Logstash 6.2.3 发布,开源服务端数据处理流程

发布于 2018年03月22日
Logstash 6.2.3 已发布,本次更新 core 没有任何变更,主要是插件方面的改变:


Fluent codec

  • Added ability to encode tags as fluent forward protocol tags

Netflow codec

  • Improved decoding performance of ASA ACL ids, MAC addresses and IPv4 addresses

KV Filter

  • Added option to split fields and values using a regex pattern (#55)

Mutate Filter

  • Introduced support for number strings using a decimal comma (e.g. 1,23), added convert support to specify integer_eu and float_eu

Beats Input

  • Improved memory management and back pressure handling

JDBC Input

  • Added fixes for thread and memory leak

Syslog Input

  • Changed syslog field to be a configurable option. This is useful for when codecs change the field containing the syslog data.

Elasticsearch Output

  • Changed sniffing behavior to connect only to http.enabled nodes that serve data for Elasticsearch 5.x and 6.x. Master-only nodes are ignored. (For Elasticsearch 1.x and 2.x, any nodes with http.enabled are added to the hosts lists, including master-only nodes.)

Logstash 是一个应用程序日志、事件的传输、处理、管理和搜索的平台。你可以用它来统一对应用程序日志进行收集管理,提供 Web 接口用于查询和统计。Logstash 现在也是 ElasticSearch 家族成员之一。


