logstash-input-beats 6.1.2-java → 6.1.6-java

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 93be68545c73c99fadedfbc85c39ca333da359204980ac825ca7ee3cacda5595
4
- data.tar.gz: e5dc98aba318950d3aa4f8d2c8ae47e6bb42fd928b0d484b2ae7e7aa321fa83e
3
+ metadata.gz: bdfb961f6671cbce9a01f9df53f0e2fa83ec6ac2f14521b51f2dfe32508b181b
4
+ data.tar.gz: ebf3b53c4b9efd6dd9be89b76e3d46ee2cae71f9c01d481fabddb4104e0ea546
5
5
  SHA512:
6
- metadata.gz: 91149e12bae583a7386b740331302ceadf518ce973dac0a75f0288551f2717d648fad25a54b6a49f1a472467496c4eba5476dc4e6d3a0aae6368a576c5c78e89
7
- data.tar.gz: 552642c0592c7d09387f737b1cf520d02d9b5d1bbf8c958bd90fb698f763385300490b173d03768d0584951cb1409e10a4248490c327344934e9c4986c4d827b
6
+ metadata.gz: a060db6f3d84a1aaa41d7da73728c16d959484af1d85efce09ac811597288faf7d89a66bff10a7254f394ee51eb70b9723df8488b1c61916b9b48ea2bba6bc70
7
+ data.tar.gz: 467e8d01b6a2c94dcf0afffcea88aa967fb3518b6be42722691b85f4497864e8645d468b3adbdba07dd8900be23a9b858b50be3c005f777f4da49b021b40fd63
data/CHANGELOG.md CHANGED
@@ -1,3 +1,16 @@
1
+ ## 6.1.6
2
+ - [DOC] Applied more attributes to manage plugin name in doc content, and implemented conditional text processing. [#423](https://github.com/logstash-plugins/logstash-input-http/pull/423)
3
+
4
+ ## 6.1.5
5
+ - Changed jar dependencies to reflect newer versions [#425](https://github.com/logstash-plugins/logstash-input-beats/pull/425)
6
+
7
+ ## 6.1.4
8
+ - Fix: reduce error logging on connection resets [#424](https://github.com/logstash-plugins/logstash-input-beats/pull/424)
9
+
10
+ ## 6.1.3
11
+ - Fix: safe-guard byte buf allocation [#420](https://github.com/logstash-plugins/logstash-input-beats/pull/420)
12
+ - Updated Jackson dependencies
13
+
1
14
  ## 6.1.2
2
15
  - [DOC] Added naming attribute to control plugin name that appears in docs, and set up framework to make attributes viable in code sample
3
16
 
@@ -10,7 +23,7 @@
10
23
  `host` and `@metadata.ip_address` event fields. [#404](https://github.com/logstash-plugins/logstash-input-beats/pull/404)
11
24
 
12
25
  ## 6.0.14
13
- - Feat: log + unwrap generic SSL context exceptions [#405](https://github.com/logstash-plugins/logstash-input-beats/pull/405)
26
+ - Feat: log + unwrap generic SSL context exceptions [#405](https://github.com/logstash-plugins/logstash-input-beats/pull/405)
14
27
 
15
28
  ## 6.0.13
16
29
  - [DOC] Update links to use shared attributes
data/VERSION CHANGED
@@ -1 +1 @@
1
- 6.1.2
1
+ 6.1.6
data/docs/index.asciidoc CHANGED
@@ -2,6 +2,7 @@
2
2
  :type: input
3
3
  :default_codec: plain
4
4
  :plugin-uc: Beats
5
+ :plugin-singular: Beat
5
6
 
6
7
  ///////////////////////////////////////////
7
8
  START - GENERATED VARIABLES, DO NOT EDIT!
@@ -18,21 +19,27 @@ END - GENERATED VARIABLES, DO NOT EDIT!
18
19
 
19
20
  === {plugin-uc} input plugin
20
21
 
22
+ NOTE: The `input-elastic_agent` plugin is the next generation of the
23
+ `input-beats` plugin.
24
+ They currently share code and a https://github.com/logstash-plugins/logstash-input-beats[common codebase].
25
+
21
26
  include::{include_path}/plugin_header.asciidoc[]
22
27
 
23
28
  ==== Description
24
29
 
25
30
  This input plugin enables Logstash to receive events from the
26
- https://www.elastic.co/products/beats[Elastic Beats] framework.
31
+ {plugin-uc} framework.
27
32
 
28
33
  The following example shows how to configure Logstash to listen on port
29
34
  5044 for incoming {plugin-uc} connections and to index into Elasticsearch.
30
35
 
36
+ //Example for Beats
37
+ ifeval::["{plugin}"=="beats"]
31
38
  ["source","sh",subs="attributes"]
32
39
  -----
33
40
 
34
41
  input {
35
- beats {
42
+ {plugin} {
36
43
  port => 5044
37
44
  }
38
45
  }
@@ -45,9 +52,8 @@ output {
45
52
  }
46
53
  -----
47
54
  <1> `%{[@metadata][beat]}` sets the first part of the index name to the value
48
- of the `beat` metadata field and `%{[@metadata][version]}` sets the second part to
49
- the {plugin-uc}'s version. For example:
50
- metricbeat-7.4.0.
55
+ of the metadata field and `%{[@metadata][version]}` sets the second part to
56
+ the {plugin-singular} version. For example: metricbeat-6.1.6.
51
57
 
52
58
  Events indexed into Elasticsearch with the Logstash configuration shown here
53
59
  will be similar to events directly indexed by {plugin-uc} into Elasticsearch.
@@ -56,14 +62,56 @@ NOTE: If ILM is not being used, set `index` to
56
62
  `%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}` instead so
57
63
  Logstash creates an index per day, based on the `@timestamp` value of the events
58
64
  coming from {plugin-uc}.
65
+ endif::[]
66
+
67
+ //Example for Elastic Agent
68
+ ifeval::["{plugin}"!="beats"]
69
+ ["source","sh",subs="attributes"]
70
+ -----
71
+
72
+ input {
73
+ {plugin} {
74
+ port => 5044
75
+ }
76
+ }
59
77
 
60
- IMPORTANT: If you are shipping events that span multiple lines, you need to use
78
+ output {
79
+ elasticsearch {
80
+ hosts => ["http://localhost:9200"]
81
+ data_stream => "true"
82
+ }
83
+ }
84
+ -----
85
+
86
+ Events indexed into Elasticsearch with the Logstash configuration shown here
87
+ will be similar to events directly indexed by {plugin-uc} into Elasticsearch.
88
+ endif::[]
89
+
90
+
91
+ //Content for Beats
92
+ ifeval::["{plugin}"=="beats"]
93
+ [id="plugins-{type}s-{plugin}-multiline"]
94
+ ===== Multi-line events
95
+
96
+ If you are shipping events that span multiple lines, you need to use
61
97
  the {filebeat-ref}/multiline-examples.html[configuration options available in
62
98
  Filebeat] to handle multiline events before sending the event data to Logstash.
63
99
  You cannot use the {logstash-ref}/plugins-codecs-multiline.html[Multiline codec
64
100
  plugin] to handle multiline events. Doing so will result in the failure to start
65
101
  Logstash.
102
+ endif::[]
103
+
104
+ //Content for Elastic Agent
105
+ ifeval::["{plugin}"!="beats"]
106
+ [id="plugins-{type}s-{plugin}-limitations"]
107
+ ===== Elastic Agent and Fleet limitations
108
+
109
+ Early releases of Elastic Agent and Fleet have some limitations, including support for advanced Beats settings like multiline, processors, and so forth.
110
+ For more information, see {fleet-guide}/fleet-limitations.html[Limitations of this release].
111
+ endif::[]
66
112
 
113
+ //Content for Beats
114
+ ifeval::["{plugin}"=="beats"]
67
115
  [id="plugins-{type}s-{plugin}-versioned-indexes"]
68
116
  ==== Versioned indices
69
117
 
@@ -86,6 +134,7 @@ Logstash `@timestamp` field.
86
134
 
87
135
  This configuration results in daily index names like
88
136
  +filebeat-{logstash_version}-{localdate}+.
137
+ endif::[]
89
138
 
90
139
 
91
140
  [id="plugins-{type}s-{plugin}-ecs_metadata"]
@@ -103,8 +152,8 @@ output.
103
152
  |=======================================================================
104
153
  |ECS disabled |ECS v1 |Availability |Description
105
154
 
106
- |[host] |[@metadata][input][beats][host][name] |Always |Name or address of the beat host
107
- |[@metadata][ip_address] |[@metadata][input][beats][host][ip] |Always |IP address of the Beats client
155
+ |[host] |[@metadata][input][beats][host][name] |Always |Name or address of the {plugin-singular} host
156
+ |[@metadata][ip_address] |[@metadata][input][beats][host][ip] |Always |IP address of the {plugin-uc} client
108
157
  |[@metadata][tls_peer][status] | [@metadata][tls_peer][status] | When SSL related fields are populated | Contains "verified"/"unverified" labels in `disabled`, `true`/`false` in `v1`
109
158
  |[@metadata][tls_peer][protocol] | [@metadata][input][beats][tls][version_protocol] | When SSL status is "verified" | Contains the TLS version used (e.g. `TLSv1.2`)
110
159
  |[@metadata][tls_peer][subject] | [@metadata][input][beats][tls][client][subject] | When SSL status is "verified" | Contains the identity name of the remote end (e.g. `CN=artifacts-no-kpi.elastic.co`)
@@ -112,7 +161,7 @@ output.
112
161
  |=======================================================================
113
162
 
114
163
  [id="plugins-{type}s-{plugin}-options"]
115
- ==== {plugin-uc} Input Configuration Options
164
+ ==== {plugin-uc} input configuration options
116
165
 
117
166
  This plugin supports the following configuration options plus the <<plugins-{type}s-{plugin}-common-options>> described later.
118
167
 
@@ -151,7 +200,7 @@ input plugins.
151
200
  * Value type is <<boolean,boolean>>
152
201
  * Default value is `false`
153
202
 
154
- Flag to determine whether to add `host` field to event using the value supplied by the beat in the `hostname` field.
203
+ Flag to determine whether to add `host` field to event using the value supplied by the {plugin-singular} in the `hostname` field.
155
204
 
156
205
 
157
206
  [id="plugins-{type}s-{plugin}-cipher_suites"]
@@ -1,11 +1,11 @@
1
1
  # AUTOGENERATED BY THE GRADLE SCRIPT. DO NOT EDIT.
2
2
 
3
3
  require 'jar_dependencies'
4
- require_jar('io.netty', 'netty-all', '4.1.49.Final')
4
+ require_jar('io.netty', 'netty-all', '4.1.65.Final')
5
5
  require_jar('org.javassist', 'javassist', '3.24.0-GA')
6
6
  require_jar('com.fasterxml.jackson.core', 'jackson-core', '2.9.10')
7
7
  require_jar('com.fasterxml.jackson.core', 'jackson-annotations', '2.9.10')
8
- require_jar('com.fasterxml.jackson.core', 'jackson-databind', '2.9.10.4')
8
+ require_jar('com.fasterxml.jackson.core', 'jackson-databind', '2.9.10.8')
9
9
  require_jar('com.fasterxml.jackson.module', 'jackson-module-afterburner', '2.9.10')
10
10
  require_jar('org.apache.logging.log4j', 'log4j-api', '2.11.1')
11
- require_jar('org.logstash.beats', 'logstash-input-beats', '6.1.2')
11
+ require_jar('org.logstash.beats', 'logstash-input-beats', '6.1.6')
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: logstash-input-beats
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.1.2
4
+ version: 6.1.6
5
5
  platform: java
6
6
  authors:
7
7
  - Elastic
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-04-12 00:00:00.000000000 Z
11
+ date: 2021-07-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement
@@ -20,8 +20,8 @@ dependencies:
20
20
  - !ruby/object:Gem::Version
21
21
  version: '2.99'
22
22
  name: logstash-core-plugin-api
23
- prerelease: false
24
23
  type: :runtime
24
+ prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
26
26
  requirements:
27
27
  - - ">="
@@ -37,8 +37,8 @@ dependencies:
37
37
  - !ruby/object:Gem::Version
38
38
  version: '0'
39
39
  name: logstash-codec-plain
40
- prerelease: false
41
40
  type: :runtime
41
+ prerelease: false
42
42
  version_requirements: !ruby/object:Gem::Requirement
43
43
  requirements:
44
44
  - - ">="
@@ -51,8 +51,8 @@ dependencies:
51
51
  - !ruby/object:Gem::Version
52
52
  version: '1.0'
53
53
  name: concurrent-ruby
54
- prerelease: false
55
54
  type: :runtime
55
+ prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  requirements:
58
58
  - - "~>"
@@ -65,8 +65,8 @@ dependencies:
65
65
  - !ruby/object:Gem::Version
66
66
  version: 0.3.5
67
67
  name: thread_safe
68
- prerelease: false
69
68
  type: :runtime
69
+ prerelease: false
70
70
  version_requirements: !ruby/object:Gem::Requirement
71
71
  requirements:
72
72
  - - "~>"
@@ -79,8 +79,8 @@ dependencies:
79
79
  - !ruby/object:Gem::Version
80
80
  version: 2.0.5
81
81
  name: logstash-codec-multiline
82
- prerelease: false
83
82
  type: :runtime
83
+ prerelease: false
84
84
  version_requirements: !ruby/object:Gem::Requirement
85
85
  requirements:
86
86
  - - ">="
@@ -96,8 +96,8 @@ dependencies:
96
96
  - !ruby/object:Gem::Version
97
97
  version: 0.3.4
98
98
  name: jar-dependencies
99
- prerelease: false
100
99
  type: :runtime
100
+ prerelease: false
101
101
  version_requirements: !ruby/object:Gem::Requirement
102
102
  requirements:
103
103
  - - "~>"
@@ -113,8 +113,8 @@ dependencies:
113
113
  - !ruby/object:Gem::Version
114
114
  version: '1.1'
115
115
  name: logstash-mixin-ecs_compatibility_support
116
- prerelease: false
117
116
  type: :runtime
117
+ prerelease: false
118
118
  version_requirements: !ruby/object:Gem::Requirement
119
119
  requirements:
120
120
  - - "~>"
@@ -127,8 +127,8 @@ dependencies:
127
127
  - !ruby/object:Gem::Version
128
128
  version: 0.0.6
129
129
  name: flores
130
- prerelease: false
131
130
  type: :development
131
+ prerelease: false
132
132
  version_requirements: !ruby/object:Gem::Requirement
133
133
  requirements:
134
134
  - - "~>"
@@ -141,8 +141,8 @@ dependencies:
141
141
  - !ruby/object:Gem::Version
142
142
  version: '0'
143
143
  name: rspec
144
- prerelease: false
145
144
  type: :development
145
+ prerelease: false
146
146
  version_requirements: !ruby/object:Gem::Requirement
147
147
  requirements:
148
148
  - - ">="
@@ -155,8 +155,8 @@ dependencies:
155
155
  - !ruby/object:Gem::Version
156
156
  version: '0'
157
157
  name: stud
158
- prerelease: false
159
158
  type: :development
159
+ prerelease: false
160
160
  version_requirements: !ruby/object:Gem::Requirement
161
161
  requirements:
162
162
  - - ">="
@@ -169,8 +169,8 @@ dependencies:
169
169
  - !ruby/object:Gem::Version
170
170
  version: '0'
171
171
  name: pry
172
- prerelease: false
173
172
  type: :development
173
+ prerelease: false
174
174
  version_requirements: !ruby/object:Gem::Requirement
175
175
  requirements:
176
176
  - - ">="
@@ -183,8 +183,8 @@ dependencies:
183
183
  - !ruby/object:Gem::Version
184
184
  version: '0'
185
185
  name: rspec-wait
186
- prerelease: false
187
186
  type: :development
187
+ prerelease: false
188
188
  version_requirements: !ruby/object:Gem::Requirement
189
189
  requirements:
190
190
  - - ">="
@@ -197,8 +197,8 @@ dependencies:
197
197
  - !ruby/object:Gem::Version
198
198
  version: '0'
199
199
  name: logstash-devutils
200
- prerelease: false
201
200
  type: :development
201
+ prerelease: false
202
202
  version_requirements: !ruby/object:Gem::Requirement
203
203
  requirements:
204
204
  - - ">="
@@ -211,8 +211,8 @@ dependencies:
211
211
  - !ruby/object:Gem::Version
212
212
  version: '0'
213
213
  name: logstash-codec-json
214
- prerelease: false
215
214
  type: :development
215
+ prerelease: false
216
216
  version_requirements: !ruby/object:Gem::Requirement
217
217
  requirements:
218
218
  - - ">="
@@ -225,8 +225,8 @@ dependencies:
225
225
  - !ruby/object:Gem::Version
226
226
  version: '0'
227
227
  name: childprocess
228
- prerelease: false
229
228
  type: :development
229
+ prerelease: false
230
230
  version_requirements: !ruby/object:Gem::Requirement
231
231
  requirements:
232
232
  - - ">="
@@ -248,7 +248,6 @@ files:
248
248
  - PROTOCOL.md
249
249
  - README.md
250
250
  - VERSION
251
- - docs/agent.asciidoc
252
251
  - docs/index.asciidoc
253
252
  - lib/logstash-input-beats_jars.rb
254
253
  - lib/logstash/inputs/beats.rb
@@ -281,12 +280,12 @@ files:
281
280
  - spec/support/shared_examples.rb
282
281
  - vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-annotations/2.9.10/jackson-annotations-2.9.10.jar
283
282
  - vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-core/2.9.10/jackson-core-2.9.10.jar
284
- - vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-databind/2.9.10.4/jackson-databind-2.9.10.4.jar
283
+ - vendor/jar-dependencies/com/fasterxml/jackson/core/jackson-databind/2.9.10.8/jackson-databind-2.9.10.8.jar
285
284
  - vendor/jar-dependencies/com/fasterxml/jackson/module/jackson-module-afterburner/2.9.10/jackson-module-afterburner-2.9.10.jar
286
- - vendor/jar-dependencies/io/netty/netty-all/4.1.49.Final/netty-all-4.1.49.Final.jar
285
+ - vendor/jar-dependencies/io/netty/netty-all/4.1.65.Final/netty-all-4.1.65.Final.jar
287
286
  - vendor/jar-dependencies/org/apache/logging/log4j/log4j-api/2.11.1/log4j-api-2.11.1.jar
288
287
  - vendor/jar-dependencies/org/javassist/javassist/3.24.0-GA/javassist-3.24.0-GA.jar
289
- - vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/6.1.2/logstash-input-beats-6.1.2.jar
288
+ - vendor/jar-dependencies/org/logstash/beats/logstash-input-beats/6.1.6/logstash-input-beats-6.1.6.jar
290
289
  homepage: http://www.elastic.co/guide/en/logstash/current/index.html
291
290
  licenses:
292
291
  - Apache License (2.0)
@@ -309,8 +308,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
309
308
  - !ruby/object:Gem::Version
310
309
  version: '0'
311
310
  requirements: []
312
- rubyforge_project:
313
- rubygems_version: 2.6.13
311
+ rubygems_version: 3.0.6
314
312
  signing_key:
315
313
  specification_version: 4
316
314
  summary: Receives events from the Elastic Beats framework
data/docs/agent.asciidoc DELETED
@@ -1,320 +0,0 @@
1
- :plugin: agent
2
- :type: input
3
- :default_codec: plain
4
-
5
- ///////////////////////////////////////////
6
- START - GENERATED VARIABLES, DO NOT EDIT!
7
- ///////////////////////////////////////////
8
-
9
- // Copied from Beats generated plugin output.
10
- // Not actively generated at this time!
11
-
12
- ////
13
- :version: %VERSION%
14
- :release_date: %RELEASE_DATE%
15
- :changelog_url: %CHANGELOG_URL%
16
- :include_path: ../../../../logstash/docs/include
17
- ////
18
-
19
- ///////////////////////////////////////////
20
- END - GENERATED VARIABLES, DO NOT EDIT!
21
- ///////////////////////////////////////////
22
-
23
- [id="plugins-{type}s-{plugin}"]
24
-
25
- === Agent input plugin
26
-
27
- include::{include_path}/plugin_header.asciidoc[]
28
-
29
- ==== Description
30
-
31
- This input plugin enables Logstash to receive events from the
32
- https://www.elastic.co/products/beats[Elastic Beats] framework.
33
-
34
- The following example shows how to configure Logstash to listen on port
35
- 5044 for incoming Beats connections and to index into Elasticsearch.
36
-
37
- [source,logstash]
38
- -----
39
-
40
- input {
41
- beats {
42
- port => 5044
43
- }
44
- }
45
-
46
- output {
47
- elasticsearch {
48
- hosts => ["http://localhost:9200"]
49
- index => "%{[@metadata][beat]}-%{[@metadata][version]}" <1>
50
- }
51
- }
52
- -----
53
- <1> `%{[@metadata][beat]}` sets the first part of the index name to the value
54
- of the `beat` metadata field and `%{[@metadata][version]}` sets the second part to
55
- the Beat's version. For example:
56
- metricbeat-7.4.0.
57
-
58
- Events indexed into Elasticsearch with the Logstash configuration shown here
59
- will be similar to events directly indexed by Beats into Elasticsearch.
60
-
61
- NOTE: If ILM is not being used, set `index` to
62
- `%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}` instead so
63
- Logstash creates an index per day, based on the `@timestamp` value of the events
64
- coming from Beats.
65
-
66
- IMPORTANT: If you are shipping events that span multiple lines, you need to use
67
- the {filebeat-ref}/multiline-examples.html[configuration options available in
68
- Filebeat] to handle multiline events before sending the event data to Logstash.
69
- You cannot use the {logstash-ref}/plugins-codecs-multiline.html[Multiline codec
70
- plugin] to handle multiline events. Doing so will result in the failure to start
71
- Logstash.
72
-
73
- [id="plugins-{type}s-{plugin}-versioned-indexes"]
74
- ==== Versioned Beats Indices
75
-
76
- To minimize the impact of future schema changes on your existing indices and
77
- mappings in Elasticsearch, configure the Elasticsearch output to write to
78
- versioned indices. The pattern that you specify for the `index` setting
79
- controls the index name:
80
-
81
- [source,yaml]
82
- ----
83
- index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
84
- ----
85
-
86
- `%{[@metadata][beat]}`:: Sets the first part of the index name to the value of
87
- the `beat` metadata field, for example, `filebeat`.
88
- `%{[@metadata][version]}`:: Sets the second part of the name to the Beat
89
- version, for example, +{logstash_version}+.
90
- `%{+YYYY.MM.dd}`:: Sets the third part of the name to a date based on the
91
- Logstash `@timestamp` field.
92
-
93
- This configuration results in daily index names like
94
- +filebeat-{logstash_version}-{localdate}+.
95
-
96
-
97
- [id="plugins-{type}s-{plugin}-ecs_metadata"]
98
- ==== Event Metadata and the Elastic Common Schema (ECS)
99
- When decoding `beats` events, this plugin adds two fields related to the event: the deprecated `host`
100
- which contains the `hostname` provided by beats and the `ip_address` containing the remote address
101
- of the client's connection. When <<plugins-{type}s-{plugin}-ecs_compatibility,ECS compatibility mode>> is
102
- enabled these are now moved in ECS compatible namespace.
103
-
104
- [id="plugins-{type}s-{plugin}-options"]
105
- ==== Agent Input Configuration Options
106
-
107
- This plugin supports the following configuration options plus the <<plugins-{type}s-{plugin}-common-options>> described later.
108
-
109
- [cols="<,<,<",options="header",]
110
- |=======================================================================
111
- |Setting |Input type|Required
112
- | <<plugins-{type}s-{plugin}-add_hostname>> |<<boolean,boolean>>|No
113
- | <<plugins-{type}s-{plugin}-cipher_suites>> |<<array,array>>|No
114
- | <<plugins-{type}s-{plugin}-client_inactivity_timeout>> |<<number,number>>|No
115
- | <<plugins-{type}s-{plugin}-ecs_compatibility>> | <<string,string>>|No
116
- | <<plugins-{type}s-{plugin}-host>> |<<string,string>>|No
117
- | <<plugins-{type}s-{plugin}-include_codec_tag>> |<<boolean,boolean>>|No
118
- | <<plugins-{type}s-{plugin}-port>> |<<number,number>>|Yes
119
- | <<plugins-{type}s-{plugin}-ssl>> |<<boolean,boolean>>|No
120
- | <<plugins-{type}s-{plugin}-ssl_certificate>> |a valid filesystem path|No
121
- | <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> |<<array,array>>|No
122
- | <<plugins-{type}s-{plugin}-ssl_handshake_timeout>> |<<number,number>>|No
123
- | <<plugins-{type}s-{plugin}-ssl_key>> |a valid filesystem path|No
124
- | <<plugins-{type}s-{plugin}-ssl_key_passphrase>> |<<password,password>>|No
125
- | <<plugins-{type}s-{plugin}-ssl_verify_mode>> |<<string,string>>, one of `["none", "peer", "force_peer"]`|No
126
- | <<plugins-{type}s-{plugin}-ssl_peer_metadata>> |<<boolean,boolean>>|No
127
- | <<plugins-{type}s-{plugin}-tls_max_version>> |<<number,number>>|No
128
- | <<plugins-{type}s-{plugin}-tls_min_version>> |<<number,number>>|No
129
- |=======================================================================
130
-
131
- Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
132
- input plugins.
133
-
134
- &nbsp;
135
-
136
- [id="plugins-{type}s-{plugin}-add_hostname"]
137
- ===== `add_hostname`
138
-
139
- deprecated[6.0.0, The default value has been changed to `false`. In 7.0.0 this setting will be removed]
140
-
141
- * Value type is <<boolean,boolean>>
142
- * Default value is `false`
143
-
144
- Flag to determine whether to add `host` field to event using the value supplied by the beat in the `hostname` field.
145
-
146
-
147
- [id="plugins-{type}s-{plugin}-cipher_suites"]
148
- ===== `cipher_suites`
149
-
150
- * Value type is <<array,array>>
151
- * Default value is `java.lang.String[TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]@459cfcca`
152
-
153
- The list of ciphers suite to use, listed by priorities.
154
-
155
- [id="plugins-{type}s-{plugin}-client_inactivity_timeout"]
156
- ===== `client_inactivity_timeout`
157
-
158
- * Value type is <<number,number>>
159
- * Default value is `60`
160
-
161
- Close Idle clients after X seconds of inactivity.
162
-
163
- [id="plugins-{type}s-{plugin}-ecs_compatibility"]
164
- ===== `ecs_compatibility`
165
-
166
- * Value type is <<string,string>>
167
- * Supported values are:
168
- ** `disabled`: unstructured connection metadata added at root level
169
- ** `v1`: structured connection metadata added under ECS compliant namespaces
170
- * Default value depends on which version of Logstash is running:
171
- ** When Logstash provides a `pipeline.ecs_compatibility` setting, its value is used as the default
172
- ** Otherwise, the default value is `disabled`.
173
-
174
- Controls this plugin's compatibility with the {ecs-ref}[Elastic Common Schema (ECS)].
175
- The value of this setting affects the keys for the Beats connection's metadata on the event:
176
-
177
- .Metadata Location by `ecs_compatibility` value
178
- [cols="<l,<l,e,<e"]
179
- |=======================================================================
180
- |`disabled` |`v1` |Availability |Description
181
-
182
- |[host] |[@metadata][input][beats][host][name] |Always |Name or address of the beat host
183
- |[@metadata][ip_address] |[@metadata][input][beats][host][ip] |Always |IP address of the Beats client
184
- |[@metadata][tls_peer][status] | [@metadata][tls_peer][status] | When SSL related fields are populated | Contains "verified"/"unverified" labels in `disabled`, `true`/`false` in `v1`
185
- |[@metadata][tls_peer][protocol] | [@metadata][input][beats][tls][version_protocol] | When SSL status is "verified" | Contains the TLS version used (e.g. `TLSv1.2`)
186
- |[@metadata][tls_peer][subject] | [@metadata][input][beats][tls][client][subject] | When SSL status is "verified" | Contains the identity name of the remote end (e.g. `CN=artifacts-no-kpi.elastic.co`)
187
- |[@metadata][tls_peer][cipher_suite] | [@metadata][input][beats][tls][cipher] | When SSL status is "verified" | Contains the name of cipher suite used (e.g. `TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256`)
188
- |=======================================================================
189
-
190
- [id="plugins-{type}s-{plugin}-host"]
191
- ===== `host`
192
-
193
- * Value type is <<string,string>>
194
- * Default value is `"0.0.0.0"`
195
-
196
- The IP address to listen on.
197
-
198
- [id="plugins-{type}s-{plugin}-include_codec_tag"]
199
- ===== `include_codec_tag`
200
-
201
- * Value type is <<boolean,boolean>>
202
- * Default value is `true`
203
-
204
-
205
-
206
- [id="plugins-{type}s-{plugin}-port"]
207
- ===== `port`
208
-
209
- * This is a required setting.
210
- * Value type is <<number,number>>
211
- * There is no default value for this setting.
212
-
213
- The port to listen on.
214
-
215
- [id="plugins-{type}s-{plugin}-ssl"]
216
- ===== `ssl`
217
-
218
- * Value type is <<boolean,boolean>>
219
- * Default value is `false`
220
-
221
- Events are by default sent in plain text. You can
222
- enable encryption by setting `ssl` to true and configuring
223
- the `ssl_certificate` and `ssl_key` options.
224
-
225
- [id="plugins-{type}s-{plugin}-ssl_certificate"]
226
- ===== `ssl_certificate`
227
-
228
- * Value type is <<path,path>>
229
- * There is no default value for this setting.
230
-
231
- SSL certificate to use.
232
-
233
- [id="plugins-{type}s-{plugin}-ssl_certificate_authorities"]
234
- ===== `ssl_certificate_authorities`
235
-
236
- * Value type is <<array,array>>
237
- * Default value is `[]`
238
-
239
- Validate client certificates against these authorities.
240
- You can define multiple files or paths. All the certificates will
241
- be read and added to the trust store. You need to configure the `ssl_verify_mode`
242
- to `peer` or `force_peer` to enable the verification.
243
-
244
-
245
- [id="plugins-{type}s-{plugin}-ssl_handshake_timeout"]
246
- ===== `ssl_handshake_timeout`
247
-
248
- * Value type is <<number,number>>
249
- * Default value is `10000`
250
-
251
- Time in milliseconds for an incomplete ssl handshake to timeout
252
-
253
- [id="plugins-{type}s-{plugin}-ssl_key"]
254
- ===== `ssl_key`
255
-
256
- * Value type is <<path,path>>
257
- * There is no default value for this setting.
258
-
259
- SSL key to use.
260
- NOTE: This key need to be in the PKCS8 format, you can convert it with https://www.openssl.org/docs/man1.1.0/apps/pkcs8.html[OpenSSL]
261
- for more information.
262
-
263
- [id="plugins-{type}s-{plugin}-ssl_key_passphrase"]
264
- ===== `ssl_key_passphrase`
265
-
266
- * Value type is <<password,password>>
267
- * There is no default value for this setting.
268
-
269
- SSL key passphrase to use.
270
-
271
- [id="plugins-{type}s-{plugin}-ssl_verify_mode"]
272
- ===== `ssl_verify_mode`
273
-
274
- * Value can be any of: `none`, `peer`, `force_peer`
275
- * Default value is `"none"`
276
-
277
- By default the server doesn't do any client verification.
278
-
279
- `peer` will make the server ask the client to provide a certificate.
280
- If the client provides a certificate, it will be validated.
281
-
282
- `force_peer` will make the server ask the client to provide a certificate.
283
- If the client doesn't provide a certificate, the connection will be closed.
284
-
285
- This option needs to be used with `ssl_certificate_authorities` and a defined list of CAs.
286
-
287
- [id="plugins-{type}s-{plugin}-ssl_peer_metadata"]
288
- ===== `ssl_peer_metadata`
289
-
290
- * Value type is <<boolean,boolean>>
291
- * Default value is `false`
292
-
293
- Enables storing client certificate information in event's metadata.
294
-
295
- This option is only valid when `ssl_verify_mode` is set to `peer` or `force_peer`.
296
-
297
- [id="plugins-{type}s-{plugin}-tls_max_version"]
298
- ===== `tls_max_version`
299
-
300
- * Value type is <<number,number>>
301
- * Default value is `1.2`
302
-
303
- The maximum TLS version allowed for the encrypted connections. The value must be the one of the following:
304
- 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2
305
-
306
- [id="plugins-{type}s-{plugin}-tls_min_version"]
307
- ===== `tls_min_version`
308
-
309
- * Value type is <<number,number>>
310
- * Default value is `1`
311
-
312
- The minimum TLS version allowed for the encrypted connections. The value must be one of the following:
313
- 1.0 for TLS 1.0, 1.1 for TLS 1.1, 1.2 for TLS 1.2
314
-
315
-
316
-
317
- [id="plugins-{type}s-{plugin}-common-options"]
318
- include::{include_path}/{type}.asciidoc[]
319
-
320
- :default_codec!: