Hi All,
I have been struggling for weeks with the Cloudflare Logpush to a HTTP Endpoint integration. I have tried the Elastic examples, the Cloudflare examples and examples from other posts.
These are the configuration settings on the Elastic Cloudflare Integration:
Namespace: cloudflare
Secret Header: abc
Secret Value: 123
SSL Configuration:
-----BEGIN CERTIFICATE-----
Firewall Event logs:
Listen Port: 9560
URL: /cloudflare_logpush/firewall_event
Tags: cloudflare_logpush-firewall_event
When I enable logpush on the Cloudflare side, I get an error:
error validating destination: error writing object
The portion I am struggling with is the HTTP Endpoint URL. To test the end point URL, I doing a direct call to the http endpoint. I have tried hundreds of variations, here are some of the variations I have tried:
curl -vvv -X POST http://x.x.x.x:9560/cloudflare_logpush/firewall_event?header_Content-Type=application/json&header_abc=Basic%20123
{"message":"incorrect header or header secret"}
curl -vvv http://x.x.x.x:9560/cloudflare_logpush/firewall_event?
header_abc=123
{"message":"incorrect header or header secret"}
curl -X POST -vvv http://x.x.x.x:9560/cloudflare_logpush/firewall_event?
header_abc=Basic%20123
{"message":"incorrect header or header secret"}
Interestingly, even though the Agent logs are set to debug, I do see any entries related to the above curl requests.
Any guidance on what I am doing incorrectly would be highly apricated.