Hi Experts,
Does authentication for Kafka supports SASL/Plain?
I've been told it only supports SASL/SCRAM SHA-512. I am not able to find any settings with respect to the authentication mechanism.
https://github.com/chronicle/cli/blob/main/forwarders/constants/schema.py#L108-L115
Can someone confirm whether we can control PLAIN, SCRAM or other authentication mechanism for the kafka forder?
Thanks in advance!
Hi @kennethheung. I'm personally unsure about whether the forwarder itself can negotiate SASL/Plain but in terms of architecture I just wanted to send over some docs from the Bindplane side of things as an alternative.
From the best that I can gather, Bindplane does support both SASL/Plain and SASL/SCRAM so just in case the Forwarder only supports one I wanted to send this over.
https://bindplane.com/docs/resources/destinations/kafka
The Kafka collector on the Chronicle forwarder defaults to SASL/SCRAM-SHA512, but there is a config option that hasn't made it into the documentation yet that will allow you to force SASL/Plain. If you add :
use_plain_mechanism: trueto your kafka collector it will switch the auth mechanism.
The Kafka collector on the Chronicle forwarder defaults to SASL/SCRAM-SHA512, but there is a config option that hasn't made it into the documentation yet that will allow you to force SASL/Plain. If you add :
use_plain_mechanism: trueto your kafka collector it will switch the auth mechanism.
I tried setting use_plain_mechanism: true, but I am still encountering the 'SASL handshake failed' error, even though the credentials work during testing. Does it use SASL_SSL by default, or do we need to specify it explicitly as well?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.