diff --git a/docs/index.asciidoc b/docs/index.asciidoc index c5f9bbb..b7f4ffa 100644 --- a/docs/index.asciidoc +++ b/docs/index.asciidoc @@ -53,6 +53,9 @@ output { port => 50070 # (optional, default: 50070) path => "/user/logstash/dt=%{+YYYY-MM-dd}/logstash-%{+HH}.log" # (required) user => "hue" # (required) + basicauth_user => "htuser" # (optional, default: no basic HTTP auth) + basicauth_password => "123456" # (optional) + use_ssl => true # (optional, default: false) } } ---------------------------------- @@ -88,6 +91,10 @@ This plugin supports the following configuration options plus the <> |<>|No | <> |<>|No | <> |<>|Yes +| <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No |======================================================================= Also see <> for a list of options supported by all @@ -290,4 +297,4 @@ The Username for webhdfs. [id="plugins-{type}s-{plugin}-common-options"] -include::{include_path}/{type}.asciidoc[] \ No newline at end of file +include::{include_path}/{type}.asciidoc[] diff --git a/lib/logstash/outputs/webhdfs.rb b/lib/logstash/outputs/webhdfs.rb index cf02d34..68357fe 100755 --- a/lib/logstash/outputs/webhdfs.rb +++ b/lib/logstash/outputs/webhdfs.rb @@ -67,6 +67,12 @@ class LogStash::Outputs::WebHdfs < LogStash::Outputs::Base # The Username for webhdfs. config :user, :validate => :string, :required => true + # The Username for Basic HTTP authentication + config :basicauth_user, :validate => :string, :default => nil + + # The Password for Basic HTTP authentication + config :basicauth_password, :validate => :string, :default => nil + # The path to the file to write to. Event fields can be used here, # as well as date fields in the joda time format, e.g.: # `/user/logstash/dt=%{+YYYY-MM-dd}/%{@source_host}-%{+HH}.log` @@ -117,6 +123,12 @@ class LogStash::Outputs::WebHdfs < LogStash::Outputs::Base # Set kerberos keytab file. Note that the gssapi library needs to be available to use this. config :kerberos_keytab, :validate => :string + # Use SSL + config :use_ssl, :validate => :boolean, :default => false + + # Verify SSL + config :verify_ssl, :validate => :boolean, :default => true + # Set ssl authentication. Note that the openssl library needs to be available to use this. config :use_ssl_auth, :validate => :boolean, :default => false diff --git a/lib/logstash/outputs/webhdfs_helper.rb b/lib/logstash/outputs/webhdfs_helper.rb index 5e4e44a..13eab62 100755 --- a/lib/logstash/outputs/webhdfs_helper.rb +++ b/lib/logstash/outputs/webhdfs_helper.rb @@ -1,4 +1,5 @@ require "logstash/namespace" +require "base64" module LogStash module Outputs @@ -22,15 +23,31 @@ def load_module(module_name) # @param username [String] A valid HDFS user # @return [WebHDFS] An setup client instance def prepare_client(host, port, username) - client = WebHDFS::Client.new(host, port, username) + if @basicauth_user == nil + client = WebHDFS::Client.new(host, port, username) + else + basicauth = Base64.encode64("#{@basicauth_user}:#{@basicauth_password}").chomp + basicauth = { "Authorization" => "Basic #{basicauth}" } + client = WebHDFS::Client.new(host, port, username, nil, nil, nil, basicauth) + end if @use_kerberos_auth require 'gssapi' client.kerberos = true client.kerberos_keytab = @kerberos_keytab end + if @use_ssl + require 'openssl' + client.ssl = true + if not @verify_ssl + client.ssl_verify_mode = :none + end + end if @use_ssl_auth require 'openssl' client.ssl = true + if not @verify_ssl + client.ssl_verify_mode = :none + end client.ssl_key = OpenSSL::PKey::RSA.new(open(@ssl_key)) client.ssl_cert = OpenSSL::X509::Certificate.new(open(@ssl_cert)) end