Logstash-oss with non-removable x-pack



anyone else experienced that the logstash-oss version from the original elastic site contain x-pack stuff which to my understanding should not be in the oss packages?

  • install oss version from website (sidenote, oss doesn’t seem to be in the repository)
    curl https://artifacts.elastic.co/downloads/logstash/logstash-oss-6.7.0.rpm -o logstash-oss-6.7.0.rpm

  • when starting the oss version following error pops up:
    May 02 11:53:05 host logstash[8117]: [ERROR] 2019-05-02 11:53:05.366 [main] Logstash - java.lang.IllegalStateException: Logstash stopped processing because of an error: (LoadError) no such file to load -- x-pack/logstash_registry

  • ok, then I thought, just let’s remove logstash x-pack plugin
    /usr/share/logstash/bin/logstash-plugin remove x-pack
    -> nope :thinking:
    WARNING: All illegal access operations will be denied in a future release wAs of 6.3+ X-Pack is part of the default distribution and cannot be uninstalled; to remove all X-Pack features, you must install the OSS-only distribution of Logstash. ERROR: Operation aborted, cannot remove plugin, message: x-pack not a removable plugin

  • it was not working either way, so I had to remove the x-pack plugin from ugly way:
    mv -v /usr/share/logstash/x-pack /tmp/

Maybe I have overlooked something or maybe elastic doesn’t have a highest interest in creating functional oss packages?



i created an issue at github:

also I found another workaround:
one can deactivate/comment load_xpack unless LogStash::OSS in the code/file /usr/share/logstash/logstash-core/lib/logstash/plugins/registry.rb like below

def setup!
  #load_xpack unless LogStash::OSS