Add API key validation in Datadog logs source · vectordotdev/vector#6809

(1 留言) (0 反應) (0 負責人)Rust (21,837 star) (2,126 fork)batch import

good first issuesource: datadog_agenttype: enhancement

描述

Following #6744 Vector is able to receive log from a Datadog agent.

The source could be improved by allowing api key filtering:

[sources.addUnit]
type = "datadog_logs"
address = "0.0.0.0.0:8080"
# New config param suggestion to support multiple api key
# the behaviour would be subject to the drop_on_invalid_api_key value
valid_api_keys = ["123456", "789abc" ]
# If this is true a log coming with a unknown API key would be dropped
# else the API key would just be ignored and not saved in the event
drop_on_invalid_api_key = true

This would allow to address two usecases :

Basic authentication (drop_on_invalid_api_key = true)
Prevent unknown API keys to be used (i.e. avoid leaking logs lines to a 3rd party org)

One could argue that we could also support API key blacklisting, it could be addressed later thought.

貢獻者指南

技術棧: rust
領域: backendobservability
議題類型: feature
難度: 3
預計時間: 1-2 days
活動狀態: stale
清晰度: clear
前置要求: Vector source architectureRust async programmingDatadog logs source from #6744
新手友善度: 55
研究方向: Start by reading the existing Datadog logs source implementation in `src/sources/datadog logs/`. Understand how the source currently handles incoming logs and where authentication could be added. Review similar authentication patterns in other Vector sources, such as the HTTP source. Implement the `valid api keys` and `drop on invalid api key` configuration options, ensuring proper validation and logging. Refer to the discussion in #6744 for context.