Http poller with --insecure mode

Hello,

I am trying to get data from a salt server via RestAPI. I can curl the data with --insecure mode. However, it is using a self-signed cert and I am unable to get the webserver cert.

I would like to use http_poller plugin to pull the data from the API periodically but i do not know how can i apply the --insecure mode in logstash.

Is there a way to allow http_poller to allow --insecure pulling of data?

input {
  http_poller {
    urls => {
      saltserver => {
        method => get
        url => "https://sysauto.com.sg/api/host"
        headers => {
          Accept => "application/json"
        }
      }
    }
    request_timeout => 60
    schedule => { cron => "* * * * * UTC"}
    codec => "json"
    metadata_target => "http_poller_metadata"
  }
}

output {
  stdout {
    codec => rubydebug
  }
}

Currently i am receiving handshake error.
"error" => "handshake alert: unrecognized_name",

If you have a common cipher you can get the certificiate. Presenting the certificate is step 2 in TLS negotiation. You do not need to be able to establish a TLS connection to get the cert. The http_poller documentation then covers what to do with a self-signed cert.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.