Release v4.23.0: ES|QL support (#235) · logstash-plugins/logstash-input-elasticsearch

v4.23.0
79f9f43
Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Verified
Learn about vigilant mode
Compare

Choose a tag to compare

Loading

View all tags

v4.23.0
79f9f43
Compare

Choose a tag to compare

Loading

View all tags
Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Verified
Learn about vigilant mode

mashhurs tagged this 06 Jun 20:54

* ES|QL support

- introduces query_type params, accepts dsl or esql option.
- adds ES|QL executor to execute ESQL query and parse/map response to event
validations
- make sure LS (8.17.4+) supports ES|QL (new elasticsearch-ruby client)
- make sure connected ES is greater than 8.11+
- query isn't empty or meaningful that starts with command syntax
- if query_type is esql, make sure we accept meaningful inputs and do not allow response_type, index, etc.. DSL related params
- informing if query isn't using METADATA which adds _id, _version to the response entries
- informing ineffective params such as size, search_api, target if users configure
ES|QL results field names in a dotted format. The plugin reproduces nested (example {a.b.c: 'val'} => {'a':{'b':{'c':'val'}}})

* Update CHANGELOG.md

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!