diff --git a/CHANGELOG.md b/CHANGELOG.md index b07de06a..5a0931e2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Changed - Update `hadoop` plugin ([PR230](https://github.com/observIQ/stanza-plugins/pull/230)) - Remove `preserve_to` parameter from severity +- Update `vmware_vcenter` and `vmware_esxi` plugins ([PR231](https://github.com/observIQ/stanza-plugins/pull/231)) + - Add support for TLS (requires Stanza v0.13.14 or newer) ## [0.0.47] - 2021-02-18 ### Changed - Update `mysql` plugin ([PR228](https://github.com/observIQ/stanza-plugins/pull/228)) diff --git a/plugins/vmware_esxi.yaml b/plugins/vmware_esxi.yaml index edd10908..d83845c2 100644 --- a/plugins/vmware_esxi.yaml +++ b/plugins/vmware_esxi.yaml @@ -1,5 +1,5 @@ # Plugin Info -version: 0.0.6 +version: 0.0.7 title: VMware ESXi description: Log parser for VMware ESXi parameters: @@ -8,9 +8,35 @@ parameters: description: A syslog address of the form `:` type: string default: "0.0.0.0:5140" + - name: enable_tls + label: Enable TLS + description: Enable TLS for the TCP listener + type: bool + default: false + - name: certificate_file + label: TLS certificate path + description: File path for the X509 TLS certificate chain + type: string + default: "/opt/cert" + required: true + relevant_if: + enable_tls: + equals: true + - name: private_key_file + label: TLS private key path + description: File path for the X509 TLS certificate chain + type: string + default: "/opt/key" + required: true + relevant_if: + enable_tls: + equals: true # Set Defaults # {{$listen_address := default "0.0.0.0:5140" .listen_address}} +# {{$enable_tls := default true .enable_tls}} +# {{$certificate_file := default "" .certificate_file}} +# {{$private_key_file := default "" .private_key_file}} # Pipeline Template pipeline: @@ -20,6 +46,10 @@ pipeline: labels: log_type: vmware_esxi plugin_id: {{ .id }} + tls: + enable: {{ $enable_tls }} + certificate: {{ $certificate_file }} + private_key: {{ $private_key_file }} output: timestamp_router - id: timestamp_router type: router diff --git a/plugins/vmware_vcenter.yaml b/plugins/vmware_vcenter.yaml index b16291bf..7c6f92fa 100644 --- a/plugins/vmware_vcenter.yaml +++ b/plugins/vmware_vcenter.yaml @@ -1,5 +1,5 @@ # Plugin Info -version: 0.0.4 +version: 0.0.5 title: VMware vCenter description: Log parser for VMware vCenter parameters: @@ -8,9 +8,35 @@ parameters: description: A syslog address of the form `:` type: string default: "0.0.0.0:5140" + - name: enable_tls + label: Enable TLS + description: Enable TLS for the TCP listener + type: bool + default: false + - name: certificate_file + label: TLS certificate path + description: File path for the X509 TLS certificate chain + type: string + default: "/opt/cert" + required: true + relevant_if: + enable_tls: + equals: true + - name: private_key_file + label: TLS private key path + description: File path for the X509 TLS certificate chain + type: string + default: "/opt/key" + required: true + relevant_if: + enable_tls: + equals: true # Set Defaults # {{$listen_address := default "0.0.0.0:5140" .listen_address}} +# {{$enable_tls := default true .enable_tls}} +# {{$certificate_file := default "" .certificate_file}} +# {{$private_key_file := default "" .private_key_file}} # Pipeline Template pipeline: @@ -20,6 +46,34 @@ pipeline: labels: log_type: vmware_vcenter plugin_id: {{ .id }} + tls: + enable: {{ $enable_tls }} + certificate: {{ $certificate_file }} + private_key: {{ $private_key_file }} + output: prefix_router + + # vcenter will (sometimes) prepend an id to the messages, check + # for the id and drop it if it exsits + # example: '257 <14>1. . . ' + - id: prefix_router + type: router + routes: + - expr: '$record matches "^\\d* "' + output: pre_parser + default: vcenter_parser + + - id: pre_parser + type: regex_parser + regex: '^(?P\d* )(?P[\w\W]*)' + output: pre_parser_restructure + + - id: pre_parser_restructure + type: restructure + ops: + - remove: "$record.drop" + - move: + from: "$record.syslog_message" + to: "$record" output: vcenter_parser - id: vcenter_parser