- Breaking: Updated plugin to use new Java Event APIs for Elastic Stack/Logstash 5.x
- Slightly changed the format that the codec is available for the IBM Qradar Log Event Extended Format (LEEF)
- Switch in-place sub! to sub when extracting
cef_version
. new Logstash Java Event does not support in-place String changes.
- Depend on logstash-core-plugin-api instead of logstash-core, removing the need to mass update plugins on major releases of logstash
- New dependency requirements for logstash-core for the 5.0 release
- Implements
encode
with escaping according to the CEF specification. - Config option
sev
is deprecated, useseverity
instead.
- Plugins were updated to follow the new shutdown semantic, this mainly allows Logstash to instruct input plugins to terminate gracefully, instead of using Thread.raise on the plugins' threads. Ref: elastic/logstash#3895
- Dependency on logstash-core update to 2.0