88///////////////////////////////////////////
99START - GENERATED VARIABLES, DO NOT EDIT!
1010///////////////////////////////////////////
11- :version: v6.9.1
12- :release_date: 2024-11-18
13- :changelog_url: https://github.com/logstash-plugins/logstash-input-beats/blob/v6.9.1 /CHANGELOG.md
11+ :version: v7.0.0
12+ :release_date: 2024-12-02
13+ :changelog_url: https://github.com/logstash-plugins/logstash-input-beats/blob/v7.0.0 /CHANGELOG.md
1414:include_path: ../../../../logstash/docs/include
1515///////////////////////////////////////////
1616END - GENERATED VARIABLES, DO NOT EDIT!
@@ -210,11 +210,13 @@ e|N/A
210210
211211This plugin supports the following configuration options plus the <<plugins-{type}s-{plugin}-common-options>> described later.
212212
213+ NOTE: As of version `7.0.0` of this plugin, a number of previously deprecated settings related to SSL have been removed.
214+ Please check out <<plugins-{type}s-{plugin}-obsolete-options>> for details.
215+
213216[cols="<,<,<",options="header",]
214217|=======================================================================
215218|Setting |Input type|Required
216219| <<plugins-{type}s-{plugin}-add_hostname>> |<<boolean,boolean>>|__Deprecated__
217- | <<plugins-{type}s-{plugin}-cipher_suites>> |<<array,array>>|__Deprecated__
218220| <<plugins-{type}s-{plugin}-client_inactivity_timeout>> |<<number,number>>|No
219221| <<plugins-{type}s-{plugin}-ecs_compatibility>> | <<string,string>>|No
220222| <<plugins-{type}s-{plugin}-enrich>> |<<string,string>>|No
@@ -223,7 +225,6 @@ This plugin supports the following configuration options plus the <<plugins-{typ
223225| <<plugins-{type}s-{plugin}-host>> |<<string,string>>|No
224226| <<plugins-{type}s-{plugin}-include_codec_tag>> |<<boolean,boolean>>|__Deprecated__
225227| <<plugins-{type}s-{plugin}-port>> |<<number,number>>|Yes
226- | <<plugins-{type}s-{plugin}-ssl>> |<<boolean,boolean>>|__Deprecated__
227228| <<plugins-{type}s-{plugin}-ssl_certificate>> |a valid filesystem path|No
228229| <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> |<<array,array>>|No
229230| <<plugins-{type}s-{plugin}-ssl_cipher_suites>> |<<array,array>>|No
@@ -232,11 +233,7 @@ This plugin supports the following configuration options plus the <<plugins-{typ
232233| <<plugins-{type}s-{plugin}-ssl_handshake_timeout>> |<<number,number>>|No
233234| <<plugins-{type}s-{plugin}-ssl_key>> |a valid filesystem path|No
234235| <<plugins-{type}s-{plugin}-ssl_key_passphrase>> |<<password,password>>|No
235- | <<plugins-{type}s-{plugin}-ssl_peer_metadata>> |<<boolean,boolean>>|__Deprecated__
236236| <<plugins-{type}s-{plugin}-ssl_supported_protocols>> |<<array,array>>|No
237- | <<plugins-{type}s-{plugin}-ssl_verify_mode>> |<<string,string>>, one of `["none", "peer", "force_peer"]`|__Deprecated__
238- | <<plugins-{type}s-{plugin}-tls_max_version>> |<<number,number>>|__Deprecated__
239- | <<plugins-{type}s-{plugin}-tls_min_version>> |<<number,number>>|__Deprecated__
240237|=======================================================================
241238
242239Also see <<plugins-{type}s-{plugin}-common-options>> for a list of options supported by all
@@ -254,14 +251,6 @@ input plugins.
254251
255252Flag to determine whether to add `host` field to event using the value supplied by the {plugin-singular} in the `hostname` field.
256253
257- [id="plugins-{type}s-{plugin}-cipher_suites"]
258- ===== `cipher_suites`
259- deprecated[6.4.0, Replaced by <<plugins-{type}s-{plugin}-ssl_cipher_suites>>]
260-
261- * Value type is <<array,array>>
262-
263- The list of cipher suites to use, listed by priorities.
264-
265254[id="plugins-{type}s-{plugin}-client_inactivity_timeout"]
266255===== `client_inactivity_timeout`
267256
@@ -400,17 +389,6 @@ deprecated[6.5.0, Replaced by <<plugins-{type}s-{plugin}-enrich>>]
400389
401390The port to listen on.
402391
403- [id="plugins-{type}s-{plugin}-ssl"]
404- ===== `ssl`
405- deprecated[6.6.0, Replaced by <<plugins-{type}s-{plugin}-ssl_enabled>>]
406-
407- * Value type is <<boolean,boolean>>
408- * Default value is `false`
409-
410- Events are by default sent in plain text. You can
411- enable encryption by setting `ssl` to true and configuring
412- the `ssl_certificate` and `ssl_key` options.
413-
414392[id="plugins-{type}s-{plugin}-ssl_certificate"]
415393===== `ssl_certificate`
416394
@@ -498,18 +476,6 @@ openssl pkcs8 -inform PEM -in path/to/logstash.key -topk8 -nocrypt -outform PEM
498476
499477SSL key passphrase to use.
500478
501- [id="plugins-{type}s-{plugin}-ssl_peer_metadata"]
502- ===== `ssl_peer_metadata`
503-
504- deprecated[6.5.0, Replaced by <<plugins-{type}s-{plugin}-enrich>>]
505-
506- * Value type is <<boolean,boolean>>
507- * Default value is `false`
508-
509- Enables storing client certificate information in event's metadata.
510-
511- This option is only valid when <<plugins-{type}s-{plugin}-ssl_client_authentication>> is set to `optional` or `required`.
512-
513479[id="plugins-{type}s-{plugin}-ssl_supported_protocols"]
514480===== `ssl_supported_protocols`
515481
@@ -527,45 +493,23 @@ NOTE: If you configure the plugin to use `'TLSv1.1'` on any recent JVM, such as
527493the protocol is disabled by default and needs to be enabled manually by changing `jdk.tls.disabledAlgorithms` in
528494the *$JDK_HOME/conf/security/java.security* configuration file. That is, `TLSv1.1` needs to be removed from the list.
529495
530- [id="plugins-{type}s-{plugin}-ssl_verify_mode"]
531- ===== `ssl_verify_mode`
532- deprecated[6.6.0, Replaced by <<plugins-{type}s-{plugin}-ssl_client_authentication>>]
533-
534- * Value can be any of: `none`, `peer`, `force_peer`
535- * Default value is `"none"`
536-
537- By default, the server doesn't do any client verification. If the <<plugins-{type}s-{plugin}-ssl_certificate_authorities>>
538- is configured, and no value or `none` is provided for this option, it defaults to `force_peer` instead of `none`.
539-
540- `peer` will make the server ask the client to provide a certificate.
541- If the client provides a certificate, it will be validated.
542-
543- `force_peer` will make the server ask the client to provide a certificate.
544- If the client doesn't provide a certificate, the connection will be closed.
496+ [id="plugins-{type}s-{plugin}-obsolete-options"]
497+ ==== Beats Input Obsolete Configuration Options
545498
546- When mutual TLS is enabled (`peer` or `force_peer`), the certificate presented by the client must be signed by trusted
547- <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> (CAs).
548- Please note that the server does not validate the client certificate CN (Common Name) or SAN (Subject Alternative Name).
549-
550- NOTE: This setting can be used only if <<plugins-{type}s-{plugin}-ssl_certificate_authorities>> is set.
499+ WARNING: As of version `7.0.0` of this plugin, some configuration options have been replaced.
500+ The plugin will fail to start if it contains any of these obsolete options.
551501
552- [id="plugins-{type}s-{plugin}-tls_max_version"]
553- ===== `tls_max_version`
554- deprecated[6.4.0, Replaced by <<plugins-{type}s-{plugin}-ssl_supported_protocols>>]
555502
556- * Value type is <<number,number>>
557-
558- The maximum TLS version allowed for the encrypted connections.
559- The value must be the one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLSv1.3
560-
561- [id="plugins-{type}s-{plugin}-tls_min_version"]
562- ===== `tls_min_version`
563- deprecated[6.4.0, Replaced by <<plugins-{type}s-{plugin}-ssl_supported_protocols>>]
564-
565- * Value type is <<number,number>>
566-
567- The minimum TLS version allowed for the encrypted connections.
568- The value must be one of the following: 1.1 for TLS 1.1, 1.2 for TLS 1.2, 1.3 for TLS 1.3
503+ [cols="<,<",options="header",]
504+ |=======================================================================
505+ |Setting|Replaced by
506+ | cipher_suites |<<plugins-{type}s-{plugin}-ssl_cipher_suites>>
507+ | ssl |<<plugins-{type}s-{plugin}-ssl_enabled>>
508+ | ssl_peer_metadata |<<plugins-{type}s-{plugin}-enrich>>
509+ | ssl_verify_mode |<<plugins-{type}s-{plugin}-ssl_client_authentication>>
510+ | tls_max_version |<<plugins-{type}s-{plugin}-ssl_supported_protocols>>
511+ | tls_min_version |<<plugins-{type}s-{plugin}-ssl_supported_protocols>>
512+ |=======================================================================
569513
570514
571515[id="plugins-{type}s-{plugin}-common-options"]
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments