From 0d39befbbe173d810c24a2d88ed419c32932a447 Mon Sep 17 00:00:00 2001 From: Dan Kortschak Date: Fri, 6 Dec 2024 09:36:23 +1030 Subject: [PATCH] http_endpoint: add program option to the configuration user interface (#12016) --- .../_dev/test/system/test-http-cel-config.yml | 38 +++++++++++++++++++ .../http_endpoint/agent/input/http.yml.hbs | 3 ++ packages/http_endpoint/changelog.yml | 5 +++ packages/http_endpoint/manifest.yml | 11 +++++- 4 files changed, 56 insertions(+), 1 deletion(-) create mode 100644 packages/http_endpoint/_dev/test/system/test-http-cel-config.yml diff --git a/packages/http_endpoint/_dev/test/system/test-http-cel-config.yml b/packages/http_endpoint/_dev/test/system/test-http-cel-config.yml new file mode 100644 index 00000000000..32bd6c06f6f --- /dev/null +++ b/packages/http_endpoint/_dev/test/system/test-http-cel-config.yml @@ -0,0 +1,38 @@ +service: test-webhook-http +service_notify_signal: SIGHUP +input: http_endpoint +vars: + data_stream.dataset: http_endpoint.http_endpoint + preserve_original_event: true + listen_address: 0.0.0.0 + url: /json + program: |- + // Make it possible to differentiate a program's execution + // from a non-CEL handler. We don't make most of the mito + // libs available in http_endpoint, so just double up by + // making an array of parts of the message. + // We don't have the containers library, so flatten using + // an index into the array produced by the map; the array + // we actually want is the array in the map body. + obj.map(k, [ + {"message": k}, // event 0 + {"message": obj[k]}, // event 1 + ])[0] + # Replace 'json' with '.' when kibana.version is ^8.15.0. + prefix: 'json' + listen_port: 9515 + basic_auth: true + username: abc123 + password: abc123 + enable_request_tracer: true + # Remove processors when kibana.version is ^8.15.0. + processors: | + - rename: + fields: + - from: json.message + to: message + - drop_fields: + fields: + - json +assert: + hit_count: 2 diff --git a/packages/http_endpoint/agent/input/http.yml.hbs b/packages/http_endpoint/agent/input/http.yml.hbs index 696f8601c16..73b7f7a255b 100644 --- a/packages/http_endpoint/agent/input/http.yml.hbs +++ b/packages/http_endpoint/agent/input/http.yml.hbs @@ -48,6 +48,9 @@ response_body: '{{response_body}}' {{#if url}} url: {{url}} {{/if}} +{{#if program}} +program: {{escape_string program}} +{{/if}} {{#if include_headers}} include_headers: {{#each include_headers as |header|}} diff --git a/packages/http_endpoint/changelog.yml b/packages/http_endpoint/changelog.yml index 8dd29942bbf..ebb2fe58a67 100644 --- a/packages/http_endpoint/changelog.yml +++ b/packages/http_endpoint/changelog.yml @@ -1,3 +1,8 @@ +- version: "2.3.0" + changes: + - description: Make CEL program configuration available. + type: enhancement + link: https://github.com/elastic/integrations/pull/12016 - version: "2.2.1" changes: - description: Pass `preserve_original_event` state to input. diff --git a/packages/http_endpoint/manifest.yml b/packages/http_endpoint/manifest.yml index 3b592c16673..10327aaef76 100644 --- a/packages/http_endpoint/manifest.yml +++ b/packages/http_endpoint/manifest.yml @@ -3,7 +3,7 @@ name: http_endpoint title: Custom HTTP Endpoint Logs description: Collect JSON data from listening HTTP port with Elastic Agent. type: input -version: "2.2.1" +version: "2.3.0" conditions: kibana: version: "^8.14.0" @@ -54,6 +54,15 @@ policy_templates: description: This options specific which URL path to accept requests on. Defaults to /. required: false show_user: true + - name: program + type: textarea + title: The CEL program to be run for each request. + description: | + Program is the CEL program that is executed each HTTP request to transform the request body data. + More information can be found in the [documentation](https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-http_endpoint.html#_program). + show_user: false + multi: false + required: false - name: data_stream.dataset type: text title: Dataset name