116 lines
4.7 KiB
Plaintext
116 lines
4.7 KiB
Plaintext
[[breaking-changes-8.0]]
|
|
== Breaking changes in 8.0
|
|
++++
|
|
<titleabbrev>8.0</titleabbrev>
|
|
++++
|
|
|
|
This section discusses the changes that you need to be aware of when migrating
|
|
your application to Kibana 8.0.
|
|
|
|
coming[8.0.0]
|
|
|
|
See also <<release-highlights>> and <<release-notes>>.
|
|
|
|
* <<breaking_80_index_pattern_changes>>
|
|
* <<breaking_80_setting_changes>>
|
|
|
|
//NOTE: The notable-breaking-changes tagged regions are re-used in the
|
|
//Installation and Upgrade Guide
|
|
|
|
[float]
|
|
[[breaking_80_index_pattern_changes]]
|
|
=== Index pattern changes
|
|
|
|
[float]
|
|
==== Removed support for time-based internal index patterns
|
|
*Details:* Time-based interval index patterns were deprecated in 5.x. In 6.x,
|
|
you could no longer create time-based interval index patterns, but they continued
|
|
to function as expected. Support for these index patterns has been removed in 8.0.
|
|
|
|
*Impact:* You must migrate your time_based index patterns to a wildcard pattern,
|
|
for example, `logstash-*`.
|
|
|
|
|
|
[float]
|
|
[[breaking_80_setting_changes]]
|
|
=== Settings changes
|
|
|
|
// tag::notable-breaking-changes[]
|
|
[float]
|
|
==== Legacy browsers are now rejected by default
|
|
*Details:* `csp.strict` is now enabled by default, so Kibana will fail to load for older, legacy browsers that do not enforce basic Content Security Policy protections - notably Internet Explorer 11.
|
|
|
|
*Impact:* To allow Kibana to function for these legacy browsers, set `csp.strict: false`. Since this is about enforcing a security protocol, we *strongly discourage* disabling `csp.strict` unless it is critical that you support Internet Explorer 11.
|
|
|
|
[float]
|
|
==== Default logging timezone is now the system's timezone
|
|
*Details:* In prior releases the timezone used in logs defaulted to UTC. We now use the host machine's timezone by default.
|
|
|
|
*Impact:* To restore the previous behavior, in kibana.yml set `logging.timezone: UTC`.
|
|
|
|
[float]
|
|
==== Responses are never logged by default
|
|
*Details:* Previously responses would be logged if either `logging.json` was true, `logging.dest` was specified, or a `TTY` was detected.
|
|
|
|
*Impact:* To restore the previous behavior, in kibana.yml set `logging.events.response=*`.
|
|
|
|
[float]
|
|
==== `xpack.security.authProviders` is no longer valid
|
|
*Details:* The deprecated `xpack.security.authProviders` setting in the `kibana.yml` file has been removed.
|
|
|
|
*Impact:* Use `xpack.security.authc.providers` instead.
|
|
|
|
[float]
|
|
==== `xpack.security.authc.saml.realm` is now mandatory when using the SAML authentication provider
|
|
*Details:* Previously Kibana was choosing the appropriate Elasticsearch SAML realm automatically using the `Assertion Consumer Service`
|
|
URL that it derived from the actual server address. Starting in 8.0.0, the Elasticsearch SAML realm name that Kibana will use should be
|
|
specified explicitly.
|
|
|
|
*Impact:* Always define `xpack.security.authc.saml.realm` when using the SAML authentication provider.
|
|
|
|
[float]
|
|
==== `xpack.security.public` is no longer valid
|
|
*Details:* The deprecated `xpack.security.public` setting in the `kibana.yml` file has been removed.
|
|
|
|
*Impact:* Define `xpack.security.authc.saml.realm` when using the SAML authentication provider instead.
|
|
|
|
[float]
|
|
==== `/api/security/v1/saml` endpoint is no longer supported
|
|
*Details:* The deprecated `/api/security/v1/saml` endpoint is no longer supported.
|
|
|
|
*Impact:* Rely on `/api/security/saml/callback` endpoint when using SAML instead. This change should be reflected in Kibana `server.xsrf.whitelist` config as well as in Elasticsearch and Identity Provider SAML settings.
|
|
|
|
[float]
|
|
=== `optimize` directory is now in the `data` folder
|
|
*Details:* Generated bundles have moved to the configured `path.data` folder.
|
|
|
|
*Impact:* Any workflow that involved manually clearing generated bundles will have to be updated with the new path.
|
|
|
|
[float]
|
|
[[breaking_80_user_role_changes]]
|
|
=== User role changes
|
|
|
|
[float]
|
|
==== `kibana_user` role has been removed and `kibana_admin` has been added.
|
|
|
|
*Details:* The `kibana_user` role has been removed and `kibana_admin` has been added to better
|
|
reflect its intended use. This role continues to grant all access to every
|
|
{kib} feature. If you wish to restrict access to specific features, create
|
|
custom roles with {kibana-ref}/kibana-privileges.html[{kib} privileges].
|
|
|
|
*Impact:* Any users currently assigned the `kibana_user` role will need to
|
|
instead be assigned the `kibana_admin` role to maintain their current
|
|
access level.
|
|
|
|
[float]
|
|
[[breaking_80_reporting_changes]]
|
|
=== Reporting changes
|
|
|
|
[float]
|
|
==== Legacy job parameters are no longer supported
|
|
*Details:* POST URL snippets that were copied in Kibana 6.2 or earlier are no longer supported. These logs have
|
|
been deprecated with warnings that have been logged throughout 7.x. Please use Kibana UI to re-generate the
|
|
POST URL snippets if you depend on these for automated PDF reports.
|
|
|
|
// end::notable-breaking-changes[]
|