Filebeat to support TLS1.3

Does filebeat 7.16.0 suport TLS 1.3?

Hi @Nikhitha.

Filebeat 7.16 has been built with Golang 1.17.2. Golang supports TLS 1.3 since Golang 1.13.

Is there a specific use case you have in mind?

Hello @Edoardo_Tenani ,
Trying to test if Filebeat supports TLS 1.3, So to do this we need a connection with Logstash. Logstash has input beats plugin which is currently not supporting TLS 1.3 Beats input plugin | Logstash Reference [8.1] | Elastic, so is there any way I can achieve this.

Have you tried configuring TLS 1.3 even if the documentation says max is 1.2? It may be the documentation is outdated.

I found an in progress issue for TLS 1.3 support in Logstash and asked clarification there.

This comment confirms that support for TLS 1.3 for beats is not yet available, but expected to land soon:

for Beats, unfortunately, the tls_max_version parameter is hard-coded to 1.2 thus it does not adapt to enabling 1.3 despite the underlying Java SSL engine having the support (likely relates to the cipher_suites parameter which also needs revisiting). part of this meta issue we plan to look into getting Beats ready for TLS 1.3 - work is done plugin by plugin, hopefully Beats will be completed within the next few weeks.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.