Closed MarcusCaepio closed 6 months ago
martialblog
commented
7 months ago Hi, I recently implemented the option to set sensitive data via ENV variables. So the secret for the connection never needs to leave the server on which the check is running:
-u, --user string Specify the user name and password for server authentication <user:password> (CHECK_LOGSTASH_BASICAUTH)
However, I just realized that we haven't had a new release containing this feature. I'll take care of a new release
MarcusCaepio
commented
7 months ago Why not implement both? :)
martialblog
commented
7 months ago Thing is, that this would be a major CLI change, which I do wanna be careful and sparse with. We decided to go for the curl like --user syntax and have implemented that in many of the newer plugins, so that users have a similar experience with our plugins.
I do think environment variables are a good solution here. There's even a getenv in the IcingaDSL https://icinga.com/docs/icinga-2/latest/doc/18-library-reference/#getenv
martialblog
commented
7 months ago Created a new release with the Env Feature: https://github.com/NETWAYS/check_logstash/releases/tag/v0.11.0
martialblog
commented
6 months ago I'm closing this with reference to the ENV variables options.
At this time we don't want to change the CLI.
Describe the feature request
Hi, currently the auth is set with
-u user:password. But it would be much nicer to set it via-u user -p password. This also hides the password in Icingaweb variables with (default) given protected 'pass' variables settings. Normally you don't have protected user variables. Makes it also a little bit nicer, when you use constants instead of plain passwords in your icinga2 config files :)Cheers, Marcus