Logstash 配置:使用 Base 64 编码的 http 输出 headers
Logstash configuration: http output with Base 64 encoded headers
我将 Logstash 与文件输入和 Http 输出一起用于本地服务,该服务需要凭据 (username:password) 作为 Base64 encoded 值发送。下面是我的 Logstash 配置。目前我可以通过 headers 发送 Base 64 encoded 值,但是我正在寻找一种方法来将字符串(Logstash 通过环境变量可用)编码为 Base 64 encoded 字符串值。如果有人能对此有所了解,我们将不胜感激。
input {
file {
path => "/home/tom/testData/test2.log"
type => "log"
}
}
filter {
if [type] == "log" {
grok {
match => ["message", "%{TIMESTAMP_ISO8601:time} %{LOG:level} %{GREEDYDATA:lmessage}"]
}
ruby {
code => "require 'base64';
event['pass'] = Base64.encode64('User:Pwd')"
}
}
}
output {
stdout { codec => rubydebug }
http {
http_method => "post"
url => "http://10.1.2.3:1123/HomeService?User=Tom"
format => "message"
headers => {"Authorization" => "Basic %{pass}"}
content_type => "application/json"
message => '{"Outer": { "Inner": [ {"doc": { "Timestamp": "%{time}", "Single": "%{level}","Double": "%{lmessage}" } } ] } }'
}
}
您可以从环境中提取一些东西,然后像这样对其进行 base64 编码:
ruby {
code => "
require 'base64';
event['password'] = Base64.encode64(ENV['USER_PASS']).sub(/\n/,'')
"
}
然后使用它:
export USER_PASS="dog:cat"
echo '{"test":1}' | bin/logstash agent -f logstash.conf
使用这样的配置文件:
input {
stdin { codec => json }
}
filter {
ruby {
code => "
require 'base64';
event['password'] = Base64.encode64(ENV['USER_PASS'])
"
}
}
output {
stdout { codec => rubydebug }
http {
http_method => "post"
url => "http://localhost:1123"
format => "message"
headers => {"Authorization" => "Basic %{password}"}
content_type => "application/json"
message => '{"whatever": 1 }'
}
}
您可以通过 运行 nc -l 1123 看到它做了正确的事情并看到:
POST HTTP/1.1
host: localhost
connection: keep-alive
authorization: Basic ZG9nOmNhdA==
content-type: application/json
content-length: 15
{"whatever": 1}
哪个是正确的值:
echo ZG9nOmNhdA== | base64 -D
dog:cat
我将 Logstash 与文件输入和 Http 输出一起用于本地服务,该服务需要凭据 (username:password) 作为 Base64 encoded 值发送。下面是我的 Logstash 配置。目前我可以通过 headers 发送 Base 64 encoded 值,但是我正在寻找一种方法来将字符串(Logstash 通过环境变量可用)编码为 Base 64 encoded 字符串值。如果有人能对此有所了解,我们将不胜感激。
input {
file {
path => "/home/tom/testData/test2.log"
type => "log"
}
}
filter {
if [type] == "log" {
grok {
match => ["message", "%{TIMESTAMP_ISO8601:time} %{LOG:level} %{GREEDYDATA:lmessage}"]
}
ruby {
code => "require 'base64';
event['pass'] = Base64.encode64('User:Pwd')"
}
}
}
output {
stdout { codec => rubydebug }
http {
http_method => "post"
url => "http://10.1.2.3:1123/HomeService?User=Tom"
format => "message"
headers => {"Authorization" => "Basic %{pass}"}
content_type => "application/json"
message => '{"Outer": { "Inner": [ {"doc": { "Timestamp": "%{time}", "Single": "%{level}","Double": "%{lmessage}" } } ] } }'
}
}
您可以从环境中提取一些东西,然后像这样对其进行 base64 编码:
ruby {
code => "
require 'base64';
event['password'] = Base64.encode64(ENV['USER_PASS']).sub(/\n/,'')
"
}
然后使用它:
export USER_PASS="dog:cat"
echo '{"test":1}' | bin/logstash agent -f logstash.conf
使用这样的配置文件:
input {
stdin { codec => json }
}
filter {
ruby {
code => "
require 'base64';
event['password'] = Base64.encode64(ENV['USER_PASS'])
"
}
}
output {
stdout { codec => rubydebug }
http {
http_method => "post"
url => "http://localhost:1123"
format => "message"
headers => {"Authorization" => "Basic %{password}"}
content_type => "application/json"
message => '{"whatever": 1 }'
}
}
您可以通过 运行 nc -l 1123 看到它做了正确的事情并看到:
POST HTTP/1.1
host: localhost
connection: keep-alive
authorization: Basic ZG9nOmNhdA==
content-type: application/json
content-length: 15
{"whatever": 1}
哪个是正确的值:
echo ZG9nOmNhdA== | base64 -D
dog:cat