我正在开发一个 EFK(ElasticSearch + Fluentd + Kibana)堆栈日志收集器。
是否有有效的方法来执行 HTTP 请求回调以将响应值(例如 JWT 令牌)传递到下一个管道并将另一个 HTTP 请求发送到受保护的端点以获取更多数据?
我听说 Logstash 有类似的方法来执行此行为。
只是想知道如何在 Fluentd 中做同样的工作。
这是我下面的伪代码,它不可运行。
<source>
@type http_pull
url https://example.api.com/login
tag example.app
interval 10s
<parse>
@type json
</parse>
@label @STAGE_ONE
</source>
<label @STAGE_ONE>
<match *.**>
@type copy
<store>
@type elasticsearch
host elasticsearch-service
port 9200
logstash_format true
logstash_prefix example-app
logstash_dateformat %Y.%m.%d
include_tag_key true
include_timestamp true
tag_key @tag
</store>
<store>
@type stdout
</store>
<store> # Pass first REST-API response's token to @STAGE_TWO
@relabel
@label @STAGE_TWO
</store>
</match>
</label>
<label @STAGE_TWO>
<source>
@type http_pull
url https://example.api.com/secure-data
tag example.app
interval 10s
<request header>
header Authoraztion
# Consume the log event from @STAGE_ONE and store token in header then send second request.
value Bearer ${message.token} # <-- Is there any solution to accomplish this ?
</request header>
<parse>
@type json
</parse>
</source>
<match *.**>
@type copy
<store> # Send logs of secured-data to Elasticsearch and display in Kibana
@type elasticsearch
host elasticsearch-service
port 9200
logstash_format true
logstash_prefix example-app
logstash_dateformat %Y.%m.%d
include_tag_key true
include_timestamp true
tag_key @tag
</store>
<store> # Print logs of secured-data
@type stdout
</store>
</match>
</label>