logstash-output-elasticsearch 11.4.2-java → 11.5.0-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -1
- data/docs/index.asciidoc +21 -8
- data/lib/logstash/outputs/elasticsearch/http_client.rb +2 -5
- data/lib/logstash/outputs/elasticsearch/http_client_builder.rb +5 -0
- data/lib/logstash/plugin_mixins/elasticsearch/api_configs.rb +2 -0
- data/logstash-output-elasticsearch.gemspec +1 -2
- data/spec/fixtures/test_certs/ca.crt +30 -29
- data/spec/fixtures/test_certs/test.crt +20 -18
- data/spec/fixtures/test_certs/test.p12 +0 -0
- data/spec/integration/outputs/compressed_indexing_spec.rb +1 -3
- data/spec/integration/outputs/index_spec.rb +59 -8
- data/spec/unit/outputs/elasticsearch/http_client_spec.rb +6 -8
- data/spec/unit/outputs/elasticsearch_ssl_spec.rb +1 -1
- metadata +2 -4
- data/spec/fixtures/test_certs/renew.sh +0 -11
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7eab2dc342c636e2d5df4e2f9bbd776b446cf110a0803c11fc919fcbbd2f2d83
|
|
4
|
+
data.tar.gz: 565ed3031b685f8541853043d486bda0cff8aa7da2c6f2733e0e2b43345de099
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1fbb452170d276531d9b202538d9cf0a23b834053309c818aaaff6f75dd41ecd3d787394234c295639d95d2fe763d1063424cff56b598d1ba16e2fe92374df44
|
|
7
|
+
data.tar.gz: 6b7f17fa679306e65ec94a048ef2205ec9f884cbd11fe1adf861dbb1eccaea752105c3bf149a4fe08f1cdb3c6189200d612dc4cece52ac937eb78d599b188926
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,8 @@
|
|
|
1
|
+
## 11.5.0
|
|
2
|
+
- Feat: add ssl_supported_protocols option [#1055](https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1055)
|
|
3
|
+
|
|
1
4
|
## 11.4.2
|
|
2
|
-
-
|
|
5
|
+
- [DOC] Add `v8` to supported values for ecs_compatiblity defaults [#1059](https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1059)
|
|
3
6
|
|
|
4
7
|
## 11.4.1
|
|
5
8
|
- Feat: upgrade manticore (http-client) library [#1063](https://github.com/logstash-plugins/logstash-output-elasticsearch/pull/1063)
|
data/docs/index.asciidoc
CHANGED
|
@@ -293,11 +293,6 @@ index level and `monitoring` permissions at cluster level. The `monitoring`
|
|
|
293
293
|
permission at cluster level is necessary to perform periodic connectivity
|
|
294
294
|
checks.
|
|
295
295
|
|
|
296
|
-
[id="plugins-{type}s-{plugin}-handling-non-utf-8"]
|
|
297
|
-
==== Handling non UTF-8 data
|
|
298
|
-
|
|
299
|
-
This plugin transmits events to Elasticsearch using a JSON API, and therefore requires that all string values in events to be valid UTF-8.
|
|
300
|
-
When a string value on an event contains one or more byte sequences that are not valid in UTF-8, each offending byte sequence is replaced with the UTF-8 replacement character (`\uFFFD`).
|
|
301
296
|
|
|
302
297
|
[id="plugins-{type}s-{plugin}-options"]
|
|
303
298
|
==== Elasticsearch Output Configuration Options
|
|
@@ -360,6 +355,7 @@ This plugin supports the following configuration options plus the
|
|
|
360
355
|
| <<plugins-{type}s-{plugin}-sniffing_path>> |<<string,string>>|No
|
|
361
356
|
| <<plugins-{type}s-{plugin}-ssl>> |<<boolean,boolean>>|No
|
|
362
357
|
| <<plugins-{type}s-{plugin}-ssl_certificate_verification>> |<<boolean,boolean>>|No
|
|
358
|
+
| <<plugins-{type}s-{plugin}-ssl_supported_protocols>> |<<string,string>>|No
|
|
363
359
|
| <<plugins-{type}s-{plugin}-template>> |a valid filesystem path|No
|
|
364
360
|
| <<plugins-{type}s-{plugin}-template_name>> |<<string,string>>|No
|
|
365
361
|
| <<plugins-{type}s-{plugin}-template_overwrite>> |<<boolean,boolean>>|No
|
|
@@ -559,7 +555,7 @@ If you don't set a value for this option:
|
|
|
559
555
|
* Value type is <<string,string>>
|
|
560
556
|
* Supported values are:
|
|
561
557
|
** `disabled`: does not provide ECS-compatible templates
|
|
562
|
-
** `v1`:
|
|
558
|
+
** `v1`,`v8`: Elastic Common Schema-compliant behavior
|
|
563
559
|
* Default value depends on which version of Logstash is running:
|
|
564
560
|
** When Logstash provides a `pipeline.ecs_compatibility` setting, its value is used as the default
|
|
565
561
|
** Otherwise, the default value is `disabled`.
|
|
@@ -1009,6 +1005,23 @@ Option to validate the server's certificate. Disabling this severely compromises
|
|
|
1009
1005
|
For more information on disabling certificate verification please read
|
|
1010
1006
|
https://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
|
|
1011
1007
|
|
|
1008
|
+
[id="plugins-{type}s-{plugin}-ssl_supported_protocols"]
|
|
1009
|
+
===== `ssl_supported_protocols`
|
|
1010
|
+
|
|
1011
|
+
* Value type is <<string,string>>
|
|
1012
|
+
* Allowed values are: `'TLSv1.1'`, `'TLSv1.2'`, `'TLSv1.3'`
|
|
1013
|
+
* Default depends on the JDK being used. With up-to-date Logstash, the default is `['TLSv1.2', 'TLSv1.3']`.
|
|
1014
|
+
`'TLSv1.1'` is not considered secure and is only provided for legacy applications.
|
|
1015
|
+
|
|
1016
|
+
List of allowed SSL/TLS versions to use when establishing a connection to the Elasticsearch cluster.
|
|
1017
|
+
|
|
1018
|
+
For Java 8 `'TLSv1.3'` is supported only since **8u262** (AdoptOpenJDK), but requires that you set the
|
|
1019
|
+
`LS_JAVA_OPTS="-Djdk.tls.client.protocols=TLSv1.3"` system property in Logstash.
|
|
1020
|
+
|
|
1021
|
+
NOTE: If you configure the plugin to use `'TLSv1.1'` on any recent JVM, such as the one packaged with Logstash,
|
|
1022
|
+
the protocol is disabled by default and needs to be enabled manually by changing `jdk.tls.disabledAlgorithms` in
|
|
1023
|
+
the *$JDK_HOME/conf/security/java.security* configuration file. That is, `TLSv1.1` needs to be removed from the list.
|
|
1024
|
+
|
|
1012
1025
|
[id="plugins-{type}s-{plugin}-template"]
|
|
1013
1026
|
===== `template`
|
|
1014
1027
|
|
|
@@ -1023,8 +1036,8 @@ If not set, the included template will be used.
|
|
|
1023
1036
|
|
|
1024
1037
|
* Value type is <<string,string>>
|
|
1025
1038
|
* Default value depends on whether <<plugins-{type}s-{plugin}-ecs_compatibility>> is enabled:
|
|
1026
|
-
|
|
1027
|
-
|
|
1039
|
+
** ECS Compatibility disabled: `logstash`
|
|
1040
|
+
** ECS Compatibility enabled: `ecs-logstash`
|
|
1028
1041
|
|
|
1029
1042
|
|
|
1030
1043
|
This configuration option defines how the template is named inside Elasticsearch.
|
|
@@ -127,9 +127,6 @@ module LogStash; module Outputs; class ElasticSearch;
|
|
|
127
127
|
action.map {|line| LogStash::Json.dump(line)}.join("\n") :
|
|
128
128
|
LogStash::Json.dump(action)
|
|
129
129
|
as_json << "\n"
|
|
130
|
-
|
|
131
|
-
as_json.scrub! # ensure generated JSON is valid UTF-8
|
|
132
|
-
|
|
133
130
|
if (stream_writer.pos + as_json.bytesize) > TARGET_BULK_BYTES && stream_writer.pos > 0
|
|
134
131
|
stream_writer.flush # ensure writer has sync'd buffers before reporting sizes
|
|
135
132
|
logger.debug("Sending partial bulk request for batch with one or more actions remaining.",
|
|
@@ -286,11 +283,11 @@ module LogStash; module Outputs; class ElasticSearch;
|
|
|
286
283
|
end
|
|
287
284
|
|
|
288
285
|
def client_settings
|
|
289
|
-
@options[:client_settings] || {}
|
|
286
|
+
@_client_settings ||= @options[:client_settings] || {}
|
|
290
287
|
end
|
|
291
288
|
|
|
292
289
|
def ssl_options
|
|
293
|
-
client_settings.fetch(:ssl, {})
|
|
290
|
+
@_ssl_options ||= client_settings.fetch(:ssl, {})
|
|
294
291
|
end
|
|
295
292
|
|
|
296
293
|
def http_compression
|
|
@@ -132,11 +132,16 @@ module LogStash; module Outputs; class ElasticSearch;
|
|
|
132
132
|
ssl_options[:keystore] = keystore
|
|
133
133
|
ssl_options[:keystore_password] = keystore_password.value if keystore_password
|
|
134
134
|
end
|
|
135
|
+
|
|
135
136
|
if !params["ssl_certificate_verification"]
|
|
136
137
|
logger.warn "You have enabled encryption but DISABLED certificate verification, " +
|
|
137
138
|
"to make sure your data is secure remove `ssl_certificate_verification => false`"
|
|
138
139
|
ssl_options[:verify] = :disable # false accepts self-signed but still validates hostname
|
|
139
140
|
end
|
|
141
|
+
|
|
142
|
+
protocols = params['ssl_supported_protocols']
|
|
143
|
+
ssl_options[:protocols] = protocols if protocols && protocols.any?
|
|
144
|
+
|
|
140
145
|
{ ssl: ssl_options }
|
|
141
146
|
end
|
|
142
147
|
|
|
@@ -66,6 +66,8 @@ module LogStash; module PluginMixins; module ElasticSearch
|
|
|
66
66
|
# Set the keystore password
|
|
67
67
|
:keystore_password => { :validate => :password },
|
|
68
68
|
|
|
69
|
+
:ssl_supported_protocols => { :validate => ['TLSv1.1', 'TLSv1.2', 'TLSv1.3'], :default => [], :list => true },
|
|
70
|
+
|
|
69
71
|
# This setting asks Elasticsearch for the list of all cluster nodes and adds them to the hosts list.
|
|
70
72
|
# Note: This will return ALL nodes with HTTP enabled (including master nodes!). If you use
|
|
71
73
|
# this with master nodes, you probably want to disable HTTP on them by setting
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
Gem::Specification.new do |s|
|
|
2
2
|
s.name = 'logstash-output-elasticsearch'
|
|
3
|
-
s.version = '11.
|
|
4
|
-
|
|
3
|
+
s.version = '11.5.0'
|
|
5
4
|
s.licenses = ['apache-2.0']
|
|
6
5
|
s.summary = "Stores logs in Elasticsearch"
|
|
7
6
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
|
@@ -1,31 +1,32 @@
|
|
|
1
1
|
-----BEGIN CERTIFICATE-----
|
|
2
|
-
|
|
3
|
-
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
2
|
+
MIIFeTCCA2GgAwIBAgIUU+VHJ91JsLLA1GJYC+UchNfw3hEwDQYJKoZIhvcNAQEL
|
|
3
|
+
BQAwTDELMAkGA1UEBhMCUFQxCzAJBgNVBAgMAk5BMQ8wDQYDVQQHDAZMaXNib24x
|
|
4
|
+
DjAMBgNVBAoMBU15TGFiMQ8wDQYDVQQDDAZSb290Q0EwHhcNMTkwNzE1MTMxMTI5
|
|
5
|
+
WhcNMjQwNzE0MTMxMTI5WjBMMQswCQYDVQQGEwJQVDELMAkGA1UECAwCTkExDzAN
|
|
6
|
+
BgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxDzANBgNVBAMMBlJvb3RDQTCC
|
|
7
|
+
AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMtTMqAWuH17b9XqPa5L3HNq
|
|
8
|
+
gnZ958+gvcOt7Q/sOEvcDQJgkzZ+Gywh5er5JF2iomYOHiD5JncYr4YmRQKuYfD6
|
|
9
|
+
B1WI5FuQthD/OlA1/RHqtbY27J33SaO66ro8gal7vjHrXKQkefVYRwdfO6DqqbhV
|
|
10
|
+
6L4sMiy8FzQ55TMpoM35cWuvoAMxvSQqGZ4pYYKnfNSGhzHvssfNS1xu/Lwb7Vju
|
|
11
|
+
4jPhp+43BkGwEimI5km7jNC1nwjiHtxDsY/s93AKa/vLktXKUK5nA3jjJOhAbRTV
|
|
12
|
+
nbOAgxFt0YbX98xW/aUqscgBUVs9J/MyTRMwVKJ7Vsmth1PdJQksUASuzESlSPl0
|
|
13
|
+
9dMjTQ+MXzJDt0JvX8SIJPmbBng78MSaCUhpOZiii1l2mBfPWejx20I/SMCUNmzb
|
|
14
|
+
wm2w9JD50Jv2iX4l4ge4H1CIK1/orW1pdY9xPL0uKYm6ADsDC0B8sGgNMBXeB6aL
|
|
15
|
+
ojY1/ITwmmfpfk9c/yWPfC7stHgCYRAv5MfGAsmv0/ya5VrWQGBJkFiYy1pon6nx
|
|
16
|
+
UjCbgn0RABojRoGdhhY3QDipgwmSgFZxr064RFr1bt/Ml3MJmPf535mSwPdk/j/z
|
|
17
|
+
w4IZTvlmwKW3FyMDhwYL/zX7J0c6MzMPLEdi73Qjzmr3ENIrir4O86wNz81YRfYk
|
|
18
|
+
g9ZX8yKJK9LBAUrYCjJ3AgMBAAGjUzBRMB0GA1UdDgQWBBShWnSceOrqYn9Qa4WG
|
|
19
|
+
dIrvKNs/KzAfBgNVHSMEGDAWgBShWnSceOrqYn9Qa4WGdIrvKNs/KzAPBgNVHRMB
|
|
20
|
+
Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBRQK0m3t5h2Y3CUCJYLMiCUge4
|
|
21
|
+
UOzvpCoawSXH1FP2ycA+P1bP8H8htjwvV334ZADlQrDQRu0hqa1T+DxwhLxNOxgE
|
|
22
|
+
1XCthN3TTyd3O1mT4NmT6mcn2wYSn/JC6fPwFcloX8BcUvxl+xwmOgL/pzgf1ekK
|
|
23
|
+
MVS0n+r3bzdFTgGnvsmxmPHe2bUhyXXqzQIx3ObSGtuKYUu7aZEysEtJhaR+vGTd
|
|
24
|
+
jjTOV2S71edVlKTxRLZpHgoTZpBL/phwRQ63vdef4ftNGs0glGDc0yqXGMxMALOl
|
|
25
|
+
Up7+H4HI99rldZcul6oZ+ORltt047Hk7ctWb20SqxEH9tGLXKm6hDEL9HzyFXeyJ
|
|
26
|
+
DAue1GF+3H0KvsjSs5XH7LHMuJDCuSP64+h9gzkI+q06oBNX/9pQyQaHj0K4don8
|
|
27
|
+
lWOMLI4gQibV7R1Opt2feA8MwWxouP/yni8IX6sPePVQ+fLEk1C+Kg+x6k1yQHEM
|
|
28
|
+
36BEP6iYOYvqG0OIjMas2U7Yhn2wWlVm9It3WMyaW8ZPI8kwc3dx715dZuNg/zjd
|
|
29
|
+
rJS678BNBVxInc7dzpY6el0Lr70CGwiJpX/N9P1yiTFZ7GZm3Kax8QnTtvqXzRIy
|
|
30
|
+
sBgt8BVZHUe1lWFYlG+jlakiXqz752nmHuwif7iBI4iWzRmW2vYPfTEmYPRLZES2
|
|
31
|
+
nIg9fQPvVw+fIHACZQ==
|
|
31
32
|
-----END CERTIFICATE-----
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
-----BEGIN CERTIFICATE-----
|
|
2
|
-
|
|
2
|
+
MIIGQjCCBCqgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBMMQswCQYDVQQGEwJQVDEL
|
|
3
3
|
MAkGA1UECAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxDzAN
|
|
4
|
-
|
|
4
|
+
BgNVBAMMBlJvb3RDQTAeFw0xOTA3MTUxMzEzMDVaFw0yMjA0MTAxMzEzMDVaMFMx
|
|
5
5
|
CzAJBgNVBAYTAlBUMQswCQYDVQQIDAJOQTEPMA0GA1UEBwwGTGlzYm9uMQ4wDAYD
|
|
6
6
|
VQQKDAVNeUxhYjEWMBQGA1UEAwwNZWxhc3RpY3NlYXJjaDCCAiIwDQYJKoZIhvcN
|
|
7
7
|
AQEBBQADggIPADCCAgoCggIBAMYhP2zPOE3ke9naeK+cIPNV91htuoGGARs+mlY/
|
|
@@ -15,20 +15,22 @@ bFMKspGHnytQZF+a+mc5H33G9HiPP3jZE2JjrWlOay+j6ImylMgjcZmHAgaUe3ET
|
|
|
15
15
|
tyczoQ5/L5BNiyA2h+1TU8jWicNDtl1+CtOsgEVBBHA6p/IHhsHbNZWPrYtIO9mh
|
|
16
16
|
hiJw1R5yrITXnjZY0rObITwyt/e6Sc3YnoQfsSGaLJEG0aDc0RALAhgzj+RY8086
|
|
17
17
|
2RKOyfdw1sw1RmJKdCf+dOzhPyDpvauvCxrL8UZQTzcBs+qpxOWnZFRWeNsLwoDn
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
18
|
+
6JXXAgMBAAGjggEmMIIBIjAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAz
|
|
19
|
+
BglghkgBhvhCAQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgU2VydmVyIENlcnRpZmlj
|
|
20
|
+
YXRlMB0GA1UdDgQWBBRvvz0yGw6Tz2UxbBLAGyzVMtcMUDCBiAYDVR0jBIGAMH6A
|
|
21
|
+
FKFadJx46upif1BrhYZ0iu8o2z8roVCkTjBMMQswCQYDVQQGEwJQVDELMAkGA1UE
|
|
22
|
+
CAwCTkExDzANBgNVBAcMBkxpc2JvbjEOMAwGA1UECgwFTXlMYWIxDzANBgNVBAMM
|
|
23
|
+
BlJvb3RDQYIUU+VHJ91JsLLA1GJYC+UchNfw3hEwDgYDVR0PAQH/BAQDAgWgMBMG
|
|
24
|
+
A1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4ICAQCaABHQxm6mtrM9
|
|
25
|
+
f7kbgzuhEc47Q+bgrbjxeoIVOeO2Zshdw0SZlfkWvWe0622WSeWMsTBJ3hoaQwZe
|
|
26
|
+
9FUf1lnsWe6u6oOckiG9OjE0TyXJ7+eghdL1HPeXgJ+4ihwJsRtkNEljWf4HS7/n
|
|
27
|
+
y5LaFhcXdn2ZdbUKJ7z7zXqzh2Cp8VUBtsR+/IdiLjSN81dQou77/a2M/a/7BI2Z
|
|
28
|
+
HhUlUx1T7jHzNllJBRF3IaOk72yjoU4cL0qVy9874SXPwdpeFHtvS4TdQTLqnAGR
|
|
29
|
+
liHJcB1ZNz1sVOXndw3Wbvv6iB5y+IX/Y/kRSHS6zpZGdAb7ar/Vgl+Uvs3fKi44
|
|
30
|
+
y9hq2b49bYlcSQMtmlimCBDiu82z0aYtVFLalZ2L/W7CMaeE3jpyzu/bbygRv/Bp
|
|
31
|
+
lKSaUtaFIVgiuRBPwIBDMyai3CJ5L+dJrJPU2JzzQvtJGFQCFCIHd9rqweubZB6V
|
|
32
|
+
re5cUn4dxlxA5SkZ0amFFV5DpP0YhThA/gq0t/NeWRmCEEBWNXZaqFmDhiYS5mnu
|
|
33
|
+
Z+NUtv8E332S46RdfneHe961SlMXEFC96I+1HOjXHdXlqKfOU8Qvy8VzsnpjuNE5
|
|
34
|
+
VTrvnAM1L3LwqtYQYfUWUHYZFYdvh8layA2ImNE7yx/9wIIkw/L1j9m71Upi6WKR
|
|
35
|
+
FKbYFqzgpWksa+zZ2RYYplUAxq0wYw==
|
|
34
36
|
-----END CERTIFICATE-----
|
|
Binary file
|
|
@@ -10,12 +10,10 @@ end
|
|
|
10
10
|
|
|
11
11
|
describe "indexing with http_compression turned on", :integration => true do
|
|
12
12
|
let(:event) { LogStash::Event.new("message" => "Hello World!", "type" => type) }
|
|
13
|
-
let(:event_with_invalid_utf_8_bytes) { LogStash::Event.new("message" => "Message from spacecraft which contains \xAC invalid \xD7 byte sequences.", "type" => type) }
|
|
14
13
|
let(:index) { 10.times.collect { rand(10).to_s }.join("") }
|
|
15
14
|
let(:type) { ESHelper.es_version_satisfies?("< 7") ? "doc" : "_doc" }
|
|
16
15
|
let(:event_count) { 10000 + rand(500) }
|
|
17
|
-
|
|
18
|
-
let(:events) { event_count.times.map { |i| i%3 == 0 ? event : event_with_invalid_utf_8_bytes }.to_a }
|
|
16
|
+
let(:events) { event_count.times.map { event }.to_a }
|
|
19
17
|
let(:config) {
|
|
20
18
|
{
|
|
21
19
|
"hosts" => get_host_port,
|
|
@@ -60,25 +60,48 @@ describe "indexing" do
|
|
|
60
60
|
|
|
61
61
|
let(:curl_opts) { nil }
|
|
62
62
|
|
|
63
|
+
let(:es_admin) { 'admin' } # default user added in ES -> 8.x requires auth credentials for /_refresh etc
|
|
64
|
+
let(:es_admin_pass) { 'elastic' }
|
|
65
|
+
|
|
63
66
|
def curl_and_get_json_response(url, method: :get); require 'open3'
|
|
67
|
+
cmd = "curl -s -v --show-error #{curl_opts} -X #{method.to_s.upcase} -k #{url}"
|
|
64
68
|
begin
|
|
65
|
-
|
|
69
|
+
out, err, status = Open3.capture3(cmd)
|
|
66
70
|
rescue Errno::ENOENT
|
|
67
71
|
fail "curl not available, make sure curl binary is installed and available on $PATH"
|
|
68
72
|
end
|
|
69
73
|
|
|
70
74
|
if status.success?
|
|
71
|
-
|
|
75
|
+
http_status = err.match(/< HTTP\/1.1 (\d+)/)[1] || '0' # < HTTP/1.1 200 OK\r\n
|
|
76
|
+
|
|
77
|
+
if http_status.strip[0].to_i > 2
|
|
78
|
+
error = (LogStash::Json.load(out)['error']) rescue nil
|
|
79
|
+
if error
|
|
80
|
+
fail "#{cmd.inspect} received an error: #{http_status}\n\n#{error.inspect}"
|
|
81
|
+
else
|
|
82
|
+
warn out
|
|
83
|
+
fail "#{cmd.inspect} unexpected response: #{http_status}\n\n#{err}"
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
LogStash::Json.load(out)
|
|
72
88
|
else
|
|
73
|
-
|
|
89
|
+
warn out
|
|
90
|
+
fail "#{cmd.inspect} process failed: #{status}\n\n#{err}"
|
|
74
91
|
end
|
|
75
92
|
end
|
|
76
93
|
|
|
94
|
+
let(:initial_events) { [] }
|
|
95
|
+
|
|
77
96
|
before do
|
|
78
97
|
subject.register
|
|
79
|
-
subject.multi_receive(
|
|
98
|
+
subject.multi_receive(initial_events) if initial_events
|
|
80
99
|
end
|
|
81
|
-
|
|
100
|
+
|
|
101
|
+
after do
|
|
102
|
+
subject.do_close
|
|
103
|
+
end
|
|
104
|
+
|
|
82
105
|
shared_examples "an indexer" do |secure|
|
|
83
106
|
it "ships events" do
|
|
84
107
|
subject.multi_receive(events)
|
|
@@ -146,17 +169,17 @@ describe "indexing" do
|
|
|
146
169
|
let(:user) { "simpleuser" }
|
|
147
170
|
let(:password) { "abc123" }
|
|
148
171
|
let(:cacert) { "spec/fixtures/test_certs/ca.crt" }
|
|
149
|
-
let(:es_url) {"https
|
|
172
|
+
let(:es_url) { "https://#{get_host_port}" }
|
|
150
173
|
let(:config) do
|
|
151
174
|
{
|
|
152
|
-
"hosts" => [
|
|
175
|
+
"hosts" => [ get_host_port ],
|
|
153
176
|
"user" => user,
|
|
154
177
|
"password" => password,
|
|
155
178
|
"ssl" => true,
|
|
156
179
|
"cacert" => cacert,
|
|
157
180
|
"index" => index
|
|
158
181
|
}
|
|
159
|
-
end
|
|
182
|
+
end
|
|
160
183
|
|
|
161
184
|
let(:curl_opts) { "-u #{user}:#{password}" }
|
|
162
185
|
|
|
@@ -197,6 +220,8 @@ describe "indexing" do
|
|
|
197
220
|
|
|
198
221
|
else
|
|
199
222
|
|
|
223
|
+
let(:curl_opts) { "#{super()} --tlsv1.2 --tls-max 1.3 -u #{es_admin}:#{es_admin_pass}" } # due ES 8.x we need user/password
|
|
224
|
+
|
|
200
225
|
it_behaves_like("an indexer", true)
|
|
201
226
|
|
|
202
227
|
describe "with a password requiring escaping" do
|
|
@@ -219,6 +244,32 @@ describe "indexing" do
|
|
|
219
244
|
include_examples("an indexer", true)
|
|
220
245
|
end
|
|
221
246
|
|
|
247
|
+
context 'with enforced TLSv1.3 protocol' do
|
|
248
|
+
let(:config) { super().merge 'ssl_supported_protocols' => [ 'TLSv1.3' ] }
|
|
249
|
+
|
|
250
|
+
it_behaves_like("an indexer", true)
|
|
251
|
+
end
|
|
252
|
+
|
|
253
|
+
context 'with enforced TLSv1.2 protocol (while ES only enabled TLSv1.3)' do
|
|
254
|
+
let(:config) { super().merge 'ssl_supported_protocols' => [ 'TLSv1.2' ] }
|
|
255
|
+
|
|
256
|
+
let(:initial_events) { nil }
|
|
257
|
+
|
|
258
|
+
it "does not ship events" do
|
|
259
|
+
curl_and_get_json_response index_url, method: :put # make sure index exists
|
|
260
|
+
Thread.start { subject.multi_receive(events) } # we'll be stuck in a retry loop
|
|
261
|
+
sleep 2.5
|
|
262
|
+
|
|
263
|
+
curl_and_get_json_response "#{es_url}/_refresh", method: :post
|
|
264
|
+
|
|
265
|
+
result = curl_and_get_json_response "#{index_url}/_count?q=*"
|
|
266
|
+
cur_count = result["count"]
|
|
267
|
+
expect(cur_count).to eq(0) # ES output keeps re-trying but ends up with a
|
|
268
|
+
# [Manticore::ClientProtocolException] Received fatal alert: protocol_version
|
|
269
|
+
end
|
|
270
|
+
|
|
271
|
+
end if ENV['ES_SSL_SUPPORTED_PROTOCOLS'] == 'TLSv1.3'
|
|
272
|
+
|
|
222
273
|
end
|
|
223
274
|
|
|
224
275
|
end
|
|
@@ -243,14 +243,12 @@ describe LogStash::Outputs::ElasticSearch::HttpClient do
|
|
|
243
243
|
end
|
|
244
244
|
end
|
|
245
245
|
|
|
246
|
-
context "with
|
|
247
|
-
let(:
|
|
248
|
-
let(:
|
|
249
|
-
let(:invalid_utf_8_message) { "contains invalid \xAC" }
|
|
246
|
+
context "with two messages" do
|
|
247
|
+
let(:message1) { "hey" }
|
|
248
|
+
let(:message2) { "you" }
|
|
250
249
|
let(:actions) { [
|
|
251
|
-
["index", {:_id=>nil, :_index=>"logstash"}, {"message"=>
|
|
252
|
-
["index", {:_id=>nil, :_index=>"logstash"}, {"message"=>
|
|
253
|
-
["index", {:_id=>nil, :_index=>"logstash"}, {"message"=> message_tail}],
|
|
250
|
+
["index", {:_id=>nil, :_index=>"logstash"}, {"message"=> message1}],
|
|
251
|
+
["index", {:_id=>nil, :_index=>"logstash"}, {"message"=> message2}],
|
|
254
252
|
]}
|
|
255
253
|
it "executes one bulk_send operation" do
|
|
256
254
|
allow(subject).to receive(:join_bulk_responses)
|
|
@@ -260,7 +258,7 @@ describe LogStash::Outputs::ElasticSearch::HttpClient do
|
|
|
260
258
|
|
|
261
259
|
context "if one exceeds TARGET_BULK_BYTES" do
|
|
262
260
|
let(:target_bulk_bytes) { LogStash::Outputs::ElasticSearch::TARGET_BULK_BYTES }
|
|
263
|
-
let(:
|
|
261
|
+
let(:message1) { "a" * (target_bulk_bytes + 1) }
|
|
264
262
|
it "executes two bulk_send operations" do
|
|
265
263
|
allow(subject).to receive(:join_bulk_responses)
|
|
266
264
|
expect(subject).to receive(:bulk_send).twice
|
|
@@ -33,7 +33,7 @@ describe "SSL option" do
|
|
|
33
33
|
|
|
34
34
|
it "should pass the flag to the ES client" do
|
|
35
35
|
expect(::Manticore::Client).to receive(:new) do |args|
|
|
36
|
-
expect(args[:ssl]).to
|
|
36
|
+
expect(args[:ssl]).to match hash_including(:enabled => true, :verify => :disable)
|
|
37
37
|
end.and_return(manticore_double)
|
|
38
38
|
|
|
39
39
|
subject.register
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: logstash-output-elasticsearch
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 11.
|
|
4
|
+
version: 11.5.0
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Elastic
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-04-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -246,7 +246,6 @@ files:
|
|
|
246
246
|
- spec/fixtures/template-with-policy-es8x.json
|
|
247
247
|
- spec/fixtures/test_certs/ca.crt
|
|
248
248
|
- spec/fixtures/test_certs/ca.key
|
|
249
|
-
- spec/fixtures/test_certs/renew.sh
|
|
250
249
|
- spec/fixtures/test_certs/test.crt
|
|
251
250
|
- spec/fixtures/test_certs/test.key
|
|
252
251
|
- spec/fixtures/test_certs/test.p12
|
|
@@ -329,7 +328,6 @@ test_files:
|
|
|
329
328
|
- spec/fixtures/template-with-policy-es8x.json
|
|
330
329
|
- spec/fixtures/test_certs/ca.crt
|
|
331
330
|
- spec/fixtures/test_certs/ca.key
|
|
332
|
-
- spec/fixtures/test_certs/renew.sh
|
|
333
331
|
- spec/fixtures/test_certs/test.crt
|
|
334
332
|
- spec/fixtures/test_certs/test.key
|
|
335
333
|
- spec/fixtures/test_certs/test.p12
|
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
#!/usr/bin/env bash
|
|
2
|
-
|
|
3
|
-
set -e
|
|
4
|
-
cd "$(dirname "$0")"
|
|
5
|
-
|
|
6
|
-
openssl x509 -x509toreq -copy_extensions copyall -in ca.crt -signkey ca.key -out ca.csr
|
|
7
|
-
openssl x509 -req -copy_extensions copyall -days 365 -in ca.csr -set_serial 0x01 -signkey ca.key -out ca.crt && rm ca.csr
|
|
8
|
-
|
|
9
|
-
openssl x509 -x509toreq -copy_extensions copyall -in test.crt -signkey test.key -out test.csr
|
|
10
|
-
openssl x509 -req -copy_extensions copyall -days 365 -in test.csr -set_serial 0x01 -CA ca.crt -CAkey ca.key -out test.crt && rm test.csr
|
|
11
|
-
openssl pkcs12 -export -inkey test.key -in test.crt -passout "pass:1234567890" -out test.p12
|