WARNING: Version 5.6 of the Elastic Stack has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Breaking Changes in 5.0
editBreaking Changes in 5.0
edit- X-Pack
-
-
All settings have been updated to use the
xpack
prefix. For more information, see Migrating to X-Pack.
-
All settings have been updated to use the
- Licensing
-
-
Licensing endpoint has been renamed from
/_license
to/_xpack/license
.
-
Licensing endpoint has been renamed from
- Monitoring
-
-
http
exporters no longer honor thekeep_alive
setting as this is handled by the low-level REST Client. -
All
monitoring.agent.*
settings have been changed to more closely match other monitoring collection settings:xpack.monitoring.collection.*
andxpack.monitoring.exporters.*
. - The Index page’s Lucene Memory chart was replaced with an Index Memory chart, which includes a superset of the information. Fielddata, which has become a significantly less common issue, has been rolled into the Index Memory chart.
- To use an external monitoring cluster to monitor an Elasticsearch 5.0 cluster, you must run Elasticsearch 5.0 on the monitoring cluster. For more information about external monitoring clusters, see Setting up a Separate Monitoring Cluster.
-
All settings have been updated to use the
xpack.monitoring
prefix. For more information, see Migrating to X-Pack.
-
- Reporting
-
-
Reporting encryption keys configured in
kibana.yml
must now be at least 32 characters.
-
Reporting encryption keys configured in
- Security
-
-
Security encryption keys configured in
kibana.yml
must now be at least 32 characters. - The SSL configuration settings have been changed to use an easier to use format that also supports PEM files.
-
Removed the
files.users
andfiles.users_roles
settings from thefile
realm. -
Removed the setting that allowed for a custom
roles.yml
file location to be specified. Theroles.yml
file must always be in theCONF_DIR/x-pack
directory. -
Removed the setting that allowed for a custom system key location to be
defined. The
system_key
file must always be in theCONF_DIR/x-pack
directory. -
The
logfile
output for auditing no longer uses the log level to determine which events to log. The events are now controlled in the same way as theindex
output. - Changed the syntax for field-level-security. Roles stored in the old format in native or file based realm will continue to work but new roles must use the new format.
-
The
esusers
realm has been renamed tofile
and theesusers
command line tool has been renamed tousers
. Note that the User and Role APIs are the preferred way to manage internal users. -
Elasticsearch enables HTTP compression by default now. To mitigate potential
security risks like the BREACH attack, X-Pack security disables compression if HTTPS
is enabled. If Elasticsearch should compress HTTPS traffic, please explicitly
set
http.compression
totrue
in ‘elasticsearch.yml’. -
You must specify all required values to override the global SSL configuration
in a profile. If any values are omitted, the entire configuration falls back to
the global settings,
xpack.security.ssl.*
. -
The
skipSslCheck
anduseUnsafeSessions
for Kibana have been replaced byxpack.security.secureCookies
inkibana.yml
. SSL is now disabled by default. You can start Kibana without making any changes tokibana.yml
after you install X-Pack. Do not deploy to production without enabling SSL/TLS encryption! - A default role is now applied to all users, including anonymous users. The default role enables users to access the authenticate endpoint, change their own passwords, and get information about themselves.
-
All settings have been updated to use the
xpack.security
prefix. For more information, see Migrating to X-Pack.
-
Security encryption keys configured in
- Watcher
-
-
The
force
parameter of the Delete Watch Action has been removed. -
The use of the
_timestamp
field for the execution time has been removed. The user now needs to set this explicitly in theindex
action. -
The
_xpack/watcher/_start
,_xpack/watcher/_restart
, and_xpack/watcher/_stop
REST endpoints requirePOST
actions instead ofPUT
actions. The deprecated_watcher/_start
,_watcher/_restart
, and_watcher/_stop
endpoints still allowPUT
. -
Watch history now uses a versioned template. The index names also changed
and contain this version. So instead of
.watch_history_2016.02.03
the new index name is.watcher-history-1-2016.02.03
, where1
is the current version. If you are using X-Pack security, this might require you to change roles/permissions because of the different index names! The old index template namedwatch_history
can safely be deleted. However, it does not interfere with the new index template. -
The setting that enables scripting only for Watcher has been renamed from
script.engine.groovy.inline.elasticsearch-watcher_watch
toscript.engine.groovy.inline.xpack_watch
. -
Elasticsearch has several breaking changes in the query DSL, including that
search_type=count
is no longer supported. Check to see if your watches use this search type and upgrade them to usesize: 0
in the request body as needed. For more information about breaking changes including search changes, see breaking changes section in Elasticsearch. -
All account SMTP timeouts (
smtp.timeout
,smtp.connection_timeout
andsmtp.write_timeout
) now require a time value instead of a number in milliseconds. -
The notification settings for PagerDuty, Slack, HipChat, and email have been
moved from
watcher.actions
toxpack.notification
. You need to update your Elasticsearch configuration accordingly. -
All watcher endpoints have been renamed from
/_watcher/XYZ
to/_xpack/watcher/XYZ
. You might need to fix this in external scripts as well as in your watches. -
The notification settings have been stripped of their
service
part. Sowatcher.actions.slack.service.default_account
becomesxpack.notification.slack.default_account
-
The setting
watcher.shield.encrypt_sensitive_data
has been renamed toxpack.watcher.encrypt_sensitive_data
-
The