-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
filebeat: add SSL options to checkpoint module #19560
Conversation
Since this is a community submitted pull request, a Jenkins build has not been kicked off automatically. Can an Elastic organization member please verify the contents of this patch and then kick off a build manually? |
1 similar comment
Since this is a community submitted pull request, a Jenkins build has not been kicked off automatically. Can an Elastic organization member please verify the contents of this patch and then kick off a build manually? |
Thanks for recreating the PR @hazcod . I know this is the second time around due to the issues with the last PR (including the merge from master most likely). Will let you know how it goes, and also triggers a need to look a bit more deeper into where TLS should/should not be per default. |
Pinging @elastic/siem (Team:SIEM) |
jenkins test this please |
I ran a |
It asks you to run " |
I've successfully ran |
Ping. |
jenkins run tests |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your patience and for submitting this again ❤️ ! Please add a CHANGELOG entry, and besides this I left some comments. If you wish, we can take over from this point and push the required changes to your branch., or you can do them yourself, whatever works best for you.
I've pushed the requested changes @marc-gr |
jenkins run tests |
@marc-gr: I've updated the CHANGELOG entry. |
jenkins run tests |
jenkins run tests |
jenkins run tests |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGMT, though should have another reviewer as well, to ensure there is nothing missing from the config entries, maybe compared to another one with TLS?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
jenkins run tests |
Thank you all for the help! |
* upstream/master: feat: package aliases for snapshots (elastic#21960) [DOC] Add firewall as possible troubleshooting issue (elastic#21743) [Filebeat] Add max_number_of_messages config parameter for S3 input (elastic#21993) [Elastic Agent] Fix missing elastic_agent event data (elastic#21994) Document auditbeat system process module config (elastic#21766) Update links (elastic#22012) dynamically find librpm (elastic#21936) Fix Istio docs (elastic#22019) [beats-tester][packaging] store packages in another location (elastic#21903) [Kubernetes] Remove redundant dockersock volume mount (elastic#22009) [Ingest Manager] Always try snapshot repo for agent upgrade (elastic#21951) Azure storage metricset values not inside the metricset name (elastic#21845) fix diskio and memory bugs under windows (elastic#21992) Fix TestDockerStart flaky test (elastic#21681) filebeat: add SSL options to checkpoint module (elastic#19560) Stop storing stateless kubernetes keystores (elastic#21880) [Elastic Agent] Fix named pipe communication on Windows 7 (elastic#21931) [Elastic Agent] Fix index for Agent monitoring to to elastic_agent. (elastic#21932)
* feat(firewall): add tls config * feat(firewall): add vars to manifest * chore(checkpoint): add tls to example * chore(checkpoint): run mage fmt update * cleanup(checkpoint): remove obsolete log_level * refactor(checkpoint): move to .ssl * chore(x-pack): revert ide fix * chore(changelog): add f5 asm ref * revert(changelog): remove f5 asm mod * chore(changelog): add checkpoint tls * chore: fix lint warnings * Undo some changes and move docs to checkpoint * Move changelog entry Co-authored-by: Marc Guasch <[email protected]> (cherry picked from commit e29c3fa)
* feat(firewall): add tls config * feat(firewall): add vars to manifest * chore(checkpoint): add tls to example * chore(checkpoint): run mage fmt update * cleanup(checkpoint): remove obsolete log_level * refactor(checkpoint): move to .ssl * chore(x-pack): revert ide fix * chore(changelog): add f5 asm ref * revert(changelog): remove f5 asm mod * chore(changelog): add checkpoint tls * chore: fix lint warnings * Undo some changes and move docs to checkpoint * Move changelog entry Co-authored-by: Marc Guasch <[email protected]> (cherry picked from commit e29c3fa) Co-authored-by: Niels Hofmans <[email protected]>
What does this PR do?
This adds a
var.input
typetls
, which will use tcp + tls for mutual TLS authentication.Why is it important?
Syslog udp is plaintext and does not guarantee CIA.
Checklist
CHANGELOG.next.asciidoc
orCHANGELOG-developer.next.asciidoc
.Related issues
#17682
CC @P1llus @adriansr @andrewstucki