requirements:
58
- - - ">="
58
+ - - "~>"
59
59
  - !ruby/object:Gem::Version
60
60
  version: 0.0.22
61
61
  - !ruby/object:Gem::Dependency
@@ -66,7 +66,7 @@ dependencies:
66
66
  version: 2.2.4
67
67
  - - "<"
68
68
  - !ruby/object:Gem::Version
69
- version: 5.0.0
69
+ version: 7.0.0
70
70
  name: logstash-mixin-http_client
71
71
  prerelease: false
72
72
  type: :runtime
@@ -77,7 +77,7 @@ dependencies:
77
77
  version: 2.2.4
78
78
  - - "<"
79
79
  - !ruby/object:Gem::Version
80
- version: 5.0.0
80
+ version: 7.0.0
81
81
  - !ruby/object:Gem::Dependency
82
82
  requirement: !ruby/object:Gem::Requirement
83
83
  requirements: