-
Notifications
You must be signed in to change notification settings - Fork 4
Home
Welcome to the kafka-connect-venafi-tpp wiki!
kafka-connect-venafi-tpp is a Kafka connector for Venafi Trust Protection Platform security events.
This connector connects via HTTP to your instance of the Venafi Trust Protection Platform ( which shall be refered to TPP from here on) and pulls your Log events into kafka allowing you to do any filtering/transforming/processing you'd like to do within a comfortable kafka environment.
EVENTLOG STRUCT OBJECT FORMAT as defined by the Venafi WebSDK
- ClientTimestamp: The time that the client generated the event.
- Component: A string that identifies a component DN. For events that occur in a subsystem other than Config, such as a Secret Store, the Distinguished Name (DN) component may be blank.
- ComponentId: The component ID that originated the event.
- ComponentSubsystem: The component subsytem that originated the event.
- Grouping: An integer for the component ID or Group Id that correlates to a set of events.
- Id: A hexadecimal value that corresponds to an Event ID.
- Name: The event name.
- ServerTimestamp: The time the Trust Protection Platform server received the event.
- Severity: A string value for one of these event severity: Emergency, Alert, Critical, Error, Warning, Notice, Info, or Debug
- SourceIP: The IP address of the host that originated the event
- Text1: A string variable, that contains all or part of an event message.
- Text2: An additional string if present, that appears as part of an event message.
- Value1: An integer variable, if present, that appears as part of an event message.
- Value2: An additional integer variable, if present, that appears as part of an event message.
To manually install the connector:
- Build the Jar with
mvn package
- Find the Jar in your target folder called venafi-tpp-log-connector-<version you're building>.jar
- Create a connect property file
name=venafi
connector.class=com.opencredo.connect.venafi.tpp.log.TppLogSourceConnector
tasks.max=1
type.name=kafka-connect
venafi.topic=TPP-LOGS
venafi.base.url=https://localhost:443/vedsdk
venafi.username=placeholder_username
venafi.password=placeholder_password
venafi.batch.size=100
venafi.poll.interval=1000
This is filled with the default values as provided by the config definition class
Whilst all venafi
fields are currently optional and will default to above please change venafi.base.url
, venafi.username
and venafi.password
.
4. Create a directory to place this files e.g. <path-to-confluent>/share/kafka/plugins
.
5. Add this to the plugin path in your Connect properties file.
6. Then call: bin/confluent load venafi -d venafi.properties
If you need to unload/reload it use: bin/confluent unload venafi
For more information please look at the Confluent instructions on manually installing connectors.