JWT Support in Beats

cchandak · November 9, 2020, 9:59pm

I would like to scrape logs using Beats (either Filebeat, Metricbeat, etc.) and send them to Logstash or Kafka depending on my use case. Currently, I am leveraging the SSL support, but I would like to use JSON Web Token instead; i.e., the beats should talk to an Authorization server, receive a JWT and then pass it as part of the Auth header bearer token schema when writing logs to an output sink which then validates the JWT.

Is this feature available/being worked on? If not, I would like to contribute, and was hoping if someone could give me pointers on where to start? I also think I would need to implement this in the libbeat/common/transport directory just like TLS/SSL?

NOTE: I am completely new to the Beats code base, even though I've used beats quite a bit.

mtojek · November 10, 2020, 7:50am

I think you might be interested in API key: https://www.elastic.co/guide/en/beats/filebeat/current/elasticsearch-output.html#_api_key_2

cchandak · November 12, 2020, 9:38pm

@mtojek, thanks for responding! But I am specifically looking to integrate JWT in concert with OAuth for my use case (because of needing different ACLs/scopes for operations and data, and also the requirement for making the tokens ephemeral with some expiration policy). Any pointers on how I can start on that? OK to open a feature request on the GitHub repo?

system · December 10, 2020, 11:38pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.