You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/release-notes/breaking-changes.md
+42-23
Original file line number
Diff line number
Diff line change
@@ -17,7 +17,10 @@ Before you upgrade, carefully review the Logstash breaking changes and take the
17
17
18
18
## 9.0.0 [logstash-900-breaking-changes]
19
19
20
-
### Changes to SSL settings in {{ls}} plugins [ssl-settings-9.0]
20
+
21
+
:::::{dropdown} Changes to SSL settings in {{ls}} plugins
22
+
:name: ssl-deprecations-9.0.0
23
+
21
24
We’ve removed deprecated SSL settings in some {{ls}} plugins, and have replaced them with updated settings. If your plugin configuration contains any of these obsolete options, the plugin may fail to start.
22
25
23
26
::::{dropdown} `logstash-input-beats`
@@ -34,7 +37,6 @@ We’ve removed deprecated SSL settings in some {{ls}} plugins, and have replace
34
37
35
38
::::
36
39
37
-
38
40
::::{dropdown} `logstash-input-elastic_agent`
39
41
:name: input-elastic_agent-ssl-9.0
40
42
@@ -193,72 +195,84 @@ We’ve removed deprecated SSL settings in some {{ls}} plugins, and have replace
| ssl_verify |[`ssl_client_authentication`](logstash-docs-md://lsr/plugins-outputs-tcp.md#plugins-outputs-tcp-ssl_client_authentication) in `server` mode and [`ssl_verification_mode`](logstash-docs-md://lsr/plugins-outputs-tcp.md#plugins-outputs-tcp-ssl_verification_mode) in `client` mode |
196
-
197
198
::::
199
+
:::::
198
200
199
-
200
-
### Pipeline buffer type defaults to `heap`[pipeline-buffer-type]
201
+
::::{dropdown} Pipeline buffer type defaults to `heap`
202
+
:name: pipeline-buffer-type]
201
203
202
204
We've improved memory configuration for certain {{ls}} plugins.
203
205
Input plugins such as `elastic_agent`, `beats`, `tcp`, and `http` allocate buffers in Java memory to read events from the network.
204
206
The default allocation method is `direct` memory rather than `heap` memory to simplify configuration, and to help facilitate debugging memory usage problems through the analysis of heap dumps.
205
207
If you need to re-enable the previous behavior, change the `pipeline.buffer.type` setting in [logstash.yml](/reference/logstash-settings-file.md).
206
208
Check out [off-heap-buffers-allocation](/reference/jvm-settings.md#off-heap-buffers-allocation) for details. [#16500](https://github.com/elastic/logstash/pull/16500)
209
+
::::
207
210
208
-
### {{ls}} modules removed [removed-modules]
211
+
::::{dropdown} {{ls}} modules removed
212
+
:name: removed-modules
209
213
210
214
We have removed the {{ls}} modules framework, and encourage users to try Elastic Integrations
211
215
This includes the netflow, azure and arcsight modules, and the modules framework as a whole. [#16794](https://github.com/elastic/logstash/pull/16794)
We have removed support for previously deprecated configuration settings:
217
223
218
-
#### `http.*` prefixed settings for the {{ls}} API
219
-
When configuring the {{ls}} API, settings prefixed by `http.*` have been replaced by the equivalent settings prefixed with `api.*`. [#16552](https://github.com/elastic/logstash/pull/16552)
220
-
221
-
#### `event_api.tags.illegal`
224
+
-**`http.*` prefixed settings for the {{ls}} API.** Settings prefixed by `http.*` have been replaced by the equivalent settings prefixed with `api.*`. [#16552](https://github.com/elastic/logstash/pull/16552)
222
225
226
+
-**`event_api.tags.illegal`**
223
227
Any events that include field named tags automatically rename the field _tags to avoid any clash
224
228
with the reserved {{ls}} tags field.
225
229
Instead, {{ls}} generates `_tagsparsefailure` in the event `tags` and the illegal value is written to the `_tags` field. [#16461](https://github.com/elastic/logstash/pull/16461)
The ingest converter, which was used to convert ingest pipelines to {{ls}} pipelines, has been removed. [#16453](https://github.com/elastic/logstash/pull/16453)
236
+
231
237
The `logstash-filter-elastic_integration` plugin offers similar functionality, and can help you use [Logstash to extend Elastic integrations](/reference/using-logstash-with-elastic-integrations.md).
238
+
::::
232
239
233
-
### JDK11 not supported [jdk-11-support-drop]
240
+
::::{dropdown} JDK11 not supported
241
+
:name: jdk-11-support-drop
234
242
235
243
JDK17 is the minimum version of the JDK required to run Logstash.
236
244
For the best experience, we still recommend running {{ls}} using the bundled-jdk.
237
245
See [Logstash JVM requirements](/reference/getting-started-with-logstash.md#ls-jvm)
238
246
for details. [#16443](https://github.com/elastic/logstash/pull/16443)
247
+
::::
239
248
240
-
### Docker base image now UBI9 based [docker-base-image-change]
249
+
::::{dropdown} Docker base image now UBI9 based
250
+
:name: docker-base-image-change
241
251
242
252
The base image for {{ls}} on Docker has been changed from Ubuntu to UBI9.
243
253
If you create a Docker image based on the {{ls}} image and rely on it being Ubuntu based, you need to change your derived image to take account of this change.
244
254
For example, if your derived docker image installs additional packages using a package manager, UBI9 uses `microdnf`, rather than `apt`.
### Cannot run {{ls}} as `superuser` by default [disallow-superuser]
258
+
::::{dropdown} Cannot run {{ls}} as `superuser` by default
259
+
:name: [disallow-superuser
249
260
250
261
We've changed the default behavior to prevent users from accidentally running {{ls}} as a superuser.
251
262
If you try to run {{ls}} as a superuser, it logs an error and fails to start, ensuring that users cannot run Logstash with elevated privileges by accident.
252
263
253
-
You can change the value of the `allow_superuser` setting to `true` in [logstash.yml](/reference/logstash-settings-file.md) if you want to restore the previous behavior and allow {{ls}} to run with superuser privileges. [#16558(https://github.com/elastic/logstash/pull/16558)
264
+
You can change the value of the `allow_superuser` setting to `true` in [logstash.yml](/reference/logstash-settings-file.md) if you want to restore the previous behavior and allow {{ls}} to run with superuser privileges. [#16558](https://github.com/elastic/logstash/pull/16558)
265
+
::::
254
266
255
-
### New setting required to continue using legacy internal monitoring [allow-legacy-monitoring]
267
+
::::{dropdown} New setting required to continue using legacy internal monitoring
268
+
:name: allow-legacy-monitoring
256
269
257
270
To continue using deprecated internal collection to monitor {{ls}}, set `xpack.monitoring.allow_legacy_collection` to `true` in [logstash.yml](/reference/logstash-settings-file.md).
258
271
We encourage you to move to [agent-driven monitoring](/reference/monitoring-logstash-with-elastic-agent.md), the latest, supported way to monitor Logstash [#16586](https://github.com/elastic/logstash/pull/16586)
We've improved the way we deal with duplicate `message` fields in `json` documents.
264
278
Some code paths that log in `json` produce log events that include multiple instances of the `message` field. (The JSON codec plugin is one example.)
@@ -268,9 +282,14 @@ We recently introduced the option to fix duplicates, and made it the default beh
268
282
To re-enable the previous behavior, change the `log.format.json.fix_duplicate_message_fields` setting in [logstash.yml](/reference/logstash-settings-file.md) to `false`.
269
283
270
284
Check out [Logging in json format can write duplicate message fields](docs-content://troubleshoot/ingest/logstash.md) for more details about the issue. [#16578](https://github.com/elastic/logstash/pull/16578)
285
+
::::
271
286
272
-
### Enterprise_search integration plugin is deprecated [enterprise_search-deprecated-9.0]
287
+
::::{dropdown} Enterprise_search integration plugin is removed from default Logstash install
288
+
:name: enterprise_search-deprecated-9.0
273
289
274
-
We’ve deprecated the {{ls}} Enterprise_search integration plugin, and its component App Search and Workplace Search plugins. These plugins will receive only security updates and critical fixes moving forward.
290
+
We’ve removed the {{ls}} Enterprise_search integration plugin, and its component App Search and Workplace Search plugins from the default {{ls}} install.
291
+
These plugins will receive only security updates and critical fixes moving forward.
275
292
276
293
We recommend using our native {{es}} tools for your Search use cases. For more details, please visit the [Search solution and use case documentation](docs-content://solutions/search.md).
Copy file name to clipboardExpand all lines: docs/release-notes/deprecations.md
+5-2
Original file line number
Diff line number
Diff line change
@@ -5,7 +5,8 @@ navigation_title: "Deprecations"
5
5
# Logstash deprecations [logstash-deprecations]
6
6
Over time, certain Elastic functionality becomes outdated and is replaced or removed. To help with the transition, Elastic deprecates functionality for a period before removal, giving you time to update your applications.
7
7
8
-
Review the deprecated functionality for Logstash. While deprecations have no immediate impact, we strongly encourage you update your implementation after you upgrade. To learn how to upgrade, check out [Upgrade](docs-content://deploy-manage/upgrade.md).
8
+
Review the deprecated functionality for Logstash.
9
+
While deprecations have no immediate impact, we strongly encourage you update your implementation after you upgrade.
9
10
10
11
% ## Next version [logstash-versionnext-deprecations]
11
12
@@ -23,4 +24,6 @@ Review the deprecated functionality for Logstash. While deprecations have no imm
23
24
% For more information, check [PR #](PR link).
24
25
% **Impact**<br> Impact of deprecation.
25
26
% **Action**<br> Steps for mitigating deprecation impact.
![mergify[bot]](https://avatars.githubusercontent.com/in/10562?v=4&size=40){kind=avatar}
0 commit comments