github-mirrors/logstash
1
0
Fork 0
mirror of https://github.com/elastic/logstash.git synced 2025-06-28 09:46:03 -04:00
Code Issues Projects Releases Packages Wiki Activity

Fixes based on tech writer review

Browse source
This commit is contained in:
Visha Angelova 2025-06-26 10:00:06 +02:00
parent 7a1498855e
commit 19a3461870
No known key found for this signature in database
GPG key ID: BBF4A80A612913BE
4 changed files with 9 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/reference/connecting-to-cloud.md
View file

@ -21,7 +21,7 @@ Note that the value of the [`api_key` option](logstash-docs-md://lsr/plugins-out
## Cloud ID [cloud-id] ## Cloud ID [cloud-id]
{{ls}} uses the Cloud ID, found in the Elastic Cloud web console, to build the Elasticsearch and Kibana hosts settings. It is a base64 encoded text value of about 120 characters made up of upper and lower case letters and numbers. If you have several Cloud IDs, you can add a label, which is ignored internally, to help you tell them apart. To add a label you should prefix your Cloud ID with a label and a `:` separator in this format "<label>:<cloud-id>" {{ls}} uses the Cloud ID, found in the Elastic Cloud web console, to build the Elasticsearch and Kibana hosts settings. It is a base64 encoded text value of about 120 characters made up of upper and lower case letters and numbers. If you have several Cloud IDs, you can add a label, which is ignored internally, to help you tell them apart. To add a label, prefix your Cloud ID with a label and a `:` separator in this format "<label>:<cloud-id>".
## Cloud Auth [cloud-auth] ## Cloud Auth [cloud-auth]

4
docs/reference/index.md
View file

@ -19,8 +19,8 @@ Logstash accelerates your insights by harnessing a greater volume and variety of
Youll use the {{ls}} [{{es}} output plugin](logstash-docs-md://lsr/plugins-outputs-elasticsearch.md) to send data to {{serverless-full}}. Youll use the {{ls}} [{{es}} output plugin](logstash-docs-md://lsr/plugins-outputs-elasticsearch.md) to send data to {{serverless-full}}.
Note these differences between {{es-serverless}} and both {{ech}} and self-managed {{es}}: Note these differences between {{es-serverless}} and both {{ech}} and self-managed {{es}}:
* You must use [**API keys**](/reference/secure-connection.md#ls-api-keys) to access {{serverless-full}} from {{ls}} as it does not support native user authentication. Any user-based security settings in your [{{es}} output plugin](logstash-docs-md://lsr/plugins-outputs-elasticsearch.md) configuration are ignored and may cause errors. * Use [**API keys**](/reference/secure-connection.md#ls-api-keys) to access {{serverless-full}} from {{ls}} as it does not support native user authentication.
Any user-based security settings in your [{{es}} output plugin](logstash-docs-md://lsr/plugins-outputs-elasticsearch.md) configuration are ignored and may cause errors.
* {{serverless-full}} uses **data streams** and [{{dlm}} ({{dlm-init}})](docs-content://manage-data/lifecycle/data-stream.md) instead of {{ilm}} ({{ilm-init}}). Any {{ilm-init}} settings in your [{{es}} output plugin](logstash-docs-md://lsr/plugins-outputs-elasticsearch.md) configuration are ignored and may cause errors. * {{serverless-full}} uses **data streams** and [{{dlm}} ({{dlm-init}})](docs-content://manage-data/lifecycle/data-stream.md) instead of {{ilm}} ({{ilm-init}}). Any {{ilm-init}} settings in your [{{es}} output plugin](logstash-docs-md://lsr/plugins-outputs-elasticsearch.md) configuration are ignored and may cause errors.
* **{{ls}} monitoring** is available through the [{{ls}} Integration](https://github.com/elastic/integrations/blob/main/packages/logstash/_dev/build/docs/README.md) in [Elastic Observability](docs-content://solutions/observability.md) on {{serverless-full}}. * **{{ls}} monitoring** is available through the [{{ls}} Integration](https://github.com/elastic/integrations/blob/main/packages/logstash/_dev/build/docs/README.md) in [Elastic Observability](docs-content://solutions/observability.md) on {{serverless-full}}.

13
docs/reference/secure-connection.md
View file

@ -37,8 +37,6 @@ Configuration example:
* `output {elasticsearch { cloud_id => "<cloud id>" api_key => "<api key>" } }` * `output {elasticsearch { cloud_id => "<cloud id>" api_key => "<api key>" } }`
Note that the value of the [`api_key` option](logstash-docs-md://lsr/plugins-outputs-elasticsearch.md#plugins-outputs-elasticsearch-api_key) is in the format `id:api_key`, where `id` and `api_key` are the values returned by the [Create API key API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-create-api-key).
For more details, check out [Grant access using API keys](#ls-api-keys). For more details, check out [Grant access using API keys](#ls-api-keys).
:::: ::::
@ -55,14 +53,11 @@ Configuration example:
* `output {elasticsearch { cloud_id => "<cloud id>" cloud_auth => "<cloud auth>" } }` * `output {elasticsearch { cloud_id => "<cloud id>" cloud_auth => "<cloud auth>" } }`
* `output {elasticsearch { cloud_id => "<cloud id>" api_key => "<api key>" } }` * `output {elasticsearch { cloud_id => "<cloud id>" api_key => "<api key>" } }`
Note that the value of the [`api_key` option](logstash-docs-md://lsr/plugins-outputs-elasticsearch.md#plugins-outputs-elasticsearch-api_key) is in the format `id:api_key`, where `id` and `api_key` are the values returned by the [Create API key API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-create-api-key). For more details, check out [Grant access using API keys](#ls-api-keys) or [Sending data to {{ech}}](/reference/connecting-to-cloud.md).
For more details, check out [Grant access using API keys](#ls-api-keys) or [Sending data to Elastic Cloud (hosted Elasticsearch Service)](/reference/connecting-to-cloud.md).
:::: ::::
### Secure communication with an on-premise {{es}} cluster [es-security-onprem] ### Secure communication with an on-premise {{es}} cluster [es-security-onprem]
If you are running {{es}} on your own hardware and using the Elasticsearch clusters default self-signed certificates, you need to complete a few more steps to establish secure communication between {{ls}} and {{es}}. If you are running {{es}} on your own hardware and using the Elasticsearch clusters default self-signed certificates, you need to complete a few more steps to establish secure communication between {{ls}} and {{es}}.
@ -296,7 +291,8 @@ Tips for creating API keys:
* {{ls}} can send both collected data and monitoring information to {{es}}. If you are sending both to the same cluster, you can use the same API key. For different clusters, you need an API key per cluster. * {{ls}} can send both collected data and monitoring information to {{es}}. If you are sending both to the same cluster, you can use the same API key. For different clusters, you need an API key per cluster.
* A single cluster can share a key for ingestion and monitoring purposes. * A single cluster can share a key for ingestion and monitoring purposes.
* A production cluster and a monitoring cluster require separate keys. * A production cluster and a monitoring cluster require separate keys.
* When you create an API key for Logstash on the UI of your deployment, once the API key is generated, make sure you select **Logstash** from the dropdown to copy the API key in the correct `id:api_key` format. Note that base64 encoded API keys are not supported in the {{ls}} configuration. * When you create an API key for {{ls}}, select **Logstash** from the **API key format** dropdown.
This option formats the API key in the correct `id:api_key` format required by {{ls}}.
:::{image} images/logstash_api_key_format.png :::{image} images/logstash_api_key_format.png
:alt: API key format dropdown set to {{ls}}: :alt: API key format dropdown set to {{ls}}:
@ -304,11 +300,10 @@ Tips for creating API keys:
:width: 400px :width: 400px
::: :::
Depending on the deployment, the UI for creating API keys and the API key format dropdown may be slightly different. The UI for API keys may look different depending on the deployment type.
::::{note} ::::{note}
For security reasons, we recommend using a unique API key per {{ls}} instance. You can create as many API keys per user as necessary. For security reasons, we recommend using a unique API key per {{ls}} instance. You can create as many API keys per user as necessary.
:::: ::::

5
docs/reference/using-logstash-with-elastic-integrations.md
View file

@ -60,12 +60,12 @@ output { <3>
if [@metadata][tenant] == "tenant01" { if [@metadata][tenant] == "tenant01" {
elasticsearch { elasticsearch {
cloud_id => "<cloud id>" cloud_id => "<cloud id>"
api_key => "<api key>" <4> api_key => "<api key>"
} }
} else if [@metadata][tenant] == "tenant02" { } else if [@metadata][tenant] == "tenant02" {
elasticsearch { elasticsearch {
cloud_id => "<cloud id>" cloud_id => "<cloud id>"
api_key => "<api key>" <4> api_key => "<api key>"
} }
} }
} }
@ -74,7 +74,6 @@ output { <3>
1. Use `filter-elastic_integration` as the first filter in your pipeline 1. Use `filter-elastic_integration` as the first filter in your pipeline
2. You can use additional filters as long as they follow `filter-elastic_integration` 2. You can use additional filters as long as they follow `filter-elastic_integration`
3. Sample config to output data to multiple destinations 3. Sample config to output data to multiple destinations
4. The format of the value is `id:api_key`, where `id` and `api_key` are the values returned by the [Create API key API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-security-create-api-key)