You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "William S Cochran (JIRA)" <ji...@apache.org> on 2016/10/18 21:19:58 UTC

[jira] [Updated] (NIFI-2916) processor specific kerberos credentials for publishKafka and consumeKafka

     [ https://issues.apache.org/jira/browse/NIFI-2916?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

William S Cochran updated NIFI-2916:
------------------------------------
    Description: 
Please add the capability and or documentation to configure processor specific kerberos credentials for publishKafka and consumeKafka. 

Currently the only method for Kerberos authentication appears to be via java.arg options in bootstrap.conf:
java.arg.15=-Djava.security.krb5.conf=/etc/krb5.conf
java.arg.16=-Djava.security.auth.login.config=./conf/kafka.client.jaas.conf

This means all nifi kafka processors currently must share the same global credential.


  was:
As NiFi continue to increase its abilities to complement SIEM, Splunk and ELK deployments, a number of users will be looking to parse CEF formatted logs[1][2].

CEF is a format specified by Arcsight (now part of HPE) and is described in detail in here:

https://www.protect724.hpe.com/docs/DOC-1072

[1] http://apache-nifi.1125220.n5.nabble.com/Suggestion-of-processors-td9795.html
[2] https://community.hortonworks.com/questions/43185/which-processor-is-used-to-parse-cef-format-logs.html


> processor specific kerberos credentials for publishKafka and consumeKafka
> -------------------------------------------------------------------------
>
>                 Key: NIFI-2916
>                 URL: https://issues.apache.org/jira/browse/NIFI-2916
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: William S Cochran
>            Assignee: Andre
>             Fix For: 1.1.0
>
>
> Please add the capability and or documentation to configure processor specific kerberos credentials for publishKafka and consumeKafka. 
> Currently the only method for Kerberos authentication appears to be via java.arg options in bootstrap.conf:
> java.arg.15=-Djava.security.krb5.conf=/etc/krb5.conf
> java.arg.16=-Djava.security.auth.login.config=./conf/kafka.client.jaas.conf
> This means all nifi kafka processors currently must share the same global credential.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)