27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
# File 'lib/logstash/inputs/LDAPSearch.rb', line 27
def run(queue)
begin
if @usessl == true
conn = Net::LDAP.new :host => @host,
:port => @port,
:encryption => :simple_tls,
:base => base,
:auth => {
:method => :simple,
:username => @dn,
:password => @password.value
}
else
conn = Net::LDAP.new :host => @host,
:port => @port,
:base => base,
:auth => {
:method => :simple,
:username => @dn,
:password => @password.value
}
end
if ! conn.bind
puts "Connection failed - code: #{conn.get_operation_result.code}: #{conn.get_operation_result.message}"
end
search_filter = Net::LDAP::Filter.from_rfc2254(filter)
conn.search( :filter => search_filter, :attributes => attrs ) { |entry|
event = LogStash::Event.new
decorate(event)
entry.attribute_names.each { |attr|
attr = attr.to_s
next if (/^dn$/ =~ attr)
values = entry[attr]
attr = "sAMAccountName" if attr == "samaccountname"
values = values.map { |value|
(/[^[:print:]]/ =~ value).nil? ? value : Base64.strict_encode64(value)
}
event.set(attr,values)
}
queue << event
}
rescue Net::LDAP::Error => le
puts "Got LDAP error: #{le}"
exit
end
end
|