logstash-output-elasticsearch 11.13.0-java → 11.14.0-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -45,35 +45,79 @@ module LogStash; module PluginMixins; module ElasticSearch
45
45
  # Enable SSL/TLS secured communication to Elasticsearch cluster. Leaving this unspecified will use whatever scheme
46
46
  # is specified in the URLs listed in 'hosts'. If no explicit protocol is specified plain HTTP will be used.
47
47
  # If SSL is explicitly disabled here the plugin will refuse to start if an HTTPS URL is given in 'hosts'
48
- :ssl => { :validate => :boolean },
48
+ :ssl => { :validate => :boolean, :deprecated => "Set 'ssl_enabled' instead." },
49
+
50
+ # Enable SSL/TLS secured communication to Elasticsearch cluster. Leaving this unspecified will use whatever scheme
51
+ # is specified in the URLs listed in 'hosts'. If no explicit protocol is specified plain HTTP will be used.
52
+ # If SSL is explicitly disabled here the plugin will refuse to start if an HTTPS URL is given in 'hosts'
53
+ :ssl_enabled => { :validate => :boolean },
49
54
 
50
55
  # Option to validate the server's certificate. Disabling this severely compromises security.
51
56
  # For more information on disabling certificate verification please read
52
57
  # https://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
53
- :ssl_certificate_verification => { :validate => :boolean, :default => true },
58
+ :ssl_certificate_verification => { :validate => :boolean, :default => true, :deprecated => "Set 'ssl_verification_mode' instead." },
59
+
60
+ # Options to verify the server's certificate.
61
+ # "full": validates that the provided certificate has an issue date that’s within the not_before and not_after dates;
62
+ # chains to a trusted Certificate Authority (CA); has a hostname or IP address that matches the names within the certificate.
63
+ # "none": performs no certificate validation. Disabling this severely compromises security (https://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf)
64
+ :ssl_verification_mode => { :validate => %w[full none], :default => 'full' },
54
65
 
55
66
  # The .cer or .pem file to validate the server's certificate
56
- :cacert => { :validate => :path },
67
+ :cacert => { :validate => :path, :deprecated => "Set 'ssl_certificate_authorities' instead." },
68
+
69
+ # The .cer or .pem files to validate the server's certificate
70
+ :ssl_certificate_authorities => { :validate => :path, :list => true },
57
71
 
58
72
  # One or more hex-encoded SHA256 fingerprints to trust as Certificate Authorities
59
73
  :ca_trusted_fingerprint => LogStash::PluginMixins::CATrustedFingerprintSupport,
60
74
 
61
75
  # The JKS truststore to validate the server's certificate.
62
76
  # Use either `:truststore` or `:cacert`
63
- :truststore => { :validate => :path },
77
+ :truststore => { :validate => :path, :deprecated => "Set 'ssl_truststore_path' instead." },
78
+
79
+ # The JKS truststore to validate the server's certificate.
80
+ # Use either `:ssl_truststore_path` or `:ssl_certificate_authorities`
81
+ :ssl_truststore_path => { :validate => :path },
82
+
83
+ # The format of the truststore file. It must be either jks or pkcs12
84
+ :ssl_truststore_type => { :validate => %w[pkcs12 jks] },
85
+
86
+ # Set the truststore password
87
+ :truststore_password => { :validate => :password, :deprecated => "Use 'ssl_truststore_password' instead." },
64
88
 
65
89
  # Set the truststore password
66
- :truststore_password => { :validate => :password },
90
+ :ssl_truststore_password => { :validate => :password },
67
91
 
68
92
  # The keystore used to present a certificate to the server.
69
93
  # It can be either .jks or .p12
70
- :keystore => { :validate => :path },
94
+ :keystore => { :validate => :path, :deprecated => "Set 'ssl_keystore_path' instead." },
95
+
96
+ # The keystore used to present a certificate to the server.
97
+ # It can be either .jks or .p12
98
+ :ssl_keystore_path => { :validate => :path },
99
+
100
+ # The format of the keystore file. It must be either jks or pkcs12
101
+ :ssl_keystore_type => { :validate => %w[pkcs12 jks] },
71
102
 
72
103
  # Set the keystore password
73
- :keystore_password => { :validate => :password },
104
+ :keystore_password => { :validate => :password, :deprecated => "Set 'ssl_keystore_password' instead." },
105
+
106
+ # Set the keystore password
107
+ :ssl_keystore_password => { :validate => :password },
74
108
 
75
109
  :ssl_supported_protocols => { :validate => ['TLSv1.1', 'TLSv1.2', 'TLSv1.3'], :default => [], :list => true },
76
110
 
111
+ # OpenSSL-style X.509 certificate certificate to authenticate the client
112
+ :ssl_certificate => { :validate => :path },
113
+
114
+ # OpenSSL-style RSA private key to authenticate the client
115
+ :ssl_key => { :validate => :path },
116
+
117
+ # The list of cipher suites to use, listed by priorities.
118
+ # Supported cipher suites vary depending on which version of Java is used.
119
+ :ssl_cipher_suites => { :validate => :string, :list => true },
120
+
77
121
  # This setting asks Elasticsearch for the list of all cluster nodes and adds them to the hosts list.
78
122
  # Note: This will return ALL nodes with HTTP enabled (including master nodes!). If you use
79
123
  # this with master nodes, you probably want to disable HTTP on them by setting
@@ -28,8 +28,7 @@ module LogStash; module PluginMixins; module ElasticSearch
28
28
 
29
29
  setup_hosts
30
30
 
31
-
32
- params['ssl'] = effectively_ssl? unless params.include?('ssl')
31
+ params['ssl_enabled'] = effectively_ssl? unless params.include?('ssl_enabled')
33
32
 
34
33
  # inject the TrustStrategy from CATrustedFingerprintSupport
35
34
  if trust_strategy_for_ca_trusted_fingerprint
@@ -74,7 +73,7 @@ module LogStash; module PluginMixins; module ElasticSearch
74
73
  end
75
74
 
76
75
  def effectively_ssl?
77
- return @ssl unless @ssl.nil?
76
+ return @ssl_enabled unless @ssl_enabled.nil?
78
77
 
79
78
  hosts = Array(@hosts)
80
79
  return false if hosts.nil? || hosts.empty?
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = 'logstash-output-elasticsearch'
3
- s.version = '11.13.0'
3
+ s.version = '11.14.0'
4
4
  s.licenses = ['apache-2.0']
5
5
  s.summary = "Stores logs in Elasticsearch"
6
6
  s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
@@ -26,6 +26,7 @@ Gem::Specification.new do |s|
26
26
  s.add_runtime_dependency 'logstash-mixin-ecs_compatibility_support', '~>1.0'
27
27
  s.add_runtime_dependency 'logstash-mixin-deprecation_logger_support', '~>1.0'
28
28
  s.add_runtime_dependency 'logstash-mixin-ca_trusted_fingerprint_support', '~>1.0'
29
+ s.add_runtime_dependency 'logstash-mixin-normalize_config_support', '~>1.0'
29
30
 
30
31
  s.add_development_dependency 'logstash-codec-plain'
31
32
  s.add_development_dependency 'logstash-devutils'
@@ -289,8 +289,8 @@ describe "indexing" do
289
289
  "hosts" => [ get_host_port ],
290
290
  "user" => user,
291
291
  "password" => password,
292
- "ssl" => true,
293
- "cacert" => cacert,
292
+ "ssl_enabled" => true,
293
+ "ssl_certificate_authorities" => cacert,
294
294
  "index" => index
295
295
  }
296
296
  end
@@ -302,7 +302,7 @@ describe "indexing" do
302
302
 
303
303
  context "when no keystore nor ca cert set and verification is disabled" do
304
304
  let(:config) do
305
- super().tap { |config| config.delete('cacert') }.merge('ssl_certificate_verification' => false)
305
+ super().tap { |config| config.delete('ssl_certificate_authorities') }.merge('ssl_verification_mode' => 'none')
306
306
  end
307
307
 
308
308
  include_examples("an indexer", true)
@@ -311,9 +311,9 @@ describe "indexing" do
311
311
  context "when keystore is set and verification is disabled" do
312
312
  let(:config) do
313
313
  super().merge(
314
- 'ssl_certificate_verification' => false,
315
- 'keystore' => 'spec/fixtures/test_certs/test.p12',
316
- 'keystore_password' => '1234567890'
314
+ 'ssl_verification_mode' => 'none',
315
+ 'ssl_keystore_path' => 'spec/fixtures/test_certs/test.p12',
316
+ 'ssl_keystore_password' => '1234567890'
317
317
  )
318
318
  end
319
319
 
@@ -322,10 +322,10 @@ describe "indexing" do
322
322
 
323
323
  context "when keystore has self-signed cert and verification is disabled" do
324
324
  let(:config) do
325
- super().tap { |config| config.delete('cacert') }.merge(
326
- 'ssl_certificate_verification' => false,
327
- 'keystore' => 'spec/fixtures/test_certs/test_self_signed.p12',
328
- 'keystore_password' => '1234567890'
325
+ super().tap { |config| config.delete('ssl_certificate_authorities') }.merge(
326
+ 'ssl_verification_mode' => 'none',
327
+ 'ssl_keystore_path' => 'spec/fixtures/test_certs/test_self_signed.p12',
328
+ 'ssl_keystore_password' => '1234567890'
329
329
  )
330
330
  end
331
331
 
@@ -349,8 +349,8 @@ describe "indexing" do
349
349
  let(:config) do
350
350
  {
351
351
  "hosts" => ["https://#{CGI.escape(user)}:#{CGI.escape(password)}@elasticsearch:9200"],
352
- "ssl" => true,
353
- "cacert" => "spec/fixtures/test_certs/test.crt",
352
+ "ssl_enabled" => true,
353
+ "ssl_certificate_authorities" => "spec/fixtures/test_certs/test.crt",
354
354
  "index" => index
355
355
  }
356
356
  end
@@ -358,10 +358,10 @@ describe "indexing" do
358
358
  include_examples("an indexer", true)
359
359
  end
360
360
 
361
- context "without providing `cacert`" do
361
+ context "without providing `ssl_certificate_authorities`" do
362
362
  let(:config) do
363
363
  super().tap do |c|
364
- c.delete("cacert")
364
+ c.delete("ssl_certificate_authorities")
365
365
  end
366
366
  end
367
367
 
@@ -369,10 +369,10 @@ describe "indexing" do
369
369
  end
370
370
 
371
371
  if Gem::Version.new(LOGSTASH_VERSION) >= Gem::Version.new("8.3.0")
372
- context "with `ca_trusted_fingerprint` instead of `cacert`" do
372
+ context "with `ca_trusted_fingerprint` instead of `ssl_certificate_authorities`" do
373
373
  let(:config) do
374
374
  super().tap do |c|
375
- c.delete("cacert")
375
+ c.delete("ssl_certificate_authorities")
376
376
  c.update("ca_trusted_fingerprint" => ca_trusted_fingerprint)
377
377
  end
378
378
  end
@@ -114,7 +114,7 @@ describe LogStash::Outputs::ElasticSearch::DataStreamSupport do
114
114
  {
115
115
  'hosts' => [ 'http://127.0.0.1:12345' ],
116
116
  'http_compression' => 'true', 'bulk_path' => '_bulk', 'timeout' => '30',
117
- 'user' => 'elastic', 'password' => 'ForSearch!', 'ssl' => 'false'
117
+ 'user' => 'elastic', 'password' => 'ForSearch!', 'ssl_enabled' => 'false'
118
118
  }
119
119
  end
120
120
 
@@ -1,4 +1,4 @@
1
- require "logstash/devutils/rspec/spec_helper"
1
+ require_relative "../../../../spec/spec_helper"
2
2
  require "logstash/outputs/elasticsearch/template_manager"
3
3
 
4
4
  describe LogStash::Outputs::ElasticSearch::TemplateManager do
@@ -33,33 +33,85 @@ describe LogStash::Outputs::ElasticSearch::TemplateManager do
33
33
  end
34
34
  end
35
35
 
36
- describe "index template with ilm settings" do
36
+ context "index template with ilm settings" do
37
37
  let(:plugin_settings) { {"manage_template" => true, "template_overwrite" => true} }
38
38
  let(:plugin) { LogStash::Outputs::ElasticSearch.new(plugin_settings) }
39
39
 
40
- describe "in version 8+" do
41
- let(:file_path) { described_class.default_template_path(8) }
42
- let(:template) { described_class.read_template_file(file_path)}
40
+ describe "with custom template" do
43
41
 
44
- it "should update settings" do
45
- expect(plugin).to receive(:maximum_seen_major_version).at_least(:once).and_return(8)
46
- described_class.add_ilm_settings_to_template(plugin, template)
47
- expect(template['template']['settings']['index.lifecycle.name']).not_to eq(nil)
48
- expect(template['template']['settings']['index.lifecycle.rollover_alias']).not_to eq(nil)
49
- expect(template.include?('settings')).to be_falsey
42
+ describe "in version 8+" do
43
+ let(:file_path) { described_class.default_template_path(8) }
44
+ let(:template) { described_class.read_template_file(file_path)}
45
+
46
+ it "should update settings" do
47
+ expect(plugin).to receive(:maximum_seen_major_version).at_least(:once).and_return(8)
48
+ described_class.add_ilm_settings_to_template(plugin, template)
49
+ expect(template['template']['settings']['index.lifecycle.name']).not_to eq(nil)
50
+ expect(template['template']['settings']['index.lifecycle.rollover_alias']).not_to eq(nil)
51
+ expect(template.include?('settings')).to be_falsey
52
+ end
53
+ end
54
+
55
+ describe "in version < 8" do
56
+ let(:file_path) { described_class.default_template_path(7) }
57
+ let(:template) { described_class.read_template_file(file_path)}
58
+
59
+ it "should update settings" do
60
+ expect(plugin).to receive(:maximum_seen_major_version).at_least(:once).and_return(7)
61
+ described_class.add_ilm_settings_to_template(plugin, template)
62
+ expect(template['settings']['index.lifecycle.name']).not_to eq(nil)
63
+ expect(template['settings']['index.lifecycle.rollover_alias']).not_to eq(nil)
64
+ expect(template.include?('template')).to be_falsey
65
+ end
50
66
  end
51
67
  end
52
68
 
53
- describe "in version < 8" do
54
- let(:file_path) { described_class.default_template_path(7) }
55
- let(:template) { described_class.read_template_file(file_path)}
69
+ context "resolve template setting" do
70
+ let(:plugin_settings) { super().merge({"template_api" => template_api}) }
71
+
72
+ describe "with composable template API" do
73
+ let(:template_api) { "composable" }
56
74
 
57
- it "should update settings" do
58
- expect(plugin).to receive(:maximum_seen_major_version).at_least(:once).and_return(7)
59
- described_class.add_ilm_settings_to_template(plugin, template)
60
- expect(template['settings']['index.lifecycle.name']).not_to eq(nil)
61
- expect(template['settings']['index.lifecycle.rollover_alias']).not_to eq(nil)
62
- expect(template.include?('template')).to be_falsey
75
+ it 'resolves composable index template API compatible setting' do
76
+ expect(plugin).to receive(:maximum_seen_major_version).at_least(:once).and_return(8) # required to log
77
+ template = {}
78
+ described_class.resolve_template_settings(plugin, template)
79
+ expect(template["template"]["settings"]).not_to eq(nil)
80
+ end
81
+ end
82
+
83
+ describe "with legacy template API" do
84
+ let(:template_api) { "legacy" }
85
+
86
+ it 'resolves legacy index template API compatible setting' do
87
+ expect(plugin).to receive(:maximum_seen_major_version).at_least(:once).and_return(7) # required to log
88
+ template = {}
89
+ described_class.resolve_template_settings(plugin, template)
90
+ expect(template["settings"]).not_to eq(nil)
91
+ end
92
+ end
93
+
94
+ describe "with `template_api => 'auto'`" do
95
+ let(:template_api) { "auto" }
96
+
97
+ describe "with ES < 8 versions" do
98
+
99
+ it 'resolves legacy index template API compatible setting' do
100
+ expect(plugin).to receive(:maximum_seen_major_version).at_least(:once).and_return(7)
101
+ template = {}
102
+ described_class.resolve_template_settings(plugin, template)
103
+ expect(template["settings"]).not_to eq(nil)
104
+ end
105
+ end
106
+
107
+ describe "with ES >= 8 versions" do
108
+ it 'resolves composable index template API compatible setting' do
109
+ expect(plugin).to receive(:maximum_seen_major_version).at_least(:once).and_return(8)
110
+ template = {}
111
+ described_class.resolve_template_settings(plugin, template)
112
+ expect(template["template"]["settings"]).not_to eq(nil)
113
+ end
114
+ end
63
115
  end
64
116
  end
65
117
  end
@@ -699,9 +699,8 @@ describe LogStash::Outputs::ElasticSearch do
699
699
  end
700
700
  end
701
701
 
702
-
703
- context "With the 'ssl' option" do
704
- let(:options) { {"ssl" => true}}
702
+ context "With the 'ssl_enabled' option" do
703
+ let(:options) { {"ssl_enabled" => true}}
705
704
 
706
705
  include_examples("an encrypted client connection")
707
706
  end
@@ -712,6 +711,81 @@ describe LogStash::Outputs::ElasticSearch do
712
711
  end
713
712
  end
714
713
 
714
+ describe "SSL deprecated settings" do
715
+ let(:base_options) { {"ssl" => "true"} }
716
+
717
+ context "with client certificate" do
718
+ let(:do_register) { true }
719
+ let(:cacert) { Stud::Temporary.file.path }
720
+ let(:options) { base_options.merge(
721
+ "cacert" => cacert,
722
+ "ssl_certificate_verification" => false
723
+ ) }
724
+
725
+ after :each do
726
+ File.delete(cacert)
727
+ end
728
+
729
+ it "should map new configs into params" do
730
+ expect(subject.params).to match hash_including(
731
+ "ssl_enabled" => true,
732
+ "ssl_verification_mode" => "none",
733
+ "ssl_certificate_authorities" => [cacert]
734
+ )
735
+ end
736
+
737
+ it "should set new configs variables" do
738
+ expect(subject.instance_variable_get(:@ssl_enabled)).to eql(true)
739
+ expect(subject.instance_variable_get(:@ssl_verification_mode)).to eql("none")
740
+ expect(subject.instance_variable_get(:@ssl_certificate_authorities)).to eql([cacert])
741
+ end
742
+ end
743
+
744
+ context "with java stores" do
745
+ let(:do_register) { true }
746
+ let(:keystore) { Stud::Temporary.file.path }
747
+ let(:truststore) { Stud::Temporary.file.path }
748
+ let(:options) { base_options.merge(
749
+ "keystore" => keystore,
750
+ "keystore_password" => "keystore",
751
+ "truststore" => truststore,
752
+ "truststore_password" => "truststore",
753
+ "ssl_certificate_verification" => true
754
+ ) }
755
+
756
+ let(:spy_http_client_builder!) do
757
+ allow(described_class::HttpClientBuilder).to receive(:build).with(any_args).and_call_original
758
+ allow(described_class::HttpClientBuilder).to receive(:setup_ssl).with(any_args).and_return({})
759
+ end
760
+
761
+ after :each do
762
+ File.delete(keystore)
763
+ File.delete(truststore)
764
+ end
765
+
766
+ it "should map new configs into params" do
767
+ expect(subject.params).to match hash_including(
768
+ "ssl_enabled" => true,
769
+ "ssl_keystore_path" => keystore,
770
+ "ssl_truststore_path" => truststore,
771
+ "ssl_verification_mode" => "full"
772
+ )
773
+
774
+ expect(subject.params["ssl_keystore_password"].value).to eql("keystore")
775
+ expect(subject.params["ssl_truststore_password"].value).to eql("truststore")
776
+ end
777
+
778
+ it "should set new configs variables" do
779
+ expect(subject.instance_variable_get(:@ssl_enabled)).to eql(true)
780
+ expect(subject.instance_variable_get(:@ssl_keystore_path)).to eql(keystore)
781
+ expect(subject.instance_variable_get(:@ssl_keystore_password).value).to eql("keystore")
782
+ expect(subject.instance_variable_get(:@ssl_truststore_path)).to eql(truststore)
783
+ expect(subject.instance_variable_get(:@ssl_truststore_password).value).to eql("truststore")
784
+ expect(subject.instance_variable_get(:@ssl_verification_mode)).to eql("full")
785
+ end
786
+ end
787
+ end
788
+
715
789
  describe "retry_on_conflict" do
716
790
  let(:num_retries) { 123 }
717
791
  let(:event) { LogStash::Event.new("myactionfield" => "update", "message" => "blah") }
@@ -1093,12 +1167,12 @@ describe LogStash::Outputs::ElasticSearch do
1093
1167
  it 'adds the appropriate Authorization header to the manticore client' do
1094
1168
  expect(manticore_options[:headers]).to eq({ "Authorization" => base64_api_key })
1095
1169
  end
1096
- it 'is provides ssl=>true to the http client builder' do; aggregate_failures do
1097
- expect(described_class::HttpClientBuilder).to have_received(:build).with(anything, anything, hash_including('ssl'=>true))
1170
+ it 'is provides ssl_enabled=>true to the http client builder' do; aggregate_failures do
1171
+ expect(described_class::HttpClientBuilder).to have_received(:build).with(anything, anything, hash_including('ssl_enabled'=>true))
1098
1172
  end; end
1099
1173
  end
1100
1174
 
1101
- context "when set without ssl => true" do
1175
+ context "when set without ssl_enabled => true" do
1102
1176
  let(:do_register) { false } # this is what we want to test, so we disable the before(:each) call
1103
1177
  let(:options) { { "api_key" => api_key } }
1104
1178
 
@@ -1114,14 +1188,14 @@ describe LogStash::Outputs::ElasticSearch do
1114
1188
  end
1115
1189
  end
1116
1190
 
1117
- context "when set without ssl specified but with an https host" do
1191
+ context "when set without ssl_enabled specified but with an https host" do
1118
1192
  let(:do_register) { false } # this is what we want to test, so we disable the before(:each) call
1119
1193
  let(:options) { { "hosts" => ["https://some.host.com"], "api_key" => api_key } }
1120
1194
 
1121
1195
  it_behaves_like 'secure api-key authenticated client'
1122
1196
  end
1123
1197
 
1124
- context "when set without ssl specified but with an http host`" do
1198
+ context "when set without ssl_enabled specified but with an http host`" do
1125
1199
  let(:do_register) { false } # this is what we want to test, so we disable the before(:each) call
1126
1200
  let(:options) { { "hosts" => ["http://some.host.com"], "api_key" => api_key } }
1127
1201
 
@@ -1130,9 +1204,9 @@ describe LogStash::Outputs::ElasticSearch do
1130
1204
  end
1131
1205
  end
1132
1206
 
1133
- context "when set with `ssl => false`" do
1207
+ context "when set with `ssl_enabled => false`" do
1134
1208
  let(:do_register) { false } # this is what we want to test, so we disable the before(:each) call
1135
- let(:options) { { "ssl" => "false", "api_key" => api_key } }
1209
+ let(:options) { { "ssl_enabled" => "false", "api_key" => api_key } }
1136
1210
 
1137
1211
  it "should raise a configuration error" do
1138
1212
  expect { subject.register }.to raise_error LogStash::ConfigurationError, /requires SSL\/TLS/
@@ -1142,13 +1216,13 @@ describe LogStash::Outputs::ElasticSearch do
1142
1216
  context "when set" do
1143
1217
  let(:options) { { "api_key" => ::LogStash::Util::Password.new(api_key) } }
1144
1218
 
1145
- context "with ssl => true" do
1146
- let(:options) { super().merge("ssl" => true) }
1219
+ context "with ssl_enabled => true" do
1220
+ let(:options) { super().merge("ssl_enabled" => true) }
1147
1221
  it_behaves_like 'secure api-key authenticated client'
1148
1222
  end
1149
1223
 
1150
- context "with ssl => false" do
1151
- let(:options) { super().merge("ssl" => "false") }
1224
+ context "with ssl_enabled => false" do
1225
+ let(:options) { super().merge("ssl_enabled" => "false") }
1152
1226
 
1153
1227
  let(:do_register) { false } # this is what we want to test, so we disable the before(:each) call
1154
1228
  it "should raise a configuration error" do
@@ -1156,7 +1230,7 @@ describe LogStash::Outputs::ElasticSearch do
1156
1230
  end
1157
1231
  end
1158
1232
 
1159
- context "without ssl specified" do
1233
+ context "without ssl_enabled specified" do
1160
1234
  context "with an https host" do
1161
1235
  let(:options) { super().merge("hosts" => ["https://some.host.com"]) }
1162
1236
  it_behaves_like 'secure api-key authenticated client'
@@ -1180,7 +1254,7 @@ describe LogStash::Outputs::ElasticSearch do
1180
1254
 
1181
1255
  context 'user also set' do
1182
1256
  let(:do_register) { false } # this is what we want to test, so we disable the before(:each) call
1183
- let(:options) { { "ssl" => true, "api_key" => api_key, 'user' => 'another' } }
1257
+ let(:options) { { "ssl_enabled" => true, "api_key" => api_key, 'user' => 'another' } }
1184
1258
 
1185
1259
  it "should fail" do
1186
1260
  expect { subject.register }.to raise_error LogStash::ConfigurationError, /Multiple authentication options are specified/
@@ -1189,7 +1263,7 @@ describe LogStash::Outputs::ElasticSearch do
1189
1263
 
1190
1264
  context 'cloud_auth also set' do
1191
1265
  let(:do_register) { false } # this is what we want to test, so we disable the before(:each) call
1192
- let(:options) { { "ssl" => true, "api_key" => api_key, 'cloud_auth' => 'foobar' } }
1266
+ let(:options) { { "ssl_enabled" => true, "api_key" => api_key, 'cloud_auth' => 'foobar' } }
1193
1267
 
1194
1268
  it "should fail" do
1195
1269
  expect { subject.register }.to raise_error LogStash::ConfigurationError, /Multiple authentication options are specified/