logstash-output-tcp 3.1.1 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/lib/logstash/outputs/tcp.rb +85 -4
- data/logstash-output-tcp.gemspec +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4389bec372bcd792d65085047d3e61e809062ace
|
4
|
+
data.tar.gz: 17a8ec05a14153a46f187a47fb88ae1b032692bb
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 45b25dac4c91cdf81bcdfb3cfc1129078d429f484f16bf2924388064168b935aed561e7243bdfb2a85a4808ee7ff73dce276c4c9854ce3f33c853fe51b4a3e9d
|
7
|
+
data.tar.gz: 350ce2abbc36f8d1b0291ecfd1c772da8494b12bfe27e0a209d8648151f4a4e2d84c3a47454d25eb43acbf61d15685cf26d28e58e18ed0c5807c707a608720fd
|
data/CHANGELOG.md
CHANGED
data/lib/logstash/outputs/tcp.rb
CHANGED
@@ -2,6 +2,7 @@
|
|
2
2
|
require "logstash/outputs/base"
|
3
3
|
require "logstash/namespace"
|
4
4
|
require "thread"
|
5
|
+
require "logstash/util/socket_peer"
|
5
6
|
|
6
7
|
# Write events over a TCP socket.
|
7
8
|
#
|
@@ -30,6 +31,33 @@ class LogStash::Outputs::Tcp < LogStash::Outputs::Base
|
|
30
31
|
# `client` connects to a server.
|
31
32
|
config :mode, :validate => ["server", "client"], :default => "client"
|
32
33
|
|
34
|
+
# Enable SSL (must be set for other `ssl_` options to take effect).
|
35
|
+
config :ssl_enable, :validate => :boolean, :default => false
|
36
|
+
|
37
|
+
# Verify the identity of the other end of the SSL connection against the CA.
|
38
|
+
# For input, sets the field `sslsubject` to that of the client certificate.
|
39
|
+
config :ssl_verify, :validate => :boolean, :default => false
|
40
|
+
|
41
|
+
# The SSL CA certificate, chainfile or CA path. The system CA path is automatically included.
|
42
|
+
config :ssl_cacert, :validate => :path
|
43
|
+
|
44
|
+
# SSL certificate path
|
45
|
+
config :ssl_cert, :validate => :path
|
46
|
+
|
47
|
+
# SSL key path
|
48
|
+
config :ssl_key, :validate => :path
|
49
|
+
|
50
|
+
# SSL key passphrase
|
51
|
+
config :ssl_key_passphrase, :validate => :password, :default => nil
|
52
|
+
|
53
|
+
# The format to use when writing events to the file. This value
|
54
|
+
# supports any string and can include `%{name}` and other dynamic
|
55
|
+
# strings.
|
56
|
+
#
|
57
|
+
# If this setting is omitted, the full json representation of the
|
58
|
+
# event will be written as a single line.
|
59
|
+
config :message_format, :validate => :string, :deprecated => true
|
60
|
+
|
33
61
|
class Client
|
34
62
|
public
|
35
63
|
def initialize(socket, logger)
|
@@ -57,25 +85,63 @@ class LogStash::Outputs::Tcp < LogStash::Outputs::Base
|
|
57
85
|
end # def write
|
58
86
|
end # class Client
|
59
87
|
|
88
|
+
private
|
89
|
+
def setup_ssl
|
90
|
+
require "openssl"
|
91
|
+
|
92
|
+
@ssl_context = OpenSSL::SSL::SSLContext.new
|
93
|
+
@ssl_context.cert = OpenSSL::X509::Certificate.new(File.read(@ssl_cert))
|
94
|
+
@ssl_context.key = OpenSSL::PKey::RSA.new(File.read(@ssl_key),@ssl_key_passphrase)
|
95
|
+
if @ssl_verify
|
96
|
+
@cert_store = OpenSSL::X509::Store.new
|
97
|
+
# Load the system default certificate path to the store
|
98
|
+
@cert_store.set_default_paths
|
99
|
+
if File.directory?(@ssl_cacert)
|
100
|
+
@cert_store.add_path(@ssl_cacert)
|
101
|
+
else
|
102
|
+
@cert_store.add_file(@ssl_cacert)
|
103
|
+
end
|
104
|
+
@ssl_context.cert_store = @cert_store
|
105
|
+
@ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER|OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
|
106
|
+
end
|
107
|
+
end # def setup_ssl
|
108
|
+
|
60
109
|
public
|
61
110
|
def register
|
62
111
|
require "socket"
|
63
112
|
require "stud/try"
|
113
|
+
if @ssl_enable
|
114
|
+
setup_ssl
|
115
|
+
end # @ssl_enable
|
116
|
+
|
64
117
|
if server?
|
65
118
|
workers_not_supported
|
66
119
|
|
67
120
|
@logger.info("Starting tcp output listener", :address => "#{@host}:#{@port}")
|
68
|
-
|
121
|
+
begin
|
122
|
+
@server_socket = TCPServer.new(@host, @port)
|
123
|
+
rescue Errno::EADDRINUSE
|
124
|
+
@logger.error("Could not start TCP server: Address in use",
|
125
|
+
:host => @host, :port => @port)
|
126
|
+
raise
|
127
|
+
end
|
128
|
+
if @ssl_enable
|
129
|
+
@server_socket = OpenSSL::SSL::SSLServer.new(@server_socket, @ssl_context)
|
130
|
+
end # @ssl_enable
|
69
131
|
@client_threads = []
|
70
132
|
|
71
133
|
@accept_thread = Thread.new(@server_socket) do |server_socket|
|
72
134
|
loop do
|
73
|
-
|
135
|
+
Thread.start(server_socket.accept) do |client_socket|
|
136
|
+
# monkeypatch a 'peer' method onto the socket.
|
137
|
+
client_socket.instance_eval { class << self; include ::LogStash::Util::SocketPeer end }
|
138
|
+
@logger.debug("Accepted connection", :client => client_socket.peer,
|
139
|
+
:server => "#{@host}:#{@port}")
|
74
140
|
client = Client.new(client_socket, @logger)
|
75
141
|
Thread.current[:client] = client
|
142
|
+
@client_threads << Thread.current
|
76
143
|
client.run
|
77
144
|
end
|
78
|
-
@client_threads << client_thread
|
79
145
|
end
|
80
146
|
end
|
81
147
|
|
@@ -113,7 +179,22 @@ class LogStash::Outputs::Tcp < LogStash::Outputs::Base
|
|
113
179
|
private
|
114
180
|
def connect
|
115
181
|
Stud::try do
|
116
|
-
|
182
|
+
client_socket = TCPSocket.new(@host, @port)
|
183
|
+
if @ssl_enable
|
184
|
+
client_socket = OpenSSL::SSL::SSLSocket.new(client_socket, @ssl_context)
|
185
|
+
begin
|
186
|
+
client_socket.connect
|
187
|
+
rescue OpenSSL::SSL::SSLError => ssle
|
188
|
+
@logger.error("SSL Error", :exception => ssle,
|
189
|
+
:backtrace => ssle.backtrace)
|
190
|
+
# NOTE(mrichar1): Hack to prevent hammering peer
|
191
|
+
sleep(5)
|
192
|
+
raise
|
193
|
+
end
|
194
|
+
end
|
195
|
+
client_socket.instance_eval { class << self; include ::LogStash::Util::SocketPeer end }
|
196
|
+
@logger.debug("Opened connection", :client => "#{client_socket.peer}")
|
197
|
+
return client_socket
|
117
198
|
end
|
118
199
|
end # def connect
|
119
200
|
|
data/logstash-output-tcp.gemspec
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
Gem::Specification.new do |s|
|
2
2
|
|
3
3
|
s.name = 'logstash-output-tcp'
|
4
|
-
s.version = '3.
|
4
|
+
s.version = '3.2.0'
|
5
5
|
s.licenses = ['Apache License (2.0)']
|
6
6
|
s.summary = "Write events over a TCP socket."
|
7
7
|
s.description = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: logstash-output-tcp
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Elastic
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-08-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
@@ -109,7 +109,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
109
109
|
version: '0'
|
110
110
|
requirements: []
|
111
111
|
rubyforge_project:
|
112
|
-
rubygems_version: 2.
|
112
|
+
rubygems_version: 2.4.8
|
113
113
|
signing_key:
|
114
114
|
specification_version: 4
|
115
115
|
summary: Write events over a TCP socket.
|