New

The executive guide to generative AI

Read more
About usPartnersSupport|Login
Loading

Logstash release notes

Review the changes, fixes, and more in each version of Logstash.

To check for security updates, go to Security announcements for the Elastic stack.

  • Logging improvement while handling exceptions in the pipeline, ensuring that chained exceptions propagate enough information to be actionable. #17935

No change to the plugins in this release.

No user-facing changes in Logstash core.

No change to the plugins in this release.

No user-facing changes in Logstash core.

Elastic_integration Filter - 9.1.1

  • Add terminate processor support #345

Translate Filter - 3.4.3

  • Allow YamlFile's Psych::Parser and Visitor instances to be garbage collected #104

Xml Filter - 4.3.2

  • Update Nokogiri dependency version #89

Azure_event_hubs Input - 1.5.2

  • Updated JWT dependency #101

Snmp Integration - 4.0.7

  • FIX: The snmptrap input now correctly enforces the user security level set by security_level config, and drops received events that do not match the configured value #75

Elasticsearch Output - 12.0.6

  • Add headers reporting uncompressed size and doc count for bulk requests #1217
  • Significantly improves write speeds to the persistent queue (PQ) when a pipeline's workers are caught up with already-written events #17791
  • Eliminated log warning about unknown gauge metric type when using pipeline-to-pipeline. #17721
  • Improve plugins remove command to support multiple plugins #17030
  • Deprecated the persistent queue setting queue.checkpoint.interval#17759, which was found to have no effect. This will be removed in a future Logstash release.
  • Logstash now ships with JRuby 9.4.13.0 to leveragle latest features and improvements in the 9.4 series #17696
  • Enhanced keystore validation to prevent the creation of secrets in an invalid format #17351
  • Support for using ES|QL queries in the Elasticsearch input to add improved flexibility when ingesting data from Elasticsearch is now in Technical Preview.
  • Logstash OSS and Full docker images are now based on Ubuntu 24.04.

The Elasticsearch Input now provides support for field value tracking, persisted to disk on each search_after page. This is useful to track new data being written to an index or series of indices.

  • Update JDK to 21.0.7+6 #17591

Elastic Integration Filter - 9.1.0

  • Introduces proxy param to support proxy #316
  • Embeds Ingest Node components from Elasticsearch 9.1

Elasticsearch Filter - 4.2.0

  • Add target configuration option to store the result into it #196

Elasticsearch Input - 5.2.0

  • Add "cursor"-like index tracking #205
  • ES|QL support #233

Elasticsearch Output - 12.0.5

  • Docs: update Cloud terminology #1212
  • Change connection log entry from WARN to INFO when connecting during register phase #1211

JDBC Integration - 5.6.0

  • Support other rufus scheduling options in JDBC Input #183

JMS Input - 3.3.0

  • Added support for decoding multiple events from text or binary messages when using a codec that produces multiple events #56

Kafka Integration - 11.6.3

  • Update kafka client to 3.9.1 #193
  • Docs: fixed setting type reference for sasl_iam_jar_paths #192
  • Expose the SASL client callback class setting to the Logstash configuration #177
  • Adds a mechanism to load AWS IAM authentication as SASL client libraries at startup #178

Xml Filter - 4.3.1

  • Update Nokogiri dependency version #88

Tcp Output - 7.0.1

  • Call connection check after connect #61

No user-facing changes in Logstash core.

Elastic_integration Filter - 9.0.2

  • Adds support for missing terminate processor #345

Translate Filter - 3.4.3

  • FIX: Reduces memory consumption when configured with a YAML dictionary file by allowing YamlFile's Psych::Parser and Visitor instances to be garbage collected #104

Xml Filter - 4.3.2

  • Update Nokogiri dependency version #89

Azure_event_hubs Input - 1.5.2

  • Updated JWT dependency #101

Snmp Integration - 4.0.7

  • FIX: The snmptrap input now correctly enforces the user security level set by security_level config, and drops received events that do not match the configured value #75

Elasticsearch Output - 12.0.6

  • Add headers reporting uncompressed size and doc count for bulk requests #1217
  • [DOC] Fix link to Logstash DLQ docs #1214
  • Significantly improves write speeds to the persistent queue (PQ) when a pipeline's workers are caught up with already-written events #17791
  • Eliminated log warning about unknown gauge metric type when using pipeline-to-pipeline. #17721

Elastic_integration Filter - 9.0.1

  • Introduces proxy config to support proxy URI to connect to Elasticsearch. #320

Elasticsearch Output - 12.0.4

  • Docs: update Cloud terminology #1212

No user-facing changes in Logstash core.

Kafka Integration - 11.6.3

  • Update kafka client to 3.9.1 #193

No user-facing changes in Logstash core.

Kafka Integration - 11.6.2

  • Docs: fixed setting type reference for sasl_iam_jar_paths #192
  • Expose the SASL client callback class setting to the Logstash configuration #177
  • Adds a mechanism to load AWS IAM authentication as SASL client libraries at startup #178
Important

The 9.0.1 release contains fixes for potential security vulnerabilities. Check out the security advisory for details.

  • Enhanced keystore validation to prevent the creation of secrets in an invalid format #17351
  • Update JDK to 21.0.7+6 #17591

Xml Filter - 4.3.1

  • Update Nokogiri dependency version #88

Elasticsearch Output - 12.0.3

  • Change connection log entry from WARN to INFO when connecting during register phase #1211

Tcp Output - 7.0.1

  • Call connection check after connect #61
  • Use UBI9 as base image #17174
  • Improve plugins remove command to support multiple plugins #17030
  • Allow concurrent Batch deserialization #17050
  • Fix pqcheck and pqrepair on Windows #17210
  • Fix empty node stats pipelines #17185

elastic_integration Filter - 9.0.0

  • 9.0 prerelease compatible plugin version #265

Elasticsearch Filter - 4.1.0

  • Remove deprecated SSL settings #183

Http Filter - 2.0.0

  • Remove deprecated SSL settings #54

Beats Input - 7.0.1

  • Remove deprecated SSL settings #508

Elastic_serverless_forwarder Input - 2.0.0

  • Remove deprecated SSL settings #11

  • Promote from technical preview to GA #10

Elasticsearch Input - 5.0.0

  • Remove deprecated SSL settings #213

Http Input - 4.1.0

  • Remove deprecated SSL settings #182

Http_poller Input - 6.0.0

  • Remove deprecated SSL settings #149

Tcp Input - 7.0.0

  • Remove deprecated SSL settings #228

Kafka Integration - 11.6.0

  • Support additional oauth and sasl configuration options for configuring kafka client #189

Snmp Integration - 4.0.6

  • [DOC] Fix typo in snmptrap migration section #74

Elasticsearch Output - 12.0.2

  • Remove deprecated SSL settings #1197

Http Output - 6.0.0

  • Remove deprecated SSL settings #147

Tcp Output - 7.0.0

  • Remove deprecated SSL settings #58