Kafka output plugin

The number of acknowledgments the producer requires the leader to have received before considering a request complete.

acks=0. The producer will not wait for any acknowledgment from the server.

acks=1. The leader will write the record to its local log, but will respond without waiting for full acknowledgement from all followers.

acks=all. The leader will wait for the full set of in-sync replicas before acknowledging the record.

The producer will attempt to batch records together into fewer requests whenever multiple records are being sent to the same partition. This helps performance on both the client and the server. This configuration controls the default batch size in bytes.

This is for bootstrapping and the producer will only use it for getting metadata (topics, partitions and replicas). The socket connections for sending the actual data will be established based on the broker information returned in the metadata. The format is host1:port1,host2:port2, and the list can be a subset of brokers or a VIP pointing to a subset of brokers.

The total bytes of memory the producer can use to buffer records waiting to be sent to the server.

Controls how DNS lookups are done. If set to use_all_dns_ips, Logstash tries all IP addresses returned for a hostname before failing the connection. If set to resolve_canonical_bootstrap_servers_only, each entry will be resolved and expanded into a list of canonical names.

The id string to pass to the server when making requests. The purpose of this is to be able to track the source of requests beyond just ip/port by allowing a logical application name to be included with the request

The compression type for all data generated by the producer. The default is none (meaning no compression). Valid values are none, gzip, snappy, lz4, or zstd.

Close idle connections after the number of milliseconds specified by this config.

The Java Authentication and Authorization Service (JAAS) API supplies user authentication and authorization services for Kafka. This setting provides the path to the JAAS file. Sample JAAS file for Kafka client:

KafkaClient {
  com.sun.security.auth.module.Krb5LoginModule required
  useTicketCache=true
  renewTicket=true
  serviceName="kafka";
  };

Please note that specifying jaas_path and kerberos_config in the config file will add these to the global JVM system properties. This means if you have multiple Kafka inputs, all of them would be sharing the same jaas_path and kerberos_config. If this is not desirable, you would have to run separate instances of Logstash on different JVM instances.

Optional path to kerberos config file. This is krb5.conf style as detailed in https://web.mit.edu/kerberos/krb5-1.12/doc/admin/conf_files/krb5_conf.html

Serializer class for the key of the message

The producer groups together any records that arrive in between request transmissions into a single batched request. Normally this occurs only under load when records arrive faster than they can be sent out. However in some circumstances the client may want to reduce the number of requests even under moderate load. This setting accomplishes this by adding a small amount of artificial delay—that is, rather than immediately sending out a record the producer will wait for up to the given delay to allow other records to be sent so that the sends can be batched together.

The maximum size of a request

A map of key value pairs, each corresponding to a header name and its value respectively. Example:

    message_headers => { "event_timestamp" => "%{@timestamp}" }

The key for the message.

The timeout setting for initial metadata request to fetch topic metadata.

The max time in milliseconds before a metadata refresh is forced.

The default behavior is to hash the message_key of an event to get the partition. When no message key is present, the plugin picks a partition in a round-robin fashion.

Available options for choosing a partitioning strategy are as follows:

The size of the TCP receive buffer to use when reading data

The amount of time to wait before attempting to reconnect to a given host when a connection fails.

The configuration controls the maximum amount of time the client will wait for the response of a request. If the response is not received before the timeout elapses the client will resend the request if necessary or fail the request if retries are exhausted.

The default retry behavior is to retry until successful. To prevent data loss, changing this setting is discouraged.

If you choose to set retries, a value greater than zero will cause the client to only retry a fixed number of times. This will result in data loss if a transport fault exists for longer than your retry count (network outage, Kafka down, etc).

A value less than zero is a configuration error.

Starting with version 10.5.0, this plugin will only retry exceptions that are a subclass of RetriableException and InterruptException. If producing a message throws any other exception, an error is logged and the message is dropped without retrying. This prevents the Logstash pipeline from hanging indefinitely.

In versions prior to 10.5.0, any exception is retried indefinitely unless the retries option is configured.

The amount of time to wait before attempting to retry a failed produce request to a given topic partition.

The SASL client callback handler class the specified SASL mechanism should use.

JAAS configuration setting local to this plugin instance, as opposed to settings using config file configured using jaas_path, which are shared across the JVM. This allows each plugin instance to have its own configuration.

If both sasl_jaas_config and jaas_path configurations are set, the setting here takes precedence.

Example (setting for Azure Event Hub):

    output {
      kafka {
        sasl_jaas_config => "org.apache.kafka.common.security.plain.PlainLoginModule required username='auser'  password='apassword';"
      }
    }

The Kerberos principal name that Kafka broker runs as. This can be defined either in Kafka’s JAAS config or in Kafka’s config.

SASL mechanism used for client connections. This may be any mechanism for which a security provider is available. GSSAPI is the default mechanism.

Security protocol to use, which can be either of PLAINTEXT,SSL,SASL_PLAINTEXT,SASL_SSL

The size of the TCP send buffer to use when sending data.

The endpoint identification algorithm, defaults to "https". Set to empty string "" to disable

The password of the private key in the key store file.

If client authentication is required, this setting stores the keystore path.

If client authentication is required, this setting stores the keystore password

The keystore type.

The JKS truststore path to validate the Kafka broker’s certificate.

The truststore password

The truststore type.

The topic to produce messages to

Serializer class for the value of the message

The codec used for output data. Output codecs are a convenient method for encoding your data before it leaves the output without needing a separate filter in your Logstash pipeline.

Disable or enable metric logging for this specific plugin instance. By default we record all the metrics we can, but you can disable metrics collection for a specific plugin.

Add a unique ID to the plugin configuration. If no ID is specified, Logstash will generate one. It is strongly recommended to set this ID in your configuration. This is particularly useful when you have two or more plugins of the same type. For example, if you have 2 kafka outputs. Adding a named ID in this case will help in monitoring Logstash when using the monitoring APIs.

output {
  kafka {
    id => "my_plugin_id"
  }
}