├── .gitignore
├── CHANGELOG.md
├── Gemfile
├── LICENSE
├── README.hec.md
├── README.md
├── README.tcp.md
├── Rakefile
├── bin
    ├── console
    └── setup
├── docker.sh
├── fluent-plugin-splunk-enterprise.gemspec
├── lib
    └── fluent
    │   └── plugin
    │       ├── out_splunk_hec.rb
    │       └── out_splunk_tcp.rb
└── test
    ├── Dockerfiles
        └── enterprise
        │   ├── 6.0.14
        │       ├── Dockerfile
        │       ├── entrypoint.sh
        │       ├── etc_ssl
        │       │   ├── apps
        │       │   │   └── search
        │       │   │   │   └── local
        │       │   │   │       ├── inputs.conf
        │       │   │   │       └── props.conf
        │       │   ├── auth
        │       │   │   ├── ca.pem
        │       │   │   ├── cacert.pem
        │       │   │   └── server.pem
        │       │   └── system
        │       │   │   └── local
        │       │   │       ├── server.conf
        │       │   │       └── web.conf
        │       └── etc_tcp
        │       │   ├── apps
        │       │       └── search
        │       │       │   └── local
        │       │       │       ├── inputs.conf
        │       │       │       └── props.conf
        │       │   └── system
        │       │       └── local
        │       │           └── server.conf
        │   ├── 6.1.13
        │       ├── Dockerfile
        │       ├── entrypoint.sh
        │       ├── etc_ssl
        │       │   ├── apps
        │       │   │   └── search
        │       │   │   │   └── local
        │       │   │   │       ├── inputs.conf
        │       │   │   │       └── props.conf
        │       │   ├── auth
        │       │   │   ├── ca.pem
        │       │   │   ├── cacert.pem
        │       │   │   └── server.pem
        │       │   └── system
        │       │   │   └── local
        │       │   │       ├── server.conf
        │       │   │       └── web.conf
        │       └── etc_tcp
        │       │   ├── apps
        │       │       └── search
        │       │       │   └── local
        │       │       │       ├── inputs.conf
        │       │       │       └── props.conf
        │       │   └── system
        │       │       └── local
        │       │           └── server.conf
        │   ├── 6.2.12
        │       ├── Dockerfile
        │       ├── entrypoint.sh
        │       ├── etc_ssl
        │       │   ├── apps
        │       │   │   └── search
        │       │   │   │   └── local
        │       │   │   │       ├── inputs.conf
        │       │   │   │       └── props.conf
        │       │   ├── auth
        │       │   │   ├── ca.pem
        │       │   │   ├── cacert.pem
        │       │   │   └── server.pem
        │       │   └── system
        │       │   │   └── local
        │       │   │       ├── server.conf
        │       │   │       └── web.conf
        │       └── etc_tcp
        │       │   ├── apps
        │       │       └── search
        │       │       │   └── local
        │       │       │       ├── inputs.conf
        │       │       │       └── props.conf
        │       │   └── system
        │       │       └── local
        │       │           └── server.conf
        │   ├── 6.3.9
        │       ├── Dockerfile
        │       ├── entrypoint.sh
        │       ├── etc_ssl
        │       │   ├── apps
        │       │   │   ├── search
        │       │   │   │   └── local
        │       │   │   │   │   ├── inputs.conf
        │       │   │   │   │   └── props.conf
        │       │   │   └── splunk_httpinput
        │       │   │   │   └── local
        │       │   │   │       └── inputs.conf
        │       │   ├── auth
        │       │   │   ├── ca.pem
        │       │   │   ├── cacert.pem
        │       │   │   └── server.pem
        │       │   └── system
        │       │   │   └── local
        │       │   │       ├── indexes.conf
        │       │   │       ├── server.conf
        │       │   │       └── web.conf
        │       └── etc_tcp
        │       │   ├── apps
        │       │       ├── search
        │       │       │   └── local
        │       │       │   │   ├── inputs.conf
        │       │       │   │   └── props.conf
        │       │       └── splunk_httpinput
        │       │       │   └── local
        │       │       │       └── inputs.conf
        │       │   └── system
        │       │       └── local
        │       │           ├── indexes.conf
        │       │           └── server.conf
        │   ├── 6.4.6
        │       ├── Dockerfile
        │       ├── entrypoint.sh
        │       ├── etc_ssl
        │       │   ├── apps
        │       │   │   ├── search
        │       │   │   │   └── local
        │       │   │   │   │   └── inputs.conf
        │       │   │   └── splunk_httpinput
        │       │   │   │   └── local
        │       │   │   │       └── inputs.conf
        │       │   ├── auth
        │       │   │   ├── ca.pem
        │       │   │   ├── cacert.pem
        │       │   │   └── server.pem
        │       │   └── system
        │       │   │   └── local
        │       │   │       ├── indexes.conf
        │       │   │       ├── props.conf
        │       │   │       ├── server.conf
        │       │   │       └── web.conf
        │       └── etc_tcp
        │       │   ├── apps
        │       │       ├── search
        │       │       │   └── local
        │       │       │   │   └── inputs.conf
        │       │       └── splunk_httpinput
        │       │       │   └── local
        │       │       │       └── inputs.conf
        │       │   └── system
        │       │       └── local
        │       │           ├── indexes.conf
        │       │           ├── props.conf
        │       │           └── server.conf
        │   └── 6.5.2
        │       ├── Dockerfile
        │       ├── entrypoint.sh
        │       ├── etc_ssl
        │           ├── apps
        │           │   ├── search
        │           │   │   └── local
        │           │   │   │   └── inputs.conf
        │           │   └── splunk_httpinput
        │           │   │   └── local
        │           │   │       └── inputs.conf
        │           ├── auth
        │           │   ├── ca.pem
        │           │   ├── cacert.pem
        │           │   └── server.pem
        │           └── system
        │           │   └── local
        │           │       ├── indexes.conf
        │           │       ├── props.conf
        │           │       ├── server.conf
        │           │       └── web.conf
        │       └── etc_tcp
        │           ├── apps
        │               ├── search
        │               │   └── local
        │               │   │   └── inputs.conf
        │               └── splunk_httpinput
        │               │   └── local
        │               │       └── inputs.conf
        │           └── system
        │               └── local
        │                   ├── indexes.conf
        │                   ├── props.conf
        │                   └── server.conf
    ├── cert
        ├── badcacert.pem
        ├── badclient.key
        ├── badclient.pem
        ├── cacert.pem
        ├── client.key
        └── client.pem
    ├── config
        ├── entrypoint.sh.6.3
        ├── inputs.ssl.conf
        ├── inputs.tcp.conf
        ├── props.conf
        └── server.conf.6.3
    ├── helper.rb
    ├── test_out_splunk_hec.rb
    └── test_out_splunk_tcp.rb


/.gitignore:
--------------------------------------------------------------------------------
 1 | /.bundle/
 2 | /.yardoc
 3 | /Gemfile.lock
 4 | /_yardoc/
 5 | /coverage/
 6 | /doc/
 7 | /pkg/
 8 | /spec/reports/
 9 | /tmp/
10 | 


--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
 1 | # Release v0.10.2 - 2020/03/04
 2 | 
 3 | * out_splunk_hec: Add `auto_generate_channel` parameter
 4 | 
 5 | # Release v0.10.1 - 2020/03/03
 6 | 
 7 | * output: Support v1 multi-workers
 8 | 
 9 | # Release v0.10.0 - 2019/06/13
10 | 
11 | * out_splunk_hec: Send time with nano seconds if possible when `use_fluentd_time` is set to true
12 | 
13 | # Release v0.9.3 - 2019/06/06
14 | 
15 | * out_splunk_hec: Improve sourcetype usage by adding `default_sourcetype`, `sourcetype_key` and `remove_sourcetype_key`
16 | 
17 | # Release v0.9.2 - 2019/03/14
18 | 
19 | ## Enhancements
20 | 
21 | * out_splunk_hec: Add `remove_host_key`, `remove_source_key` and `remove_index_key`
22 | 
23 | # Release v0.9.1 - 2018/08/14
24 | 
25 | ## New Features
26 | 
27 | * Use `yajl` instead of `json` to avoid encoding error
28 | 
29 | # Release v0.9.0 - 2018/05/03
30 | 
31 | ## New Features
32 | 
33 | * Open sourced from fluentd enterprise: `out_splunk_tcp` and `out_splunk_hec`
34 | 


--------------------------------------------------------------------------------
/Gemfile:
--------------------------------------------------------------------------------
1 | source 'https://rubygems.org'
2 | 
3 | # Specify your gem's dependencies in fluent-plugin-splunk.gemspec
4 | gemspec
5 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
  1 | 
  2 |                                  Apache License
  3 |                            Version 2.0, January 2004
  4 |                         http://www.apache.org/licenses/
  5 | 
  6 |    TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
  7 | 
  8 |    1. Definitions.
  9 | 
 10 |       "License" shall mean the terms and conditions for use, reproduction,
 11 |       and distribution as defined by Sections 1 through 9 of this document.
 12 | 
 13 |       "Licensor" shall mean the copyright owner or entity authorized by
 14 |       the copyright owner that is granting the License.
 15 | 
 16 |       "Legal Entity" shall mean the union of the acting entity and all
 17 |       other entities that control, are controlled by, or are under common
 18 |       control with that entity. For the purposes of this definition,
 19 |       "control" means (i) the power, direct or indirect, to cause the
 20 |       direction or management of such entity, whether by contract or
 21 |       otherwise, or (ii) ownership of fifty percent (50%) or more of the
 22 |       outstanding shares, or (iii) beneficial ownership of such entity.
 23 | 
 24 |       "You" (or "Your") shall mean an individual or Legal Entity
 25 |       exercising permissions granted by this License.
 26 | 
 27 |       "Source" form shall mean the preferred form for making modifications,
 28 |       including but not limited to software source code, documentation
 29 |       source, and configuration files.
 30 | 
 31 |       "Object" form shall mean any form resulting from mechanical
 32 |       transformation or translation of a Source form, including but
 33 |       not limited to compiled object code, generated documentation,
 34 |       and conversions to other media types.
 35 | 
 36 |       "Work" shall mean the work of authorship, whether in Source or
 37 |       Object form, made available under the License, as indicated by a
 38 |       copyright notice that is included in or attached to the work
 39 |       (an example is provided in the Appendix below).
 40 | 
 41 |       "Derivative Works" shall mean any work, whether in Source or Object
 42 |       form, that is based on (or derived from) the Work and for which the
 43 |       editorial revisions, annotations, elaborations, or other modifications
 44 |       represent, as a whole, an original work of authorship. For the purposes
 45 |       of this License, Derivative Works shall not include works that remain
 46 |       separable from, or merely link (or bind by name) to the interfaces of,
 47 |       the Work and Derivative Works thereof.
 48 | 
 49 |       "Contribution" shall mean any work of authorship, including
 50 |       the original version of the Work and any modifications or additions
 51 |       to that Work or Derivative Works thereof, that is intentionally
 52 |       submitted to Licensor for inclusion in the Work by the copyright owner
 53 |       or by an individual or Legal Entity authorized to submit on behalf of
 54 |       the copyright owner. For the purposes of this definition, "submitted"
 55 |       means any form of electronic, verbal, or written communication sent
 56 |       to the Licensor or its representatives, including but not limited to
 57 |       communication on electronic mailing lists, source code control systems,
 58 |       and issue tracking systems that are managed by, or on behalf of, the
 59 |       Licensor for the purpose of discussing and improving the Work, but
 60 |       excluding communication that is conspicuously marked or otherwise
 61 |       designated in writing by the copyright owner as "Not a Contribution."
 62 | 
 63 |       "Contributor" shall mean Licensor and any individual or Legal Entity
 64 |       on behalf of whom a Contribution has been received by Licensor and
 65 |       subsequently incorporated within the Work.
 66 | 
 67 |    2. Grant of Copyright License. Subject to the terms and conditions of
 68 |       this License, each Contributor hereby grants to You a perpetual,
 69 |       worldwide, non-exclusive, no-charge, royalty-free, irrevocable
 70 |       copyright license to reproduce, prepare Derivative Works of,
 71 |       publicly display, publicly perform, sublicense, and distribute the
 72 |       Work and such Derivative Works in Source or Object form.
 73 | 
 74 |    3. Grant of Patent License. Subject to the terms and conditions of
 75 |       this License, each Contributor hereby grants to You a perpetual,
 76 |       worldwide, non-exclusive, no-charge, royalty-free, irrevocable
 77 |       (except as stated in this section) patent license to make, have made,
 78 |       use, offer to sell, sell, import, and otherwise transfer the Work,
 79 |       where such license applies only to those patent claims licensable
 80 |       by such Contributor that are necessarily infringed by their
 81 |       Contribution(s) alone or by combination of their Contribution(s)
 82 |       with the Work to which such Contribution(s) was submitted. If You
 83 |       institute patent litigation against any entity (including a
 84 |       cross-claim or counterclaim in a lawsuit) alleging that the Work
 85 |       or a Contribution incorporated within the Work constitutes direct
 86 |       or contributory patent infringement, then any patent licenses
 87 |       granted to You under this License for that Work shall terminate
 88 |       as of the date such litigation is filed.
 89 | 
 90 |    4. Redistribution. You may reproduce and distribute copies of the
 91 |       Work or Derivative Works thereof in any medium, with or without
 92 |       modifications, and in Source or Object form, provided that You
 93 |       meet the following conditions:
 94 | 
 95 |       (a) You must give any other recipients of the Work or
 96 |           Derivative Works a copy of this License; and
 97 | 
 98 |       (b) You must cause any modified files to carry prominent notices
 99 |           stating that You changed the files; and
100 | 
101 |       (c) You must retain, in the Source form of any Derivative Works
102 |           that You distribute, all copyright, patent, trademark, and
103 |           attribution notices from the Source form of the Work,
104 |           excluding those notices that do not pertain to any part of
105 |           the Derivative Works; and
106 | 
107 |       (d) If the Work includes a "NOTICE" text file as part of its
108 |           distribution, then any Derivative Works that You distribute must
109 |           include a readable copy of the attribution notices contained
110 |           within such NOTICE file, excluding those notices that do not
111 |           pertain to any part of the Derivative Works, in at least one
112 |           of the following places: within a NOTICE text file distributed
113 |           as part of the Derivative Works; within the Source form or
114 |           documentation, if provided along with the Derivative Works; or,
115 |           within a display generated by the Derivative Works, if and
116 |           wherever such third-party notices normally appear. The contents
117 |           of the NOTICE file are for informational purposes only and
118 |           do not modify the License. You may add Your own attribution
119 |           notices within Derivative Works that You distribute, alongside
120 |           or as an addendum to the NOTICE text from the Work, provided
121 |           that such additional attribution notices cannot be construed
122 |           as modifying the License.
123 | 
124 |       You may add Your own copyright statement to Your modifications and
125 |       may provide additional or different license terms and conditions
126 |       for use, reproduction, or distribution of Your modifications, or
127 |       for any such Derivative Works as a whole, provided Your use,
128 |       reproduction, and distribution of the Work otherwise complies with
129 |       the conditions stated in this License.
130 | 
131 |    5. Submission of Contributions. Unless You explicitly state otherwise,
132 |       any Contribution intentionally submitted for inclusion in the Work
133 |       by You to the Licensor shall be under the terms and conditions of
134 |       this License, without any additional terms or conditions.
135 |       Notwithstanding the above, nothing herein shall supersede or modify
136 |       the terms of any separate license agreement you may have executed
137 |       with Licensor regarding such Contributions.
138 | 
139 |    6. Trademarks. This License does not grant permission to use the trade
140 |       names, trademarks, service marks, or product names of the Licensor,
141 |       except as required for reasonable and customary use in describing the
142 |       origin of the Work and reproducing the content of the NOTICE file.
143 | 
144 |    7. Disclaimer of Warranty. Unless required by applicable law or
145 |       agreed to in writing, Licensor provides the Work (and each
146 |       Contributor provides its Contributions) on an "AS IS" BASIS,
147 |       WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
148 |       implied, including, without limitation, any warranties or conditions
149 |       of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
150 |       PARTICULAR PURPOSE. You are solely responsible for determining the
151 |       appropriateness of using or redistributing the Work and assume any
152 |       risks associated with Your exercise of permissions under this License.
153 | 
154 |    8. Limitation of Liability. In no event and under no legal theory,
155 |       whether in tort (including negligence), contract, or otherwise,
156 |       unless required by applicable law (such as deliberate and grossly
157 |       negligent acts) or agreed to in writing, shall any Contributor be
158 |       liable to You for damages, including any direct, indirect, special,
159 |       incidental, or consequential damages of any character arising as a
160 |       result of this License or out of the use or inability to use the
161 |       Work (including but not limited to damages for loss of goodwill,
162 |       work stoppage, computer failure or malfunction, or any and all
163 |       other commercial damages or losses), even if such Contributor
164 |       has been advised of the possibility of such damages.
165 | 
166 |    9. Accepting Warranty or Additional Liability. While redistributing
167 |       the Work or Derivative Works thereof, You may choose to offer,
168 |       and charge a fee for, acceptance of support, warranty, indemnity,
169 |       or other liability obligations and/or rights consistent with this
170 |       License. However, in accepting such obligations, You may act only
171 |       on Your own behalf and on Your sole responsibility, not on behalf
172 |       of any other Contributor, and only if You agree to indemnify,
173 |       defend, and hold each Contributor harmless for any liability
174 |       incurred by, or claims asserted against, such Contributor by reason
175 |       of your accepting any such warranty or additional liability.
176 | 
177 |    END OF TERMS AND CONDITIONS
178 | 
179 |    APPENDIX: How to apply the Apache License to your work.
180 | 
181 |       To apply the Apache License to your work, attach the following
182 |       boilerplate notice, with the fields enclosed by brackets "[]"
183 |       replaced with your own identifying information. (Don't include
184 |       the brackets!)  The text should be enclosed in the appropriate
185 |       comment syntax for the file format. We also recommend that a
186 |       file or class name and description of purpose be included on the
187 |       same "printed page" as the copyright notice for easier
188 |       identification within third-party archives.
189 | 
190 |    Copyright 2011-2018 Fluentd Authors
191 | 
192 |    Licensed under the Apache License, Version 2.0 (the "License");
193 |    you may not use this file except in compliance with the License.
194 |    You may obtain a copy of the License at
195 | 
196 |        http://www.apache.org/licenses/LICENSE-2.0
197 | 
198 |    Unless required by applicable law or agreed to in writing, software
199 |    distributed under the License is distributed on an "AS IS" BASIS,
200 |    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
201 |    See the License for the specific language governing permissions and
202 |    limitations under the License.
203 | 


--------------------------------------------------------------------------------
/README.hec.md:
--------------------------------------------------------------------------------
  1 | # out_splunk_hec - Splunk HTTP Event Collector Output Plugin
  2 | 
  3 | ## Table of Contents
  4 | 
  5 | * [Example Configuration](#example-configuration)
  6 | * [Parameters](#parameters)
  7 |    * [type (required)](#type-required)
  8 |    * [host (required)](#host-required)
  9 |    * [port (required)](#port-required)
 10 |    * [token (required)](#token-required)
 11 |    * [default_host](#default_host)
 12 |    * [host_key](#host_key)
 13 |    * [default_source](#default_source)
 14 |    * [source_key](#source_key)
 15 |    * [default_index](#default_index)
 16 |    * [index_key](#index_key)
 17 |    * [default_sourcetype](#default_sourcetype)
 18 |    * [sourcetype](#sourcetype)
 19 |    * [sourcetype_key](#sourcetype_key)
 20 |    * [remove_sourcetype_key](#remove_sourcetype_key)
 21 |    * [use_fluentd_time](#use_fluentd_time)
 22 |    * [time_as_integer](#time_as_integer) 
 23 |    * [use_ack](#use_ack)
 24 |    * [channel](#channel)
 25 |    * [auto_generate_channel](#auto_generate_channel)
 26 |    * [ack_interval](#ack_interval)
 27 |    * [ack_retry_limit](#ack_retry_limit)
 28 |    * [raw](#raw)
 29 |    * [event_key](#event_key)
 30 |    * [line_breaker](#line_breaker)
 31 |    * [use_ssl](#use_ssl)
 32 |    * [ssl_verify](#ssl_verify)
 33 |    * [ca_file](#ca_file)
 34 |    * [client_cert](#client_cert)
 35 |    * [client_key](#client_key)
 36 |    * [client_key_pass](#client_key_pass)
 37 | 
 38 | ## Example Configuration
 39 | 
 40 | ```
 41 | <match splunk.**>
 42 |   @type splunk_hec
 43 |   host example.com
 44 |   port 8089
 45 |   token 00000000-0000-0000-0000-000000000000
 46 | 
 47 |   # metadata parameter
 48 |   default_source fluentd
 49 | 
 50 |   # ack parameter
 51 |   use_ack true
 52 |   channel 8e69d7b3-f266-e9f3-2747-cc5b7f809897
 53 |   ack_retry_limit 8
 54 | 
 55 |   # ssl parameter
 56 |   use_ssl true
 57 |   ca_file /path/to/ca.pem
 58 | 
 59 |   # buffered output parameter
 60 |   flush_interval 10s
 61 | </match>
 62 | ```
 63 | 
 64 | ## Parameters
 65 | 
 66 | ### type (required)
 67 | 
 68 | The value must be `splunk_hec`.
 69 | 
 70 | ### host (required)
 71 | 
 72 | The Splunk hostname.
 73 | 
 74 | ### port (required)
 75 | 
 76 | The Splunk port.
 77 | 
 78 | ### token (required)
 79 | 
 80 | The token for HTTP Event Collector.
 81 | 
 82 | ### default_host
 83 | 
 84 | If you set this, the value is set as host metadata.
 85 | 
 86 | ### host_key
 87 | 
 88 | If you set this, the value associated with this key in each record is used as host metadata. When the key is missing, `default_host` is used.
 89 | 
 90 | ### remove_host_key
 91 | 
 92 | If you set this, the field specified by the `host_key` will be removed
 93 | 
 94 | ### default_source
 95 | 
 96 | If you set this, the value is set as source metadata.
 97 | 
 98 | ### source_key
 99 | 
100 | If you set this, the value associated with this key in each record is used as source metadata. When the key is missing, `default_source` is used.
101 | 
102 | ### remove_source_key
103 | 
104 | If you set this, the field specified by the `source_key` will be removed
105 | 
106 | ### default_index
107 | 
108 | If you set this, the value is set as index metadata.
109 | 
110 | ### index_key
111 | 
112 | If you set this, the value associated with this key in each record is used as index metadata. When the key is missing, `default_index` is used.
113 | 
114 | ### remove_index_key
115 | 
116 | If you set this, the field specified by the `index_key` will be removed
117 | 
118 | ### default_sourcetype
119 | 
120 | If you set this, the value is set as sourcetype metadata if `sourcetype_key` is not set or not found in the record.
121 | 
122 | ### sourcetype
123 | 
124 | Deprecated. Same as `default_sourcetype`, kept for backwards compability.
125 | 
126 | ### sourcetype_key
127 | 
128 | If you set this, the value associated with this key in each record is used as sourcetype metadata. When the key is missing, `default_sourcetype` is used.
129 | 
130 | ### remove_sourcetype_key
131 | 
132 | If you set this, the field specified by the `sourcetype_key` will be removed
133 | 
134 | ### use_fluentd_time
135 | 
136 | The default: `true`
137 | 
138 | If set true, fluentd's timestamp is used as time metadata. If the record already has its own time value, this options should be `false`.
139 | 
140 | ### time_as_integer
141 | 
142 | The default: `true`
143 | 
144 | Only used when `use_fluentd_time` is `true`. If set to `true` (default), time will be sent as integer seconds to Splunk, whereas if set to `false`, it will be sent with nano seconds.
145 | 
146 | ### use_ack
147 | 
148 | Enable/Disable [Indexer acknowledgement](https://www.google.co.jp/search?q=splunk+http+ack&oq=splunk+http+ack&aqs=chrome..69i57j69i60l2.2725j0j9&sourceid=chrome&ie=UTF-8). When this is set `true`, `channel` parameter is required.
149 | 
150 | ### channel
151 | 
152 | This is used as [channel identifier](http://dev.splunk.com/view/event-collector/SP-CAAAE8X#aboutchannels).
153 |  When you set `use_ack` or `raw`, this parameter is required.
154 | 
155 | ### auto_generate_channel
156 |  The default: `false`
157 | 
158 |  This is used as auto generate channel, channel param is ignored if this param is set to true.
159 | 
160 | ### ack_interval
161 | 
162 | The default: `1`
163 | 
164 | Specify how many seconds the plugin should wait between checks for Indexer acknowledgement.
165 | 
166 | ### ack_retry_limit
167 | 
168 | The default: `3`
169 | 
170 | Specify how many times the plugin check Indexer acknowledgement.
171 | 
172 | ### raw
173 | 
174 | Enable [raw mode](http://dev.splunk.com/view/event-collector/SP-CAAAE8Y#raw).
175 | 
176 | On raw mode, the plugin can't configure metadata at event level and time metadata. So `*_key` and `use_fluentd_time` parameters are ignored.
177 | When this is set `true`, `event_key` and `channel` parameter must also be set.
178 | 
179 | Example:
180 | 
181 | * configuration: `raw = true, event_key = "log"`
182 | * fluentd record: `1490924392 {"foo": "bar", "log": "GET / HTTP/1.1 200"}`
183 | * sent as: `GET / HTTP/1.1 200`
184 | 
185 | ### event_key
186 | 
187 | Only for raw mode. The value specified by this key is sent as an event.
188 | When `raw` is set to `true`, this parameter is required.
189 | 
190 | * fluentd record: `1490924392 {"log": "GET / HTTP/1.1 200"}`
191 | * sent as: `GET / HTTP/1.1 200`
192 | 
193 | ### line_breaker
194 | 
195 | The default: `"\n"`
196 | 
197 | The line breaker used when multiple records are sent at once.
198 | 
199 | ### use_ssl
200 | 
201 | The default: `false`
202 | 
203 | Use SSL when connecting to Splunk.
204 | 
205 | ### ssl_verify
206 | 
207 | The default: `true`
208 | 
209 | Enable/Disable SSL certificate verification.
210 | 
211 | ### ca_file
212 | 
213 | The path of CA file.
214 | 
215 | ### client_cert
216 | 
217 | The path of client certificate file.
218 | 
219 | ### client_key
220 | 
221 | The path of client key file
222 | 
223 | ### client_key_pass
224 | 
225 | The passphrase of client key.
226 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # fluent-plugin-splunk-enterprise
 2 | 
 3 | ## Table of Contents
 4 | 
 5 | * [Installation](#installation)
 6 | * [out_splunk_hec](#out_splunk_hec)
 7 | * [out_splunk_tcp](#out_splunk_tcp)
 8 | * [Running test](#running-tests)
 9 | 
10 | ## Installation
11 | 
12 | ```
13 | $ fluent-gem install fluent-plugin-splunk-enterprise
14 | ```
15 | 
16 | ## [out_splunk_hec](/README.hec.md)
17 | 
18 | Splunk HTTP Event Collector Output plugin
19 | 
20 | http://dev.splunk.com/view/event-collector/SP-CAAAE6M
21 | 
22 | ## [out_splunk_tcp](/README.tcp.md)
23 | 
24 | Splunk TCP inputs Output Plugin
25 | 
26 | http://docs.splunk.com/Documentation/Splunk/latest/Data/Monitornetworkports
27 | 
28 | ## Running tests
29 | 
30 | Available Splunk versions in tests are `6.5.2`, `6.4.6`, `6.3.9`, `6,2.12`, `6.1.13` and `6.0.14`.
31 | 
32 | Start a docker instance Splunk.
33 | 
34 | ```
35 | $ ./docker.sh build <splunk_version>
36 | $ ./docker.sh run <splunk_version>
37 | ```
38 | 
39 | Run tests.
40 | 
41 | ```
42 | $ SPLUNK_VERSION=<splunk_version> bundle exec rake test
43 | ```
44 | 


--------------------------------------------------------------------------------
/README.tcp.md:
--------------------------------------------------------------------------------
  1 | # out_splunk_tcp - Splunk TCP inputs Output Plugin
  2 | 
  3 | ## Table of Contents
  4 | 
  5 | * [Example Configuration](#example-configuration)
  6 |    * [not formatted by the plugin](#not-formatted-by-the-plugin)
  7 |    * [formatted by the plugin](#formatted-by-the-plugin)
  8 | * [Parameters](#parameters)
  9 |    * [type (required)](#type-required)
 10 |    * [host (required)](#host-required)
 11 |    * [port (required)](#port-required)
 12 |    * [format](#format)
 13 |    * [event_key](#event_key)
 14 |    * [use_fluentd_time](#use_fluentd_time)
 15 |    * [time_key](#time_key)
 16 |    * [time_format](#time_format)
 17 |    * [localtime](#localtime)
 18 |    * [line_breaker](#line_breaker)
 19 |    * [use_ssl](#use_ssl)
 20 |    * [ssl_verify](#ssl_verify)
 21 |    * [ca_file](#ca_file)
 22 |    * [client_cert](#client_cert)
 23 |    * [client_key](#client_key)
 24 |    * [client_key_pass](#client_key_pass)
 25 | 
 26 | ## Example Configuration
 27 | 
 28 | ### not formatted by the plugin
 29 | 
 30 | * fluentd record: `1490924392 {"log": "GET / HTTP/1.1 200"}`
 31 | * sent as: `GET / HTTP/1.1 200`
 32 | 
 33 | 
 34 | ```
 35 | <match splunk.**>
 36 |   @type splunk_tcp
 37 |   host example.com
 38 |   port 8089
 39 | 
 40 |   # format parameter
 41 |   format raw
 42 |   event_key log
 43 | 
 44 |   # ssl parameter
 45 |   use_ssl true
 46 |   ca_file /path/to/ca.pem
 47 | 
 48 |   # buffered output parameter
 49 |   flush_interval 10s
 50 | </match>
 51 | ```
 52 | 
 53 | ### formatted by the plugin
 54 | 
 55 | This example shows json format.
 56 | 
 57 | * fluentd record: `1490924392 {"method": "GET", path: "/", code: 200}`
 58 | * sent as: `{"time": 1490924392, "method": "GET", path: "/", code: 200}`
 59 | 
 60 | ```
 61 | <match splunk.**>
 62 |   @type splunk_tcp
 63 |   host example.com
 64 |   port 8089
 65 | 
 66 |   format json
 67 | 
 68 |   # ssl parameter
 69 |   use_ssl true
 70 |   ca_file /path/to/ca.pem
 71 | 
 72 |   # flush
 73 |   flush_interval 10s
 74 | </match>
 75 | ```
 76 | 
 77 | You can use a sourcetype configuration like the following.
 78 | 
 79 | ```
 80 | [fluentd]
 81 | TIME_PREFIX=\"time\":
 82 | TIME_FORMAT=%s
 83 | KV_MODE=json
 84 | ```
 85 | 
 86 | ## Parameters
 87 | 
 88 | ### type (required)
 89 | 
 90 | The value must be `splunk_tcp`.
 91 | 
 92 | ### host (required)
 93 | 
 94 | The Splunk hostname.
 95 | 
 96 | ### port (required)
 97 | 
 98 | The Splunk port.
 99 | 
100 | ### format
101 | 
102 | #### `raw` (the default)
103 | 
104 | The value specified by `event_key` parameter is sent to Splunk as an event.
105 | If the key missing in a record, nothing is sent. 
106 | 
107 | ##### Related parameters
108 | * event_key 
109 | 
110 | #### `json`
111 | 
112 | `KV_MODE=json` can be used as sourcetype configuration.
113 | 
114 | ##### Related parameters
115 | * use_fluentd_time
116 | * time_key
117 | * time_format
118 | * localtime
119 | 
120 | #### `kv`
121 | 
122 | Key-value pairs like the following.
123 | 
124 | ```
125 | time=1490862563 method="GET" path="/" code=200
126 | ```
127 | 
128 | `KV_MODE=auto` can be used as sourcetype configuration.
129 | 
130 | ##### Related parameters
131 | * use_fluentd_time
132 | * time_key
133 | * time_format
134 | * localtime
135 | 
136 | ### event_key
137 | 
138 | For `raw` format.
139 | 
140 | This parameter is required when the format is `raw`.
141 | 
142 | ### use_fluentd_time
143 | 
144 | For `json` and `kv` format.
145 | The default: `true`
146 | 
147 | If set to `true`, fluentd's timestamp is injected to the top of the record before sent to Splunk.
148 | 
149 | For example, the first record is converted to the next one.
150 | 
151 | ```
152 | {"method": "GET", path: "/", code: 200}
153 | ```
154 | 
155 | ```
156 | {"time": 1490862563, "method": "GET", path: "/", code: 200}
157 | ```
158 | 
159 | If your record already has the column for a timestamp, this parameter should be `false`.
160 | 
161 | ### time_key
162 | 
163 | For `json` and `kv` format.
164 | The default: `time`
165 | 
166 | The key which is inserted into a record by `use_fluend_time` parameter.
167 | 
168 | ### time_format
169 | 
170 | For `json` and `kv` format.
171 | The default: `unixtime`
172 | 
173 | The format of timestamp which is inserted by `use_fluentd_time` parameter.
174 | You can specify a strftime format or `unixtime` (unix timestamp as integer).
175 | 
176 | For example, 
177 | 
178 | ```
179 | time_format %Y-%m-%dT%H:%M:%S%z
180 | ```
181 | 
182 | the first record record is converted to the next one by this `time_format`.
183 | 
184 | ```
185 | {"method": "GET", path: "/", code: 200}
186 | ```
187 | 
188 | ```
189 | {"time": "2017-03-30T08:29:23+0000", "method": "GET", path: "/", code: 200}
190 | ```
191 | 
192 | ### localtime
193 | 
194 | For `json` and `kv` format
195 | The default: `false`
196 | 
197 | If `true`, use local time when the timestamp formatted as the strftime format. Otherwise UTC is used.
198 | 
199 | ### line_breaker
200 | 
201 | The default: `"\n"`
202 | 
203 | The line breaker used when multiple records are sent at once.
204 | 
205 | ### use_ssl
206 | 
207 | The default: `false`
208 | 
209 | Use SSL when connecting to Splunk.
210 | 
211 | ### ssl_verify
212 | 
213 | The default: `true`
214 | 
215 | Enable/Disable SSL certificate verification.
216 | 
217 | ### ca_file
218 | 
219 | The path of CA file.
220 | 
221 | ### client_cert
222 | 
223 | The path of client certificate file.
224 | 
225 | ### client_key
226 | 
227 | The path of client key file
228 | 
229 | ### client_key_pass
230 | 
231 | The passphrase of client key.
232 | 


--------------------------------------------------------------------------------
/Rakefile:
--------------------------------------------------------------------------------
 1 | require 'bundler/gem_tasks'
 2 | require 'rake/testtask'
 3 | 
 4 | Rake::TestTask.new do |test|
 5 |   test.libs << 'test'
 6 |   test.pattern = 'test/test_*.rb'
 7 |   test.verbose = true
 8 | end
 9 | 
10 | task default: :test
11 | 
12 | task :coverage do |t|
13 |   ENV['SIMPLE_COV'] = '1'
14 |   Rake::Task['test'].invoke
15 | end
16 | 


--------------------------------------------------------------------------------
/bin/console:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env ruby
 2 | 
 3 | require "bundler/setup"
 4 | require "fluent/plugin/splunk"
 5 | 
 6 | # You can add fixtures and/or initialization code here to make experimenting
 7 | # with your gem easier. You can also use a different console, if you like.
 8 | 
 9 | # (If you use this, don't forget to add pry to your Gemfile!)
10 | # require "pry"
11 | # Pry.start
12 | 
13 | require "irb"
14 | IRB.start(__FILE__)
15 | 


--------------------------------------------------------------------------------
/bin/setup:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | set -euo pipefail
3 | IFS=$'\n\t'
4 | set -vx
5 | 
6 | bundle install
7 | 
8 | # Do any other automated setup that you need to do here
9 | 


--------------------------------------------------------------------------------
/docker.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | set -euxo pipefail
 4 | 
 5 | COMMAND=$1
 6 | VERSION=$2
 7 | IMAGE_LOCAL=splunk-for-test:${VERSION}
 8 | 
 9 | PORTS="-p 8000:8000 -p 8089:8089 -p 8191:8191 -p 12300:12300 -p 12301:12301 -p 12302:12302 -p 12303:12303 -p 12304:12304 -p 12305:12305 -p 1514:1514 -p 8088:8088 \
10 |        -p 8200:8200 -p 8289:8289 -p 8391:8391 -p 12500:12500 -p 12501:12501 -p 12502:12502 -p 12503:12503 -p 12504:12504 -p 12505:12505 -p 1714:1714 -p 8288:8288"
11 | 
12 | VOLUME="-v ${PWD}/test/config/props.conf:/opt/splunk_tcp/etc/system/local/props.conf \
13 |         -v ${PWD}/test/config/props.conf:/opt/splunk_ssl/etc/system/local/props.conf \
14 |         -v ${PWD}/test/config/inputs.tcp.conf:/opt/splunk_tcp/etc/apps/search/local/inputs.conf \
15 |         -v ${PWD}/test/config/inputs.ssl.conf:/opt/splunk_ssl/etc/apps/search/local/inputs.conf"
16 | 
17 | if [ "$VERSION" = "6.3.9" ]; then
18 |   VOLUME="${VOLUME} \
19 |           -v ${PWD}/test/config/server.conf.6.3:/opt/splunk_ssl/etc/system/local/server.conf.original \
20 |           -v ${PWD}/test/config/entrypoint.sh.6.3:/sbin/entrypoint.sh"
21 | 
22 | fi
23 | 
24 | case "$COMMAND" in
25 |   run)
26 |     docker run -d --entrypoint=/bin/bash ${PORTS} ${VOLUME} ${IMAGE_LOCAL} /sbin/entrypoint.sh
27 |     ;;
28 |   stop)
29 |     docker stop $(docker ps -q --filter ancestor=${IMAGE_LOCAL})
30 |     ;;
31 |   build)
32 |     docker build -t ${IMAGE_LOCAL} test/Dockerfiles/enterprise/${VERSION}
33 |     ;;
34 |   force_build)
35 |     docker build --no-cache=true -t ${IMAGE_LOCAL} test/Dockerfiles/enterprise/${VERSION}
36 |     ;;
37 |   *)
38 |     echo "Unkowon command"
39 |     exit 1
40 |     ;;
41 | esac
42 | 


--------------------------------------------------------------------------------
/fluent-plugin-splunk-enterprise.gemspec:
--------------------------------------------------------------------------------
 1 | # coding: utf-8
 2 | lib = File.expand_path('../lib', __FILE__)
 3 | $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 4 | 
 5 | Gem::Specification.new do |spec|
 6 |   spec.name          = "fluent-plugin-splunk-enterprise"
 7 |   spec.version       = "0.10.2"
 8 |   spec.authors       = ["Yuki Ito", "Masahiro Nakagawa"]
 9 |   spec.email         = ["yito@treasure-data.com", "repeatedly@gmail.com"]
10 | 
11 |   spec.summary       = %q{Splunk output plugin for Fluentd}
12 |   spec.description   = spec.summary
13 |   spec.homepage      = ""
14 |   spec.license       = "Apache-2.0"
15 | 
16 |   spec.files         = `git ls-files -z`.split("\x0").reject do |f|
17 |     f.match(%r{^(test|spec|features)/})
18 |   end
19 |   spec.bindir        = "exe"
20 |   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
21 |   spec.require_paths = ["lib"]
22 | 
23 |   spec.add_dependency 'fluentd', [">= 0.12.0"]
24 |   spec.add_dependency 'json'
25 |   spec.add_dependency 'httpclient'
26 | 
27 |   spec.add_development_dependency "rake", ">= 12.3.3"
28 |   spec.add_development_dependency "test-unit", ">= 3.0.8"
29 |   spec.add_development_dependency "simplecov", ">= 0.10.0"
30 | end
31 | 


--------------------------------------------------------------------------------
/lib/fluent/plugin/out_splunk_hec.rb:
--------------------------------------------------------------------------------
  1 | require 'fluent/output'
  2 | require 'httpclient'
  3 | require 'json'
  4 | require 'securerandom'
  5 | 
  6 | # http://dev.splunk.com/view/event-collector/SP-CAAAE6P
  7 | 
  8 | module Fluent
  9 |   class SplunkHECOutput < ObjectBufferedOutput
 10 |     Fluent::Plugin.register_output('splunk_hec', self)
 11 | 
 12 |     config_param :host, :string
 13 |     config_param :port, :integer
 14 |     config_param :token, :string
 15 | 
 16 |     # for metadata
 17 |     config_param :default_host, :string, default: nil
 18 |     config_param :host_key, :string, default: nil
 19 |     config_param :remove_host_key, :bool, default: false
 20 |     config_param :default_source, :string, default: nil
 21 |     config_param :source_key, :string, default: nil
 22 |     config_param :remove_source_key, :bool, default: false
 23 |     config_param :default_index, :string, default: nil
 24 |     config_param :index_key, :string, default: nil
 25 |     config_param :remove_index_key, :bool, default: false
 26 |     config_param :sourcetype, :string, default: nil, deprecated: "Use default_sourcetype instead"
 27 |     config_param :default_sourcetype, :string, default: nil
 28 |     config_param :sourcetype_key, :string, default: nil
 29 |     config_param :remove_sourcetype_key, :bool, default: false
 30 |     config_param :use_fluentd_time, :bool, default: true    
 31 | 
 32 |     # for Indexer acknowledgement
 33 |     config_param :use_ack, :bool, default: false
 34 |     config_param :channel, :string, default: nil
 35 |     config_param :auto_generate_channel, :bool, default: false
 36 |     config_param :ack_interval, :integer, default: 1
 37 |     config_param :ack_retry_limit, :integer, default: 3
 38 | 
 39 |     # for raw events
 40 |     config_param :raw, :bool, default: false
 41 |     config_param :event_key, :string, default: nil
 42 | 
 43 |     # misc
 44 |     config_param :line_breaker, :string, default: "\n"
 45 | 
 46 |     ## For SSL
 47 |     config_param :use_ssl, :bool, default: false
 48 |     config_param :ssl_verify, :bool, default: true
 49 |     config_param :ca_file, :string, default: nil
 50 |     config_param :client_cert, :string, default: nil
 51 |     config_param :client_key, :string, default: nil
 52 |     config_param :client_key_pass, :string, default: nil
 53 | 
 54 |     def configure(conf)
 55 |       super
 56 | 
 57 |       if @channel && @auto_generate_channel 
 58 |         log.warn "Both channel and auto_generate_channel are set.. ignoring channel param and auto generating channel instead"
 59 |       end
 60 | 
 61 |       @channel = SecureRandom.uuid if @auto_generate_channel
 62 | 
 63 |       raise ConfigError, "'channel' parameter is required when 'use_ack' is true" if @use_ack && !@channel
 64 |       raise ConfigError, "'ack_interval' parameter must be a non negative integer" if @use_ack && @ack_interval < 0
 65 |       raise ConfigError, "'event_key' parameter is required when 'raw' is true" if @raw && !@event_key
 66 |       raise ConfigError, "'channel' parameter is required when 'raw' is true" if @raw && !@channel
 67 |       
 68 |       @default_sourcetype = @sourcetype if @sourcetype && !@default_sourcetype
 69 | 
 70 |       # build hash for query string
 71 |       if @raw
 72 |         @query = {}
 73 |         @query['host'] = @default_host if @default_host
 74 |         @query['source'] = @default_source if @default_source
 75 |         @query['index'] = @default_index if @default_index
 76 |         @query['sourcetype'] = @default_sourcetype if @default_sourcetype
 77 |       end
 78 |     end
 79 | 
 80 |     def multi_workers_ready?
 81 |       true
 82 |     end
 83 | 
 84 |     def start
 85 |       setup_client
 86 |       super
 87 |     end
 88 | 
 89 |     def shutdown
 90 |       super
 91 |     end
 92 | 
 93 |     def write_objects(_tag, chunk)
 94 |       return if chunk.empty?
 95 | 
 96 |       payload = ''
 97 |       chunk.msgpack_each do |time, record|
 98 |         payload << (@raw ? format_event_raw(record) : format_event(time, record))
 99 |       end
100 |       post_payload(payload) unless payload.empty?
101 |     end
102 | 
103 |     private
104 |     def setup_client
105 |       header = {'Content-type' => 'application/json',
106 |                 'Authorization' => "Splunk #{@token}"}
107 |       header['X-Splunk-Request-Channel'] = @channel if @channel
108 |       base_url = @use_ssl ? URI::HTTPS.build(host: @host, port: @port) : URI::HTTP.build(host: @host, port: @port)
109 |       @client = HTTPClient.new(default_header: header,
110 |                                base_url: base_url)
111 |       if @use_ssl
112 |         verify_mode = (@ssl_verify ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE)
113 |         @client.ssl_config.verify_mode = verify_mode
114 |         @client.ssl_config.add_trust_ca(@ca_file) if @ca_file
115 |         @client.ssl_config.set_client_cert_file(@client_cert, @client_key, @client_key_pass) if @client_cert && @client_key
116 |       end
117 |     end
118 | 
119 |     def format_event(time, record)
120 |       msg = {'event' => record}
121 |       if @use_fluentd_time
122 |         msg['time'] = time.respond_to?('to_f') ? time.to_f : time
123 |       end
124 | 
125 |       # metadata
126 |       if record[@sourcetype_key]
127 |         msg['sourcetype'] = @remove_sourcetype_key ? record.delete(@sourcetype_key) : record[@sourcetype_key]
128 |       elsif @default_sourcetype
129 |         msg['sourcetype'] = @default_sourcetype
130 |       end
131 | 
132 |       if record[@host_key]
133 |         msg['host'] = @remove_host_key ? record.delete(@host_key) : record[@host_key]
134 |       elsif @default_host
135 |         msg['host'] = @default_host
136 |       end
137 | 
138 |       if record[@source_key]
139 |         msg['source'] =  @remove_source_key ? record.delete(@source_key) : record[@source_key]
140 |       elsif @default_source
141 |         msg['source'] = @default_source
142 |       end
143 | 
144 |       if record[@index_key]
145 |         msg['index'] = @remove_index_key ? record.delete(@index_key) : record[@index_key]
146 |       elsif @default_index
147 |         msg['index'] = @default_index
148 |       end
149 | 
150 |       res = Yajl.dump(msg)
151 |       res << @line_breaker
152 |       res
153 |     end
154 | 
155 |     def format_event_raw(record)
156 |       if record[@event_key] and not record[@event_key].strip.empty?
157 |         record[@event_key] + @line_breaker
158 |       else
159 |         log.debug "Discarding empty line"
160 |         ''
161 |       end
162 |     end
163 | 
164 |     def post(path, body, query = {})
165 |       @client.post(path, body: body, query: query)
166 |     end
167 | 
168 |     def post_payload(payload)
169 |       res = nil
170 |       if @raw
171 |         res = post('/services/collector/raw', payload, @query)
172 |       else
173 |         res = post('/services/collector', payload)
174 |       end
175 |       log.debug "Splunk response: #{res.body}"
176 |       if @use_ack
177 |         res_json = JSON.parse(res.body)
178 |         ack_id = res_json['ackId']
179 |         check_ack(ack_id, @ack_retry_limit)
180 |       end
181 |     end
182 | 
183 |     def check_ack(ack_id, retries)
184 |       raise "failed to index the data ack_id=#{ack_id}" if retries < 0
185 | 
186 |       ack_res = post('/services/collector/ack', {'acks' => [ack_id]}.to_json)
187 |       ack_res_json = JSON.parse(ack_res.body)
188 |       if ack_res_json['acks'] && ack_res_json['acks'][ack_id.to_s]
189 |         return
190 |       else
191 |         sleep(@ack_interval)
192 |         check_ack(ack_id, retries - 1)
193 |       end
194 |     end
195 |   end
196 | end
197 | 


--------------------------------------------------------------------------------
/lib/fluent/plugin/out_splunk_tcp.rb:
--------------------------------------------------------------------------------
  1 | require 'fluent/output'
  2 | require 'fluent/formatter'
  3 | require 'fluent/config/error'
  4 | require 'socket'
  5 | require 'openssl'
  6 | require 'json'
  7 | 
  8 | # http://dev.splunk.com/view/event-collector/SP-CAAAE6P
  9 | 
 10 | module Fluent
 11 |   class SplunkTCPOutput < ObjectBufferedOutput
 12 |     Fluent::Plugin.register_output('splunk_tcp', self)
 13 | 
 14 |     config_param :host, :string
 15 |     config_param :port, :integer
 16 | 
 17 |     config_param :format, :string, default: 'raw'
 18 | 
 19 |     # for raw format
 20 |     config_param :event_key, :string, default: nil
 21 | 
 22 |     # for json, kv format
 23 |     config_param :use_fluentd_time, :bool, default: true
 24 |     config_param :time_key, :string, default: 'time'
 25 |     config_param :time_format, :string, default: 'unixtime'
 26 |     config_param :localtime, :bool, default: false
 27 | 
 28 |     config_param :line_breaker, :string, default: "\n"
 29 | 
 30 |     ## For SSL
 31 |     config_param :use_ssl, :bool, default: false
 32 |     config_param :ssl_verify, :bool, default: true
 33 |     config_param :ca_file, :string, default: nil
 34 |     config_param :client_cert, :string, default: nil
 35 |     config_param :client_key, :string, default: nil
 36 |     config_param :client_key_pass, :string, default: nil
 37 | 
 38 |     def implement?(feature)
 39 |       if feature == :custom_format
 40 |         return false
 41 |       end
 42 |       super
 43 |     end
 44 | 
 45 |     def configure(conf)
 46 |       super
 47 | 
 48 |       case @time_format
 49 |       when 'unixtime'
 50 |         @time_formatter = lambda {|time| time }
 51 |       else
 52 |         @timef = Fluent::TimeFormatter.new(@time_format, @localtime)
 53 |         @time_formatter = lambda {|time| @timef.format(time) }
 54 |       end
 55 | 
 56 |       case @format
 57 |       when 'json'
 58 |         if @use_fluentd_time
 59 |           @formatter = lambda {|time, record| Yajl.dump(insert_time_to_front(time, record)) }
 60 |         else
 61 |           @formatter = lambda {|_time, record| Yajl.dump(record) }
 62 |         end
 63 |       when 'kv'
 64 |         if @use_fluentd_time
 65 |           @formatter = lambda {|time, record| format_kv(insert_time_to_front(time, record)) }
 66 |         else
 67 |           @formatter = lambda {|_time, record| format_kv(record) }
 68 |         end
 69 |       when 'raw'
 70 |         unless @event_key
 71 |           raise ConfigError, "'event_key' option is required for format 'raw'"
 72 |         end
 73 |         @formatter = lambda {|_time, record| record[@event_key] || '' }
 74 |       else
 75 |         raise ConfigError, "invalid 'format' option: #{@format}"
 76 |       end
 77 |     end
 78 | 
 79 |     def multi_workers_ready?
 80 |       true
 81 |     end
 82 | 
 83 |     def start
 84 |       super
 85 |     end
 86 | 
 87 |     def shutdown
 88 |       super
 89 |     end
 90 | 
 91 |     def write_objects(_tag, chunk)
 92 |       return if chunk.empty?
 93 | 
 94 |       payload = ''
 95 |       chunk.msgpack_each do |time, record|
 96 |         event = @formatter.call(time, record)
 97 |         unless event.empty?
 98 |           payload << event
 99 |           payload << @line_breaker
100 |         end
101 |       end
102 | 
103 |       unless payload.empty?
104 |         sock = create_socket
105 |         sock.write(payload)
106 |         sock.close
107 |       end
108 |     end
109 | 
110 |     private
111 |     def insert_time_to_front(time, record)
112 |       record.delete(@time_key)
113 |       {@time_key => @time_formatter.call(time)}.merge(record)
114 |     end
115 | 
116 |     def format_kv(record)
117 |       record.map{|k,v|
118 |         case v
119 |         when nil
120 |           "#{k}="
121 |         when Integer
122 |           "#{k}=#{v}"
123 |         when Float
124 |           "#{k}=#{v}"
125 |         else
126 |           "#{k}=\"#{v.to_s.gsub('"', '\"')}\""
127 |         end
128 |       }.join(' ')
129 |     end
130 | 
131 |     def create_socket
132 |       @use_ssl ? create_ssl_socket : create_tcp_socket
133 |     end
134 | 
135 |     def create_ssl_socket
136 |       ctx = OpenSSL::SSL::SSLContext.new
137 |       verify_mode = (@ssl_verify ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE)
138 |       ctx.verify_mode = verify_mode
139 |       ctx.cert = OpenSSL::X509::Certificate.new(File.read(@client_cert)) if @client_cert
140 |       ctx.key = OpenSSL::PKey::RSA.new(File.read(@client_key), @client_key_pass) if @client_key
141 | 
142 |       cert_store = OpenSSL::X509::Store.new
143 |       cert_store.set_default_paths
144 |       cert_store.add_file(@ca_file) if @ca_file
145 | 
146 |       ctx.cert_store = cert_store
147 | 
148 |       tcpsock = create_tcp_socket
149 |       sock = OpenSSL::SSL::SSLSocket.new(tcpsock, ctx)
150 |       sock.sync_close = true
151 |       sock.connect
152 |       sock
153 |     end
154 | 
155 |     def create_tcp_socket
156 |       TCPSocket.open(@host, @port)
157 |     end
158 |   end
159 | end
160 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM debian:jessie
 2 | 
 3 | ENV SPLUNK_PRODUCT splunk
 4 | ENV SPLUNK_VERSION 6.0.14
 5 | ENV SPLUNK_BUILD 278382
 6 | ENV SPLUNK_FILENAME splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-x86_64.tgz
 7 | 
 8 | ENV SPLUNK_HOME_TCP /opt/splunk_tcp
 9 | ENV SPLUNK_HOME_SSL /opt/splunk_ssl
10 | 
11 | ENV SPLUNK_GROUP splunk
12 | ENV SPLUNK_USER splunk
13 | 
14 | ARG DEBIAN_FRONTEND=noninteractive
15 | 
16 | # add splunk:splunk user
17 | RUN groupadd -r ${SPLUNK_GROUP} \
18 |     && useradd -r -m -g ${SPLUNK_GROUP} ${SPLUNK_USER}
19 | 
20 | # make the "en_US.UTF-8" locale so splunk will be utf-8 enabled by default
21 | RUN apt-get update && apt-get install -y locales \
22 |     && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
23 | ENV LANG en_US.utf8
24 | 
25 | # pdfgen dependency
26 | RUN apt-get install -y libgssapi-krb5-2
27 | 
28 | # Download official Splunk release, verify checksum and unzip in /opt/splunk_{tcp,ssl}
29 | RUN apt-get install -y wget sudo \
30 |     && mkdir -p ${SPLUNK_HOME_TCP} \
31 |     && mkdir -p ${SPLUNK_HOME_SSL} \
32 |     && wget -qO /tmp/${SPLUNK_FILENAME} https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME} \
33 |     && wget -qO /tmp/${SPLUNK_FILENAME}.md5 https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME}.md5 \
34 |     && (cd /tmp && md5sum -c ${SPLUNK_FILENAME}.md5) \
35 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_TCP} \
36 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_SSL} \
37 |     && rm /tmp/${SPLUNK_FILENAME} \
38 |     && rm /tmp/${SPLUNK_FILENAME}.md5 \
39 |     && apt-get purge -y --auto-remove wget \
40 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_TCP} \
41 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_SSL} \
42 |     && rm -rf /var/lib/apt/lists/*
43 | 
44 | ##### Copy config files #####
45 | ### TCP
46 | ## TCP raw
47 | # etc/apps/search/local/{inputs,props}.conf
48 | ## system config
49 | # etc/system/local/server.conf
50 | 
51 | ### SSL
52 | ## TCP raw
53 | # etc/apps/search/local/{inputs,props}.conf
54 | ## Certificates
55 | # etc/auth/server.pem
56 | # etc/auth/cacert.pem
57 | ## system config
58 | # etc/system/local/server.conf
59 | # etc/system/local/web.conf
60 | 
61 | COPY etc_tcp/apps/search/local/inputs.conf ${SPLUNK_HOME_TCP}/etc/apps/search/local/inputs.conf
62 | COPY etc_tcp/apps/search/local/props.conf ${SPLUNK_HOME_TCP}/etc/apps/search/local/props.conf
63 | COPY etc_ssl/apps/search/local/inputs.conf ${SPLUNK_HOME_SSL}/etc/apps/search/local/inputs.conf
64 | COPY etc_ssl/apps/search/local/props.conf ${SPLUNK_HOME_SSL}/etc/apps/search/local/props.conf
65 | 
66 | COPY etc_ssl/auth/server.pem ${SPLUNK_HOME_SSL}/etc/auth/server.pem
67 | COPY etc_ssl/auth/cacert.pem ${SPLUNK_HOME_SSL}/etc/auth/cacert.pem
68 | 
69 | COPY etc_tcp/system/local/server.conf ${SPLUNK_HOME_TCP}/etc/system/local/server.conf
70 | COPY etc_ssl/system/local/server.conf ${SPLUNK_HOME_SSL}/etc/system/local/server.conf
71 | COPY etc_ssl/system/local/web.conf ${SPLUNK_HOME_SSL}/etc/system/local/web.conf
72 | 
73 | COPY entrypoint.sh /sbin/entrypoint.sh
74 | RUN chmod +x /sbin/entrypoint.sh
75 | 
76 | # Ports Splunk Web, Splunk Daemon, KVStore, Splunk Indexing Port, Network Input
77 | #EXPOSE 8000/tcp 8089/tcp 8191/tcp 12300/tcp 1514
78 | #EXPOSE 8200/tcp 8289/tcp 8391/tcp 11250/tcp 1714
79 | 
80 | WORKDIR /opt
81 | 
82 | ENTRYPOINT ["/sbin/entrypoint.sh"]
83 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e
 4 | 
 5 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_TCP}/etc/splunk-launch.conf
 6 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_SSL}/etc/splunk-launch.conf
 7 | 
 8 | SPLUNK_HOME=$SPLUNK_HOME_TCP sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk start --accept-license
 9 | SPLUNK_HOME=$SPLUNK_HOME_SSL sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk start --accept-license
10 | 
11 | # Trap exit signal and shutdown gracefully
12 | trap "sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk stop; sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk stop" SIGINT SIGTERM EXIT
13 | 
14 | sudo -HEu ${SPLUNK_USER} tail -n 0 -f ${SPLUNK_HOME_TCP}/var/log/splunk/splunkd_stderr.log &
15 | wait
16 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/etc_ssl/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [SSL]
2 | serverCert=$SPLUNK_HOME/etc/auth/server.pem
3 | rootCA=$SPLUNK_HOME/etc/auth/cacert.pem
4 | requireClientCert=true
5 | 
6 | [tcp-ssl://12500]
7 | sourcetype = fluentd
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/etc_ssl/apps/search/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/etc_ssl/auth/ca.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/etc_ssl/auth/cacert.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/etc_ssl/auth/server.pem:
--------------------------------------------------------------------------------
  1 | Certificate:
  2 |     Data:
  3 |         Version: 3 (0x2)
  4 |         Serial Number: 1 (0x1)
  5 |     Signature Algorithm: sha256WithRSAEncryption
  6 |         Issuer: C=JP, ST=Tokyo, L=Tokyo, O=Tokyo, OU=Tokyo, CN=myCA
  7 |         Validity
  8 |             Not Before: Apr  4 15:18:05 2018 GMT
  9 |             Not After : Apr  1 15:18:05 2028 GMT
 10 |         Subject: C=JP, ST=Tokyo, O=Tokyo, OU=Tokyo, CN=127.0.0.1
 11 |         Subject Public Key Info:
 12 |             Public Key Algorithm: rsaEncryption
 13 |                 Public-Key: (2048 bit)
 14 |                 Modulus:
 15 |                     00:b3:56:b9:5d:39:ac:a8:21:39:0a:ec:32:61:00:
 16 |                     70:79:ad:23:f9:bb:cc:b7:9a:00:8d:68:21:48:eb:
 17 |                     ab:de:cb:f2:84:cb:a9:dc:6e:ef:47:4e:be:1d:c1:
 18 |                     65:92:91:45:2d:21:8b:57:88:28:7e:46:df:6d:49:
 19 |                     7c:47:d7:66:8c:cf:48:10:d9:ef:10:04:87:a5:67:
 20 |                     08:fd:5f:90:94:11:5c:db:0c:3b:d4:53:05:2a:42:
 21 |                     dc:1d:38:53:64:7a:58:0b:6d:4d:cc:9b:3e:17:87:
 22 |                     41:26:fe:eb:d5:7d:8d:51:4c:0b:0b:59:24:f3:50:
 23 |                     d7:ac:fd:95:45:e1:a2:07:cf:a1:02:33:e2:4a:56:
 24 |                     a7:a8:bf:36:e3:a2:b9:1f:4f:28:16:58:a5:45:79:
 25 |                     37:0e:5b:ba:62:fd:47:71:8a:05:5e:c0:ba:6d:42:
 26 |                     cf:70:a6:67:69:78:d6:58:c1:3e:3b:61:df:d4:b9:
 27 |                     0d:e1:5e:86:64:26:03:ca:bd:a0:19:39:84:08:fe:
 28 |                     5c:ce:7d:37:f2:2f:e7:43:29:f3:44:e6:4f:17:be:
 29 |                     a7:57:4b:37:6b:e7:b5:a0:cf:d8:fe:d6:72:cb:52:
 30 |                     db:d4:79:77:2b:6d:1c:12:e1:3c:36:16:c6:b6:68:
 31 |                     3a:1f:09:23:db:2a:71:20:4e:37:d0:a5:4d:ac:fb:
 32 |                     ee:ed
 33 |                 Exponent: 65537 (0x10001)
 34 |         X509v3 extensions:
 35 |             X509v3 Basic Constraints: 
 36 |                 CA:FALSE
 37 |             Netscape Comment: 
 38 |                 OpenSSL Generated Certificate
 39 |             X509v3 Subject Key Identifier: 
 40 |                 88:20:EE:CB:45:DC:D2:B2:2C:C6:B0:5D:E3:6B:7C:BB:54:22:DB:87
 41 |             X509v3 Authority Key Identifier: 
 42 |                 keyid:06:04:6D:1D:89:9C:4B:18:13:4C:CF:34:F6:79:7B:14:8F:F0:9E:CB
 43 | 
 44 |     Signature Algorithm: sha256WithRSAEncryption
 45 |          6b:31:2b:aa:78:52:be:6d:72:b3:86:a1:2f:bc:5d:9a:cc:ff:
 46 |          d2:ac:48:1c:ed:60:b1:f3:bb:fe:9b:3e:63:8d:5c:fe:64:0c:
 47 |          63:8d:2a:d4:7c:d6:66:08:a3:d3:ae:c0:3c:f9:a5:fa:0d:4e:
 48 |          aa:fc:94:ad:ed:5f:a5:df:44:b2:7d:24:c6:8b:41:8a:b9:2f:
 49 |          46:b4:30:1f:e5:c8:0d:4e:33:42:b3:a0:ac:b8:b6:cc:e5:f9:
 50 |          18:56:e7:d6:e2:24:b2:75:e1:03:c0:02:db:73:a9:db:e1:21:
 51 |          69:e5:e0:bd:5e:8c:dc:74:70:22:95:8b:c7:19:f4:1d:2c:df:
 52 |          d1:17:d4:08:06:e8:de:97:32:26:18:a5:79:86:ea:c4:b8:0b:
 53 |          1a:f7:47:c8:5d:d7:81:ce:49:55:dc:fa:92:b1:c9:59:86:d4:
 54 |          e4:9e:c4:d5:dd:43:f9:94:99:c1:75:2c:6a:cf:c4:eb:61:08:
 55 |          76:6c:a0:87:84:37:f2:28:f5:f8:d4:ba:f8:6e:c8:9c:db:8e:
 56 |          c8:aa:fa:d1:06:e5:3c:8b:f0:4e:a2:98:7a:f7:89:f1:40:da:
 57 |          0d:27:8f:b2:f4:50:69:8f:30:39:43:c5:9f:51:72:e2:e9:00:
 58 |          6e:59:08:73:01:fa:96:89:a1:e6:09:f7:c9:12:21:67:fe:1c:
 59 |          58:16:f6:f9
 60 | -----BEGIN CERTIFICATE-----
 61 | MIIDozCCAougAwIBAgIBATANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJKUDEO
 62 | MAwGA1UECAwFVG9reW8xDjAMBgNVBAcMBVRva3lvMQ4wDAYDVQQKDAVUb2t5bzEO
 63 | MAwGA1UECwwFVG9reW8xDTALBgNVBAMMBG15Q0EwHhcNMTgwNDA0MTUxODA1WhcN
 64 | MjgwNDAxMTUxODA1WjBRMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xDjAM
 65 | BgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVUb2t5bzESMBAGA1UEAwwJMTI3LjAuMC4x
 66 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1a5XTmsqCE5CuwyYQBw
 67 | ea0j+bvMt5oAjWghSOur3svyhMup3G7vR06+HcFlkpFFLSGLV4gofkbfbUl8R9dm
 68 | jM9IENnvEASHpWcI/V+QlBFc2ww71FMFKkLcHThTZHpYC21NzJs+F4dBJv7r1X2N
 69 | UUwLC1kk81DXrP2VReGiB8+hAjPiSlanqL8246K5H08oFlilRXk3Dlu6Yv1HcYoF
 70 | XsC6bULPcKZnaXjWWME+O2Hf1LkN4V6GZCYDyr2gGTmECP5czn038i/nQynzROZP
 71 | F76nV0s3a+e1oM/Y/tZyy1Lb1Hl3K20cEuE8NhbGtmg6Hwkj2ypxIE430KVNrPvu
 72 | 7QIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl
 73 | bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUiCDuy0Xc0rIsxrBd42t8u1Qi
 74 | 24cwHwYDVR0jBBgwFoAUBgRtHYmcSxgTTM809nl7FI/wnsswDQYJKoZIhvcNAQEL
 75 | BQADggEBAGsxK6p4Ur5tcrOGoS+8XZrM/9KsSBztYLHzu/6bPmONXP5kDGONKtR8
 76 | 1mYIo9OuwDz5pfoNTqr8lK3tX6XfRLJ9JMaLQYq5L0a0MB/lyA1OM0KzoKy4tszl
 77 | +RhW59biJLJ14QPAAttzqdvhIWnl4L1ejNx0cCKVi8cZ9B0s39EX1AgG6N6XMiYY
 78 | pXmG6sS4Cxr3R8hd14HOSVXc+pKxyVmG1OSexNXdQ/mUmcF1LGrPxOthCHZsoIeE
 79 | N/Io9fjUuvhuyJzbjsiq+tEG5TyL8E6imHr3ifFA2g0nj7L0UGmPMDlDxZ9RcuLp
 80 | AG5ZCHMB+paJoeYJ98kSIWf+HFgW9vk=
 81 | -----END CERTIFICATE-----
 82 | -----BEGIN PRIVATE KEY-----
 83 | MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzVrldOayoITkK
 84 | 7DJhAHB5rSP5u8y3mgCNaCFI66vey/KEy6ncbu9HTr4dwWWSkUUtIYtXiCh+Rt9t
 85 | SXxH12aMz0gQ2e8QBIelZwj9X5CUEVzbDDvUUwUqQtwdOFNkelgLbU3Mmz4Xh0Em
 86 | /uvVfY1RTAsLWSTzUNes/ZVF4aIHz6ECM+JKVqeovzbjorkfTygWWKVFeTcOW7pi
 87 | /UdxigVewLptQs9wpmdpeNZYwT47Yd/UuQ3hXoZkJgPKvaAZOYQI/lzOfTfyL+dD
 88 | KfNE5k8XvqdXSzdr57Wgz9j+1nLLUtvUeXcrbRwS4Tw2Fsa2aDofCSPbKnEgTjfQ
 89 | pU2s++7tAgMBAAECggEAYNDMuRtNrmZhGRhyChPmpIloBoXv+p5U9gHlFizEWD7Z
 90 | 6f7Y8HujCWflEsM5RmrOYZLeWp7S3Xj9XU5ynYYXgqTUTuSYPplzcUOygrZ4orbM
 91 | 3iQ4mGNJQotdsRibTH8P0PttKKwWVTVbYuX0AwkIpX7b54B0hjZ6eJVdZKBujLAO
 92 | dzB7CLfpRAWPlmTsho0Utyh8WZ3yy/HaRLm5zkkAedUZJ4Y+C/dZ3E0Jq/CZptFd
 93 | kifwEWg+rWXhZqK1TWcKUj80lxRqsLm26N1e5aELxxZ3bmVJ5+slYn8Ur9SLCPZP
 94 | VuIaCjWjqTDaF0Y4Mbnon+UT36XjNnBUOI7yoMHZMQKBgQDkVBp+HbEugfHrkaRS
 95 | OUIUlNoaXbg9Yacv/9TRfhTLuxwJKEcL55cqexPfOVUivlx7lNpafCxUss5c3JjV
 96 | GGmkrgO59bq9HfeVD2lw3MbK3UElXdsd/hLby2eTK1BIa0sim47O8hHeFRtyS86u
 97 | igpvADf2p97FBtYvfyYEc4NWawKBgQDJErZcjcHo5o6iumqC8rdpFpl2iw/e44S1
 98 | /FLuPNY4x4VpmjIbcq0x9uH0mP64epjS7j1xmSzeNaLpjZbi6MIKLnuVzk3Tu7s7
 99 | hW1FddBCus6O/hBEZoe80imPNFRGswdYV3+010VvQrX9uNhKtUBImpCMeaSfPxkU
100 | nNdztv42BwKBgDwJIS4oAH6KDGI0WVCFXaqruO1V1yvMkXk9e2faDv3CpQyDWqr2
101 | qfixg/gdyxTnmMmlygQgwkdC/J/OISFm2eBDIRe0VPWE+6Rl+QOECYEtzANXOlYY
102 | iDzirskziliAXbEr1dD0NV5/jkfvRtj90uB83josyZZkxcyXUhe5h78hAoGABUSV
103 | PIWGQAjSUdcadUXQolMyQBXSm59QWcg7j/xODHzFtQeSKn/to7J5JwRfIAwuNtCB
104 | EZnWwBedpgrMmjNI6iVfnYQjK9nuRNfxDfHRO/5S7RIg8PnSspK6/gJ79sI3/guE
105 | 0AMX0Zto0zXljMeE4KIUCWoicv2fNZgKWQDBVj8CgYEA4ITpUhV7FNPw76Zo+9nY
106 | 48czmOeVo0MfrBMdFq8KJoh6zx2MA5GFeyPu3CP74vwYlc2PH8amHjkGzTmP5kO3
107 | Hthmvmeru9ic4oJnK7NkpcST8mESeb1GZEpIUh7c6saT1J2/O69c6zvVvZEAmjyX
108 | 7XNa7qpjZ4tTAFLPa3NGDdo=
109 | -----END PRIVATE KEY-----
110 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/etc_ssl/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 
7 | [kvstore]
8 | port = 8391
9 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/etc_ssl/system/local/web.conf:
--------------------------------------------------------------------------------
1 | [settings]
2 | httpport = 8200
3 | mgmtHostPort = 127.0.0.1:8289
4 | appServerPorts = 8265
5 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/etc_tcp/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [tcp://12300]
2 | sourcetype = fluentd
3 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/etc_tcp/apps/search/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.0.14/etc_tcp/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM debian:jessie
 2 | 
 3 | ENV SPLUNK_PRODUCT splunk
 4 | ENV SPLUNK_VERSION 6.1.13
 5 | ENV SPLUNK_BUILD 278305
 6 | ENV SPLUNK_FILENAME splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-x86_64.tgz
 7 | 
 8 | ENV SPLUNK_HOME_TCP /opt/splunk_tcp
 9 | ENV SPLUNK_HOME_SSL /opt/splunk_ssl
10 | 
11 | ENV SPLUNK_GROUP splunk
12 | ENV SPLUNK_USER splunk
13 | 
14 | ARG DEBIAN_FRONTEND=noninteractive
15 | 
16 | # add splunk:splunk user
17 | RUN groupadd -r ${SPLUNK_GROUP} \
18 |     && useradd -r -m -g ${SPLUNK_GROUP} ${SPLUNK_USER}
19 | 
20 | # make the "en_US.UTF-8" locale so splunk will be utf-8 enabled by default
21 | RUN apt-get update && apt-get install -y locales \
22 |     && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
23 | ENV LANG en_US.utf8
24 | 
25 | # pdfgen dependency
26 | RUN apt-get install -y libgssapi-krb5-2
27 | 
28 | # Download official Splunk release, verify checksum and unzip in /opt/splunk_{tcp,ssl}
29 | RUN apt-get install -y wget sudo \
30 |     && mkdir -p ${SPLUNK_HOME_TCP} \
31 |     && mkdir -p ${SPLUNK_HOME_SSL} \
32 |     && wget -qO /tmp/${SPLUNK_FILENAME} https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME} \
33 |     && wget -qO /tmp/${SPLUNK_FILENAME}.md5 https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME}.md5 \
34 |     && (cd /tmp && md5sum -c ${SPLUNK_FILENAME}.md5) \
35 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_TCP} \
36 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_SSL} \
37 |     && rm /tmp/${SPLUNK_FILENAME} \
38 |     && rm /tmp/${SPLUNK_FILENAME}.md5 \
39 |     && apt-get purge -y --auto-remove wget \
40 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_TCP} \
41 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_SSL} \
42 |     && rm -rf /var/lib/apt/lists/*
43 | 
44 | ##### Copy config files #####
45 | ### TCP
46 | ## TCP raw
47 | # etc/apps/search/local/{inputs,props}.conf
48 | ## system config
49 | # etc/system/local/server.conf
50 | 
51 | ### SSL
52 | ## TCP raw
53 | # etc/apps/search/local/{inputs,props}.conf
54 | ## Certificates
55 | # etc/auth/server.pem
56 | # etc/auth/cacert.pem
57 | ## system config
58 | # etc/system/local/server.conf
59 | # etc/system/local/web.conf
60 | 
61 | COPY etc_tcp/apps/search/local/inputs.conf ${SPLUNK_HOME_TCP}/etc/apps/search/local/inputs.conf
62 | COPY etc_tcp/apps/search/local/props.conf ${SPLUNK_HOME_TCP}/etc/apps/search/local/props.conf
63 | COPY etc_ssl/apps/search/local/inputs.conf ${SPLUNK_HOME_SSL}/etc/apps/search/local/inputs.conf
64 | COPY etc_ssl/apps/search/local/props.conf ${SPLUNK_HOME_SSL}/etc/apps/search/local/props.conf
65 | 
66 | COPY etc_ssl/auth/server.pem ${SPLUNK_HOME_SSL}/etc/auth/server.pem
67 | COPY etc_ssl/auth/cacert.pem ${SPLUNK_HOME_SSL}/etc/auth/cacert.pem
68 | 
69 | COPY etc_tcp/system/local/server.conf ${SPLUNK_HOME_TCP}/etc/system/local/server.conf
70 | COPY etc_ssl/system/local/server.conf ${SPLUNK_HOME_SSL}/etc/system/local/server.conf
71 | COPY etc_ssl/system/local/web.conf ${SPLUNK_HOME_SSL}/etc/system/local/web.conf
72 | 
73 | COPY entrypoint.sh /sbin/entrypoint.sh
74 | RUN chmod +x /sbin/entrypoint.sh
75 | 
76 | # Ports Splunk Web, Splunk Daemon, KVStore, Splunk Indexing Port, Network Input
77 | #EXPOSE 8000/tcp 8089/tcp 8191/tcp 12300/tcp 1514
78 | #EXPOSE 8200/tcp 8289/tcp 8391/tcp 11250/tcp 1714
79 | 
80 | WORKDIR /opt
81 | 
82 | ENTRYPOINT ["/sbin/entrypoint.sh"]
83 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e
 4 | 
 5 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_TCP}/etc/splunk-launch.conf
 6 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_SSL}/etc/splunk-launch.conf
 7 | 
 8 | SPLUNK_HOME=$SPLUNK_HOME_TCP sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk start --accept-license
 9 | SPLUNK_HOME=$SPLUNK_HOME_SSL sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk start --accept-license
10 | 
11 | # Trap exit signal and shutdown gracefully
12 | trap "sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk stop; sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk stop" SIGINT SIGTERM EXIT
13 | 
14 | sudo -HEu ${SPLUNK_USER} tail -n 0 -f ${SPLUNK_HOME_TCP}/var/log/splunk/splunkd_stderr.log &
15 | wait
16 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/etc_ssl/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [SSL]
2 | serverCert=$SPLUNK_HOME/etc/auth/server.pem
3 | rootCA=$SPLUNK_HOME/etc/auth/cacert.pem
4 | requireClientCert=true
5 | 
6 | [tcp-ssl://12500]
7 | sourcetype = fluentd
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/etc_ssl/apps/search/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/etc_ssl/auth/ca.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/etc_ssl/auth/cacert.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/etc_ssl/auth/server.pem:
--------------------------------------------------------------------------------
  1 | Certificate:
  2 |     Data:
  3 |         Version: 3 (0x2)
  4 |         Serial Number: 1 (0x1)
  5 |     Signature Algorithm: sha256WithRSAEncryption
  6 |         Issuer: C=JP, ST=Tokyo, L=Tokyo, O=Tokyo, OU=Tokyo, CN=myCA
  7 |         Validity
  8 |             Not Before: Apr  4 15:18:05 2018 GMT
  9 |             Not After : Apr  1 15:18:05 2028 GMT
 10 |         Subject: C=JP, ST=Tokyo, O=Tokyo, OU=Tokyo, CN=127.0.0.1
 11 |         Subject Public Key Info:
 12 |             Public Key Algorithm: rsaEncryption
 13 |                 Public-Key: (2048 bit)
 14 |                 Modulus:
 15 |                     00:b3:56:b9:5d:39:ac:a8:21:39:0a:ec:32:61:00:
 16 |                     70:79:ad:23:f9:bb:cc:b7:9a:00:8d:68:21:48:eb:
 17 |                     ab:de:cb:f2:84:cb:a9:dc:6e:ef:47:4e:be:1d:c1:
 18 |                     65:92:91:45:2d:21:8b:57:88:28:7e:46:df:6d:49:
 19 |                     7c:47:d7:66:8c:cf:48:10:d9:ef:10:04:87:a5:67:
 20 |                     08:fd:5f:90:94:11:5c:db:0c:3b:d4:53:05:2a:42:
 21 |                     dc:1d:38:53:64:7a:58:0b:6d:4d:cc:9b:3e:17:87:
 22 |                     41:26:fe:eb:d5:7d:8d:51:4c:0b:0b:59:24:f3:50:
 23 |                     d7:ac:fd:95:45:e1:a2:07:cf:a1:02:33:e2:4a:56:
 24 |                     a7:a8:bf:36:e3:a2:b9:1f:4f:28:16:58:a5:45:79:
 25 |                     37:0e:5b:ba:62:fd:47:71:8a:05:5e:c0:ba:6d:42:
 26 |                     cf:70:a6:67:69:78:d6:58:c1:3e:3b:61:df:d4:b9:
 27 |                     0d:e1:5e:86:64:26:03:ca:bd:a0:19:39:84:08:fe:
 28 |                     5c:ce:7d:37:f2:2f:e7:43:29:f3:44:e6:4f:17:be:
 29 |                     a7:57:4b:37:6b:e7:b5:a0:cf:d8:fe:d6:72:cb:52:
 30 |                     db:d4:79:77:2b:6d:1c:12:e1:3c:36:16:c6:b6:68:
 31 |                     3a:1f:09:23:db:2a:71:20:4e:37:d0:a5:4d:ac:fb:
 32 |                     ee:ed
 33 |                 Exponent: 65537 (0x10001)
 34 |         X509v3 extensions:
 35 |             X509v3 Basic Constraints: 
 36 |                 CA:FALSE
 37 |             Netscape Comment: 
 38 |                 OpenSSL Generated Certificate
 39 |             X509v3 Subject Key Identifier: 
 40 |                 88:20:EE:CB:45:DC:D2:B2:2C:C6:B0:5D:E3:6B:7C:BB:54:22:DB:87
 41 |             X509v3 Authority Key Identifier: 
 42 |                 keyid:06:04:6D:1D:89:9C:4B:18:13:4C:CF:34:F6:79:7B:14:8F:F0:9E:CB
 43 | 
 44 |     Signature Algorithm: sha256WithRSAEncryption
 45 |          6b:31:2b:aa:78:52:be:6d:72:b3:86:a1:2f:bc:5d:9a:cc:ff:
 46 |          d2:ac:48:1c:ed:60:b1:f3:bb:fe:9b:3e:63:8d:5c:fe:64:0c:
 47 |          63:8d:2a:d4:7c:d6:66:08:a3:d3:ae:c0:3c:f9:a5:fa:0d:4e:
 48 |          aa:fc:94:ad:ed:5f:a5:df:44:b2:7d:24:c6:8b:41:8a:b9:2f:
 49 |          46:b4:30:1f:e5:c8:0d:4e:33:42:b3:a0:ac:b8:b6:cc:e5:f9:
 50 |          18:56:e7:d6:e2:24:b2:75:e1:03:c0:02:db:73:a9:db:e1:21:
 51 |          69:e5:e0:bd:5e:8c:dc:74:70:22:95:8b:c7:19:f4:1d:2c:df:
 52 |          d1:17:d4:08:06:e8:de:97:32:26:18:a5:79:86:ea:c4:b8:0b:
 53 |          1a:f7:47:c8:5d:d7:81:ce:49:55:dc:fa:92:b1:c9:59:86:d4:
 54 |          e4:9e:c4:d5:dd:43:f9:94:99:c1:75:2c:6a:cf:c4:eb:61:08:
 55 |          76:6c:a0:87:84:37:f2:28:f5:f8:d4:ba:f8:6e:c8:9c:db:8e:
 56 |          c8:aa:fa:d1:06:e5:3c:8b:f0:4e:a2:98:7a:f7:89:f1:40:da:
 57 |          0d:27:8f:b2:f4:50:69:8f:30:39:43:c5:9f:51:72:e2:e9:00:
 58 |          6e:59:08:73:01:fa:96:89:a1:e6:09:f7:c9:12:21:67:fe:1c:
 59 |          58:16:f6:f9
 60 | -----BEGIN CERTIFICATE-----
 61 | MIIDozCCAougAwIBAgIBATANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJKUDEO
 62 | MAwGA1UECAwFVG9reW8xDjAMBgNVBAcMBVRva3lvMQ4wDAYDVQQKDAVUb2t5bzEO
 63 | MAwGA1UECwwFVG9reW8xDTALBgNVBAMMBG15Q0EwHhcNMTgwNDA0MTUxODA1WhcN
 64 | MjgwNDAxMTUxODA1WjBRMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xDjAM
 65 | BgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVUb2t5bzESMBAGA1UEAwwJMTI3LjAuMC4x
 66 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1a5XTmsqCE5CuwyYQBw
 67 | ea0j+bvMt5oAjWghSOur3svyhMup3G7vR06+HcFlkpFFLSGLV4gofkbfbUl8R9dm
 68 | jM9IENnvEASHpWcI/V+QlBFc2ww71FMFKkLcHThTZHpYC21NzJs+F4dBJv7r1X2N
 69 | UUwLC1kk81DXrP2VReGiB8+hAjPiSlanqL8246K5H08oFlilRXk3Dlu6Yv1HcYoF
 70 | XsC6bULPcKZnaXjWWME+O2Hf1LkN4V6GZCYDyr2gGTmECP5czn038i/nQynzROZP
 71 | F76nV0s3a+e1oM/Y/tZyy1Lb1Hl3K20cEuE8NhbGtmg6Hwkj2ypxIE430KVNrPvu
 72 | 7QIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl
 73 | bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUiCDuy0Xc0rIsxrBd42t8u1Qi
 74 | 24cwHwYDVR0jBBgwFoAUBgRtHYmcSxgTTM809nl7FI/wnsswDQYJKoZIhvcNAQEL
 75 | BQADggEBAGsxK6p4Ur5tcrOGoS+8XZrM/9KsSBztYLHzu/6bPmONXP5kDGONKtR8
 76 | 1mYIo9OuwDz5pfoNTqr8lK3tX6XfRLJ9JMaLQYq5L0a0MB/lyA1OM0KzoKy4tszl
 77 | +RhW59biJLJ14QPAAttzqdvhIWnl4L1ejNx0cCKVi8cZ9B0s39EX1AgG6N6XMiYY
 78 | pXmG6sS4Cxr3R8hd14HOSVXc+pKxyVmG1OSexNXdQ/mUmcF1LGrPxOthCHZsoIeE
 79 | N/Io9fjUuvhuyJzbjsiq+tEG5TyL8E6imHr3ifFA2g0nj7L0UGmPMDlDxZ9RcuLp
 80 | AG5ZCHMB+paJoeYJ98kSIWf+HFgW9vk=
 81 | -----END CERTIFICATE-----
 82 | -----BEGIN PRIVATE KEY-----
 83 | MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzVrldOayoITkK
 84 | 7DJhAHB5rSP5u8y3mgCNaCFI66vey/KEy6ncbu9HTr4dwWWSkUUtIYtXiCh+Rt9t
 85 | SXxH12aMz0gQ2e8QBIelZwj9X5CUEVzbDDvUUwUqQtwdOFNkelgLbU3Mmz4Xh0Em
 86 | /uvVfY1RTAsLWSTzUNes/ZVF4aIHz6ECM+JKVqeovzbjorkfTygWWKVFeTcOW7pi
 87 | /UdxigVewLptQs9wpmdpeNZYwT47Yd/UuQ3hXoZkJgPKvaAZOYQI/lzOfTfyL+dD
 88 | KfNE5k8XvqdXSzdr57Wgz9j+1nLLUtvUeXcrbRwS4Tw2Fsa2aDofCSPbKnEgTjfQ
 89 | pU2s++7tAgMBAAECggEAYNDMuRtNrmZhGRhyChPmpIloBoXv+p5U9gHlFizEWD7Z
 90 | 6f7Y8HujCWflEsM5RmrOYZLeWp7S3Xj9XU5ynYYXgqTUTuSYPplzcUOygrZ4orbM
 91 | 3iQ4mGNJQotdsRibTH8P0PttKKwWVTVbYuX0AwkIpX7b54B0hjZ6eJVdZKBujLAO
 92 | dzB7CLfpRAWPlmTsho0Utyh8WZ3yy/HaRLm5zkkAedUZJ4Y+C/dZ3E0Jq/CZptFd
 93 | kifwEWg+rWXhZqK1TWcKUj80lxRqsLm26N1e5aELxxZ3bmVJ5+slYn8Ur9SLCPZP
 94 | VuIaCjWjqTDaF0Y4Mbnon+UT36XjNnBUOI7yoMHZMQKBgQDkVBp+HbEugfHrkaRS
 95 | OUIUlNoaXbg9Yacv/9TRfhTLuxwJKEcL55cqexPfOVUivlx7lNpafCxUss5c3JjV
 96 | GGmkrgO59bq9HfeVD2lw3MbK3UElXdsd/hLby2eTK1BIa0sim47O8hHeFRtyS86u
 97 | igpvADf2p97FBtYvfyYEc4NWawKBgQDJErZcjcHo5o6iumqC8rdpFpl2iw/e44S1
 98 | /FLuPNY4x4VpmjIbcq0x9uH0mP64epjS7j1xmSzeNaLpjZbi6MIKLnuVzk3Tu7s7
 99 | hW1FddBCus6O/hBEZoe80imPNFRGswdYV3+010VvQrX9uNhKtUBImpCMeaSfPxkU
100 | nNdztv42BwKBgDwJIS4oAH6KDGI0WVCFXaqruO1V1yvMkXk9e2faDv3CpQyDWqr2
101 | qfixg/gdyxTnmMmlygQgwkdC/J/OISFm2eBDIRe0VPWE+6Rl+QOECYEtzANXOlYY
102 | iDzirskziliAXbEr1dD0NV5/jkfvRtj90uB83josyZZkxcyXUhe5h78hAoGABUSV
103 | PIWGQAjSUdcadUXQolMyQBXSm59QWcg7j/xODHzFtQeSKn/to7J5JwRfIAwuNtCB
104 | EZnWwBedpgrMmjNI6iVfnYQjK9nuRNfxDfHRO/5S7RIg8PnSspK6/gJ79sI3/guE
105 | 0AMX0Zto0zXljMeE4KIUCWoicv2fNZgKWQDBVj8CgYEA4ITpUhV7FNPw76Zo+9nY
106 | 48czmOeVo0MfrBMdFq8KJoh6zx2MA5GFeyPu3CP74vwYlc2PH8amHjkGzTmP5kO3
107 | Hthmvmeru9ic4oJnK7NkpcST8mESeb1GZEpIUh7c6saT1J2/O69c6zvVvZEAmjyX
108 | 7XNa7qpjZ4tTAFLPa3NGDdo=
109 | -----END PRIVATE KEY-----
110 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/etc_ssl/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 
7 | [kvstore]
8 | port = 8391
9 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/etc_ssl/system/local/web.conf:
--------------------------------------------------------------------------------
1 | [settings]
2 | httpport = 8200
3 | mgmtHostPort = 127.0.0.1:8289
4 | appServerPorts = 8265
5 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/etc_tcp/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [tcp://12300]
2 | sourcetype = fluentd
3 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/etc_tcp/apps/search/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.1.13/etc_tcp/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM debian:jessie
 2 | 
 3 | ENV SPLUNK_PRODUCT splunk
 4 | ENV SPLUNK_VERSION 6.2.12
 5 | ENV SPLUNK_BUILD 277845
 6 | ENV SPLUNK_FILENAME splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-x86_64.tgz
 7 | 
 8 | ENV SPLUNK_HOME_TCP /opt/splunk_tcp
 9 | ENV SPLUNK_HOME_SSL /opt/splunk_ssl
10 | 
11 | ENV SPLUNK_GROUP splunk
12 | ENV SPLUNK_USER splunk
13 | 
14 | ARG DEBIAN_FRONTEND=noninteractive
15 | 
16 | # add splunk:splunk user
17 | RUN groupadd -r ${SPLUNK_GROUP} \
18 |     && useradd -r -m -g ${SPLUNK_GROUP} ${SPLUNK_USER}
19 | 
20 | # make the "en_US.UTF-8" locale so splunk will be utf-8 enabled by default
21 | RUN apt-get update && apt-get install -y locales \
22 |     && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
23 | ENV LANG en_US.utf8
24 | 
25 | # pdfgen dependency
26 | RUN apt-get install -y libgssapi-krb5-2
27 | 
28 | # Download official Splunk release, verify checksum and unzip in /opt/splunk_{tcp,ssl}
29 | RUN apt-get install -y wget sudo \
30 |     && mkdir -p ${SPLUNK_HOME_TCP} \
31 |     && mkdir -p ${SPLUNK_HOME_SSL} \
32 |     && wget -qO /tmp/${SPLUNK_FILENAME} https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME} \
33 |     && wget -qO /tmp/${SPLUNK_FILENAME}.md5 https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME}.md5 \
34 |     && (cd /tmp && md5sum -c ${SPLUNK_FILENAME}.md5) \
35 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_TCP} \
36 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_SSL} \
37 |     && rm /tmp/${SPLUNK_FILENAME} \
38 |     && rm /tmp/${SPLUNK_FILENAME}.md5 \
39 |     && apt-get purge -y --auto-remove wget \
40 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_TCP} \
41 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_SSL} \
42 |     && rm -rf /var/lib/apt/lists/*
43 | 
44 | ##### Copy config files #####
45 | ### TCP
46 | ## TCP raw
47 | # etc/apps/search/local/{inputs,props}.conf
48 | ## system config
49 | # etc/system/local/server.conf
50 | 
51 | ### SSL
52 | ## TCP raw
53 | # etc/apps/search/local/{inputs,props}.conf
54 | ## Certificates
55 | # etc/auth/server.pem
56 | # etc/auth/cacert.pem
57 | ## system config
58 | # etc/system/local/server.conf
59 | # etc/system/local/web.conf
60 | 
61 | COPY etc_tcp/apps/search/local/inputs.conf ${SPLUNK_HOME_TCP}/etc/apps/search/local/inputs.conf
62 | COPY etc_tcp/apps/search/local/props.conf ${SPLUNK_HOME_TCP}/etc/apps/search/local/props.conf
63 | COPY etc_ssl/apps/search/local/inputs.conf ${SPLUNK_HOME_SSL}/etc/apps/search/local/inputs.conf
64 | COPY etc_ssl/apps/search/local/props.conf ${SPLUNK_HOME_SSL}/etc/apps/search/local/props.conf
65 | 
66 | COPY etc_ssl/auth/server.pem ${SPLUNK_HOME_SSL}/etc/auth/server.pem
67 | COPY etc_ssl/auth/cacert.pem ${SPLUNK_HOME_SSL}/etc/auth/cacert.pem
68 | 
69 | COPY etc_tcp/system/local/server.conf ${SPLUNK_HOME_TCP}/etc/system/local/server.conf
70 | COPY etc_ssl/system/local/server.conf ${SPLUNK_HOME_SSL}/etc/system/local/server.conf
71 | COPY etc_ssl/system/local/web.conf ${SPLUNK_HOME_SSL}/etc/system/local/web.conf
72 | 
73 | COPY entrypoint.sh /sbin/entrypoint.sh
74 | RUN chmod +x /sbin/entrypoint.sh
75 | 
76 | # Ports Splunk Web, Splunk Daemon, KVStore, Splunk Indexing Port, Network Input
77 | #EXPOSE 8000/tcp 8089/tcp 8191/tcp 12300/tcp 1514
78 | #EXPOSE 8200/tcp 8289/tcp 8391/tcp 11250/tcp 1714
79 | 
80 | WORKDIR /opt
81 | 
82 | ENTRYPOINT ["/sbin/entrypoint.sh"]
83 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e
 4 | 
 5 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_TCP}/etc/splunk-launch.conf
 6 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_SSL}/etc/splunk-launch.conf
 7 | 
 8 | SPLUNK_HOME=$SPLUNK_HOME_TCP sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk start --accept-license
 9 | SPLUNK_HOME=$SPLUNK_HOME_SSL sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk start --accept-license
10 | 
11 | # Trap exit signal and shutdown gracefully
12 | trap "sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk stop; sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk stop" SIGINT SIGTERM EXIT
13 | 
14 | sudo -HEu ${SPLUNK_USER} tail -n 0 -f ${SPLUNK_HOME_TCP}/var/log/splunk/splunkd_stderr.log &
15 | wait
16 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/etc_ssl/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [SSL]
2 | serverCert=$SPLUNK_HOME/etc/auth/server.pem
3 | rootCA=$SPLUNK_HOME/etc/auth/cacert.pem
4 | requireClientCert=true
5 | 
6 | [tcp-ssl://12500]
7 | sourcetype = fluentd
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/etc_ssl/apps/search/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/etc_ssl/auth/ca.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/etc_ssl/auth/cacert.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/etc_ssl/auth/server.pem:
--------------------------------------------------------------------------------
  1 | Certificate:
  2 |     Data:
  3 |         Version: 3 (0x2)
  4 |         Serial Number: 1 (0x1)
  5 |     Signature Algorithm: sha256WithRSAEncryption
  6 |         Issuer: C=JP, ST=Tokyo, L=Tokyo, O=Tokyo, OU=Tokyo, CN=myCA
  7 |         Validity
  8 |             Not Before: Apr  4 15:18:05 2018 GMT
  9 |             Not After : Apr  1 15:18:05 2028 GMT
 10 |         Subject: C=JP, ST=Tokyo, O=Tokyo, OU=Tokyo, CN=127.0.0.1
 11 |         Subject Public Key Info:
 12 |             Public Key Algorithm: rsaEncryption
 13 |                 Public-Key: (2048 bit)
 14 |                 Modulus:
 15 |                     00:b3:56:b9:5d:39:ac:a8:21:39:0a:ec:32:61:00:
 16 |                     70:79:ad:23:f9:bb:cc:b7:9a:00:8d:68:21:48:eb:
 17 |                     ab:de:cb:f2:84:cb:a9:dc:6e:ef:47:4e:be:1d:c1:
 18 |                     65:92:91:45:2d:21:8b:57:88:28:7e:46:df:6d:49:
 19 |                     7c:47:d7:66:8c:cf:48:10:d9:ef:10:04:87:a5:67:
 20 |                     08:fd:5f:90:94:11:5c:db:0c:3b:d4:53:05:2a:42:
 21 |                     dc:1d:38:53:64:7a:58:0b:6d:4d:cc:9b:3e:17:87:
 22 |                     41:26:fe:eb:d5:7d:8d:51:4c:0b:0b:59:24:f3:50:
 23 |                     d7:ac:fd:95:45:e1:a2:07:cf:a1:02:33:e2:4a:56:
 24 |                     a7:a8:bf:36:e3:a2:b9:1f:4f:28:16:58:a5:45:79:
 25 |                     37:0e:5b:ba:62:fd:47:71:8a:05:5e:c0:ba:6d:42:
 26 |                     cf:70:a6:67:69:78:d6:58:c1:3e:3b:61:df:d4:b9:
 27 |                     0d:e1:5e:86:64:26:03:ca:bd:a0:19:39:84:08:fe:
 28 |                     5c:ce:7d:37:f2:2f:e7:43:29:f3:44:e6:4f:17:be:
 29 |                     a7:57:4b:37:6b:e7:b5:a0:cf:d8:fe:d6:72:cb:52:
 30 |                     db:d4:79:77:2b:6d:1c:12:e1:3c:36:16:c6:b6:68:
 31 |                     3a:1f:09:23:db:2a:71:20:4e:37:d0:a5:4d:ac:fb:
 32 |                     ee:ed
 33 |                 Exponent: 65537 (0x10001)
 34 |         X509v3 extensions:
 35 |             X509v3 Basic Constraints: 
 36 |                 CA:FALSE
 37 |             Netscape Comment: 
 38 |                 OpenSSL Generated Certificate
 39 |             X509v3 Subject Key Identifier: 
 40 |                 88:20:EE:CB:45:DC:D2:B2:2C:C6:B0:5D:E3:6B:7C:BB:54:22:DB:87
 41 |             X509v3 Authority Key Identifier: 
 42 |                 keyid:06:04:6D:1D:89:9C:4B:18:13:4C:CF:34:F6:79:7B:14:8F:F0:9E:CB
 43 | 
 44 |     Signature Algorithm: sha256WithRSAEncryption
 45 |          6b:31:2b:aa:78:52:be:6d:72:b3:86:a1:2f:bc:5d:9a:cc:ff:
 46 |          d2:ac:48:1c:ed:60:b1:f3:bb:fe:9b:3e:63:8d:5c:fe:64:0c:
 47 |          63:8d:2a:d4:7c:d6:66:08:a3:d3:ae:c0:3c:f9:a5:fa:0d:4e:
 48 |          aa:fc:94:ad:ed:5f:a5:df:44:b2:7d:24:c6:8b:41:8a:b9:2f:
 49 |          46:b4:30:1f:e5:c8:0d:4e:33:42:b3:a0:ac:b8:b6:cc:e5:f9:
 50 |          18:56:e7:d6:e2:24:b2:75:e1:03:c0:02:db:73:a9:db:e1:21:
 51 |          69:e5:e0:bd:5e:8c:dc:74:70:22:95:8b:c7:19:f4:1d:2c:df:
 52 |          d1:17:d4:08:06:e8:de:97:32:26:18:a5:79:86:ea:c4:b8:0b:
 53 |          1a:f7:47:c8:5d:d7:81:ce:49:55:dc:fa:92:b1:c9:59:86:d4:
 54 |          e4:9e:c4:d5:dd:43:f9:94:99:c1:75:2c:6a:cf:c4:eb:61:08:
 55 |          76:6c:a0:87:84:37:f2:28:f5:f8:d4:ba:f8:6e:c8:9c:db:8e:
 56 |          c8:aa:fa:d1:06:e5:3c:8b:f0:4e:a2:98:7a:f7:89:f1:40:da:
 57 |          0d:27:8f:b2:f4:50:69:8f:30:39:43:c5:9f:51:72:e2:e9:00:
 58 |          6e:59:08:73:01:fa:96:89:a1:e6:09:f7:c9:12:21:67:fe:1c:
 59 |          58:16:f6:f9
 60 | -----BEGIN CERTIFICATE-----
 61 | MIIDozCCAougAwIBAgIBATANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJKUDEO
 62 | MAwGA1UECAwFVG9reW8xDjAMBgNVBAcMBVRva3lvMQ4wDAYDVQQKDAVUb2t5bzEO
 63 | MAwGA1UECwwFVG9reW8xDTALBgNVBAMMBG15Q0EwHhcNMTgwNDA0MTUxODA1WhcN
 64 | MjgwNDAxMTUxODA1WjBRMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xDjAM
 65 | BgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVUb2t5bzESMBAGA1UEAwwJMTI3LjAuMC4x
 66 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1a5XTmsqCE5CuwyYQBw
 67 | ea0j+bvMt5oAjWghSOur3svyhMup3G7vR06+HcFlkpFFLSGLV4gofkbfbUl8R9dm
 68 | jM9IENnvEASHpWcI/V+QlBFc2ww71FMFKkLcHThTZHpYC21NzJs+F4dBJv7r1X2N
 69 | UUwLC1kk81DXrP2VReGiB8+hAjPiSlanqL8246K5H08oFlilRXk3Dlu6Yv1HcYoF
 70 | XsC6bULPcKZnaXjWWME+O2Hf1LkN4V6GZCYDyr2gGTmECP5czn038i/nQynzROZP
 71 | F76nV0s3a+e1oM/Y/tZyy1Lb1Hl3K20cEuE8NhbGtmg6Hwkj2ypxIE430KVNrPvu
 72 | 7QIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl
 73 | bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUiCDuy0Xc0rIsxrBd42t8u1Qi
 74 | 24cwHwYDVR0jBBgwFoAUBgRtHYmcSxgTTM809nl7FI/wnsswDQYJKoZIhvcNAQEL
 75 | BQADggEBAGsxK6p4Ur5tcrOGoS+8XZrM/9KsSBztYLHzu/6bPmONXP5kDGONKtR8
 76 | 1mYIo9OuwDz5pfoNTqr8lK3tX6XfRLJ9JMaLQYq5L0a0MB/lyA1OM0KzoKy4tszl
 77 | +RhW59biJLJ14QPAAttzqdvhIWnl4L1ejNx0cCKVi8cZ9B0s39EX1AgG6N6XMiYY
 78 | pXmG6sS4Cxr3R8hd14HOSVXc+pKxyVmG1OSexNXdQ/mUmcF1LGrPxOthCHZsoIeE
 79 | N/Io9fjUuvhuyJzbjsiq+tEG5TyL8E6imHr3ifFA2g0nj7L0UGmPMDlDxZ9RcuLp
 80 | AG5ZCHMB+paJoeYJ98kSIWf+HFgW9vk=
 81 | -----END CERTIFICATE-----
 82 | -----BEGIN PRIVATE KEY-----
 83 | MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzVrldOayoITkK
 84 | 7DJhAHB5rSP5u8y3mgCNaCFI66vey/KEy6ncbu9HTr4dwWWSkUUtIYtXiCh+Rt9t
 85 | SXxH12aMz0gQ2e8QBIelZwj9X5CUEVzbDDvUUwUqQtwdOFNkelgLbU3Mmz4Xh0Em
 86 | /uvVfY1RTAsLWSTzUNes/ZVF4aIHz6ECM+JKVqeovzbjorkfTygWWKVFeTcOW7pi
 87 | /UdxigVewLptQs9wpmdpeNZYwT47Yd/UuQ3hXoZkJgPKvaAZOYQI/lzOfTfyL+dD
 88 | KfNE5k8XvqdXSzdr57Wgz9j+1nLLUtvUeXcrbRwS4Tw2Fsa2aDofCSPbKnEgTjfQ
 89 | pU2s++7tAgMBAAECggEAYNDMuRtNrmZhGRhyChPmpIloBoXv+p5U9gHlFizEWD7Z
 90 | 6f7Y8HujCWflEsM5RmrOYZLeWp7S3Xj9XU5ynYYXgqTUTuSYPplzcUOygrZ4orbM
 91 | 3iQ4mGNJQotdsRibTH8P0PttKKwWVTVbYuX0AwkIpX7b54B0hjZ6eJVdZKBujLAO
 92 | dzB7CLfpRAWPlmTsho0Utyh8WZ3yy/HaRLm5zkkAedUZJ4Y+C/dZ3E0Jq/CZptFd
 93 | kifwEWg+rWXhZqK1TWcKUj80lxRqsLm26N1e5aELxxZ3bmVJ5+slYn8Ur9SLCPZP
 94 | VuIaCjWjqTDaF0Y4Mbnon+UT36XjNnBUOI7yoMHZMQKBgQDkVBp+HbEugfHrkaRS
 95 | OUIUlNoaXbg9Yacv/9TRfhTLuxwJKEcL55cqexPfOVUivlx7lNpafCxUss5c3JjV
 96 | GGmkrgO59bq9HfeVD2lw3MbK3UElXdsd/hLby2eTK1BIa0sim47O8hHeFRtyS86u
 97 | igpvADf2p97FBtYvfyYEc4NWawKBgQDJErZcjcHo5o6iumqC8rdpFpl2iw/e44S1
 98 | /FLuPNY4x4VpmjIbcq0x9uH0mP64epjS7j1xmSzeNaLpjZbi6MIKLnuVzk3Tu7s7
 99 | hW1FddBCus6O/hBEZoe80imPNFRGswdYV3+010VvQrX9uNhKtUBImpCMeaSfPxkU
100 | nNdztv42BwKBgDwJIS4oAH6KDGI0WVCFXaqruO1V1yvMkXk9e2faDv3CpQyDWqr2
101 | qfixg/gdyxTnmMmlygQgwkdC/J/OISFm2eBDIRe0VPWE+6Rl+QOECYEtzANXOlYY
102 | iDzirskziliAXbEr1dD0NV5/jkfvRtj90uB83josyZZkxcyXUhe5h78hAoGABUSV
103 | PIWGQAjSUdcadUXQolMyQBXSm59QWcg7j/xODHzFtQeSKn/to7J5JwRfIAwuNtCB
104 | EZnWwBedpgrMmjNI6iVfnYQjK9nuRNfxDfHRO/5S7RIg8PnSspK6/gJ79sI3/guE
105 | 0AMX0Zto0zXljMeE4KIUCWoicv2fNZgKWQDBVj8CgYEA4ITpUhV7FNPw76Zo+9nY
106 | 48czmOeVo0MfrBMdFq8KJoh6zx2MA5GFeyPu3CP74vwYlc2PH8amHjkGzTmP5kO3
107 | Hthmvmeru9ic4oJnK7NkpcST8mESeb1GZEpIUh7c6saT1J2/O69c6zvVvZEAmjyX
108 | 7XNa7qpjZ4tTAFLPa3NGDdo=
109 | -----END PRIVATE KEY-----
110 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/etc_ssl/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 
7 | [kvstore]
8 | port = 8391
9 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/etc_ssl/system/local/web.conf:
--------------------------------------------------------------------------------
1 | [settings]
2 | httpport = 8200
3 | mgmtHostPort = 127.0.0.1:8289
4 | appServerPorts = 8265
5 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/etc_tcp/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [tcp://12300]
2 | sourcetype = fluentd
3 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/etc_tcp/apps/search/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.2.12/etc_tcp/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM debian:jessie
 2 | 
 3 | ENV SPLUNK_PRODUCT splunk
 4 | ENV SPLUNK_VERSION 6.3.9
 5 | ENV SPLUNK_BUILD 75b73647f7cd
 6 | ENV SPLUNK_FILENAME splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-x86_64.tgz
 7 | 
 8 | ENV SPLUNK_HOME_TCP /opt/splunk_tcp
 9 | ENV SPLUNK_HOME_SSL /opt/splunk_ssl
10 | 
11 | ENV SPLUNK_GROUP splunk
12 | ENV SPLUNK_USER splunk
13 | 
14 | ARG DEBIAN_FRONTEND=noninteractive
15 | 
16 | # add splunk:splunk user
17 | RUN groupadd -r ${SPLUNK_GROUP} \
18 |     && useradd -r -m -g ${SPLUNK_GROUP} ${SPLUNK_USER}
19 | 
20 | # make the "en_US.UTF-8" locale so splunk will be utf-8 enabled by default
21 | RUN apt-get update && apt-get install -y locales \
22 |     && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
23 | ENV LANG en_US.utf8
24 | 
25 | # pdfgen dependency
26 | RUN apt-get install -y libgssapi-krb5-2
27 | 
28 | # Download official Splunk release, verify checksum and unzip in /opt/splunk_{tcp,ssl}
29 | RUN apt-get install -y wget sudo \
30 |     && mkdir -p ${SPLUNK_HOME_TCP} \
31 |     && mkdir -p ${SPLUNK_HOME_SSL} \
32 |     && wget -qO /tmp/${SPLUNK_FILENAME} https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME} \
33 |     && wget -qO /tmp/${SPLUNK_FILENAME}.md5 https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME}.md5 \
34 |     && (cd /tmp && md5sum -c ${SPLUNK_FILENAME}.md5) \
35 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_TCP} \
36 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_SSL} \
37 |     && rm /tmp/${SPLUNK_FILENAME} \
38 |     && rm /tmp/${SPLUNK_FILENAME}.md5 \
39 |     && apt-get purge -y --auto-remove wget \
40 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_TCP} \
41 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_SSL} \
42 |     && rm -rf /var/lib/apt/lists/*
43 | 
44 | ##### Copy config files #####
45 | ### TCP
46 | ## TCP raw
47 | # etc/apps/search/local/{inputs,props}.conf
48 | ## HEC
49 | # etc_tcp/apps/splunk_httpinput/local/inputs.conf
50 | ## system config
51 | # etc/system/local/server.conf
52 | # etc/system/local/indexes.conf
53 | 
54 | ### SSL
55 | ## TCP raw
56 | # etc/apps/search/local/{inputs,props}.conf
57 | ## HEC
58 | # etc/apps/splunk_httpinput/local/inputs.conf
59 | ## Certificates
60 | # etc/auth/server.pem
61 | # etc/auth/cacert.pem
62 | ## system config
63 | # etc/system/local/server.conf
64 | # etc/system/local/indexes.conf
65 | # etc/system/local/web.conf
66 | 
67 | COPY etc_tcp/apps/splunk_httpinput/local/inputs.conf ${SPLUNK_HOME_TCP}/etc/apps/splunk_httpinput/local/inputs.conf
68 | COPY etc_ssl/apps/splunk_httpinput/local/inputs.conf ${SPLUNK_HOME_SSL}/etc/apps/splunk_httpinput/local/inputs.conf
69 | 
70 | COPY etc_tcp/apps/search/local/inputs.conf ${SPLUNK_HOME_TCP}/etc/apps/search/local/inputs.conf
71 | COPY etc_tcp/apps/search/local/props.conf ${SPLUNK_HOME_TCP}/etc/apps/search/local/props.conf
72 | COPY etc_ssl/apps/search/local/inputs.conf ${SPLUNK_HOME_SSL}/etc/apps/search/local/inputs.conf
73 | COPY etc_ssl/apps/search/local/props.conf ${SPLUNK_HOME_SSL}/etc/apps/search/local/props.conf
74 | 
75 | COPY etc_ssl/auth/server.pem ${SPLUNK_HOME_SSL}/etc/auth/server.pem
76 | COPY etc_ssl/auth/cacert.pem ${SPLUNK_HOME_SSL}/etc/auth/cacert.pem
77 | 
78 | COPY etc_tcp/system/local/server.conf ${SPLUNK_HOME_TCP}/etc/system/local/server.conf
79 | COPY etc_tcp/system/local/indexes.conf ${SPLUNK_HOME_TCP}/etc/system/local/indexes.conf
80 | COPY etc_ssl/system/local/server.conf ${SPLUNK_HOME_SSL}/etc/system/local/server.conf
81 | COPY etc_ssl/system/local/indexes.conf ${SPLUNK_HOME_SSL}/etc/system/local/indexes.conf
82 | COPY etc_ssl/system/local/web.conf ${SPLUNK_HOME_SSL}/etc/system/local/web.conf
83 | 
84 | COPY entrypoint.sh /sbin/entrypoint.sh
85 | RUN chmod +x /sbin/entrypoint.sh
86 | 
87 | # Ports Splunk Web, Splunk Daemon, KVStore, Splunk Indexing Port, Network Input, HTTP Event Collector
88 | #EXPOSE 8000/tcp 8089/tcp 8191/tcp 12300/tcp 1514 8088/tcp
89 | #EXPOSE 8200/tcp 8289/tcp 8391/tcp 11250/tcp 1714 8288/tcp
90 | 
91 | WORKDIR /opt
92 | 
93 | ENTRYPOINT ["/sbin/entrypoint.sh"]
94 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e
 4 | 
 5 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_TCP}/etc/splunk-launch.conf
 6 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_SSL}/etc/splunk-launch.conf
 7 | 
 8 | SPLUNK_HOME=$SPLUNK_HOME_TCP sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk start --accept-license
 9 | SPLUNK_HOME=$SPLUNK_HOME_SSL sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk start --accept-license
10 | 
11 | # Trap exit signal and shutdown gracefully
12 | trap "sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk stop; sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk stop" SIGINT SIGTERM EXIT
13 | 
14 | sudo -HEu ${SPLUNK_USER} tail -n 0 -f ${SPLUNK_HOME_TCP}/var/log/splunk/splunkd_stderr.log &
15 | wait
16 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_ssl/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [SSL]
2 | serverCert=$SPLUNK_HOME/etc/auth/server.pem
3 | rootCA=$SPLUNK_HOME/etc/auth/cacert.pem
4 | requireClientCert=true
5 | 
6 | [tcp-ssl://12500]
7 | sourcetype = fluentd
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_ssl/apps/search/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_ssl/apps/splunk_httpinput/local/inputs.conf:
--------------------------------------------------------------------------------
 1 | # from /etc/apps/splunk_httpinputs/local/inputs.conf
 2 | [http]
 3 | #### edited ->
 4 | serverCert=$SPLUNK_HOME/etc/auth/server.pem
 5 | disabled=0
 6 | requireClientCert=true
 7 | caCertFile=$SPLUNK_HOME/etc/auth/cacert.pem
 8 | port=8288
 9 | #### edited <-
10 | enableSSL=1
11 | dedicatedIoThreads=2
12 | maxThreads = 0
13 | maxSockets = 0
14 | useDeploymentServer=0
15 | # ssl settings are similar to mgmt server
16 | sslVersions=*,-ssl2
17 | allowSslCompression=true
18 | allowSslRenegotiation=true
19 | 
20 | [http://FluentTestNoAck]
21 | disabled = 0
22 | token = 00000000-0000-0000-0000-000000000000
23 | useACK = false
24 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_ssl/auth/ca.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_ssl/auth/cacert.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_ssl/auth/server.pem:
--------------------------------------------------------------------------------
  1 | Certificate:
  2 |     Data:
  3 |         Version: 3 (0x2)
  4 |         Serial Number: 1 (0x1)
  5 |     Signature Algorithm: sha256WithRSAEncryption
  6 |         Issuer: C=JP, ST=Tokyo, L=Tokyo, O=Tokyo, OU=Tokyo, CN=myCA
  7 |         Validity
  8 |             Not Before: Apr  4 15:18:05 2018 GMT
  9 |             Not After : Apr  1 15:18:05 2028 GMT
 10 |         Subject: C=JP, ST=Tokyo, O=Tokyo, OU=Tokyo, CN=127.0.0.1
 11 |         Subject Public Key Info:
 12 |             Public Key Algorithm: rsaEncryption
 13 |                 Public-Key: (2048 bit)
 14 |                 Modulus:
 15 |                     00:b3:56:b9:5d:39:ac:a8:21:39:0a:ec:32:61:00:
 16 |                     70:79:ad:23:f9:bb:cc:b7:9a:00:8d:68:21:48:eb:
 17 |                     ab:de:cb:f2:84:cb:a9:dc:6e:ef:47:4e:be:1d:c1:
 18 |                     65:92:91:45:2d:21:8b:57:88:28:7e:46:df:6d:49:
 19 |                     7c:47:d7:66:8c:cf:48:10:d9:ef:10:04:87:a5:67:
 20 |                     08:fd:5f:90:94:11:5c:db:0c:3b:d4:53:05:2a:42:
 21 |                     dc:1d:38:53:64:7a:58:0b:6d:4d:cc:9b:3e:17:87:
 22 |                     41:26:fe:eb:d5:7d:8d:51:4c:0b:0b:59:24:f3:50:
 23 |                     d7:ac:fd:95:45:e1:a2:07:cf:a1:02:33:e2:4a:56:
 24 |                     a7:a8:bf:36:e3:a2:b9:1f:4f:28:16:58:a5:45:79:
 25 |                     37:0e:5b:ba:62:fd:47:71:8a:05:5e:c0:ba:6d:42:
 26 |                     cf:70:a6:67:69:78:d6:58:c1:3e:3b:61:df:d4:b9:
 27 |                     0d:e1:5e:86:64:26:03:ca:bd:a0:19:39:84:08:fe:
 28 |                     5c:ce:7d:37:f2:2f:e7:43:29:f3:44:e6:4f:17:be:
 29 |                     a7:57:4b:37:6b:e7:b5:a0:cf:d8:fe:d6:72:cb:52:
 30 |                     db:d4:79:77:2b:6d:1c:12:e1:3c:36:16:c6:b6:68:
 31 |                     3a:1f:09:23:db:2a:71:20:4e:37:d0:a5:4d:ac:fb:
 32 |                     ee:ed
 33 |                 Exponent: 65537 (0x10001)
 34 |         X509v3 extensions:
 35 |             X509v3 Basic Constraints: 
 36 |                 CA:FALSE
 37 |             Netscape Comment: 
 38 |                 OpenSSL Generated Certificate
 39 |             X509v3 Subject Key Identifier: 
 40 |                 88:20:EE:CB:45:DC:D2:B2:2C:C6:B0:5D:E3:6B:7C:BB:54:22:DB:87
 41 |             X509v3 Authority Key Identifier: 
 42 |                 keyid:06:04:6D:1D:89:9C:4B:18:13:4C:CF:34:F6:79:7B:14:8F:F0:9E:CB
 43 | 
 44 |     Signature Algorithm: sha256WithRSAEncryption
 45 |          6b:31:2b:aa:78:52:be:6d:72:b3:86:a1:2f:bc:5d:9a:cc:ff:
 46 |          d2:ac:48:1c:ed:60:b1:f3:bb:fe:9b:3e:63:8d:5c:fe:64:0c:
 47 |          63:8d:2a:d4:7c:d6:66:08:a3:d3:ae:c0:3c:f9:a5:fa:0d:4e:
 48 |          aa:fc:94:ad:ed:5f:a5:df:44:b2:7d:24:c6:8b:41:8a:b9:2f:
 49 |          46:b4:30:1f:e5:c8:0d:4e:33:42:b3:a0:ac:b8:b6:cc:e5:f9:
 50 |          18:56:e7:d6:e2:24:b2:75:e1:03:c0:02:db:73:a9:db:e1:21:
 51 |          69:e5:e0:bd:5e:8c:dc:74:70:22:95:8b:c7:19:f4:1d:2c:df:
 52 |          d1:17:d4:08:06:e8:de:97:32:26:18:a5:79:86:ea:c4:b8:0b:
 53 |          1a:f7:47:c8:5d:d7:81:ce:49:55:dc:fa:92:b1:c9:59:86:d4:
 54 |          e4:9e:c4:d5:dd:43:f9:94:99:c1:75:2c:6a:cf:c4:eb:61:08:
 55 |          76:6c:a0:87:84:37:f2:28:f5:f8:d4:ba:f8:6e:c8:9c:db:8e:
 56 |          c8:aa:fa:d1:06:e5:3c:8b:f0:4e:a2:98:7a:f7:89:f1:40:da:
 57 |          0d:27:8f:b2:f4:50:69:8f:30:39:43:c5:9f:51:72:e2:e9:00:
 58 |          6e:59:08:73:01:fa:96:89:a1:e6:09:f7:c9:12:21:67:fe:1c:
 59 |          58:16:f6:f9
 60 | -----BEGIN CERTIFICATE-----
 61 | MIIDozCCAougAwIBAgIBATANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJKUDEO
 62 | MAwGA1UECAwFVG9reW8xDjAMBgNVBAcMBVRva3lvMQ4wDAYDVQQKDAVUb2t5bzEO
 63 | MAwGA1UECwwFVG9reW8xDTALBgNVBAMMBG15Q0EwHhcNMTgwNDA0MTUxODA1WhcN
 64 | MjgwNDAxMTUxODA1WjBRMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xDjAM
 65 | BgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVUb2t5bzESMBAGA1UEAwwJMTI3LjAuMC4x
 66 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1a5XTmsqCE5CuwyYQBw
 67 | ea0j+bvMt5oAjWghSOur3svyhMup3G7vR06+HcFlkpFFLSGLV4gofkbfbUl8R9dm
 68 | jM9IENnvEASHpWcI/V+QlBFc2ww71FMFKkLcHThTZHpYC21NzJs+F4dBJv7r1X2N
 69 | UUwLC1kk81DXrP2VReGiB8+hAjPiSlanqL8246K5H08oFlilRXk3Dlu6Yv1HcYoF
 70 | XsC6bULPcKZnaXjWWME+O2Hf1LkN4V6GZCYDyr2gGTmECP5czn038i/nQynzROZP
 71 | F76nV0s3a+e1oM/Y/tZyy1Lb1Hl3K20cEuE8NhbGtmg6Hwkj2ypxIE430KVNrPvu
 72 | 7QIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl
 73 | bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUiCDuy0Xc0rIsxrBd42t8u1Qi
 74 | 24cwHwYDVR0jBBgwFoAUBgRtHYmcSxgTTM809nl7FI/wnsswDQYJKoZIhvcNAQEL
 75 | BQADggEBAGsxK6p4Ur5tcrOGoS+8XZrM/9KsSBztYLHzu/6bPmONXP5kDGONKtR8
 76 | 1mYIo9OuwDz5pfoNTqr8lK3tX6XfRLJ9JMaLQYq5L0a0MB/lyA1OM0KzoKy4tszl
 77 | +RhW59biJLJ14QPAAttzqdvhIWnl4L1ejNx0cCKVi8cZ9B0s39EX1AgG6N6XMiYY
 78 | pXmG6sS4Cxr3R8hd14HOSVXc+pKxyVmG1OSexNXdQ/mUmcF1LGrPxOthCHZsoIeE
 79 | N/Io9fjUuvhuyJzbjsiq+tEG5TyL8E6imHr3ifFA2g0nj7L0UGmPMDlDxZ9RcuLp
 80 | AG5ZCHMB+paJoeYJ98kSIWf+HFgW9vk=
 81 | -----END CERTIFICATE-----
 82 | -----BEGIN PRIVATE KEY-----
 83 | MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzVrldOayoITkK
 84 | 7DJhAHB5rSP5u8y3mgCNaCFI66vey/KEy6ncbu9HTr4dwWWSkUUtIYtXiCh+Rt9t
 85 | SXxH12aMz0gQ2e8QBIelZwj9X5CUEVzbDDvUUwUqQtwdOFNkelgLbU3Mmz4Xh0Em
 86 | /uvVfY1RTAsLWSTzUNes/ZVF4aIHz6ECM+JKVqeovzbjorkfTygWWKVFeTcOW7pi
 87 | /UdxigVewLptQs9wpmdpeNZYwT47Yd/UuQ3hXoZkJgPKvaAZOYQI/lzOfTfyL+dD
 88 | KfNE5k8XvqdXSzdr57Wgz9j+1nLLUtvUeXcrbRwS4Tw2Fsa2aDofCSPbKnEgTjfQ
 89 | pU2s++7tAgMBAAECggEAYNDMuRtNrmZhGRhyChPmpIloBoXv+p5U9gHlFizEWD7Z
 90 | 6f7Y8HujCWflEsM5RmrOYZLeWp7S3Xj9XU5ynYYXgqTUTuSYPplzcUOygrZ4orbM
 91 | 3iQ4mGNJQotdsRibTH8P0PttKKwWVTVbYuX0AwkIpX7b54B0hjZ6eJVdZKBujLAO
 92 | dzB7CLfpRAWPlmTsho0Utyh8WZ3yy/HaRLm5zkkAedUZJ4Y+C/dZ3E0Jq/CZptFd
 93 | kifwEWg+rWXhZqK1TWcKUj80lxRqsLm26N1e5aELxxZ3bmVJ5+slYn8Ur9SLCPZP
 94 | VuIaCjWjqTDaF0Y4Mbnon+UT36XjNnBUOI7yoMHZMQKBgQDkVBp+HbEugfHrkaRS
 95 | OUIUlNoaXbg9Yacv/9TRfhTLuxwJKEcL55cqexPfOVUivlx7lNpafCxUss5c3JjV
 96 | GGmkrgO59bq9HfeVD2lw3MbK3UElXdsd/hLby2eTK1BIa0sim47O8hHeFRtyS86u
 97 | igpvADf2p97FBtYvfyYEc4NWawKBgQDJErZcjcHo5o6iumqC8rdpFpl2iw/e44S1
 98 | /FLuPNY4x4VpmjIbcq0x9uH0mP64epjS7j1xmSzeNaLpjZbi6MIKLnuVzk3Tu7s7
 99 | hW1FddBCus6O/hBEZoe80imPNFRGswdYV3+010VvQrX9uNhKtUBImpCMeaSfPxkU
100 | nNdztv42BwKBgDwJIS4oAH6KDGI0WVCFXaqruO1V1yvMkXk9e2faDv3CpQyDWqr2
101 | qfixg/gdyxTnmMmlygQgwkdC/J/OISFm2eBDIRe0VPWE+6Rl+QOECYEtzANXOlYY
102 | iDzirskziliAXbEr1dD0NV5/jkfvRtj90uB83josyZZkxcyXUhe5h78hAoGABUSV
103 | PIWGQAjSUdcadUXQolMyQBXSm59QWcg7j/xODHzFtQeSKn/to7J5JwRfIAwuNtCB
104 | EZnWwBedpgrMmjNI6iVfnYQjK9nuRNfxDfHRO/5S7RIg8PnSspK6/gJ79sI3/guE
105 | 0AMX0Zto0zXljMeE4KIUCWoicv2fNZgKWQDBVj8CgYEA4ITpUhV7FNPw76Zo+9nY
106 | 48czmOeVo0MfrBMdFq8KJoh6zx2MA5GFeyPu3CP74vwYlc2PH8amHjkGzTmP5kO3
107 | Hthmvmeru9ic4oJnK7NkpcST8mESeb1GZEpIUh7c6saT1J2/O69c6zvVvZEAmjyX
108 | 7XNa7qpjZ4tTAFLPa3NGDdo=
109 | -----END PRIVATE KEY-----
110 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_ssl/system/local/indexes.conf:
--------------------------------------------------------------------------------
 1 | # same with [main]
 2 | 
 3 | [default_index_test]
 4 | homePath   = $SPLUNK_DB/default_index_test/db
 5 | coldPath   = $SPLUNK_DB/default_index_test/colddb
 6 | thawedPath = $SPLUNK_DB/default_index_test/thaweddb
 7 | tstatsHomePath = volume:_splunk_summaries/default_index_test/datamodel_summary
 8 | maxMemMB = 20
 9 | maxConcurrentOptimizes = 6
10 | maxHotIdleSecs = 86400
11 | maxHotBuckets = 10
12 | maxDataSize = auto_high_volume
13 | 
14 | [index_key_test]
15 | homePath   = $SPLUNK_DB/index_key_test/db
16 | coldPath   = $SPLUNK_DB/index_key_test/colddb
17 | thawedPath = $SPLUNK_DB/index_key_test/thaweddb
18 | tstatsHomePath = volume:_splunk_summaries/index_key_test/datamodel_summary
19 | maxMemMB = 20
20 | maxConcurrentOptimizes = 6
21 | maxHotIdleSecs = 86400
22 | maxHotBuckets = 10
23 | maxDataSize = auto_high_volume
24 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_ssl/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 
7 | [kvstore]
8 | port = 8391
9 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_ssl/system/local/web.conf:
--------------------------------------------------------------------------------
1 | [settings]
2 | httpport = 8200
3 | mgmtHostPort = 127.0.0.1:8289
4 | appServerPorts = 8265
5 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_tcp/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [tcp://12300]
2 | sourcetype = fluentd
3 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_tcp/apps/search/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_tcp/apps/splunk_httpinput/local/inputs.conf:
--------------------------------------------------------------------------------
 1 | [http]
 2 | disabled=0
 3 | port=8088
 4 | enableSSL=0
 5 | dedicatedIoThreads=2
 6 | maxThreads = 0
 7 | maxSockets = 0
 8 | useDeploymentServer=0
 9 | 
10 | [http://FluentTestNoAck]
11 | disabled = 0
12 | token = 00000000-0000-0000-0000-000000000000
13 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_tcp/system/local/indexes.conf:
--------------------------------------------------------------------------------
 1 | # same with [main]
 2 | 
 3 | [default_index_test]
 4 | homePath   = $SPLUNK_DB/default_index_test/db
 5 | coldPath   = $SPLUNK_DB/default_index_test/colddb
 6 | thawedPath = $SPLUNK_DB/default_index_test/thaweddb
 7 | tstatsHomePath = volume:_splunk_summaries/default_index_test/datamodel_summary
 8 | maxMemMB = 20
 9 | maxConcurrentOptimizes = 6
10 | maxHotIdleSecs = 86400
11 | maxHotBuckets = 10
12 | maxDataSize = auto_high_volume
13 | 
14 | [index_key_test]
15 | homePath   = $SPLUNK_DB/index_key_test/db
16 | coldPath   = $SPLUNK_DB/index_key_test/colddb
17 | thawedPath = $SPLUNK_DB/index_key_test/thaweddb
18 | tstatsHomePath = volume:_splunk_summaries/index_key_test/datamodel_summary
19 | maxMemMB = 20
20 | maxConcurrentOptimizes = 6
21 | maxHotIdleSecs = 86400
22 | maxHotBuckets = 10
23 | maxDataSize = auto_high_volume
24 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.3.9/etc_tcp/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM debian:jessie
 2 | 
 3 | ENV SPLUNK_PRODUCT splunk
 4 | ENV SPLUNK_VERSION 6.4.6
 5 | ENV SPLUNK_BUILD 6635aa31e851
 6 | ENV SPLUNK_FILENAME splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-x86_64.tgz
 7 | 
 8 | ENV SPLUNK_HOME_TCP /opt/splunk_tcp
 9 | ENV SPLUNK_HOME_SSL /opt/splunk_ssl
10 | 
11 | ENV SPLUNK_GROUP splunk
12 | ENV SPLUNK_USER splunk
13 | 
14 | ARG DEBIAN_FRONTEND=noninteractive
15 | 
16 | # add splunk:splunk user
17 | RUN groupadd -r ${SPLUNK_GROUP} \
18 |     && useradd -r -m -g ${SPLUNK_GROUP} ${SPLUNK_USER}
19 | 
20 | # make the "en_US.UTF-8" locale so splunk will be utf-8 enabled by default
21 | RUN apt-get update && apt-get install -y locales \
22 |     && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
23 | ENV LANG en_US.utf8
24 | 
25 | # pdfgen dependency
26 | RUN apt-get install -y libgssapi-krb5-2
27 | 
28 | # Download official Splunk release, verify checksum and unzip in /opt/splunk_{tcp,ssl}
29 | RUN apt-get install -y wget sudo \
30 |     && mkdir -p ${SPLUNK_HOME_TCP} \
31 |     && mkdir -p ${SPLUNK_HOME_SSL} \
32 |     && wget -qO /tmp/${SPLUNK_FILENAME} https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME} \
33 |     && wget -qO /tmp/${SPLUNK_FILENAME}.md5 https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME}.md5 \
34 |     && (cd /tmp && md5sum -c ${SPLUNK_FILENAME}.md5) \
35 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_TCP} \
36 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_SSL} \
37 |     && rm /tmp/${SPLUNK_FILENAME} \
38 |     && rm /tmp/${SPLUNK_FILENAME}.md5 \
39 |     && apt-get purge -y --auto-remove wget \
40 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_TCP} \
41 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_SSL} \
42 |     && rm -rf /var/lib/apt/lists/*
43 | 
44 | ##### Copy config files #####
45 | ### TCP
46 | ## TCP raw
47 | # etc/apps/search/local/inputs.conf
48 | ## HEC
49 | # etc_tcp/apps/splunk_httpinput/local/inputs.conf
50 | ## system config
51 | # etc/system/local/props.conf
52 | # etc/system/local/server.conf
53 | # etc/system/local/indexes.conf
54 | 
55 | ### SSL
56 | ## TCP raw
57 | # etc/apps/search/local/inputs.conf
58 | ## HEC
59 | # etc/apps/splunk_httpinput/local/inputs.conf
60 | ## Certificates
61 | # etc/auth/server.pem
62 | # etc/auth/cacert.pem
63 | ## system config
64 | # etc/system/local/props.conf
65 | # etc/system/local/server.conf
66 | # etc/system/local/indexes.conf
67 | # etc/system/local/web.conf
68 | 
69 | COPY etc_tcp/apps/splunk_httpinput/local/inputs.conf ${SPLUNK_HOME_TCP}/etc/apps/splunk_httpinput/local/inputs.conf
70 | COPY etc_ssl/apps/splunk_httpinput/local/inputs.conf ${SPLUNK_HOME_SSL}/etc/apps/splunk_httpinput/local/inputs.conf
71 | 
72 | COPY etc_tcp/apps/search/local/inputs.conf ${SPLUNK_HOME_TCP}/etc/apps/search/local/inputs.conf
73 | COPY etc_ssl/apps/search/local/inputs.conf ${SPLUNK_HOME_SSL}/etc/apps/search/local/inputs.conf
74 | 
75 | COPY etc_ssl/auth/server.pem ${SPLUNK_HOME_SSL}/etc/auth/server.pem
76 | COPY etc_ssl/auth/cacert.pem ${SPLUNK_HOME_SSL}/etc/auth/cacert.pem
77 | 
78 | COPY etc_tcp/system/local/props.conf ${SPLUNK_HOME_TCP}/etc/system/local/props.conf
79 | COPY etc_tcp/system/local/server.conf ${SPLUNK_HOME_TCP}/etc/system/local/server.conf
80 | COPY etc_tcp/system/local/indexes.conf ${SPLUNK_HOME_TCP}/etc/system/local/indexes.conf
81 | COPY etc_ssl/system/local/props.conf ${SPLUNK_HOME_SSL}/etc/system/local/props.conf
82 | COPY etc_ssl/system/local/server.conf ${SPLUNK_HOME_SSL}/etc/system/local/server.conf
83 | COPY etc_ssl/system/local/indexes.conf ${SPLUNK_HOME_SSL}/etc/system/local/indexes.conf
84 | COPY etc_ssl/system/local/web.conf ${SPLUNK_HOME_SSL}/etc/system/local/web.conf
85 | 
86 | COPY entrypoint.sh /sbin/entrypoint.sh
87 | RUN chmod +x /sbin/entrypoint.sh
88 | 
89 | # Ports Splunk Web, Splunk Daemon, KVStore, Splunk Indexing Port, Network Input, HTTP Event Collector
90 | #EXPOSE 8000/tcp 8089/tcp 8191/tcp 12300/tcp 1514 8088/tcp
91 | #EXPOSE 8200/tcp 8289/tcp 8391/tcp 11250/tcp 1714 8288/tcp
92 | 
93 | WORKDIR /opt
94 | 
95 | ENTRYPOINT ["/sbin/entrypoint.sh"]
96 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e
 4 | 
 5 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_TCP}/etc/splunk-launch.conf
 6 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_SSL}/etc/splunk-launch.conf
 7 | 
 8 | SPLUNK_HOME=$SPLUNK_HOME_TCP sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk start --accept-license
 9 | SPLUNK_HOME=$SPLUNK_HOME_SSL sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk start --accept-license
10 | 
11 | # Trap exit signal and shutdown gracefully
12 | trap "sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk stop; sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk stop" SIGINT SIGTERM EXIT
13 | 
14 | sudo -HEu ${SPLUNK_USER} tail -n 0 -f ${SPLUNK_HOME_TCP}/var/log/splunk/splunkd_stderr.log &
15 | wait
16 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_ssl/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [SSL]
2 | serverCert=$SPLUNK_HOME/etc/auth/server.pem
3 | rootCA=$SPLUNK_HOME/etc/auth/cacert.pem
4 | requireClientCert=true
5 | 
6 | [tcp-ssl://12500]
7 | sourcetype = fluentd
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_ssl/apps/splunk_httpinput/local/inputs.conf:
--------------------------------------------------------------------------------
 1 | # from /etc/apps/splunk_httpinputs/local/inputs.conf
 2 | [http]
 3 | #### edited ->
 4 | sslKeysfile=$SPLUNK_HOME/etc/auth/server.pem
 5 | disabled=0
 6 | requireClientCert=true
 7 | caCertFile=$SPLUNK_HOME/etc/auth/cacert.pem
 8 | port=8288
 9 | #### edited <-
10 | enableSSL=1
11 | dedicatedIoThreads=2
12 | maxThreads = 0
13 | maxSockets = 0
14 | useDeploymentServer=0
15 | # ssl settings are similar to mgmt server
16 | sslVersions=*,-ssl2
17 | allowSslCompression=true
18 | allowSslRenegotiation=true
19 | 
20 | [http://FluentTestNoAck]
21 | disabled = 0
22 | token = 00000000-0000-0000-0000-000000000000
23 | useACK = false
24 | 
25 | [http://FluentTestAck]
26 | disabled = 0
27 | token = 00000000-0000-0000-0000-000000000001
28 | useACK = true
29 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_ssl/auth/ca.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_ssl/auth/cacert.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_ssl/auth/server.pem:
--------------------------------------------------------------------------------
  1 | Certificate:
  2 |     Data:
  3 |         Version: 3 (0x2)
  4 |         Serial Number: 1 (0x1)
  5 |     Signature Algorithm: sha256WithRSAEncryption
  6 |         Issuer: C=JP, ST=Tokyo, L=Tokyo, O=Tokyo, OU=Tokyo, CN=myCA
  7 |         Validity
  8 |             Not Before: Apr  4 15:18:05 2018 GMT
  9 |             Not After : Apr  1 15:18:05 2028 GMT
 10 |         Subject: C=JP, ST=Tokyo, O=Tokyo, OU=Tokyo, CN=127.0.0.1
 11 |         Subject Public Key Info:
 12 |             Public Key Algorithm: rsaEncryption
 13 |                 Public-Key: (2048 bit)
 14 |                 Modulus:
 15 |                     00:b3:56:b9:5d:39:ac:a8:21:39:0a:ec:32:61:00:
 16 |                     70:79:ad:23:f9:bb:cc:b7:9a:00:8d:68:21:48:eb:
 17 |                     ab:de:cb:f2:84:cb:a9:dc:6e:ef:47:4e:be:1d:c1:
 18 |                     65:92:91:45:2d:21:8b:57:88:28:7e:46:df:6d:49:
 19 |                     7c:47:d7:66:8c:cf:48:10:d9:ef:10:04:87:a5:67:
 20 |                     08:fd:5f:90:94:11:5c:db:0c:3b:d4:53:05:2a:42:
 21 |                     dc:1d:38:53:64:7a:58:0b:6d:4d:cc:9b:3e:17:87:
 22 |                     41:26:fe:eb:d5:7d:8d:51:4c:0b:0b:59:24:f3:50:
 23 |                     d7:ac:fd:95:45:e1:a2:07:cf:a1:02:33:e2:4a:56:
 24 |                     a7:a8:bf:36:e3:a2:b9:1f:4f:28:16:58:a5:45:79:
 25 |                     37:0e:5b:ba:62:fd:47:71:8a:05:5e:c0:ba:6d:42:
 26 |                     cf:70:a6:67:69:78:d6:58:c1:3e:3b:61:df:d4:b9:
 27 |                     0d:e1:5e:86:64:26:03:ca:bd:a0:19:39:84:08:fe:
 28 |                     5c:ce:7d:37:f2:2f:e7:43:29:f3:44:e6:4f:17:be:
 29 |                     a7:57:4b:37:6b:e7:b5:a0:cf:d8:fe:d6:72:cb:52:
 30 |                     db:d4:79:77:2b:6d:1c:12:e1:3c:36:16:c6:b6:68:
 31 |                     3a:1f:09:23:db:2a:71:20:4e:37:d0:a5:4d:ac:fb:
 32 |                     ee:ed
 33 |                 Exponent: 65537 (0x10001)
 34 |         X509v3 extensions:
 35 |             X509v3 Basic Constraints: 
 36 |                 CA:FALSE
 37 |             Netscape Comment: 
 38 |                 OpenSSL Generated Certificate
 39 |             X509v3 Subject Key Identifier: 
 40 |                 88:20:EE:CB:45:DC:D2:B2:2C:C6:B0:5D:E3:6B:7C:BB:54:22:DB:87
 41 |             X509v3 Authority Key Identifier: 
 42 |                 keyid:06:04:6D:1D:89:9C:4B:18:13:4C:CF:34:F6:79:7B:14:8F:F0:9E:CB
 43 | 
 44 |     Signature Algorithm: sha256WithRSAEncryption
 45 |          6b:31:2b:aa:78:52:be:6d:72:b3:86:a1:2f:bc:5d:9a:cc:ff:
 46 |          d2:ac:48:1c:ed:60:b1:f3:bb:fe:9b:3e:63:8d:5c:fe:64:0c:
 47 |          63:8d:2a:d4:7c:d6:66:08:a3:d3:ae:c0:3c:f9:a5:fa:0d:4e:
 48 |          aa:fc:94:ad:ed:5f:a5:df:44:b2:7d:24:c6:8b:41:8a:b9:2f:
 49 |          46:b4:30:1f:e5:c8:0d:4e:33:42:b3:a0:ac:b8:b6:cc:e5:f9:
 50 |          18:56:e7:d6:e2:24:b2:75:e1:03:c0:02:db:73:a9:db:e1:21:
 51 |          69:e5:e0:bd:5e:8c:dc:74:70:22:95:8b:c7:19:f4:1d:2c:df:
 52 |          d1:17:d4:08:06:e8:de:97:32:26:18:a5:79:86:ea:c4:b8:0b:
 53 |          1a:f7:47:c8:5d:d7:81:ce:49:55:dc:fa:92:b1:c9:59:86:d4:
 54 |          e4:9e:c4:d5:dd:43:f9:94:99:c1:75:2c:6a:cf:c4:eb:61:08:
 55 |          76:6c:a0:87:84:37:f2:28:f5:f8:d4:ba:f8:6e:c8:9c:db:8e:
 56 |          c8:aa:fa:d1:06:e5:3c:8b:f0:4e:a2:98:7a:f7:89:f1:40:da:
 57 |          0d:27:8f:b2:f4:50:69:8f:30:39:43:c5:9f:51:72:e2:e9:00:
 58 |          6e:59:08:73:01:fa:96:89:a1:e6:09:f7:c9:12:21:67:fe:1c:
 59 |          58:16:f6:f9
 60 | -----BEGIN CERTIFICATE-----
 61 | MIIDozCCAougAwIBAgIBATANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJKUDEO
 62 | MAwGA1UECAwFVG9reW8xDjAMBgNVBAcMBVRva3lvMQ4wDAYDVQQKDAVUb2t5bzEO
 63 | MAwGA1UECwwFVG9reW8xDTALBgNVBAMMBG15Q0EwHhcNMTgwNDA0MTUxODA1WhcN
 64 | MjgwNDAxMTUxODA1WjBRMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xDjAM
 65 | BgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVUb2t5bzESMBAGA1UEAwwJMTI3LjAuMC4x
 66 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1a5XTmsqCE5CuwyYQBw
 67 | ea0j+bvMt5oAjWghSOur3svyhMup3G7vR06+HcFlkpFFLSGLV4gofkbfbUl8R9dm
 68 | jM9IENnvEASHpWcI/V+QlBFc2ww71FMFKkLcHThTZHpYC21NzJs+F4dBJv7r1X2N
 69 | UUwLC1kk81DXrP2VReGiB8+hAjPiSlanqL8246K5H08oFlilRXk3Dlu6Yv1HcYoF
 70 | XsC6bULPcKZnaXjWWME+O2Hf1LkN4V6GZCYDyr2gGTmECP5czn038i/nQynzROZP
 71 | F76nV0s3a+e1oM/Y/tZyy1Lb1Hl3K20cEuE8NhbGtmg6Hwkj2ypxIE430KVNrPvu
 72 | 7QIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl
 73 | bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUiCDuy0Xc0rIsxrBd42t8u1Qi
 74 | 24cwHwYDVR0jBBgwFoAUBgRtHYmcSxgTTM809nl7FI/wnsswDQYJKoZIhvcNAQEL
 75 | BQADggEBAGsxK6p4Ur5tcrOGoS+8XZrM/9KsSBztYLHzu/6bPmONXP5kDGONKtR8
 76 | 1mYIo9OuwDz5pfoNTqr8lK3tX6XfRLJ9JMaLQYq5L0a0MB/lyA1OM0KzoKy4tszl
 77 | +RhW59biJLJ14QPAAttzqdvhIWnl4L1ejNx0cCKVi8cZ9B0s39EX1AgG6N6XMiYY
 78 | pXmG6sS4Cxr3R8hd14HOSVXc+pKxyVmG1OSexNXdQ/mUmcF1LGrPxOthCHZsoIeE
 79 | N/Io9fjUuvhuyJzbjsiq+tEG5TyL8E6imHr3ifFA2g0nj7L0UGmPMDlDxZ9RcuLp
 80 | AG5ZCHMB+paJoeYJ98kSIWf+HFgW9vk=
 81 | -----END CERTIFICATE-----
 82 | -----BEGIN PRIVATE KEY-----
 83 | MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzVrldOayoITkK
 84 | 7DJhAHB5rSP5u8y3mgCNaCFI66vey/KEy6ncbu9HTr4dwWWSkUUtIYtXiCh+Rt9t
 85 | SXxH12aMz0gQ2e8QBIelZwj9X5CUEVzbDDvUUwUqQtwdOFNkelgLbU3Mmz4Xh0Em
 86 | /uvVfY1RTAsLWSTzUNes/ZVF4aIHz6ECM+JKVqeovzbjorkfTygWWKVFeTcOW7pi
 87 | /UdxigVewLptQs9wpmdpeNZYwT47Yd/UuQ3hXoZkJgPKvaAZOYQI/lzOfTfyL+dD
 88 | KfNE5k8XvqdXSzdr57Wgz9j+1nLLUtvUeXcrbRwS4Tw2Fsa2aDofCSPbKnEgTjfQ
 89 | pU2s++7tAgMBAAECggEAYNDMuRtNrmZhGRhyChPmpIloBoXv+p5U9gHlFizEWD7Z
 90 | 6f7Y8HujCWflEsM5RmrOYZLeWp7S3Xj9XU5ynYYXgqTUTuSYPplzcUOygrZ4orbM
 91 | 3iQ4mGNJQotdsRibTH8P0PttKKwWVTVbYuX0AwkIpX7b54B0hjZ6eJVdZKBujLAO
 92 | dzB7CLfpRAWPlmTsho0Utyh8WZ3yy/HaRLm5zkkAedUZJ4Y+C/dZ3E0Jq/CZptFd
 93 | kifwEWg+rWXhZqK1TWcKUj80lxRqsLm26N1e5aELxxZ3bmVJ5+slYn8Ur9SLCPZP
 94 | VuIaCjWjqTDaF0Y4Mbnon+UT36XjNnBUOI7yoMHZMQKBgQDkVBp+HbEugfHrkaRS
 95 | OUIUlNoaXbg9Yacv/9TRfhTLuxwJKEcL55cqexPfOVUivlx7lNpafCxUss5c3JjV
 96 | GGmkrgO59bq9HfeVD2lw3MbK3UElXdsd/hLby2eTK1BIa0sim47O8hHeFRtyS86u
 97 | igpvADf2p97FBtYvfyYEc4NWawKBgQDJErZcjcHo5o6iumqC8rdpFpl2iw/e44S1
 98 | /FLuPNY4x4VpmjIbcq0x9uH0mP64epjS7j1xmSzeNaLpjZbi6MIKLnuVzk3Tu7s7
 99 | hW1FddBCus6O/hBEZoe80imPNFRGswdYV3+010VvQrX9uNhKtUBImpCMeaSfPxkU
100 | nNdztv42BwKBgDwJIS4oAH6KDGI0WVCFXaqruO1V1yvMkXk9e2faDv3CpQyDWqr2
101 | qfixg/gdyxTnmMmlygQgwkdC/J/OISFm2eBDIRe0VPWE+6Rl+QOECYEtzANXOlYY
102 | iDzirskziliAXbEr1dD0NV5/jkfvRtj90uB83josyZZkxcyXUhe5h78hAoGABUSV
103 | PIWGQAjSUdcadUXQolMyQBXSm59QWcg7j/xODHzFtQeSKn/to7J5JwRfIAwuNtCB
104 | EZnWwBedpgrMmjNI6iVfnYQjK9nuRNfxDfHRO/5S7RIg8PnSspK6/gJ79sI3/guE
105 | 0AMX0Zto0zXljMeE4KIUCWoicv2fNZgKWQDBVj8CgYEA4ITpUhV7FNPw76Zo+9nY
106 | 48czmOeVo0MfrBMdFq8KJoh6zx2MA5GFeyPu3CP74vwYlc2PH8amHjkGzTmP5kO3
107 | Hthmvmeru9ic4oJnK7NkpcST8mESeb1GZEpIUh7c6saT1J2/O69c6zvVvZEAmjyX
108 | 7XNa7qpjZ4tTAFLPa3NGDdo=
109 | -----END PRIVATE KEY-----
110 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_ssl/system/local/indexes.conf:
--------------------------------------------------------------------------------
 1 | # same with [main]
 2 | 
 3 | [default_index_test]
 4 | homePath   = $SPLUNK_DB/default_index_test/db
 5 | coldPath   = $SPLUNK_DB/default_index_test/colddb
 6 | thawedPath = $SPLUNK_DB/default_index_test/thaweddb
 7 | tstatsHomePath = volume:_splunk_summaries/default_index_test/datamodel_summary
 8 | maxMemMB = 20
 9 | maxConcurrentOptimizes = 6
10 | maxHotIdleSecs = 86400
11 | maxHotBuckets = 10
12 | maxDataSize = auto_high_volume
13 | 
14 | [index_key_test]
15 | homePath   = $SPLUNK_DB/index_key_test/db
16 | coldPath   = $SPLUNK_DB/index_key_test/colddb
17 | thawedPath = $SPLUNK_DB/index_key_test/thaweddb
18 | tstatsHomePath = volume:_splunk_summaries/index_key_test/datamodel_summary
19 | maxMemMB = 20
20 | maxConcurrentOptimizes = 6
21 | maxHotIdleSecs = 86400
22 | maxHotBuckets = 10
23 | maxDataSize = auto_high_volume
24 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_ssl/system/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_ssl/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 
7 | [kvstore]
8 | port = 8391
9 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_ssl/system/local/web.conf:
--------------------------------------------------------------------------------
1 | [settings]
2 | httpport = 8200
3 | mgmtHostPort = 127.0.0.1:8289
4 | appServerPorts = 8265
5 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_tcp/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [tcp://12300]
2 | sourcetype = fluentd
3 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_tcp/apps/splunk_httpinput/local/inputs.conf:
--------------------------------------------------------------------------------
 1 | [http]
 2 | disabled=0
 3 | port=8088
 4 | enableSSL=0
 5 | dedicatedIoThreads=2
 6 | maxThreads = 0
 7 | maxSockets = 0
 8 | useDeploymentServer=0
 9 | 
10 | [http://FluentTestNoAck]
11 | disabled = 0
12 | token = 00000000-0000-0000-0000-000000000000
13 | useACK = false
14 | 
15 | [http://FluentTestAck]
16 | disabled = 0
17 | token = 00000000-0000-0000-0000-000000000001
18 | useACK = true
19 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_tcp/system/local/indexes.conf:
--------------------------------------------------------------------------------
 1 | # same with [main]
 2 | 
 3 | [default_index_test]
 4 | homePath   = $SPLUNK_DB/default_index_test/db
 5 | coldPath   = $SPLUNK_DB/default_index_test/colddb
 6 | thawedPath = $SPLUNK_DB/default_index_test/thaweddb
 7 | tstatsHomePath = volume:_splunk_summaries/default_index_test/datamodel_summary
 8 | maxMemMB = 20
 9 | maxConcurrentOptimizes = 6
10 | maxHotIdleSecs = 86400
11 | maxHotBuckets = 10
12 | maxDataSize = auto_high_volume
13 | 
14 | [index_key_test]
15 | homePath   = $SPLUNK_DB/index_key_test/db
16 | coldPath   = $SPLUNK_DB/index_key_test/colddb
17 | thawedPath = $SPLUNK_DB/index_key_test/thaweddb
18 | tstatsHomePath = volume:_splunk_summaries/index_key_test/datamodel_summary
19 | maxMemMB = 20
20 | maxConcurrentOptimizes = 6
21 | maxHotIdleSecs = 86400
22 | maxHotBuckets = 10
23 | maxDataSize = auto_high_volume
24 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_tcp/system/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.4.6/etc_tcp/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM debian:jessie
 2 | 
 3 | ENV SPLUNK_PRODUCT splunk
 4 | ENV SPLUNK_VERSION 6.5.2
 5 | ENV SPLUNK_BUILD 67571ef4b87d
 6 | ENV SPLUNK_FILENAME splunk-${SPLUNK_VERSION}-${SPLUNK_BUILD}-Linux-x86_64.tgz
 7 | 
 8 | ENV SPLUNK_HOME_TCP /opt/splunk_tcp
 9 | ENV SPLUNK_HOME_SSL /opt/splunk_ssl
10 | 
11 | ENV SPLUNK_GROUP splunk
12 | ENV SPLUNK_USER splunk
13 | 
14 | ARG DEBIAN_FRONTEND=noninteractive
15 | 
16 | # add splunk:splunk user
17 | RUN groupadd -r ${SPLUNK_GROUP} \
18 |     && useradd -r -m -g ${SPLUNK_GROUP} ${SPLUNK_USER}
19 | 
20 | # make the "en_US.UTF-8" locale so splunk will be utf-8 enabled by default
21 | RUN apt-get update && apt-get install -y locales \
22 |     && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
23 | ENV LANG en_US.utf8
24 | 
25 | # pdfgen dependency
26 | RUN apt-get install -y libgssapi-krb5-2
27 | 
28 | # Download official Splunk release, verify checksum and unzip in /opt/splunk_{tcp,ssl}
29 | RUN apt-get install -y wget sudo \
30 |     && mkdir -p ${SPLUNK_HOME_TCP} \
31 |     && mkdir -p ${SPLUNK_HOME_SSL} \
32 |     && wget -qO /tmp/${SPLUNK_FILENAME} https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME} \
33 |     && wget -qO /tmp/${SPLUNK_FILENAME}.md5 https://download.splunk.com/products/${SPLUNK_PRODUCT}/releases/${SPLUNK_VERSION}/linux/${SPLUNK_FILENAME}.md5 \
34 |     && (cd /tmp && md5sum -c ${SPLUNK_FILENAME}.md5) \
35 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_TCP} \
36 |     && tar xzf /tmp/${SPLUNK_FILENAME} --strip 1 -C ${SPLUNK_HOME_SSL} \
37 |     && rm /tmp/${SPLUNK_FILENAME} \
38 |     && rm /tmp/${SPLUNK_FILENAME}.md5 \
39 |     && apt-get purge -y --auto-remove wget \
40 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_TCP} \
41 |     && chown -R ${SPLUNK_USER}:${SPLUNK_GROUP} ${SPLUNK_HOME_SSL} \
42 |     && rm -rf /var/lib/apt/lists/*
43 | 
44 | ##### Copy config files #####
45 | ### TCP
46 | ## TCP raw
47 | # etc/apps/search/local/inputs.conf
48 | ## HEC
49 | # etc_tcp/apps/splunk_httpinput/local/inputs.conf
50 | ## system config
51 | # etc/system/local/props.conf
52 | # etc/system/local/server.conf
53 | # etc/system/local/indexes.conf
54 | 
55 | ### SSL
56 | ## TCP raw
57 | # etc/apps/search/local/inputs.conf
58 | ## HEC
59 | # etc/apps/splunk_httpinput/local/inputs.conf
60 | ## Certificates
61 | # etc/auth/server.pem
62 | # etc/auth/cacert.pem
63 | ## system config
64 | # etc/system/local/props.conf
65 | # etc/system/local/server.conf
66 | # etc/system/local/indexes.conf
67 | # etc/system/local/web.conf
68 | 
69 | COPY etc_tcp/apps/splunk_httpinput/local/inputs.conf ${SPLUNK_HOME_TCP}/etc/apps/splunk_httpinput/local/inputs.conf
70 | COPY etc_ssl/apps/splunk_httpinput/local/inputs.conf ${SPLUNK_HOME_SSL}/etc/apps/splunk_httpinput/local/inputs.conf
71 | 
72 | COPY etc_tcp/apps/search/local/inputs.conf ${SPLUNK_HOME_TCP}/etc/apps/search/local/inputs.conf
73 | COPY etc_ssl/apps/search/local/inputs.conf ${SPLUNK_HOME_SSL}/etc/apps/search/local/inputs.conf
74 | 
75 | COPY etc_ssl/auth/server.pem ${SPLUNK_HOME_SSL}/etc/auth/server.pem
76 | COPY etc_ssl/auth/cacert.pem ${SPLUNK_HOME_SSL}/etc/auth/cacert.pem
77 | 
78 | COPY etc_tcp/system/local/props.conf ${SPLUNK_HOME_TCP}/etc/system/local/props.conf
79 | COPY etc_tcp/system/local/server.conf ${SPLUNK_HOME_TCP}/etc/system/local/server.conf
80 | COPY etc_tcp/system/local/indexes.conf ${SPLUNK_HOME_TCP}/etc/system/local/indexes.conf
81 | COPY etc_ssl/system/local/props.conf ${SPLUNK_HOME_SSL}/etc/system/local/props.conf
82 | COPY etc_ssl/system/local/server.conf ${SPLUNK_HOME_SSL}/etc/system/local/server.conf
83 | COPY etc_ssl/system/local/indexes.conf ${SPLUNK_HOME_SSL}/etc/system/local/indexes.conf
84 | COPY etc_ssl/system/local/web.conf ${SPLUNK_HOME_SSL}/etc/system/local/web.conf
85 | 
86 | COPY entrypoint.sh /sbin/entrypoint.sh
87 | RUN chmod +x /sbin/entrypoint.sh
88 | 
89 | # Ports Splunk Web, Splunk Daemon, KVStore, Splunk Indexing Port, Network Input, HTTP Event Collector
90 | #EXPOSE 8000/tcp 8089/tcp 8191/tcp 12300/tcp 1514 8088/tcp
91 | #EXPOSE 8200/tcp 8289/tcp 8391/tcp 11250/tcp 1714 8288/tcp
92 | 
93 | WORKDIR /opt
94 | 
95 | ENTRYPOINT ["/sbin/entrypoint.sh"]
96 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/entrypoint.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e
 4 | 
 5 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_TCP}/etc/splunk-launch.conf
 6 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_SSL}/etc/splunk-launch.conf
 7 | 
 8 | SPLUNK_HOME=$SPLUNK_HOME_TCP sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk start --accept-license
 9 | SPLUNK_HOME=$SPLUNK_HOME_SSL sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk start --accept-license
10 | 
11 | # Trap exit signal and shutdown gracefully
12 | trap "sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk stop; sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk stop" SIGINT SIGTERM EXIT
13 | 
14 | sudo -HEu ${SPLUNK_USER} tail -n 0 -f ${SPLUNK_HOME_TCP}/var/log/splunk/splunkd_stderr.log &
15 | wait
16 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_ssl/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [SSL]
2 | serverCert=$SPLUNK_HOME/etc/auth/server.pem
3 | rootCA=$SPLUNK_HOME/etc/auth/cacert.pem
4 | requireClientCert=true
5 | 
6 | [tcp-ssl://12500]
7 | sourcetype = fluentd
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_ssl/apps/splunk_httpinput/local/inputs.conf:
--------------------------------------------------------------------------------
 1 | # from /etc/apps/splunk_httpinputs/local/inputs.conf
 2 | [http]
 3 | #### edited ->
 4 | serverCert=$SPLUNK_HOME/etc/auth/server.pem
 5 | disabled=0
 6 | requireClientCert=true
 7 | caCertFile=$SPLUNK_HOME/etc/auth/cacert.pem
 8 | port=8288
 9 | #### edited <-
10 | enableSSL=1
11 | dedicatedIoThreads=2
12 | maxThreads = 0
13 | maxSockets = 0
14 | useDeploymentServer=0
15 | # ssl settings are similar to mgmt server
16 | sslVersions=*,-ssl2
17 | allowSslCompression=true
18 | allowSslRenegotiation=true
19 | 
20 | [http://FluentTestNoAck]
21 | disabled = 0
22 | token = 00000000-0000-0000-0000-000000000000
23 | useACK = false
24 | 
25 | [http://FluentTestAck]
26 | disabled = 0
27 | token = 00000000-0000-0000-0000-000000000001
28 | useACK = true
29 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_ssl/auth/ca.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_ssl/auth/cacert.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_ssl/auth/server.pem:
--------------------------------------------------------------------------------
  1 | Certificate:
  2 |     Data:
  3 |         Version: 3 (0x2)
  4 |         Serial Number: 1 (0x1)
  5 |     Signature Algorithm: sha256WithRSAEncryption
  6 |         Issuer: C=JP, ST=Tokyo, L=Tokyo, O=Tokyo, OU=Tokyo, CN=myCA
  7 |         Validity
  8 |             Not Before: Apr  4 15:18:05 2018 GMT
  9 |             Not After : Apr  1 15:18:05 2028 GMT
 10 |         Subject: C=JP, ST=Tokyo, O=Tokyo, OU=Tokyo, CN=127.0.0.1
 11 |         Subject Public Key Info:
 12 |             Public Key Algorithm: rsaEncryption
 13 |                 Public-Key: (2048 bit)
 14 |                 Modulus:
 15 |                     00:b3:56:b9:5d:39:ac:a8:21:39:0a:ec:32:61:00:
 16 |                     70:79:ad:23:f9:bb:cc:b7:9a:00:8d:68:21:48:eb:
 17 |                     ab:de:cb:f2:84:cb:a9:dc:6e:ef:47:4e:be:1d:c1:
 18 |                     65:92:91:45:2d:21:8b:57:88:28:7e:46:df:6d:49:
 19 |                     7c:47:d7:66:8c:cf:48:10:d9:ef:10:04:87:a5:67:
 20 |                     08:fd:5f:90:94:11:5c:db:0c:3b:d4:53:05:2a:42:
 21 |                     dc:1d:38:53:64:7a:58:0b:6d:4d:cc:9b:3e:17:87:
 22 |                     41:26:fe:eb:d5:7d:8d:51:4c:0b:0b:59:24:f3:50:
 23 |                     d7:ac:fd:95:45:e1:a2:07:cf:a1:02:33:e2:4a:56:
 24 |                     a7:a8:bf:36:e3:a2:b9:1f:4f:28:16:58:a5:45:79:
 25 |                     37:0e:5b:ba:62:fd:47:71:8a:05:5e:c0:ba:6d:42:
 26 |                     cf:70:a6:67:69:78:d6:58:c1:3e:3b:61:df:d4:b9:
 27 |                     0d:e1:5e:86:64:26:03:ca:bd:a0:19:39:84:08:fe:
 28 |                     5c:ce:7d:37:f2:2f:e7:43:29:f3:44:e6:4f:17:be:
 29 |                     a7:57:4b:37:6b:e7:b5:a0:cf:d8:fe:d6:72:cb:52:
 30 |                     db:d4:79:77:2b:6d:1c:12:e1:3c:36:16:c6:b6:68:
 31 |                     3a:1f:09:23:db:2a:71:20:4e:37:d0:a5:4d:ac:fb:
 32 |                     ee:ed
 33 |                 Exponent: 65537 (0x10001)
 34 |         X509v3 extensions:
 35 |             X509v3 Basic Constraints: 
 36 |                 CA:FALSE
 37 |             Netscape Comment: 
 38 |                 OpenSSL Generated Certificate
 39 |             X509v3 Subject Key Identifier: 
 40 |                 88:20:EE:CB:45:DC:D2:B2:2C:C6:B0:5D:E3:6B:7C:BB:54:22:DB:87
 41 |             X509v3 Authority Key Identifier: 
 42 |                 keyid:06:04:6D:1D:89:9C:4B:18:13:4C:CF:34:F6:79:7B:14:8F:F0:9E:CB
 43 | 
 44 |     Signature Algorithm: sha256WithRSAEncryption
 45 |          6b:31:2b:aa:78:52:be:6d:72:b3:86:a1:2f:bc:5d:9a:cc:ff:
 46 |          d2:ac:48:1c:ed:60:b1:f3:bb:fe:9b:3e:63:8d:5c:fe:64:0c:
 47 |          63:8d:2a:d4:7c:d6:66:08:a3:d3:ae:c0:3c:f9:a5:fa:0d:4e:
 48 |          aa:fc:94:ad:ed:5f:a5:df:44:b2:7d:24:c6:8b:41:8a:b9:2f:
 49 |          46:b4:30:1f:e5:c8:0d:4e:33:42:b3:a0:ac:b8:b6:cc:e5:f9:
 50 |          18:56:e7:d6:e2:24:b2:75:e1:03:c0:02:db:73:a9:db:e1:21:
 51 |          69:e5:e0:bd:5e:8c:dc:74:70:22:95:8b:c7:19:f4:1d:2c:df:
 52 |          d1:17:d4:08:06:e8:de:97:32:26:18:a5:79:86:ea:c4:b8:0b:
 53 |          1a:f7:47:c8:5d:d7:81:ce:49:55:dc:fa:92:b1:c9:59:86:d4:
 54 |          e4:9e:c4:d5:dd:43:f9:94:99:c1:75:2c:6a:cf:c4:eb:61:08:
 55 |          76:6c:a0:87:84:37:f2:28:f5:f8:d4:ba:f8:6e:c8:9c:db:8e:
 56 |          c8:aa:fa:d1:06:e5:3c:8b:f0:4e:a2:98:7a:f7:89:f1:40:da:
 57 |          0d:27:8f:b2:f4:50:69:8f:30:39:43:c5:9f:51:72:e2:e9:00:
 58 |          6e:59:08:73:01:fa:96:89:a1:e6:09:f7:c9:12:21:67:fe:1c:
 59 |          58:16:f6:f9
 60 | -----BEGIN CERTIFICATE-----
 61 | MIIDozCCAougAwIBAgIBATANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJKUDEO
 62 | MAwGA1UECAwFVG9reW8xDjAMBgNVBAcMBVRva3lvMQ4wDAYDVQQKDAVUb2t5bzEO
 63 | MAwGA1UECwwFVG9reW8xDTALBgNVBAMMBG15Q0EwHhcNMTgwNDA0MTUxODA1WhcN
 64 | MjgwNDAxMTUxODA1WjBRMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xDjAM
 65 | BgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVUb2t5bzESMBAGA1UEAwwJMTI3LjAuMC4x
 66 | MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1a5XTmsqCE5CuwyYQBw
 67 | ea0j+bvMt5oAjWghSOur3svyhMup3G7vR06+HcFlkpFFLSGLV4gofkbfbUl8R9dm
 68 | jM9IENnvEASHpWcI/V+QlBFc2ww71FMFKkLcHThTZHpYC21NzJs+F4dBJv7r1X2N
 69 | UUwLC1kk81DXrP2VReGiB8+hAjPiSlanqL8246K5H08oFlilRXk3Dlu6Yv1HcYoF
 70 | XsC6bULPcKZnaXjWWME+O2Hf1LkN4V6GZCYDyr2gGTmECP5czn038i/nQynzROZP
 71 | F76nV0s3a+e1oM/Y/tZyy1Lb1Hl3K20cEuE8NhbGtmg6Hwkj2ypxIE430KVNrPvu
 72 | 7QIDAQABo3sweTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdl
 73 | bmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUiCDuy0Xc0rIsxrBd42t8u1Qi
 74 | 24cwHwYDVR0jBBgwFoAUBgRtHYmcSxgTTM809nl7FI/wnsswDQYJKoZIhvcNAQEL
 75 | BQADggEBAGsxK6p4Ur5tcrOGoS+8XZrM/9KsSBztYLHzu/6bPmONXP5kDGONKtR8
 76 | 1mYIo9OuwDz5pfoNTqr8lK3tX6XfRLJ9JMaLQYq5L0a0MB/lyA1OM0KzoKy4tszl
 77 | +RhW59biJLJ14QPAAttzqdvhIWnl4L1ejNx0cCKVi8cZ9B0s39EX1AgG6N6XMiYY
 78 | pXmG6sS4Cxr3R8hd14HOSVXc+pKxyVmG1OSexNXdQ/mUmcF1LGrPxOthCHZsoIeE
 79 | N/Io9fjUuvhuyJzbjsiq+tEG5TyL8E6imHr3ifFA2g0nj7L0UGmPMDlDxZ9RcuLp
 80 | AG5ZCHMB+paJoeYJ98kSIWf+HFgW9vk=
 81 | -----END CERTIFICATE-----
 82 | -----BEGIN PRIVATE KEY-----
 83 | MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCzVrldOayoITkK
 84 | 7DJhAHB5rSP5u8y3mgCNaCFI66vey/KEy6ncbu9HTr4dwWWSkUUtIYtXiCh+Rt9t
 85 | SXxH12aMz0gQ2e8QBIelZwj9X5CUEVzbDDvUUwUqQtwdOFNkelgLbU3Mmz4Xh0Em
 86 | /uvVfY1RTAsLWSTzUNes/ZVF4aIHz6ECM+JKVqeovzbjorkfTygWWKVFeTcOW7pi
 87 | /UdxigVewLptQs9wpmdpeNZYwT47Yd/UuQ3hXoZkJgPKvaAZOYQI/lzOfTfyL+dD
 88 | KfNE5k8XvqdXSzdr57Wgz9j+1nLLUtvUeXcrbRwS4Tw2Fsa2aDofCSPbKnEgTjfQ
 89 | pU2s++7tAgMBAAECggEAYNDMuRtNrmZhGRhyChPmpIloBoXv+p5U9gHlFizEWD7Z
 90 | 6f7Y8HujCWflEsM5RmrOYZLeWp7S3Xj9XU5ynYYXgqTUTuSYPplzcUOygrZ4orbM
 91 | 3iQ4mGNJQotdsRibTH8P0PttKKwWVTVbYuX0AwkIpX7b54B0hjZ6eJVdZKBujLAO
 92 | dzB7CLfpRAWPlmTsho0Utyh8WZ3yy/HaRLm5zkkAedUZJ4Y+C/dZ3E0Jq/CZptFd
 93 | kifwEWg+rWXhZqK1TWcKUj80lxRqsLm26N1e5aELxxZ3bmVJ5+slYn8Ur9SLCPZP
 94 | VuIaCjWjqTDaF0Y4Mbnon+UT36XjNnBUOI7yoMHZMQKBgQDkVBp+HbEugfHrkaRS
 95 | OUIUlNoaXbg9Yacv/9TRfhTLuxwJKEcL55cqexPfOVUivlx7lNpafCxUss5c3JjV
 96 | GGmkrgO59bq9HfeVD2lw3MbK3UElXdsd/hLby2eTK1BIa0sim47O8hHeFRtyS86u
 97 | igpvADf2p97FBtYvfyYEc4NWawKBgQDJErZcjcHo5o6iumqC8rdpFpl2iw/e44S1
 98 | /FLuPNY4x4VpmjIbcq0x9uH0mP64epjS7j1xmSzeNaLpjZbi6MIKLnuVzk3Tu7s7
 99 | hW1FddBCus6O/hBEZoe80imPNFRGswdYV3+010VvQrX9uNhKtUBImpCMeaSfPxkU
100 | nNdztv42BwKBgDwJIS4oAH6KDGI0WVCFXaqruO1V1yvMkXk9e2faDv3CpQyDWqr2
101 | qfixg/gdyxTnmMmlygQgwkdC/J/OISFm2eBDIRe0VPWE+6Rl+QOECYEtzANXOlYY
102 | iDzirskziliAXbEr1dD0NV5/jkfvRtj90uB83josyZZkxcyXUhe5h78hAoGABUSV
103 | PIWGQAjSUdcadUXQolMyQBXSm59QWcg7j/xODHzFtQeSKn/to7J5JwRfIAwuNtCB
104 | EZnWwBedpgrMmjNI6iVfnYQjK9nuRNfxDfHRO/5S7RIg8PnSspK6/gJ79sI3/guE
105 | 0AMX0Zto0zXljMeE4KIUCWoicv2fNZgKWQDBVj8CgYEA4ITpUhV7FNPw76Zo+9nY
106 | 48czmOeVo0MfrBMdFq8KJoh6zx2MA5GFeyPu3CP74vwYlc2PH8amHjkGzTmP5kO3
107 | Hthmvmeru9ic4oJnK7NkpcST8mESeb1GZEpIUh7c6saT1J2/O69c6zvVvZEAmjyX
108 | 7XNa7qpjZ4tTAFLPa3NGDdo=
109 | -----END PRIVATE KEY-----
110 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_ssl/system/local/indexes.conf:
--------------------------------------------------------------------------------
 1 | # same with [main]
 2 | 
 3 | [default_index_test]
 4 | homePath   = $SPLUNK_DB/default_index_test/db
 5 | coldPath   = $SPLUNK_DB/default_index_test/colddb
 6 | thawedPath = $SPLUNK_DB/default_index_test/thaweddb
 7 | tstatsHomePath = volume:_splunk_summaries/default_index_test/datamodel_summary
 8 | maxMemMB = 20
 9 | maxConcurrentOptimizes = 6
10 | maxHotIdleSecs = 86400
11 | maxHotBuckets = 10
12 | maxDataSize = auto_high_volume
13 | 
14 | [index_key_test]
15 | homePath   = $SPLUNK_DB/index_key_test/db
16 | coldPath   = $SPLUNK_DB/index_key_test/colddb
17 | thawedPath = $SPLUNK_DB/index_key_test/thaweddb
18 | tstatsHomePath = volume:_splunk_summaries/index_key_test/datamodel_summary
19 | maxMemMB = 20
20 | maxConcurrentOptimizes = 6
21 | maxHotIdleSecs = 86400
22 | maxHotBuckets = 10
23 | maxDataSize = auto_high_volume
24 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_ssl/system/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_ssl/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 
7 | [kvstore]
8 | port = 8391
9 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_ssl/system/local/web.conf:
--------------------------------------------------------------------------------
1 | [settings]
2 | httpport = 8200
3 | mgmtHostPort = 127.0.0.1:8289
4 | appServerPorts = 8265
5 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_tcp/apps/search/local/inputs.conf:
--------------------------------------------------------------------------------
1 | [tcp://12300]
2 | sourcetype = fluentd
3 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_tcp/apps/splunk_httpinput/local/inputs.conf:
--------------------------------------------------------------------------------
 1 | [http]
 2 | disabled=0
 3 | port=8088
 4 | enableSSL=0
 5 | dedicatedIoThreads=2
 6 | maxThreads = 0
 7 | maxSockets = 0
 8 | useDeploymentServer=0
 9 | 
10 | [http://FluentTestNoAck]
11 | disabled = 0
12 | token = 00000000-0000-0000-0000-000000000000
13 | useACK = false
14 | 
15 | [http://FluentTestAck]
16 | disabled = 0
17 | token = 00000000-0000-0000-0000-000000000001
18 | useACK = true
19 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_tcp/system/local/indexes.conf:
--------------------------------------------------------------------------------
 1 | # same with [main]
 2 | 
 3 | [default_index_test]
 4 | homePath   = $SPLUNK_DB/default_index_test/db
 5 | coldPath   = $SPLUNK_DB/default_index_test/colddb
 6 | thawedPath = $SPLUNK_DB/default_index_test/thaweddb
 7 | tstatsHomePath = volume:_splunk_summaries/default_index_test/datamodel_summary
 8 | maxMemMB = 20
 9 | maxConcurrentOptimizes = 6
10 | maxHotIdleSecs = 86400
11 | maxHotBuckets = 10
12 | maxDataSize = auto_high_volume
13 | 
14 | [index_key_test]
15 | homePath   = $SPLUNK_DB/index_key_test/db
16 | coldPath   = $SPLUNK_DB/index_key_test/colddb
17 | thawedPath = $SPLUNK_DB/index_key_test/thaweddb
18 | tstatsHomePath = volume:_splunk_summaries/index_key_test/datamodel_summary
19 | maxMemMB = 20
20 | maxConcurrentOptimizes = 6
21 | maxHotIdleSecs = 86400
22 | maxHotBuckets = 10
23 | maxDataSize = auto_high_volume
24 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_tcp/system/local/props.conf:
--------------------------------------------------------------------------------
1 | [fluentd]
2 | TIME_PREFIX=\"time\":
3 | TIME_FORMAT=%s
4 | KV_MODE = json
5 | pulldown_type = true
6 | INDEXED_EXTRACTIONS = json
7 | category = Structured
8 | 


--------------------------------------------------------------------------------
/test/Dockerfiles/enterprise/6.5.2/etc_tcp/system/local/server.conf:
--------------------------------------------------------------------------------
1 | [general]
2 | allowRemoteLogin = always
3 | 
4 | [license]
5 | active_group = Free
6 | 


--------------------------------------------------------------------------------
/test/cert/badcacert.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDmzCCAoOgAwIBAgIJAJisKeVOptnSMA0GCSqGSIb3DQEBCwUAMGQxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xITAfBgNVBAoM
 4 | GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDESMBAGA1UEAwwJYW5vdGhlckNBMB4X
 5 | DTE3MDMzMDEwMjkyMFoXDTE4MDMzMDEwMjkyMFowZDELMAkGA1UEBhMCSlAxDjAM
 6 | BgNVBAgMBVRva3lvMQ4wDAYDVQQHDAVUb2t5bzEhMB8GA1UECgwYSW50ZXJuZXQg
 7 | V2lkZ2l0cyBQdHkgTHRkMRIwEAYDVQQDDAlhbm90aGVyQ0EwggEiMA0GCSqGSIb3
 8 | DQEBAQUAA4IBDwAwggEKAoIBAQDJMPLXV8C1u+9+KnagBm6HklGu9nrO5YxHCwI+
 9 | ZRxTSJ0SCimohG/SydPJlYD63ZYP4gBCGRrQE0FKCLBj/5NJenvcZnA0e5yHAmn6
10 | EkUvODyyuqGe3WVQopfCF8UdgeOVCZMhRJ926DrkuMo0mEfTNaj74YApcZSUEemz
11 | Dz35obF+NLXWYPvpbn9O0/RKShpXsCBZ69Q+v0Z4P8vezTUrLYCPqK/chIUx++u7
12 | 7mzoZ/RrmeZPKCDNPE7eGybULI27SXNVAWOumIP6ETO6BBYQzPGiboEPb792Ryl9
13 | DSNwGrDcB0rHeS/+q0MLV4aV8SypCVHpRk4PZNVUWH+eOHmvAgMBAAGjUDBOMB0G
14 | A1UdDgQWBBTQ7ekzKFL24/V/vT6B502jLFWMfzAfBgNVHSMEGDAWgBTQ7ekzKFL2
15 | 4/V/vT6B502jLFWMfzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCr
16 | tUGgULv7l3T2g3UA4iAuo94McXvQ2Sd+aodferormMnUvxCsrApzB7SkD10B7yf1
17 | V4HpfhDEyjPfkattxLH8LfRgSQv2WzbIqsWhDvpn5cfIduGyfRWjht3cyi2QVDIq
18 | wv7MdEWIxMsjOrLhOTBwGl9xVS2i5t3U4btJWIzEx8XJU4x3jg0gulW62Gk++Ssg
19 | 7Cot8TNaAHU9WLyl8YdTkdhTcC4dxcnx5EBfqST+FtEPgaLD48Q2WEGUbN8p8hMT
20 | u+jTOvuVnOcK/z3OXL9nvwtzOvOv5XlGYDRNxV89NJxP7X8TT9I4X6RYAYrgqRHA
21 | J6RdZOtT4ckD5DZivCpc
22 | -----END CERTIFICATE-----
23 | 


--------------------------------------------------------------------------------
/test/cert/badclient.key:
--------------------------------------------------------------------------------
 1 | -----BEGIN PRIVATE KEY-----
 2 | MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDPsUkeLH6mLtsp
 3 | 6lxIoud2I0implgCW8/am0CcGLrztMa2TLox828hTSIHuERFe38wXCsDUMhZ86ID
 4 | 2Oq+djAa4BJDZ3/rdoO5t3JAC6Mg2LW1NmF2NPnrvKhzfUItuIVCiVCWWf3EGCNf
 5 | FNiMByh/SRD1xemwlfxAP6/xw1/QqLhKdlN+fLdBhKAFiCmy8bWQ70e/uYcnEHuL
 6 | 9gkE07if/ePlXP5SCnQsH3LMxRVwFd1qEXnqVRwDdxqnck9w8eqObPGcY58k0uqT
 7 | JeDEAzD/2XH2za2GI3knVmEGLyxsqUrAJvkz5fRtZTDZSdQBxvcYhSKQ3I6GsjIz
 8 | OM6mpddDAgMBAAECggEBAMAdz/LXWbfDM/vLy91swwpmjPeKe3KDFvuyDMvXnGd+
 9 | WymaQ8mc0rlNLiNR8eUL3ZUQTMFeYlXCpaVFa68OiGTzzDEJdiyKjkKmTEqt+RGT
10 | JFIhoXnEe0HyWyepQCQmwS3Q8viA+doAMgfrsnuky3MiVUvi7M3pj1KnFstd3C2X
11 | mFvpkZoFmxdyPmHETmUKvxG39damGLoHjRQ1smHRZytyD896AiCipW7LYeAkf8D+
12 | 4iWhqIdMRUYRPfk4mckWCXEHtheMEvCpZVKWf/OpfUeCvlW7S/VrPrbcgizjhtmA
13 | VUgbnAOX6yhW4yOUbTeoLMU5NYbIA05R48K65wYiAfECgYEA9+YzX2YrZx3t0mQw
14 | qWg/7z7p3d695Xrcf5cw3XFCQ1euv3DpRoHBF9jwhn/o+BJLZ0Km51gk19AQ/+XT
15 | 7HIrusVNj+FhpURTZIC02pBZ7J2gw5Gisgwrv59/ZLhV8fNRGxmLiuFtSY/P39Px
16 | VSYJ/DDifToM/8O28jfnjCPe7N8CgYEA1nq8bmIWHs2DM4l2ch9c3moLh7tqmEWg
17 | vofvQvCD0GRV4qFkjRNESvrLdnVSbHJCv/wbb1b0dZ2YCSlsX/+PdK6J8iO56iXW
18 | KRwC5b52JA61nss4RNMzYG+HFYjAK7+otpzMPz2EhatUqGYgsN+3/srcU824iLre
19 | UqLE4jDZPh0CgYAmUkSww6eD+kFwW6KWHZJ8lnoqnSs31UVOx/16ze5TYLOXzomR
20 | J6/E0vljoVRPPOzBGrGYY6zWW8i09j9Ldt7BsYxq6Ilitew6RhcvDk+IX1mhwdqn
21 | sW/14F8eH8zRaS6phMpofq6ZR4z36diNtCKpBJmOiDHIO+YFDZVSuZzVewKBgQC7
22 | MS4qrSMfSUEchvpAyoy0dhuQIIv9UK/l+yBg7SguhpPLFA99bXZqdo+D2QvSKLuH
23 | clLDj0IXMS+Tt3qmIpejP/6XvoSyDsnm4VLKD7xu5gOwDzASKb8qiMx+h/cpd8KZ
24 | dypwe5GhVJKz00bu+KNPFuDLp75KX8ZQm015GSdSJQKBgBVdTWKXCobVbmnqklUy
25 | 6ACNLBgm23ouD8PqNLIBD7qRs6YftMGxFrezSQvzoPQgvUc16ftLFf2iuZHsKs67
26 | U/9yVlsDTeQ7pQ3ULEirm9g/aHIdCeDTHtBXOkfZbWDF/TOVyS6wYQnbXoByY39k
27 | uWFZYFO8ULxyXxvL3aUSL4Vg
28 | -----END PRIVATE KEY-----
29 | 


--------------------------------------------------------------------------------
/test/cert/badclient.pem:
--------------------------------------------------------------------------------
 1 | Certificate:
 2 |     Data:
 3 |         Version: 3 (0x2)
 4 |         Serial Number: 6 (0x6)
 5 |     Signature Algorithm: sha256WithRSAEncryption
 6 |         Issuer: C=JP, ST=Tokyo, L=Tokyo, O=Internet Widgits Pty Ltd, CN=myCA
 7 |         Validity
 8 |             Not Before: Mar 30 11:11:15 2017 GMT
 9 |             Not After : Mar 30 11:11:15 2018 GMT
10 |         Subject: C=JP, ST=Tokyo, O=Internet Widgits Pty Ltd, CN=anotherclient
11 |         Subject Public Key Info:
12 |             Public Key Algorithm: rsaEncryption
13 |                 Public-Key: (2048 bit)
14 |                 Modulus:
15 |                     00:cf:b1:49:1e:2c:7e:a6:2e:db:29:ea:5c:48:a2:
16 |                     e7:76:23:48:a6:a6:58:02:5b:cf:da:9b:40:9c:18:
17 |                     ba:f3:b4:c6:b6:4c:ba:31:f3:6f:21:4d:22:07:b8:
18 |                     44:45:7b:7f:30:5c:2b:03:50:c8:59:f3:a2:03:d8:
19 |                     ea:be:76:30:1a:e0:12:43:67:7f:eb:76:83:b9:b7:
20 |                     72:40:0b:a3:20:d8:b5:b5:36:61:76:34:f9:eb:bc:
21 |                     a8:73:7d:42:2d:b8:85:42:89:50:96:59:fd:c4:18:
22 |                     23:5f:14:d8:8c:07:28:7f:49:10:f5:c5:e9:b0:95:
23 |                     fc:40:3f:af:f1:c3:5f:d0:a8:b8:4a:76:53:7e:7c:
24 |                     b7:41:84:a0:05:88:29:b2:f1:b5:90:ef:47:bf:b9:
25 |                     87:27:10:7b:8b:f6:09:04:d3:b8:9f:fd:e3:e5:5c:
26 |                     fe:52:0a:74:2c:1f:72:cc:c5:15:70:15:dd:6a:11:
27 |                     79:ea:55:1c:03:77:1a:a7:72:4f:70:f1:ea:8e:6c:
28 |                     f1:9c:63:9f:24:d2:ea:93:25:e0:c4:03:30:ff:d9:
29 |                     71:f6:cd:ad:86:23:79:27:56:61:06:2f:2c:6c:a9:
30 |                     4a:c0:26:f9:33:e5:f4:6d:65:30:d9:49:d4:01:c6:
31 |                     f7:18:85:22:90:dc:8e:86:b2:32:33:38:ce:a6:a5:
32 |                     d7:43
33 |                 Exponent: 65537 (0x10001)
34 |         X509v3 extensions:
35 |             X509v3 Basic Constraints: 
36 |                 CA:FALSE
37 |             Netscape Comment: 
38 |                 OpenSSL Generated Certificate
39 |             X509v3 Subject Key Identifier: 
40 |                 76:2D:5A:E8:2E:9B:2C:3D:95:45:38:2F:A5:20:F2:5A:C6:BB:2F:C3
41 |             X509v3 Authority Key Identifier: 
42 |                 keyid:06:9C:F9:DF:15:E5:C1:85:32:F3:40:03:28:FE:10:0D:F5:8D:31:33
43 | 
44 |     Signature Algorithm: sha256WithRSAEncryption
45 |          4b:e0:0a:5b:61:69:7e:8c:70:fe:0c:57:9a:66:16:f7:49:73:
46 |          c4:c0:18:f5:bc:ac:63:35:02:5e:a1:26:77:e0:2e:b1:0b:cf:
47 |          6e:92:c0:0a:d4:e2:8f:24:2b:87:bf:66:fd:c9:ac:0d:64:51:
48 |          b0:6a:39:43:03:e9:3c:94:7c:9a:cd:27:28:bf:18:5a:e1:98:
49 |          72:30:23:69:7f:67:92:cf:d4:ec:98:84:68:27:a0:62:b9:1d:
50 |          21:4f:9a:61:4f:2f:c2:11:76:65:67:0b:01:33:15:62:01:73:
51 |          c6:ee:b2:94:16:73:ce:c2:32:e6:ef:dd:c6:22:87:4b:bb:65:
52 |          ef:47:3c:b4:c0:80:f4:35:df:4c:a7:72:94:0c:f4:92:e1:7b:
53 |          4d:d4:0e:a2:86:28:49:8b:3a:25:ea:08:42:5b:37:13:bd:32:
54 |          d2:b3:3a:a9:e8:95:50:15:3d:01:30:4c:e3:71:30:4d:3f:4c:
55 |          34:05:a3:7d:f3:5e:da:aa:11:5c:53:a6:89:08:ef:90:80:cf:
56 |          d7:9f:72:e4:c2:ce:a5:25:41:90:5a:1e:0d:be:c2:19:7b:b2:
57 |          f3:62:cc:64:87:2b:7b:a8:bb:bf:da:ba:44:7a:23:ba:97:38:
58 |          c4:b9:36:36:22:eb:ae:fe:8b:fd:69:36:0b:bb:68:31:19:39:
59 |          4e:0c:4c:be
60 | -----BEGIN CERTIFICATE-----
61 | MIIDrTCCApWgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBfMQswCQYDVQQGEwJKUDEO
62 | MAwGA1UECAwFVG9reW8xDjAMBgNVBAcMBVRva3lvMSEwHwYDVQQKDBhJbnRlcm5l
63 | dCBXaWRnaXRzIFB0eSBMdGQxDTALBgNVBAMMBG15Q0EwHhcNMTcwMzMwMTExMTE1
64 | WhcNMTgwMzMwMTExMTE1WjBYMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8x
65 | ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEWMBQGA1UEAwwNYW5v
66 | dGhlcmNsaWVudDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+xSR4s
67 | fqYu2ynqXEii53YjSKamWAJbz9qbQJwYuvO0xrZMujHzbyFNIge4REV7fzBcKwNQ
68 | yFnzogPY6r52MBrgEkNnf+t2g7m3ckALoyDYtbU2YXY0+eu8qHN9Qi24hUKJUJZZ
69 | /cQYI18U2IwHKH9JEPXF6bCV/EA/r/HDX9CouEp2U358t0GEoAWIKbLxtZDvR7+5
70 | hycQe4v2CQTTuJ/94+Vc/lIKdCwfcszFFXAV3WoReepVHAN3GqdyT3Dx6o5s8Zxj
71 | nyTS6pMl4MQDMP/ZcfbNrYYjeSdWYQYvLGypSsAm+TPl9G1lMNlJ1AHG9xiFIpDc
72 | joayMjM4zqal10MCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYd
73 | T3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFHYtWugumyw9
74 | lUU4L6Ug8lrGuy/DMB8GA1UdIwQYMBaAFAac+d8V5cGFMvNAAyj+EA31jTEzMA0G
75 | CSqGSIb3DQEBCwUAA4IBAQBL4ApbYWl+jHD+DFeaZhb3SXPEwBj1vKxjNQJeoSZ3
76 | 4C6xC89uksAK1OKPJCuHv2b9yawNZFGwajlDA+k8lHyazScovxha4ZhyMCNpf2eS
77 | z9TsmIRoJ6BiuR0hT5phTy/CEXZlZwsBMxViAXPG7rKUFnPOwjLm793GIodLu2Xv
78 | Rzy0wID0Nd9Mp3KUDPSS4XtN1A6ihihJizol6ghCWzcTvTLSszqp6JVQFT0BMEzj
79 | cTBNP0w0BaN9817aqhFcU6aJCO+QgM/Xn3Lkws6lJUGQWh4NvsIZe7LzYsxkhyt7
80 | qLu/2rpEeiO6lzjEuTY2Iuuu/ov9aTYLu2gxGTlODEy+
81 | -----END CERTIFICATE-----
82 | 


--------------------------------------------------------------------------------
/test/cert/cacert.pem:
--------------------------------------------------------------------------------
 1 | -----BEGIN CERTIFICATE-----
 2 | MIIDizCCAnOgAwIBAgIJAKOX/fMCEYDlMA0GCSqGSIb3DQEBCwUAMFwxCzAJBgNV
 3 | BAYTAkpQMQ4wDAYDVQQIDAVUb2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoM
 4 | BVRva3lvMQ4wDAYDVQQLDAVUb2t5bzENMAsGA1UEAwwEbXlDQTAeFw0xODA0MDQx
 5 | NTA5MjNaFw0yODA0MDExNTA5MjNaMFwxCzAJBgNVBAYTAkpQMQ4wDAYDVQQIDAVU
 6 | b2t5bzEOMAwGA1UEBwwFVG9reW8xDjAMBgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVU
 7 | b2t5bzENMAsGA1UEAwwEbXlDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
 8 | ggEBANFUe6WZ7LwNiMaIUwfceQLBs5FcaLgEtx9S9XFBp2K6hkr60JtS4DB+5NH8
 9 | b2CdUpKAL+wD7abN7q8gQiK/EyMq7f9hh9McBeuyy6nqe+Gsbn+JgZCRr8HqEV70
10 | FXiR6O+Dnd/XwriHhB12MxF4Xb3fMnVCY3lEltVEn3mcOJ4CbcvNWd3uOz4Y3qN5
11 | Oa5ZbOTTvWDRWV/c+eFaHHqdxO0/mKN+TpAzqCnVEZfEh7wPSYYIoIHDCROzFHox
12 | pok4bW+0cv6tfvEAP/FToE8rTinrD4KqCLaZg6uJPBCfA2brKwVaSwsYhB0rrMua
13 | b7LgFPidHWH44mmEqL2xwWnbZesCAwEAAaNQME4wHQYDVR0OBBYEFAYEbR2JnEsY
14 | E0zPNPZ5exSP8J7LMB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMAwG
15 | A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFXzuxwlfAclmp56HBKpEHq1
16 | hFnf/S6zjz0M8UnT9C7ncVSaqbFe2rnlL9aWXzI5tU3i/BGsxd2gOo08vXemTsES
17 | Dc2dX+Kv9OGWJuXGiP2uQwCbMXnvjqHTx++PfcPp7oYVctIabudC7x8WvZw6BUvF
18 | vWijVkg0ayGDV+LvX4fjPStMPd6ZFxyFktke6i0RhylAG+fzp6C4H06kojp0dWq6
19 | A58Dm7F1PnZ2dqXb4BR4Ylmr3chOq/uSJPtTOnI5A7TaJYiD8CRSvQ66fRYtfFWx
20 | KXuse36nKrQOhjityqBZ46PFkVE6iXU5X39qpA74c3vuf8CuUw8M30QGM0IezQk=
21 | -----END CERTIFICATE-----
22 | 


--------------------------------------------------------------------------------
/test/cert/client.key:
--------------------------------------------------------------------------------
 1 | -----BEGIN PRIVATE KEY-----
 2 | MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDHA/LIR3oUUsO8
 3 | AtQDSXDSFCinvzjBRGQ5CFlmUBdqiGemAjz3+/IJuK/fHzO4ji6vOSuUAjanE8XU
 4 | cAt4WbDDblJ91SZSphEWvj/a0u+jSMcDmWoyQ3qvbFuvC7cU9uD3Cm/FpOEZYAvw
 5 | IYurcwiARVeWdsl9iUk1MIe2RyxJJ2kpKekxUq9gyJz+yiF4r+P6nO2qhiX9dU8N
 6 | aYxfuA0cxnkxKDtMEQ06kvOya2ipDQ3M4plHR9vPxSyHTmHVhqz3sEA17BzozbPn
 7 | mrugYexgms6KMEEFCwXRxeiwNoUzojJ1KThG9lp3ocOlI2TyFIz00auCDxwV00Fj
 8 | jLyA0Y2FAgMBAAECggEBAJbogI2r3X9Rrwh+4INJihpSnO1uS7wJfzHcCeZSLx9i
 9 | Ja41HkQwsLz8Zaf8Af0dG3tVD51g/E4+6REIkToGUMoweq7eFPww3t5vDv6AWqRn
10 | SDmLeIJ6tqoUsYUPjhmAht/s8wpc1y+lrAe/eChexwB1FFCM7Iabtn51uULXv1YM
11 | Cu/CG6DI8NsaMzrTc+zkRbXUSJkNTxXFOA4pBkR9wnJQ7hlsVf5UCI3HFH0P8pLg
12 | +d/QYuUYIB6hjxEgKztfEMBC+pUIg0Eugi2+a+jrCmilqvMtt1ISwSop1mycSMl1
13 | 1u0ut7b1xtst+8jbHzrlXzNbZ904viVyijF7iQkEuLUCgYEA/JNadjFZHEQoyDZl
14 | Of7o58TkevaGdmWfaqW4qNtPINDgxi3QhN5iDMd2SNw1lyuYpLbczfdXLx9ucY+k
15 | 1zaVANixAdX06wItU3WoVHSsehK0JYKe8RfKNI4zrP94HxIVkLZ2/sQS2MoSwvfI
16 | uOi5Zn9BrDMiPr6LtJJ9d5XmlosCgYEAybayYgV38jJSZK1oUNNf/q1GV4HMcvsl
17 | 842tWkfYLGp1bqGY5tff+hlTFencVGTOt1pJt5sIRvxLBH7Nso6cy/8UiQjNkzkg
18 | s7YfdYqdHAelP+PJnV0yyfRaRS1RJUAMNcFoXTO2xHNw6dI1PHY2fK9mSPsRN2Bk
19 | 273SCrga/i8CgYAr5XgtXno8PWRRF5MUN0dHMKL88+d+oD7KjC7BugvQijzmdIPu
20 | 869axTe7hfoSYdNPnTBW44vVdsL9HZfqh2PyF7b7uLGuPlyeSq6MrxJizOleM4to
21 | H1hXNfepM2UvETeKRQv9Txpvbv8/v0y1Rk0ikS9avDBRc1BYe7UumXDP7QKBgQDD
22 | aczSjT2wUvPjOOMwOjZrQW495C8uzQPtOTnRlnxkOxZdAQxhxozje5k0R4T99VMV
23 | 6dA0oWqZal06k6Wu794S+qDoSLDviY6Wyz8a3hhqSTXb+U8etmU3pRO2pLpR/gRW
24 | J3J1qF3NX5Dp1I1ib5tFm57Z4PDC1w2em/xaChWMXQKBgELS4/aP+RuF6hzSwHVW
25 | KFQ85LAlrPixYHj58Z3EU7wrEdo8TnsuwvYNi4kQE0ZmDynY+olCvuWn2BFeE3Vy
26 | h0506C17ZkbBknJtnztpJqy+batQMeojpo/GG+IDNGX2TZf/EaD/k/MIK3jpGAjC
27 | Q/nDMdUALwNGOQiif8oaOZWv
28 | -----END PRIVATE KEY-----
29 | 


--------------------------------------------------------------------------------
/test/cert/client.pem:
--------------------------------------------------------------------------------
 1 | Certificate:
 2 |     Data:
 3 |         Version: 3 (0x2)
 4 |         Serial Number: 2 (0x2)
 5 |     Signature Algorithm: sha256WithRSAEncryption
 6 |         Issuer: C=JP, ST=Tokyo, L=Tokyo, O=Tokyo, OU=Tokyo, CN=myCA
 7 |         Validity
 8 |             Not Before: Apr  4 15:23:32 2018 GMT
 9 |             Not After : Apr  1 15:23:32 2028 GMT
10 |         Subject: C=JP, ST=Tokyo, O=Tokyo, OU=Tokyo, CN=testClient
11 |         Subject Public Key Info:
12 |             Public Key Algorithm: rsaEncryption
13 |                 Public-Key: (2048 bit)
14 |                 Modulus:
15 |                     00:c7:03:f2:c8:47:7a:14:52:c3:bc:02:d4:03:49:
16 |                     70:d2:14:28:a7:bf:38:c1:44:64:39:08:59:66:50:
17 |                     17:6a:88:67:a6:02:3c:f7:fb:f2:09:b8:af:df:1f:
18 |                     33:b8:8e:2e:af:39:2b:94:02:36:a7:13:c5:d4:70:
19 |                     0b:78:59:b0:c3:6e:52:7d:d5:26:52:a6:11:16:be:
20 |                     3f:da:d2:ef:a3:48:c7:03:99:6a:32:43:7a:af:6c:
21 |                     5b:af:0b:b7:14:f6:e0:f7:0a:6f:c5:a4:e1:19:60:
22 |                     0b:f0:21:8b:ab:73:08:80:45:57:96:76:c9:7d:89:
23 |                     49:35:30:87:b6:47:2c:49:27:69:29:29:e9:31:52:
24 |                     af:60:c8:9c:fe:ca:21:78:af:e3:fa:9c:ed:aa:86:
25 |                     25:fd:75:4f:0d:69:8c:5f:b8:0d:1c:c6:79:31:28:
26 |                     3b:4c:11:0d:3a:92:f3:b2:6b:68:a9:0d:0d:cc:e2:
27 |                     99:47:47:db:cf:c5:2c:87:4e:61:d5:86:ac:f7:b0:
28 |                     40:35:ec:1c:e8:cd:b3:e7:9a:bb:a0:61:ec:60:9a:
29 |                     ce:8a:30:41:05:0b:05:d1:c5:e8:b0:36:85:33:a2:
30 |                     32:75:29:38:46:f6:5a:77:a1:c3:a5:23:64:f2:14:
31 |                     8c:f4:d1:ab:82:0f:1c:15:d3:41:63:8c:bc:80:d1:
32 |                     8d:85
33 |                 Exponent: 65537 (0x10001)
34 |         X509v3 extensions:
35 |             X509v3 Basic Constraints: 
36 |                 CA:FALSE
37 |             Netscape Comment: 
38 |                 OpenSSL Generated Certificate
39 |             X509v3 Subject Key Identifier: 
40 |                 BC:A9:75:83:4E:58:14:73:CF:50:6E:06:87:6E:44:E6:8F:2C:42:F9
41 |             X509v3 Authority Key Identifier: 
42 |                 keyid:06:04:6D:1D:89:9C:4B:18:13:4C:CF:34:F6:79:7B:14:8F:F0:9E:CB
43 | 
44 |     Signature Algorithm: sha256WithRSAEncryption
45 |          02:0f:7c:0d:06:79:99:2c:8d:61:c0:5b:21:0e:ad:38:df:31:
46 |          66:70:1a:66:12:e0:89:a4:8f:95:9d:00:c6:3e:4b:81:af:9d:
47 |          74:b9:cc:e2:8d:ed:7b:08:dd:bd:d7:9d:b6:ca:e6:6e:04:b5:
48 |          a5:73:d1:14:48:0c:99:06:90:b5:51:ad:eb:72:dc:43:a1:e1:
49 |          cb:d0:2c:d6:9d:91:84:92:68:c7:07:29:af:ba:96:37:b2:d7:
50 |          b2:da:8d:99:79:76:1d:c9:75:d3:ad:ba:bd:9f:e6:3d:96:f0:
51 |          aa:be:e3:42:67:94:7f:4e:59:1e:ed:52:f3:d6:f8:75:80:fa:
52 |          8a:49:fa:e9:6e:cc:16:46:99:59:79:8c:f4:3d:17:8b:6e:fa:
53 |          9f:d2:42:09:41:e8:d7:0e:30:91:28:50:04:59:2e:bc:4e:40:
54 |          b9:a0:d6:31:01:52:eb:95:55:16:48:2e:32:03:cc:f9:91:d2:
55 |          69:4d:17:11:28:30:5e:0d:93:4b:6b:a6:68:da:41:81:78:13:
56 |          3e:6f:4c:7e:75:f0:c6:5d:ee:6f:74:64:b1:4b:b2:76:9f:bc:
57 |          f4:c3:a1:24:79:e4:b3:1c:b9:ea:33:8a:ba:a6:b0:1a:f9:ce:
58 |          78:22:57:3d:1e:6b:9f:14:99:37:95:9a:e8:24:5a:d9:8f:ef:
59 |          68:56:56:16
60 | -----BEGIN CERTIFICATE-----
61 | MIIDpDCCAoygAwIBAgIBAjANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJKUDEO
62 | MAwGA1UECAwFVG9reW8xDjAMBgNVBAcMBVRva3lvMQ4wDAYDVQQKDAVUb2t5bzEO
63 | MAwGA1UECwwFVG9reW8xDTALBgNVBAMMBG15Q0EwHhcNMTgwNDA0MTUyMzMyWhcN
64 | MjgwNDAxMTUyMzMyWjBSMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xDjAM
65 | BgNVBAoMBVRva3lvMQ4wDAYDVQQLDAVUb2t5bzETMBEGA1UEAwwKdGVzdENsaWVu
66 | dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMcD8shHehRSw7wC1ANJ
67 | cNIUKKe/OMFEZDkIWWZQF2qIZ6YCPPf78gm4r98fM7iOLq85K5QCNqcTxdRwC3hZ
68 | sMNuUn3VJlKmERa+P9rS76NIxwOZajJDeq9sW68LtxT24PcKb8Wk4RlgC/Ahi6tz
69 | CIBFV5Z2yX2JSTUwh7ZHLEknaSkp6TFSr2DInP7KIXiv4/qc7aqGJf11Tw1pjF+4
70 | DRzGeTEoO0wRDTqS87JraKkNDczimUdH28/FLIdOYdWGrPewQDXsHOjNs+eau6Bh
71 | 7GCazoowQQULBdHF6LA2hTOiMnUpOEb2Wnehw6UjZPIUjPTRq4IPHBXTQWOMvIDR
72 | jYUCAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBH
73 | ZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFLypdYNOWBRzz1BuBoduROaP
74 | LEL5MB8GA1UdIwQYMBaAFAYEbR2JnEsYE0zPNPZ5exSP8J7LMA0GCSqGSIb3DQEB
75 | CwUAA4IBAQACD3wNBnmZLI1hwFshDq043zFmcBpmEuCJpI+VnQDGPkuBr510uczi
76 | je17CN291522yuZuBLWlc9EUSAyZBpC1Ua3rctxDoeHL0CzWnZGEkmjHBymvupY3
77 | stey2o2ZeXYdyXXTrbq9n+Y9lvCqvuNCZ5R/Tlke7VLz1vh1gPqKSfrpbswWRplZ
78 | eYz0PReLbvqf0kIJQejXDjCRKFAEWS68TkC5oNYxAVLrlVUWSC4yA8z5kdJpTRcR
79 | KDBeDZNLa6Zo2kGBeBM+b0x+dfDGXe5vdGSxS7J2n7z0w6EkeeSzHLnqM4q6prAa
80 | +c54Ilc9HmufFJk3lZroJFrZj+9oVlYW
81 | -----END CERTIFICATE-----
82 | 


--------------------------------------------------------------------------------
/test/config/entrypoint.sh.6.3:
--------------------------------------------------------------------------------
 1 | #!/bin/bash
 2 | 
 3 | set -e
 4 | 
 5 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_TCP}/etc/splunk-launch.conf
 6 | echo OPTIMISTIC_ABOUT_FILE_LOCKING = 1 >> ${SPLUNK_HOME_SSL}/etc/splunk-launch.conf
 7 | 
 8 | cp ${SPLUNK_HOME_SSL}/etc/system/local/server.conf.original ${SPLUNK_HOME_SSL}/etc/system/local/server.conf
 9 | 
10 | SPLUNK_HOME=$SPLUNK_HOME_TCP sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk start --accept-license
11 | SPLUNK_HOME=$SPLUNK_HOME_SSL sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk start --accept-license
12 | 
13 | SPLUNK_HOME=$SPLUNK_HOME_SSL sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk start --accept-license
14 | 
15 | # Trap exit signal and shutdown gracefully
16 | trap "sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_TCP}/bin/splunk stop; sudo -HEu ${SPLUNK_USER} ${SPLUNK_HOME_SSL}/bin/splunk stop" SIGINT SIGTERM EXIT
17 | 
18 | sudo -HEu ${SPLUNK_USER} tail -n 0 -f ${SPLUNK_HOME_TCP}/var/log/splunk/splunkd_stderr.log &
19 | wait
20 | 


--------------------------------------------------------------------------------
/test/config/inputs.ssl.conf:
--------------------------------------------------------------------------------
 1 | [SSL]
 2 | serverCert=$SPLUNK_HOME/etc/auth/server.pem
 3 | rootCA=$SPLUNK_HOME/etc/auth/cacert.pem
 4 | requireClientCert=true
 5 | 
 6 | [tcp-ssl://12500]
 7 | sourcetype = fluentd_json_unixtime
 8 | 
 9 | [tcp-ssl://12501]
10 | sourcetype = fluentd_json_unixtime2
11 | 
12 | [tcp-ssl://12502]
13 | sourcetype = fluentd_json_strftime
14 | 
15 | [tcp-ssl://12503]
16 | sourcetype = fluentd_kv_unixtime
17 | 
18 | [tcp-ssl://12504]
19 | sourcetype = fluentd_kv_unixtime2
20 | 
21 | [tcp-ssl://12505]
22 | sourcetype = fluentd_kv_strftime
23 | 


--------------------------------------------------------------------------------
/test/config/inputs.tcp.conf:
--------------------------------------------------------------------------------
 1 | [tcp://12300]
 2 | sourcetype = fluentd_json_unixtime
 3 | 
 4 | [tcp://12301]
 5 | sourcetype = fluentd_json_unixtime2
 6 | 
 7 | [tcp://12302]
 8 | sourcetype = fluentd_json_strftime
 9 | 
10 | [tcp://12303]
11 | sourcetype = fluentd_kv_unixtime
12 | 
13 | [tcp://12304]
14 | sourcetype = fluentd_kv_unixtime2
15 | 
16 | [tcp://12305]
17 | sourcetype = fluentd_kv_strftime
18 | 


--------------------------------------------------------------------------------
/test/config/props.conf:
--------------------------------------------------------------------------------
 1 | [fluentd_json_unixtime]
 2 | TIME_PREFIX=\"time\":
 3 | TIME_FORMAT=%s
 4 | KV_MODE=json
 5 | 
 6 | [fluentd_json_unixtime2]
 7 | TIME_PREFIX=\"time2\":
 8 | TIME_FORMAT=%s
 9 | KV_MODE=json
10 | 
11 | [fluentd_json_strftime]
12 | TIME_PREFIX=\"time\":
13 | TIME_FORMAT=%Y-%m-%dT%H:%M:%S%z
14 | KV_MODE=json
15 | 
16 | [fluentd_kv_unixtime]
17 | TIME_PREFIX=time=
18 | TIME_FORMAT=%s
19 | KV_MODE=auto
20 | 
21 | [fluentd_kv_unixtime2]
22 | TIME_PREFIX=time2=
23 | TIME_FORMAT=%s
24 | KV_MODE=auto
25 | 
26 | [fluentd_kv_strftime]
27 | TIME_PREFIX=time=
28 | TIME_FORMAT=%Y-%m-%dT%H:%M:%S%z
29 | KV_MODE=auto
30 | 


--------------------------------------------------------------------------------
/test/config/server.conf.6.3:
--------------------------------------------------------------------------------
 1 | [general]
 2 | allowRemoteLogin = always
 3 | 
 4 | [license]
 5 | active_group = Free
 6 | 
 7 | [kvstore]
 8 | port = 8391
 9 | 
10 | [sslConfig]
11 | enableSplunkdSSL=true
12 | sslKeysfile=server.pem
13 | requireClientCert=true
14 | caCertFile=cacert.pem
15 | caPath=$SPLUNK_HOME/etc/auth
16 | sslVersions=*,-ssl2
17 | allowSslCompression=true
18 | allowSslRenegotiation=true
19 | 


--------------------------------------------------------------------------------
/test/helper.rb:
--------------------------------------------------------------------------------
 1 | def to_version(version_str)
 2 |   Gem::Version.new(version_str)
 3 | end
 4 | 
 5 | SPLUNK_VERSION = to_version(ENV['SPLUNK_VERSION'])
 6 | 
 7 | ## query(8088, 'source="SourceName"')
 8 | def get_events(port, search_query, expected_num = 1)
 9 |   retries = 0
10 |   events = []
11 |   while events.length != expected_num
12 |     print '-' unless retries == 0
13 |     sleep(3)
14 |     events = query(port, {'search' => 'search ' + search_query})
15 |     retries += 1
16 |     raise "exceed query retry limit" if retries > 20
17 |   end
18 |   events
19 | end
20 | 
21 | def query(port, q)
22 |   uri = URI.parse("https://127.0.0.1:#{port}/services/search/jobs/export")
23 |   http = Net::HTTP.new(uri.host, uri.port)
24 |   http.use_ssl = true
25 |   http.verify_mode = OpenSSL::SSL::VERIFY_NONE
26 |   http.cert = OpenSSL::X509::Certificate.new(File.read(File.expand_path('../cert/client.pem', __FILE__)))
27 |   http.key = OpenSSL::PKey::RSA.new(File.read(File.expand_path('../cert/client.key', __FILE__)))
28 |   req = Net::HTTP::Post.new(uri.path)
29 |   req.basic_auth('admin', 'changeme')
30 |   req.set_form_data(q.merge({'output_mode' => 'json', 'time_format' => '%s'}))
31 |   http.request(req).body.split("\n").map{|line| JSON.parse(line)}.delete_if{|json| json['lastrow']}
32 | end
33 | 


--------------------------------------------------------------------------------
/test/test_out_splunk_hec.rb:
--------------------------------------------------------------------------------
  1 | require 'helper'
  2 | require 'test/unit'
  3 | require 'fluent/test'
  4 | require 'fluent/plugin/out_splunk_hec'
  5 | 
  6 | require 'net/https'
  7 | require 'uri'
  8 | require 'json'
  9 | require 'securerandom'
 10 | 
 11 | class SplunkHECOutputTest < Test::Unit::TestCase
 12 |   self.test_order = :random
 13 | 
 14 |   def setup
 15 |     Fluent::Test.setup
 16 |   end
 17 | 
 18 |   def teardown
 19 |   end
 20 | 
 21 |   CONFIG = %[
 22 |     host 127.0.0.1
 23 |     port 8088
 24 |     token 00000000-0000-0000-0000-000000000000
 25 |   ]
 26 | 
 27 |   def create_driver(conf = CONFIG)
 28 |     Fluent::Test::BufferedOutputTestDriver.new(Fluent::SplunkHECOutput){
 29 |       # Fluentd v0.12 BufferedOutputTestDriver calls this method.
 30 |       # BufferedOutput#format_stream calls format method, but ForwardOutput#format is not defined.
 31 |       # Because ObjectBufferedOutput#emit calls es.to_msgpack_stream directly.
 32 |       def format_stream(tag, es)
 33 |         es.to_msgpack_stream
 34 |       end
 35 |     }.configure(conf)
 36 |   end
 37 | 
 38 |   test 'configure' do
 39 |     d = create_driver
 40 |     assert_equal '127.0.0.1', d.instance.host
 41 |     assert_equal 8088, d.instance.port
 42 |     assert_equal '00000000-0000-0000-0000-000000000000', d.instance.token
 43 |     assert_equal nil, d.instance.default_host
 44 |     assert_equal nil, d.instance.host_key
 45 |     assert_equal nil, d.instance.default_source
 46 |     assert_equal nil, d.instance.source_key
 47 |     assert_equal nil, d.instance.default_index
 48 |     assert_equal nil, d.instance.index_key
 49 |     assert_equal nil, d.instance.sourcetype
 50 |     assert_equal nil, d.instance.default_sourcetype
 51 |     assert_equal nil, d.instance.sourcetype_key
 52 |     assert_equal false, d.instance.use_ack
 53 |     assert_equal nil, d.instance.channel
 54 |     assert_equal 1, d.instance.ack_interval
 55 |     assert_equal 3, d.instance.ack_retry_limit
 56 |     assert_equal false, d.instance.use_ssl
 57 |     assert_equal true, d.instance.ssl_verify
 58 |     assert_equal nil, d.instance.ca_file
 59 |     assert_equal nil, d.instance.client_cert
 60 |     assert_equal nil, d.instance.client_key
 61 |     assert_equal nil, d.instance.client_key_pass
 62 |   end
 63 | 
 64 |   ## These are specified in the target Splunk's config
 65 |   DEFAULT_SOURCE_FOR_NO_ACK = "http:FluentTestNoAck"
 66 |   DEFAULT_SOURCE_FOR_ACK = "http:FluentTestAck"
 67 | 
 68 |   DEFAULT_CONFIG_NO_ACK = %[
 69 |     host 127.0.0.1
 70 |     token 00000000-0000-0000-0000-000000000000
 71 |     use_ack false
 72 |   ]
 73 | 
 74 |   ## need channel option too
 75 |   DEFAULT_CONFIG_ACK = %[
 76 |     host 127.0.0.1
 77 |     token 00000000-0000-0000-0000-000000000001
 78 |     use_ack true
 79 |   ]
 80 | 
 81 |   def self.merge_config(config1, config2)
 82 |     [config1, config2].join("\n")
 83 |   end
 84 | 
 85 |   def merge_config(config1, config2)
 86 |     self.class.merge_config(config1, config2)
 87 |   end
 88 | 
 89 |   ## I just wanna run same test code for HTTP and HTTPS...
 90 |   [{sub_test_case_name: 'HTTP', query_port: 8089, config: %[
 91 |                                                             port 8088
 92 |                                                             use_ssl false
 93 |                                                           ]},
 94 |    {sub_test_case_name: 'HTTPS', query_port: 8289, config: %[
 95 |                                                              port 8288
 96 |                                                              use_ssl true
 97 |                                                              ca_file #{File.expand_path('../cert/cacert.pem', __FILE__)}
 98 |                                                              client_cert #{File.expand_path('../cert/client.pem', __FILE__)}
 99 |                                                              client_key #{File.expand_path('../cert/client.key', __FILE__)}
100 |                                                             ]}
101 |   ].each do |test_config|
102 |     test_config[:default_config_no_ack] = merge_config(test_config[:config], DEFAULT_CONFIG_NO_ACK)
103 |     test_config[:default_config_ack] = merge_config(test_config[:config], DEFAULT_CONFIG_ACK)
104 | 
105 |     sub_test_case test_config[:sub_test_case_name] do
106 |       teardown do
107 |         query(test_config[:query_port], {'search' => "search source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\" | delete"})
108 |         query(test_config[:query_port], {'search' => "search source=\"#{DEFAULT_SOURCE_FOR_ACK}\" | delete"})
109 |         query(test_config[:query_port], {'search' => 'search host="default_host_test" | delete'})
110 |         query(test_config[:query_port], {'search' => 'search host="host_key_test" | delete'})
111 |         query(test_config[:query_port], {'search' => 'search source="DefaultSourceTest" | delete'})
112 |         query(test_config[:query_port], {'search' => 'search source="SourceKeyTest" | delete'})
113 |         query(test_config[:query_port], {'search' => 'search index="default_index_test" | delete'})
114 |         query(test_config[:query_port], {'search' => 'search index="index_key_test" | delete'})
115 |       end
116 | 
117 |       if SPLUNK_VERSION >= to_version('6.3.0')
118 |         test 'use_ack = false' do
119 |           d = create_driver(test_config[:default_config_no_ack])
120 |           event = {'test' => SecureRandom.hex}
121 |           time = Time.now.to_i - 100
122 |           d.emit(event, time)
123 |           d.run
124 |           result = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"")[0]
125 |           assert_equal(time, result['result']['_time'].to_i)
126 |           assert_equal(event, JSON.parse(result['result']['_raw']))
127 |         end
128 | 
129 |         test 'batched insert' do
130 |           d = create_driver(test_config[:default_config_no_ack])
131 |           event0 = {'test' => SecureRandom.hex}
132 |           time0 = Time.now.to_i - 100
133 |           event1 = {'test' => SecureRandom.hex}
134 |           time1 = Time.now.to_i - 200
135 |           d.emit(event0, time0)
136 |           d.emit(event1, time1)
137 |           d.run
138 |           events = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"", 2)
139 |           assert_equal(time0, events[0]['result']['_time'].to_i)
140 |           assert_equal(event0, JSON.parse(events[0]['result']['_raw']))
141 |           assert_equal(time1, events[1]['result']['_time'].to_i)
142 |           assert_equal(event1, JSON.parse(events[1]['result']['_raw']))
143 |         end
144 | 
145 |         test 'default_host' do
146 |           config = merge_config(test_config[:default_config_no_ack], %[
147 |             default_host default_host_test
148 |           ])
149 |           d = create_driver(config)
150 |           event = {'test' => SecureRandom.hex}
151 |           time = Time.now.to_i - 100
152 |           d.emit(event, time)
153 |           d.run
154 |           result = get_events(test_config[:query_port], 'host="default_host_test"')[0]
155 |           assert_equal(time, result['result']['_time'].to_i)
156 |           assert_equal(event, JSON.parse(result['result']['_raw']))
157 |         end
158 | 
159 |         test 'host_key is found' do
160 |           config = merge_config(test_config[:default_config_no_ack], %[
161 |             host_key key_for_host
162 |           ])
163 |           d = create_driver(config)
164 |           event = {'key_for_host' => 'host_key_test', 'test' => SecureRandom.hex}
165 |           time = Time.now.to_i - 100
166 |           d.emit(event, time)
167 |           d.run
168 |           result = get_events(test_config[:query_port], 'host="host_key_test"')[0]
169 |           assert_equal(time, result['result']['_time'].to_i)
170 |           assert_equal(event, JSON.parse(result['result']['_raw']))
171 |         end
172 | 
173 |         test 'host_key is not found' do
174 |           config = merge_config(test_config[:default_config_no_ack], %[
175 |             host_key key_for_host
176 |           ])
177 |           d = create_driver(config)
178 |           event = {'test' => SecureRandom.hex}
179 |           time = Time.now.to_i - 100
180 |           d.emit(event, time)
181 |           d.run
182 |           result = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"")[0]
183 |           assert_equal(time, result['result']['_time'].to_i)
184 |           assert_equal(event, JSON.parse(result['result']['_raw']))
185 |         end
186 | 
187 |         test 'both default_host and host_key when host_key is found' do
188 |           config = merge_config(test_config[:default_config_no_ack], %[
189 |             default_host default_host_test
190 |             host_key key_for_host
191 |           ])
192 |           d = create_driver(config)
193 |           event = {'key_for_host' => 'host_key_test', 'test' => SecureRandom.hex}
194 |           time = Time.now.to_i - 100
195 |           d.emit(event, time)
196 |           d.run
197 |           result = get_events(test_config[:query_port], 'host="host_key_test"')[0]
198 |           assert_equal(time, result['result']['_time'].to_i)
199 |           assert_equal(event, JSON.parse(result['result']['_raw']))
200 |         end
201 | 
202 |         test 'both default_host and host_key when host_key is not found' do
203 |           config = merge_config(test_config[:default_config_no_ack], %[
204 |             default_host default_host_test
205 |             host_key key_for_host
206 |           ])
207 |           d = create_driver(config)
208 |           event = {'test' => SecureRandom.hex}
209 |           time = Time.now.to_i - 100
210 |           d.emit(event, time)
211 |           d.run
212 |           result = get_events(test_config[:query_port], 'host="default_host_test"')[0]
213 |           assert_equal(time, result['result']['_time'].to_i)
214 |           assert_equal(event, JSON.parse(result['result']['_raw']))
215 |         end
216 | 
217 |         test 'default_source' do
218 |           config = merge_config(test_config[:default_config_no_ack], %[
219 |             default_source DefaultSourceTest
220 |           ])
221 |           d = create_driver(config)
222 |           event = {'test' => SecureRandom.hex}
223 |           time = Time.now.to_i - 100
224 |           d.emit(event, time)
225 |           d.run
226 |           result = get_events(test_config[:query_port], 'source="DefaultSourceTest"')[0]
227 |           assert_equal(time, result['result']['_time'].to_i)
228 |           assert_equal(event, JSON.parse(result['result']['_raw']))
229 |         end
230 | 
231 |         test 'source_key is found' do
232 |           config = merge_config(test_config[:default_config_no_ack], %[
233 |             source_key key_for_source
234 |           ])
235 |           d = create_driver(config)
236 |           event = {'key_for_source' => 'SourceKeyTest', 'test' => SecureRandom.hex}
237 |           time = Time.now.to_i - 100
238 |           d.emit(event, time)
239 |           d.run
240 |           result = get_events(test_config[:query_port], 'source="SourceKeyTest"')[0]
241 |           assert_equal(time, result['result']['_time'].to_i)
242 |           assert_equal(event, JSON.parse(result['result']['_raw']))
243 |         end
244 | 
245 |         test 'source_key is not found' do
246 |           config = merge_config(test_config[:default_config_no_ack], %[
247 |             source_key key_for_source
248 |           ])
249 |           d = create_driver(config)
250 |           event = {'test' => SecureRandom.hex}
251 |           time = Time.now.to_i - 100
252 |           d.emit(event, time)
253 |           d.run
254 |           result = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"")[0]
255 |           assert_equal(time, result['result']['_time'].to_i)
256 |           assert_equal(event, JSON.parse(result['result']['_raw']))
257 |         end
258 | 
259 |         test 'both default_source and source_key when source_key is found' do
260 |           config = merge_config(test_config[:default_config_no_ack], %[
261 |             default_source DefaultSourceTest
262 |             source_key key_for_source
263 |           ])
264 |           d = create_driver(config)
265 |           event = {'key_for_source' => 'SourceKeyTest', 'test' => SecureRandom.hex}
266 |           time = Time.now.to_i - 100
267 |           d.emit(event, time)
268 |           d.run
269 |           result = get_events(test_config[:query_port], 'source="SourceKeyTest"')[0]
270 |           assert_equal(time, result['result']['_time'].to_i)
271 |           assert_equal(event, JSON.parse(result['result']['_raw']))
272 |         end
273 | 
274 |         test 'both default_source and source_key when source_key is not found' do
275 |           config = merge_config(test_config[:default_config_no_ack], %[
276 |             default_source DefaultSourceTest
277 |             source_key key_for_source
278 |           ])
279 |           d = create_driver(config)
280 |           event = {'test' => SecureRandom.hex}
281 |           time = Time.now.to_i - 100
282 |           d.emit(event, time)
283 |           d.run
284 |           result = get_events(test_config[:query_port], 'source="DefaultSourceTest"')[0]
285 |           assert_equal(time, result['result']['_time'].to_i)
286 |           assert_equal(event, JSON.parse(result['result']['_raw']))
287 |         end
288 | 
289 |         test 'default_index' do
290 |           config = merge_config(test_config[:default_config_no_ack], %[
291 |             default_index default_index_test
292 |           ])
293 |           d = create_driver(config)
294 |           event = {'test' => SecureRandom.hex}
295 |           time = Time.now.to_i - 100
296 |           d.emit(event, time)
297 |           d.run
298 |           result = get_events(test_config[:query_port], 'index="default_index_test"')[0]
299 |           assert_equal(time, result['result']['_time'].to_i)
300 |           assert_equal(event, JSON.parse(result['result']['_raw']))
301 |         end
302 | 
303 |         test 'index_key is found' do
304 |           config = merge_config(test_config[:default_config_no_ack], %[
305 |             index_key key_for_index
306 |           ])
307 |           d = create_driver(config)
308 |           event = {'key_for_index' => 'index_key_test', 'test' => SecureRandom.hex}
309 |           time = Time.now.to_i - 100
310 |           d.emit(event, time)
311 |           d.run
312 |           result = get_events(test_config[:query_port], 'index="index_key_test"')[0]
313 |           assert_equal(time, result['result']['_time'].to_i)
314 |           assert_equal(event, JSON.parse(result['result']['_raw']))
315 |         end
316 | 
317 |         test 'index_key is not found' do
318 |           config = merge_config(test_config[:default_config_no_ack], %[
319 |             index_key key_for_index
320 |           ])
321 |           d = create_driver(config)
322 |           event = {'test' => SecureRandom.hex}
323 |           time = Time.now.to_i - 100
324 |           d.emit(event, time)
325 |           d.run
326 |           result = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"")[0]
327 |           assert_equal(time, result['result']['_time'].to_i)
328 |           assert_equal(event, JSON.parse(result['result']['_raw']))
329 |         end
330 | 
331 |         test 'both default_index and index_key when index_key is found' do
332 |           config = merge_config(test_config[:default_config_no_ack], %[
333 |             default_index default_index_test
334 |             index_key key_for_source
335 |           ])
336 |           d = create_driver(config)
337 |           event = {'key_for_source' => 'index_key_test', 'test' => SecureRandom.hex}
338 |           time = Time.now.to_i - 100
339 |           d.emit(event, time)
340 |           d.run
341 |           result = get_events(test_config[:query_port], 'index="index_key_test"')[0]
342 |           assert_equal(time, result['result']['_time'].to_i)
343 |           assert_equal(event, JSON.parse(result['result']['_raw']))
344 |         end
345 | 
346 |         test 'both default_index and index_key when index_key is not found' do
347 |           config = merge_config(test_config[:default_config_no_ack], %[
348 |             default_index default_index_test
349 |             index_key key_for_index
350 |           ])
351 |           d = create_driver(config)
352 |           event = {'test' => SecureRandom.hex}
353 |           time = Time.now.to_i - 100
354 |           d.emit(event, time)
355 |           d.run
356 |           result = get_events(test_config[:query_port], 'index="default_index_test"')[0]
357 |           assert_equal(time, result['result']['_time'].to_i)
358 |           assert_equal(event, JSON.parse(result['result']['_raw']))
359 |         end
360 | 
361 |         test 'default_sourcetype' do
362 |           config = merge_config(test_config[:default_config_no_ack], %[
363 |             default_sourcetype DefaultSourcetypeTest
364 |           ])
365 |           d = create_driver(config)
366 |           event = {'test' => SecureRandom.hex}
367 |           time = Time.now.to_i - 100
368 |           d.emit(event, time)
369 |           d.run
370 |           result = get_events(test_config[:query_port], 'sourcetype="DefaultSourcetypeTest"')[0]
371 |           assert_equal(time, result['result']['_time'].to_i)
372 |           assert_equal(event, JSON.parse(result['result']['_raw']))
373 |         end
374 | 
375 |         test 'sourcetype_key is found' do
376 |           config = merge_config(test_config[:default_config_no_ack], %[
377 |             sourcetype_key key_for_sourcetype
378 |           ])
379 |           d = create_driver(config)
380 |           event = {'key_for_sourcetype' => 'SourcetypeKeyTest', 'test' => SecureRandom.hex}
381 |           time = Time.now.to_i - 100
382 |           d.emit(event, time)
383 |           d.run
384 |           result = get_events(test_config[:query_port], 'sourcetype="SourcetypeKeyTest"')[0]
385 |           assert_equal(time, result['result']['_time'].to_i)
386 |           assert_equal(event, JSON.parse(result['result']['_raw']))
387 |         end
388 | 
389 |         test 'sourcetype_key is not found' do
390 |           config = merge_config(test_config[:default_config_no_ack], %[
391 |             sourcetype_key key_for_sourcetype
392 |           ])
393 |           d = create_driver(config)
394 |           event = {'test' => SecureRandom.hex}
395 |           time = Time.now.to_i - 100
396 |           d.emit(event, time)
397 |           d.run
398 |           result = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"")[0]
399 |           assert_equal(time, result['result']['_time'].to_i)
400 |           assert_equal(event, JSON.parse(result['result']['_raw']))
401 |         end
402 | 
403 |         test 'both default_sourcetype and sourcetype_key when sourcetype_key is found' do
404 |           config = merge_config(test_config[:default_config_no_ack], %[
405 |             default_sourcetype DefaultSourcetypeTest
406 |             sourcetype_key key_for_sourcetype
407 |           ])
408 |           d = create_driver(config)
409 |           event = {'key_for_sourcetype' => 'SourcetypeKeyTest', 'test' => SecureRandom.hex}
410 |           time = Time.now.to_i - 100
411 |           d.emit(event, time)
412 |           d.run
413 |           result = get_events(test_config[:query_port], 'sourcetype="SourcetypeKeyTest"')[0]
414 |           assert_equal(time, result['result']['_time'].to_i)
415 |           assert_equal(event, JSON.parse(result['result']['_raw']))
416 |         end
417 | 
418 |         test 'both default_sourcetype and sourcetype_key when sourcetype_key is not found' do
419 |           config = merge_config(test_config[:default_config_no_ack], %[
420 |             default_sourcetype DefaultSourcetypeTest
421 |             sourcetype_key key_for_sourcetype
422 |           ])
423 |           d = create_driver(config)
424 |           event = {'test' => SecureRandom.hex}
425 |           time = Time.now.to_i - 100
426 |           d.emit(event, time)
427 |           d.run
428 |           result = get_events(test_config[:query_port], 'sourcetype="DefaultSourcetypeTest"')[0]
429 |           assert_equal(time, result['result']['_time'].to_i)
430 |           assert_equal(event, JSON.parse(result['result']['_raw']))
431 |         end
432 | 
433 |         # Backward compability (sourcetype) test
434 |         test 'source_type = sourcetype_test' do
435 |           config = merge_config(test_config[:default_config_no_ack], %[
436 |             sourcetype sourcetype_test
437 |           ])
438 |           d = create_driver(config)
439 |           event = {'test' => SecureRandom.hex}
440 |           time = Time.now.to_i - 100
441 |           d.emit(event, time)
442 |           d.run
443 |           result = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"")[0]
444 |           assert_equal(time, result['result']['_time'].to_i)
445 |           assert_equal('sourcetype_test', result['result']['_sourcetype'])
446 |           assert_equal(event, JSON.parse(result['result']['_raw']))
447 |         end
448 | 
449 |         test '_time is sent with nano seconds when use_fluentd_time is true and time_as_integer is false' do
450 |           config = merge_config(test_config[:default_config_no_ack], %[
451 |             use_fluentd_time true
452 |             time_as_integer false
453 |           ])
454 |           d = create_driver(config)
455 |           event = {'test' => SecureRandom.hex}
456 |           time = Fluent::EventTime.new(1560349063, 576000000)
457 |           d.emit(event, time)
458 |           d.run
459 |           result = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"")[0]
460 |           assert_equal(1560349063.576, result['result']['_time'].to_f)
461 |           assert_equal(event, JSON.parse(result['result']['_raw']))
462 |         end
463 |       end
464 | 
465 |       if SPLUNK_VERSION >= to_version('6.4.0')
466 |         test 'use_ack = true' do
467 |           config = merge_config(test_config[:default_config_ack], %[
468 |             channel #{[SecureRandom.hex(4), SecureRandom.hex(2), SecureRandom.hex(2), SecureRandom.hex(2), SecureRandom.hex(6)].join('-')}
469 |           ])
470 |           d = create_driver(config)
471 |           event = {'test' => SecureRandom.hex}
472 |           time = Time.now.to_i - 100
473 |           d.emit(event, time)
474 |           d.run
475 |           result = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_ACK}\"")[0]
476 |           assert_equal(time, result['result']['_time'].to_i)
477 |           assert_equal(event, JSON.parse(result['result']['_raw']))
478 |         end
479 |       end
480 | 
481 |       if SPLUNK_VERSION >= to_version('6.4.0')
482 |         sub_test_case 'raw' do
483 |           test 'with metadata' do
484 |             config = merge_config(test_config[:default_config_no_ack], %[
485 |               raw true
486 |               channel #{[SecureRandom.hex(4), SecureRandom.hex(2), SecureRandom.hex(2), SecureRandom.hex(2), SecureRandom.hex(6)].join('-')}
487 |               event_key splunk_event
488 |               sourcetype fluentd_json_unixtime
489 |               default_host default_host_test
490 |               default_source DefaultSourceTest
491 |               default_index default_index_test
492 |             ])
493 | 
494 |             d = create_driver(config)
495 |             time = Time.now.to_i - 100
496 |             event = {'time' => time, 'msg' => 'msg'}
497 |             record = {'splunk_event' => event.to_json}
498 |             d.emit(record, time)
499 |             d.run
500 |             result = get_events(test_config[:query_port], 'source="DefaultSourceTest"')[0]
501 |             assert_equal(time, result['result']['_time'].to_i)
502 |             assert_equal('fluentd_json_unixtime', result['result']['sourcetype'])
503 |             assert_equal('default_host_test', result['result']['host'])
504 |             assert_equal('DefaultSourceTest', result['result']['source'])
505 |             assert_equal('default_index_test', result['result']['index'])
506 |             assert_equal(event, JSON.parse(result['result']['_raw']))
507 |           end
508 | 
509 |           test 'batched data with metadata' do
510 |             config = merge_config(test_config[:default_config_no_ack], %[
511 |               raw true
512 |               channel #{[SecureRandom.hex(4), SecureRandom.hex(2), SecureRandom.hex(2), SecureRandom.hex(2), SecureRandom.hex(6)].join('-')}
513 |               event_key splunk_event
514 |               sourcetype fluentd_json_unixtime
515 |               default_host default_host_test
516 |               default_source DefaultSourceTest
517 |               default_index default_index_test
518 |             ])
519 | 
520 |             d = create_driver(config)
521 |             time0 = Time.now.to_i - 100
522 |             event0 = {'time' => time0, 'msg' => 'msg0'}
523 |             record0 = {'splunk_event' => event0.to_json}
524 |             time1 = Time.now.to_i - 200
525 |             event1 = {'time' => time1, 'msg' => 'msg1'}
526 |             record1 = {'splunk_event' => event1.to_json}
527 |             d.emit(record0, time0)
528 |             d.emit(record1, time1)
529 |             d.run
530 |             events = get_events(test_config[:query_port], 'source="DefaultSourceTest"', 2)
531 |             assert_equal(time0, events[0]['result']['_time'].to_i)
532 |             assert_equal('fluentd_json_unixtime', events[0]['result']['sourcetype'])
533 |             assert_equal('default_host_test', events[0]['result']['host'])
534 |             assert_equal('DefaultSourceTest', events[0]['result']['source'])
535 |             assert_equal('default_index_test', events[0]['result']['index'])
536 |             assert_equal(event0, JSON.parse(events[0]['result']['_raw']))
537 |             assert_equal(time1, events[1]['result']['_time'].to_i)
538 |             assert_equal('fluentd_json_unixtime', events[1]['result']['sourcetype'])
539 |             assert_equal('default_host_test', events[1]['result']['host'])
540 |             assert_equal('DefaultSourceTest', events[1]['result']['source'])
541 |             assert_equal('default_index_test', events[1]['result']['index'])
542 |             assert_equal(event1, JSON.parse(events[1]['result']['_raw']))
543 |           end
544 | 
545 |           test 'without metadata' do
546 |             config = merge_config(test_config[:default_config_no_ack], %[
547 |               raw true
548 |               channel #{[SecureRandom.hex(4), SecureRandom.hex(2), SecureRandom.hex(2), SecureRandom.hex(2), SecureRandom.hex(6)].join('-')}
549 |               event_key splunk_event
550 |             ])
551 | 
552 |             d = create_driver(config)
553 |             time = Time.now.to_i - 100
554 |             event = {'time' => time, 'msg' => 'msg'}
555 |             record = {'splunk_event' => event.to_json}
556 |             d.emit(record, time)
557 |             d.run
558 |             result = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"")[0]
559 |             assert_equal(event, JSON.parse(result['result']['_raw']))
560 |           end
561 | 
562 |           test 'with empty statement' do
563 |               config = merge_config(test_config[:default_config_no_ack], %[
564 |                 raw true
565 |                 channel #{[SecureRandom.hex(4), SecureRandom.hex(2), SecureRandom.hex(2), SecureRandom.hex(2), SecureRandom.hex(6)].join('-')}
566 |                 event_key splunk_event
567 |               ])
568 | 
569 |               d = create_driver(config)
570 |               time = Time.now.to_i - 100
571 |               event = "raw event"
572 |               record1 = {'splunk_event' => " "}
573 |               record2 = {'splunk_event' => event}
574 |               d.emit(record1, time)
575 |               d.emit(record2, time)
576 |               d.run
577 |               result = get_events(test_config[:query_port], "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"")[0]
578 |               assert_equal(event, result['result']['_raw'])
579 |             end
580 |         end
581 |       end
582 |     end
583 |   end
584 | 
585 |   if SPLUNK_VERSION >= to_version('6.3.0')
586 |     sub_test_case 'HTTPS misc' do
587 |       teardown do
588 |         query(8289, {'search' => "search source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\" | delete"})
589 |       end
590 | 
591 |       sub_test_case 'with invalid certificate' do
592 |         ## realize by changing ca_file
593 |         test 'ssl_verify=true' do
594 |           config = merge_config(DEFAULT_CONFIG_NO_ACK, %[
595 |             port 8288
596 |             use_ssl true
597 |             ssl_verify true
598 |             ca_file #{File.expand_path('../cert/badcacert.pem', __FILE__)}
599 |             client_cert #{File.expand_path('../cert/client.pem', __FILE__)}
600 |             client_key #{File.expand_path('../cert/client.key', __FILE__)}
601 |           ])
602 |           d = create_driver(config)
603 |           event = {'test' => SecureRandom.hex}
604 |           time = Time.now.to_i - 100
605 |           d.emit(event, time)
606 |           # todo: shoud be able to check class and message
607 |           assert_raise(OpenSSL::SSL::SSLError){ d.run }
608 |           assert_raise_message(/certificate verify failed/){ d.run }
609 |         end
610 | 
611 |         test 'ssl_verify=false' do
612 |           config = merge_config(DEFAULT_CONFIG_NO_ACK, %[
613 |             port 8288
614 |             use_ssl true
615 |             ssl_verify false
616 |             ca_file #{File.expand_path('../cert/badcacert.pem', __FILE__)}
617 |             client_cert #{File.expand_path('../cert/client.pem', __FILE__)}
618 |             client_key #{File.expand_path('../cert/client.key', __FILE__)}
619 |           ])
620 |           d = create_driver(config)
621 |           event = {'test' => SecureRandom.hex}
622 |           time = Time.now.to_i - 100
623 |           d.emit(event, time)
624 |           d.run
625 |           result = get_events(8289, "source=\"#{DEFAULT_SOURCE_FOR_NO_ACK}\"")[0]
626 |           assert_equal(time, result['result']['_time'].to_i)
627 |           assert_equal(event, JSON.parse(result['result']['_raw']))
628 |         end
629 |       end
630 | 
631 |       # TODO: tests for requireClientCert=false at Splunk
632 |       sub_test_case 'client authentication failed' do
633 |         test 'with invalid client certificate' do
634 |           config = merge_config(DEFAULT_CONFIG_NO_ACK, %[
635 |             port 8288
636 |             use_ssl true
637 |             ssl_verify true
638 |             ca_file #{File.expand_path('../cert/cacert.pem', __FILE__)}
639 |             client_cert #{File.expand_path('../cert/badclient.pem', __FILE__)}
640 |             client_key #{File.expand_path('../cert/badclient.key', __FILE__)}
641 |           ])
642 |           d = create_driver(config)
643 |           event = {'test' => SecureRandom.hex}
644 |           time = Time.now.to_i - 100
645 |           d.emit(event, time)
646 |           # TODO: shoud be able to check class and message
647 |           assert_raise(OpenSSL::SSL::SSLError){ d.run }
648 |           assert_raise_message(/alert unknown ca/){ d.run }
649 |         end
650 | 
651 |         test 'without client certificate' do
652 |           config = merge_config(DEFAULT_CONFIG_NO_ACK, %[
653 |             port 8288
654 |             use_ssl true
655 |             ssl_verify true
656 |             ca_file #{File.expand_path('../cert/cacert.pem', __FILE__)}
657 |           ])
658 |           d = create_driver(config)
659 |           event = {'test' => SecureRandom.hex}
660 |           time = Time.now.to_i - 100
661 |           d.emit(event, time)
662 |           # TODO: shoud be able to check class and message
663 |           assert_raise(OpenSSL::SSL::SSLError){ d.run }
664 |           assert_raise_message(/alert handshake failure/){ d.run }
665 |         end
666 |       end
667 |     end
668 |   end
669 | end
670 | 


--------------------------------------------------------------------------------
/test/test_out_splunk_tcp.rb:
--------------------------------------------------------------------------------
  1 | require 'helper'
  2 | require 'test/unit'
  3 | require 'fluent/test'
  4 | require 'fluent/plugin/out_splunk_tcp'
  5 | 
  6 | require 'net/https'
  7 | require 'uri'
  8 | require 'json'
  9 | require 'securerandom'
 10 | 
 11 | class SplunkTCPOutputTest < Test::Unit::TestCase
 12 |   def setup
 13 |     Fluent::Test.setup
 14 |   end
 15 | 
 16 |   def teardown
 17 |   end
 18 | 
 19 |   CONFIG = %[
 20 |     host 127.0.0.1
 21 |     port 8089
 22 |     event_key event
 23 |   ]
 24 | 
 25 |   def create_driver(conf = CONFIG)
 26 |     Fluent::Test::BufferedOutputTestDriver.new(Fluent::SplunkTCPOutput){
 27 |       # Fluentd v0.12 BufferedOutputTestDriver calls this method.
 28 |       # BufferedOutput#format_stream calls format method, but ForwardOutput#format is not defined.
 29 |       # Because ObjectBufferedOutput#emit calls es.to_msgpack_stream directly.
 30 |       def format_stream(tag, es)
 31 |         es.to_msgpack_stream
 32 |       end
 33 |     }.configure(conf)
 34 |   end
 35 | 
 36 |   ## query(port, 'source="SourceName"')
 37 |   test 'configure' do
 38 |     d = create_driver
 39 |     assert_equal '127.0.0.1', d.instance.host
 40 |     assert_equal 8089, d.instance.port
 41 |     assert_equal 'raw', d.instance.format
 42 |     assert_equal 'event', d.instance.event_key
 43 |     assert_equal true, d.instance.use_fluentd_time
 44 |     assert_equal 'time', d.instance.time_key
 45 |     assert_equal 'unixtime', d.instance.time_format
 46 |     assert_equal false, d.instance.localtime
 47 |     assert_equal "\n", d.instance.line_breaker
 48 |     assert_equal false, d.instance.use_ssl
 49 |     assert_equal true, d.instance.ssl_verify
 50 |     assert_equal nil, d.instance.ca_file
 51 |     assert_equal nil, d.instance.client_cert
 52 |     assert_equal nil, d.instance.client_key
 53 |     assert_equal nil, d.instance.client_key_pass
 54 |   end
 55 | 
 56 |   def self.merge_config(config1, config2)
 57 |     [config1, config2].join("\n")
 58 |   end
 59 | 
 60 |   def merge_config(config1, config2)
 61 |     self.class.merge_config(config1, config2)
 62 |   end
 63 | 
 64 | 
 65 |   PORT_MAP = {
 66 |     fluentd_json_unixtime: 0,
 67 |     fluentd_json_unixtime2: 1,
 68 |     fluentd_json_strftime: 2,
 69 |     fluentd_kv_unixtime: 3,
 70 |     fluentd_kv_unixtime2: 4,
 71 |     fluentd_kv_strftime: 5,
 72 |   }
 73 | 
 74 |   def port(base, type = :fluentd_json_unixtime)
 75 |     diff = PORT_MAP[type]
 76 |     raise "invalid port type" unless diff
 77 |     base + diff
 78 |   end
 79 | 
 80 |   def with_timezone(tz)
 81 |     oldtz, ENV['TZ'] = ENV['TZ'], tz
 82 |     yield
 83 |   ensure
 84 |     ENV['TZ'] = oldtz
 85 |   end
 86 | 
 87 |   ## It is assumed string elements doesn't contain ' ' and '='
 88 |   def parse_kv(str)
 89 |     str.split(' ').map{|attr|
 90 |       k, v = attr.split('=')
 91 |       if v.start_with?('"') && v.end_with?('"')
 92 |         v = v.gsub(/^"/, '').gsub(/"$/, '').gsub('\"', '"')
 93 |       elsif v =~ /^\d+$/
 94 |         v = v.to_i
 95 |       elsif v =~ /^\d+\.\d+$/
 96 |         v = v.to_f
 97 |       else
 98 |         raise "invalid value as kv: #{v}"
 99 |       end
100 |       [k, v]
101 |     }.to_h
102 |   end
103 | 
104 |   ## I just wanna run same test code for HTTP and HTTPS...
105 |   [{sub_test_case_name: 'TCP', query_port: 8089, server_port_base: 12300, config: %[
106 |                                                                                     host 127.0.0.1
107 |                                                                                     use_ssl false
108 |                                                                                   ]},
109 |    {sub_test_case_name: 'SSL', query_port: 8289, server_port_base: 12500, config: %[
110 |                                                                                     host 127.0.0.1
111 |                                                                                     use_ssl true
112 |                                                                                     ca_file #{File.expand_path('../cert/cacert.pem', __FILE__)}
113 |                                                                                     client_cert #{File.expand_path('../cert/client.pem', __FILE__)}
114 |                                                                                     client_key #{File.expand_path('../cert/client.key', __FILE__)}
115 |                                                                                   ]}
116 |   ].each do |test_config|
117 |     sub_test_case test_config[:sub_test_case_name] do
118 |       teardown do
119 |         PORT_MAP.keys.each do |port|
120 |           query(test_config[:query_port], {'search' => "search source=\"tcp:#{port(test_config[:server_port_base], port)}\" | delete"})
121 |         end
122 |       end
123 | 
124 |       sub_test_case 'raw format' do
125 |         test 'single insert' do
126 |           config = merge_config(test_config[:config], %[
127 |             port #{port(test_config[:server_port_base])}
128 |             format raw
129 |             event_key event
130 |           ])
131 |           d = create_driver(config)
132 |           time = Time.now.to_i - 100
133 |           event = {'time' => time, 'test' => SecureRandom.hex}
134 |           d.emit({'event' => event.to_json}, time)
135 |           d.run
136 |           result = get_events(test_config[:query_port], "source=\"tcp:#{port(test_config[:server_port_base])}\"")[0]
137 |           assert_equal(time, result['result']['_time'].to_i)
138 |           assert_equal(event, JSON.parse(result['result']['_raw']))
139 |         end
140 | 
141 |         test 'batched insert' do
142 |           config = merge_config(test_config[:config], %[
143 |             port #{port(test_config[:server_port_base])}
144 |             format raw
145 |             event_key event
146 |           ])
147 |           d = create_driver(config)
148 |           time0 = Time.now.to_i - 100
149 |           event0 = {'time' => time0, 'test' => SecureRandom.hex}
150 |           time1 = Time.now.to_i - 200
151 |           event1 = {'time' => time1, 'test' => SecureRandom.hex}
152 |           d.emit({'event' => event0.to_json}, time0)
153 |           d.emit({'event' => event1.to_json}, time1)
154 |           d.run
155 |           events = get_events(test_config[:query_port], "source=\"tcp:#{port(test_config[:server_port_base])}\"", 2)
156 |           assert_equal(time0, events[0]['result']['_time'].to_i)
157 |           assert_equal(event0, JSON.parse(events[0]['result']['_raw']))
158 |           assert_equal(time1, events[1]['result']['_time'].to_i)
159 |           assert_equal(event1, JSON.parse(events[1]['result']['_raw']))
160 |         end
161 |       end
162 | 
163 |       sub_test_case 'json format' do
164 |         test 'default' do
165 |           port = port(test_config[:server_port_base], :fluentd_json_unixtime)
166 |           config = merge_config(test_config[:config], %[
167 |             port #{port}
168 |             format json
169 |           ])
170 |           d = create_driver(config)
171 |           time = Time.now.to_i - 100
172 |           event = {'test' => SecureRandom.hex}
173 |           d.emit(event, time)
174 |           d.run
175 |           result = get_events(test_config[:query_port], "source=\"tcp:#{port}\"")[0]
176 |           assert_equal(time, result['result']['_time'].to_i)
177 |           assert_equal({'time' => time}.merge(event), JSON.parse(result['result']['_raw']))
178 |         end
179 | 
180 |         test 'time_key=time2' do
181 |           port = port(test_config[:server_port_base], :fluentd_json_unixtime2)
182 |           config = merge_config(test_config[:config], %[
183 |             port #{port}
184 |             format json
185 |             time_key time2
186 |           ])
187 |           d = create_driver(config)
188 |           time = Time.now.to_i - 100
189 |           event = {'test' => SecureRandom.hex}
190 |           d.emit(event, time)
191 |           d.run
192 |           result = get_events(test_config[:query_port], "source=\"tcp:#{port}\"")[0]
193 |           assert_equal(time, result['result']['_time'].to_i)
194 |           assert_equal({'time2' => time}.merge(event), JSON.parse(result['result']['_raw']))
195 |         end
196 | 
197 |         test 'time_key=strftime' do
198 |           port = port(test_config[:server_port_base], :fluentd_json_strftime)
199 |           config = merge_config(test_config[:config], %[
200 |             port #{port}
201 |             format json
202 |             time_format %Y-%m-%dT%H:%M:%S%z
203 |           ])
204 |           d = create_driver(config)
205 |           time = Time.now.to_i - 100
206 |           event = {'test' => SecureRandom.hex}
207 |           d.emit(event, time)
208 |           d.run
209 |           result = get_events(test_config[:query_port], "source=\"tcp:#{port}\"")[0]
210 |           assert_equal(time, result['result']['_time'].to_i)
211 |           assert_equal({'time' => Time.at(time).utc.strftime('%Y-%m-%dT%H:%M:%S%z')}.merge(event), JSON.parse(result['result']['_raw']))
212 |         end
213 | 
214 |         test 'time_key=strftime, localtime=true' do
215 |           port = port(test_config[:server_port_base], :fluentd_json_strftime)
216 |           config = merge_config(test_config[:config], %[
217 |             port #{port}
218 |             format json
219 |             time_format %Y-%m-%dT%H:%M:%S%z
220 |             localtime true
221 |           ])
222 |           time = Time.now.to_i - 100
223 |           with_timezone("UTC-04") do
224 |             d = create_driver(config)
225 |             event = {'test' => SecureRandom.hex}
226 |             d.emit(event, time)
227 |             d.run
228 |             result = get_events(test_config[:query_port], "source=\"tcp:#{port}\"")[0]
229 |             assert_equal(time, result['result']['_time'].to_i)
230 |             assert_equal({'time' => Time.at(time).strftime('%Y-%m-%dT%H:%M:%S%z')}.merge(event), JSON.parse(result['result']['_raw']))
231 |             assert_equal(time, DateTime.strptime(JSON.parse(result['result']['_raw'])['time'], '%Y-%m-%dT%H:%M:%S%z').to_time.to_i)
232 |           end
233 |         end
234 | 
235 |         test 'use_fluentd_time=false' do
236 |           port = port(test_config[:server_port_base], :fluentd_json_unixtime)
237 |           config = merge_config(test_config[:config], %[
238 |             port #{port}
239 |             format json
240 |             use_fluentd_time false
241 |           ])
242 |           d = create_driver(config)
243 |           time0 = Time.now.to_i - 100
244 |           time1 = time0 - 100
245 |           event = {'time' => time0, 'test' => SecureRandom.hex}
246 |           d.emit(event, time1)
247 |           d.run
248 |           result = get_events(test_config[:query_port], "source=\"tcp:#{port}\"")[0]
249 |           assert_equal(time0, result['result']['_time'].to_i)
250 |           assert_equal(event, JSON.parse(result['result']['_raw']))
251 |         end
252 |       end
253 | 
254 |       sub_test_case 'kv format' do
255 |         test 'default' do
256 |           port = port(test_config[:server_port_base], :fluentd_kv_unixtime)
257 |           config = merge_config(test_config[:config], %[
258 |             port #{port}
259 |             format kv
260 |           ])
261 |           d = create_driver(config)
262 |           time = Time.now.to_i - 100
263 |           event = {'test' => SecureRandom.hex, 'escape' => 'a"b'}
264 |           d.emit(event, time)
265 |           d.run
266 |           result = get_events(test_config[:query_port], "source=\"tcp:#{port}\"")[0]
267 |           assert_equal(time, result['result']['_time'].to_i)
268 |           assert_equal({'time' => time}.merge(event), parse_kv(result['result']['_raw']))
269 |         end
270 | 
271 |         test 'time_key=time2' do
272 |           port = port(test_config[:server_port_base], :fluentd_kv_unixtime2)
273 |           config = merge_config(test_config[:config], %[
274 |             port #{port}
275 |             format kv
276 |             time_key time2
277 |           ])
278 |           d = create_driver(config)
279 |           time = Time.now.to_i - 100
280 |           event = {'test' => SecureRandom.hex}
281 |           d.emit(event, time)
282 |           d.run
283 |           result = get_events(test_config[:query_port], "source=\"tcp:#{port}\"")[0]
284 |           assert_equal(time, result['result']['_time'].to_i)
285 |           assert_equal({'time2' => time}.merge(event), parse_kv(result['result']['_raw']))
286 |         end
287 | 
288 |         test 'time_key=strftime' do
289 |           port = port(test_config[:server_port_base], :fluentd_kv_strftime)
290 |           config = merge_config(test_config[:config], %[
291 |             port #{port}
292 |             format kv
293 |             time_format %Y-%m-%dT%H:%M:%S%z
294 |           ])
295 |           d = create_driver(config)
296 |           time = Time.now.to_i - 100
297 |           event = {'test' => SecureRandom.hex}
298 |           d.emit(event, time)
299 |           d.run
300 |           result = get_events(test_config[:query_port], "source=\"tcp:#{port}\"")[0]
301 |           assert_equal(time, result['result']['_time'].to_i)
302 |           assert_equal({'time' => Time.at(time).utc.strftime('%Y-%m-%dT%H:%M:%S%z')}.merge(event), parse_kv(result['result']['_raw']))
303 |         end
304 | 
305 |         test 'time_key=strftime, localtime=true' do
306 |           port = port(test_config[:server_port_base], :fluentd_kv_strftime)
307 |           config = merge_config(test_config[:config], %[
308 |             port #{port}
309 |             format kv
310 |             time_format %Y-%m-%dT%H:%M:%S%z
311 |             localtime true
312 |           ])
313 |           time = Time.now.to_i - 100
314 |           with_timezone("UTC-04") do
315 |             d = create_driver(config)
316 |             event = {'test' => SecureRandom.hex}
317 |             d.emit(event, time)
318 |             d.run
319 |             result = get_events(test_config[:query_port], "source=\"tcp:#{port}\"")[0]
320 |             assert_equal(time, result['result']['_time'].to_i)
321 |             assert_equal({'time' => Time.at(time).strftime('%Y-%m-%dT%H:%M:%S%z')}.merge(event), parse_kv(result['result']['_raw']))
322 |             assert_equal(time, DateTime.strptime(parse_kv(result['result']['_raw'])['time'], '%Y-%m-%dT%H:%M:%S%z').to_time.to_i)
323 |           end
324 |         end
325 | 
326 |         test 'use_fluentd_time=false' do
327 |           port = port(test_config[:server_port_base], :fluentd_kv_unixtime)
328 |           config = merge_config(test_config[:config], %[
329 |             port #{port}
330 |             format kv
331 |             use_fluentd_time false
332 |           ])
333 |           d = create_driver(config)
334 |           time0 = Time.now.to_i - 100
335 |           time1 = time0 - 100
336 |           event = {'time' => time0, 'test' => SecureRandom.hex}
337 |           d.emit(event, time1)
338 |           d.run
339 |           result = get_events(test_config[:query_port], "source=\"tcp:#{port}\"")[0]
340 |           assert_equal(time0, result['result']['_time'].to_i)
341 |           assert_equal(event, parse_kv(result['result']['_raw']))
342 |         end
343 |       end
344 |     end
345 |   end
346 | 
347 |   sub_test_case 'SSL misc' do
348 |     teardown do
349 |       PORT_MAP.keys.each do |port|
350 |         query(8289, {'search' => "search source=\"tcp:#{port(12500, port)}\" | delete"})
351 |       end
352 |     end
353 | 
354 |     sub_test_case 'with invalid certificate' do
355 |       ## realize by changing ca_file
356 |       test 'ssl_verify=true' do
357 |         config = %[
358 |           host 127.0.0.1
359 |           port #{port(12500)}
360 |           format raw
361 |           event_key event
362 |           use_ssl true
363 |           ssl_verify true
364 |           ca_file #{File.expand_path('../cert/badcacert.pem', __FILE__)}
365 |           client_cert #{File.expand_path('../cert/client.pem', __FILE__)}
366 |           client_key #{File.expand_path('../cert/client.key', __FILE__)}
367 |         ]
368 |         d = create_driver(config)
369 |         time = Time.now.to_i - 100
370 |         event = {'time' => time, 'test' => SecureRandom.hex}
371 |         d.emit({'event' => event.to_json}, time)
372 |         # todo: shoud be able to check class and message
373 |         assert_raise(OpenSSL::SSL::SSLError){ d.run }
374 |         assert_raise_message(/certificate verify failed/){ d.run }
375 |       end
376 | 
377 |       test 'ssl_verify=false' do
378 |         config = %[
379 |           host 127.0.0.1
380 |           port #{port(12500)}
381 |           format raw
382 |           event_key event
383 |           use_ssl true
384 |           ssl_verify false
385 |           ca_file #{File.expand_path('../cert/badcacert.pem', __FILE__)}
386 |           client_cert #{File.expand_path('../cert/client.pem', __FILE__)}
387 |           client_key #{File.expand_path('../cert/client.key', __FILE__)}
388 |         ]
389 |         d = create_driver(config)
390 |         time = Time.now.to_i - 100
391 |         event = {'time' => time, 'test' => SecureRandom.hex}
392 |         d.emit({'event' => event.to_json}, time)
393 |         d.run
394 |         result = get_events(8289, "source=\"tcp:#{port(12500)}\"")[0]
395 |         assert_equal(time, result['result']['_time'].to_i)
396 |         assert_equal(event, JSON.parse(result['result']['_raw']))
397 |       end
398 |     end
399 | 
400 |     # TODO: tests for requireClientCert=false at Splunk
401 |     sub_test_case 'client authentication failed' do
402 |       test 'with invalid client certificate' do
403 |         config = %[
404 |           host 127.0.0.1
405 |           port #{port(12500)}
406 |           format raw
407 |           event_key event
408 |           use_ssl true
409 |           ssl_verify true
410 |           ca_file #{File.expand_path('../cert/cacert.pem', __FILE__)}
411 |           client_cert #{File.expand_path('../cert/badclient.pem', __FILE__)}
412 |           client_key #{File.expand_path('../cert/badclient.key', __FILE__)}
413 |         ]
414 |         d = create_driver(config)
415 |         time = Time.now.to_i - 100
416 |         event = {'time' => time, 'test' => SecureRandom.hex}
417 |         d.emit({'event' => event.to_json}, time)
418 |         # todo: shoud be able to check class and message
419 |         assert_raise(OpenSSL::SSL::SSLError){ d.run }
420 |         assert_raise_message(/alert unknown ca/){ d.run }
421 |       end
422 | 
423 |       test 'without client certificate' do
424 |         config = %[
425 |           host 127.0.0.1
426 |           port #{port(12500)}
427 |           format raw
428 |           event_key event
429 |           use_ssl true
430 |           ssl_verify true
431 |           ca_file #{File.expand_path('../cert/cacert.pem', __FILE__)}
432 |         ]
433 |         d = create_driver(config)
434 |         time = Time.now.to_i - 100
435 |         event = {'time' => time, 'test' => SecureRandom.hex}
436 |         d.emit({'event' => event.to_json}, time)
437 |         # todo: shoud be able to check class and message
438 |         assert_raise(OpenSSL::SSL::SSLError){ d.run }
439 |         assert_raise_message(/alert handshake failure/){ d.run }
440 |       end
441 |     end
442 |   end
443 | end
444 | 


--------------------------------------------------------------------------------