admin管理员组

文章数量:1334178

Fluent-bit does not natively support Certificate revocation Checks. I wish to add a new plugin, before the data is actually passed to the server, to make sure that the certificate is not revoked. As per the fluent-bit architecture, it seems like OUTPUT plugins chaining can not be done. I wanted to understand if there is some way to achieve the same.

The following is a sample configuration which has two OUTPUT plugins. I wish to chain the first and second plugins so that in the first plugin , I can check CRL and if not revoked, pass the data to the second OUTPUT plugin which forwards the data to the destination.

Is there some way to achieve this pattern ? Or any other approach to insert a CRL check without modifying the http plugin or fluent-bit code?

# Fluent Bit Input Configuration
[INPUT]
    Name   tail
    Path   /var/log/syslog
    Tag    syslog

# Fluent Bit Output Configuration for CRL Plugin (Example)
[OUTPUT]
    Name    crlplugin
    Match   *
    Address localhost
    PortNo  8443
    rewrite_tag * crlValidated


# Fluent Bit Output Configuration (Sending to HTTPS)
[OUTPUT]
    Name         http
    Match        crlValidated
    Host         localhost
    Port         8443
    TLS          On
    TLS.Verify   Off  # Disable verification of self-signed certificates (if used)
    tls.ca_file  /home/test/client/ca.crt
    tls.crt_file /home/test/client/client.crt
    tls.key_file /home/test/client/client.key
    Format       json

本文标签:

版权声明:本文标题:Is there a way to make an output plugin chain in fluent-bit, to perform addition CRL check before forwarding to destination - St 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1742307604a2450230.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。