22 January 2018

Logstash Lines: Update for January 22, 2018

By Andrew Cholakian

A lot has been going on since our last update! We're glad to bring a number of new features.

X-Pack Pipeline Viewer gets a basic detail drawer (Unreleased)

This is not yet in the currently released version of X-Pack, but we're hoping to launch this soon. Users will be able to click on vertices in the Pipeline Viewer to open a detail drawer. 

The drawer shows (for now) basic details about the vertex. In the future the drawer will show timeseries charts in place of scalar metrics as well as custom metrics for certain plugins (e.g. grok and elasticsearch).

ss1.png

ss2.png 

A Variety of Improvements to Core Internals

A variety improvements have been made to core pipeline/queue/execution code. We've had a number of PRs to improve the code quality and java-ify the core execution logic in Logstash. We've also found some performance improvements in the process.  I'd link to the PRs, but there's really just too many. We've made amazing progress on this front. Thanks once again for this effort!

The Secret Store will Most Likely Land in 6.2.0

We've successfully landed the Secret store in the branch targeting 6.2.0. This feature lets users store secrets on disk in an encrypted format. [PR] . Docs to come soon.Logstash on Windows Handles Paths with Spaces

For a while now Logstash hasn't worked correctly on Windows boxes when inside of a folder containing spaces. This PR fixes that. [PR] 

The Elasticsearch Input Now Executes Query on a Schedule

This has been a long asked for feature. Up till now the ES input could only be used to do a one-time import of data in an ES index. With the new scheduled execution feature it can run on a schedule, periodically pulling in new data. [PR]

Plugin Releases in the past week:

logstash-output-http v5.2.0: Added json_batch format. Sends multiple events in a single request. #78

logstash-input-elasticsearch v4.2.0: Add support for scheduling periodic execution of the query #81

logstash-input-gelf v3.1.0: Add support for listening on TCP socket (before only UDP was available) #59

logstash-codec-multiline v3.0.9: Fixed concurrency issue causing random failures when multiline codec was used together with a multi-threaded input plugin #60

logstash-output-email v4.1.0: 

Add bcc suport #55 *community contributed by @jstoja*

Add mustache templating:#51 *community contributed by @jstoja*