Enable beats input plugin to logstash

diff --git a/cookbooks/logstash/files/default/beats.crt b/cookbooks/logstash/files/default/beats.crt
new file mode 100644 (file)
index 0000000..a1db9f8
--- /dev/null
+++ b/cookbooks/logstash/files/default/beats.crt
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDoTCCAomgAwIBAgIJAOWS1wQ8fa1RMA0GCSqGSIb3DQEBCwUAMGcxCzAJBgNV
+BAYTAkdCMRUwEwYDVQQHDAxEZWZhdWx0IENpdHkxHDAaBgNVBAoME0RlZmF1bHQg
+Q29tcGFueSBMdGQxIzAhBgNVBAMMGmxvZ3N0YXNoLm9wZW5zdHJlZXRtYXAub3Jn
+MB4XDTE1MDgyODA3NDYzNloXDTI1MDgyNTA3NDYzNlowZzELMAkGA1UEBhMCR0Ix
+FTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoGA1UECgwTRGVmYXVsdCBDb21wYW55
+IEx0ZDEjMCEGA1UEAwwabG9nc3Rhc2gub3BlbnN0cmVldG1hcC5vcmcwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxU5CoykubpFaYdJMJOGFmq8a3bMLx
+KG9wlkDfYH65fxh8W+XAHR0oyi3kwqy9P1OmicdMJkFRpFsIDmg0EuirZCX2A4nw
+ADJxXa/mqbFTNCHmVjhFqMdAaMW/O0WkcXxLc/9D/WLFEqTNMkZwZ1wo6JwAo26f
+Dxn75TggFy0rTBYsOp87nK3fYEp8cY43tGWkqMbTdU2GB511+FeUbm7NTyQakHq8
+9/LtmJPzmsO30wJzF++NOJkis/xNTvPPybkljwSshoo53ed/kmxy/KiVgPqD/fR7
+8bkOfqknycyqV5zskMUtrN9PsWQx3bzY7dhYo1nNMd8oNLVKpSluvga5AgMBAAGj
+UDBOMB0GA1UdDgQWBBS5qcKaMediosEUc6SHDGgTfGnpRzAfBgNVHSMEGDAWgBS5
+qcKaMediosEUc6SHDGgTfGnpRzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUA
+A4IBAQA1G0BJ6rxyyuvY4iLtyah0p7hawt7jkQ35Y6gNoGGwHgMGslQ8URhx29zr
+HpJPtCdrHagC58FmL74/SS8czNdt+V3xcYAAZxm3ZwlJr/GyxSlCD/3zpD/eWHTV
+lMFqvGqLGxJfo9Q1iuyV35jEfi84toXT+zps/4voX6fYutNaouQDk5V/up9lPPCp
+x2xq0vVDV+BhZ3Y7QxsZHEcAqPg9wGMT4UiJFSsatwnmSwSv429tdZeETEb3yCZv
+kautRvtRRMB2QqNQRFGXmJLt4sMFuAjo5jcz4GvBWZTjPOoFrgnhlmWkCvqWrxJU
+/CA3EQf+gGw2loeKZrxbKXdSuIPs
+-----END CERTIFICATE-----

diff --git a/cookbooks/logstash/recipes/default.rb b/cookbooks/logstash/recipes/default.rb
index cc28afab826a288874984dc79719202b147632b4..df54a728067c21eb1a77448c72ccfa11147bc4b1 100644 (file)
--- a/cookbooks/logstash/recipes/default.rb
+++ b/cookbooks/logstash/recipes/default.rb
@@ -42,6 +42,22 @@ file "/var/lib/logstash/lumberjack.key" do
   notifies :restart, "service[logstash]"
 end
 
+cookbook_file "/var/lib/logstash/beats.crt" do
+  source "beats.crt"
+  user "root"
+  group "logstash"
+  mode 0o644
+  notifies :restart, "service[logstash]"
+end
+
+file "/var/lib/logstash/beats.key" do
+  content keys["beats"].join("\n")
+  user "root"
+  group "logstash"
+  mode 0o640
+  notifies :restart, "service[logstash]"
+end
+
 template "/etc/logstash/conf.d/chef.conf" do
   source "logstash.conf.erb"
   user "root"
@@ -79,6 +95,16 @@ forwarders.sort_by { |n| n[:fqdn] }.each do |forwarder|
       dest_ports "5043"
       source_ports "1024:"
     end
+
+    firewall_rule "accept-beats-#{forwarder}" do
+      action :accept
+      family interface[:family]
+      source "#{interface[:zone]}:#{interface[:address]}"
+      dest "fw"
+      proto "tcp:syn"
+      dest_ports "5044"
+      source_ports "1024:"
+    end
   end
 end
 
@@ -95,5 +121,15 @@ gateways.sort_by { |n| n[:fqdn] }.each do |gateway|
       dest_ports "5043"
       source_ports "1024:"
     end
+
+    firewall_rule "accept-beats-#{gateway}" do
+      action :accept
+      family interface[:family]
+      source "#{interface[:zone]}:#{interface[:address]}"
+      dest "fw"
+      proto "tcp:syn"
+      dest_ports "5044"
+      source_ports "1024:"
+    end
   end
 end

diff --git a/cookbooks/logstash/templates/default/logstash.conf.erb b/cookbooks/logstash/templates/default/logstash.conf.erb
index 6610cd414e2c906ba3342c17c0be1126b6fa1514..87260524dc4991ccea2d1aa73c4a7e52760f912b 100644 (file)
--- a/cookbooks/logstash/templates/default/logstash.conf.erb
+++ b/cookbooks/logstash/templates/default/logstash.conf.erb
@@ -4,6 +4,12 @@ input {
     ssl_certificate => "/var/lib/logstash/lumberjack.crt"
     ssl_key => "/var/lib/logstash/lumberjack.key"
   }
+
+  beats {
+    port => 5044
+    ssl_certificate => "/var/lib/logstash/beats.crt"
+    ssl_key => "/var/lib/logstash/beats.key"
+  }
 }
 
 filter {