Class: LogStash::Inputs::Beats

Inherits:

Base

• Object
• Base
• LogStash::Inputs::Beats

Defined in:

lib/logstash/inputs/beats/tls.rb,
lib/logstash/inputs/beats/message_listener.rb,
lib/logstash/inputs/beats/raw_event_transform.rb,
lib/logstash/inputs/beats/event_transform_common.rb,
lib/logstash/inputs/beats/codec_callback_listener.rb,
lib/logstash/inputs/beats/decoded_event_transform.rb,
lib/logstash/inputs/beats.rb

Defined Under Namespace

Classes: CodecCallbackListener, DecodedEventTransform, EventTransformCommon, MessageListener, RawEventTransform, TLS

Instance Method Summary

• #client_authentification? ⇒ Boolean
• #convert_protocols ⇒ Object
• #create_server ⇒ Object

  def register.

• #need_identity_map? ⇒ Boolean
• #normalized_ciphers ⇒ Object
• #register ⇒ Object
• #run(output_queue) ⇒ Object
• #ssl_configured? ⇒ Boolean
• #stop ⇒ Object

  def run.

• #target_codec_on_field? ⇒ Boolean

Instance Method Details

#client_authentification? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/logstash/inputs/beats.rb', line 213

def client_authentification?
  @ssl_certificate_authorities && @ssl_certificate_authorities.size > 0
end

#convert_protocols ⇒ Object

# File 'lib/logstash/inputs/beats.rb', line 221

def convert_protocols
  TLS.get_supported(@tls_min_version..@tls_max_version).map(&:name)
end

#create_server ⇒ Object

def register

# File 'lib/logstash/inputs/beats.rb', line 169

def create_server
  server = org.logstash.beats.Server.new(@host, @port)
  if @ssl
    ssl_builder = org.logstash.netty.SslSimpleBuilder.new(@ssl_certificate, @ssl_key, @ssl_key_passphrase.nil? ? nil : @ssl_key_passphrase.value)
      .setProtocols(convert_protocols)
      .setCipherSuites(normalized_ciphers)

    ssl_builder.setHandshakeTimeoutMilliseconds(@ssl_handshake_timeout)

    if client_authentification?
      if @ssl_verify_mode.upcase == "FORCE_PEER"
          ssl_builder.setVerifyMode(org.logstash.netty.SslSimpleBuilder::SslClientVerifyMode::FORCE_PEER)
      end
      ssl_builder.setCertificateAuthorities(@ssl_certificate_authorities)
    end

    server.enableSSL(ssl_builder)
  end

  server
end

#need_identity_map? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/logstash/inputs/beats.rb', line 209

def need_identity_map?
  @codec.kind_of?(LogStash::Codecs::Multiline)
end

#normalized_ciphers ⇒ Object

# File 'lib/logstash/inputs/beats.rb', line 217

def normalized_ciphers
  @cipher_suites.map(&:upcase)
end

#register ⇒ Object

# File 'lib/logstash/inputs/beats.rb', line 142

def register
  # Logstash 2.4
  if defined?(LogStash::Logger) && LogStash::Logger.respond_to?(:setup_log4j)
    LogStash::Logger.setup_log4j(@logger)
  end

  if !@ssl
    @logger.warn("Beats input: SSL Certificate will not be used") unless @ssl_certificate.nil?
    @logger.warn("Beats input: SSL Key will not be used") unless @ssl_key.nil?
  elsif !ssl_configured?
    raise LogStash::ConfigurationError, "Certificate or Certificate Key not configured"
  end

  @logger.info("Beats inputs: Starting input listener", :address => "#{@host}:#{@port}")

  # wrap the configured codec to support identity stream
  # from the producers if running with the multiline codec.
  #
  # If they dont need an identity map, codec are stateless and can be reused
  # accross multiples connections.
  if need_identity_map?
    @codec = LogStash::Codecs::IdentityMapCodec.new(@codec)
  end

  @server = create_server
end

#run(output_queue) ⇒ Object

# File 'lib/logstash/inputs/beats.rb', line 199

def run(output_queue)
  message_listener = MessageListener.new(output_queue, self)
  @server.setMessageListener(message_listener)
  @server.listen
end

#ssl_configured? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/logstash/inputs/beats.rb', line 191

def ssl_configured?
  !(@ssl_certificate.nil? || @ssl_key.nil?)
end

#stop ⇒ Object

def run

# File 'lib/logstash/inputs/beats.rb', line 205

def stop
  @server.stop
end

#target_codec_on_field? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/logstash/inputs/beats.rb', line 195

def target_codec_on_field?
  !@target_codec_on_field.empty?
end