Skip to content

Commit

Permalink
in_splunk: Store HEC token on enabled HTTP2 and raw endpoints
Browse files Browse the repository at this point in the history
Signed-off-by: Hiroshi Hatake <[email protected]>
  • Loading branch information
cosmo0920 authored and edsiper committed Jun 2, 2024
1 parent ea7b9f4 commit 8aee285
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions plugins/in_splunk/splunk_prot.c
Original file line number Diff line number Diff line change
Expand Up @@ -961,6 +961,10 @@ static int process_hec_raw_payload_ng(struct flb_http_request *request,
flb_sds_t tag,
struct flb_splunk *ctx)
{
int ret = 0;
size_t size = 0;
char *auth_header;

if (request->content_type == NULL) {
send_response_ng(response, 400, "error: header 'Content-Type' is not set\n");

Expand All @@ -971,6 +975,11 @@ static int process_hec_raw_payload_ng(struct flb_http_request *request,
flb_plg_debug(ctx->ins, "Mark as unknown type for ingested payloads");
}

ret = flb_hash_table_get(request->headers, "authorization", 13, (void **)&auth_header, &size);
if (ret != 0) {
ctx->ingested_auth_header = auth_header;
}

if (request->body == NULL || cfl_sds_len(request->body) == 0) {
send_response_ng(response, 400, "error: no payload found\n");

Expand Down

0 comments on commit 8aee285

Please sign in to comment.