Logstash 7.10.0 offers new architecture-specific download and installation options that include a bundled Java Development Kit (JDK). AdoptOpenJDK 11, the latest long term support (LTS) release, is the bundled version. Before Logstash included the JDK, users had to install a JDK before they could install Logstash. Logstash with AdoptOpenJDK 11 makes installation and setup easier, especially for first time users.
- If you have JAVA_HOME set to use a custom JDK, Logstash will continue to use the JDK version you have specified.
- If you are using the system’s JDK (from Ubuntu/Debian/CentOS archives, for example) and have not set JAVA_HOME, Logstash will default to the bundled version of Java after you upgrade. Set JAVA_HOME to use your system’s JDK if that is the version you prefer.
As we continue to add opt-in ECS compatibility modes in Logstash plugins,
Release 7.10.0 introduces a new pipeline-level setting in
setting allows users to control the ECS compatibility of all plugins in a
pipeline at once instead of configuring each instance manually. While ECS
compatibility in these plugins is off-by-default in Logstash 7.x, we plan to
make them on-by-default in Logstash 8.0. This setting allows users to lock in a
specific behavior in advance of their next major version upgrade.
- This release adds RedHat Universal Base Images (UBIs). We have updated license information and added fixes that enable images to pass RedHat docker image certification. #12248, #12296.
- We have given users more security options by exposing proxy and ssl verification modes for management and monitoring of a Docker image. #12201, #12151, #12205
Java pipeline execution and management
- We have addressed an issue with the aggregate filter in the Java execution. The issue prevented events from being generated (when the amount of time for an aggregation event timed out), preventing a pipeline from effectively summing events. #12204
We have made pipelines more stable by calling
closeon input plugins when a pipeline is terminated or reloaded. #12195
Keystore thread safety. After a recent performance improvement, Logstash could fail to start reliably in certain configurations involving parameter expansion and multiple pipelines. Access to the shared keystore has since been made thread-safe and is no longer a source of errors. #12233
Dead letter queue (DLQ). We changed the DLQ writer policy to avoid the possibility of the DLQ reader processing an incomplete DLQ segment. Logstash now writes to a temporary file that is renamed upon completion. #12304
Persistent queues (PQ). We have addressed PQ issues in which exceptions were impacting pipeline execution and causing Logstash to crash or to fail to reload. #12019
Updates to dependencies
- Update jruby to 22.214.171.124
- Pinned open-ssl version to 0.10.4 to avoid "Gem not found" error with jruby-openssl-0.10.5 #12300
Elasticsearch Input - 4.8.1
Kafka Integration - 10.5.1
- [DOC]Replaced plugin_header file with plugin_header-integration file #46
- [DOC]Update kafka client version across kafka integration docs #47
- [DOC]Replace hard-coded kafka client and doc path version numbers with attributes to simplify doc maintenance #48
- Changed: retry sending messages only for retriable exceptions #27
- [DOC] Fixed formatting issues and made minor content edits #43
Aws Mixin - 4.4.1
Elasticsearch Output - 10.7.0
- Changed: don’t set the pipeline parameter if the value resolves to an empty string #962
Intro to Kibana
ELK for Logs & Metrics