logstash-output-scalyr 0.2.6 → 0.2.7.beta
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/README.md +12 -25
- data/lib/logstash/outputs/scalyr.rb +13 -8
- data/lib/scalyr/common/client.rb +7 -37
- data/lib/scalyr/constants.rb +6 -7
- data/logstash-output-scalyr.gemspec +1 -1
- data/spec/logstash/outputs/fixtures/example_com.pem +41 -0
- data/spec/logstash/outputs/scalyr_integration_spec.rb +44 -63
- metadata +6 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: '098686f8c748dbe1d02cec87e92aa49df5db05049ff0d87ccd6fbb6271ccd797'
|
4
|
+
data.tar.gz: '0073297594f936703190252584559ae60cd81a7b3807f1b2685b6966fece5610'
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 507ddc7c825ae4612907c4ad451597bf516732b389b5a628598f8eec12e8cdc1f7c4b5b71533803665d1fd18b3fce43a0aa3989729192eea26b2948273f9d267
|
7
|
+
data.tar.gz: 310a452e0df0b74081a061030322b3f2a013bad233ba99b424fcea428af336f86370cb76bda62c06c5edcbee81731e5a498e137daf4f7d42a843ef988a8664df
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,15 @@
|
|
1
1
|
# Beta
|
2
2
|
|
3
|
+
## 0.2.7.beta
|
4
|
+
|
5
|
+
* SSL cert validation code has been simplified. Now ``ssl_ca_bundle_path`` config option
|
6
|
+
defaults to the CA bundle path which is vendored / bundled with the RubyGem and includes CA
|
7
|
+
certs of the authorities which are used for DataSet API endpoint certificates.
|
8
|
+
|
9
|
+
In addition to that, ``append_builtin_cert`` config option has been removed and the code now
|
10
|
+
throws error in case invalid / inexistent path is specified for the ``ssl_ca_bundle_path``
|
11
|
+
config option - this represents a fatal config error.
|
12
|
+
|
3
13
|
## 0.2.6.beta, 0.2.6
|
4
14
|
|
5
15
|
* Update default value of ``ssl_ca_bundle_path`` config option to
|
data/README.md
CHANGED
@@ -132,42 +132,23 @@ set on the event object to prevent API from rejecting an invalid request.
|
|
132
132
|
|
133
133
|
## Note On Server SSL Certificate Validation
|
134
134
|
|
135
|
-
By default when validating DataSet endpoint server SSL certificate, logstash
|
136
|
-
|
137
|
-
of
|
138
|
-
to issue / sign server certificates used by the DataSet API endpoint.
|
135
|
+
By default when validating DataSet endpoint server SSL certificate, logstash uses CA certificate
|
136
|
+
bundles which is vendored / bundled with the RubyGem / plugin. This bundle includes CA certificate
|
137
|
+
files of authoried which are used to issue DataSet API endpoint certificates.
|
139
138
|
|
140
|
-
|
141
|
-
|
139
|
+
If you want to use system CA bundle, you should update ``ssl_ca_bundle_path`` to system CA bundle
|
140
|
+
path (e.g. ``/etc/ssl/certs/ca-certificates.crt``), as shown in the example below:
|
142
141
|
|
143
142
|
```
|
144
143
|
output {
|
145
144
|
scalyr {
|
146
145
|
api_write_token => 'SCALYR_API_KEY'
|
147
146
|
...
|
148
|
-
# You only need to set this config option in case default CA bundle path on your system is
|
149
|
-
# different
|
150
147
|
ssl_ca_bundle_path => "/etc/ssl/certs/ca-certificates.crt"
|
151
|
-
append_builtin_cert => false
|
152
148
|
}
|
153
149
|
}
|
154
150
|
```
|
155
151
|
|
156
|
-
In case you want to use only root CA certs which are bundled with the plugin (not use system CA
|
157
|
-
certs bundle), you can do that by using the following config options:
|
158
|
-
|
159
|
-
```
|
160
|
-
output {
|
161
|
-
scalyr {
|
162
|
-
api_write_token => 'SCALYR_API_KEY'
|
163
|
-
...
|
164
|
-
# You only need to set this config option in case default CA bundle path on your system is
|
165
|
-
# different
|
166
|
-
ssl_ca_bundle_path => nil
|
167
|
-
append_builtin_cert => true
|
168
|
-
}
|
169
|
-
}
|
170
|
-
```
|
171
152
|
|
172
153
|
## Options
|
173
154
|
|
@@ -185,7 +166,7 @@ output {
|
|
185
166
|
|
186
167
|
- Path to SSL CA bundle file which is used to verify the server certificate.
|
187
168
|
|
188
|
-
`config :ssl_ca_bundle_path, :validate => :string, :default =>
|
169
|
+
`config :ssl_ca_bundle_path, :validate => :string, :default => CA_CERTS_PATH`
|
189
170
|
|
190
171
|
If for some reason you need to disable server cert validation (you are strongly recommended to
|
191
172
|
not disable it unless specifically instructed to do so or have a valid reason for it), you can do
|
@@ -460,6 +441,12 @@ Or to run a single test function defined on line XXX
|
|
460
441
|
bundle exec rspec spec/scalyr/common/util_spec.rb:XXX
|
461
442
|
```
|
462
443
|
|
444
|
+
Or using more verbose output mode:
|
445
|
+
|
446
|
+
```bash
|
447
|
+
bundle exec rspec -fd spec/scalyr/common/util_spec.rb
|
448
|
+
```
|
449
|
+
|
463
450
|
## Instrumentation and metrics
|
464
451
|
|
465
452
|
By default, plugin logs a special line with metrics to Scalyr every 5 minutes. This line contains
|
@@ -133,13 +133,14 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
133
133
|
# Whether or not to verify the connection to Scalyr, only set to false for debugging.
|
134
134
|
config :ssl_verify_peer, :validate => :boolean, :default => true
|
135
135
|
|
136
|
-
# Path to SSL bundle file.
|
137
|
-
#
|
138
|
-
#
|
139
|
-
|
136
|
+
# Path to SSL bundle file used to validate remote / server SSL certificate. By default, path to
|
137
|
+
# the CA bundled which is vendored / bundled with the RubyGem is used.
|
138
|
+
# If user has a specific reason to change this value (e.g. to a system ca bundle such as
|
139
|
+
# /etc/ssl/certs/ca-certificates.crt, they can update this option).
|
140
|
+
config :ssl_ca_bundle_path, :validate => :string, :default => CA_CERTS_PATH
|
140
141
|
|
141
|
-
#
|
142
|
-
config :append_builtin_cert, :validate => :boolean, :default =>
|
142
|
+
# Unused since v0.2.7, left here for backward compatibility reasons
|
143
|
+
config :append_builtin_cert, :validate => :boolean, :default => false
|
143
144
|
|
144
145
|
config :max_request_buffer, :validate => :number, :default => 5500000 # echee TODO: eliminate?
|
145
146
|
config :force_message_encoding, :validate => :string, :default => nil
|
@@ -261,6 +262,10 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
261
262
|
end
|
262
263
|
end
|
263
264
|
|
265
|
+
if not @append_builtin_cert.nil?
|
266
|
+
@logger.warn "append_builtin_cert config option has been deprecated and is unused in versions 0.2.7 and above"
|
267
|
+
end
|
268
|
+
|
264
269
|
@dlq_writer = dlq_enabled? ? execution_context.dlq_writer : nil
|
265
270
|
|
266
271
|
@message_encoding = nil
|
@@ -352,7 +357,7 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
352
357
|
@running = true
|
353
358
|
@client_session = Scalyr::Common::Client::ClientSession.new(
|
354
359
|
@logger, @add_events_uri,
|
355
|
-
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
360
|
+
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
356
361
|
@record_stats_for_status, @flush_quantile_estimates_on_status_send,
|
357
362
|
@http_connect_timeout, @http_socket_timeout, @http_request_timeout, @http_pool_max, @http_pool_max_per_route
|
358
363
|
)
|
@@ -378,7 +383,7 @@ class LogStash::Outputs::Scalyr < LogStash::Outputs::Base
|
|
378
383
|
# This way we don't need to keep idle long running connection open.
|
379
384
|
initial_send_status_client_session = Scalyr::Common::Client::ClientSession.new(
|
380
385
|
@logger, @add_events_uri,
|
381
|
-
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
386
|
+
@compression_type, @compression_level, @ssl_verify_peer, @ssl_ca_bundle_path,
|
382
387
|
@record_stats_for_status, @flush_quantile_estimates_on_status_send,
|
383
388
|
@http_connect_timeout, @http_socket_timeout, @http_request_timeout, @http_pool_max, @http_pool_max_per_route
|
384
389
|
)
|
data/lib/scalyr/common/client.rb
CHANGED
@@ -57,7 +57,7 @@ end
|
|
57
57
|
class ClientSession
|
58
58
|
|
59
59
|
def initialize(logger, add_events_uri, compression_type, compression_level,
|
60
|
-
ssl_verify_peer, ssl_ca_bundle_path,
|
60
|
+
ssl_verify_peer, ssl_ca_bundle_path,
|
61
61
|
record_stats_for_status, flush_quantile_estimates_on_status_send,
|
62
62
|
connect_timeout, socket_timeout, request_timeout, pool_max, pool_max_per_route)
|
63
63
|
@logger = logger
|
@@ -66,7 +66,6 @@ class ClientSession
|
|
66
66
|
@compression_level = compression_level
|
67
67
|
@ssl_verify_peer = ssl_verify_peer
|
68
68
|
@ssl_ca_bundle_path = ssl_ca_bundle_path
|
69
|
-
@append_builtin_cert = append_builtin_cert
|
70
69
|
@record_stats_for_status = record_stats_for_status
|
71
70
|
@flush_quantile_estimates_on_status_send = flush_quantile_estimates_on_status_send
|
72
71
|
@connect_timeout = connect_timeout
|
@@ -75,9 +74,6 @@ class ClientSession
|
|
75
74
|
@pool_max = pool_max
|
76
75
|
@pool_max_per_route = pool_max_per_route
|
77
76
|
|
78
|
-
# A cert to use by default to avoid issues caused by the OpenSSL library not validating certs according to standard
|
79
|
-
@cert_string = CA_CERT_STRING
|
80
|
-
|
81
77
|
# Request statistics are accumulated across multiple threads and must be accessed through a mutex
|
82
78
|
@stats_lock = Mutex.new
|
83
79
|
@latency_stats = get_new_latency_stats
|
@@ -120,41 +116,15 @@ class ClientSession
|
|
120
116
|
# verify peers to prevent potential MITM attacks
|
121
117
|
if @ssl_verify_peer
|
122
118
|
c[:ssl][:verify] = :strict
|
119
|
+
@logger.info("Using CA bundle from #{@ssl_ca_bundle_path} to validate the server side certificate")
|
123
120
|
|
124
|
-
if not @
|
125
|
-
|
126
|
-
@logger.info("Using CA bundle from #{@ssl_ca_bundle_path} to validate the server side certificate")
|
127
|
-
@ca_cert_path = @ssl_ca_bundle_path
|
128
|
-
|
129
|
-
if not File.file?(@ssl_ca_bundle_path)
|
130
|
-
# TODO: For now we don't throw to keep code backward compatible. In the future in case
|
131
|
-
# file doesn't exist, we should throw instead of write empty CA cert file and pass that
|
132
|
-
# to Manticore which will eventually fail and throw on cert validation
|
133
|
-
#raise Errno::ENOENT.new("ssl_ca_bundle_path config option to an invalid file path which doesn't exist - #{@ssl_ca_bundle_path}")
|
134
|
-
@ca_cert = Tempfile.new("ca_cert")
|
135
|
-
@ca_cert_path = @ca_cert.path
|
136
|
-
end
|
137
|
-
else
|
138
|
-
@ca_cert = Tempfile.new("ca_cert")
|
139
|
-
|
140
|
-
if File.file?(@ssl_ca_bundle_path)
|
141
|
-
@ca_cert.write(File.read(@ssl_ca_bundle_path))
|
142
|
-
@ca_cert.flush
|
143
|
-
else
|
144
|
-
@logger.warn("CA bundle (#{@ssl_ca_bundle_path}) doesn't exist, using only bundled CA certificates")
|
145
|
-
end
|
146
|
-
|
147
|
-
open(@ca_cert.path, "a") do |f|
|
148
|
-
f.puts @cert_string
|
149
|
-
end
|
150
|
-
|
151
|
-
@ca_cert.flush
|
152
|
-
@ca_cert_path = @ca_cert.path
|
153
|
-
|
154
|
-
@logger.info("Using CA bundle from #{@ssl_ca_bundle_path} combined with bundled certificates to validate the server side certificate (#{@ca_cert_path})")
|
121
|
+
if not File.file?(@ssl_ca_bundle_path)
|
122
|
+
raise Errno::ENOENT.new("Invalid path for ssl_ca_bundle_path config option - file doesn't exist or is not readable")
|
155
123
|
end
|
156
|
-
|
124
|
+
|
125
|
+
c[:ssl][:ca_file] = @ssl_ca_bundle_path
|
157
126
|
else
|
127
|
+
@logger.warn("SSL certificate validation has been disabled. You are strongly encouraged to enable it to prevent possible MITM and similar attacks.")
|
158
128
|
c[:ssl][:verify] = :disable
|
159
129
|
end
|
160
130
|
|
data/lib/scalyr/constants.rb
CHANGED
@@ -1,15 +1,14 @@
|
|
1
1
|
# encoding: utf-8
|
2
2
|
|
3
|
-
PLUGIN_VERSION = "v0.2.
|
3
|
+
PLUGIN_VERSION = "v0.2.7.beta"
|
4
4
|
|
5
5
|
# Special event level attribute name which can be used for setting event level serverHost attribute
|
6
6
|
EVENT_LEVEL_SERVER_HOST_ATTRIBUTE_NAME = '__origServerHost'
|
7
7
|
|
8
8
|
# Path to the bundled root CA certs used to sign server cert
|
9
|
-
|
9
|
+
CA_CERTS_PATH = File.expand_path(File.join(File.dirname(__FILE__), + "/certs/ca_certs.crt"))
|
10
10
|
|
11
|
-
#
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
CA_CERT_STRING = File.read(CA_CERT_PATH)
|
11
|
+
# Additional check on import to catch this issue early (in case of a invalid path or similar)
|
12
|
+
if not File.file?(CA_CERTS_PATH)
|
13
|
+
raise Errno::ENOENT.new("Invalid path specified for CA_CERTS_PATH module constant (likely a developer error).")
|
14
|
+
end
|
@@ -1,6 +1,6 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
s.name = 'logstash-output-scalyr'
|
3
|
-
s.version = '0.2.
|
3
|
+
s.version = '0.2.7.beta'
|
4
4
|
s.licenses = ['Apache-2.0']
|
5
5
|
s.summary = "Scalyr output plugin for Logstash"
|
6
6
|
s.description = "Sends log data collected by Logstash to Scalyr (https://www.scalyr.com)"
|
@@ -0,0 +1,41 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIIHQDCCBiigAwIBAgIQD9B43Ujxor1NDyupa2A4/jANBgkqhkiG9w0BAQsFADBN
|
3
|
+
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E
|
4
|
+
aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgxMTI4MDAwMDAwWhcN
|
5
|
+
MjAxMjAyMTIwMDAwWjCBpTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
|
6
|
+
aWExFDASBgNVBAcTC0xvcyBBbmdlbGVzMTwwOgYDVQQKEzNJbnRlcm5ldCBDb3Jw
|
7
|
+
b3JhdGlvbiBmb3IgQXNzaWduZWQgTmFtZXMgYW5kIE51bWJlcnMxEzARBgNVBAsT
|
8
|
+
ClRlY2hub2xvZ3kxGDAWBgNVBAMTD3d3dy5leGFtcGxlLm9yZzCCASIwDQYJKoZI
|
9
|
+
hvcNAQEBBQADggEPADCCAQoCggEBANDwEnSgliByCGUZElpdStA6jGaPoCkrp9vV
|
10
|
+
rAzPpXGSFUIVsAeSdjF11yeOTVBqddF7U14nqu3rpGA68o5FGGtFM1yFEaogEv5g
|
11
|
+
rJ1MRY/d0w4+dw8JwoVlNMci+3QTuUKf9yH28JxEdG3J37Mfj2C3cREGkGNBnY80
|
12
|
+
eyRJRqzy8I0LSPTTkhr3okXuzOXXg38ugr1x3SgZWDNuEaE6oGpyYJIBWZ9jF3pJ
|
13
|
+
QnucP9vTBejMh374qvyd0QVQq3WxHrogy4nUbWw3gihMxT98wRD1oKVma1NTydvt
|
14
|
+
hcNtBfhkp8kO64/hxLHrLWgOFT/l4tz8IWQt7mkrBHjbd2XLVPkCAwEAAaOCA8Ew
|
15
|
+
ggO9MB8GA1UdIwQYMBaAFA+AYRyCMWHVLyjnjUY4tCzhxtniMB0GA1UdDgQWBBRm
|
16
|
+
mGIC4AmRp9njNvt2xrC/oW2nvjCBgQYDVR0RBHoweIIPd3d3LmV4YW1wbGUub3Jn
|
17
|
+
ggtleGFtcGxlLmNvbYILZXhhbXBsZS5lZHWCC2V4YW1wbGUubmV0ggtleGFtcGxl
|
18
|
+
Lm9yZ4IPd3d3LmV4YW1wbGUuY29tgg93d3cuZXhhbXBsZS5lZHWCD3d3dy5leGFt
|
19
|
+
cGxlLm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
|
20
|
+
AQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv
|
21
|
+
bS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5j
|
22
|
+
b20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBATAqMCgG
|
23
|
+
CCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAEC
|
24
|
+
AjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2lj
|
25
|
+
ZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29t
|
26
|
+
L0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMIIB
|
27
|
+
fwYKKwYBBAHWeQIEAgSCAW8EggFrAWkAdwCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb
|
28
|
+
37jjd80OyA3cEAAAAWdcMZVGAAAEAwBIMEYCIQCEZIG3IR36Gkj1dq5L6EaGVycX
|
29
|
+
sHvpO7dKV0JsooTEbAIhALuTtf4wxGTkFkx8blhTV+7sf6pFT78ORo7+cP39jkJC
|
30
|
+
AHYAh3W/51l8+IxDmV+9827/Vo1HVjb/SrVgwbTq/16ggw8AAAFnXDGWFQAABAMA
|
31
|
+
RzBFAiBvqnfSHKeUwGMtLrOG3UGLQIoaL3+uZsGTX3MfSJNQEQIhANL5nUiGBR6g
|
32
|
+
l0QlCzzqzvorGXyB/yd7nttYttzo8EpOAHYAb1N2rDHwMRnYmQCkURX/dxUcEdkC
|
33
|
+
wQApBo2yCJo32RMAAAFnXDGWnAAABAMARzBFAiEA5Hn7Q4SOyqHkT+kDsHq7ku7z
|
34
|
+
RDuM7P4UDX2ft2Mpny0CIE13WtxJAUr0aASFYZ/XjSAMMfrB0/RxClvWVss9LHKM
|
35
|
+
MA0GCSqGSIb3DQEBCwUAA4IBAQBzcIXvQEGnakPVeJx7VUjmvGuZhrr7DQOLeP4R
|
36
|
+
8CmgDM1pFAvGBHiyzvCH1QGdxFl6cf7wbp7BoLCRLR/qPVXFMwUMzcE1GLBqaGZM
|
37
|
+
v1Yh2lvZSLmMNSGRXdx113pGLCInpm/TOhfrvr0TxRImc8BdozWJavsn1N2qdHQu
|
38
|
+
N+UBO6bQMLCD0KHEdSGFsuX6ZwAworxTg02/1qiDu7zW7RyzHvFYA4IAjpzvkPIa
|
39
|
+
X6KjBtpdvp/aXabmL95YgBjT8WJ7pqOfrqhpcmOBZa6Cg6O1l4qbIFH/Gj9hQB5I
|
40
|
+
0Gs4+eH6F9h3SojmPTYkT+8KuZ9w84Mn+M8qBXUQoYoKgIjN
|
41
|
+
-----END CERTIFICATE-----
|
@@ -10,6 +10,8 @@ require 'webmock/rspec'
|
|
10
10
|
gem 'json', '1.8.6'
|
11
11
|
require 'json'
|
12
12
|
|
13
|
+
EXAMPLE_COME_CA_CERTS_PATH = File.expand_path(File.join(File.dirname(__FILE__), + "/fixtures/example_com.pem"))
|
14
|
+
|
13
15
|
WebMock.allow_net_connect!
|
14
16
|
|
15
17
|
RSpec.configure do |rspec|
|
@@ -64,50 +66,35 @@ describe LogStash::Outputs::Scalyr do
|
|
64
66
|
end
|
65
67
|
end
|
66
68
|
|
67
|
-
context "when pointing at
|
68
|
-
it "throws an
|
69
|
+
context "when pointing at an invalid location (doesnt exist) without any valid certs" do
|
70
|
+
it "throws an Errno::ENOENT error" do
|
69
71
|
plugin = LogStash::Outputs::Scalyr.new({
|
70
72
|
'api_write_token' => '1234',
|
71
73
|
'perform_connectivity_check' => false,
|
72
74
|
'ssl_ca_bundle_path' => '/fakepath/nocerts',
|
73
|
-
'append_builtin_cert' => false,
|
74
75
|
'max_retries' => 2,
|
75
76
|
'retry_max_interval' => 2,
|
76
77
|
'retry_initial_interval' => 0.2,
|
77
78
|
})
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
expect(plugin.instance_variable_get(:@logger)).to have_received(:warn).with("Error uploading to Scalyr (will backoff-retry)",
|
83
|
-
{
|
84
|
-
:error_class=>"Manticore::UnknownException",
|
85
|
-
:batch_num=>1,
|
86
|
-
:message=>"Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty",
|
87
|
-
#:message=>"java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty",
|
88
|
-
:payload_size=>737,
|
89
|
-
:record_count=>3,
|
90
|
-
:total_batches=>1,
|
91
|
-
:url=>"https://agent.scalyr.com/addEvents",
|
92
|
-
:will_retry_in_seconds=>0.4
|
93
|
-
}
|
94
|
-
)
|
79
|
+
|
80
|
+
expect {
|
81
|
+
plugin.register
|
82
|
+
}.to raise_error(Errno::ENOENT, /Invalid path for ssl_ca_bundle_path config option - file doesn't exist or is not readable/)
|
95
83
|
end
|
96
84
|
end
|
97
85
|
|
98
|
-
context "when
|
86
|
+
context "when pointing to an empty certs file" do
|
99
87
|
it "throws an SSLError" do
|
100
|
-
|
101
|
-
`sudo mv #{OpenSSL::X509::DEFAULT_CERT_DIR} /tmp/system_certs`
|
88
|
+
temp_file = file = Tempfile.new('emot_certs_file')
|
102
89
|
|
103
90
|
begin
|
104
91
|
plugin = LogStash::Outputs::Scalyr.new({
|
105
92
|
'api_write_token' => '1234',
|
106
93
|
'perform_connectivity_check' => false,
|
107
|
-
'append_builtin_cert' => false,
|
108
94
|
'max_retries' => 2,
|
109
95
|
'retry_max_interval' => 2,
|
110
96
|
'retry_initial_interval' => 0.2,
|
97
|
+
'ssl_ca_bundle_path' => temp_file.path
|
111
98
|
})
|
112
99
|
plugin.register
|
113
100
|
plugin.instance_variable_set(:@running, false)
|
@@ -127,9 +114,8 @@ describe LogStash::Outputs::Scalyr do
|
|
127
114
|
}
|
128
115
|
)
|
129
116
|
end
|
130
|
-
|
131
|
-
|
132
|
-
`sudo mv /tmp/system_cert.pem #{OpenSSL::X509::DEFAULT_CERT_FILE}`
|
117
|
+
ensure
|
118
|
+
temp_file.unlink
|
133
119
|
end
|
134
120
|
end
|
135
121
|
|
@@ -180,23 +166,22 @@ describe LogStash::Outputs::Scalyr do
|
|
180
166
|
end
|
181
167
|
end
|
182
168
|
|
183
|
-
context "when an error occurs with retries at 15" do
|
184
|
-
it "exits after
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
end
|
169
|
+
context "when an error occurs with retries at 15 and invalid example_com cert" do
|
170
|
+
it "exits after 15 retries and emits a log" do
|
171
|
+
plugin = LogStash::Outputs::Scalyr.new({
|
172
|
+
'api_write_token' => '1234',
|
173
|
+
'perform_connectivity_check' => false,
|
174
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
175
|
+
'max_retries' => 15,
|
176
|
+
'retry_max_interval' => 0.2,
|
177
|
+
'retry_initial_interval' => 0.1,
|
178
|
+
})
|
179
|
+
plugin.register
|
180
|
+
allow(plugin.instance_variable_get(:@logger)).to receive(:error)
|
181
|
+
plugin.multi_receive(sample_events)
|
182
|
+
expect(plugin.instance_variable_get(:@logger)).to have_received(:error).with("Failed to send 3 events after 15 tries.", anything
|
183
|
+
)
|
184
|
+
end
|
200
185
|
end
|
201
186
|
end
|
202
187
|
|
@@ -209,11 +194,10 @@ describe LogStash::Outputs::Scalyr do
|
|
209
194
|
plugin = LogStash::Outputs::Scalyr.new({
|
210
195
|
'api_write_token' => '1234',
|
211
196
|
'perform_connectivity_check' => false,
|
212
|
-
'ssl_ca_bundle_path' =>
|
213
|
-
'append_builtin_cert' => false,
|
197
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
214
198
|
'max_retries' => 2,
|
215
|
-
'retry_max_interval' => 2,
|
216
|
-
'retry_initial_interval' => 0.
|
199
|
+
'retry_max_interval' => 0.2,
|
200
|
+
'retry_initial_interval' => 0.1,
|
217
201
|
})
|
218
202
|
plugin.register
|
219
203
|
plugin.instance_variable_set(:@running, false)
|
@@ -230,7 +214,7 @@ describe LogStash::Outputs::Scalyr do
|
|
230
214
|
:record_count=>3,
|
231
215
|
:total_batches=>1,
|
232
216
|
:url=>"https://agent.scalyr.com/addEvents",
|
233
|
-
:will_retry_in_seconds=>0.
|
217
|
+
:will_retry_in_seconds=>0.2,
|
234
218
|
:body=>"stubbed response"
|
235
219
|
}
|
236
220
|
)
|
@@ -245,11 +229,10 @@ describe LogStash::Outputs::Scalyr do
|
|
245
229
|
plugin = LogStash::Outputs::Scalyr.new({
|
246
230
|
'api_write_token' => '1234',
|
247
231
|
'perform_connectivity_check' => false,
|
248
|
-
'ssl_ca_bundle_path' =>
|
249
|
-
'append_builtin_cert' => false,
|
232
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
250
233
|
'max_retries' => 2,
|
251
|
-
'retry_max_interval' => 2,
|
252
|
-
'retry_initial_interval' => 0.
|
234
|
+
'retry_max_interval' => 0.2,
|
235
|
+
'retry_initial_interval' => 0.1,
|
253
236
|
})
|
254
237
|
plugin.register
|
255
238
|
plugin.instance_variable_set(:@running, false)
|
@@ -266,7 +249,7 @@ describe LogStash::Outputs::Scalyr do
|
|
266
249
|
:record_count=>3,
|
267
250
|
:total_batches=>1,
|
268
251
|
:url=>"https://agent.scalyr.com/addEvents",
|
269
|
-
:will_retry_in_seconds=>0.
|
252
|
+
:will_retry_in_seconds=>0.2,
|
270
253
|
:body=>"stubbed response"
|
271
254
|
}
|
272
255
|
)
|
@@ -281,11 +264,10 @@ describe LogStash::Outputs::Scalyr do
|
|
281
264
|
plugin = LogStash::Outputs::Scalyr.new({
|
282
265
|
'api_write_token' => '1234',
|
283
266
|
'perform_connectivity_check' => false,
|
284
|
-
'ssl_ca_bundle_path' =>
|
285
|
-
'append_builtin_cert' => false,
|
267
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
286
268
|
'max_retries' => 2,
|
287
|
-
'retry_max_interval' => 2,
|
288
|
-
'retry_initial_interval' => 0.
|
269
|
+
'retry_max_interval' => 0.2,
|
270
|
+
'retry_initial_interval' => 0.1,
|
289
271
|
})
|
290
272
|
plugin.register
|
291
273
|
plugin.instance_variable_set(:@running, false)
|
@@ -302,7 +284,7 @@ describe LogStash::Outputs::Scalyr do
|
|
302
284
|
:record_count=>3,
|
303
285
|
:total_batches=>1,
|
304
286
|
:url=>"https://agent.scalyr.com/addEvents",
|
305
|
-
:will_retry_in_seconds=>0.
|
287
|
+
:will_retry_in_seconds=>0.2,
|
306
288
|
:body=>("0123456789" * 50) + "012345678..."
|
307
289
|
}
|
308
290
|
)
|
@@ -318,11 +300,10 @@ describe LogStash::Outputs::Scalyr do
|
|
318
300
|
plugin = LogStash::Outputs::Scalyr.new({
|
319
301
|
'api_write_token' => '1234',
|
320
302
|
'perform_connectivity_check' => false,
|
321
|
-
'ssl_ca_bundle_path' =>
|
322
|
-
'append_builtin_cert' => false,
|
303
|
+
'ssl_ca_bundle_path' => EXAMPLE_COME_CA_CERTS_PATH,
|
323
304
|
'max_retries' => 2,
|
324
|
-
'retry_max_interval' => 2,
|
325
|
-
'retry_initial_interval' => 0.
|
305
|
+
'retry_max_interval' => 0.2,
|
306
|
+
'retry_initial_interval' => 0.1,
|
326
307
|
})
|
327
308
|
plugin.register
|
328
309
|
plugin.instance_variable_set(:@running, false)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-output-scalyr
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.7.beta
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Edward Chee
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-08-
|
11
|
+
date: 2022-08-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -171,6 +171,7 @@ files:
|
|
171
171
|
- spec/benchmarks/metrics_overhead.rb
|
172
172
|
- spec/benchmarks/set_session_level_serverhost_on_events.rb
|
173
173
|
- spec/benchmarks/util.rb
|
174
|
+
- spec/logstash/outputs/fixtures/example_com.pem
|
174
175
|
- spec/logstash/outputs/scalyr_integration_spec.rb
|
175
176
|
- spec/logstash/outputs/scalyr_spec.rb
|
176
177
|
- spec/scalyr/common/util_spec.rb
|
@@ -191,9 +192,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
191
192
|
version: '0'
|
192
193
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
193
194
|
requirements:
|
194
|
-
- - "
|
195
|
+
- - ">"
|
195
196
|
- !ruby/object:Gem::Version
|
196
|
-
version:
|
197
|
+
version: 1.3.1
|
197
198
|
requirements: []
|
198
199
|
rubyforge_project:
|
199
200
|
rubygems_version: 2.7.10
|
@@ -207,6 +208,7 @@ test_files:
|
|
207
208
|
- spec/benchmarks/metrics_overhead.rb
|
208
209
|
- spec/benchmarks/set_session_level_serverhost_on_events.rb
|
209
210
|
- spec/benchmarks/util.rb
|
211
|
+
- spec/logstash/outputs/fixtures/example_com.pem
|
210
212
|
- spec/logstash/outputs/scalyr_integration_spec.rb
|
211
213
|
- spec/logstash/outputs/scalyr_spec.rb
|
212
214
|
- spec/scalyr/common/util_spec.rb
|