- Ignore master-only nodes when using sniffing
- Ignore event's type field for the purpose of setting document
_type
if cluster is es 6.x or above
- Update gemspec summary
- Change default document type to 'doc' from 'logs' to align with beats and reflect the generic nature of logstash.
- Deprecate 'document_type' option
- Use
#response_body
instead of#body
when debugging response from the server #679
- Docs: Add DLQ policy section
- Improved Elasticsearch version handling
- Improved event error logging when DLQ is disabled in Logstash
- Retry all non-200 responses of the bulk API indefinitely
- Improve documentation on retry codes
- Support Elasticsearch 6.x join field type
- Fix bug where logging errors for bad response codes would raise an unhandled exception
- Fix some documentation issues
- Breaking: make deprecated options :flush_size and :idle_flush_time obsolete
- Remove obsolete options :max_retries and :retry_max_items
- Fix: handling of initial single big event
- Fix: typo was enabling http compression by default this returns it back to false
- Properly support characters needing escaping in users / passwords across multiple SafeURI implementions (pre/post LS 5.5.1)
- Logstash 5.5.0 does NOT work with this release as it has a broken SafeURI implementation
- Bump for doc gen
- Fix incorrect variable reference when DLQing events
- Fix incorrect handling of bulk_path containing ?s
- Fix JRuby 9k incompatibilities and use new URI class that is JRuby 9k compatible
- Fix error where a 429 would cause this output to crash
- Wait for all inflight requests to complete before stopping
- Fix the backwards compatibility layer used for detecting DLQ capabilities in logstash core
- Log 429 errors as debug instead of error. These aren't actual errors and cause users undue concern. This status code is triggered when ES wants LS to backoff, which it does correctly (exponentially)
- Docs: Add requirement to use version 6.2.5 or higher to support sending Content-Type headers.
- Expose a
#post
method in the http client class to be use by other modules
- Support 6.0.0-alpha1 version of Elasticsearch by adding a separate 6x template
- Note: This version is backwards compatible w.r.t. config, but for ES 6.0.0,
_all
has been removed. This BWC issue only affects ES version 6.x; older versions can be used with this plugin as is.
- Add support to compress requests using the new
http_compression
option.
- introduce customization of bulk, healthcheck and sniffing paths with the behaviour:
- if not set: the default value will be used
- if not set and path is also set: the default is appended to path
- if set: the set value will be used, ignoring the default and path setting
- removes absolute_healthcheck_path and query_parameters
- Fixed: Change how the healthcheck_path is treated: either append it to any existing path (default) or replace any existing path Also ensures that the healthcheck url contains no query parameters regarless of hosts urls contains them or query_params being set. #554
- Send the Content-Type: application/json header that proper ES clients should send
- Fix bug where using escaped characters in the password field would attempt to show a warning but instead crash. The warning was also not necessary since escaped characters never worked there before.
- Fixed a bug introduced in 6.2.2 where passwords needing escapes were not actually sent to ES properly encoded.
- Fixed a bug that forced users to URL encode the
password
option. If you are currently manually escaping your passwords upgrading to this version will break authentication. You should unescape your password if you have implemented this workaround as it will otherwise be doubly encoded. URL escaping is STILL required for passwords inline with URLs in thehosts
option.
- When an HTTP error is encountered, log the response body instead of the request. The request body will still be logged at debug level.
- Add version number / version conflict support
- Add option to use an absolute healthcheck path
- Proxies requiring auth now always work when a URL is specified
- It is no longer possible to specify a proxy as a hash due to security reasons
- Fix URL normalization logic to correctly apply all settings to sniffed hosts
- Proxies requiring auth now always work when a URL is specified
- Switch internals to new LogStash::Util::SafeURI type for more defensive approach to logging credentials
- Correctly sniff against ES 5.x clusters
- Perform healthcheck against hosts right after startup / sniffing
- Add support for custom query parameters
- Docs: Remove mention of using the elasticsearch_java output plugin because it is no longer supported
- Add
sprintf
or event dependent configuration when specifying ingest pipeline
- Hide user/password in connection pool
- Use byte size, not char count for bulk operation size checks
- depends on Adressable ~> 2.3.0 to satisfy development dependency of the core (logstash/#6204)
- Bulk operations will now target 20MB chunks at a time to reduce heap usage
- Change default lang for scripts to be painless, inline with ES 5.0. Earlier there was no default.
- Hide credentials in exceptions and log messages (#482)
- [internal] Remove dependency on longshoreman project
- Hide user and password from the URL logged during sniffing process.
- Add check_connection_timeout parameter (default 10m)
- Set default timeout to 60s
- Breaking Change: Index template for 5.0 has been changed to reflect Elasticsearch's mapping changes. Most importantly,
the subfield for string multi-fields has changed from
.raw
to.keyword
to match ES default behavior. (#386)
Users installing ES 5.x and LS 5.x This change will not affect you and you will continue to use the ES defaults.
Users upgrading from LS 2.x to LS 5.x with ES 5.x
LS will not force upgrade the template, if logstash
template already exists. This means you will still use
.raw
for sub-fields coming from 2.x. If you choose to use the new template, you will have to reindex your data after
the new template is installed.
- Relax constraint on logstash-core-plugin-api to >= 1.60 <= 2.99
- Added a configuration called failure_type_logging_whitelist which takes a list of strings, that are error types from elasticsearch, so we prevent logging WARN if elasticsearch fails with that action. See logstash-plugins#423
- Fix bug where setting credentials would cause fatal errors. See logstash-plugins#441
- breaking,config: Removed obsolete config
host
andport
. Please use thehosts
config with the[host:port]
syntax. - breaking,config: Removed obsolete config
index_type
. Please usedocument_type
instead. - breaking,config: Set config
max_retries
andretry_max_items
as obsolete
- Make this plugin threadsafe. Workers no longer needed or supported
- Add pool_max and pool_max_per_route options
- Fix issues where URI based paths in 'hosts' would not function correctly
- Republish all the gems under jruby.
- Update the plugin to the version 2.0 of the plugin api, this change is required for Logstash 5.0 compatibility. See elastic/logstash#5141
- Add
pipeline
configuration option for setting an ingest pipeline to run upon indexing
- Fix bug where update index actions would not work with events with 'data' field
- Add 'retry_on_conflict' configuration option which should have been here from the beginning
- Fix bug with update document with doc_as_upsert and scripting (#364, #359)
- Make error messages more verbose and easier to parse by humans
- Retryable failures are now logged at the info level instead of warning. (issue #372)
- Fix bug where SSL would sometimes not be enabled
- Host settings now are more robust to bad input
- Host settings can now take full URLs
- Make flush_size actually cap the batch size in LS 2.2+
- Used debug level instead of info when emitting flush log message
- Updated docs about template
- Scripted update support courtesy of @Da-Wei
- Fix bug where max_retry_interval was not respected for HTTP error codes
- Bump manticore dependenvy to 0.5.2
- Now retry too busy and service unavailable errors infinitely.
- Never retry conflict errors
- Fix broken delete verb that would fail due to sending body with verb
- Serialize access to the connection pool in es-ruby client
- Add support for parent relationship
- Sprintf style 'action' parameters no longer raise a LogStash::ConfigurationError
- Improved the default template to disable fielddata on analyzed string fields. #309
- Dependend on logstash-core 2.0.0 released version, rather than RC1
- Improved the default template to use doc_values wherever possible.
- Template contains example mappings for every numeric type. You must map your own fields to make use of anything other than long and double.
- Fixed dependencies (#280)
- Fixed an RSpec test (#281)
- Made host config obsolete.
- New setting: timeout. This lets you control the behavior of a slow/stuck request to Elasticsearch that could be, for example, caused by network, firewall, or load balancer issues.
- Plugins were updated to follow the new shutdown semantic, this mainly allows Logstash to instruct input plugins to terminate gracefully, instead of using Thread.raise on the plugins' threads. Ref: elastic/logstash#3895
- Dependency on logstash-core update to 2.0
- Massive internal refactor of client handling
- Background HTTP sniffing support
- Reduced bulk request size to 500 from 5000 (better memory utilization)
- Removed 'host' config option. Now use 'hosts'
- Only support HTTP Protocol
- Removed support for node and transport protocols (now in logstash-output-elasticsearch_java)
- Add update API support
- Fix warning about Concurrent lib deprecation
- Update to Elasticsearch 1.7
- Add HTTP proxy support
- Upgrade Manticore HTTP Client
- Allow client certificates
- Add 'path' parameter for ES HTTP hosts behind a proxy on a subpath
- Add option to enable and disable SSL certificate verification during handshake (#160)
- Doc improvements for clarifying round robin behavior using hosts config
- Bump es-ruby version to 1.0.10
- Disable timeouts when using http protocol which would cause bulk requests to fail (#103)