Heartbeat Use json with secret store in check.request.body

pawarrchetan · September 8, 2020, 10:13am

I need help to figure out the correct json payload for my http monitor to test an authenticated endpoint.
Monitor YAML :

  name: test-xyz-abc-io
  enabled: true
  schedule: '@every 1m'  # every 10 minutes from start of beat
  hosts: ["https://xyz.abc.io/v1/uri"]
  ipv4: true
  ipv6: true
  mode: any
  check.request:
    method: POST
    headers:
      'Content-Type': 'application/json'
    body: "{"org_id": "0", "email": "user@gmail.com", "password": "${USER_PASSWORD}"}"
  check.response:
    status: 200
  fields:
    env: test

I get an error in the heartbeat logs :
cfgfile/list.go:96 Error creating runner from config: job err can not convert 'object' into 'string'

shahzad31 · September 9, 2020, 10:38am

Hi @pawarrchetan
if you format your body json like this, it should work

  body: '{"org_id": "0", "email": "user@gmail.com", "password": "USER_PASSWORD"}'

Regards

pawarrchetan · September 9, 2020, 10:57am

Hello @shahzad31
Thanks for the suggestion.

For me the USER_PASSWORD is a secret from the heartbeat keystore.
Will it work if I specify it as suggested by you ?

Regards...
Chetan

pawarrchetan · September 9, 2020, 11:24am

Hi @shahzad31
I get password attempts exceeded in the elaticsearch events after I have the correct secret value in the keystore .

{"message":"Password attempts exceeded"}

Mentioning the key name "USER_PASSWORD" just uses the password value as literal "USER_PASSWORD"

So the suggestion you made does not work.

Are you sure if we use the heartbeat keystore secret key as USER_PASSWORD in the monitor configuration heartbeat would interpolate the value correctly ?

  body: '{"org_id": "0", "email": "user@gmail.com", "password": "USER_PASSWORD"}'

Regards...
Chetan

system · October 7, 2020, 1:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.