Weird logs pushed by logstash after going secure

Our elk stack is on version 7.6.2
A few days ago we pushed on our team logstash as secure to enable x-pack
we dit same for elastic nodes also kibana

Since we did that logstash is sending weird logs and parameters


is sending almost everything on a message as a parameter!!

We did not changed the filters

Does anyone know why this is happening?

Thank you

except that i'm wrong about whats adding those weird fields and it's more an elastic problem?

It's not really clear what the issue is here.

Can you show an example event?


have deleted confidential stuff on screen

If this can explain. Since elastic stack upgrade to secure with certificates, a lot of parameters are coming as a field, but they should not

before, i hade basic parameters like:

now, i have what you see on screen
but also:

those kind of things
almost everything on a message is going up as a parameter and so as a field..

Maybe someone has an option or idea to exclude those bad parameters using filters on logstash?
if for example a field start with [,(,,/," just ignore the field creation

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.