How to access third party rest api using http_poller,http filter and ruby filter using basic authentication,header and body

Elastic Stack Logstash
1

logstash version : 6.3.1
curl -k -v -i -u 'API Key for V3':'API Secret for V3' 'https://api.com/v3/token' -d 'grant_type=password&username=&password=< Password>&scope=< Area UUID>'

Using above curl command I am able to connect to server.

I need to transform curl command to logstash http_poller plugin format.After doing the changes, I couldn't establish the connection.
Could you pleease let me where I am doing mistake.

Do I sent request body data in add_field ??? If not how to sent request body data in http_poller plugin during the request

input {
http_poller {
urls => {
test => {
url => "https://api.com/v3/token"
method => post
headers => {
Accept => "application/json"
Content-Type=>"application/x-www-form-urlencoded"
Authorization => "Basic Oh4NXRilNGcWNidHdONjk="
}
user => "username"
password => "password"

	# Adding request body data in add_field, is this correct
	add_field =>{
	  "grant_type"=> "password"
	  "username'=> 'username"
	  "password'=> 'password"
	  "scope'=> '5caf04b4"
 }
}
request_timeout => 60
schedule => { cron => "* * * * * UTC"}
codec => "json"
metadata_target => "http_poller_metadata"

}
}
}

same way i tried with http filter, but no luck .

I need to transform curl command to logstash http filter plugin format.After doing the changes, I couldn't establish the connection.
Could you pleease let me where I am doing mistake.

filter {
http {
url =>"https://api.com/v3/token"

 verb =>"POST"
 
 user =>"username"
 password => "password"
 
 headers => {
       "Content-Type"=>"application/x-www-form-urlencoded"
	   "Accept" => "application/json"	
 } 
 
 #body_format => "json"	
 
 body => {  
          grant_type => "password"
          username => "username"
          password => "password"
          scope => "5caf04b4"
 }

 target_body => "response_message"

}

}

Error showing , response_type or grant_type required when i am executing it in logstash http filter.

same way I tried with ruby filter, but no luck.

filter {

ruby{
code => "
require 'net/http'
require 'uri'
require 'json'

uri = URI('https://api.com/v3/token')
header = {'Content-Type'=>'application/x-www-form-urlencoded','Accept'=> 'application/json'}
request = Net::HTTP::Post.new(uri,header)
request.basic_auth '9xx5tyyyyy', 'xxxxxxxxxx69'

request.set_form_data({
				   'grant_type'=> 'password',
				   'username'=> 'username',
				   'password'=> 'passwordof user',
				   'scope'=> '5caf04b4'}
)

response = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == 'https') do |http|
http.request(request)
end
event.set('response',response.body)
"

}
}

Error showing :[ERROR][logstash.filters.ruby] Ruby exception occurred: An existing connection was forcibly closed by the remote host

2

What's the problem with using

body => "grant_type=password&username=&password=< Password>&scope=< Area UUID>" body_format => "text"

as I suggested in the other thread about this?

3

Hi,
Thank you for prompt response. I used the request body as you mentioned, but its not working.
Logstash is showing error grant_type is required, in the request body I am sending grant_type along with url request

[ERROR][logstash.filters.http ] error during HTTP request {:url=>"https://api.com/v3/token", :code=>400, :response=>"{"error":"invalid_request",
"error_description":"response_type or grant_type is required"}"}
{
"@version" => "1",
"@timestamp" => 2019-10-03T02:42:26.748Z,
"tags" => [
[0] "_httprequestfailure"
],
"host" => "Z507B-9D3F-00E3",
"message" => "kk\r"
}

4

Hi,

I am able to access third party rest API using logstash http_poller input plugin.

**# Do the base 64 encode of username and password (username:password) **
# Use the encoded value of (username:password) in authorization field.

option 1:-
input {
http_poller {
urls => {
test_url =>{
url => "https://apicom/v3/token"
method => post
headers => {
"Accept" => "application/json"
"Content-Type" => "application/x-www-form-urlencoded"
# assign encoded value of username:password into authorization field.
"Authorization" => "Basic username:password"
}
params =>{
"username"=> "${myusername}"
"password"=>"${mypassword}"

  	"grant_type"=>"password"
  	"scope"=>"${scope}"

    }
 }
}

codec => "json"

# request timeout (in seconds) for the entire request.
request_timeout => 60

# Current configured time for this scheduler, here every 1 min, scheduler will triger the request.
schedule => { cron => "*/1 * * * * UTC"}

}
}

option 2:-

input {
http_poller {
urls => {
test_url =>{
url => "https://api.com/v3/token"
method => post
user => "${api_key}"
password => "${api_secret}"
headers => {
Accept => "application/json"
}
> params =>{

  	username => "${myusername}"
  	password => "${mypassword}" 			
                   grant_type=>"password"
                    scope=>"${scope}"
  }

 }
}

#
codec => "json"

#timeout (in seconds) for the entire request.
request_timeout => 60

schedule => { cron => "*/1 * * * * UTC"}

#metadata_target => "http_poller_metadata"

}
}

filter {
}

output {
stdout {
codec => rubydebug
}
}

5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.