0

我正在开发一个 EFK(ElasticSearch + Fluentd + Kibana)堆栈日志收集器。

是否有有效的方法来执行 HTTP 请求回调以将响应值(例如 JWT 令牌)传递到下一个管道并将另一个 HTTP 请求发送到受保护的端点以获取更多数据?

我听说 Logstash 有类似的方法来执行此行为。
只是想知道如何在 Fluentd 中做同样的工作。

这是我下面的伪代码,它不可运行。

<source>
  @type http_pull
  url https://example.api.com/login
  tag example.app
  interval 10s

  <parse>
    @type json
  </parse>

  @label @STAGE_ONE
</source>

<label @STAGE_ONE>
  <match *.**>
    @type copy

    <store>
      @type elasticsearch
      host elasticsearch-service
      port 9200
      logstash_format true
      logstash_prefix example-app
      logstash_dateformat %Y.%m.%d
      include_tag_key true
      include_timestamp true
      tag_key @tag
    </store>

    <store>
      @type stdout
    </store>

    <store> # Pass first REST-API response's token to @STAGE_TWO
      @relabel
      @label @STAGE_TWO
    </store>
  </match>
</label>

<label @STAGE_TWO>

  <source>
    @type http_pull
    url https://example.api.com/secure-data
    tag example.app
    interval 10s

    <request header> 
      header Authoraztion
      # Consume the log event from @STAGE_ONE and store token in header then send second request.
      value Bearer ${message.token} # <-- Is there any solution to accomplish this ?
    </request header>

    <parse>
      @type json
    </parse>
  </source>

  <match *.**>
    @type copy

    <store> # Send logs of secured-data to Elasticsearch and display in Kibana
      @type elasticsearch
      host elasticsearch-service
      port 9200
      logstash_format true
      logstash_prefix example-app
      logstash_dateformat %Y.%m.%d
      include_tag_key true
      include_timestamp true
      tag_key @tag
    </store>

    <store> # Print logs of secured-data
      @type stdout
    </store>
  </match>
</label>
4

0 回答 0