Logstash 7.9.1 Release Notes


Logstash 7.9.1 Release Notesedit

Notable issues fixededit

Fixes in Docker image configuration of Monitoring and Central Managementedit

As more and more users adopt our docker images, we’ve been getting reports on gaps where these images don’t provide all the configuration knobs the other artifacts do. This release exposes more environment variables for configuring proxy support and certificate verification mode for monitoring and central management (#12151, #12201), and for configuring verification_mode #12162.

Pipeline execution fixes to flushing and shutdownedit

Since 7.2.0, a change caused terminating pipelines to not request input plugins to cleanup before shutdown, which could cause leaks in resources that weren’t freed during pipeline reloads. You can find more information on the fix here: #12195

Logstash supports ordered execution for pipelines with a single worker. A bug was found in this mode where the flushing mechanism wasn’t working, preventing plugins like the aggregate filter from working correctly. This has been fixed, and you can read the details here: #12204

Consistent Fingerprintingedit

Our fingerprint filter is a popular solution to perform deduplication of data in downstream systems like Elasticsearch, by computing a hash value based on data from each event. Users reported that this filter could produced different values for events containing the same data since it didn’t ensure the order in which Hash Maps/Objects/Ruby Hashes processed their key/value pairs. This has now been fixed, and you can read more about how it was solved and all the tests we’ve done here: #55

Updated JRuby to

The new JRuby release brings greater stability to its code optimizations in multithreaded workloads and a fix to exception handling in Windows environments, both issues that could affect our users. See the JRuby release notes for more information.


Avro Codec - 3.2.4

  • [DOC] Add clarifications on partial deserialization #35

Fingerprint Filter - 3.2.2

  • Fixed lack of consistent fingerprints on Hash/Map objects #55

Kv Filter - 4.4.1

  • Fixed issue where a field_split_pattern containing a literal backslash failed to match correctly #87

Elasticsearch Input - 4.7.1

  • [DOC] Updated sliced scroll link to resolve to correct location after doc structure change #135
  • [DOC] Added usage example of docinfo metadata #98

Http_poller Input - 5.0.2

  • [DOC] Expanded url option to include Manticore keys #119

Snmp Input - 1.2.5

  • Updated snmp4j library to v2.8.4 #86
  • Fixed: support SNMPv3 multiple identical security name with different credentials #84
  • Fixed: multithreading problem when using multiple snmp inputs with multiple v3 credentials #80

Syslog Input - 3.4.4

  • Refactor: avoid global side-effect + cleanup #62
  • avoid setting BasicSocket.do_not_reverse_lookup as it has side effects for others

Jdbc Integration - 5.0.6

  • [DOC] Replaced plugin_header file with plugin_header-integration file. #40

Rabbitmq Integration - 7.1.1

  • [DOC] Replaced plugin_header file with plugin_header-integration file. #34

Elasticsearch Output - 10.6.2

  • [DOC] Added clarifying info on http compression settings and behaviors #943
  • [DOC] Fixed entry for ilm_policy default value #956