Tcp output plugin
editTcp output plugin
edit- Plugin version: v6.2.1
- Released on: 2024-06-05
- Changelog
For other versions, see the Versioned plugin docs.
Getting Help
editFor questions about the plugin, open a topic in the Discuss forums. For bugs or feature requests, open an issue in Github. For the list of Elastic supported plugins, please consult the Elastic Support Matrix.
Description
editWrite events over a TCP socket.
By default this plugin uses the json
codec. In order to have each event json separated by a newline, use the json_lines
codec.
Can either accept connections from clients or connect to a server,
depending on mode
.
Tcp Output Configuration Options
editThis plugin supports the following configuration options plus the Common Options described later.
Setting | Input type | Required |
---|---|---|
Yes |
||
string, one of |
No |
|
Yes |
||
No |
||
a valid filesystem path |
Deprecated |
|
a valid filesystem path |
Deprecated |
|
a valid filesystem path |
No |
|
No |
||
No |
||
string, one of |
No |
|
Deprecated |
||
No |
||
a valid filesystem path |
No |
|
No |
||
No |
||
string, one of |
No |
|
No |
Also see Common Options for a list of options supported by all output plugins.
host
edit- This is a required setting.
- Value type is string
- There is no default value for this setting.
When mode is server
, the address to listen on.
When mode is client
, the address to connect to.
mode
edit-
Value can be any of:
server
,client
-
Default value is
"client"
Mode to operate in. server
listens for client connections,
client
connects to a server.
port
edit- This is a required setting.
- Value type is number
- There is no default value for this setting.
When mode is server
, the port to listen on.
When mode is client
, the port to connect to.
reconnect_interval
edit- Value type is number
-
Default value is
10
When connect failed,retry interval in sec.
ssl_cacert
editDeprecated in 6.2.0.
Replaced by ssl_certificate_authorities
- Value type is path
- There is no default value for this setting.
The SSL CA certificate, chainfile or CA path. The system CA path is automatically included.
ssl_cert
editDeprecated in 6.2.0.
Replaced by ssl_certificate
- Value type is path
- There is no default value for this setting.
SSL certificate path
ssl_certificate
edit- Value type is path
- There is no default value for this setting.
Path to certificate in PEM format. This certificate will be presented to the other part of the TLS connection.
ssl_certificate_authorities
edit- Value type is array
-
Default value is
[]
Validate client certificate or certificate chain against these authorities. You can define multiple files. All the certificates will be read and added to the trust store. The system CA path is automatically included.
ssl_cipher_suites
edit- Value type is a list of string
- There is no default value for this setting
The list of cipher suites to use, listed by priorities. Supported cipher suites vary depending on the Java and protocol versions.
ssl_client_authentication
edit-
Value can be any of:
none
,optional
,required
-
Default value is
none
Controls the server’s behavior in regard to requesting a certificate from client connections:
none
disables the client authentication. required
forces a client to present a certificate, while optional
requests a client certificate
but the client is not required to present one.
When mutual TLS is enabled (optional
or required
), the certificate presented by the client must be signed by trusted
ssl_certificate_authorities
(CAs).
Please note that the server does not validate the client certificate CN (Common Name) or SAN (Subject Alternative Name).
This setting can be used only if mode
is server
and ssl_certificate_authorities
is set.
ssl_enable
editDeprecated in 6.2.0.
Replaced by ssl_enabled
- Value type is boolean
-
Default value is
false
Enable SSL (must be set for other ssl_
options to take effect).
ssl_enabled
edit- Value type is boolean
-
Default value is
false
Enable SSL (must be set for other ssl_
options to take effect).
ssl_supported_protocols
edit- Value type is string
-
Allowed values are:
'TLSv1.1'
,'TLSv1.2'
,'TLSv1.3'
-
Default depends on the JDK being used. With up-to-date Logstash, the default is
['TLSv1.2', 'TLSv1.3']
.'TLSv1.1'
is not considered secure and is only provided for legacy applications.
List of allowed SSL/TLS versions to use when establishing a secure connection.
If you configure the plugin to use 'TLSv1.1'
on any recent JVM, such as the one packaged with Logstash,
the protocol is disabled by default and needs to be enabled manually by changing jdk.tls.disabledAlgorithms
in
the $JDK_HOME/conf/security/java.security configuration file. That is, TLSv1.1
needs to be removed from the list.
ssl_verification_mode
edit-
Value can be any of:
full
,none
-
Default value is
full
Defines how to verify the certificates presented by another part in the TLS connection:
full
validates that the server certificate has an issue date that’s within
the not_before and not_after dates; chains to a trusted Certificate Authority (CA), and
has a hostname or IP address that matches the names within the certificate.
none
performs no certificate validation.
This setting can be used only if mode
is client
.
ssl_verify
editDeprecated in 6.2.0.
Replaced by ssl_client_authentication
and ssl_verification_mode
- Value type is boolean
-
Default value is
false
Verify the identity of the other end of the SSL connection against the CA.
For input, sets the field sslsubject
to that of the client certificate.
Common Options
editThe following configuration options are supported by all output plugins:
Setting | Input type | Required |
---|---|---|
No |
||
No |
enable_metric
edit- Value type is boolean
-
Default value is
true
Disable or enable metric logging for this specific plugin instance. By default we record all the metrics we can, but you can disable metrics collection for a specific plugin.
id
edit- Value type is string
- There is no default value for this setting.
Add a unique ID
to the plugin configuration. If no ID is specified, Logstash will generate one.
It is strongly recommended to set this ID in your configuration. This is particularly useful
when you have two or more plugins of the same type. For example, if you have 2 tcp outputs.
Adding a named ID in this case will help in monitoring Logstash when using the monitoring APIs.
output { tcp { id => "my_plugin_id" } }
Variable substitution in the id
field only supports environment variables
and does not support the use of values from the secret store.