logstash-input-tcp 6.1.0-java → 6.2.2-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +16 -0
- data/docs/index.asciidoc +61 -0
- data/lib/logstash/inputs/tcp/decoder_impl.rb +12 -9
- data/lib/logstash/inputs/tcp.rb +24 -14
- data/logstash-input-tcp.gemspec +2 -1
- data/spec/fixtures/encrypted-pkcs5v15.crt +14 -0
- data/spec/fixtures/encrypted-pkcs5v15.key +17 -0
- data/spec/fixtures/encrypted-pkcs8.crt +11 -0
- data/spec/fixtures/encrypted-pkcs8.key +18 -0
- data/spec/fixtures/encrypted_aes256.crt +17 -0
- data/spec/fixtures/encrypted_aes256.key +30 -0
- data/spec/fixtures/encrypted_des.crt +9 -0
- data/spec/fixtures/encrypted_des.key +12 -0
- data/spec/fixtures/encrypted_seed.crt +17 -0
- data/spec/fixtures/encrypted_seed.key +30 -0
- data/spec/fixtures/small.crt +9 -0
- data/spec/fixtures/small.key +9 -0
- data/spec/inputs/tcp_spec.rb +243 -116
- data/vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/{6.1.0/logstash-input-tcp-6.1.0.jar → 6.2.2/logstash-input-tcp-6.2.2.jar} +0 -0
- data/version +1 -1
- metadata +42 -11
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 38fbbb89f6bd5ca7e686f535e3bd1d3975197ab97a2d4aa19024ac2e1182c04e
|
4
|
+
data.tar.gz: d01646af2f4d570aba6b41af7e3cd65dbb233bea0c3d08e67e75f526fa9967a5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 666611382202c67764f7ed535d4eb77aa0b06ddb88dec759fa95a461d16102638d0af5b7754fa719800c51c5199439bc60e9bf440678ce4eaa7eb827ef63db6e
|
7
|
+
data.tar.gz: a417b01914e169f9e284de6777f3ca66fa97e4882ec9a21435eb2c9628c77a0b10de5e38f843acb46373b7e06505cec8560e69b3131c84b2ac5f6e3730998370
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,19 @@
|
|
1
|
+
## 6.2.2
|
2
|
+
- Internal: update to Gradle 7 [#184](https://github.com/logstash-plugins/logstash-input-tcp/pull/184)
|
3
|
+
- Internal: relax jruby-openssl upper bound [#185](https://github.com/logstash-plugins/logstash-input-tcp/pull/185)
|
4
|
+
|
5
|
+
## 6.2.1
|
6
|
+
- Fix: restore logic to add the Bouncy-Castle security provider at runtime [#181](https://github.com/logstash-plugins/logstash-input-tcp/pull/181)
|
7
|
+
- required to properly read encrypted (legacy) OpenSSL PKCS#5v1.5 keys
|
8
|
+
|
9
|
+
## 6.2.0
|
10
|
+
- Added ECS Compatibility Mode [#165](https://github.com/logstash-plugins/logstash-input-tcp/pull/165)
|
11
|
+
- When operating in an ECS Compatibility mode, metadata about the connection on which we are receiving data is nested in well-named fields under `[@metadata][input][tcp]` instead of at the root level.
|
12
|
+
- Fix: source address is no longer missing when a proxy is present
|
13
|
+
|
14
|
+
## 6.1.1
|
15
|
+
- Changed jar dependencies to reflect newer versions [#179](https://github.com/logstash-plugins/logstash-input-http/pull/179)
|
16
|
+
|
1
17
|
## 6.1.0
|
2
18
|
- Feat: improve SSL error logging/unwrapping [#178](https://github.com/logstash-plugins/logstash-input-tcp/pull/178)
|
3
19
|
- Fix: the plugin will no longer have a side effect of adding the Bouncy-Castle security provider at runtime
|
data/docs/index.asciidoc
CHANGED
@@ -70,6 +70,52 @@ event timestamp
|
|
70
70
|
}
|
71
71
|
}
|
72
72
|
|
73
|
+
[id="plugins-{type}s-{plugin}-ecs_metadata"]
|
74
|
+
==== Event Metadata and the Elastic Common Schema (ECS)
|
75
|
+
|
76
|
+
In addition to decoding the events, this input will add metadata about the TCP connection itself to each event.
|
77
|
+
This can be helpful when applications are configured to send events directly to this input's TCP listener without including information about themselves.
|
78
|
+
|
79
|
+
Historically, this metadata was added to a variety of non-standard top-level fields, which had the potential to create confusion and schema conflicts downstream.
|
80
|
+
With ECS compatibility mode, we can ensure a pipeline still has access to this metadata throughout the event's lifecycle without polluting the top-level namespace.
|
81
|
+
|
82
|
+
[cols="3,7,5"]
|
83
|
+
|=======================================================================
|
84
|
+
| Metadata Group | ecs: `v1`, `v8` | ecs: `disabled`
|
85
|
+
|
86
|
+
.3+|Source Metadata from the TCP connection
|
87
|
+
on which events are being received, including
|
88
|
+
the sender's name, ip, and outbound port. l|[@metadata][input][tcp][source][name] l|[host]
|
89
|
+
l|[@metadata][input][tcp][source][ip] l|[@metadata][ip_address]
|
90
|
+
l|[@metadata][input][tcp][source][port] l|[port]
|
91
|
+
|
92
|
+
.2+|Proxy Metadata from a proxied TCP connection.
|
93
|
+
Available when receiving events by proxy and
|
94
|
+
`proxy_protocol => true` l|[@metadata][input][tcp][proxy][ip] l|[proxy_host]
|
95
|
+
l|[@metadata][input][tcp][proxy][port] l|[proxy_port]
|
96
|
+
|
97
|
+
.1+|SSL Subject Metadata from a secured TCP
|
98
|
+
connection. Available when `ssl_enable => true`
|
99
|
+
AND `ssl_verify => true` l|[@metadata][input][tcp][ssl][subject] l|[sslsubject]
|
100
|
+
|=======================================================================
|
101
|
+
|
102
|
+
For example, the Elastic Common Schema reserves the https://www.elastic.co/guide/en/ecs/current/ecs-host.html[top-level `host` field] for information about the host on which the event happened.
|
103
|
+
If an event is missing this metadata, it can be copied into place from the source TCP connection metadata that has been added to the event:
|
104
|
+
|
105
|
+
[source,txt]
|
106
|
+
-----
|
107
|
+
filter {
|
108
|
+
if [@metadata][input][tcp][source] and not [host] {
|
109
|
+
mutate {
|
110
|
+
copy {
|
111
|
+
"[@metadata][input][tcp][source][name]" => "[host][name]"
|
112
|
+
"[@metadata][input][tcp][source][ip]" => "[host][ip]"
|
113
|
+
}
|
114
|
+
}
|
115
|
+
}
|
116
|
+
}
|
117
|
+
-----
|
118
|
+
|
73
119
|
[id="plugins-{type}s-{plugin}-options"]
|
74
120
|
==== Tcp Input Configuration Options
|
75
121
|
|
@@ -79,6 +125,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
|
|
79
125
|
|=======================================================================
|
80
126
|
|Setting |Input type|Required
|
81
127
|
| <<plugins-{type}s-{plugin}-dns_reverse_lookup_enabled>> |<<boolean,boolean>>|No
|
128
|
+
| <<plugins-{type}s-{plugin}-ecs_compatibility>> | <<string,string>>|No
|
82
129
|
| <<plugins-{type}s-{plugin}-host>> |<<string,string>>|No
|
83
130
|
| <<plugins-{type}s-{plugin}-mode>> |<<string,string>>, one of `["server", "client"]`|No
|
84
131
|
| <<plugins-{type}s-{plugin}-port>> |<<number,number>>|Yes
|
@@ -108,6 +155,20 @@ It is possible to avoid DNS reverse-lookups by disabling this setting. If disabl
|
|
108
155
|
the address metadata that is added to events will contain the source address as-specified
|
109
156
|
at the TCP layer and IPs will not be resolved to hostnames.
|
110
157
|
|
158
|
+
[id="plugins-{type}s-{plugin}-ecs_compatibility"]
|
159
|
+
===== `ecs_compatibility`
|
160
|
+
|
161
|
+
* Value type is <<string,string>>
|
162
|
+
* Supported values are:
|
163
|
+
** `disabled`: unstructured connection metadata added at root level
|
164
|
+
** `v1`,`v8`: structured connection metadata added under `[@metadata][input][tcp]`
|
165
|
+
* Default value depends on which version of Logstash is running:
|
166
|
+
** When Logstash provides a `pipeline.ecs_compatibility` setting, its value is used as the default
|
167
|
+
** Otherwise, the default value is `disabled`.
|
168
|
+
|
169
|
+
Controls this plugin's compatibility with the https://www.elastic.co/guide/en/ecs/current/index.html[Elastic Common Schema (ECS)].
|
170
|
+
The value of this setting affects the <<plugins-{type}s-{plugin}-ecs_metadata,placement of a TCP connection's metadata>> on events.
|
171
|
+
|
111
172
|
[id="plugins-{type}s-{plugin}-host"]
|
112
173
|
===== `host`
|
113
174
|
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# encoding: utf-8
|
2
2
|
require 'java'
|
3
3
|
|
4
|
-
class DecoderImpl
|
4
|
+
class LogStash::Inputs::Tcp::DecoderImpl
|
5
5
|
|
6
6
|
include org.logstash.tcp.Decoder
|
7
7
|
|
@@ -24,7 +24,7 @@ class DecoderImpl
|
|
24
24
|
end
|
25
25
|
|
26
26
|
def copy
|
27
|
-
|
27
|
+
self.class.new(@codec.clone, @tcp)
|
28
28
|
end
|
29
29
|
|
30
30
|
def flush
|
@@ -41,16 +41,17 @@ class DecoderImpl
|
|
41
41
|
@tcp.logger.error("Invalid proxy protocol header label", :header => pp_hdr)
|
42
42
|
raise IOError.new("Invalid proxy protocol header label #{pp_hdr.inspect}")
|
43
43
|
else
|
44
|
-
@proxy_address = pp_info[3]
|
45
|
-
@proxy_port = pp_info[5]
|
46
|
-
@
|
47
|
-
@
|
44
|
+
@proxy_address = pp_info[3] # layer 3 destination address (proxy's receiving address)
|
45
|
+
@proxy_port = pp_info[5] # TCP destination port (proxy's receiving port)
|
46
|
+
@ip_address = pp_info[2] # layer 3 source address (outgoing ip of sender)
|
47
|
+
@address = extract_host_name(@ip_address)
|
48
|
+
@port = pp_info[4] # TCP source port (outgoing port on sender [probably random])
|
48
49
|
end
|
49
50
|
else
|
50
51
|
filtered = received
|
51
|
-
@ip_address = channel_addr.get_address.get_host_address
|
52
|
-
@address = extract_host_name(channel_addr)
|
53
|
-
@port = channel_addr.get_port
|
52
|
+
@ip_address = channel_addr.get_address.get_host_address # ip address of sender
|
53
|
+
@address = extract_host_name(channel_addr) # name _or_ address of sender
|
54
|
+
@port = channel_addr.get_port # outgoing port of sender (probably random)
|
54
55
|
end
|
55
56
|
@first_read = false
|
56
57
|
filtered
|
@@ -58,6 +59,8 @@ class DecoderImpl
|
|
58
59
|
|
59
60
|
private
|
60
61
|
def extract_host_name(channel_addr)
|
62
|
+
channel_addr = java.net.InetSocketAddress.new(channel_addr, 0) if channel_addr.kind_of?(String)
|
63
|
+
|
61
64
|
return channel_addr.get_host_string unless @tcp.dns_reverse_lookup_enabled?
|
62
65
|
|
63
66
|
channel_addr.get_host_name
|
data/lib/logstash/inputs/tcp.rb
CHANGED
@@ -5,7 +5,7 @@ require "java"
|
|
5
5
|
require "logstash/inputs/base"
|
6
6
|
require "logstash/util/socket_peer"
|
7
7
|
require "logstash-input-tcp_jars"
|
8
|
-
require
|
8
|
+
require 'logstash/plugin_mixins/ecs_compatibility_support'
|
9
9
|
|
10
10
|
require "socket"
|
11
11
|
require "openssl"
|
@@ -63,6 +63,11 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
63
63
|
java_import 'org.logstash.tcp.InputLoop'
|
64
64
|
java_import 'org.logstash.tcp.SslContextBuilder'
|
65
65
|
|
66
|
+
require_relative "tcp/decoder_impl"
|
67
|
+
|
68
|
+
# ecs_compatibility option, provided by Logstash core or the support adapter.
|
69
|
+
include LogStash::PluginMixins::ECSCompatibilitySupport(:disabled, :v1, :v8 => :v1)
|
70
|
+
|
66
71
|
config_name "tcp"
|
67
72
|
|
68
73
|
default :codec, "line"
|
@@ -113,13 +118,6 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
113
118
|
# Option to allow users to avoid DNS Reverse Lookup.
|
114
119
|
config :dns_reverse_lookup_enabled, :validate => :boolean, :default => true
|
115
120
|
|
116
|
-
HOST_FIELD = "host".freeze
|
117
|
-
HOST_IP_FIELD = "[@metadata][ip_address]".freeze
|
118
|
-
PORT_FIELD = "port".freeze
|
119
|
-
PROXY_HOST_FIELD = "proxy_host".freeze
|
120
|
-
PROXY_PORT_FIELD = "proxy_port".freeze
|
121
|
-
SSLSUBJECT_FIELD = "sslsubject".freeze
|
122
|
-
|
123
121
|
# Monkey patch TCPSocket and SSLSocket to include socket peer
|
124
122
|
# @private
|
125
123
|
def self.patch_socket_peer!
|
@@ -134,6 +132,8 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
134
132
|
def initialize(*args)
|
135
133
|
super(*args)
|
136
134
|
|
135
|
+
setup_fields!
|
136
|
+
|
137
137
|
self.class.patch_socket_peer!
|
138
138
|
|
139
139
|
# threadsafe socket bookkeeping
|
@@ -186,8 +186,8 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
186
186
|
proxy_port, tbuf, socket)
|
187
187
|
codec.decode(tbuf) do |event|
|
188
188
|
if @proxy_protocol
|
189
|
-
event.set(
|
190
|
-
event.set(
|
189
|
+
event.set(@field_proxy_host, proxy_address) unless event.get(@field_proxy_host)
|
190
|
+
event.set(@field_proxy_port, proxy_port) unless event.get(@field_proxy_port)
|
191
191
|
end
|
192
192
|
enqueue_decorated(event, client_ip_address, client_address, client_port, socket)
|
193
193
|
end
|
@@ -260,14 +260,24 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
|
|
260
260
|
end
|
261
261
|
|
262
262
|
def enqueue_decorated(event, client_ip_address, client_address, client_port, socket)
|
263
|
-
event.set(
|
264
|
-
event.set(
|
265
|
-
event.set(
|
266
|
-
event.set(
|
263
|
+
event.set(@field_host, client_address) unless event.get(@field_host)
|
264
|
+
event.set(@field_host_ip, client_ip_address) unless event.get(@field_host_ip)
|
265
|
+
event.set(@field_port, client_port) unless event.get(@field_port)
|
266
|
+
event.set(@field_sslsubject, socket.peer_cert.subject.to_s) if socket && @ssl_enable && @ssl_verify && event.get(@field_sslsubject).nil?
|
267
267
|
decorate(event)
|
268
268
|
@output_queue << event
|
269
269
|
end
|
270
270
|
|
271
|
+
# setup the field names, with respect to ECS compatibility.
|
272
|
+
def setup_fields!
|
273
|
+
@field_host = ecs_select[disabled: "host", v1: "[@metadata][input][tcp][source][name]" ].freeze
|
274
|
+
@field_host_ip = ecs_select[disabled: "[@metadata][ip_address]", v1: "[@metadata][input][tcp][source][ip]" ].freeze
|
275
|
+
@field_port = ecs_select[disabled: "port", v1: "[@metadata][input][tcp][source][port]" ].freeze
|
276
|
+
@field_proxy_host = ecs_select[disabled: "proxy_host", v1: "[@metadata][input][tcp][proxy][ip]" ].freeze
|
277
|
+
@field_proxy_port = ecs_select[disabled: "proxy_port", v1: "[@metadata][input][tcp][proxy][port]" ].freeze
|
278
|
+
@field_sslsubject = ecs_select[disabled: "sslsubject", v1: "[@metadata][input][tcp][tls][client][subject]"].freeze
|
279
|
+
end
|
280
|
+
|
271
281
|
def server?
|
272
282
|
@mode == "server"
|
273
283
|
end
|
data/logstash-input-tcp.gemspec
CHANGED
@@ -21,11 +21,12 @@ Gem::Specification.new do |s|
|
|
21
21
|
|
22
22
|
# Gem dependencies
|
23
23
|
s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
|
24
|
+
s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~>1.2'
|
24
25
|
|
25
26
|
s.add_runtime_dependency 'logstash-core', '>= 6.7.0'
|
26
27
|
|
27
28
|
# we depend on bouncycastle's bcpkix-jdk15on being on the class-path
|
28
|
-
s.add_runtime_dependency 'jruby-openssl', '>= 0.10.2'
|
29
|
+
s.add_runtime_dependency 'jruby-openssl', '>= 0.10.2'
|
29
30
|
|
30
31
|
# line vs streaming codecs required for fix_streaming_codecs
|
31
32
|
# TODO: fix_streaming_codecs should be refactored to not
|
@@ -0,0 +1,14 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIICNDCCAZ0CFDeJbri+rGpHPKybNEMIdH/rV8NNMA0GCSqGSIb3DQEBCwUAMFkx
|
3
|
+
CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
|
4
|
+
cm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA4
|
5
|
+
MjUxMzAyMzZaFw0yNDEyMDcxMzAyMzZaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQI
|
6
|
+
DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx
|
7
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
|
8
|
+
v7u9o3mztK8BQ7HiuWs1YJSzpPujs6cYefYDU8AWg6SkDIS/E0SiVoKZmHxcyul+
|
9
|
+
t1QEsF3VYEnkKs0jtJQKE6Av0DCMQWA8lXmuEnXI02mDvtL2Kxh4w5x1D5bSRgJP
|
10
|
+
Ms9ozN06F5wrMtipUBglwIwQ6HHPywToNMnf5BBZUnECAwEAATANBgkqhkiG9w0B
|
11
|
+
AQsFAAOBgQCuh+ytoZKgOEzeLwhfScUvcuDcYJFGkMckO6oUe+/SDTfBN/z5WAhV
|
12
|
+
ogBOLOqate4plaP12ZhjE8DUeRy9oN3zKenpskTtXrMz5XH0mclAn8aBig+eOyEj
|
13
|
+
1QMDysipE11d1sx1SIXiIMSKtv6kLV/Y+4aId9/AJHxOYMHxebwSQg==
|
14
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,17 @@
|
|
1
|
+
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
2
|
+
MIICoTAbBgkqhkiG9w0BBQMwDgQI3TfMa5Qd1D8CAggABIICgFjVn88VPNrjBXiF
|
3
|
+
Hw5W8yFFwvoeSd/vVkDcGUiNhQy9A3ra/QmktEHvv1d/rGGLSkPypmx9zJuTNGz9
|
4
|
+
eJs7TSgIVBsmRG4UtG20qBifG/XVpN1/6pk1Hp9hbIuSBzNIi+EhdhSEty10oZso
|
5
|
+
JwrkTbFS4VAk4ivOWcl0O0HQRkGxlSaKmgYNOebvOLqw4/77BN80AOeZHXBGwYNJ
|
6
|
+
vRf8Og5PWqR5XmTJLVQxtB4BcBSPCSkECgOBoFfAeaeE6ei0W7V+LDBBHC7Ql0Dl
|
7
|
+
rK3KCyvYywd+Ep58jNQRfDsEglgw7jrN2IIaf2jRhfEiPhwbAnEDlQXsMqAIWS/I
|
8
|
+
gwj6NaaZObdX8hDVhz/T7MSnK9O8q2JGM6jhhRQZxo4TUlLB1xnwGZ9uQRljshQy
|
9
|
+
OmtQ3KuLZvRML9G8nMtd73vdQ3f0cFBIjPG8QblUMOews8tJA2OMpBXEAZf0go25
|
10
|
+
+lI+rk4RKdHvX9kVGDmKoe/KN3xo23usTjcfodhapHQYPqHc3QOx8XNxtcio1I49
|
11
|
+
wnS2xICbiEJfnSOBrrjWIivW0wHZG590ZKJ0FnpKEaXXJ2bV8VEyn+mZ4Ef9ITLk
|
12
|
+
9wsOt+68V9xRrsUsvUkkW97POVGZbw0XHf5xZ3ckKiBK41wPuoo2opVc/Qyw+jB0
|
13
|
+
cw2Lr/AUzLWZW9w+jmHL1Qr9cydcf2XKBMIoqBFQpJce35bNLTTm8O8K8ZMXEK8g
|
14
|
+
WhKLaLRfo4j/pFyuUeHw2pQ7QHRdcYtRHT1GqsQ4AQsXqVYJjwpm1E2ZL001Y+6O
|
15
|
+
r/7sJ91jAcv4IwpRS4suaJJydvVQ0qz7xq7B9TvyxZh2f4zbHL+qSe6OQj8Erm1/
|
16
|
+
jHkcaB0=
|
17
|
+
-----END ENCRYPTED PRIVATE KEY-----
|
@@ -0,0 +1,11 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIBqjCCARMCFCWVL+Vfx2IIr8d2/GMqsmfzPLD/MA0GCSqGSIb3DQEBDQUAMBQx
|
3
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA4MjUxMDUyNTRaFw0yNDEyMDcxMDUy
|
4
|
+
NTRaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
|
5
|
+
gYkCgYEA8HAsVcCjcolfzYR0siWOAg+xFG4fIahO6PH2Oi0l3zosa4KX2dlt3nFS
|
6
|
+
2PmgG9MNIDfXwI+BoM6QXB7O7Ch/YUhOz4GGDv3ptCjTYWyA9KZBrgLpiBFsCdt+
|
7
|
+
DiW7JBbt0OnMJGhVEsZa2Byh3HOxYqkvC2y4fET4OXdj2uX56B0CAwEAATANBgkq
|
8
|
+
hkiG9w0BAQ0FAAOBgQAW/tHI3AnyKYsJ9uaqvndUnVTIDHEEPNFE/xMM3mtQiL8f
|
9
|
+
qVYPq4V4C1Z5RD2xBI/skPngaZRWmqFrshEz2EccKe8gzdfyGQG89MQAB8QWn4dJ
|
10
|
+
bXUcnXO4hcSD4y3SiZYXJYNj37I2qJ2DfYBx7pScGYdjzIr/OJNK5EIGZI1Bvg==
|
11
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,18 @@
|
|
1
|
+
-----BEGIN ENCRYPTED PRIVATE KEY-----
|
2
|
+
MIIC1DBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIE3AUYJOvgkYCAggA
|
3
|
+
MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECO0VArsmaac3BIICgOpQitrzl0AC
|
4
|
+
uV2AD2kgBfOUvTVe9jVJZ2Pvawo7IRxZZQl/7wMHfm6uB666OVSOVfKEa6nXJhBn
|
5
|
+
JzJYXJHBqzQwgsoGfg25Y6bSvIU8ydkCzwEf2P93cexFCCDJE1B8p1/lxJViEfOq
|
6
|
+
2CujkKgS3YZCet/03qt/ktkx3qBk9dOk6+xCXorUgzjwGL2SzSH7Su1kXoVKTu5/
|
7
|
+
TRCPyD552l8kjtyqNngfOu3xcd0+FFF/e/bUe4qX1bpYNza/Cs/AJAoxHhhGag+O
|
8
|
+
26bZ/LTbsN56fM95PvytRvomyj2rMGFJtz1j56R7iYujLUZu7XgCkxq0/t/3mWgX
|
9
|
+
0VxOy0zvppZO0XRky1uwSLPsaopZlPIN6s61JAJciT0O884Hi4citNA0hskOCnJA
|
10
|
+
vyy0lGa9goZh/cJKjr7W6w2ZkkPwMOKI6YMIup7Fo+7pfG2h0EDxCZyK2JWVl2n0
|
11
|
+
vyKMUNl3yrqDbxTk0vURz9qMx/q2cY6zK6+gi+uvfjvRM4oz3nCREbuVjykvEAXo
|
12
|
+
OhmN69CN6f8QwJ6wF4JNtxwwkHy+70dLoQg/FYKIfSbA3aoxpgXtr/2d/vkZYjya
|
13
|
+
zjcaIrM/WEoPLFvieMHrOmlRZhbVI9BVjhrAyTmT+sQV+GJ7GJirJpmn06VHz5Ln
|
14
|
+
ZNE4+ZSH4ODf+JQdh+LajyI8wQKfh4YMr498i5qHyw/KnKtbPjevbY25uWvEKzce
|
15
|
+
RWv9nt7VsSQhXuR2U85yc6sqFQQ01QM9xUdhcVB9Eu7FvloDrC6pgaFIXy3IVcfH
|
16
|
+
AJPiyRBv1bNad9wdh/+O5MyoKrhAI37YfH2fEKMdR2QKBEnCs94mjFPLy2Kc9kww
|
17
|
+
eVwJJw/VXbE=
|
18
|
+
-----END ENCRYPTED PRIVATE KEY-----
|
@@ -0,0 +1,17 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIICrzCCAZcCFCbPEM/VXTgCksFOQPoLuv1Td9seMA0GCSqGSIb3DQEBCwUAMBQx
|
3
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA4MjUwOTM1MDBaFw0yNDEyMDcwOTM1
|
4
|
+
MDBaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
5
|
+
ADCCAQoCggEBAOfAL1NL6pXDkpgWNync+LHLWgrrL18gTrpXjaPjmw6HuiX0te6J
|
6
|
+
1xYPjg6xYown6/SJeXi7LS0GFvlQGuz9dh2n6OtqpjBgHIXBXLtT8dXQszdZDaGu
|
7
|
+
U8iTBnjDYADt206Bqe2q3MpKEz6a3D8fHAE/fR/4FM4HAI77W+Bng2XwFKqLYHQC
|
8
|
+
ReKAexjxIExWBh/dvm8tUdvVmWyY/CVABQWucmwRNo+RQqktksiNqZCDHkE6CVgx
|
9
|
+
oXS8UUIWfz6EWNT6UkeIWRJSVUUECcgRYOTVgkYWBE/5BDsBK9E7ZNL+gWqy6j6h
|
10
|
+
9fSPhK/Xv6XMqdCcOExZsNWFV1j+bt9Wun0CAwEAATANBgkqhkiG9w0BAQsFAAOC
|
11
|
+
AQEA5ah44LKyb2LHTr1ePeduoXdVPqwuXik7mL/H6/ZGI1zfSFb0JgjQG822K0s1
|
12
|
+
3QLT15/lndSt8smHCgMTm12i/bO1cwaM93+jpUbOaVILLnfuDprjVMgiBVfz1bdx
|
13
|
+
GBz6ISJXe1xaKLBhurDsy/1dzbISoizVIg5mJ1us5BvvdklMjtQ1ymY5210ZYCsk
|
14
|
+
YcKBVW3hJ6hoZTHrNw7tI99CeBSOpfg0UaxUNMIy1D95+m4RU2aIykoYhAGfmX+u
|
15
|
+
zZR0I16widielJWXNCnh6gXdoNjOgYS0TuNoSfmX2oF7nsC5N1zfynz+tPvoK0ys
|
16
|
+
OMFwnJJ5LrPHbQk/RK907gBf5Q==
|
17
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,30 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
Proc-Type: 4,ENCRYPTED
|
3
|
+
DEK-Info: AES-256-CBC,23BAC38304EB81CEE42C61575CA054CE
|
4
|
+
|
5
|
+
jR1vKTozeVkx4Nyjb38fj/SSj99MZtboUUHSlUyfDYNgWdhDSli3agFuouxtGoGe
|
6
|
+
cWNKcjn73lbxBaAozFGejNo1RQSOaWdKLCXKvvoQTjWg02+9xIL4bQL29Xe4xi7f
|
7
|
+
DlsMbcLOrlJZsdAYeL+11vU61yrtIYyPJJFaRh6WLTbVuHH6vUJPYt0Vg77g0L8I
|
8
|
+
8tJtAvFSLeMzonu1LGEa/gXHwNT5TlWERybXxD6JzoigmHx4mGFNo9fz4ZyTPjkR
|
9
|
+
OWbOZssFDKUeGJVdssRTPYwjaEg8DOUk7JbFTWlRYa7Re/2SEkIte3PrAxJFLFuV
|
10
|
+
LZSIR4Vg/cKmpo4BcNNNHmSyymSS4ZAh3GQiztfqHOqAXxfvBsuO3ZHUYPCIhpqw
|
11
|
+
KwwkDjJb4dRygDRC5n4os/mdQW/dBVD4OIaghE4lQApOqc3fxOoD9V0SIipbPPv0
|
12
|
+
bjaKyt5pEZYyAMrAd3G1UGPQBWcNl2Hu1Shc30uhJZrzthPy/0BTWao0lpA3fIQD
|
13
|
+
Pv4weYOc+5tZsKXSuFQc/Y2fLPF9m1GGTAd+YQlfN8JO9I1GKhl1AL/7eC+Usgl4
|
14
|
+
ugXPjIgh5/5+qYqiaYE1HlaNrNh2XxcIR9SC7+jgbliBMOeouEPQ0bPQyvz/44cg
|
15
|
+
sv3OoIP3F7lqLP/3oR9AiqrqadsO0WMNWwYdMUFshY3EZLWgdWVcH6JyxD02E/IJ
|
16
|
+
tPtZrhIGMADuJWbTj0abQUIxAuYrBm2Vf/+qgY9gKxJcHIZ3nKfrJc100WOILR8P
|
17
|
+
3Ok2WLprASSLiOEkTJ0nvViTtsbgy4DRRhytGNzFEedj50/yRltkb9gdXuVNbmUV
|
18
|
+
M7p9YkY4VkF2m43k6sxGXuoAFxAVCLriAGzHLifWkX/xRuxsh93osNhUsg9sMWRd
|
19
|
+
bgX5Vcmyr2xhe2UEiQp6glQ6DQg7gofi19jes2iKaw7eMG3pelBvmUKqboARI4Ga
|
20
|
+
i8blKaBWZvdmZMBOJ6fx322T+Ii7vvAlCmnWLBxboF5GJ/KiE0i2vrdLTxwI0IZN
|
21
|
+
EHFxgfJF3rlLtuvRD8cW1VId9wyOPWPMi/olgE+FdRVlg7+w35cAb9c7Na52c+jj
|
22
|
+
G2pxqHgjFoSsofY/iWZ13OQvn6RFUncRS/b+QFz6c2Tp5shMwU+i4BXiuwSj8AvB
|
23
|
+
oWfEij7UBpi9o2x4qG3hAeJWM3mg4Nr9MRdv82eEf3tuAPidfXCne/GEN+aIRYeG
|
24
|
+
niBZS+kDXtvFgsixGtCU60T4/IXf7FDTWbZ5lN5o0vD6BClReubGd0cYbHTtH7ax
|
25
|
+
k4/BAM/PF7dT0sR0zNCd2I7Zkub/CF0+HDAcP94vgV1EcB4XdL7inaZXPTntDRmu
|
26
|
+
IZHTVm3satJBt34tAhML1Xqvb8ck02/rhQRdjqWcAOk7gGfKJUwewoH4T558R9uW
|
27
|
+
HHEOYCzXy8ckqiDZxJVJ67iZgrCOadWJWtEQPsr1QFxdxuO1J31u50Zzv/nJlrPb
|
28
|
+
bmm7fUwszWLX+sM0RGoenvdphicht4gmalMade8N05XzEoOIGth8jYQqFw3s8BKJ
|
29
|
+
uZGDC706f0VAGo1dVOvGcNeEOPC3keXkMABbzHFVEzAjH3kfr4rKNCrMx+2Vr/qc
|
30
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,9 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIBJDCBzwIUHQzJgyMCU0MIRFQe/tf7VKuisH8wDQYJKoZIhvcNAQELBQAwFDES
|
3
|
+
MBAGA1UEAwwJbG9jYWxob3N0MB4XDTIxMDgyNTEyMTAxMFoXDTI0MTIwNzEyMTAx
|
4
|
+
MFowFDESMBAGA1UEAwwJbG9jYWxob3N0MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJB
|
5
|
+
APJeOzK15pLZ1c3dyCJpNw2Uupj0LrFXmoOT5beHgdvD9JY49lgdISSU8utJHoNw
|
6
|
+
pTZx4akFd1WylBO8TRoqCvsCAwEAATANBgkqhkiG9w0BAQsFAANBAL1WWmNOIyms
|
7
|
+
1I+bW2bnljtomnwEIAto6eLjjikZf/96hUghYFrRSO21rE2R5HxVyrGTz8G4N3Qv
|
8
|
+
vqHZ0vqwxVc=
|
9
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,12 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
Proc-Type: 4,ENCRYPTED
|
3
|
+
DEK-Info: DES-CBC,C64C0A139C862F09
|
4
|
+
|
5
|
+
fObfzXEWxU9j6m2ijcVE2DngVLwTGmXo9G5Se8LjHTRhIwexPayiPoZs/rspeIrE
|
6
|
+
1UPG5UONa7AmzK/YFjcvhhslyY+xK0Vd68Z/eZvXI7ZlyO+AVxFb/JcxGXgOC7wr
|
7
|
+
hEBFoM+h27Y2S+zQZjKms4vD5gxfbaQqabvqXLQgD/m7eXUtI8Nizcevm2fXREDE
|
8
|
+
WmBOeD+KUj2IQtFsDGtuKDBnJGCR7oDQ0iynaf1sR0Ebvyx3LrkEDSPVGS8kO1Gl
|
9
|
+
ahiwNnwPp3YTAqyV8l2TctFFAH5ozvsDsSB3IttiqrenKkyqjtnCTTUzYfS+hz7O
|
10
|
+
L5/FBAEzOydup+2ofWbPLPKa/PNWHQ+eiHJihmpa+LOiVrWmTLp2KatsX0rdHwm5
|
11
|
+
cywEoFCgpOmb+WErZ3cmAf8NaF15iEm/X7xUiiDDuts=
|
12
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,17 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIICrzCCAZcCFH04gu3GFNPDed+cRH4XlfdiqmdoMA0GCSqGSIb3DQEBCwUAMBQx
|
3
|
+
EjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yMTA4MjUxMTIzNDVaFw0yNDEyMDcxMTIz
|
4
|
+
NDVaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
5
|
+
ADCCAQoCggEBANf8mFL9tkqzYXonDcjw5vZKQfmNenmZisBHo6Vsi2x76bnoL7Un
|
6
|
+
fn5vhpgZiPHX9hdfJGz/69JOrp2GwCtl5CCkxhPZquN4Qh0WJKosh/uc2mB8FFnw
|
7
|
+
5qbEHDteixsx62IC6a9ckCTZHp3EVHJUfsAuNFgA3bXwmC9/slXcnRUYbZSVI3iK
|
8
|
+
hobK3CmtuzsZvi0len1X6QJsY+O994RkUtccE27ZEE7ss/h3tklj8SB57EH+L+wT
|
9
|
+
Y8RRsCBp/Uw+LtNsKGLU1D7F8xZ+/cwDNVwxCBEDnXqxq3tP/OpIuW2DOxteXbld
|
10
|
+
R7qPe99xH8z4fgYqXONzlpWqqsl7l3ARxOcCAwEAATANBgkqhkiG9w0BAQsFAAOC
|
11
|
+
AQEAHTVVtumbGuR2s8SXKx+mmmHC7Mc0VJOMDAUZZL9x8/ilB4+i8H/akB8jj/m3
|
12
|
+
Kz+84QSUzP/PA6pzA+nWtoofFhJkg9Cz4chychyTrJYk7KXDmr1oJtZRBdOUf6Jb
|
13
|
+
AiZ8oFd5BK5s06aPbNPcD4LHYdhbizI0tERX7IOIT+GnLqzwWEqUMIMWVrF2hLOT
|
14
|
+
PIU+E2Be8gV7M5CdYRhGA05zhhs686c5au/z/o/4eNAtm6/y+/q3veUU9GH7O1s7
|
15
|
+
X70iApYnexB+AbRlLah/1Eq/bKLfgxdvDJlyXlsTXV0ig0D9btFRZeeYMaVpW8iT
|
16
|
+
RCHtMk7HpYi+822MDJUKltQKzQ==
|
17
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,30 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
Proc-Type: 4,ENCRYPTED
|
3
|
+
DEK-Info: SEED-CBC,C83A6ABB19E102763677F0502883E0AE
|
4
|
+
|
5
|
+
SPFBownCKM7EbFdOV9KdEtc+MmLwJRUM0UcA8X6Zhjd4xK0UP2jDlQ92W2Cvetbe
|
6
|
+
8B8E5wSTxZMO43MXxF0HFHS2/1wi98XcDWQfpDRYYCzmjKm7vV+qkwQ962DvD/x2
|
7
|
+
eXAfduAY8mPl97HX+inSX7M0/+Lz7uIMEGuihLNuyaAaLD3tOUxjb69/rxsDjWHD
|
8
|
+
LElQgQotpdZsvd06xwowdqxYMMq8B+fwwiemZLD5W0eEtBnu43Jlv02COegYeZDm
|
9
|
+
o4pApPsyjQ9pv+LFMl4A+k8NrVc87+GU67aFetOR7ojksxSQ/zq7ZdHQic7NhbiK
|
10
|
+
Ad/EHQwu1PhXk+clFIZhDvkiyjAyWwbCwOm7F3AK7B2ZioIfQ4Fokoj1hbgXk57G
|
11
|
+
YjuY4zTJj9zr02wToOYJ4gpVRT7hrG3NtSeEYny5102CaMyTUejv5833o0b9P/sp
|
12
|
+
+3O5nk+wR+4H6ELwVq3JnMz6yWkccsjQ7wAEhbc3WVLd0OAqL/9fPusDg6LM+n3W
|
13
|
+
IbDmkKYwoUWQBn5KcXUHLRncj4Cpupn/bAsGcHoNqHTidu8sictHQ3iVfrDJpKfb
|
14
|
+
VRkpPdarQGkPJ/f7WMS1crxsuPy88NZ6KBwNAjp2E/ZJk0XwWUn1KWcq7Do7rGzv
|
15
|
+
cbl6Q2I2ySA/Uzj+pgup2CQi75kCqHTXHlxCE8/5lR7UOPUvDJP/ODMO+h64kWmB
|
16
|
+
JcIXVp68cBqLzkbQgg5oiJ34XWXTdcQYK/ljJjRBzh2pTlBhTKabOARYdKaSfG7L
|
17
|
+
7KitHI9c9Dhqa0Uhw1/4KPVOaPTa/futBi82x7hrvBsYZKySpseWCW0xERNr0QFX
|
18
|
+
5mbM3nnP4aFpNU9wtjgEZEjd7BB+kI9nd7M5BdQWHveAsP6dWPyHYJUSLh6JdQkv
|
19
|
+
ti34Ae62sC/iPi2TPlK69nTscUJnOnisMGzhlcUQniweHII9VKytpqfTR7rBPRpB
|
20
|
+
Pn4fLAd0hyuhzUUCQwKO1pCcFzv04RuHJXdzTt8MJZzGMyNS4MqxTb0/CABGvF3R
|
21
|
+
vUorxeL5jZKNnRG6CegtC4LAFx1rhtMyoEjGftY+sSyLr20R6kjKbxPBxbMaZ1AL
|
22
|
+
8/tYF+vrh6HuoNk+mk79sb2vFVbyAluzSkXzq8An9kaiDG8QARRtW047BU9UY5sy
|
23
|
+
Gww+e8PNCoAIEJLE2BOLqIiCa911lyA8kfNU8CQtEc9sQZSV8sphlgCtb12DMplH
|
24
|
+
7LVAloMODaFiuXscn4Y8gSP3Oa6QYmgfk2ramrh1RdQWORIkq1+fNCVIbZlK7tTb
|
25
|
+
TyjrJI9xtU/XoYk0ZIkl274Ku5JPUgZPHL5Zq0SLZhCcGfWeww2fCOwtOaRMPZ67
|
26
|
+
CtL0W0UfTGO1bWRoOVKJifqTdYHL9xRLxdT7o946TAjSrYpZnYOg57ldo+9z9Gze
|
27
|
+
Ikoxs6OtJi6r39bLXYuLQk2yyhH6y7qCplQDQfFcLWtVGJ/XU5I3J096Fns3/Nbw
|
28
|
+
QpHuAyCjhc6h99blQKZDu3/NaIppOwLliLBvNUdii9fMwIBokLFcvt6voYKX6Qw7
|
29
|
+
gSD9nQx4X/yJj6zs9B/m9IgNX7lOBaYmtUTeSY4qtkOHFIy8JBuC3yWyeXvDJlQm
|
30
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,9 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIBJDCBzwIUWcThKSs0itRx3SVjfBeLTRx8RwMwDQYJKoZIhvcNAQELBQAwFDES
|
3
|
+
MBAGA1UEAwwJbG9jYWxob3N0MB4XDTIxMDgyNTEyMTUxN1oXDTI0MTIwNzEyMTUx
|
4
|
+
N1owFDESMBAGA1UEAwwJbG9jYWxob3N0MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJB
|
5
|
+
AMv+w+WDbrAPQCNqBkry52ayQyLnx/WZZyX3YKW6S123qUAiGO40vpAZ3WIttq1x
|
6
|
+
Gb4+fF81/jDuodfFgu2zm3cCAwEAATANBgkqhkiG9w0BAQsFAANBAHByJqZFOPFr
|
7
|
+
OE0BRv7KCd0IMNbVzr99de74jZKx7qBK8soV4ZAUsVX/+Qldtta2+q2WXaMEKHXS
|
8
|
+
7xpnYQjSkNs=
|
9
|
+
-----END CERTIFICATE-----
|
@@ -0,0 +1,9 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIIBOgIBAAJBAMv+w+WDbrAPQCNqBkry52ayQyLnx/WZZyX3YKW6S123qUAiGO40
|
3
|
+
vpAZ3WIttq1xGb4+fF81/jDuodfFgu2zm3cCAwEAAQJBALigAUhN5fXuN4xVvxBC
|
4
|
+
O3BU0jJbODxt9E8GTzBvJRrRKLVv8eLF7IubPPh+CW2D32JMSj8XZLBjkjj6y5P5
|
5
|
+
p8ECIQD9mZbe5iT4SowhlGO0YqyxnN2C1Id+CloUmIoOyNDR0QIhAM3s/uGpjxvD
|
6
|
+
6zdJQds5tp4WpFhrQzs5lAf7wFUrRuLHAiByc0OEmycqKzKs4PRSb4nyqpHJvrLb
|
7
|
+
bj6TNvhvja+4UQIgCSf6hUomxNNHSCQHu5mrVwgmso/CY4XB4UD+YksUUc0CIAIm
|
8
|
+
cjJtX/A4DdaSMwdNp8q8f8MrppQjErltD80oRpxv
|
9
|
+
-----END RSA PRIVATE KEY-----
|
data/spec/inputs/tcp_spec.rb
CHANGED
@@ -15,9 +15,11 @@ java_import "io.netty.handler.ssl.util.SelfSignedCertificate"
|
|
15
15
|
|
16
16
|
require_relative "../spec_helper"
|
17
17
|
|
18
|
+
require 'logstash/plugin_mixins/ecs_compatibility_support/spec_helper'
|
19
|
+
|
18
20
|
#Cabin::Channel.get(LogStash).subscribe(STDOUT)
|
19
21
|
#Cabin::Channel.get(LogStash).level = :debug
|
20
|
-
describe LogStash::Inputs::Tcp do
|
22
|
+
describe LogStash::Inputs::Tcp, :ecs_compatibility_support do
|
21
23
|
|
22
24
|
def get_port
|
23
25
|
begin
|
@@ -52,160 +54,176 @@ describe LogStash::Inputs::Tcp do
|
|
52
54
|
end
|
53
55
|
end
|
54
56
|
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
57
|
+
ecs_compatibility_matrix(:disabled,:v1, :v8 => :v1) do |ecs_select|
|
58
|
+
before(:each) do
|
59
|
+
allow_any_instance_of(described_class).to receive(:ecs_compatibility).and_return(ecs_compatibility)
|
60
|
+
end
|
61
|
+
|
62
|
+
it "should read plain with unicode" do
|
63
|
+
event_count = 10
|
64
|
+
conf = <<-CONFIG
|
65
|
+
input {
|
66
|
+
tcp {
|
67
|
+
port => #{port}
|
68
|
+
}
|
61
69
|
}
|
62
|
-
|
63
|
-
|
70
|
+
CONFIG
|
71
|
+
|
72
|
+
host = 'localhost'
|
73
|
+
events = input(conf) do |pipeline, queue|
|
74
|
+
socket = Stud::try(5.times) { TCPSocket.new(host, port) }
|
75
|
+
event_count.times do |i|
|
76
|
+
# unicode smiley for testing unicode support!
|
77
|
+
socket.puts("#{i} ☹")
|
78
|
+
socket.flush
|
79
|
+
end
|
80
|
+
socket.close
|
64
81
|
|
65
|
-
|
66
|
-
events = input(conf) do |pipeline, queue|
|
67
|
-
socket = Stud::try(5.times) { TCPSocket.new(host, port) }
|
68
|
-
event_count.times do |i|
|
69
|
-
# unicode smiley for testing unicode support!
|
70
|
-
socket.puts("#{i} ☹")
|
71
|
-
socket.flush
|
82
|
+
event_count.times.collect {queue.pop}
|
72
83
|
end
|
73
|
-
socket.close
|
74
84
|
|
75
|
-
|
76
|
-
|
85
|
+
expect(events.length).to eq(event_count)
|
86
|
+
events = events.sort_by {|e| e.get("message")} # the ordering of events in the queue is highly timing-dependent
|
87
|
+
event_count.times do |i|
|
88
|
+
event = events[i]
|
77
89
|
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
insist { event.get("[@metadata][ip_address]") } == '127.0.0.1'
|
90
|
+
aggregate_failures("event #{i}") do
|
91
|
+
expect(event.get("message")).to eq("#{i} ☹")
|
92
|
+
expect(event.get(ecs_select[disabled: "host", v1: "[@metadata][input][tcp][source][name]"])).to eq("localhost").or eq("ip6-localhost")
|
93
|
+
expect(event.get(ecs_select[disabled: "[@metadata][ip_address]", v1: "[@metadata][input][tcp][source][ip]"])).to eq('127.0.0.1')
|
94
|
+
end
|
95
|
+
end
|
85
96
|
end
|
86
|
-
end
|
87
97
|
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
98
|
+
it "should handle PROXY protocol v1 connections" do
|
99
|
+
event_count = 10
|
100
|
+
conf = <<-CONFIG
|
101
|
+
input {
|
102
|
+
tcp {
|
103
|
+
proxy_protocol => true
|
104
|
+
port => '#{port}'
|
105
|
+
}
|
95
106
|
}
|
96
|
-
|
97
|
-
CONFIG
|
107
|
+
CONFIG
|
98
108
|
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
socket.flush
|
103
|
-
event_count.times do |i|
|
104
|
-
# unicode smiley for testing unicode support!
|
105
|
-
socket.puts("#{i} ☹")
|
109
|
+
events = input(conf) do |pipeline, queue|
|
110
|
+
socket = Stud::try(5.times) { TCPSocket.new("127.0.0.1", port) }
|
111
|
+
socket.puts("PROXY TCP4 1.2.3.4 5.6.7.8 1234 5678\r");
|
106
112
|
socket.flush
|
107
|
-
|
108
|
-
|
113
|
+
event_count.times do |i|
|
114
|
+
# unicode smiley for testing unicode support!
|
115
|
+
socket.puts("#{i} ☹")
|
116
|
+
socket.flush
|
117
|
+
end
|
118
|
+
socket.close
|
109
119
|
|
110
|
-
|
111
|
-
|
120
|
+
event_count.times.collect {queue.pop}
|
121
|
+
end
|
112
122
|
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
123
|
+
expect(events.length).to eq(event_count)
|
124
|
+
events = events.sort_by {|e| e.get("message")} # the ordering of events in the queue is highly timing-dependent
|
125
|
+
events.each_with_index do |event, i|
|
126
|
+
aggregate_failures("event #{i}") do
|
127
|
+
expect(event.get("message")).to eq("#{i} ☹")
|
128
|
+
expect(event.get(ecs_select[disabled: "host", v1: "[@metadata][input][tcp][source][name]"])).to eq('1.2.3.4')
|
129
|
+
expect(event.get(ecs_select[disabled: "[@metadata][ip_address]", v1: "[@metadata][input][tcp][source][ip]" ])).to eq('1.2.3.4')
|
130
|
+
expect(event.get(ecs_select[disabled: "port", v1: "[@metadata][input][tcp][source][port]"])).to eq('1234')
|
131
|
+
expect(event.get(ecs_select[disabled: "proxy_host", v1: "[@metadata][input][tcp][proxy][ip]" ])).to eq('5.6.7.8')
|
132
|
+
expect(event.get(ecs_select[disabled: "proxy_port", v1: "[@metadata][input][tcp][proxy][port]" ])).to eq('5678')
|
133
|
+
end
|
134
|
+
end
|
121
135
|
end
|
122
|
-
end
|
123
136
|
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
137
|
+
it "should read events with json codec" do
|
138
|
+
conf = <<-CONFIG
|
139
|
+
input {
|
140
|
+
tcp {
|
141
|
+
port => #{port}
|
142
|
+
codec => json
|
143
|
+
}
|
131
144
|
}
|
145
|
+
CONFIG
|
146
|
+
|
147
|
+
data = {
|
148
|
+
"hello" => "world",
|
149
|
+
"foo" => [1,2,3],
|
150
|
+
"baz" => { "1" => "2" },
|
151
|
+
"host" => "example host"
|
132
152
|
}
|
133
|
-
CONFIG
|
134
153
|
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
socket.puts(text)
|
140
|
-
socket.close
|
154
|
+
event = input(conf) do |pipeline, queue|
|
155
|
+
socket = Stud::try(5.times) { TCPSocket.new("127.0.0.1", port) }
|
156
|
+
socket.puts(LogStash::Json.dump(data))
|
157
|
+
socket.close
|
141
158
|
|
142
|
-
|
143
|
-
|
159
|
+
queue.pop
|
160
|
+
end
|
144
161
|
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
insist { event.get("message") } == "£"
|
149
|
-
end
|
162
|
+
insist { event.get("hello") } == data["hello"]
|
163
|
+
insist { event.get("foo").to_a } == data["foo"] # to_a to cast Java ArrayList produced by JrJackson
|
164
|
+
insist { event.get("baz") } == data["baz"]
|
150
165
|
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
166
|
+
# Make sure the tcp input, w/ json codec, uses the event's 'host' value,
|
167
|
+
# if present, instead of providing its own
|
168
|
+
insist { event.get("host") } == data["host"]
|
169
|
+
end
|
170
|
+
|
171
|
+
it "should read events with json codec (testing 'host' handling)" do
|
172
|
+
conf = <<-CONFIG
|
173
|
+
input {
|
174
|
+
tcp {
|
175
|
+
port => #{port}
|
176
|
+
codec => json
|
177
|
+
}
|
157
178
|
}
|
179
|
+
CONFIG
|
180
|
+
|
181
|
+
data = {
|
182
|
+
"hello" => "world"
|
158
183
|
}
|
159
|
-
CONFIG
|
160
184
|
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
"host" => "example host"
|
166
|
-
}
|
185
|
+
event = input(conf) do |pipeline, queue|
|
186
|
+
socket = Stud::try(5.times) { TCPSocket.new("127.0.0.1", port) }
|
187
|
+
socket.puts(LogStash::Json.dump(data))
|
188
|
+
socket.close
|
167
189
|
|
168
|
-
|
169
|
-
|
170
|
-
socket.puts(LogStash::Json.dump(data))
|
171
|
-
socket.close
|
190
|
+
queue.pop
|
191
|
+
end
|
172
192
|
|
173
|
-
|
193
|
+
aggregate_failures("event") do
|
194
|
+
expect(event.get("hello")).to eq(data["hello"])
|
195
|
+
expect(event).to include(ecs_select[disabled: "host", v1: "[@metadata][input][tcp][source][name]"])
|
196
|
+
expect(event).to include(ecs_select[disabled: "[@metadata][ip_address]", v1: "[@metadata][input][tcp][source][ip]" ])
|
197
|
+
end
|
174
198
|
end
|
175
|
-
|
176
|
-
insist { event.get("hello") } == data["hello"]
|
177
|
-
insist { event.get("foo").to_a } == data["foo"] # to_a to cast Java ArrayList produced by JrJackson
|
178
|
-
insist { event.get("baz") } == data["baz"]
|
179
|
-
|
180
|
-
# Make sure the tcp input, w/ json codec, uses the event's 'host' value,
|
181
|
-
# if present, instead of providing its own
|
182
|
-
insist { event.get("host") } == data["host"]
|
183
199
|
end
|
184
200
|
|
185
|
-
it "should read events with
|
201
|
+
it "should read events with plain codec and ISO-8859-1 charset" do
|
202
|
+
charset = "ISO-8859-1"
|
186
203
|
conf = <<-CONFIG
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
204
|
+
input {
|
205
|
+
tcp {
|
206
|
+
port => #{port}
|
207
|
+
codec => plain { charset => "#{charset}" }
|
208
|
+
}
|
191
209
|
}
|
192
|
-
}
|
193
210
|
CONFIG
|
194
211
|
|
195
|
-
data = {
|
196
|
-
"hello" => "world"
|
197
|
-
}
|
198
|
-
|
199
212
|
event = input(conf) do |pipeline, queue|
|
200
213
|
socket = Stud::try(5.times) { TCPSocket.new("127.0.0.1", port) }
|
201
|
-
|
214
|
+
text = "\xA3" # the £ symbol in ISO-8859-1 aka Latin-1
|
215
|
+
text.force_encoding("ISO-8859-1")
|
216
|
+
socket.puts(text)
|
202
217
|
socket.close
|
203
218
|
|
204
219
|
queue.pop
|
205
220
|
end
|
206
221
|
|
207
|
-
|
208
|
-
|
222
|
+
# Make sure the 0xA3 latin-1 code converts correctly to UTF-8.
|
223
|
+
aggregate_failures("event") do
|
224
|
+
expect(event.get("message")).to have_attributes(size: 1, bytesize: 2, encoding: Encoding.find("UTF-8"))
|
225
|
+
expect(event.get("message")).to eq("£")
|
226
|
+
end
|
209
227
|
end
|
210
228
|
|
211
229
|
it "should read events with json_lines codec" do
|
@@ -411,6 +429,115 @@ describe LogStash::Inputs::Tcp do
|
|
411
429
|
expect { subject.register }.to_not raise_error
|
412
430
|
end
|
413
431
|
end
|
432
|
+
|
433
|
+
context "encrypted (AES-156) key" do
|
434
|
+
let(:config) do
|
435
|
+
{
|
436
|
+
"host" => "127.0.0.1",
|
437
|
+
"port" => port,
|
438
|
+
"ssl_enable" => true,
|
439
|
+
"ssl_cert" => File.expand_path('../fixtures/encrypted_aes256.crt', File.dirname(__FILE__)),
|
440
|
+
"ssl_key" => File.expand_path('../fixtures/encrypted_aes256.key', File.dirname(__FILE__)),
|
441
|
+
"ssl_key_passphrase" => '1234',
|
442
|
+
}
|
443
|
+
end
|
444
|
+
|
445
|
+
it "should register without errors" do
|
446
|
+
expect { subject.register }.to_not raise_error
|
447
|
+
end
|
448
|
+
|
449
|
+
end
|
450
|
+
|
451
|
+
context "encrypted (SEED) key" do # algorithm not supported by Sun provider
|
452
|
+
let(:config) do
|
453
|
+
{
|
454
|
+
"host" => "127.0.0.1",
|
455
|
+
"port" => port,
|
456
|
+
"ssl_enable" => true,
|
457
|
+
"ssl_cert" => File.expand_path('../fixtures/encrypted_seed.crt', File.dirname(__FILE__)),
|
458
|
+
"ssl_key" => File.expand_path('../fixtures/encrypted_seed.key', File.dirname(__FILE__)),
|
459
|
+
"ssl_key_passphrase" => '1234',
|
460
|
+
}
|
461
|
+
end
|
462
|
+
|
463
|
+
it "should register without errors" do
|
464
|
+
pending # newer BC should be able to read this
|
465
|
+
expect { subject.register }.to_not raise_error
|
466
|
+
end
|
467
|
+
|
468
|
+
end
|
469
|
+
|
470
|
+
context "encrypted (DES) key" do
|
471
|
+
let(:config) do
|
472
|
+
{
|
473
|
+
"host" => "127.0.0.1",
|
474
|
+
"port" => port,
|
475
|
+
"ssl_enable" => true,
|
476
|
+
"ssl_cert" => File.expand_path('../fixtures/encrypted_des.crt', File.dirname(__FILE__)),
|
477
|
+
"ssl_key" => File.expand_path('../fixtures/encrypted_des.key', File.dirname(__FILE__)),
|
478
|
+
"ssl_key_passphrase" => '1234',
|
479
|
+
}
|
480
|
+
end
|
481
|
+
|
482
|
+
it "should register without errors" do
|
483
|
+
expect { subject.register }.to_not raise_error
|
484
|
+
end
|
485
|
+
|
486
|
+
end
|
487
|
+
|
488
|
+
context "encrypted PKCS#8 key" do
|
489
|
+
let(:config) do
|
490
|
+
{
|
491
|
+
"host" => "127.0.0.1",
|
492
|
+
"port" => port,
|
493
|
+
"ssl_enable" => true,
|
494
|
+
"ssl_cert" => File.expand_path('../fixtures/encrypted-pkcs8.crt', File.dirname(__FILE__)),
|
495
|
+
"ssl_key" => File.expand_path('../fixtures/encrypted-pkcs8.key', File.dirname(__FILE__)),
|
496
|
+
"ssl_key_passphrase" => '1234',
|
497
|
+
}
|
498
|
+
end
|
499
|
+
|
500
|
+
it "should register without errors" do
|
501
|
+
expect { subject.register }.to_not raise_error
|
502
|
+
end
|
503
|
+
|
504
|
+
end
|
505
|
+
|
506
|
+
# NOTE: only BC provider can read the legacy (OpenSSL) format
|
507
|
+
context "encrypted PKCS#5 v1.5 key" do # openssl pkcs8 -topk8 -v1 PBE-MD5-DES
|
508
|
+
let(:config) do
|
509
|
+
{
|
510
|
+
"host" => "127.0.0.1",
|
511
|
+
"port" => port,
|
512
|
+
"ssl_enable" => true,
|
513
|
+
"ssl_cert" => File.expand_path('../fixtures/encrypted-pkcs5v15.crt', File.dirname(__FILE__)),
|
514
|
+
"ssl_key" => File.expand_path('../fixtures/encrypted-pkcs5v15.key', File.dirname(__FILE__)),
|
515
|
+
"ssl_key_passphrase" => '1234',
|
516
|
+
}
|
517
|
+
end
|
518
|
+
|
519
|
+
it "should register without errors" do
|
520
|
+
expect { subject.register }.to_not raise_error
|
521
|
+
end
|
522
|
+
|
523
|
+
end
|
524
|
+
|
525
|
+
context "small (legacy) key" do
|
526
|
+
let(:config) do
|
527
|
+
{
|
528
|
+
"host" => "127.0.0.1",
|
529
|
+
"port" => port,
|
530
|
+
"ssl_enable" => true,
|
531
|
+
"ssl_cert" => File.expand_path('../fixtures/small.crt', File.dirname(__FILE__)),
|
532
|
+
"ssl_key" => File.expand_path('../fixtures/small.key', File.dirname(__FILE__)),
|
533
|
+
}
|
534
|
+
end
|
535
|
+
|
536
|
+
it "should register without errors" do
|
537
|
+
expect { subject.register }.to_not raise_error
|
538
|
+
end
|
539
|
+
|
540
|
+
end
|
414
541
|
end
|
415
542
|
end
|
416
543
|
|
Binary file
|
data/version
CHANGED
@@ -1 +1 @@
|
|
1
|
-
6.
|
1
|
+
6.2.2
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-input-tcp
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.
|
4
|
+
version: 6.2.2
|
5
5
|
platform: java
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-11-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -30,6 +30,20 @@ dependencies:
|
|
30
30
|
- - "<="
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: '2.99'
|
33
|
+
- !ruby/object:Gem::Dependency
|
34
|
+
requirement: !ruby/object:Gem::Requirement
|
35
|
+
requirements:
|
36
|
+
- - "~>"
|
37
|
+
- !ruby/object:Gem::Version
|
38
|
+
version: '1.2'
|
39
|
+
name: logstash-mixin-ecs_compatibility_support
|
40
|
+
prerelease: false
|
41
|
+
type: :runtime
|
42
|
+
version_requirements: !ruby/object:Gem::Requirement
|
43
|
+
requirements:
|
44
|
+
- - "~>"
|
45
|
+
- !ruby/object:Gem::Version
|
46
|
+
version: '1.2'
|
33
47
|
- !ruby/object:Gem::Dependency
|
34
48
|
requirement: !ruby/object:Gem::Requirement
|
35
49
|
requirements:
|
@@ -50,9 +64,6 @@ dependencies:
|
|
50
64
|
- - ">="
|
51
65
|
- !ruby/object:Gem::Version
|
52
66
|
version: 0.10.2
|
53
|
-
- - "<"
|
54
|
-
- !ruby/object:Gem::Version
|
55
|
-
version: '0.12'
|
56
67
|
name: jruby-openssl
|
57
68
|
prerelease: false
|
58
69
|
type: :runtime
|
@@ -61,9 +72,6 @@ dependencies:
|
|
61
72
|
- - ">="
|
62
73
|
- !ruby/object:Gem::Version
|
63
74
|
version: 0.10.2
|
64
|
-
- - "<"
|
65
|
-
- !ruby/object:Gem::Version
|
66
|
-
version: '0.12'
|
67
75
|
- !ruby/object:Gem::Dependency
|
68
76
|
requirement: !ruby/object:Gem::Requirement
|
69
77
|
requirements:
|
@@ -209,9 +217,21 @@ files:
|
|
209
217
|
- lib/logstash/inputs/tcp.rb
|
210
218
|
- lib/logstash/inputs/tcp/decoder_impl.rb
|
211
219
|
- logstash-input-tcp.gemspec
|
220
|
+
- spec/fixtures/encrypted-pkcs5v15.crt
|
221
|
+
- spec/fixtures/encrypted-pkcs5v15.key
|
222
|
+
- spec/fixtures/encrypted-pkcs8.crt
|
223
|
+
- spec/fixtures/encrypted-pkcs8.key
|
224
|
+
- spec/fixtures/encrypted_aes256.crt
|
225
|
+
- spec/fixtures/encrypted_aes256.key
|
226
|
+
- spec/fixtures/encrypted_des.crt
|
227
|
+
- spec/fixtures/encrypted_des.key
|
228
|
+
- spec/fixtures/encrypted_seed.crt
|
229
|
+
- spec/fixtures/encrypted_seed.key
|
230
|
+
- spec/fixtures/small.crt
|
231
|
+
- spec/fixtures/small.key
|
212
232
|
- spec/inputs/tcp_spec.rb
|
213
233
|
- spec/spec_helper.rb
|
214
|
-
- vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/6.
|
234
|
+
- vendor/jar-dependencies/org/logstash/inputs/logstash-input-tcp/6.2.2/logstash-input-tcp-6.2.2.jar
|
215
235
|
- version
|
216
236
|
homepage: http://www.elastic.co/guide/en/logstash/current/index.html
|
217
237
|
licenses:
|
@@ -235,11 +255,22 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
235
255
|
- !ruby/object:Gem::Version
|
236
256
|
version: '0'
|
237
257
|
requirements: []
|
238
|
-
|
239
|
-
rubygems_version: 2.6.13
|
258
|
+
rubygems_version: 3.1.6
|
240
259
|
signing_key:
|
241
260
|
specification_version: 4
|
242
261
|
summary: Reads events from a TCP socket
|
243
262
|
test_files:
|
263
|
+
- spec/fixtures/encrypted-pkcs5v15.crt
|
264
|
+
- spec/fixtures/encrypted-pkcs5v15.key
|
265
|
+
- spec/fixtures/encrypted-pkcs8.crt
|
266
|
+
- spec/fixtures/encrypted-pkcs8.key
|
267
|
+
- spec/fixtures/encrypted_aes256.crt
|
268
|
+
- spec/fixtures/encrypted_aes256.key
|
269
|
+
- spec/fixtures/encrypted_des.crt
|
270
|
+
- spec/fixtures/encrypted_des.key
|
271
|
+
- spec/fixtures/encrypted_seed.crt
|
272
|
+
- spec/fixtures/encrypted_seed.key
|
273
|
+
- spec/fixtures/small.crt
|
274
|
+
- spec/fixtures/small.key
|
244
275
|
- spec/inputs/tcp_spec.rb
|
245
276
|
- spec/spec_helper.rb
|