[
https://issues.apache.org/jira/browse/FLUME-2273?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13987477#comment-13987477
]
Paul Merry commented on FLUME-2273:
-----------------------------------
Can you elaborate on a possible attack example and how any activity in Flume is
causing an issue over that of Elasticsearch itself?
I don't understand how this exposes anything other than potential underlying
Elasticsearch security concerns.
There is validation on the index names themselves, we have seen attempts to
create indexes with Uppercase characters being rejected for example.
> ElasticSearchSink: Add handling for header substitution in indexName
> --------------------------------------------------------------------
>
> Key: FLUME-2273
> URL: https://issues.apache.org/jira/browse/FLUME-2273
> Project: Flume
> Issue Type: Improvement
> Components: Sinks+Sources
> Affects Versions: v1.4.0
> Reporter: Paul Merry
> Priority: Minor
> Attachments: FLUME-2273.patch, new_FLUME-2273-2.patch,
> new_FLUME-2273-5.patch, new_FLUME-2273.patch
>
>
> The ElasticSearchSink would be improved by allowing for header substitution
> in the indexName property.
> A use case is where the sink is an intermediate part of a chain and the index
> name is required to identify the message origin, at present it can only be a
> hardcoded value.
> The HDFS sink already supports header substitution so a similar format would
> maintain consistency.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
