Logstash 5.4.2 Release Notesedit

  • We now handle connection refused errors when installing a plugin (Issue 6529).
  • Fixed an issue where environment variables specified in the Elasticsearch Output host configuration weren’t resolved correctly (Issue 6696).
  • Fixed a concurrency issue in the persistent queues feature (Issue 7382).

Input Pluginsedit

HTTP Poller:

  • Added a top-level user/password config option that apply to all URLs by default.
  • Added support for eager authorization. The Logstash client will now send credentials in its first request rather than waiting for a 401 challenge.

Output Pluginsedit


  • Fixed an error where a 429 response code would cause this output to crash.
  • This output now waits for all inflight requests to complete before stopping.

Filter Pluginsedit


  • Added support for commercial databases from Maxmind.
  • Added ASN data support via the GeoIP2-ISP database.

User Agent:

  • Improved performance by 2.5x by moving core parser logic from Ruby to Java.


  • Fixed an issue where having subdirectories in a pattern folder caused Logstash to crash.