Around a month ago we released the first Alpha version of the next major release for the Elastic Stack. Today we’re proceeding according to the plan and announce the 5.0.0-alpha2 release. It includes bug fixes and new features for the data collectors you know and love: Filebeat, Packetbeat, Topbeat, and Winlogbeat.
Improved Redis output
The Beats had a Redis output from the earliest days, but we neglected it for a while as we thought we will remove it to focus on the Logstash and Elasticsearch outputs. By popular demand we reverted that decision and, after introducing the new Kafka output in alpha1, we have now completely reworked the Redis output for alpha2.
It now supports the guaranteed mode needed by Filebeat and Winlogbeat, meaning that events won’t be lost in case of network unavailability. It also supports authentication, SOCKS5 proxies, and even encryption. Redis itself doesn’t natively support encryption, but you can make use of stunnel to secure the communication between the Beats and Redis.
Kibana dashboards per Beat
Our sample Kibana dashboards proved to be quite popular, so we worked on improving the experience around them. Part of this effort was to split them per Beat, so they are easier for us to maintain and more convenient for you to use. This means, for example, that if you only use Topbeat, you can load only the Topbeat dashboard along with all the required saved visualizations and searches.
And since the dashboards are now per Beat, we include them in the downloadable packages, so they are there when you need them.
New directory layout
We also reorganized a bit where each Beat looks for and creates its files. This makes it easier to upgrade the Beats that store state and it makes it easier for us to create and maintain features like automatic template loading in a cross-platform way. The new directory layout will be familiar to you if you know how the Elasticsearch paths are organized.
Another notable change is that the Beats now log by default to rotating files instead of syslog. This makes the experience more consistent across the various platforms that we support.
Bug fixes since Alpha1
The change log also contains a few fixes for issues discovered since the 5.0.0-alpha1 release. These include bugs related to JSON decoding, to the automatic template loading logic, and to using multiple outputs.
Become a Pioneer
A big Thank You to everyone that has tried the alpha1 release and has posted issues or provided feedback. We’d like to also remind you that if you post a valid non-duplicate bug report during the alpha/beta period against any of the Elastic stack projects, you are entitled to a special gift package.