Skip to content
rufusfnash edited this page Jan 24, 2019 · 14 revisions

Welcome to the kafka-connect-venafi-tpp wiki!

kafka-connect-venafi-tpp

Build Status

kafka-connect-venafi-tpp is a Kafka connector for Venafi Trust Protection Platform security events.

Description

This connector connects via HTTP to your instance of the Venafi Trust Protection Platform ( which shall be refered to TPP from here on) and pulls your Log events into kafka allowing you to do any filtering/transforming/processing you'd like to do within a comfortable kafka environment.

EVENTLOG STRUCT OBJECT FORMAT as defined by the Venafi WebSDK

  • ClientTimestamp: The time that the client generated the event.
  • Component: A string that identifies a component DN. For events that occur in a subsystem other than Config, such as a Secret Store, the Distinguished Name (DN) component may be blank.
  • ComponentId: The component ID that originated the event.
  • ComponentSubsystem: The component subsytem that originated the event.
  • Grouping: An integer for the component ID or Group Id that correlates to a set of events.
  • Id: A hexadecimal value that corresponds to an Event ID.
  • Name: The event name.
  • ServerTimestamp: The time the Trust Protection Platform server received the event.
  • Severity: A string value for one of these event severity: Emergency, Alert, Critical, Error, Warning, Notice, Info, or Debug
  • SourceIP: The IP address of the host that originated the event
  • Text1: A string variable, that contains all or part of an event message.
  • Text2: An additional string if present, that appears as part of an event message.
  • Value1: An integer variable, if present, that appears as part of an event message.
  • Value2: An additional integer variable, if present, that appears as part of an event message.

Development

To manually install the connector:

  1. Build the Jar with mvn package
  2. Find the Jar in your target folder called venafi-tpp-log-connector-<version you're building>.jar
  3. Create a connect property file
name=venafi
connector.class=com.opencredo.connect.venafi.tpp.log.TppLogSourceConnector
tasks.max=1
type.name=kafka-connect
venafi.topic=TPP-LOGS
venafi.base.url=https://localhost:443/vedsdk
venafi.username=placeholder_username
venafi.password=placeholder_password
venafi.batch.size=100 
venafi.poll.interval=1000

This is filled with the default values as provided by the config definition class Whilst all venafi fields are currently optional and will default to above please change venafi.base.url, venafi.username and venafi.password.
4. Create a directory to place this files e.g. <path-to-confluent>/share/kafka/plugins.
5. Add this to the plugin path in your Connect properties file.
6. Then call: bin/confluent load venafi -d venafi.properties
If you need to unload/reload it use: bin/confluent unload venafi

For more information please look at the Confluent instructions on manually installing connectors.

Clone this wiki locally