After upgrading to 7.10.1, it produced a Dissectfailure/Warning that the "message"-field could not be found.
I tested with the file output and the message field was part of the event before it reached the dissect block.
After moving the remove_field option to a later block, everything works fine again, so I would guess that the execution order of the common options has changed to before the filter.
I do not know if I should file it here or it is a logstash issue - personally, I think being able to remove a field after dissecting it without needing to open a new filter block was the more readable solution.
The following configuration worked fine in Logstash Version 7.8.1:
After upgrading to 7.10.1, it produced a Dissectfailure/Warning that the
"message"-field could not be found.I tested with the file output and the message field was part of the event before it reached the dissect block. After moving the
remove_fieldoption to a later block, everything works fine again, so I would guess that the execution order of the common options has changed to before the filter.I do not know if I should file it here or it is a logstash issue - personally, I think being able to remove a field after dissecting it without needing to open a new filter block was the more readable solution.