New features and enhancementsedit
- Logstash is more efficient at fetching pipelines as of 8.3.0. When a Logstash instance sends its pipeline IDs to Elasticsearch or central pipeline management in Kibana, it gets back only the pipeline configs that belong to that instance. These enhancements required changes to both Logstash (#14076) and Elasticsearch (#85847).
These improvements dramatically decrease network load while also giving users the ability to control pipelines dynamically using wildcards.
- Dead Letter Queues can now be configured to drop older events instead of new ones when they’re full. The setting “dead_letter_queue.storage_policy” has been introduced for this purpose, and new metrics – such as a counter for dropped events – are now exposed in the API to better monitor the DLQ behavior. #13923 #14058
- To improve security of Logstash deployments, 8.3.0 brings a new setting “allow_superuser” that defaults to false. When enabled it prevents Logstash from starting as super user (“root”). This setting will be enabled by default in the future. Consider explicitly enabling it. Otherwise a deprecation log entry will be emitted. #14046 #14089
- Continuing with the focus on security, we’ve introduced “api.auth.basic.password_policy.mode” to ensure the password used to guard Logstash’s HTTP API has a minimum set of strength requirements. By default a warning will be emitted if the defined password doesn’t meet the criteria, but in a future release the mode will be set to “ERROR”. #14045 #14105 #14159
- Elasticsearch introduced “security on by default” back in 8.0.0, with TLS enabled by default in its HTTP and transport layers. To facilitate connecting to 8.x clusters, Elasticsearch displays the fingerprint of the Certificate Authority it generates on startup. This release of Logstash introduces support for setting “ca_trusted_fingerprint” in Elasticsearch input, filter and outputs plugins. #14120
- Technical Preview: Receiving events containing keys with characters that have special meaning to Logstash such as
[
and]
(for field references) has always causes issues to data ingestion. A new setting in Technical Preview, disabled by default, called “config.field_reference.escape_style” was introduced to handle such special characters by escaping them. #14044
Notable issues fixededit
- Don’t display values of password type settings in conditionals #13997
- Introduce a retry mechanism in pipeline-to-pipeline instead of crashing #14027
- Add thread safety around Puma startup/shutdown #14080
- Add value converters for java.time classes #13972
- Correct the class reference to the MetricNotFound exception #13970
- Fix a possible corruption of Persistent Queue during a crash of the Logstash process #14165
Updates to dependenciesedit
Plugin releasesedit
Avro Codec – 3.4.0
- Add
encoding
option to select the encoding of Avro payload, could bebinary
orbase64
#39
Elasticsearch Filter – 3.12.0
- Add support for
ca_trusted_fingerprint
when run on Logstash 8.3+ #158
Fingerprint Filter – 3.4.0
- Add support for 128bit murmur variant #66.
Azure_event_hubs Input – 1.4.4
- Fix: Replace use of block with lambda to fix wrong number of arguments error on jruby-9.3.4.0 #75
Beats Input – 6.4.0
- Feat: review and deprecate ssl protocol/cipher settings #450
Elasticsearch Input – 4.14.0
Http Input – 3.6.0
- Feat: review and deprecate ssl protocol/cipher related settings #151
Jms Input – 3.2.2
- Fix: Remove usage of
java_kind_of?
to allow this plugin to be supported for versions of Logstash using jruby-9.3.x #54
S3 Input – 3.8.4
- Refactoring, reuse code to manage
additional_settings
from mixin-aws #237
Sqs Input – 3.3.2
- Fix an issue that prevented timely shutdown when subscribed to an inactive queue
- Refactoring: used logstash-mixin-aws to leverage shared code to manage
additional_settings
#64
Tcp Input – 6.3.0
- Feat: ssl_supported_protocols (TLSv1.3) + ssl_cipher_suites #198
Jdbc Integration – 5.3.0
Kafka Integration – 10.12.0
Aws Mixin – 5.1.0
- Add support for additional_settings configuration options used by S3 and SQS input plugins #53.
- Drop support for aws-sdk-v1
Elasticsearch Output – 11.6.0
S3 Output – 4.3.7
Tcp Output – 6.1.0
- Feat: add support for TLS v1.3 #47
- Fix: close server and client sockets on plugin close
转自 Logstash 8.3.0 Release Notes | Logstash Reference [8.3] | Elastic