Selecting the right versions for ELK


(Stefan Meisner Larsen) #1

There used to be a table showing which versions of elasticsearch, logstash and kibana that worked together. I can´t find it anymore...Can I just assume that the newest versions will work together?

/Stefan


(Mark Walkom) #2

That's a correct assumption :smile:


(Yu-Phing) #3

If it's any help, I am currently using the following versions in a redis+4node EL cluster+K on nginx proxy:
E=1.6
L=1.5
K=4.1


#4

Mark, That statement sort of flies in the face of the stance and statement that a very specific combination of ES and LS is required. This statment is still in the documentation/tutorials (https://github.com/elastic/logstash/blob/1.5/docs/tutorials/getting-started-with-logstash.asciidoc):

Note:
This tutorial specifies running Logstash %VERSION% with Elasticsearch %ELASTICSEARCH_VERSION%. Each release of Logstash has a recommended version of Elasticsearch to pair with. Make sure the versions match based on the Logstash version you’re running!

The support matrix (https://www.elastic.co/subscriptions/matrix) comes up a bit short on providing ES and LS compatibility


(Aaron Mildenstein) #5

@skebo5150, that matrix was only in regards to using protocol => node in your Elasticsearch output (the existing default), as this causes Logstash to join the Elasticsearch cluster as a client-only node. For the most part, all 1.x client versions should work with any 1.x Elasticsearch, though due to released security fixes, you should use a more recent version of Logstash with up-to-date jars.

When using protocol => http, Logstash becomes Elasticsearch version agnostic, and this is the recommended way to connect to Elasticsearch as the http protocol is much easier to secure. In fact, this is the only way to connect Logstash -> Elasticsearch using Shield.

With regards to Kibana, K4 requires Elasticsearch 1.4+, and Kibana 3 should still work with recent versions, but I recommend upgrading to K4.


(system) #6