Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
github.com/cookieshake/benthos
Benthos is a high performance and resilient message streaming service, able to connect various sources and sinks and perform arbitrary actions, transformations and filters on payloads. It is easy to deploy and monitor, and ready to drop into your pipeline either as a static binary or a docker image. It can also be used as a framework for building your own resilient stream processors in Go.
A Benthos stream consists of four layers: inputs, optional
buffer, processor workers and outputs.
Inputs and outputs can be combined in a range of broker patterns. It is possible
to run multiple isolated streams within a single Benthos instance using
--streams
mode, and perform CRUD operations on the running
streams via REST endpoints.
Benthos is crash resilient by default. When connecting to at-least-once sources and sinks without a buffer it guarantees at-least-once delivery without needing to persist messages during transit.
When running a Benthos stream with a buffer there are various options for choosing a level of resiliency that meets your needs.
There are specialised distributions of Benthos for serverless deployment.
Documentation for Benthos components, concepts and recommendations can be found on the documentation site, or within the repo at the docs directory.
For guidance on how to configure more advanced stream processing concepts such as stream joins, enrichment workflows, etc, check out the cookbooks section.
For guidance on building your own custom plugins check out this example repo.
benthos -c ./config.yaml
Or, with docker:
# Send HTTP /POST data to Kafka:
docker run --rm \
-e "INPUT_TYPE=http_server" \
-e "OUTPUT_TYPE=kafka" \
-e "OUTPUT_KAFKA_ADDRESSES=kafka-server:9092" \
-e "OUTPUT_KAFKA_TOPIC=benthos_topic" \
-p 4195:4195 \
jeffail/benthos
# Using your own config file:
docker run --rm -v /path/to/your/config.yaml:/benthos.yaml jeffail/benthos
Benthos serves two HTTP endpoints for health checks:
/ping
can be used as a liveness probe as it always returns a 200./ready
can be used as a readiness probe as it serves a 200 only when both
the input and output are connected, otherwise a 503 is returned.Benthos exposes lots of metrics either to Statsd, Prometheus or for debugging purposes an HTTP endpoint that returns a JSON formatted object. The target can be specified via config.
Benthos also emits opentracing events to a tracer of your choice (currently only Jaeger is supported) which can be used to visualise the processors within a pipeline.
The configuration file for a Benthos stream is made up of four main sections; input, buffer, pipeline, output. If we were to pipe stdin directly to Kafka it would look like this:
input:
type: stdin
buffer:
type: none
pipeline:
threads: 1
processors: []
output:
type: kafka
kafka:
addresses:
- localhost:9092
topic: benthos_stream
There are also sections for setting logging, metrics and HTTP server options.
Benthos provides lots of tools for making configuration discovery, debugging and organisation easy. You can read about them here.
You can also find runnable example configs demonstrating each input, output, buffer and processor option here.
It is possible to select fields inside a configuration file to be set via environment variables. The docker image, for example, is built with a config file where all common fields can be set this way.
Grab a binary for your OS from here.
Or pull the docker image:
docker pull jeffail/benthos
Build with Go (1.11 or later):
git clone git@github.com:Jeffail/benthos
cd benthos
make
It's pretty easy to write your own custom plugins for Benthos, take a look at this repo for examples and build instructions.
There's a multi-stage Dockerfile
for creating a Benthos docker image which
results in a minimal image from scratch. You can build it with:
make docker
Then use the image:
docker run --rm \
-v /path/to/your/benthos.yaml:/config.yaml \
-v /tmp/data:/data \
-p 4195:4195 \
benthos -c /config.yaml
There are a few examples here that show you some ways of
setting up Benthos containers using docker-compose
.
Benthos supports ZMQ4 for both data input and output. To add this you need to install libzmq4 and use the compile time flag when building Benthos:
make TAGS=ZMQ4
Or to build a docker image using CGO, which includes ZMQ:
make docker-cgo
Contributions are welcome, please read the guidelines.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.