logstash-output-kusto 1.0.4-java → 1.0.5-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d0c02170a8a1c426975e2d6ecccf2aafee37a5854bbe0f561683bcdb27c5b92b
-  data.tar.gz: f1c656fc23c2dec86f8a160409021993ca9d3158150084c377f94de0411f3c64
+  metadata.gz: 40d2d10177bc99b9da270d95a843ca5490689ac6a9bbdd548744d041e29a557c
+  data.tar.gz: b5f85499389d432eb0e60e5be23bb75ea7b9c5c43df6a1d1a7e07f3b5fd44c57
 SHA512:
-  metadata.gz: 0bc36e11ea8ab73e6124e74660b6151d57807bce9b326f7c208ccaa86407d4875c42d51a14e64e6b742c0c30a71dea8b4cdb10d12af68eb8f27357c723821a3a
-  data.tar.gz: 968894881afa4e55deeac8924bd98f84e9bee3181afbd0dc530821db265997505b61dd53c71b9a46a8775c691369ccdc9704486461cacebc4cc68ef0d0851ee8
+  metadata.gz: 82e08571c9c68c67dd7e2c8f653cfce159b01902cee31982ddefa9cea59769510acb25ebf5d3ae2ed18354a7ccae1ba0dcc6b6135940a706447b017d80d520fb
+  data.tar.gz: b3c7c5860bfe0fea8e7da8d5e5356a56b6dd54733214f46c6492e452580c635da637be223a80723db05c2c496edda4d8b607ebe47138a582b0b1fc8be7e5bd4a

data/CHANGELOG.md

@@ -28,4 +28,10 @@
 # 1.0.0
 
 - Use stable (2.1.2) version of the java sdk, and retrieve it from maven with bundler.
-- Renamed `mapping` to `json_mapping` in order to clarify usage. `mapping` still remains as a deprecated parameter.  
+- Renamed `mapping` to `json_mapping` in order to clarify usage. `mapping` still remains as a deprecated parameter.  
+
+
+# 1.0.5
+
+- Use (3.1.3) version of the java sdk, and retrieve it from maven with bundler.
+- Added support for `proxy_host` `proxy_port` `proxy_protocol` to support proxying ingestion to Kusto

data/README.md

@@ -39,6 +39,9 @@ output {
             database => "<database name>"
             table => "<target table>"
             json_mapping => "<mapping name>"
+            proxy_host => "<proxy host>"
+            proxy_port => <proxy port>
+            proxy_protocol => <"http"|"https">              
 	}
 }
 ```
@@ -57,6 +60,16 @@ More information about configuring Logstash can be found in the [logstash config
 | **recovery** | If set to true (default), plugin will attempt to resend pre-existing temp files found in the path upon startup | |
 | **delete_temp_files** | Determines if temp files will be deleted after a successful upload (true is default; set false for debug purposes only)| |
 | **flush_interval** | The time (in seconds) for flushing writes to temporary files. Default is 2 seconds, 0 will flush on every event. Increase this value to reduce IO calls but keep in mind that events in the buffer will be lost in case of abrupt failure.| |
+| **proxy_host** | The proxy hostname for redirecting traffic to Kusto.| |
+| **proxy_port** | The proxy port for the proxy. Defaults to 80.| |
+| **proxy_protocol** | The proxy server protocol , is one of http or https.| |
+
+> Note : LS_JAVA_OPTS can be used to set proxy parameters as well (using export or SET options)
+
+```bash
+export  LS_JAVA_OPTS="-Dhttp.proxyHost=1.2.34 -Dhttp.proxyPort=8989 -Dhttps.proxyHost=1.2.3.4 -Dhttps.proxyPort=8989"
+```
+
 
 ## Development Requirements
 

data/SECURITY.md

@@ -0,0 +1,41 @@
+<!-- BEGIN MICROSOFT SECURITY.MD V0.0.7 BLOCK -->
+
+## Security
+
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [our GitHub organizations](https://opensource.microsoft.com/).
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/opensource/security/definition), please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/opensource/security/create-report).
+
+If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc). 
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+  * Full paths of source file(s) related to the manifestation of the issue
+  * The location of the affected source code (tag/branch/commit or direct URL)
+  * Any special configuration required to reproduce the issue
+  * Step-by-step instructions to reproduce the issue
+  * Proof-of-concept or exploit code (if possible)
+  * Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/opensource/security/bounty) page for more details about our active programs.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Policy
+
+Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/opensource/security/cvd).
+
+<!-- END MICROSOFT SECURITY.MD BLOCK -->

data/lib/logstash/outputs/kusto/ingestor.rb

@@ -20,23 +20,30 @@ class LogStash::Outputs::Kusto < LogStash::Outputs::Base
     LOW_QUEUE_LENGTH = 3
     FIELD_REF = /%\{[^}]+\}/
 
-    def initialize(ingest_url, app_id, app_key, app_tenant, database, table, json_mapping, delete_local, logger, threadpool = DEFAULT_THREADPOOL)
+    def initialize(ingest_url, app_id, app_key, app_tenant, database, table, json_mapping, delete_local, proxy_host , proxy_port , proxy_protocol,logger, threadpool = DEFAULT_THREADPOOL)
       @workers_pool = threadpool
       @logger = logger
-
-      validate_config(database, table, json_mapping)
-
-      @logger.debug('Preparing Kusto resources.')
+      validate_config(database, table, json_mapping,proxy_protocol)
+      @logger.info('Preparing Kusto resources.')
 
       kusto_java = Java::com.microsoft.azure.kusto
+      apache_http = Java::org.apache.http
       kusto_connection_string = kusto_java.data.auth.ConnectionStringBuilder.createWithAadApplicationCredentials(ingest_url, app_id, app_key.value, app_tenant)
+      #
       @logger.debug(Gem.loaded_specs.to_s)
       # Unfortunately there's no way to avoid using the gem/plugin name directly...
       name_for_tracing = "logstash-output-kusto:#{Gem.loaded_specs['logstash-output-kusto']&.version || "unknown"}"
       @logger.debug("Client name for tracing: #{name_for_tracing}")
       kusto_connection_string.setClientVersionForTracing(name_for_tracing)
-
-      @kusto_client = kusto_java.ingest.IngestClientFactory.createClient(kusto_connection_string)
+      
+      @kusto_client = begin
+        if proxy_host.nil? || proxy_host.empty?
+          kusto_java.ingest.IngestClientFactory.createClient(kusto_connection_string)
+        else
+          kusto_http_client_properties = kusto_java.data.HttpClientProperties.builder().proxy(apache_http.HttpHost.new(proxy_host,proxy_port,proxy_protocol)).build()
+          kusto_java.ingest.IngestClientFactory.createClient(kusto_connection_string, kusto_http_client_properties)
+        end
+      end
 
       @ingestion_properties = kusto_java.ingest.IngestionProperties.new(database, table)
       @ingestion_properties.setIngestionMapping(json_mapping, kusto_java.ingest.IngestionMapping::IngestionMappingKind::JSON)
@@ -46,7 +53,7 @@ class LogStash::Outputs::Kusto < LogStash::Outputs::Base
       @logger.debug('Kusto resources are ready.')
     end
 
-    def validate_config(database, table, json_mapping)
+    def validate_config(database, table, json_mapping,proxy_protocol)
       if database =~ FIELD_REF
         @logger.error('database config value should not be dynamic.', database)
         raise LogStash::ConfigurationError.new('database config value should not be dynamic.')
@@ -61,6 +68,12 @@ class LogStash::Outputs::Kusto < LogStash::Outputs::Base
         @logger.error('json_mapping config value should not be dynamic.', json_mapping)
         raise LogStash::ConfigurationError.new('json_mapping config value should not be dynamic.')
       end
+
+      if not(["https", "http"].include? proxy_protocol)
+        @logger.error('proxy_protocol has to be http or https.', proxy_protocol)
+        raise LogStash::ConfigurationError.new('proxy_protocol has to be http or https.')
+      end
+
     end
 
     def upload_async(path, delete_on_success)
@@ -95,11 +108,13 @@ class LogStash::Outputs::Kusto < LogStash::Outputs::Base
       #   local_ingestion_properties.addJsonMappingName(json_mapping)
       # end
 
-      file_source_info = Java::com.microsoft.azure.kusto.ingest.source.FileSourceInfo.new(path, 0); # 0 - let the sdk figure out the size of the file
-      @kusto_client.ingestFromFile(file_source_info, @ingestion_properties)
-
+      if file_size > 0
+        file_source_info = Java::com.microsoft.azure.kusto.ingest.source.FileSourceInfo.new(path, 0); # 0 - let the sdk figure out the size of the file
+        @kusto_client.ingestFromFile(file_source_info, @ingestion_properties)
+      else
+        @logger.warn("File #{path} is an empty file and is not ingested.")
+      end
       File.delete(path) if delete_on_success
-
       @logger.debug("File #{path} sent to kusto.")
     rescue Errno::ENOENT => e
       @logger.error("File doesn't exist! Unrecoverable error.", exception: e.class, message: e.message, path: path, backtrace: e.backtrace)

data/lib/logstash/outputs/kusto.rb

@@ -88,7 +88,7 @@ class LogStash::Outputs::Kusto < LogStash::Outputs::Base
   # Note that this must be in JSON format, as this is the interface between Logstash and Kusto
   config :json_mapping, validate: :string, required: true
 
-  # Mappung name - deprecated, use json_mapping
+  # Mapping name - deprecated, use json_mapping
   config :mapping, validate: :string, deprecated: true
 
 
@@ -106,6 +106,15 @@ class LogStash::Outputs::Kusto < LogStash::Outputs::Base
   # starts processing them in the main thread (not healthy)
   config :upload_queue_size, validate: :number, default: 30
 
+  # Host of the proxy , is an optional field. Can connect directly
+  config :proxy_host, validate: :string, required: false
+
+  # Port where the proxy runs , defaults to 80. Usually a value like 3128
+  config :proxy_port, validate: :number, required: false , default: 80
+
+  # Check Proxy URL can be over http or https. Dowe need it this way or ignore this & remove this
+  config :proxy_protocol, validate: :string, required: false , default: 'http'
+
   default :codec, 'json_lines'
 
   def register
@@ -141,7 +150,7 @@ class LogStash::Outputs::Kusto < LogStash::Outputs::Base
                                                   max_queue: upload_queue_size,
                                                   fallback_policy: :caller_runs)
 
-    @ingestor = Ingestor.new(ingest_url, app_id, app_key, app_tenant, database, table, final_mapping, delete_temp_files, @logger, executor)
+    @ingestor = Ingestor.new(ingest_url, app_id, app_key, app_tenant, database, table, final_mapping, delete_temp_files, proxy_host, proxy_port,proxy_protocol, @logger, executor)
 
     # send existing files
     recover_past_files if recovery

data/lib/logstash-output-kusto_jars.rb

@@ -4,7 +4,9 @@ begin
 rescue LoadError
   require 'io/netty/netty-resolver-dns-native-macos/4.1.68.Final/netty-resolver-dns-native-macos-4.1.68.Final-osx-x86_64.jar'
   require 'com/google/guava/guava/24.1.1-jre/guava-24.1.1-jre.jar'
+  require 'com/microsoft/azure/kusto/kusto-data/3.1.3/kusto-data-3.1.3.jar'
   require 'com/microsoft/azure/azure-storage/8.6.6/azure-storage-8.6.6.jar'
+  require 'com/microsoft/azure/kusto/kusto-ingest/3.1.3/kusto-ingest-3.1.3.jar'
   require 'io/projectreactor/netty/reactor-netty-http/1.0.11/reactor-netty-http-1.0.11.jar'
   require 'net/java/dev/jna/jna/5.5.0/jna-5.5.0.jar'
   require 'io/netty/netty-handler-proxy/4.1.68.Final/netty-handler-proxy-4.1.68.Final.jar'
@@ -31,7 +33,6 @@ rescue LoadError
   require 'jakarta/activation/jakarta.activation-api/1.2.1/jakarta.activation-api-1.2.1.jar'
   require 'commons-logging/commons-logging/1.2/commons-logging-1.2.jar'
   require 'net/minidev/accessors-smart/2.4.7/accessors-smart-2.4.7.jar'
-  require 'com/microsoft/azure/kusto/kusto-ingest/3.1.1/kusto-ingest-3.1.1.jar'
   require 'io/netty/netty-codec/4.1.68.Final/netty-codec-4.1.68.Final.jar'
   require 'commons-codec/commons-codec/1.11/commons-codec-1.11.jar'
   require 'com/microsoft/azure/msal4j-persistence-extension/1.1.0/msal4j-persistence-extension-1.1.0.jar'
@@ -43,7 +44,6 @@ rescue LoadError
   require 'com/fasterxml/jackson/core/jackson-annotations/2.13.0/jackson-annotations-2.13.0.jar'
   require 'com/google/code/findbugs/jsr305/1.3.9/jsr305-1.3.9.jar'
   require 'org/checkerframework/checker-compat-qual/2.0.0/checker-compat-qual-2.0.0.jar'
-  require 'com/microsoft/azure/kusto/kusto-data/3.1.1/kusto-data-3.1.1.jar'
   require 'org/apache/httpcomponents/httpclient/4.5.13/httpclient-4.5.13.jar'
   require 'com/google/j2objc/j2objc-annotations/1.1/j2objc-annotations-1.1.jar'
   require 'io/netty/netty-codec-http/4.1.68.Final/netty-codec-http-4.1.68.Final.jar'
@@ -78,7 +78,9 @@ end
 if defined? Jars
   require_jar 'io.netty', 'netty-resolver-dns-native-macos', 'osx-x86_64', '4.1.68.Final'
   require_jar 'com.google.guava', 'guava', '24.1.1-jre'
+  require_jar 'com.microsoft.azure.kusto', 'kusto-data', '3.1.3'
   require_jar 'com.microsoft.azure', 'azure-storage', '8.6.6'
+  require_jar 'com.microsoft.azure.kusto', 'kusto-ingest', '3.1.3'
   require_jar 'io.projectreactor.netty', 'reactor-netty-http', '1.0.11'
   require_jar 'net.java.dev.jna', 'jna', '5.5.0'
   require_jar 'io.netty', 'netty-handler-proxy', '4.1.68.Final'
@@ -105,7 +107,6 @@ if defined? Jars
   require_jar 'jakarta.activation', 'jakarta.activation-api', '1.2.1'
   require_jar 'commons-logging', 'commons-logging', '1.2'
   require_jar 'net.minidev', 'accessors-smart', '2.4.7'
-  require_jar 'com.microsoft.azure.kusto', 'kusto-ingest', '3.1.1'
   require_jar 'io.netty', 'netty-codec', '4.1.68.Final'
   require_jar 'commons-codec', 'commons-codec', '1.11'
   require_jar 'com.microsoft.azure', 'msal4j-persistence-extension', '1.1.0'
@@ -117,7 +118,6 @@ if defined? Jars
   require_jar 'com.fasterxml.jackson.core', 'jackson-annotations', '2.13.0'
   require_jar 'com.google.code.findbugs', 'jsr305', '1.3.9'
   require_jar 'org.checkerframework', 'checker-compat-qual', '2.0.0'
-  require_jar 'com.microsoft.azure.kusto', 'kusto-data', '3.1.1'
   require_jar 'org.apache.httpcomponents', 'httpclient', '4.5.13'
   require_jar 'com.google.j2objc', 'j2objc-annotations', '1.1'
   require_jar 'io.netty', 'netty-codec-http', '4.1.68.Final'

data/logstash-output-kusto.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name          = 'logstash-output-kusto' #WATCH OUT: we hardcoded usage of this name in one of the classes.
-  s.version       = '1.0.4'
+  s.version       = '1.0.5'
   s.licenses      = ['Apache-2.0']
   s.summary       = 'Writes events to Azure Data Explorer (Kusto)'
   s.description   = 'This is a logstash output plugin used to write events to an Azure Data Explorer (a.k.a Kusto)'
@@ -31,6 +31,6 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'rspec_junit_formatter'
 
   # Jar dependencies
-  s.requirements << "jar 'com.microsoft.azure.kusto, kusto-ingest, 3.1.1'"
+  s.requirements << "jar 'com.microsoft.azure.kusto, kusto-ingest, 3.1.3'"
   s.add_runtime_dependency 'jar-dependencies'
 end

data/spec/outputs/kusto/ingestor_spec.rb

@@ -11,6 +11,9 @@ describe LogStash::Outputs::Kusto::Ingestor do
   let(:app_tenant) { "mytenant" }
   let(:database) { "mydatabase" }
   let(:table) { "mytable" }
+  let(:proxy_host) { "localhost" }
+  let(:proxy_port) { 80 }
+  let(:proxy_protocol) { "http" }
   let(:json_mapping) { "mymapping" }
   let(:delete_local) { false }
   let(:logger) { spy('logger') }
@@ -21,7 +24,7 @@ describe LogStash::Outputs::Kusto::Ingestor do
       # note that this will cause an internal error since connection is being tried.
       # however we still want to test that all the java stuff is working as expected
       expect { 
-        ingestor = described_class.new(ingest_url, app_id, app_key, app_tenant, database, table, json_mapping, delete_local, logger)
+        ingestor = described_class.new(ingest_url, app_id, app_key, app_tenant, database, table, json_mapping, delete_local, proxy_host, proxy_port,proxy_protocol, logger)
         ingestor.stop
       }.not_to raise_error
     end
@@ -32,7 +35,7 @@ describe LogStash::Outputs::Kusto::Ingestor do
       dynamic_name_array.each do |test_database|
         it "with database: #{test_database}" do
           expect {
-            ingestor = described_class.new(ingest_url, app_id, app_key, app_tenant, test_database, table, json_mapping, delete_local, logger)
+            ingestor = described_class.new(ingest_url, app_id, app_key, app_tenant, test_database, table, json_mapping, delete_local, proxy_host, proxy_port,proxy_protocol,logger)
             ingestor.stop
           }.to raise_error(LogStash::ConfigurationError)          
         end
@@ -43,7 +46,7 @@ describe LogStash::Outputs::Kusto::Ingestor do
       dynamic_name_array.each do |test_table|
         it "with database: #{test_table}" do
           expect {
-            ingestor = described_class.new(ingest_url, app_id, app_key, app_tenant, database, test_table, json_mapping, delete_local, logger)
+            ingestor = described_class.new(ingest_url, app_id, app_key, app_tenant, database, test_table, json_mapping, delete_local, proxy_host, proxy_port,proxy_protocol,logger)
             ingestor.stop
           }.to raise_error(LogStash::ConfigurationError)          
         end
@@ -51,16 +54,25 @@ describe LogStash::Outputs::Kusto::Ingestor do
     end
 
     context 'doesnt allow mapping to have some dynamic part' do
-      dynamic_name_array.each do |test_json_mapping|
-        it "with database: #{test_json_mapping}" do
+      dynamic_name_array.each do |json_mapping|
+        it "with database: #{json_mapping}" do
           expect {
-            ingestor = described_class.new(ingest_url, app_id, app_key, app_tenant, database, table, test_json_mapping, delete_local, logger)
+            ingestor = described_class.new(ingest_url, app_id, app_key, app_tenant, database, table, json_mapping, delete_local, proxy_host, proxy_port,proxy_protocol,logger)
             ingestor.stop
           }.to raise_error(LogStash::ConfigurationError)          
         end
       end
     end
 
+    context 'proxy protocol has to be http or https' do
+      it "with proxy protocol: socks" do
+        expect {
+          ingestor = described_class.new(ingest_url, app_id, app_key, app_tenant, database, table, json_mapping, delete_local, proxy_host, proxy_port,'socks',logger)
+          ingestor.stop
+        }.to raise_error(LogStash::ConfigurationError)          
+      end
+    end
+
   end
 
   # describe 'receiving events' do

data/spec/outputs/kusto_spec.rb

@@ -12,7 +12,10 @@ describe LogStash::Outputs::Kusto do
     "app_tenant" => "mytenant",
     "database" => "mydatabase",
     "table" => "mytable",
-    "json_mapping" => "mymapping"
+    "json_mapping" => "mymapping",
+    "proxy_host" => "localhost",
+    "proxy_port" => 3128,
+    "proxy_protocol" => "https"
   } }
 
   describe '#register' do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: logstash-output-kusto
 version: !ruby/object:Gem::Version
-  version: 1.0.4
+  version: 1.0.5
 platform: java
 authors:
 - Tamir Kamara
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-06-01 00:00:00.000000000 Z
+date: 2022-08-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -149,6 +149,7 @@ files:
 - Gemfile
 - LICENSE
 - README.md
+- SECURITY.md
 - lib/com/azure/azure-core-http-netty/1.11.1/azure-core-http-netty-1.11.1.jar
 - lib/com/azure/azure-core/1.21.0/azure-core-1.21.0.jar
 - lib/com/azure/azure-identity/1.3.7/azure-identity-1.3.7.jar
@@ -166,8 +167,8 @@ files:
 - lib/com/google/j2objc/j2objc-annotations/1.1/j2objc-annotations-1.1.jar
 - lib/com/microsoft/azure/azure-keyvault-core/1.2.4/azure-keyvault-core-1.2.4.jar
 - lib/com/microsoft/azure/azure-storage/8.6.6/azure-storage-8.6.6.jar
-- lib/com/microsoft/azure/kusto/kusto-data/3.1.1/kusto-data-3.1.1.jar
-- lib/com/microsoft/azure/kusto/kusto-ingest/3.1.1/kusto-ingest-3.1.1.jar
+- lib/com/microsoft/azure/kusto/kusto-data/3.1.3/kusto-data-3.1.3.jar
+- lib/com/microsoft/azure/kusto/kusto-ingest/3.1.3/kusto-ingest-3.1.3.jar
 - lib/com/microsoft/azure/msal4j-persistence-extension/1.1.0/msal4j-persistence-extension-1.1.0.jar
 - lib/com/microsoft/azure/msal4j/1.11.0/msal4j-1.11.0.jar
 - lib/com/nimbusds/content-type/2.1/content-type-2.1.jar
@@ -249,7 +250,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements:
-- jar 'com.microsoft.azure.kusto, kusto-ingest, 3.1.1'
+- jar 'com.microsoft.azure.kusto, kusto-ingest, 3.1.3'
 rubygems_version: 3.2.29
 signing_key:
 specification_version: 4