diff --git a/docs/plugins/filters/elastic_integration.asciidoc b/docs/plugins/filters/elastic_integration.asciidoc index 7864b56b9..458df2ef6 100644 --- a/docs/plugins/filters/elastic_integration.asciidoc +++ b/docs/plugins/filters/elastic_integration.asciidoc @@ -5,9 +5,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v0.1.17 -:release_date: 2024-12-07 -:changelog_url: https://github.com/elastic/logstash-filter-elastic_integration/blob/v0.1.17/CHANGELOG.md +:version: v8.17.0 +:release_date: 2025-01-08 +:changelog_url: https://github.com/elastic/logstash-filter-elastic_integration/blob/v8.17.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -48,7 +48,14 @@ NOTE: Some multi-pipeline configurations such as logstash-to-logstash over http( Events that _fail_ ingest pipeline processing will be tagged with `_ingest_pipeline_failure`, and their `[@metadata][_ingest_pipeline_failure]` will be populated with details as a key/value map. -IMPORTANT: This plugin requires minimum Java 17 and Logstash 8.7.0 versions. +[id="plugins-{type}s-{plugin}-requirements"] +===== Requirements and upgrade guidance + +- This plugin requires Java 17 minimum with {ls} `8.x` versions and Java 21 minimum with {ls} `9.x` versions. +- When you upgrade the {stack}, upgrade {ls} (or this plugin specifically) _before_ you upgrade {kib}. + (Note that this requirement is a departure from the typical {stack} https://www.elastic.co/guide/en/elastic-stack/current/installing-elastic-stack.html#install-order-elastic-stack[installation order].) ++ +The {es}-{ls}-{kib} installation order ensures the best experience with {agent}-managed pipelines, and embeds functionality from a version of {es} Ingest Node that is compatible with the plugin version (`major`.`minor`). [id="plugins-{type}s-{plugin}-es-tips"] ===== Using `filter-elastic_integration` with `output-elasticsearch` diff --git a/docs/plugins/filters/elasticsearch.asciidoc b/docs/plugins/filters/elasticsearch.asciidoc index 17dcc9314..0755be191 100644 --- a/docs/plugins/filters/elasticsearch.asciidoc +++ b/docs/plugins/filters/elasticsearch.asciidoc @@ -5,9 +5,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v3.16.2 -:release_date: 2024-12-09 -:changelog_url: https://github.com/logstash-plugins/logstash-filter-elasticsearch/blob/v3.16.2/CHANGELOG.md +:version: v4.0.0 +:release_date: 2025-01-10 +:changelog_url: https://github.com/logstash-plugins/logstash-filter-elasticsearch/blob/v4.0.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -111,7 +111,7 @@ Authentication to a secure Elasticsearch cluster is possible using _one_ of the * <> AND <> * <> * <> -* <> and/or <> +* <> and/or <> [id="plugins-{type}s-{plugin}-autz"] ==== Authorization @@ -122,7 +122,10 @@ The `monitoring` permission at cluster level is necessary to perform periodic co [id="plugins-{type}s-{plugin}-options"] ==== Elasticsearch Filter Configuration Options -This plugin supports the following configuration options plus the <> and the <> described later. +This plugin supports the following configuration options plus the <> described later. + +NOTE: As of version `4.0.0` of this plugin, a number of previously deprecated settings related to SSL have been removed. Please see the +<> for more details. [cols="<,<,<",options="header",] |======================================================================= @@ -145,7 +148,6 @@ This plugin supports the following configuration options plus the <> |<>|No | <> |<>|No | <> |<>|No -| <> |<>|__Deprecated__ | <> |<>|No | <> |list of <>|No | <> |list of <>|No @@ -520,57 +522,21 @@ Tags the event on failure to look up previous log event information. This can be Basic Auth - username -[id="plugins-{type}s-{plugin}-deprecated-options"] -==== Elasticsearch Filter Deprecated Configuration Options - -This plugin supports the following deprecated configurations. +[id="plugins-{type}s-{plugin}-obsolete-options"] +==== Elasticsearch Filter Obsolete Configuration Options -WARNING: Deprecated options are subject to removal in future releases. +WARNING: As of version `4.0.0` of this plugin, some configuration options have been replaced. +The plugin will fail to start if it contains any of these obsolete options. [cols="<,<,<",options="header",] |======================================================================= -|Setting|Input type|Replaced by -| <> |a valid filesystem path|<> -| <> |a valid filesystem path|<> -| <> |<>|<> +|Setting|Replaced by +| ca_file |<> +| keystore |<> +| keystore_password |<> +| ssl |<> |======================================================================= -[id="plugins-{type}s-{plugin}-ca_file"] -===== `ca_file` -deprecated[3.15.0, Replaced by <>] - -* Value type is <> -* There is no default value for this setting. - -SSL Certificate Authority file - -[id="plugins-{type}s-{plugin}-ssl"] -===== `ssl` -deprecated[3.15.0, Replaced by <>] - -* Value type is <> -* Default value is `false` - -SSL - -[id="plugins-{type}s-{plugin}-keystore"] -===== `keystore` -deprecated[3.15.0, Replaced by <>] - -* Value type is <> -* There is no default value for this setting. - -The keystore used to present a certificate to the server. It can be either .jks or .p12 - -[id="plugins-{type}s-{plugin}-keystore_password"] -===== `keystore_password` -deprecated[3.15.0, Replaced by <>] - -* Value type is <> -* There is no default value for this setting. - -Set the keystore password - [id="plugins-{type}s-{plugin}-common-options"] include::{include_path}/{type}.asciidoc[] diff --git a/docs/plugins/filters/http.asciidoc b/docs/plugins/filters/http.asciidoc index 65e2b6283..e12619423 100644 --- a/docs/plugins/filters/http.asciidoc +++ b/docs/plugins/filters/http.asciidoc @@ -5,9 +5,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v1.6.0 -:release_date: 2024-06-19 -:changelog_url: https://github.com/logstash-plugins/logstash-filter-http/blob/v1.6.0/CHANGELOG.md +:version: v2.0.0 +:release_date: 2024-12-18 +:changelog_url: https://github.com/logstash-plugins/logstash-filter-http/blob/v2.0.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -36,6 +36,9 @@ See <>, and <> described later. +NOTE: As of version `2.0.0` of this plugin, a number of previously deprecated settings related to SSL have been removed. +Please check out <> for details. + [cols="<,<,<",options="header",] |======================================================================= |Setting |Input type|Required @@ -56,16 +59,10 @@ There are also multiple configuration options related to the HTTP connectivity: |======================================================================= |Setting |Input type|Required | <> |<>|No -| <> |a valid filesystem path|__Deprecated__ -| <> |a valid filesystem path|__Deprecated__ -| <> |a valid filesystem path|__Deprecated__ | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No -| <> |a valid filesystem path|__Deprecated__ -| <> |<>|__Deprecated__ -| <> |<>|__Deprecated__ | <> |<>|No | <> |<>|No | <> |<>|No @@ -85,9 +82,6 @@ There are also multiple configuration options related to the HTTP connectivity: | <> |<>|No | <> |<>|No | <> |<>, one of `["full", "none"]`|No -| <> |a valid filesystem path|__Deprecated__ -| <> |<>|__Deprecated__ -| <> |<>|__Deprecated__ | <> |<>|no | <> |<>|No |======================================================================= @@ -206,33 +200,6 @@ How many times should the client retry a failing URL. We highly recommend NOT se to zero if keepalive is enabled. Some servers incorrectly end keepalives early requiring a retry! Note: if `retry_non_idempotent` is set only GET, HEAD, PUT, DELETE, OPTIONS, and TRACE requests will be retried. -[id="plugins-{type}s-{plugin}-cacert"] -===== `cacert` -deprecated[1.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -If you need to use a custom X.509 CA (.pem certs) specify the path to that here - -[id="plugins-{type}s-{plugin}-client_cert"] -===== `client_cert` -deprecated[1.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -If you'd like to use a client certificate (note, most people don't want this) set the path to the x509 cert here - -[id="plugins-{type}s-{plugin}-client_key"] -===== `client_key` -deprecated[1.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -If you're using a client certificate specify the path to the encryption key here - [id="plugins-{type}s-{plugin}-connect_timeout"] ===== `connect_timeout` @@ -267,33 +234,6 @@ Should redirects be followed? Defaults to `true` Turn this on to enable HTTP keepalive support. We highly recommend setting `automatic_retries` to at least one with this to fix interactions with broken keepalive implementations. -[id="plugins-{type}s-{plugin}-keystore"] -===== `keystore` -deprecated[1.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -If you need to use a custom keystore (`.jks`) specify that here. This does not work with .pem keys! - -[id="plugins-{type}s-{plugin}-keystore_password"] -===== `keystore_password` -deprecated[1.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -Specify the keystore password here. -Note, most .jks files created with keytool require a password! - -[id="plugins-{type}s-{plugin}-keystore_type"] -===== `keystore_type` -deprecated[1.5.0, Replaced by <>] - - * Value type is <> - * Default value is `"JKS"` - -Specify the keystore type here. One of `JKS` or `PKCS12`. Default is `JKS` [id="plugins-{type}s-{plugin}-password"] ===== `password` @@ -483,34 +423,6 @@ This mode disables many of the security benefits of SSL/TLS and should only be u It is primarily intended as a temporary diagnostic mechanism when attempting to resolve TLS errors. Using `none` in production environments is strongly discouraged. -[id="plugins-{type}s-{plugin}-truststore"] -===== `truststore` -deprecated[1.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -If you need to use a custom truststore (`.jks`) specify that here. This does not work with .pem certs! - -[id="plugins-{type}s-{plugin}-truststore_password"] -===== `truststore_password` -deprecated[1.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -Specify the truststore password here. -Note, most .jks files created with keytool require a password! - -[id="plugins-{type}s-{plugin}-truststore_type"] -===== `truststore_type` -deprecated[1.5.0, Replaced by <>] - - * Value type is <> - * Default value is `"JKS"` - -Specify the truststore type here. One of `JKS` or `PKCS12`. Default is `JKS` - [id="plugins-{type}s-{plugin}-user"] ===== `user` @@ -538,5 +450,26 @@ connection validation. This check helps detect connections that have become stale (half-closed) while kept inactive in the pool." + +[id="plugins-{type}s-{plugin}-obsolete-options"] +==== HTTP Filter Obsolete Configuration Options + +WARNING: As of version `2.0.0` of this plugin, some configuration options have been replaced. +The plugin will fail to start if it contains any of these obsolete options. + +[cols="<,<",options="header",] +|======================================================================= +|Setting|Replaced by +| cacert |<> +| client_cert |<> +| client_key |<> +| keystore |<> +| keystore_password |<> +| keystore_type |<> +| truststore |<> +| truststore_password |<> +| truststore_type |<> +|======================================================================= + [id="plugins-{type}s-{plugin}-common-options"] include::{include_path}/{type}.asciidoc[] diff --git a/docs/plugins/filters/jdbc_static.asciidoc b/docs/plugins/filters/jdbc_static.asciidoc index 8168afde3..c1ce739fb 100644 --- a/docs/plugins/filters/jdbc_static.asciidoc +++ b/docs/plugins/filters/jdbc_static.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v5.5.1 -:release_date: 2024-12-03 -:changelog_url: https://github.com/logstash-plugins/logstash-integration-jdbc/blob/v5.5.1/CHANGELOG.md +:version: v5.5.2 +:release_date: 2024-12-23 +:changelog_url: https://github.com/logstash-plugins/logstash-integration-jdbc/blob/v5.5.2/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! diff --git a/docs/plugins/filters/jdbc_streaming.asciidoc b/docs/plugins/filters/jdbc_streaming.asciidoc index 21ae5ffee..1031a2adf 100644 --- a/docs/plugins/filters/jdbc_streaming.asciidoc +++ b/docs/plugins/filters/jdbc_streaming.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v5.5.1 -:release_date: 2024-12-03 -:changelog_url: https://github.com/logstash-plugins/logstash-integration-jdbc/blob/v5.5.1/CHANGELOG.md +:version: v5.5.2 +:release_date: 2024-12-23 +:changelog_url: https://github.com/logstash-plugins/logstash-integration-jdbc/blob/v5.5.2/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! diff --git a/docs/plugins/inputs/azure_event_hubs.asciidoc b/docs/plugins/inputs/azure_event_hubs.asciidoc index 0724bb8ce..7bcb0afe5 100644 --- a/docs/plugins/inputs/azure_event_hubs.asciidoc +++ b/docs/plugins/inputs/azure_event_hubs.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v1.5.0 -:release_date: 2024-10-25 -:changelog_url: https://github.com/logstash-plugins/logstash-input-azure_event_hubs/blob/v1.5.0/CHANGELOG.md +:version: v1.5.1 +:release_date: 2025-01-03 +:changelog_url: https://github.com/logstash-plugins/logstash-input-azure_event_hubs/blob/v1.5.1/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! diff --git a/docs/plugins/inputs/elastic_serverless_forwarder.asciidoc b/docs/plugins/inputs/elastic_serverless_forwarder.asciidoc index 1dde82e4c..5361d4465 100644 --- a/docs/plugins/inputs/elastic_serverless_forwarder.asciidoc +++ b/docs/plugins/inputs/elastic_serverless_forwarder.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v0.1.5 -:release_date: 2024-09-12 -:changelog_url: https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/blob/v0.1.5/CHANGELOG.md +:version: v2.0.0 +:release_date: 2024-12-23 +:changelog_url: https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/blob/v2.0.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -59,14 +59,6 @@ input { |======================================================================================================================= -.Technical Preview -**** -This {esf-name} input plugin is part of a _Technical Preview_, which means that both configuration options and implementation details are subject to change in minor releases without being preceded by deprecation warnings. - -Before upgrading this plugin or Logstash itself, please pay special attention to this plugin's https://github.com/logstash-plugins/logstash-input-elastic_serverless_forwarder/blob/main/CHANGELOG.md[CHANGELOG.md] to avoid being caught by surprise. -**** - - [id="plugins-{type}s-{plugin}-enrichment"] ==== Enrichment @@ -168,6 +160,9 @@ filter { This plugin supports the following configuration options plus the <> described later. +NOTE: As of version `2.0.0` of this plugin, a previously deprecated SSL setting has been removed. +Please check out <> for details. + [cols="<,<,<",options="header",] |======================================================================= |Setting |Input type|Required @@ -175,7 +170,6 @@ This plugin supports the following configuration options plus the <> |<>|No | <> |<>|No | <> |<>|No -| <> |<>|__Deprecated__ | <> |a valid filesystem path|No | <> |<>|No | <> |<>, one of `["none", "optional", "required"]`|No @@ -227,17 +221,6 @@ The host or ip to bind The TCP port to bind to -[id="plugins-{type}s-{plugin}-ssl"] -===== `ssl` -deprecated[0.1.3, Replaced by <>] - -* Value type is <> -* Default value is `true` - -Events are by default sent over SSL, which requires configuring this plugin to present an identity certificate using <> and key using <>. - -You can disable SSL with `+ssl => false+`. - [id="plugins-{type}s-{plugin}-ssl_certificate"] ===== `ssl_certificate` @@ -364,6 +347,18 @@ When <> causes a client to p NOTE: Client identity is not typically validated using SSL because the receiving server only has access to the client's outbound-ip, which is not always constant and is frequently not represented in the certificate's subject or subjectAltNames extensions. For more information, see https://www.rfc-editor.org/rfc/rfc2818#section-3.1[RFC2818 § 3.2 (HTTP over TLS -- Client Identity)] +[id="plugins-{type}s-{plugin}-obsolete-options"] +==== Elasticsearch Output Obsolete Configuration Options + +WARNING: As of version `2.0.0` of this plugin, some configuration options have been replaced. +The plugin will fail to start if it contains any of these obsolete options. + +[cols="<,<",options="header",] +|======================================================================= +|Setting|Replaced by +| ssl | <> +|======================================================================= + [id="plugins-{type}s-{plugin}-common-options"] include::{include_path}/{type}.asciidoc[] diff --git a/docs/plugins/inputs/elasticsearch.asciidoc b/docs/plugins/inputs/elasticsearch.asciidoc index 19167302a..88495366c 100644 --- a/docs/plugins/inputs/elasticsearch.asciidoc +++ b/docs/plugins/inputs/elasticsearch.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v4.20.5 -:release_date: 2024-12-05 -:changelog_url: https://github.com/logstash-plugins/logstash-input-elasticsearch/blob/v4.20.5/CHANGELOG.md +:version: v5.0.0 +:release_date: 2024-12-18 +:changelog_url: https://github.com/logstash-plugins/logstash-input-elasticsearch/blob/v5.0.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -24,7 +24,7 @@ include::{include_path}/plugin_header.asciidoc[] Read from an Elasticsearch cluster, based on search query results. This is useful for replaying test logs, reindexing, etc. -You can periodically schedule ingestion using a cron syntax +You can periodically schedule ingestion using a cron syntax (see `schedule` setting) or run the query one time to load data into Logstash. @@ -97,7 +97,10 @@ TIP: Set the `target` option to avoid potential schema conflicts. [id="plugins-{type}s-{plugin}-options"] ==== Elasticsearch Input configuration options -This plugin supports the following configuration options plus the <> and the <> described later. +This plugin supports these configuration options plus the <> described later. + +NOTE: As of version `5.0.0` of this plugin, a number of previously deprecated settings related to SSL have been removed. +Please check out <> for details. [cols="<,<,<",options="header",] |======================================================================= @@ -107,6 +110,7 @@ This plugin supports the following configuration options plus the <> |<>|No | <> |<>|No | <> | <>|No +| <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No @@ -200,8 +204,18 @@ For more info, check out the The maximum amount of time, in seconds, to wait while establishing a connection to Elasticsearch. Connect timeouts tend to occur when Elasticsearch or an intermediate proxy is overloaded with requests and has exhausted its connection pool. +[id="plugins-{type}s-{plugin}-custom_headers"] +===== `custom_headers` + + * Value type is <> + * Default value is empty + +Pass a set of key value pairs as the headers sent in each request to an elasticsearch node. +The headers will be used for any kind of request. +These custom headers will override any headers previously set by the plugin such as the User Agent or Authorization headers. + [id="plugins-{type}s-{plugin}-docinfo"] -===== `docinfo` +===== `docinfo` * Value type is <> * Default value is `false` @@ -252,7 +266,7 @@ Example [id="plugins-{type}s-{plugin}-docinfo_fields"] -===== `docinfo_fields` +===== `docinfo_fields` * Value type is <> * Default value is `["_index", "_type", "_id"]` @@ -263,7 +277,7 @@ option lists the metadata fields to save in the current event. See more information. [id="plugins-{type}s-{plugin}-docinfo_target"] -===== `docinfo_target` +===== `docinfo_target` * Value type is <> * Default value depends on whether <> is enabled: @@ -287,7 +301,7 @@ this option names the field under which to store the metadata fields as subfield Controls this plugin's compatibility with the {ecs-ref}[Elastic Common Schema (ECS)]. [id="plugins-{type}s-{plugin}-hosts"] -===== `hosts` +===== `hosts` * Value type is <> * There is no default value for this setting. @@ -297,18 +311,18 @@ can be either IP, HOST, IP:port, or HOST:port. The port defaults to 9200. [id="plugins-{type}s-{plugin}-index"] -===== `index` +===== `index` * Value type is <> * Default value is `"logstash-*"` -The index or alias to search. +The index or alias to search. Check out {ref}/api-conventions.html#api-multi-index[Multi Indices documentation] in the Elasticsearch documentation for info on referencing multiple indices. [id="plugins-{type}s-{plugin}-password"] -===== `password` +===== `password` * Value type is <> * There is no default value for this setting. @@ -328,7 +342,7 @@ An empty string is treated as if proxy was not set, this is useful when using environment variables e.g. `proxy => '${LS_PROXY:}'`. [id="plugins-{type}s-{plugin}-query"] -===== `query` +===== `query` * Value type is <> * Default value is `'{ "sort": [ "_doc" ] }'` @@ -376,7 +390,7 @@ The default is 0 (no retry). This value should be equal to or greater than zero. NOTE: Partial failures - such as errors in a subset of all slices - can result in the entire query being retried, which can lead to duplication of data. Avoiding this would require Logstash to store the entire result set of a query in memory which is often not possible. [id="plugins-{type}s-{plugin}-schedule"] -===== `schedule` +===== `schedule` * Value type is <> * There is no default value for this setting. @@ -388,7 +402,7 @@ There is no schedule by default. If no schedule is given, then the statement is exactly once. [id="plugins-{type}s-{plugin}-scroll"] -===== `scroll` +===== `scroll` * Value type is <> * Default value is `"1m"` @@ -411,7 +425,7 @@ The query requires at least one `sort` field, as described in the <> * Default value is `1000` @@ -479,6 +493,8 @@ Enable SSL/TLS secured communication to Elasticsearch cluster. Leaving this unspecified will use whatever scheme is specified in the URLs listed in <> or extracted from the <>. If no explicit protocol is specified plain HTTP will be used. +When not explicitly set, SSL will be automatically enabled if any of the specified hosts use HTTPS. + [id="plugins-{type}s-{plugin}-ssl_key"] ===== `ssl_key` * Value type is <> @@ -599,7 +615,7 @@ It is also possible to target an entry in the event's metadata, which will be av [id="plugins-{type}s-{plugin}-user"] -===== `user` +===== `user` * Value type is <> * There is no default value for this setting. @@ -609,56 +625,21 @@ option when authenticating to the Elasticsearch server. If set to an empty string authentication will be disabled. -[id="plugins-{type}s-{plugin}-deprecated-options"] -==== Elasticsearch Input deprecated configuration options +[id="plugins-{type}s-{plugin}-obsolete-options"] +==== Elasticsearch Input Obsolete Configuration Options -This plugin supports the following deprecated configurations. +WARNING: As of version `5.0.0` of this plugin, some configuration options have been replaced. +The plugin will fail to start if it contains any of these obsolete options. -WARNING: Deprecated options are subject to removal in future releases. -[cols="<,<,<",options="header",] +[cols="<,<",options="header",] |======================================================================= -|Setting|Input type|Replaced by -| <> |a valid filesystem path|<> -| <> |<>|<> -| <> |<>|<> +|Setting|Replaced by +| ca_file | <> +| ssl | <> +| ssl_certificate_verification | <> |======================================================================= -[id="plugins-{type}s-{plugin}-ca_file"] -===== `ca_file` -deprecated[4.17.0, Replaced by <>] - -* Value type is <> -* There is no default value for this setting. - -SSL Certificate Authority file in PEM encoded format, must also include any chain certificates as necessary. - -[id="plugins-{type}s-{plugin}-ssl"] -===== `ssl` -deprecated[4.17.0, Replaced by <>] - -* Value type is <> -* Default value is `false` - -If enabled, SSL will be used when communicating with the Elasticsearch -server (i.e. HTTPS will be used instead of plain HTTP). - - -[id="plugins-{type}s-{plugin}-ssl_certificate_verification"] -===== `ssl_certificate_verification` -deprecated[4.17.0, Replaced by <>] - -* Value type is <> -* Default value is `true` - -Option to validate the server's certificate. Disabling this severely compromises security. -When certificate validation is disabled, this plugin implicitly trusts the machine -resolved at the given address without validating its proof-of-identity. -In this scenario, the plugin can transmit credentials to or process data from an untrustworthy -man-in-the-middle or other compromised infrastructure. -More information on the importance of certificate verification: -**https://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf**. - [id="plugins-{type}s-{plugin}-common-options"] include::{include_path}/{type}.asciidoc[] diff --git a/docs/plugins/inputs/http.asciidoc b/docs/plugins/inputs/http.asciidoc index 78a829f41..055e0142c 100644 --- a/docs/plugins/inputs/http.asciidoc +++ b/docs/plugins/inputs/http.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v3.9.2 -:release_date: 2024-11-18 -:changelog_url: https://github.com/logstash-plugins/logstash-input-http/blob/v3.9.2/CHANGELOG.md +:version: v4.1.0 +:release_date: 2024-12-19 +:changelog_url: https://github.com/logstash-plugins/logstash-input-http/blob/v4.1.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -88,21 +88,21 @@ for the request's content-type is found in the `additional_codecs` setting. This plugin supports the following configuration options plus the <> described later. +NOTE: As of version `4.0.0` of this plugin, a number of previously deprecated settings related to SSL have been removed. +Please check out <> for details. + + [cols="<,<,<",options="header",] |======================================================================= |Setting |Input type|Required | <> |<>|No -| <> |<>|__Deprecated__ | <> | <>|No | <> |<>|No -| <> |<>|__Deprecated__ -| <> |<>|__Deprecated__ | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>, one of `[200, 201, 202, 204]`|No -| <> |<>|__Deprecated__ | <> |a valid filesystem path|No | <> |<>|No | <> |<>|No @@ -118,12 +118,8 @@ This plugin supports the following configuration options plus the <> |<>|No | <> |<>|No | <> |<>|No -| <> |<>, one of `["none", "peer", "force_peer"]`|__Deprecated__ | <> |<>|No -| <> |<>|__Deprecated__ -| <> |<>|__Deprecated__ | <> |<>|No -| <> |<>, one of `["none", "peer", "force_peer"]`|__Deprecated__ |======================================================================= Also see <> for a list of options supported by all @@ -141,13 +137,6 @@ Apply specific codecs for specific content types. The default codec will be applied only after this list is checked and no codec for the request's content-type is found -[id="plugins-{type}s-{plugin}-cipher_suites"] -===== `cipher_suites` -deprecated[3.6.0, Replaced by <>] - - * Value type is <> - -The list of cipher suites to use, listed by priorities. [id="plugins-{type}s-{plugin}-ecs_compatibility"] ===== `ecs_compatibility` @@ -221,23 +210,6 @@ See <> for detailed information. The host or ip to bind -[id="plugins-{type}s-{plugin}-keystore"] -===== `keystore` -deprecated[3.7.0, Use <> instead] - - * Value type is <> - * There is no default value for this setting. - -The JKS keystore to validate the client's certificates - -[id="plugins-{type}s-{plugin}-keystore_password"] -===== `keystore_password` -deprecated[3.7.0, Use <> instead] - - * Value type is <> - * There is no default value for this setting. - -Set the keystore password [id="plugins-{type}s-{plugin}-password"] ===== `password` @@ -315,16 +287,6 @@ specify a target field for the client host of the http request specify target field for the client host of the http request -[id="plugins-{type}s-{plugin}-ssl"] -===== `ssl` -deprecated[3.7.0, Replaced by <>] - - * Value type is <> - * Default value is `false` - -Events are, by default, sent in plain text. You can -enable encryption by setting `ssl` to true and configuring -the `ssl_certificate` and `ssl_key` options. [id="plugins-{type}s-{plugin}-ssl_certificate"] ===== `ssl_certificate` @@ -474,22 +436,6 @@ NOTE: You cannot use this setting and <>] - - * Value can be any of: `none`, `peer`, `force_peer` - * Default value is `"none"` - -By default the server doesn't do any client verification. - -`peer` will make the server ask the client to provide a certificate. -If the client provides a certificate, it will be validated. - -`force_peer` will make the server ask the client to provide a certificate. -If the client doesn't provide a certificate, the connection will be closed. - -This option needs to be used with <> and a defined list of CAs. [id="plugins-{type}s-{plugin}-threads"] ===== `threads` @@ -499,23 +445,6 @@ This option needs to be used with <> - -The maximum TLS version allowed for the encrypted connections. -The value must be the one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLSv1.3 - -[id="plugins-{type}s-{plugin}-tls_min_version"] -===== `tls_min_version` -deprecated[3.6.0] - - * Value type is <> - -The minimum TLS version allowed for the encrypted connections. -The value must be one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLSv1.3 [id="plugins-{type}s-{plugin}-user"] ===== `user` @@ -525,15 +454,24 @@ The value must be one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 fo Username for basic authorization -[id="plugins-{type}s-{plugin}-verify_mode"] -===== `verify_mode` -deprecated[3.6.0, Replaced by <>] - - * Value can be any of: `none`, `peer`, `force_peer` - * Default value is `"none"` +[id="plugins-{type}s-{plugin}-obsolete-options"] +==== HTTP Input Obsolete Configuration Options -Set the client certificate verification method. Valid methods: none, peer, force_peer +WARNING: As of version `4.0.0` of this plugin, some configuration options have been replaced. +The plugin will fail to start if it contains any of these obsolete options. +[cols="<,<",options="header",] +|======================================================================= +|Setting|Replaced by +| cipher_suites |<> +| keystore |<> +| keystore_password |<> +| ssl |<> +| ssl_verify_mode |<> +| tls_max_version |<> +| tls_min_version |<> +| verify_mode |<> +|======================================================================= [id="plugins-{type}s-{plugin}-common-options"] include::{include_path}/{type}.asciidoc[] diff --git a/docs/plugins/inputs/http_poller.asciidoc b/docs/plugins/inputs/http_poller.asciidoc index aa5b6c972..7a0a2c2cc 100644 --- a/docs/plugins/inputs/http_poller.asciidoc +++ b/docs/plugins/inputs/http_poller.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v5.6.0 -:release_date: 2024-06-19 -:changelog_url: https://github.com/logstash-plugins/logstash-input-http_poller/blob/v5.6.0/CHANGELOG.md +:version: v6.0.0 +:release_date: 2024-12-18 +:changelog_url: https://github.com/logstash-plugins/logstash-input-http_poller/blob/v6.0.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -123,21 +123,19 @@ Here’s how ECS compatibility mode affects output. This plugin supports the following configuration options plus the <> described later. +NOTE: As of version `6.0.0` of this plugin, a number of previously deprecated settings related to SSL have been removed. +Please check out <> for details. + + [cols="<,<,<",options="header",] |======================================================================= |Setting |Input type|Required | <> |<>|No -| <> |a valid filesystem path|__Deprecated__ -| <> |a valid filesystem path|__Deprecated__ -| <> |a valid filesystem path|__Deprecated__ | <> |<>|No | <> |<>|No | <> | <>|No | <> |<>|No | <> |<>|No -| <> |a valid filesystem path|__Deprecated__ -| <> |<>|__Deprecated__ -| <> |<>|__Deprecated__ | <> |<>|No | <> |<>|No | <> |<>|No @@ -159,9 +157,6 @@ This plugin supports the following configuration options plus the <> |<>|No | <> |<>, one of `["full", "none"]`|No | <> |<>|No -| <> |a valid filesystem path|__Deprecated__ -| <> |<>|__Deprecated__ -| <> |<>|__Deprecated__ | <> |<>|Yes | <> |<>|No | <> |<>|No @@ -182,33 +177,6 @@ How many times should the client retry a failing URL. We highly recommend NOT se to zero if keepalive is enabled. Some servers incorrectly end keepalives early requiring a retry! Note: if `retry_non_idempotent` is set only GET, HEAD, PUT, DELETE, OPTIONS, and TRACE requests will be retried. -[id="plugins-{type}s-{plugin}-cacert"] -===== `cacert` -deprecated[5.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -If you need to use a custom X.509 CA (.pem certs) specify the path to that here - -[id="plugins-{type}s-{plugin}-client_cert"] -===== `client_cert` -deprecated[5.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -If you'd like to use a client certificate (note, most people don't want this) set the path to the x509 cert here - -[id="plugins-{type}s-{plugin}-client_key"] -===== `client_key` -deprecated[5.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -If you're using a client certificate specify the path to the encryption key here - [id="plugins-{type}s-{plugin}-connect_timeout"] ===== `connect_timeout` @@ -318,34 +286,6 @@ Should redirects be followed? Defaults to `true` Turn this on to enable HTTP keepalive support. We highly recommend setting `automatic_retries` to at least one with this to fix interactions with broken keepalive implementations. -[id="plugins-{type}s-{plugin}-keystore"] -===== `keystore` -deprecated[5.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -If you need to use a custom keystore (`.jks`) specify that here. This does not work with .pem keys! - -[id="plugins-{type}s-{plugin}-keystore_password"] -===== `keystore_password` -deprecated[5.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -Specify the keystore password here. -Note, most .jks files created with keytool require a password! - -[id="plugins-{type}s-{plugin}-keystore_type"] -===== `keystore_type` -deprecated[5.5.0, Replaced by <>] - - * Value type is <> - * Default value is `"JKS"` - -Specify the keystore type here. One of `JKS` or `PKCS12`. Default is `JKS` - [id="plugins-{type}s-{plugin}-metadata_target"] ===== `metadata_target` @@ -570,35 +510,6 @@ Define the target field for placing the received data. If this setting is omitte TIP: When ECS is enabled, set `target` in the codec (if the codec has a `target` option). Example: `codec => json { target => "TARGET_FIELD_NAME" }` - -[id="plugins-{type}s-{plugin}-truststore"] -===== `truststore` -deprecated[5.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -If you need to use a custom truststore (`.jks`) specify that here. This does not work with .pem certs! - -[id="plugins-{type}s-{plugin}-truststore_password"] -===== `truststore_password` -deprecated[5.5.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -Specify the truststore password here. -Note, most .jks files created with keytool require a password! - -[id="plugins-{type}s-{plugin}-truststore_type"] -===== `truststore_type` -deprecated[5.5.0, Replaced by <>] - - * Value type is <> - * Default value is `"JKS"` - -Specify the truststore type here. One of `JKS` or `PKCS12`. Default is `JKS` - [id="plugins-{type}s-{plugin}-urls"] ===== `urls` @@ -664,6 +575,28 @@ being leased to the consumer. Non-positive value passed to this method disables connection validation. This check helps detect connections that have become stale (half-closed) while kept inactive in the pool." + +[id="plugins-{type}s-{plugin}-obsolete-options"] +==== HTTP Poller Input Obsolete Configuration Options + +WARNING: As of version `6.0.0` of this plugin, some configuration options have been replaced. +The plugin will fail to start if it contains any of these obsolete options. + +[cols="<,<",options="header",] +|======================================================================= +|Setting|Replaced by +| cacert |<> +| client_cert |<> +| client_key |<> +| keystore |<> +| keystore_password |<> +| keystore_type |<> +| truststore |<> +| truststore_password |<> +| truststore_type |<> +|======================================================================= + + [id="plugins-{type}s-{plugin}-common-options"] include::{include_path}/{type}.asciidoc[] diff --git a/docs/plugins/inputs/jdbc.asciidoc b/docs/plugins/inputs/jdbc.asciidoc index adb57b1e5..5dbd4ba31 100644 --- a/docs/plugins/inputs/jdbc.asciidoc +++ b/docs/plugins/inputs/jdbc.asciidoc @@ -7,9 +7,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v5.5.1 -:release_date: 2024-12-03 -:changelog_url: https://github.com/logstash-plugins/logstash-integration-jdbc/blob/v5.5.1/CHANGELOG.md +:version: v5.5.2 +:release_date: 2024-12-23 +:changelog_url: https://github.com/logstash-plugins/logstash-integration-jdbc/blob/v5.5.2/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! diff --git a/docs/plugins/inputs/kafka.asciidoc b/docs/plugins/inputs/kafka.asciidoc index 7949b9caf..719deb23b 100644 --- a/docs/plugins/inputs/kafka.asciidoc +++ b/docs/plugins/inputs/kafka.asciidoc @@ -3,15 +3,15 @@ :type: input :default_plugin: 1 :default_codec: plain -:kafka_client: 3.7 -:kafka_client_doc: 37 +:kafka_client: 3.8.1 +:kafka_client_doc: 38 /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v11.5.3 -:release_date: 2024-11-25 -:changelog_url: https://github.com/logstash-plugins/logstash-integration-kafka/blob/v11.5.3/CHANGELOG.md +:version: v11.6.0 +:release_date: 2025-01-07 +:changelog_url: https://github.com/logstash-plugins/logstash-integration-kafka/blob/v11.6.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -132,6 +132,13 @@ See the https://kafka.apache.org/{kafka_client_doc}/documentation for more detai | <> |<>|No | <> |<>|No | <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No @@ -557,13 +564,62 @@ retries are exhausted. The amount of time to wait before attempting to retry a failed fetch request to a given topic partition. This avoids repeated fetching-and-failing in a tight loop. -[id="plugins-{type}s-{plugin}-sasl_client_callback_handler_class""] +[id="plugins-{type}s-{plugin}-sasl_client_callback_handler_class"] ===== `sasl_client_callback_handler_class` -* Value type is <> -* There is no default value for this setting. + * Value type is <> + * There is no default value for this setting. The SASL client callback handler class the specified SASL mechanism should use. +[id="plugins-{type}s-{plugin}-sasl_oauthbearer_token_endpoint_url"] +===== `sasl_oauthbearer_token_endpoint_url` + * Value type is <> + * There is no default value for this setting. + +The URL for the OAuth 2.0 issuer token endpoint. + +[id="plugins-{type}s-{plugin}-sasl_oauthbearer_scope_claim_name"] +===== `sasl_oauthbearer_scope_claim_name` + * Value type is <> + * Default value is `"scope"` + +(optional) The override name of the scope claim. + +[id="plugins-{type}s-{plugin}-sasl_login_callback_handler_class"] +===== `sasl_login_callback_handler_class` + * Value type is <> + * There is no default value for this setting. + +The SASL login callback handler class the specified SASL mechanism should use. + +[id="plugins-{type}s-{plugin}-sasl_login_connect_timeout_ms"] +===== `sasl_login_connect_timeout_ms` + * Value type is <> + * There is no default value for this setting. + +(optional) The duration, in milliseconds, for HTTPS connect timeout + +[id="plugins-{type}s-{plugin}-sasl_login_read_timeout_ms"] +===== `sasl_login_read_timeout_ms` + * Value type is <> + * There is no default value for this setting. + +(optional) The duration, in milliseconds, for HTTPS read timeout. + +[id="plugins-{type}s-{plugin}-sasl_login_retry_backoff_ms"] +===== `sasl_login_retry_backoff_ms` + * Value type is <> + * Default value is `100` milliseconds. + +(optional) The duration, in milliseconds, to wait between HTTPS call attempts. + +[id="plugins-{type}s-{plugin}-sasl_login_retry_backoff_max_ms"] +===== `sasl_login_retry_backoff_max_ms` + * Value type is <> + * Default value is `10000` milliseconds. + +(optional) The maximum duration, in milliseconds, for HTTPS call attempts. + [id="plugins-{type}s-{plugin}-sasl_jaas_config"] ===== `sasl_jaas_config` diff --git a/docs/plugins/inputs/snmp.asciidoc b/docs/plugins/inputs/snmp.asciidoc index 01034ca81..67416c4d6 100644 --- a/docs/plugins/inputs/snmp.asciidoc +++ b/docs/plugins/inputs/snmp.asciidoc @@ -7,9 +7,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v4.0.4 -:release_date: 2024-07-08 -:changelog_url: https://github.com/logstash-plugins/logstash-integration-snmp/blob/v4.0.4/CHANGELOG.md +:version: v4.0.5 +:release_date: 2025-01-06 +:changelog_url: https://github.com/logstash-plugins/logstash-integration-snmp/blob/v4.0.5/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! diff --git a/docs/plugins/inputs/snmptrap.asciidoc b/docs/plugins/inputs/snmptrap.asciidoc index 61582b7e2..745123889 100644 --- a/docs/plugins/inputs/snmptrap.asciidoc +++ b/docs/plugins/inputs/snmptrap.asciidoc @@ -7,9 +7,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v4.0.4 -:release_date: 2024-07-08 -:changelog_url: https://github.com/logstash-plugins/logstash-integration-snmp/blob/v4.0.4/CHANGELOG.md +:version: v4.0.5 +:release_date: 2025-01-06 +:changelog_url: https://github.com/logstash-plugins/logstash-integration-snmp/blob/v4.0.5/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! diff --git a/docs/plugins/inputs/tcp.asciidoc b/docs/plugins/inputs/tcp.asciidoc index db1b4e305..009b91aa0 100644 --- a/docs/plugins/inputs/tcp.asciidoc +++ b/docs/plugins/inputs/tcp.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v6.4.4 -:release_date: 2024-11-18 -:changelog_url: https://github.com/logstash-plugins/logstash-input-tcp/blob/v6.4.4/CHANGELOG.md +:version: v7.0.0 +:release_date: 2025-01-10 +:changelog_url: https://github.com/logstash-plugins/logstash-input-tcp/blob/v7.0.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -122,6 +122,10 @@ filter { This plugin supports the following configuration options plus the <> described later. +NOTE: As of version `7.0.0` of this plugin, a number of previously deprecated settings related to SSL have been removed. Please see the +<> for more details. + + [cols="<,<,<",options="header",] |======================================================================= |Setting |Input type|Required @@ -131,19 +135,16 @@ This plugin supports the following configuration options plus the <> |<>, one of `["server", "client"]`|No | <> |<>|Yes | <> |<>|No -| <> |a valid filesystem path|__Deprecated__ | <> |a valid filesystem path|No | <> |<>|No | <> |<>|No | <> |<>, one of `["none", "optional", "required"]`|No -| <> |<>|__Deprecated__ | <> |<>|No | <> |<>|No | <> |a valid filesystem path|No | <> |<>|No | <> |<>|No | <> |<>, one of `["full", "none"]`|No -| <> |<>|__Deprecated__ | <> |<>|No |======================================================================= @@ -213,16 +214,6 @@ When mode is `client`, the port to connect to. Proxy protocol support, only v1 is supported at this time http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt -[id="plugins-{type}s-{plugin}-ssl_cert"] -===== `ssl_cert` -deprecated[6.4.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -Path to certificate in PEM format. This certificate will be presented -to the connecting clients. - [id="plugins-{type}s-{plugin}-ssl_certificate"] ===== `ssl_certificate` @@ -269,14 +260,6 @@ Please note that the server does not validate the client certificate CN (Common NOTE: This setting can be used only if <> is `server` and <> is set. -[id="plugins-{type}s-{plugin}-ssl_enable"] -===== `ssl_enable` -deprecated[6.4.0, Replaced by <>] - - * Value type is <> - * Default value is `false` - -Enable SSL (must be set for other `ssl_` options to take effect). [id="plugins-{type}s-{plugin}-ssl_enabled"] ===== `ssl_enabled` @@ -344,16 +327,6 @@ This setting can be used only if <> is `client`. WARNING: Setting certificate verification to `none` disables many security benefits of SSL/TLS, which is very dangerous. For more information on disabling certificate verification please read https://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf -[id="plugins-{type}s-{plugin}-ssl_verify"] -===== `ssl_verify` -deprecated[6.4.0, Replaced by <> and <>] - - * Value type is <> - * Default value is `true` - -Verify the identity of the other end of the SSL connection against the CA. -For input, sets the field `sslsubject` to that of the client certificate. - [id="plugins-{type}s-{plugin}-tcp_keep_alive"] ===== `tcp_keep_alive` @@ -364,6 +337,21 @@ Instruct the socket to use TCP keep alive. If it's `true` then the underlying so will use the OS defaults settings for keep alive. If it's `false` it doesn't configure any keep alive setting for the underlying socket. +[id="plugins-{type}s-{plugin}-obsolete-options"] +==== TCP Input Obsolete Configuration Options + +WARNING: As of version `7.0.0` of this plugin, some configuration options have been replaced. +The plugin will fail to start if it contains any of these obsolete options. + + +[cols="<,<",options="header",] +|======================================================================= +|Setting|Replaced by +| ssl_cert |<> +| ssl_enable |<> +| ssl_verify |<> in `server` mode and <> in `client` mode +|======================================================================= + [id="plugins-{type}s-{plugin}-common-options"] include::{include_path}/{type}.asciidoc[] diff --git a/docs/plugins/integrations/jdbc.asciidoc b/docs/plugins/integrations/jdbc.asciidoc index 2de6c24f8..6e3c79a3a 100644 --- a/docs/plugins/integrations/jdbc.asciidoc +++ b/docs/plugins/integrations/jdbc.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v5.5.1 -:release_date: 2024-12-03 -:changelog_url: https://github.com/logstash-plugins/logstash-integration-jdbc/blob/v5.5.1/CHANGELOG.md +:version: v5.5.2 +:release_date: 2024-12-23 +:changelog_url: https://github.com/logstash-plugins/logstash-integration-jdbc/blob/v5.5.2/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! diff --git a/docs/plugins/integrations/kafka.asciidoc b/docs/plugins/integrations/kafka.asciidoc index 85fe46757..42f4bcf05 100644 --- a/docs/plugins/integrations/kafka.asciidoc +++ b/docs/plugins/integrations/kafka.asciidoc @@ -2,14 +2,14 @@ :type: integration :default_plugin: 1 :no_codec: -:kafka_client: 3.7.1 +:kafka_client: 3.8.1 /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v11.5.3 -:release_date: 2024-11-25 -:changelog_url: https://github.com/logstash-plugins/logstash-integration-kafka/blob/v11.5.3/CHANGELOG.md +:version: v11.6.0 +:release_date: 2025-01-07 +:changelog_url: https://github.com/logstash-plugins/logstash-integration-kafka/blob/v11.6.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! diff --git a/docs/plugins/integrations/snmp.asciidoc b/docs/plugins/integrations/snmp.asciidoc index 36828f54d..52e97f0b6 100644 --- a/docs/plugins/integrations/snmp.asciidoc +++ b/docs/plugins/integrations/snmp.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v4.0.4 -:release_date: 2024-07-08 -:changelog_url: https://github.com/logstash-plugins/logstash-integration-snmp/blob/v4.0.4/CHANGELOG.md +:version: v4.0.5 +:release_date: 2025-01-06 +:changelog_url: https://github.com/logstash-plugins/logstash-integration-snmp/blob/v4.0.5/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! diff --git a/docs/plugins/outputs/elasticsearch.asciidoc b/docs/plugins/outputs/elasticsearch.asciidoc index 9c7816d54..a422bbecb 100644 --- a/docs/plugins/outputs/elasticsearch.asciidoc +++ b/docs/plugins/outputs/elasticsearch.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v11.22.10 -:release_date: 2024-12-09 -:changelog_url: https://github.com/logstash-plugins/logstash-output-elasticsearch/blob/v11.22.10/CHANGELOG.md +:version: v12.0.1 +:release_date: 2025-01-14 +:changelog_url: https://github.com/logstash-plugins/logstash-output-elasticsearch/blob/v12.0.1/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -326,8 +326,10 @@ When a string value on an event contains one or more byte sequences that are not [id="plugins-{type}s-{plugin}-options"] ==== Elasticsearch Output Configuration Options -This plugin supports the following configuration options plus the -<> and the <> described later. +This plugin supports these configuration options plus the <> described later. + +NOTE: As of version 12.0.0 of this plugin, a number of previously deprecated SSL settings have been removed. +Please check out <> for details. [cols="<,<,<",options="header",] |======================================================================= @@ -442,7 +444,7 @@ For more details on actions, check out the {ref}/docs-bulk.html[Elasticsearch bu * There is no default value for this setting. Authenticate using Elasticsearch API key. -Note that this option also requires SSL/TLS, which can be enabled by supplying a <>, a list of HTTPS <>, or by setting < true`>>. +Note that this option also requires SSL/TLS, which can be enabled by supplying a <>, a list of HTTPS <>, or by setting < true`>>. Format is `id:api_key` where `id` and `api_key` are as returned by the Elasticsearch {ref}/security-api-create-api-key.html[Create API key API]. @@ -1325,98 +1327,24 @@ https://www.elastic.co/blog/elasticsearch-versioning-support[versioning support blog] and {ref}/docs-index_.html#_version_types[Version types] in the Elasticsearch documentation. -[id="plugins-{type}s-{plugin}-deprecated-options"] -==== Elasticsearch Output Deprecated Configuration Options - -This plugin supports the following deprecated configurations. +[id="plugins-{type}s-{plugin}-obsolete-options"] +==== Elasticsearch Output Obsolete Configuration Options -WARNING: Deprecated options are subject to removal in future releases. +WARNING: As of version `12.0.0` of this plugin, some configuration options have been replaced. +The plugin will fail to start if it contains any of these obsolete options. -[cols="<,<,<",options="header",] +[cols="<,<",options="header",] |======================================================================= -|Setting|Input type|Replaced by -| <> |a valid filesystem path|<> -| <> |a valid filesystem path|<> -| <> |<>|<> -| <> |<>|<> -| <> |<>|<> -| <> |a valid filesystem path|<> -| <> |<>|<> +|Setting|Replaced by +| cacert | <> +| keystore | <> +| keystore_password | <> +| ssl | <> +| ssl_certificate_verification | <> +| truststore | <> +| truststore_password | <> |======================================================================= - -[id="plugins-{type}s-{plugin}-cacert"] -===== `cacert` -deprecated[11.14.0, Replaced by <>] - -* Value type is a list of <> -* There is no default value for this setting. - -The .cer or .pem file to validate the server's certificate. - -[id="plugins-{type}s-{plugin}-keystore"] -===== `keystore` -deprecated[11.14.0, Replaced by <>] - -* Value type is <> -* There is no default value for this setting. - -The keystore used to present a certificate to the server. -It can be either .jks or .p12 - -NOTE: You cannot use this setting and <> at the same time. - -[id="plugins-{type}s-{plugin}-keystore_password"] -===== `keystore_password` -deprecated[11.14.0, Replaced by <>] - -* Value type is <> -* There is no default value for this setting. - -Set the keystore password - -[id="plugins-{type}s-{plugin}-ssl"] -===== `ssl` -deprecated[11.14.0, Replaced by <>] - -* Value type is <> -* There is no default value for this setting. - -Enable SSL/TLS secured communication to Elasticsearch cluster. -Leaving this unspecified will use whatever scheme is specified in the URLs listed in <> or extracted from the <>. -If no explicit protocol is specified plain HTTP will be used. - -[id="plugins-{type}s-{plugin}-ssl_certificate_verification"] -===== `ssl_certificate_verification` -deprecated[11.14.0, Replaced by <>] - -* Value type is <> -* Default value is `true` - -Option to validate the server's certificate. Disabling this severely compromises security. -For more information on disabling certificate verification please read -https://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf - -[id="plugins-{type}s-{plugin}-truststore"] -===== `truststore` -deprecated[11.14.0, Replaced by <>] - -* Value type is <> -* There is no default value for this setting. - -The truststore to validate the server's certificate. -It can be either `.jks` or `.p12`. -Use either `:truststore` or `:cacert`. - -[id="plugins-{type}s-{plugin}-truststore_password"] -===== `truststore_password` -deprecated[11.14.0, Replaced by <>] - -* Value type is <> -* There is no default value for this setting. - -Set the truststore password - [id="plugins-{type}s-{plugin}-common-options"] include::{include_path}/{type}.asciidoc[] diff --git a/docs/plugins/outputs/kafka.asciidoc b/docs/plugins/outputs/kafka.asciidoc index ba3a50bda..3f668e451 100644 --- a/docs/plugins/outputs/kafka.asciidoc +++ b/docs/plugins/outputs/kafka.asciidoc @@ -3,15 +3,15 @@ :type: output :default_plugin: 1 :default_codec: plain -:kafka_client: 3.7 -:kafka_client_doc: 37 +:kafka_client: 3.8.1 +:kafka_client_doc: 38 /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v11.5.3 -:release_date: 2024-11-25 -:changelog_url: https://github.com/logstash-plugins/logstash-integration-kafka/blob/v11.5.3/CHANGELOG.md +:version: v11.6.0 +:release_date: 2025-01-07 +:changelog_url: https://github.com/logstash-plugins/logstash-integration-kafka/blob/v11.6.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -103,6 +103,13 @@ See the https://kafka.apache.org/{kafka_client_doc}/documentation for more detai | <> |<>|No | <> |<>|No | <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No +| <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No @@ -393,13 +400,62 @@ In versions prior to 10.5.0, any exception is retried indefinitely unless the `r The amount of time to wait before attempting to retry a failed produce request to a given topic partition. -[id="plugins-{type}s-{plugin}-sasl_client_callback_handler_class""] +[id="plugins-{type}s-{plugin}-sasl_client_callback_handler_class"] ===== `sasl_client_callback_handler_class` -* Value type is <> -* There is no default value for this setting. + * Value type is <> + * There is no default value for this setting. The SASL client callback handler class the specified SASL mechanism should use. +[id="plugins-{type}s-{plugin}-sasl_oauthbearer_token_endpoint_url"] +===== `sasl_oauthbearer_token_endpoint_url` + * Value type is <> + * There is no default value for this setting. + +The URL for the OAuth 2.0 issuer token endpoint. + +[id="plugins-{type}s-{plugin}-sasl_oauthbearer_scope_claim_name"] +===== `sasl_oauthbearer_scope_claim_name` + * Value type is <> + * Default value is `"scope"` + +(optional) The override name of the scope claim. + +[id="plugins-{type}s-{plugin}-sasl_login_callback_handler_class"] +===== `sasl_login_callback_handler_class` + * Value type is <> + * There is no default value for this setting. + +The SASL login callback handler class the specified SASL mechanism should use. + +[id="plugins-{type}s-{plugin}-sasl_login_connect_timeout_ms"] +===== `sasl_login_connect_timeout_ms` + * Value type is <> + * There is no default value for this setting. + +(optional) The duration, in milliseconds, for HTTPS connect timeout + +[id="plugins-{type}s-{plugin}-sasl_login_read_timeout_ms"] +===== `sasl_login_read_timeout_ms` + * Value type is <> + * There is no default value for this setting. + +(optional) The duration, in milliseconds, for HTTPS read timeout. + +[id="plugins-{type}s-{plugin}-sasl_login_retry_backoff_ms"] +===== `sasl_login_retry_backoff_ms` + * Value type is <> + * Default value is `100` milliseconds. + +(optional) The duration, in milliseconds, to wait between HTTPS call attempts. + +[id="plugins-{type}s-{plugin}-sasl_login_retry_backoff_max_ms"] +===== `sasl_login_retry_backoff_max_ms` + * Value type is <> + * Default value is `10000` milliseconds. + +(optional) The maximum duration, in milliseconds, for HTTPS call attempts. + [id="plugins-{type}s-{plugin}-sasl_jaas_config"] ===== `sasl_jaas_config` diff --git a/docs/plugins/outputs/mongodb.asciidoc b/docs/plugins/outputs/mongodb.asciidoc index 2e0a24fe8..5beb7958c 100644 --- a/docs/plugins/outputs/mongodb.asciidoc +++ b/docs/plugins/outputs/mongodb.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v3.1.7 -:release_date: 2022-01-31 -:changelog_url: https://github.com/logstash-plugins/logstash-output-mongodb/blob/v3.1.7/CHANGELOG.md +:version: v3.1.8 +:release_date: 2025-01-02 +:changelog_url: https://github.com/logstash-plugins/logstash-output-mongodb/blob/v3.1.8/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! diff --git a/docs/plugins/outputs/tcp.asciidoc b/docs/plugins/outputs/tcp.asciidoc index 50c015d22..fffa7ebe7 100644 --- a/docs/plugins/outputs/tcp.asciidoc +++ b/docs/plugins/outputs/tcp.asciidoc @@ -6,9 +6,9 @@ /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// -:version: v6.2.1 -:release_date: 2024-06-05 -:changelog_url: https://github.com/logstash-plugins/logstash-output-tcp/blob/v6.2.1/CHANGELOG.md +:version: v7.0.0 +:release_date: 2025-01-10 +:changelog_url: https://github.com/logstash-plugins/logstash-output-tcp/blob/v7.0.0/CHANGELOG.md :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! @@ -34,6 +34,10 @@ depending on `mode`. This plugin supports the following configuration options plus the <> described later. +NOTE: As of version `7.0.0` of this plugin, a number of previously deprecated settings related to SSL have been removed. Please see the +<> for more details. + + [cols="<,<,<",options="header",] |======================================================================= |Setting |Input type|Required @@ -41,19 +45,15 @@ This plugin supports the following configuration options plus the <> |<>, one of `["server", "client"]`|No | <> |<>|Yes | <> |<>|No -| <> |a valid filesystem path|__Deprecated__ -| <> |a valid filesystem path|__Deprecated__ | <> |a valid filesystem path|No | <> |<>|No | <> |<>|No | <> |<>, one of `["none", "optional", "required"]`|No -| <> |<>|__Deprecated__ | <> |<>|No | <> |a valid filesystem path|No | <> |<>|No | <> |<>|No | <> |<>, one of `["full", "none"]`|No -| <> |<>|No |======================================================================= Also see <> for a list of options supported by all @@ -98,24 +98,6 @@ When mode is `client`, the port to connect to. When connect failed,retry interval in sec. -[id="plugins-{type}s-{plugin}-ssl_cacert"] -===== `ssl_cacert` -deprecated[6.2.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -The SSL CA certificate, chainfile or CA path. The system CA path is automatically included. - -[id="plugins-{type}s-{plugin}-ssl_cert"] -===== `ssl_cert` -deprecated[6.2.0, Replaced by <>] - - * Value type is <> - * There is no default value for this setting. - -SSL certificate path - [id="plugins-{type}s-{plugin}-ssl_certificate"] ===== `ssl_certificate` @@ -161,15 +143,6 @@ Please note that the server does not validate the client certificate CN (Common NOTE: This setting can be used only if <> is `server` and <> is set. -[id="plugins-{type}s-{plugin}-ssl_enable"] -===== `ssl_enable` -deprecated[6.2.0, Replaced by <>] - - * Value type is <> - * Default value is `false` - -Enable SSL (must be set for other `ssl_` options to take effect). - [id="plugins-{type}s-{plugin}-ssl_enabled"] ===== `ssl_enabled` @@ -224,15 +197,21 @@ has a hostname or IP address that matches the names within the certificate. NOTE: This setting can be used only if <> is `client`. -[id="plugins-{type}s-{plugin}-ssl_verify"] -===== `ssl_verify` -deprecated[6.2.0, Replaced by <> and <>] +[id="plugins-{type}s-{plugin}-obsolete-options"] +==== TCP Output Obsolete Configuration Options + +WARNING: As of version `6.0.0` of this plugin, some configuration options have been replaced. +The plugin will fail to start if it contains any of these obsolete options. - * Value type is <> - * Default value is `false` -Verify the identity of the other end of the SSL connection against the CA. -For input, sets the field `sslsubject` to that of the client certificate. +[cols="<,<",options="header",] +|======================================================================= +|Setting|Replaced by +| ssl_cacert |<> +| ssl_cert |<> +| ssl_enable |<> +| ssl_verify |<> in `server` mode and <> in `client` mode +|======================================================================= [id="plugins-{type}s-{plugin}-common-options"] include::{include_path}/{type}.asciidoc[]