Skip to content

out_es: add apikey to available auth types #10461

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

tkennedy1-godaddy
Copy link
Contributor

@tkennedy1-godaddy tkennedy1-godaddy commented Jun 11, 2025

Allow for using an API key as an authentication type to elastic.


Enter [N/A] in the box, if an item is not applicable to your change.

Testing
Before we can approve your change; please submit the following in a comment:

  • Example configuration file for the change
  • Debug log output from testing the change
  • Attached Valgrind output that shows no leaks or memory corruption was found

If this is a change to packaging of containers or native binaries then please confirm it works for all targets.

  • Run local packaging test showing all targets (including any new ones) build.
  • Set ok-package-test label to test for all targets (requires maintainer to do).

Documentation

  • Documentation required for this feature

fluent/fluent-bit-docs#1727

Backporting

  • Backport to latest stable release.

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

Summary by CodeRabbit

  • New Features
    • Added API key authentication for the Elasticsearch output. Configure via the new http_api_key option to send requests with an Authorization header.
  • Bug Fixes
    • Improved error handling and retries when adding authentication headers to requests.
  • Tests
    • Added runtime test covering API key authentication configuration and request behavior.

@tkennedy1-godaddy tkennedy1-godaddy force-pushed the outputs_elasticsearch_add_api_key branch from dd20b37 to d3510d5 Compare June 11, 2025 22:59
@tkennedy1-godaddy
Copy link
Contributor Author

Configuration:

service:
  flush: 1
  daemon: off
  log_level: debug

pipeline:
  inputs:
    - name: forward
      unix_path: /tmp/fluent.sock
      tag: log

  outputs:
    - name: es  
      match: "*"
      host: [ES HOST]
      port: [ES PORT]
      index: fluent-bit-test-10
      http_api_key: [base 64 encoded key]
      suppress_type_name: true
      trace_error: true
      trace_output: true
      tls: true

Response from debug log talking to elastic server:

{
    "errors": false,
    "took": 0,
    "items": [
        {
            "create": {
                "_index": "fluent-bit-test-10",
                "_id": "gLJ_YZcBuX40YbMfktq3",
                "_version": 1,
                "result": "created",
                "_shards": {
                    "total": 2,
                    "successful": 2,
                    "failed": 0
                },
                "_seq_no": 8,
                "_primary_term": 1,
                "status": 201
            }
        },
        {
            "create": {
                "_index": "fluent-bit-test-10",
                "_id": "gbJ_YZcBuX40YbMfktq3",
                "_version": 1,
                "result": "created",
                "_shards": {
                    "total": 2,
                    "successful": 2,
                    "failed": 0
                },
                "_seq_no": 9,
                "_primary_term": 1,
                "status": 201
            }
        },
        {
            "create": {
                "_index": "fluent-bit-test-10",
                "_id": "grJ_YZcBuX40YbMfktq3",
                "_version": 1,
                "result": "created",
                "_shards": {
                    "total": 2,
                    "successful": 2,
                    "failed": 0
                },
                "_seq_no": 10,
                "_primary_term": 1,
                "status": 201
            }
        },
        {
            "create": {
                "_index": "fluent-bit-test-10",
                "_id": "g7J_YZcBuX40YbMfktq3",
                "_version": 1,
                "result": "created",
                "_shards": {
                    "total": 2,
                    "successful": 2,
                    "failed": 0
                },
                "_seq_no": 11,
                "_primary_term": 1,
                "status": 201
            }
        },
        {
            "create": {
                "_index": "fluent-bit-test-10",
                "_id": "hLJ_YZcBuX40YbMfktq3",
                "_version": 1,
                "result": "created",
                "_shards": {
                    "total": 2,
                    "successful": 2,
                    "f=ailed": 0
                },
                "_seq_no": 12,
                "_primary_term": 1,
                "status": 201
            }
        },
        {
            "create": {
                "_index": "fluent-bit-test-10",
                "_id": "hbJ_YZcBuX40YbMfktq3",
                "_version": 1,
                "result": "created",
                "_shards": {
                    "total": 2,
                    "successful": 2,
                    "failed": 0
                },
                "_seq_no": 13,
                "_primary_term": 1,
                "status": 201
            }
        },
        {
            "create": {
                "_index": "fluent-bit-test-10",
                "_id": "hrJ_YZcBuX40YbMfktq3",
                "_version": 1,
                "result": "created",
                "_shards": {
                    "total": 2,
                    "successful": 2,
                    "failed": 0
                },
                "_seq_no": 14,
                "_primary_term": 1,
                "status": 201
            }
        },
        {
            "create": {
                "_index": "fluent-bit-test-10",
                "_id": "h7J_YZcBuX40YbMfktq3",
                "_version": 1,
                "result": "created",
                "_shards": {
                    "total": 2,
                    "successful": 2,
                    "failed": 0
                },
                "_seq_no": 15,
                "_primary_term": 1,
                "status": 201
            }
        },
        {
            "create": {
                "_index": "fluent-bit-test-10",
                "_id": "iLJ_YZcBuX40YbMfktq3",
                "_version": 1,
                "result": "created",
                "_shards": {
                    "total": 2,
                    "successful": 2,
                    "failed": 0
                },
                "_seq_no": 16,
                "_primary_term": 1,
                "status": 201
            }
        }
    ]
}

Full debug log:

17:16:53❯ bin/fluent-bit -c config.yaml
Fluent Bit v4.0.4
* Copyright (C) 2015-2025 The Fluent Bit Authors
* Fluent Bit is a CNCF sub-project under the umbrella of Fluentd
* https://fluentbit.io

______ _                  _    ______ _ _             ___  _____
|  ___| |                | |   | ___ (_) |           /   ||  _  |
| |_  | |_   _  ___ _ __ | |_  | |_/ /_| |_  __   __/ /| || |/' |
|  _| | | | | |/ _ \ '_ \| __| | ___ \ | __| \ \ / / /_| ||  /| |
| |   | | |_| |  __/ | | | |_  | |_/ / | |_   \ V /\___  |\ |_/ /
\_|   |_|\__,_|\___|_| |_|\__| \____/|_|\__|   \_/     |_(_)___/


[2025/06/11 17:16:55] [ info] Configuration:
[2025/06/11 17:16:55] [ info]  flush time     | 1.000000 seconds
[2025/06/11 17:16:55] [ info]  grace          | 5 seconds
[2025/06/11 17:16:55] [ info]  daemon         | 0
[2025/06/11 17:16:55] [ info] ___________
[2025/06/11 17:16:55] [ info]  inputs:
[2025/06/11 17:16:55] [ info]      forward
[2025/06/11 17:16:55] [ info] ___________
[2025/06/11 17:16:55] [ info]  filters:
[2025/06/11 17:16:55] [ info] ___________
[2025/06/11 17:16:55] [ info]  outputs:
[2025/06/11 17:16:55] [ info]      es.0
[2025/06/11 17:16:55] [ info] ___________
[2025/06/11 17:16:55] [ info]  collectors:
[2025/06/11 17:16:55] [ info] [fluent bit] version=4.0.4, commit=d3510d5918, pid=48264
[2025/06/11 17:16:55] [debug] [engine] coroutine stack size: 36864 bytes (36.0K)
[2025/06/11 17:16:55] [ info] [storage] ver=1.5.3, type=memory, sync=normal, checksum=off, max_chunks_up=128
[2025/06/11 17:16:55] [ info] [simd    ] disabled
[2025/06/11 17:16:55] [ info] [cmetrics] version=1.0.3
[2025/06/11 17:16:55] [ info] [ctraces ] version=0.6.6
[2025/06/11 17:16:55] [ info] [input:forward:forward.0] initializing
[2025/06/11 17:16:55] [ info] [input:forward:forward.0] storage_strategy='memory' (memory only)
[2025/06/11 17:16:55] [debug] [forward:forward.0] created event channels: read=25 write=26
[2025/06/11 17:16:55] [debug] [downstream] listening on /tmp/fluent.sock:0
[2025/06/11 17:16:55] [ info] [input:forward:forward.0] listening on unix:///tmp/fluent.sock
[2025/06/11 17:16:55] [debug] [es:es.0] created event channels: read=28 write=29
[2025/06/11 17:16:55] [debug] [tls] attempting to load certificates from system keychain of macOS
[2025/06/11 17:16:55] [debug] [tls] certificate 0 details - subject: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2, issuer: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 0 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 1 details - subject: /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA TLS ECC Root CA 2021, issuer: /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA TLS ECC Root CA 2021
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 1 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 2 details - subject: /C=KR/O=NAVER BUSINESS PLATFORM Corp./CN=NAVER Global Root Certification Authority, issuer: /C=KR/O=NAVER BUSINESS PLATFORM Corp./CN=NAVER Global Root Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 2 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 3 details - subject: /C=GB/O=Sectigo Limited/CN=Sectigo Public Time Stamping Root R46, issuer: /C=GB/O=Sectigo Limited/CN=Sectigo Public Time Stamping Root R46
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 3 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 4 details - subject: /C=CH/O=WISeKey/OU=Copyright (c) 2005/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GA CA, issuer: /C=CH/O=WISeKey/OU=Copyright (c) 2005/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GA CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 4 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 5 details - subject: /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global ECC P384 Certification Authority, issuer: /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global ECC P384 Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 5 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 6 details - subject: /C=IT/L=Milan/O=Actalis S.p.A.\/03358520967/CN=Actalis Authentication Root CA, issuer: /C=IT/L=Milan/O=Actalis S.p.A.\/03358520967/CN=Actalis Authentication Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 6 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 7 details - subject: /C=DE/O=D-Trust GmbH/CN=D-TRUST Root CA 3 2013, issuer: /C=DE/O=D-Trust GmbH/CN=D-TRUST Root CA 3 2013
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 7 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 8 details - subject: /CN=Apple Root CA - G2/OU=Apple Certification Authority/O=Apple Inc./C=US, issuer: /CN=Apple Root CA - G2/OU=Apple Certification Authority/O=Apple Inc./C=US
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 8 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 9 details - subject: /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com EV Root Certification Authority ECC, issuer: /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com EV Root Certification Authority ECC
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 9 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 10 details - subject: /OU=GlobalSign ECC Root CA - R4/O=GlobalSign/CN=GlobalSign, issuer: /OU=GlobalSign ECC Root CA - R4/O=GlobalSign/CN=GlobalSign
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 10 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 11 details - subject: /C=GR/L=Athens/O=Hellenic Academic and Research Institutions Cert. Authority/CN=Hellenic Academic and Research Institutions RootCA 2015, issuer: /C=GR/L=Athens/O=Hellenic Academic and Research Institutions Cert. Authority/CN=Hellenic Academic and Research Institutions RootCA 2015
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 11 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 12 details - subject: /C=TW/O=Chunghwa Telecom Co., Ltd./OU=ePKI Root Certification Authority, issuer: /C=TW/O=Chunghwa Telecom Co., Ltd./OU=ePKI Root Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 12 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 13 details - subject: /C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=AAA Certificate Services, issuer: /C=GB/ST=Greater Manchester/L=Salford/O=Comodo CA Limited/CN=AAA Certificate Services
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 13 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 14 details - subject: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5, issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 14 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 15 details - subject: /C=US/O=SSL Corporation/CN=SSL.com TLS RSA Root CA 2022, issuer: /C=US/O=SSL Corporation/CN=SSL.com TLS RSA Root CA 2022
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 15 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 16 details - subject: /CN=Apple Root CA - G3/OU=Apple Certification Authority/O=Apple Inc./C=US, issuer: /CN=Apple Root CA - G3/OU=Apple Certification Authority/O=Apple Inc./C=US
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 16 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 17 details - subject: /C=US/O=IdenTrust/CN=IdenTrust Public Sector Root CA 1, issuer: /C=US/O=IdenTrust/CN=IdenTrust Public Sector Root CA 1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 17 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 18 details - subject: /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 3 G3, issuer: /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 3 G3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 18 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 19 details - subject: /CN=ACCVRAIZ1/OU=PKIACCV/O=ACCV/C=ES, issuer: /CN=ACCVRAIZ1/OU=PKIACCV/O=ACCV/C=ES
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 19 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 20 details - subject: /C=NO/O=Buypass AS-983163327/CN=Buypass Class 3 Root CA, issuer: /C=NO/O=Buypass AS-983163327/CN=Buypass Class 3 Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 20 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 21 details - subject: /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2, issuer: /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 21 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 22 details - subject: /CN=Atos TrustedRoot Root CA RSA TLS 2021/O=Atos/C=DE, issuer: /CN=Atos TrustedRoot Root CA RSA TLS 2021/O=Atos/C=DE
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 22 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 23 details - subject: /C=US/O=SSL Corporation/CN=SSL.com TLS ECC Root CA 2022, issuer: /C=US/O=SSL Corporation/CN=SSL.com TLS ECC Root CA 2022
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 23 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 24 details - subject: /C=PA/ST=Panama/L=Panama City/O=TrustCor Systems S. de R.L./OU=TrustCor Certificate Authority/CN=TrustCor ECA-1, issuer: /C=PA/ST=Panama/L=Panama City/O=TrustCor Systems S. de R.L./OU=TrustCor Certificate Authority/CN=TrustCor ECA-1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 24 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 25 details - subject: /C=US/O=AffirmTrust/CN=AffirmTrust Commercial, issuer: /C=US/O=AffirmTrust/CN=AffirmTrust Commercial
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 25 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 26 details - subject: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Root E46, issuer: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Root E46
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 26 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 27 details - subject: /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA TLS RSA Root CA 2021, issuer: /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA TLS RSA Root CA 2021
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 27 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 28 details - subject: /C=HK/ST=Hong Kong/L=Hong Kong/O=Hongkong Post/CN=Hongkong Post Root CA 3, issuer: /C=HK/ST=Hong Kong/L=Hong Kong/O=Hongkong Post/CN=Hongkong Post Root CA 3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 28 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 29 details - subject: /C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication Root E46, issuer: /C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication Root E46
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 29 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 30 details - subject: /C=US/O=Certainly/CN=Certainly Root R1, issuer: /C=US/O=Certainly/CN=Certainly Root R1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 30 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 31 details - subject: /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 1 G3, issuer: /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 1 G3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 31 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 32 details - subject: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Secure Mail Root E45, issuer: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Secure Mail Root E45
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 32 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 33 details - subject: /C=DE/O=Atos/CN=Atos TrustedRoot Root CA ECC G2 2020, issuer: /C=DE/O=Atos/CN=Atos TrustedRoot Root CA ECC G2 2020
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 33 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 34 details - subject: /C=US/O=Network Solutions L.L.C./CN=Network Solutions Certificate Authority, issuer: /C=US/O=Network Solutions L.L.C./CN=Network Solutions Certificate Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 34 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 35 details - subject: /C=US/O=VISA/OU=Visa International Service Association/CN=Visa Information Delivery Root CA, issuer: /C=US/O=VISA/OU=Visa International Service Association/CN=Visa Information Delivery Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 35 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 36 details - subject: /C=US/O=Internet Security Research Group/CN=ISRG Root X1, issuer: /C=US/O=Internet Security Research Group/CN=ISRG Root X1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 36 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 37 details - subject: /C=US/OU=www.xrampsecurity.com/O=XRamp Security Services Inc/CN=XRamp Global Certification Authority, issuer: /C=US/OU=www.xrampsecurity.com/O=XRamp Security Services Inc/CN=XRamp Global Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 37 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 38 details - subject: /C=PA/ST=Panama/L=Panama City/O=TrustCor Systems S. de R.L./OU=TrustCor Certificate Authority/CN=TrustCor RootCert CA-2, issuer: /C=PA/ST=Panama/L=Panama City/O=TrustCor Systems S. de R.L./OU=TrustCor Certificate Authority/CN=TrustCor RootCert CA-2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 38 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 39 details - subject: /C=PL/O=Asseco Data Systems S.A./OU=Certum Certification Authority/CN=Certum EC-384 CA, issuer: /C=PL/O=Asseco Data Systems S.A./OU=Certum Certification Authority/CN=Certum EC-384 CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 39 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 40 details - subject: /C=US/O=SSL Corporation/CN=SSL.com Client RSA Root CA 2022, issuer: /C=US/O=SSL Corporation/CN=SSL.com Client RSA Root CA 2022
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 40 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 41 details - subject: /C=DE/O=D-Trust GmbH/CN=D-TRUST Root Class 3 CA 2 EV 2009, issuer: /C=DE/O=D-Trust GmbH/CN=D-TRUST Root Class 3 CA 2 EV 2009
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 41 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 42 details - subject: /C=GB/O=Sectigo Limited/CN=Sectigo Public Email Protection Root R46, issuer: /C=GB/O=Sectigo Limited/CN=Sectigo Public Email Protection Root R46
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 42 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 43 details - subject: /C=CH/O=WISeKey/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GB CA, issuer: /C=CH/O=WISeKey/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GB CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 43 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 44 details - subject: /CN=ComSign Global Root CA/O=ComSign Ltd./C=IL, issuer: /CN=ComSign Global Root CA/O=ComSign Ltd./C=IL
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 44 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 45 details - subject: /C=ES/O=IZENPE S.A./CN=Izenpe.com, issuer: /C=ES/O=IZENPE S.A./CN=Izenpe.com
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 45 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 46 details - subject: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO Certification Authority, issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 46 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 47 details - subject: /C=PA/ST=Panama/L=Panama City/O=TrustCor Systems S. de R.L./OU=TrustCor Certificate Authority/CN=TrustCor RootCert CA-1, issuer: /C=PA/ST=Panama/L=Panama City/O=TrustCor Systems S. de R.L./OU=TrustCor Certificate Authority/CN=TrustCor RootCert CA-1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 47 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 48 details - subject: /OU=GlobalSign ECC Root CA - R5/O=GlobalSign/CN=GlobalSign, issuer: /OU=GlobalSign ECC Root CA - R5/O=GlobalSign/CN=GlobalSign
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 48 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 49 details - subject: /C=ES/O=FNMT-RCM/OU=AC RAIZ FNMT-RCM, issuer: /C=ES/O=FNMT-RCM/OU=AC RAIZ FNMT-RCM
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 49 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 50 details - subject: /OU=GlobalSign ECC Root CA - R4/O=GlobalSign/CN=GlobalSign, issuer: /OU=GlobalSign ECC Root CA - R4/O=GlobalSign/CN=GlobalSign
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 50 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 51 details - subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Trusted Root G4, issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Trusted Root G4
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 51 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 52 details - subject: /C=TW/O=TAIWAN-CA/OU=Root CA/CN=TWCA Root Certification Authority, issuer: /C=TW/O=TAIWAN-CA/OU=Root CA/CN=TWCA Root Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 52 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 53 details - subject: /C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority, issuer: /C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 53 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 54 details - subject: /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA Client RSA Root CA 2021, issuer: /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA Client RSA Root CA 2021
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 54 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 55 details - subject: /C=US/O=SecureTrust Corporation/CN=SecureTrust CA, issuer: /C=US/O=SecureTrust Corporation/CN=SecureTrust CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 55 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 56 details - subject: /C=US/O=Entrust, Inc./OU=See www.entrust.net\/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2, issuer: /C=US/O=Entrust, Inc./OU=See www.entrust.net\/legal-terms/OU=(c) 2009 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 56 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 57 details - subject: /C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root, issuer: /C=IE/O=Baltimore/OU=CyberTrust/CN=Baltimore CyberTrust Root
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 57 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 58 details - subject: /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA Client ECC Root CA 2021, issuer: /C=GR/O=Hellenic Academic and Research Institutions CA/CN=HARICA Client ECC Root CA 2021
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 58 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 59 details - subject: /C=SK/L=Bratislava/O=Disig a.s./CN=CA Disig Root R2, issuer: /C=SK/L=Bratislava/O=Disig a.s./CN=CA Disig Root R2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 59 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 60 details - subject: /C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA, issuer: /C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 60 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 61 details - subject: /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2 G3, issuer: /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2 G3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 61 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 62 details - subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA, issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 62 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 63 details - subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root G3, issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root G3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 63 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 64 details - subject: /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global Certification Authority, issuer: /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 64 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 65 details - subject: /C=US/O=SSL Corporation/CN=SSL.com Client ECC Root CA 2022, issuer: /C=US/O=SSL Corporation/CN=SSL.com Client ECC Root CA 2022
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 65 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 66 details - subject: /C=CN/O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD./CN=GDCA TrustAUTH R5 ROOT, issuer: /C=CN/O=GUANG DONG CERTIFICATE AUTHORITY CO.,LTD./CN=GDCA TrustAUTH R5 ROOT
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 66 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 67 details - subject: /C=DE/O=T-Systems Enterprise Services GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot Class 2, issuer: /C=DE/O=T-Systems Enterprise Services GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot Class 2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 67 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 68 details - subject: /C=DE/O=T-Systems Enterprise Services GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot Class 3, issuer: /C=DE/O=T-Systems Enterprise Services GmbH/OU=T-Systems Trust Center/CN=T-TeleSec GlobalRoot Class 3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 68 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 69 details - subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root G2, issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Assured ID Root G2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 69 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 70 details - subject: /C=JP/O=SECOM Trust Systems CO.,LTD./OU=Security Communication RootCA2, issuer: /C=JP/O=SECOM Trust Systems CO.,LTD./OU=Security Communication RootCA2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 70 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 71 details - subject: /O=Entrust.net/OU=www.entrust.net\/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048), issuer: /O=Entrust.net/OU=www.entrust.net\/CPS_2048 incorp. by ref. (limits liab.)/OU=(c) 1999 Entrust.net Limited/CN=Entrust.net Certification Authority (2048)
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 71 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 72 details - subject: /C=US/O=AffirmTrust/CN=AffirmTrust Networking, issuer: /C=US/O=AffirmTrust/CN=AffirmTrust Networking
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 72 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 73 details - subject: /C=ES/CN=Autoridad de Certificacion Firmaprofesional CIF A62634068, issuer: /C=ES/CN=Autoridad de Certificacion Firmaprofesional CIF A62634068
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 73 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 74 details - subject: /C=US/O=Amazon/CN=Amazon Root CA 3, issuer: /C=US/O=Amazon/CN=Amazon Root CA 3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 74 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 75 details - subject: /C=US/O=Amazon/CN=Amazon Root CA 2, issuer: /C=US/O=Amazon/CN=Amazon Root CA 2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 75 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 76 details - subject: /CN=Atos TrustedRoot Root CA ECC TLS 2021/O=Atos/C=DE, issuer: /CN=Atos TrustedRoot Root CA ECC TLS 2021/O=Atos/C=DE
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 76 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 77 details - subject: /C=US/O=AffirmTrust/CN=AffirmTrust Premium ECC, issuer: /C=US/O=AffirmTrust/CN=AffirmTrust Premium ECC
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 77 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 78 details - subject: /C=US/O=Apple Computer, Inc./OU=Apple Computer Certificate Authority/CN=Apple Root Certificate Authority, issuer: /C=US/O=Apple Computer, Inc./OU=Apple Computer Certificate Authority/CN=Apple Root Certificate Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 78 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 79 details - subject: /C=CH/O=SwissSign AG/CN=SwissSign Gold CA - G2, issuer: /C=CH/O=SwissSign AG/CN=SwissSign Gold CA - G2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 79 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 80 details - subject: /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority, issuer: /C=US/O=The Go Daddy Group, Inc./OU=Go Daddy Class 2 Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 80 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 81 details - subject: /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com Root Certification Authority ECC, issuer: /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com Root Certification Authority ECC
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 81 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 82 details - subject: /C=CN/O=China Financial Certification Authority/CN=CFCA EV ROOT, issuer: /C=CN/O=China Financial Certification Authority/CN=CFCA EV ROOT
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 82 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 83 details - subject: /C=RO/O=CERTSIGN SA/OU=certSIGN ROOT CA G2, issuer: /C=RO/O=CERTSIGN SA/OU=certSIGN ROOT CA G2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 83 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 84 details - subject: /C=CH/O=WISeKey/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GC CA, issuer: /C=CH/O=WISeKey/OU=OISTE Foundation Endorsed/CN=OISTE WISeKey Global Root GC CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 84 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 85 details - subject: /C=US/O=Amazon/CN=Amazon Root CA 1, issuer: /C=US/O=Amazon/CN=Amazon Root CA 1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 85 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 86 details - subject: /C=NO/O=Buypass AS-983163327/CN=Buypass Class 2 Root CA, issuer: /C=NO/O=Buypass AS-983163327/CN=Buypass Class 2 Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 86 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 87 details - subject: /C=US/O=Internet Security Research Group/CN=ISRG Root X2, issuer: /C=US/O=Internet Security Research Group/CN=ISRG Root X2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 87 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 88 details - subject: /C=IN/OU=emSign PKI/O=eMudhra Technologies Limited/CN=emSign Root CA - G1, issuer: /C=IN/OU=emSign PKI/O=eMudhra Technologies Limited/CN=emSign Root CA - G1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 88 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 89 details - subject: /C=US/O=GeoTrust Inc./OU=(c) 2007 GeoTrust Inc. - For authorized use only/CN=GeoTrust Primary Certification Authority - G2, issuer: /C=US/O=GeoTrust Inc./OU=(c) 2007 GeoTrust Inc. - For authorized use only/CN=GeoTrust Primary Certification Authority - G2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 89 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 90 details - subject: /C=TW/O=TAIWAN-CA/OU=Root CA/CN=TWCA Global Root CA, issuer: /C=TW/O=TAIWAN-CA/OU=Root CA/CN=TWCA Global Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 90 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 91 details - subject: /C=US/O=SecureTrust Corporation/CN=Secure Global CA, issuer: /C=US/O=SecureTrust Corporation/CN=Secure Global CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 91 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 92 details - subject: /C=US/O=Amazon/CN=Amazon Root CA 4, issuer: /C=US/O=Amazon/CN=Amazon Root CA 4
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 92 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 93 details - subject: /C=PL/O=Unizeto Technologies S.A./OU=Certum Certification Authority/CN=Certum Trusted Network CA 2, issuer: /C=PL/O=Unizeto Technologies S.A./OU=Certum Certification Authority/CN=Certum Trusted Network CA 2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 93 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 94 details - subject: /C=US/O=AffirmTrust/CN=AffirmTrust Premium, issuer: /C=US/O=AffirmTrust/CN=AffirmTrust Premium
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 94 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 95 details - subject: /C=CH/O=SwissSign AG/CN=SwissSign Silver CA - G2, issuer: /C=CH/O=SwissSign AG/CN=SwissSign Silver CA - G2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 95 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 96 details - subject: /C=DE/O=Atos/CN=Atos TrustedRoot Root CA RSA G2 2020, issuer: /C=DE/O=Atos/CN=Atos TrustedRoot Root CA RSA G2 2020
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 96 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 97 details - subject: /C=HU/L=Budapest/O=NetLock Kft./OU=Tan\xC3\xBAs\xC3\xADtv\xC3\xA1nykiad\xC3\xB3k (Certification Services)/CN=NetLock Arany (Class Gold) F\xC5\x91tan\xC3\xBAs\xC3\xADtv\xC3\xA1ny, issuer: /C=HU/L=Budapest/O=NetLock Kft./OU=Tan\xC3\xBAs\xC3\xADtv\xC3\xA1nykiad\xC3\xB3k (Certification Services)/CN=NetLock Arany (Class Gold) F\xC5\x91tan\xC3\xBAs\xC3\xADtv\xC3\xA1ny
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 97 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 98 details - subject: /C=IN/OU=emSign PKI/O=eMudhra Technologies Limited/CN=emSign ECC Root CA - G3, issuer: /C=IN/OU=emSign PKI/O=eMudhra Technologies Limited/CN=emSign ECC Root CA - G3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 98 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 99 details - subject: /C=GB/O=Sectigo Limited/CN=Sectigo Public Email Protection Root E46, issuer: /C=GB/O=Sectigo Limited/CN=Sectigo Public Email Protection Root E46
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 99 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 100 details - subject: /C=TW/O=Chunghwa Telecom Co., Ltd./CN=HiPKI Root CA - G1, issuer: /C=TW/O=Chunghwa Telecom Co., Ltd./CN=HiPKI Root CA - G1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 100 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 101 details - subject: /C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Root CA, issuer: /C=US/O=Apple Inc./OU=Apple Certification Authority/CN=Apple Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 101 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 102 details - subject: /C=EU/L=Madrid (see current address at www.camerfirma.com\/address)/serialNumber=A82743287/O=AC Camerfirma S.A./CN=Chambers of Commerce Root - 2008, issuer: /C=EU/L=Madrid (see current address at www.camerfirma.com\/address)/serialNumber=A82743287/O=AC Camerfirma S.A./CN=Chambers of Commerce Root - 2008
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 102 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 103 details - subject: /C=PL/O=Asseco Data Systems S.A./OU=Certum Certification Authority/CN=Certum Trusted Root CA, issuer: /C=PL/O=Asseco Data Systems S.A./OU=Certum Certification Authority/CN=Certum Trusted Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 103 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 104 details - subject: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Certification Authority, issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO ECC Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 104 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 105 details - subject: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Secure Mail Root R45, issuer: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Secure Mail Root R45
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 105 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 106 details - subject: /C=US/O=Google Trust Services LLC/CN=GTS Root R1, issuer: /C=US/O=Google Trust Services LLC/CN=GTS Root R1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 106 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 107 details - subject: /C=TR/L=Gebze - Kocaeli/O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK/OU=Kamu Sertifikasyon Merkezi - Kamu SM/CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1, issuer: /C=TR/L=Gebze - Kocaeli/O=Turkiye Bilimsel ve Teknolojik Arastirma Kurumu - TUBITAK/OU=Kamu Sertifikasyon Merkezi - Kamu SM/CN=TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 107 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 108 details - subject: /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global ECC P256 Certification Authority, issuer: /C=US/ST=Illinois/L=Chicago/O=Trustwave Holdings, Inc./CN=Trustwave Global ECC P256 Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 108 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 109 details - subject: /C=US/O=Entrust, Inc./OU=See www.entrust.net\/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - EC1, issuer: /C=US/O=Entrust, Inc./OU=See www.entrust.net\/legal-terms/OU=(c) 2012 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - EC1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 109 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 110 details - subject: /C=US/O=Entrust, Inc./OU=www.entrust.net\/CPS is incorporated by reference/OU=(c) 2006 Entrust, Inc./CN=Entrust Root Certification Authority, issuer: /C=US/O=Entrust, Inc./OU=www.entrust.net\/CPS is incorporated by reference/OU=(c) 2006 Entrust, Inc./CN=Entrust Root Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 110 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 111 details - subject: /CN=Atos TrustedRoot 2011/O=Atos/C=DE, issuer: /CN=Atos TrustedRoot 2011/O=Atos/C=DE
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 111 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 112 details - subject: /C=DE/O=D-Trust GmbH/CN=D-TRUST Root Class 3 CA 2 2009, issuer: /C=DE/O=D-Trust GmbH/CN=D-TRUST Root Class 3 CA 2 2009
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 112 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 113 details - subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA, issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 113 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 114 details - subject: /C=PL/O=Unizeto Technologies S.A./OU=Certum Certification Authority/CN=Certum Trusted Network CA, issuer: /C=PL/O=Unizeto Technologies S.A./OU=Certum Certification Authority/CN=Certum Trusted Network CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 114 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 115 details - subject: /C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication Root R46, issuer: /C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication Root R46
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 115 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 116 details - subject: /C=US/O=Google Trust Services LLC/CN=GTS Root R4, issuer: /C=US/O=Google Trust Services LLC/CN=GTS Root R4
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 116 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 117 details - subject: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Root R46, issuer: /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Root R46
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 117 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 118 details - subject: /C=EU/L=Madrid (see current address at www.camerfirma.com\/address)/serialNumber=A82743287/O=AC Camerfirma S.A./CN=Global Chambersign Root - 2008, issuer: /C=EU/L=Madrid (see current address at www.camerfirma.com\/address)/serialNumber=A82743287/O=AC Camerfirma S.A./CN=Global Chambersign Root - 2008
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 118 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 119 details - subject: /C=FI/O=Telia Finland Oyj/CN=Telia Root CA v2, issuer: /C=FI/O=Telia Finland Oyj/CN=Telia Root CA v2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 119 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 120 details - subject: /C=US/O=IdenTrust/CN=IdenTrust Commercial Root CA 1, issuer: /C=US/O=IdenTrust/CN=IdenTrust Commercial Root CA 1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 120 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 121 details - subject: /C=US/O=Google Trust Services LLC/CN=GTS Root R2, issuer: /C=US/O=Google Trust Services LLC/CN=GTS Root R2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 121 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 122 details - subject: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign, issuer: /OU=GlobalSign Root CA - R3/O=GlobalSign/CN=GlobalSign
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 122 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 123 details - subject: /C=US/O=Entrust, Inc./OU=See www.entrust.net\/legal-terms/OU=(c) 2015 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G4, issuer: /C=US/O=Entrust, Inc./OU=See www.entrust.net\/legal-terms/OU=(c) 2015 Entrust, Inc. - for authorized use only/CN=Entrust Root Certification Authority - G4
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 123 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 124 details - subject: /OU=GlobalSign Root CA - R6/O=GlobalSign/CN=GlobalSign, issuer: /OU=GlobalSign Root CA - R6/O=GlobalSign/CN=GlobalSign
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 124 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 125 details - subject: /O=TeliaSonera/CN=TeliaSonera Root CA v1, issuer: /O=TeliaSonera/CN=TeliaSonera Root CA v1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 125 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 126 details - subject: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority, issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 126 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 127 details - subject: /C=US/O=Google Trust Services LLC/CN=GTS Root R3, issuer: /C=US/O=Google Trust Services LLC/CN=GTS Root R3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 127 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 128 details - subject: /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com Root Certification Authority RSA, issuer: /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com Root Certification Authority RSA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 128 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 129 details - subject: /O=Cisco Systems/CN=Cisco Root CA 2048, issuer: /O=Cisco Systems/CN=Cisco Root CA 2048
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 129 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 130 details - subject: /C=RO/O=certSIGN/OU=certSIGN ROOT CA, issuer: /C=RO/O=certSIGN/OU=certSIGN ROOT CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 130 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 131 details - subject: /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com EV Root Certification Authority RSA R2, issuer: /C=US/ST=Texas/L=Houston/O=SSL Corporation/CN=SSL.com EV Root Certification Authority RSA R2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 131 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 132 details - subject: /C=US/O=Google Trust Services LLC/CN=GTS Root R3, issuer: /C=US/O=Google Trust Services LLC/CN=GTS Root R3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 132 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 133 details - subject: /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust ECC Certification Authority, issuer: /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust ECC Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 133 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 134 details - subject: /C=HU/L=Budapest/O=Microsec Ltd./CN=Microsec e-Szigno Root CA 2009/[email protected], issuer: /C=HU/L=Budapest/O=Microsec Ltd./CN=Microsec e-Szigno Root CA 2009/[email protected]
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 134 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 135 details - subject: /C=US/O=Microsoft Corporation/CN=Microsoft ECC Root Certificate Authority 2017, issuer: /C=US/O=Microsoft Corporation/CN=Microsoft ECC Root Certificate Authority 2017
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 135 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 136 details - subject: /C=US/O=Google Trust Services LLC/CN=GTS Root R2, issuer: /C=US/O=Google Trust Services LLC/CN=GTS Root R2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 136 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 137 details - subject: /C=FR/O=Dhimyotis/CN=Certigna, issuer: /C=FR/O=Dhimyotis/CN=Certigna
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 137 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 138 details - subject: /C=AT/O=e-commerce monitoring GmbH/CN=GLOBALTRUST 2020, issuer: /C=AT/O=e-commerce monitoring GmbH/CN=GLOBALTRUST 2020
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 138 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 139 details - subject: /C=US/O=Google Trust Services LLC/CN=GTS Root R4, issuer: /C=US/O=Google Trust Services LLC/CN=GTS Root R4
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 139 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 140 details - subject: /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 3, issuer: /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 140 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 141 details - subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G2, issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 141 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 142 details - subject: /C=GB/O=Sectigo Limited/CN=Sectigo Public Time Stamping Root E46, issuer: /C=GB/O=Sectigo Limited/CN=Sectigo Public Time Stamping Root E46
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 142 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 143 details - subject: /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2, issuer: /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 143 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 144 details - subject: /C=GR/L=Athens/O=Hellenic Academic and Research Institutions Cert. Authority/CN=Hellenic Academic and Research Institutions ECC RootCA 2015, issuer: /C=GR/L=Athens/O=Hellenic Academic and Research Institutions Cert. Authority/CN=Hellenic Academic and Research Institutions ECC RootCA 2015
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 144 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 145 details - subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA, issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 145 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 146 details - subject: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G3, issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G3
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 146 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 147 details - subject: /C=US/O=Google Trust Services LLC/CN=GTS Root R1, issuer: /C=US/O=Google Trust Services LLC/CN=GTS Root R1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 147 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 148 details - subject: /C=US/O=Certainly/CN=Certainly Root E1, issuer: /C=US/O=Certainly/CN=Certainly Root E1
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 148 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 149 details - subject: /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2, issuer: /C=BM/O=QuoVadis Limited/CN=QuoVadis Root CA 2
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 149 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 150 details - subject: /C=PL/O=Unizeto Sp. z o.o./CN=Certum CA, issuer: /C=PL/O=Unizeto Sp. z o.o./CN=Certum CA
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 150 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 151 details - subject: /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority, issuer: /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 151 to trusted store
[2025/06/11 17:16:55] [debug] [tls] certificate 152 details - subject: /C=US/O=Microsoft Corporation/CN=Microsoft RSA Root Certificate Authority 2017, issuer: /C=US/O=Microsoft Corporation/CN=Microsoft RSA Root Certificate Authority 2017
[2025/06/11 17:16:55] [debug] [tls] successfully loaded and added certificate 152 to trusted store
[2025/06/11 17:16:55] [debug] [tls] finished loading keychain certificates, total loaded: 153
[2025/06/11 17:16:55] [debug] [output:es:es.0] host=[ES HOST] port=[ES PORT] uri=/_bulk index=fluent-bit-test-10 type=_doc
[2025/06/11 17:16:55] [ info] [output:es:es.0] worker #1 started
[2025/06/11 17:16:55] [ info] [output:es:es.0] worker #0 started
[2025/06/11 17:16:55] [ info] [sp] stream processor started
[2025/06/11 17:16:55] [ info] [engine] Shutdown Grace Period=5, Shutdown Input Grace Period=2
[2025/06/11 17:17:10] [debug] [task] created task=0x6000035c8000 id=0 OK
[2025/06/11 17:17:10] [debug] [output:es:es.0] task_id=0 assigned to thread #0
[2025/06/11 17:17:10] [ warn] [net] getaddrinfo(host='[ES HOST], err=11): Could not contact DNS servers
[2025/06/11 17:17:10] [debug] [upstream] connection #-1 failed to [ES HOST]
[2025/06/11 17:17:10] [debug] [out flush] cb_destroy coro_id=0
[2025/06/11 17:17:10] [debug] [retry] new retry created for task_id=0 attempts=1
[2025/06/11 17:17:10] [ warn] [engine] failed to flush chunk '48264-1749687429.792519000.flb', retry in 9 seconds: task_id=0, input=forward.0 > output=es.0 (out_id=0)
[2025/06/11 17:17:11] [debug] [task] created task=0x6000035c80b0 id=1 OK
[2025/06/11 17:17:11] [debug] [output:es:es.0] task_id=1 assigned to thread #1
[2025/06/11 17:17:11] [debug] [upstream] KA connection #60 to [ES HOST]:[ES PORT] is connected
[2025/06/11 17:17:11] [debug] [out_es] converted_size is 0
[2025/06/11 17:17:11] [debug] [http_client] not using http_proxy for header
[2025/06/11 17:17:12] [debug] [output:es:es.0] HTTP Status=200 URI=/_bulk
[2025/06/11 17:17:12] [debug] [output:es:es.0] Elasticsearch response
{"errors":false,"took":600,"items":[{"create":{"_index":"fluent-bit-test-10","_id":"zkp_YZcBdYUQBC_ddZbC","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":0,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"z0p_YZcBdYUQBC_ddZbC","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":1,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"0Ep_YZcBdYUQBC_ddZbC","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":2,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"0Up_YZcBdYUQBC_ddZbC","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":3,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"0kp_YZcBdYUQBC_ddZbC","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":4,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"00p_YZcBdYUQBC_ddZbC","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":5,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"1Ep_YZcBdYUQBC_ddZbC","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":6,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"1Up_YZcBdYUQBC_ddZbC","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":7,"_primary_term":1,"status":201}}]}
[2025/06/11 17:17:12] [debug] [upstream] KA connection #60 to [ES HOST]:[ES PORT] is now available
[2025/06/11 17:17:12] [debug] [task] destroy task=0x6000035c80b0 (task_id=1)
[2025/06/11 17:17:12] [debug] [out flush] cb_destroy coro_id=0
[2025/06/11 17:17:19] [debug] [output:es:es.0] task_id=0 assigned to thread #0
[2025/06/11 17:17:19] [debug] [upstream] KA connection #59 to [ES HOST]:[ES PORT] is connected
[2025/06/11 17:17:19] [debug] [http_client] not using http_proxy for header
[2025/06/11 17:17:19] [debug] [output:es:es.0] HTTP Status=200 URI=/_bulk
[2025/06/11 17:17:20] [debug] [output:es:es.0] Elasticsearch response
{"errors":false,"took":0,"items":[{"create":{"_index":"fluent-bit-test-10","_id":"gLJ_YZcBuX40YbMfktq3","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":8,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"gbJ_YZcBuX40YbMfktq3","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":9,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"grJ_YZcBuX40YbMfktq3","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":10,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"g7J_YZcBuX40YbMfktq3","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":11,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"hLJ_YZcBuX40YbMfktq3","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":12,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"hbJ_YZcBuX40YbMfktq3","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":13,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"hrJ_YZcBuX40YbMfktq3","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":14,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"h7J_YZcBuX40YbMfktq3","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":15,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"iLJ_YZcBuX40YbMfktq3","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":16,"_primary_term":1,"status":201}}]}
[2025/06/11 17:17:20] [debug] [upstream] KA connection #59 to [ES HOST]:[ES PORT] is now available
[2025/06/11 17:17:20] [ info] [engine] flush chunk '48264-1749687429.792519000.flb' succeeded at retry 1: task_id=0, input=forward.0 > output=es.0 (out_id=0)
[2025/06/11 17:17:20] [debug] [out flush] cb_destroy coro_id=1
[2025/06/11 17:17:20] [debug] [task] destroy task=0x6000035c8000 (task_id=0)
^[[C^[[C^[[Cq^C[2025/06/11 17:17:28] [engine] caught signal (SIGINT)
[2025/06/11 17:17:28] [ info] [input] pausing forward.0
[2025/06/11 17:17:28] [ info] [output:es:es.0] thread worker #0 stopping...
[2025/06/11 17:17:28] [ info] [output:es:es.0] thread worker #0 stopped
[2025/06/11 17:17:28] [ info] [output:es:es.0] thread worker #1 stopping...
[2025/06/11 17:17:28] [ info] [output:es:es.0] thread worker #1 stopped

Valgrind details:

debian@debian:~/fluent-bit/build$ valgrind ./bin/fluent-bit -c config.yaml
==13044== Memcheck, a memory error detector
==13044== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==13044== Using Valgrind-3.19.0 and LibVEX; rerun with -h for copyright info
==13044== Command: ./bin/fluent-bit -c config.yaml
==13044==
Fluent Bit v4.0.4
* Copyright (C) 2015-2025 The Fluent Bit Authors
* Fluent Bit is a CNCF sub-project under the umbrella of Fluentd
* https://fluentbit.io

______ _                  _    ______ _ _             ___  _____
|  ___| |                | |   | ___ (_) |           /   ||  _  |
| |_  | |_   _  ___ _ __ | |_  | |_/ /_| |_  __   __/ /| || |/' |
|  _| | | | | |/ _ \ '_ \| __| | ___ \ | __| \ \ / / /_| ||  /| |
| |   | | |_| |  __/ | | | |_  | |_/ / | |_   \ V /\___  |\ |_/ /
\_|   |_|\__,_|\___|_| |_|\__| \____/|_|\__|   \_/     |_(_)___/


[2025/06/11 17:25:16] [ info] Configuration:
[2025/06/11 17:25:16] [ info]  flush time     | 1.000000 seconds
[2025/06/11 17:25:16] [ info]  grace          | 5 seconds
[2025/06/11 17:25:16] [ info]  daemon         | 0
[2025/06/11 17:25:16] [ info] ___________
[2025/06/11 17:25:16] [ info]  inputs:
[2025/06/11 17:25:16] [ info]      forward
[2025/06/11 17:25:16] [ info] ___________
[2025/06/11 17:25:16] [ info]  filters:
[2025/06/11 17:25:16] [ info] ___________
[2025/06/11 17:25:16] [ info]  outputs:
[2025/06/11 17:25:16] [ info]      es.0
[2025/06/11 17:25:16] [ info] ___________
[2025/06/11 17:25:16] [ info]  collectors:
[2025/06/11 17:25:16] [ info] [fluent bit] version=4.0.4, commit=d3510d5918, pid=13044
[2025/06/11 17:25:16] [debug] [engine] coroutine stack size: 196608 bytes (192.0K)
[2025/06/11 17:25:16] [ info] [output:es:es.0] worker #0 started
[2025/06/11 17:25:16] [ info] [storage] ver=1.5.3, type=memory, sync=normal, checksum=off, max_chunks_up=128
[2025/06/11 17:25:16] [ info] [simd    ] disabled
[2025/06/11 17:25:16] [ info] [output:es:es.0] worker #1 started
[2025/06/11 17:25:16] [ info] [cmetrics] version=1.0.3
[2025/06/11 17:25:16] [ info] [ctraces ] version=0.6.6
[2025/06/11 17:25:16] [ info] [input:forward:forward.0] initializing
[2025/06/11 17:25:16] [ info] [input:forward:forward.0] storage_strategy='memory' (memory only)
[2025/06/11 17:25:16] [debug] [forward:forward.0] created event channels: read=25 write=26
[2025/06/11 17:25:16] [debug] [downstream] listening on /tmp/fluent.sock:0
[2025/06/11 17:25:16] [ info] [input:forward:forward.0] listening on unix:///tmp/fluent.sock
[2025/06/11 17:25:16] [debug] [es:es.0] created event channels: read=28 write=29
[2025/06/11 17:25:16] [debug] [output:es:es.0] host=[ES HOST] port=[ES PORT] uri=/_bulk index=fluent-bit-test-10 type=_doc
[2025/06/11 17:25:16] [ info] [sp] stream processor started
[2025/06/11 17:25:16] [ info] [engine] Shutdown Grace Period=5, Shutdown Input Grace Period=2
[2025/06/11 17:25:38] [debug] [task] created task=0x56d6db0 id=0 OK
[2025/06/11 17:25:38] [debug] [output:es:es.0] task_id=0 assigned to thread #0
[2025/06/11 17:25:39] [debug] [upstream] KA connection #59 to [ES HOST]:[ES PORT] is connected
[2025/06/11 17:25:39] [debug] [http_client] not using http_proxy for header
[2025/06/11 17:25:39] [debug] [output:es:es.0] HTTP Status=200 URI=/_bulk
[2025/06/11 17:25:39] [debug] [output:es:es.0] Elasticsearch response
{"errors":false,"took":0,"items":[{"create":{"_index":"fluent-bit-test-10","_id":"j7KHYZcBuX40YbMfMPG6","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":17,"_primary_term":1,"status":201}}]}
[2025/06/11 17:25:39] [debug] [task] destroy task=0x56d6db0 (task_id=0)
[2025/06/11 17:25:39] [debug] [upstream] KA connection #59 to [ES HOST]:[ES PORT] is now available
[2025/06/11 17:25:39] [debug] [out flush] cb_destroy coro_id=0
[2025/06/11 17:25:39] [debug] [task] created task=0x833de10 id=0 OK
[2025/06/11 17:25:39] [debug] [output:es:es.0] task_id=0 assigned to thread #1
[2025/06/11 17:25:39] [debug] [upstream] KA connection #60 to [ES HOST]:[ES PORT] is connected
[2025/06/11 17:25:39] [debug] [out_es] converted_size is 0
[2025/06/11 17:25:39] [debug] [http_client] not using http_proxy for header
[2025/06/11 17:25:39] [debug] [output:es:es.0] HTTP Status=200 URI=/_bulk
[2025/06/11 17:25:39] [debug] [output:es:es.0] Elasticsearch response
{"errors":false,"took":0,"items":[{"create":{"_index":"fluent-bit-test-10","_id":"kLKHYZcBuX40YbMfM_ER","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":18,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"kbKHYZcBuX40YbMfM_ER","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":19,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"krKHYZcBuX40YbMfM_ER","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":20,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"k7KHYZcBuX40YbMfM_ER","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":21,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"lLKHYZcBuX40YbMfM_ER","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":22,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"lbKHYZcBuX40YbMfM_ER","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":23,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"lrKHYZcBuX40YbMfM_ER","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":24,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"l7KHYZcBuX40YbMfM_ER","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":25,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"mLKHYZcBuX40YbMfM_ER","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":26,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"mbKHYZcBuX40YbMfM_ER","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":27,"_primary_term":1,"status":201}}]}
[2025/06/11 17:25:39] [debug] [upstream] KA connection #60 to [ES HOST]:[ES PORT] is now available
[2025/06/11 17:25:39] [debug] [out flush] cb_destroy coro_id=0
[2025/06/11 17:25:39] [debug] [task] destroy task=0x833de10 (task_id=0)
[2025/06/11 17:25:40] [debug] [task] created task=0x866ae70 id=0 OK
[2025/06/11 17:25:40] [debug] [upstream] KA connection #59 to [ES HOST]:[ES PORT] has been assigned (recycled)
[2025/06/11 17:25:40] [debug] [out_es] converted_size is 0
tamp":{"seconds":1746131120,"nanos":936827783},"trace.id":"7b833c8c7cd43aef8a30e70e9bb11da5","transaction.id":"7b833c8c7cd43aef","GD_ENV":"test","GD_REGION":"us-west-2"}
[2025/06/11 17:25:40] [debug] [http_client] not using http_proxy for header
[2025/06/11 17:25:40] [debug] [output:es:es.0] HTTP Status=200 URI=/_bulk
[2025/06/11 17:25:40] [debug] [output:es:es.0] Elasticsearch response
{"errors":false,"took":200,"items":[{"create":{"_index":"fluent-bit-test-10","_id":"mrKHYZcBuX40YbMfNvG-","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":28,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"m7KHYZcBuX40YbMfNvG-","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":29,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"nLKHYZcBuX40YbMfNvG-","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":30,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"nbKHYZcBuX40YbMfNvG-","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":31,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"nrKHYZcBuX40YbMfNvG-","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":32,"_primary_term":1,"status":201}},{"create":{"_index":"fluent-bit-test-10","_id":"n7KHYZcBuX40YbMfNvG-","_version":1,"result":"created","_shards":{"total":2,"successful":2,"failed":0},"_seq_no":33,"_primary_term":1,"status":201}}]}
[2025/06/11 17:25:40] [debug] [upstream] KA connection #59 to [ES HOST]:[ES PORT] is now available
[2025/06/11 17:25:40] [debug] [task] destroy task=0x866ae70 (task_id=0)
[2025/06/11 17:25:40] [debug] [out flush] cb_destroy coro_id=1
^C[2025/06/11 17:25:46] [engine] caught signal (SIGINT)
[2025/06/11 17:25:46] [ warn] [engine] service will shutdown in max 5 seconds
[2025/06/11 17:25:46] [ info] [input] pausing forward.0
[2025/06/11 17:25:46] [ info] [engine] service has stopped (0 pending tasks)
[2025/06/11 17:25:46] [ info] [input] pausing forward.0
[2025/06/11 17:25:46] [ info] [output:es:es.0] thread worker #0 stopping...
[2025/06/11 17:25:46] [ info] [output:es:es.0] thread worker #0 stopped
[2025/06/11 17:25:46] [ info] [output:es:es.0] thread worker #1 stopping...
[2025/06/11 17:25:46] [ info] [output:es:es.0] thread worker #1 stopped
==13044==
==13044== HEAP SUMMARY:
==13044==     in use at exit: 0 bytes in 0 blocks
==13044==   total heap usage: 22,120 allocs, 22,120 frees, 22,785,007 bytes allocated
==13044==
==13044== All heap blocks were freed -- no leaks are possible
==13044==
==13044== For lists of detected and suppressed errors, rerun with: -s
==13044== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

@tkennedy1-godaddy
Copy link
Contributor Author

Is there anything I can do to get this merged? I'd like to not have to use a fork of fluent-bit and username/password auth is difficult to manage from a secrets rotation perspective in elastic.

@tkennedy1-godaddy
Copy link
Contributor Author

Not to necro again, but Is there any way to get movement on this?

@bvader
Copy link

bvader commented Jul 29, 2025

Hi @tkennedy1-godaddy Thank you for adding this functionality. Hopefully, it gets reviewed soon. This is much-needed functionality.

@iamhowardtheduck
Copy link

This would be exceptionally helpful for my large customers!

@3kt
Copy link

3kt commented Jul 29, 2025

Any chance this makes the cut for the next release?

@tkennedy1-godaddy tkennedy1-godaddy force-pushed the outputs_elasticsearch_add_api_key branch from cd8258b to 69caba0 Compare August 13, 2025 17:57
@tkennedy1-godaddy
Copy link
Contributor Author

Thank you @braydonk, feedback responded to

Copy link

coderabbitai bot commented Aug 13, 2025

Walkthrough

Adds API key authentication to the Elasticsearch output plugin. Introduces a new http_api_key config option, stores it in the plugin context, and appends an Authorization: ApiKey header during flush when set. Updates struct definitions accordingly and adds a runtime test validating API key handling.

Changes

Cohort / File(s) Summary
Elasticsearch output implementation
plugins/out_es/es.c
Adds http_api_key config map entry; includes headers for logging/SDS; introduces API key auth branch in cb_es_flush that formats and adds Authorization: ApiKey header with error handling and cleanup.
Elasticsearch plugin struct
plugins/out_es/es.h
Adds char* http_api_key field to struct flb_elasticsearch under HTTP Auth.
Runtime tests
tests/runtime/out_elasticsearch.c
Adds test flb_test_http_api_key validating API key config and header handling; registers test in TEST_LIST.

Sequence Diagram(s)

sequenceDiagram
  participant Ingest as Record Ingest
  participant ES as ES Output Plugin
  participant HTTP as HTTP Client

  Ingest->>ES: Flush request
  alt HTTP Basic configured
    ES->>HTTP: Authorization: Basic ...
  else Cloud auth configured
    ES->>HTTP: Authorization: Basic <cloud token>
  else API key configured
    ES->>HTTP: Authorization: ApiKey <key>
  else AWS SigV4 configured
    ES->>HTTP: Signed request (SigV4)
  else
    ES->>HTTP: No Authorization header
  end
  HTTP-->>ES: Response
Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

A hop, a skip, a secret key—
I tuck it in my header, whee!
To Elasticsearch I bound and say,
“ApiKey nibble, on my way!”
Carrots secure, logs set free,
Thump-thump—shipping joyfully. 🥕✨

Tip

🔌 Remote MCP (Model Context Protocol) integration is now available!

Pro plan users can now connect to remote MCP servers from the "Integrations" page. Connect with popular remote MCPs such as Notion and Linear to add more context to your reviews and chats.


📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7209a5c and d7dfdde.

📒 Files selected for processing (3)
  • plugins/out_es/es.c (4 hunks)
  • plugins/out_es/es.h (1 hunks)
  • tests/runtime/out_elasticsearch.c (3 hunks)
🚧 Files skipped from review as they are similar to previous changes (3)
  • plugins/out_es/es.h
  • tests/runtime/out_elasticsearch.c
  • plugins/out_es/es.c
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (26)
  • GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit (Arm64), amd64_arm64, -DCMAKE_SYSTEM_NAME=Windows -DCMA...
  • GitHub Check: pr-windows-build / call-build-windows-package (Windows 32bit, x86, x86-windows-static, 3.31.6)
  • GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit, x64, x64-windows-static, 3.31.6)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=On, 3.31.6, clang, clang++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=Off, 3.31.6, gcc, g++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_THREAD=On, 3.31.6, clang, clang++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=Off, 3.31.6, clang, clang++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_COVERAGE=On, 3.31.6, gcc, g++)
  • GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_ADDRESS=On, 3.31.6, gcc, g++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=On, 3.31.6, gcc, g++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_MEMORY=On, 3.31.6, clang, clang++)
  • GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_UNDEFINED=On, 3.31.6, gcc, g++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_THREAD=On, 3.31.6, gcc, g++)
  • GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_UNDEFINED=On, 3.31.6, clang, clang++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=On, 3.31.6, clang, clang++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_SMALL=On, 3.31.6, clang, clang++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_SMALL=On, 3.31.6, gcc, g++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=Off, 3.31.6, clang, clang++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=Off, 3.31.6, gcc, g++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=On, 3.31.6, gcc, g++)
  • GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_MEMORY=On, 3.31.6, gcc, g++)
  • GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_ADDRESS=On, 3.31.6, clang, clang++)
  • GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, clang, clang++, ubuntu-24.04, clang-14)
  • GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, clang, clang++, ubuntu-22.04, clang-12)
  • GitHub Check: pr-compile-centos-7
  • GitHub Check: PR - fuzzing test
✨ Finishing Touches
  • 📝 Generate Docstrings
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

  • Visit our Status Page to check the current availability of CodeRabbit.
  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🔭 Outside diff range comments (1)
plugins/out_es/es.c (1)

917-927: Reject combined AWS SigV4 and HTTP/Cloud/API key authentication
Mixing aws_auth with http_user/http_passwd, http_api_key or cloud_auth leads to the SigV4 flow overwriting any Authorization header. It’s safer to fail during init when these options are used together.

• Location: plugins/out_es/es.c, inside cb_es_init (after the existing index/logstash check)
• Add a guard that checks ctx->has_aws_auth alongside ctx->http_user, ctx->http_api_key or ctx->cloud_auth and returns -1 with an error.

Proposed diff:

--- a/plugins/out_es/es.c
+++ b/plugins/out_es/es.c
@@ -630,6 +630,16 @@ static int cb_es_init(struct flb_output_instance *ins,
     if (ctx->index == NULL && ctx->logstash_format == FLB_FALSE && ctx->generate_id == FLB_FALSE) {
         flb_plg_error(ins,
                       "cannot initialize plugin, index is not set and logstash_format and generate_id are both off");
+        return -1;
+    }
+
+    /* Prevent aws_sigv4 and other HTTP auth from being enabled together */
+    if (ctx->has_aws_auth == FLB_TRUE &&
+        (ctx->http_user  != NULL ||
+         ctx->http_api_key != NULL ||
+         ctx->cloud_auth  != NULL)) {
+        flb_plg_error(ins,
+            "invalid configuration: aws_auth cannot be used with http_user/http_passwd, http_api_key or cloud_auth");
+        flb_es_conf_destroy(ctx);
+        return -1;
     }
+
     flb_plg_debug(ctx->ins, "host=%s port=%i uri=%s index=%s type=%s",
                   ins->host.name, ins->host.port, ctx->uri,
♻️ Duplicate comments (1)
tests/runtime/out_elasticsearch.c (1)

10-25: This test doesn’t validate the Authorization header (duplicate of prior feedback)

It only asserts the value of the api_key passed in via out_callback_data, which doesn’t prove the header was constructed or added. Consider exposing a small helper in the plugin to apply auth headers to a dummy HTTP client, then assert the presence/value of Authorization by iterating c->headers in a response-test path.

If you want, I can sketch a small static helper (e.g., es_apply_auth_headers(ctx, c)) and a response test that inspects the dummy client’s headers.

🧹 Nitpick comments (5)
plugins/out_es/es_conf.c (1)

146-147: Remove unused local variable ‘http_api_key’ (triggers CI warnings)

The local variable is never used and causes compiler warnings. The config_map already populates ctx->http_api_key, so this local isn’t needed.

Apply this diff to remove it:

-    char *http_api_key = NULL;
tests/runtime/out_elasticsearch.c (2)

15-18: Remove unused variable ‘expected_header’ to avoid warnings

The local expected_header is computed but never used.

Apply this diff:

-    char expected_header[256];
-
-    snprintf(expected_header, sizeof(expected_header), "ApiKey %s", api_key);

743-786: Optional: Switch to an HTTP test that can inspect headers

Formatter tests can’t observe HTTP headers. If you factor auth header creation into a helper callable from an HTTP test, you can then use flb_output_set_http_test(..., "response", ...) and assert the Authorization header value before/after flb_http_do.

I can provide a patch to factor the header creation and a sample header-inspecting test if desired.

plugins/out_es/es.c (2)

827-829: Avoid unused variable and initialize header SDS

Only one SDS is needed. Initialize it to NULL to simplify error handling.

Apply this diff:

-    flb_sds_t header_buffer;
-    flb_sds_t header_line;
+    flb_sds_t header_line = NULL;

1130-1134: Clarify http_api_key description (base64 expectation)

Elasticsearch expects the API key credential in the Authorization header as “ApiKey <base64(id:key)>”. The description should tell users to supply the base64-encoded value.

Apply this diff:

-    "API key for Elasticsearch"
+    "Base64-encoded API key credential for Elasticsearch (used as 'Authorization: ApiKey <value>')"
📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between fb0b394 and 69caba0.

📒 Files selected for processing (4)
  • plugins/out_es/es.c (4 hunks)
  • plugins/out_es/es.h (1 hunks)
  • plugins/out_es/es_conf.c (1 hunks)
  • tests/runtime/out_elasticsearch.c (3 hunks)
🧰 Additional context used
🧬 Code Graph Analysis (2)
tests/runtime/out_elasticsearch.c (2)
include/fluent-bit/flb_mem.h (1)
  • flb_free (126-128)
src/flb_lib.c (11)
  • flb_create (138-220)
  • flb_service_set (647-673)
  • flb_input (261-271)
  • flb_input_set (300-330)
  • flb_output (274-284)
  • flb_output_set (515-546)
  • flb_output_set_test (579-610)
  • flb_start (914-925)
  • flb_lib_push (774-801)
  • flb_stop (942-985)
  • flb_destroy (223-258)
plugins/out_es/es.c (2)
src/flb_sds.c (3)
  • flb_sds_create_size (92-95)
  • flb_sds_printf (336-387)
  • flb_sds_destroy (389-399)
src/flb_http_client.c (1)
  • flb_http_add_header (949-981)
🪛 GitHub Actions: Pull requests compile checks
plugins/out_es/es_conf.c

[warning] 146-146: Unused variable 'http_api_key' in es_conf_create.

plugins/out_es/es.c

[error] 910-910: Compilation error: 'goto error' references an undefined label 'error' at es.c:910 while building flb-plugin-out_es.

🪛 GitHub Actions: Run unit tests
plugins/out_es/es_conf.c

[warning] 146-146: plugins/out_es/es_conf.c:146:11: warning: ‘http_api_key’ may be used uninitialized in this function [-Wunused-variable]

plugins/out_es/es.c

[error] 910-910: es.c:910:17: error: label 'error' used but not defined

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)
  • GitHub Check: pr-windows-build / call-build-windows-package (Windows 32bit, x86, x86-windows-static, 3.31.6)
  • GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit (Arm64), amd64_arm64, -DCMAKE_SYSTEM_NAME=Windows -DCMA...
  • GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit, x64, x64-windows-static, 3.31.6)
  • GitHub Check: PR - fuzzing test
🔇 Additional comments (3)
plugins/out_es/es.h (1)

54-58: Add http_api_key field: looks correct and well placed

The new field is in the right section (HTTP Auth) and typed consistently with the other credentials.

tests/runtime/out_elasticsearch.c (1)

1078-1078: Registering the http_api_key test

Registration is fine; once the test validates headers (per above), this entry can remain unchanged.

plugins/out_es/es.c (1)

32-34: Includes for flb_log.h and flb_sds.h are appropriate

Both headers are required for logging and SDS usage in the new auth path.

Allow for using an API key as an authentication type to elastic.

Signed-off-by: Todd Kennedy <[email protected]>
@tkennedy1-godaddy
Copy link
Contributor Author

The architecture of the es plugin itself and how the http client is handled makes it extremely hard to validate the header in the way that the AI is requesting, without creating a lot of extra code.

If this is something that we really want here, I'm happy to attempt it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants