使用SSL配置Logstash并将消息发送到Kafka(with SSL)主题

时间:2019-06-21 05:55:51

标签: ssl apache-kafka logstash

我在本地(主机名:webbox)中有logstash-6.5.4(带有ssl),web和调度程序,而另一个主机(主机名:kafkabox)上具有kafka-2.0(带有ssl)。

从Logstash发送消息时,我无法在kafka主题中接收消息。

均未显示任何错误消息,也不将消息发送到kafka主题。我试图将logstash.crt导入kafka的信任库,但是也没有用。

使用以下命令创建了logstash.crtlogstash.key

sudo openssl req -x509 -batch -nodes -days 3650 -newkey rsa:2048 -keyout /etc/logstash/logstash.key -out /etc/logstash/logstash.crt

还将logstash.crt导入到kafka的信任库文件中并尝试。

keytool -import -alias logstash -file logstash.crt -keystore cacerts

Logstash conf文件在下面给出... 

input {
    tcp {
    host=>"0.0.0.0" 
    port=>5514 
    type=>"syslogType"
    ssl_enable=>true
    ssl_cert=>"/etc/logstash/logstash.crt"
    ssl_key=>"/etc/logstash/logstash.key"
    ssl_verify=>false
    }
}

filter {
}

output {
    kafka {
    bootstrap_servers=>"kafkabox:9093"
    codec=>"json_lines"
    topic_id=>"a_test"
    ssl_keystore_location=>"keystore file"
    ssl_keystore_password=>"changeit"
    ssl_key_password=>"changeit"
    ssl_truststore_location=>"truststore file"
    ssl_truststore_password=>"changeit"
    security_protocol=>"SSL"
    }
}

期望的消息从logstash(使用SSL)发送到kafka(使用SSL)。

用于连接到logstash的Java代码,该日志内部无法将消息发送到kafka主题(以ssl模式)。 

public class LogstashClient {

    private static String message = "<86>Jun 25 14:32:25 webbox sshd[7517]: Failed password for root from 196.165.132.192 port 45691 ssh2";

    public static void main(String[] args) throws Exception {
        nonSSL();
        //SSL();
    }

    private static void SSL() throws Exception {

    // logstash.crt is directly imported into kafka's truststore
    // Below <<Client Truststore>> will also have logstash.crt imported for handshaking while connecting

        System.setProperty("javax.net.ssl.trustStore", "<<Client Truststore>>");
        System.setProperty("javax.net.ssl.trustStorePassword", "test1234");

        SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault();
        SSLSocket socket = (SSLSocket) factory.createSocket("localhost", 5514);

    System.out.println("Handshaking...");
        socket.startHandshake();
        PrintWriter printWriter = new PrintWriter(socket.getOutputStream(), true);

        boolean checkError = printWriter.checkError();

        printWriter.println(message);
    }

    private static void nonSSL() throws Exception {
        Socket socket = new Socket("localhost", 5514);

        PrintWriter printWriter = new PrintWriter(socket.getOutputStream(), true);
        printWriter.println(message);
    }
}

谢谢, RK,

0 个答案:

没有答案
相关问题
最新问题