- elasticsearch/
elasticsearch 使用多个基本身份验证用户记录http输入
elasticsearch 使用多个基本身份验证用户记录http输入
我想设置一个包含多个用户/密码的日志存储管道,并使用不同的用户名将输出定向到不同的elasticsearch索引,其中每个用户名都具有对特定索引的读/写访问权限,以便在Kibana上也可以使用相同的凭证。类似于-
input {
http {
host => "0.0.0.0"
port => 5000
user => "user1","user2"
password => "password1","password2"
}
}
output {
if[user] == "user1" {
elasticsearch {
id => "elastic1"
hosts => ["localhost:9200"]
index => "index1"
user => "user1"
password => "password1"
}
}
else if[user] == "user2" {
elasticsearch {
id => "elastic2"
hosts => ["localhost:9200"]
index => "index2"
user => "user2"
password => "password2"
}
}
}
这可能吗?我缺少什么?Logstash支持基本身份验证,但HTTP插件的每个实例只接受一个用户名密码。它不支持传递用户名/密码列表:
http {
port => 3332
user => myuser
password => "$tr0ngP4ssWD!"
ssl => on
keystore => "/tmp/mykeystore.jks"
keystore_password => "keystore_pass"
}