beat keystore possibiity
ipninichuck opened this issue · 3 comments
Hello,
First let me say great work putting this beat together. Very excited to utilize it. I am new to the world of beat dev so I ask a humble question. Other Elastic Beats have keystores where secrets can be kept. Would it be possible to either use an existing keystore of another beat, or perhaps at a later date a keystore could be added to o365beat?
This is a great suggestion, thank you for the feedback. The libbeat
framework actually gives you the ability to create and use keystores already, just like with other built-in beats. So, the following should work fine (tested on v1.4.1):
$ o365beat keystore create
# Created o365beat keystore
$ o365beat keystore add O365BEAT_TEST
# Enter value for O365BEAT_TEST:
# Successfully updated the keystore
It creates the keystore file (by default) in your path.data
location, which is configurable. Then the syntax for using these in your configuration file is the same as with environment variables. So if you wanted to use a keystore instead of environment variables, just add the following to your keystore to match the default o365beat.yml
variable names:
$ o365beat keystore add O365BEAT_TENANT_DOMAIN
$ o365beat keystore add O365BEAT_CLIENT_SECRET
$ o365beat keystore add O365BEAT_CLIENT_ID # aka application id (GUID)
$ o365beat keystore add O365BEAT_DIRECTORY_ID # aka tenant id (GUID)
$ o365beat keystore add O365BEAT_REGISTRY_PATH # state file
I'll update the documentation to reflect this as an option, thank you again for the suggestion!
Sorry, I forgot to address one part of your comment: this should work fine with keystores created by other beats as well, so long as they're in the path.data
location. You can run the following for more info:
$ o365beat keystore --help
Please let me know if you run into any issues, I appreciate the engagement and hope this helps.