0

I'm have this simple logstash config, and I would like to add api-token auth to http input. I know how to do that for output to elastic search, but can't figure out is that possible to provide similar to http input

input {
    http {
        host => "0.0.0.0"
        port => 8080 # default: 8080
        ssl => false
    }
}

output {
    stdout {
        
    }
    elasticsearch {
        hosts => "elasticsearch:9200"
        api_key => "my_api_key"
        index => "my-local-index"
    }
}

Ideal request would be like

curl -d '{"message": "my log"}' -H 'Content-Type: application/json' -H 'Authorization: ApiKey my_api_key' http://localhost:8080
Shepler
  • 3
  • 1

1 Answers1

1

The http input creates an http server socket. That can support basic authorization using the user and password options for the input. It does not support using an elasticsearch API key.

Badger
  • 3,943
  • 2
  • 6
  • 17
  • Yes that is what documentation says. But maybe there is a way to authenticate to logstash via API key/token? – Shepler Oct 11 '22 at 20:32
  • There is not, check the [documentation](https://www.elastic.co/guide/en/logstash/current/plugins-inputs-http.html#_security), the plugin support basic authentication only. – leandrojmp Oct 13 '22 at 19:44
  • That's sad. Thank you for the second point of view – Shepler Oct 17 '22 at 16:35