search

logstash-plugins / logstash-input-http_poller

Create Logstash events by polling HTTP endpoints!
https://www.elastic.co/guide/en/logstash/current/plugins-inputs-http_poller.html
Apache License 2.0
43 stars 65 forks source link

Accept TLS/SSL certificates without having to manually create a JKS? #115

Closed sgreszcz closed 1 year ago

sgreszcz commented 4 years ago

There is no simple way to accept TLS/SSL certificates using http_poller input. Using something like python's "requests" library or postman allows a flag to be set to automatically accept certificates.

Having to manually pre-build a JKS is not easy to automate and scale, especially in a Logstash/Docker deployment for ingesting data.

input {
    http_poller {
        urls => {
            UCM_SOAP => {
                method => post
                url => "https://some_server:8443/logcollectionservice2/services/LogCollectionPortTypeService?wsdl"
                auth => {
                    user => "user"
                    password => "password"
                }
                headers => {
                    "Content-Type" => "text/xml"
                    "SOAPAction" => "CUCM:DB ver=12.5"
                }
                body =>
'<!--LogCollection API - SelectLogFiles - Request-->
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soap="http://schemas.cisco.com/ast/soap">
<soapenv:Header/>
<soapenv:Body>
<soap:selectLogFiles>
<soap:FileSelectionCriteria>
<soap:ServiceLogs>
<soap:item></soap:item>
</soap:ServiceLogs>
<soap:SystemLogs>
<soap:item>Cisco RIS Data Collector PerfMonLog</soap:item>
</soap:SystemLogs>
<soap:SearchStr></soap:SearchStr>
<soap:Frequency>OnDemand</soap:Frequency>
<soap:JobType>PushtoSFTPServer</soap:JobType>
<soap:ToDate></soap:ToDate>
<soap:FromDate></soap:FromDate>
<soap:TimeZone></soap:TimeZone>
<soap:RelText>Days</soap:RelText>
<soap:RelTime>5</soap:RelTime>
<soap:Port>22</soap:Port>
<soap:IPAddress>some_server</soap:IPAddress>
<soap:UserName>user</soap:UserName>
<soap:Password>password</soap:Password>
<soap:ZipInfo>false</soap:ZipInfo>
<soap:RemoteFolder>/data/test/</soap:RemoteFolder>
</soap:FileSelectionCriteria>
</soap:selectLogFiles>
</soapenv:Body>
</soapenv:Envelope>'
            }
        }
        request_timeout => 60
        # Supports "cron", "every", "at" and "in" schedules by rufus scheduler
        schedule => { cron => "* * * * * UTC" }
    }
}

output {
  stdout {
    codec => rubydebug
  }
}
    "http_request_failure" => {
              "backtrace" => nil,
                  "error" => "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",

Use the Logstash Docker container with any http_poller input and self-signed HTTPs endpoint.

sgreszcz commented 4 years ago

According to issue #96 this was possible before. Can we please reinstate the "ignore" flag with:

ssl => true ssl_certificate_verification => false

edmocosta commented 1 year ago

Closing this issue as it seem to be already supported by newer versions of the plugin. Although it's not recommended, it's possible to ignore the certificate validation by setting the ssl_verification_mode to none. Another option to avoid creating JKS is setting the CAs using PEM certificates (cacert).