logstash

github-mirrors/logstash

Fork 0

mirror of https://github.com/elastic/logstash.git synced 2025-04-23 22:27:21 -04:00

Commit graph

Author	SHA1	Message	Date
Rob Bavey	5d7fa78e09	Fix Windows scripts (#14515 ) The work done in #14355 to fix the keystore and plugin scripts erroneously included %JAVA_OPTS% in the command to invoke `jruby`, rather than as an environment variable, which prevented these scripts from operating correctly, due to `jruby.exe` not handling Java options, causing the scripts to crash on invocation. This commit removes the %JAVA_OPTS% - this is already set as an environment variable, and allows the scripts to operate correctly	2022-09-09 09:06:57 -04:00
Rob Bavey	59c5374849	Fix windows scripts to also pull settings from JvmOptionsParser (#14355 ) * Fix windows scripts to also pull settings from JvmOptionsParser Prior to this commit, the windows version of the keystore and plugin scripts diverged from the bash version of these scripts, as they did not pick up Jvm Options from the JvmOptionsParser, leading to certain mandatory settings not being picked up, breaking compatibility with Windows on certain versions of the JDK. This PR ensures that these scripts also use the JvmOptionsParser. This does not resolve the issue described in #14176, which will be looked at in a future PR Relates: #14354 * Add goto :eof as per code review suggestion	2022-07-18 09:03:40 -04:00
Jake Landis	058c9a6c47	Secret Store: Ability to set and use secret data from an encrypted data store. Fixes #8657 Part 1: API and JavaKeyStore implementation (#8657) Introduces the API to read/write/delete sensitive data from a secure store and includes a Java KeyStore implementation. Note - this commit does NOT integrate with the Logstash configuration or settings. Part 2: Secret Store: SecretStoreFactory, SecureConfig, Obfuscation and X-JVM support (#8659) * Secret Store: SecretStoreFactory, SecureConfig, Obfuscation and X-JVM support * Introduce a SecretStoreFactory to allow runtime definition of SecretStore implementation. * Introduce a SecureConfig to allow simple configuration of different SecretStore implementaiton. * Introduce random default password plus obfuscation. Best attempt at security through obscurity. * Corrections / better support for x-JVM modification. Part 3: Secret Store: SecretStore, SecretStoreFactory, JavaKeystore - refacactor (#8745) * Adds more CRUD like operations for SecretStore API * SecretStoreFactory Mirror API's CRUD operations * Adds 'exists' to API to allow command line warning 'Overwrite ?' * Minor readabiliy Part 4: Integrate secret store with Logstash core (#8905) This change introduces the command line tooling and hooks needed to allow Logstash to use the secret store. This change hooks into the same logic that the does the environment variable substitution. The commnad line mirrors the Elasticsearch command line, and is implemented primarily in Java. Part 5: Hardening and test fixes (this PR) Fixes #8935	2018-01-13 01:22:53 +00:00

Author

SHA1

Message

Date

Rob Bavey

5d7fa78e09

Fix Windows scripts (#14515 )

The work done in #14355 to fix the keystore and plugin scripts erroneously included
%JAVA_OPTS% in the command to invoke `jruby`, rather than as an environment variable, which
prevented these scripts from operating correctly, due to `jruby.exe` not handling Java options,
causing the scripts to crash on invocation.

This commit removes the %JAVA_OPTS% - this is already set as an environment variable, and allows the
scripts to operate correctly

2022-09-09 09:06:57 -04:00

Rob Bavey

59c5374849

Fix windows scripts to also pull settings from JvmOptionsParser (#14355 )

* Fix windows scripts to also pull settings from JvmOptionsParser

Prior to this commit, the windows version of the keystore and plugin scripts
diverged from the bash version of these scripts, as they did not pick up Jvm Options
from the JvmOptionsParser, leading to certain mandatory settings not being picked up,
breaking compatibility with Windows on certain versions of the JDK. This PR ensures
that these scripts also use the JvmOptionsParser.

This does not resolve the issue described in #14176, which will be looked at in a future
PR

Relates: #14354

* Add goto :eof as per code review suggestion

2022-07-18 09:03:40 -04:00

Jake Landis

058c9a6c47

Secret Store: Ability to set and use secret data from an encrypted data store.

Fixes #8657

Part 1: API and JavaKeyStore implementation (#8657)

Introduces the API to read/write/delete sensitive data from a secure store and includes a Java KeyStore implementation. Note - this commit does NOT integrate with the Logstash configuration or settings.

Part 2: Secret Store: SecretStoreFactory, SecureConfig, Obfuscation and X-JVM support (#8659)

*  Secret Store: SecretStoreFactory, SecureConfig, Obfuscation and X-JVM support

* Introduce a SecretStoreFactory to allow runtime definition of SecretStore implementation.
* Introduce a SecureConfig to allow simple configuration of different SecretStore implementaiton.
* Introduce random default password plus obfuscation. Best attempt at security through obscurity.
* Corrections / better support for x-JVM modification.

Part 3: Secret Store: SecretStore, SecretStoreFactory, JavaKeystore - refacactor (#8745)

* Adds more CRUD like operations for SecretStore API
* SecretStoreFactory Mirror API's CRUD operations
* Adds 'exists' to API to allow command line warning 'Overwrite ?'
* Minor readabiliy

Part 4: Integrate secret store with Logstash core (#8905)

This change introduces the command line tooling and hooks needed to allow Logstash to use the secret store. This change hooks into the same logic that the does the environment variable substitution. The commnad line mirrors the Elasticsearch command line, and is implemented primarily in Java.

Part 5: Hardening and test fixes (this PR)

Fixes #8935

2018-01-13 01:22:53 +00:00

3 commits