Beats: [Metricbeat] module HTTP server: Add TLS
Describe the enhancement:
The Metricbeat module for HTTP server currently doesn't support TLS. This is less of an issue for connections on the same host, but to be able to collect data over the network this would be a good improvement.
Describe a specific use case for the enhancement or feature:
Logstash has an HTTP input that supports TLS. To be a lightweight alternative the Metricbeat module would need to add TLS, otherwise it's mainly useful on localhost. This started off from a discussion with @loekvangool.
xeraa
All 7 comments
go net/http already have https. it is just a matter of adjusting it.
Let me grab a coffee and play with this one :)
leopucci
on 26 Mar 2019
@leopucci Take a look at tlscommon.ServerConfig and how it's used. I think some of this can be reused.
andrewkroh
on 26 Mar 2019
@andrewkroh HttpHelper already have it! Thanks for the tip!
leopucci
on 26 Mar 2019
@andrewkroh, ListenAndServeTLS dos not acept certificate object, only certificate path... i will not be able to reuse config:ssl.... it was so beautiful
leopucci
on 26 Mar 2019
Tadah!
leopucci
on 26 Mar 2019
How to use:
add ssl config on http.yml
- module: http
metricsets:
- server
host: "localhost"
port: "8080"
enabled: true
#ssl.certificate_authorities: ["/etc/pki/root/ca.pem"]
ssl.certificate: "/etc/pki/client/cert.pem"
ssl.key: "/etc/pki/client/cert.key"
paths:
- path: "/foo"
namespace: "foo"
# fields: # added to the the response in root. overwrites existing fields
# key: "value"
@andrewkroh any bugs that i can help today? nice work btw https://github.com/andrewkroh/gvm
leopucci
on 29 Mar 2019
Related issues
exekias
路
3Comments
adriansr
路
3Comments
musayev-io
路
3Comments
MorrieAtElastic
路
3Comments
dedemorton
路
3Comments
Most helpful comment
@andrewkroh any bugs that i can help today? nice work btw https://github.com/andrewkroh/gvm