Logstash 5.6.3: TCP input - sslsubject no longer getting set

Elastic Stack Logstash
1

I've run into an issue after upgrading to logstash 5.6.3

It seems that my TCP input, configured for TLS, is no longer setting the sslsubject field. If i downgrade back to 5.5.2, then sslsubject get correctly set again.

Here is my tcp input configuration:

tcp {
port => 6514
tags => ['syslog-tcp-tls']
ssl_verify => true
ssl_enable => true
ssl_cert => '/etc/logstash/logstash_tls.cert'
ssl_key => '/etc/logstash/logstash_tls.key.pk8'
ssl_extra_chain_certs => ['/etc/logstash/logstash_tls.ca']
}

Is anyone else experiencing this? I make extensive use of the sslsubject field to route logs and am eager to work this out.

2

For anyone else running into this, it looks like this commit:

broke sslsubject.

I've started an issue on the tcp-input github:

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.