Synesis Lite Syslog Versions Save

v1.1.0 is a minor release. No migration of data from v1.0.x to v1.1.0 is required.

Breaking Changes

sýnesis™ Lite for Syslog v1.1.0 provides support Elastic Stack 7.0.x. The support for document types has been completely removed in Elasticsearch 7.0.0. This has required changes to the index templates provided with sýnesis™ Lite for Syslog. You MUST first successfully upgrade to Elastic Stack 7.0.x PRIOR to using sýnesis™ Lite for Syslog v1.1.0.

New Features

• Support for Elastic Stack 7.0.x
• Support for running Logstash in a Docker container.
• Support for RFC 5424 formatted messages.
• Listen on both IPv4 and IPv6 addresses.
• Optionally send data to multiple Elasticsearch nodes.
• Support caching of DNS responses.

Updates

• Support for additional syslog timestamp formats.

1. A few very minor grok changes.

2. Also added files for /etc/profile.d and /etc/systemd/system/logstash.service.d which contain the environment variables and might be helpful as you get started.

This is the initial release of sýnesis Lite for Syslog. It was developed and tested using Elastic Stack 6.1.1.

NOTE! The Logstash pipeline should work on versions 5.x of the Elastic Stack. However as the dashboards leverage the input controls visualization first introduced in Kibana 6.1.0, they will not be able to be imported completely into previous versions of Kibana.