Add logs stream support to TCP and UDP packages

jamesagarside · claude · jamesagarside · commit 082ee65c8b07 · 2025-11-12T18:14:50.000Z
- Add use_logs_stream configuration option to enable sending data to the unified "logs" data stream - Update tcp.yml.hbs and udp.yml.hbs templates to conditionally route to logs index - Bump TCP version to 2.1.0 and UDP version to 2.3.0 - Follows the same pattern as filestream package This feature allows users to send all ingested data to the "logs" data stream instead of custom datasets when the "Write to logs streams" option is enabled in output settings. Note: System tests for logs-stream variants will fail due to a known elastic-package bug being fixed in elastic/elastic-package#3037. Policy tests pass, confirming the configuration is correct. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/packages/tcp/agent/input/tcp.yml.hbs b/packages/tcp/agent/input/tcp.yml.hbs
@@ -1,5 +1,9 @@
+{{#if use_logs_stream}}
+index: logs
+{{else}}
 data_stream:
   dataset: {{data_stream.dataset}}
+{{/if}}
 host: {{listen_address}}:{{listen_port}}
 {{#if pipeline}}
 pipeline: {{pipeline}}
diff --git a/packages/tcp/changelog.yml b/packages/tcp/changelog.yml
@@ -1,3 +1,8 @@
+- version: "2.1.0"
+  changes:
+    - description: Add logs stream support.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/TBD
 - version: "2.0.1"
   changes:
     - description: Changed owners.
diff --git a/packages/tcp/manifest.yml b/packages/tcp/manifest.yml
@@ -3,7 +3,7 @@ name: tcp
 title: Custom TCP Logs
 description: Collect raw TCP data from listening TCP port with Elastic Agent.
 type: input
-version: "2.0.1"
+version: "2.1.0"
 conditions:
   kibana:
     version: "^8.13.0 || ^9.0.0"
@@ -34,6 +34,14 @@ policy_templates:
         required: true
         show_user: true
         default: 8080
+      - name: use_logs_stream
+        type: bool
+        title: Use the "logs" data stream
+        description: |
+          Enabling this will send all the ingested data to the "logs" data stream. This feature is disabled by default. If enabled the Dataset name option is ignored. "Write to logs streams" option must be enabled in the output settings for this to work.
+        required: false
+        show_user: true
+        default: false
       - name: data_stream.dataset
         type: text
         title: Dataset name
diff --git a/packages/udp/agent/input/udp.yml.hbs b/packages/udp/agent/input/udp.yml.hbs
@@ -1,5 +1,9 @@
+{{#if use_logs_stream}}
+index: logs
+{{else}}
 data_stream:
   dataset: {{data_stream.dataset}}
+{{/if}}
 host: {{listen_address}}:{{listen_port}}
 {{#if pipeline}}
 pipeline: {{pipeline}}
diff --git a/packages/udp/changelog.yml b/packages/udp/changelog.yml
@@ -1,3 +1,8 @@
+- version: "2.3.0"
+  changes:
+    - description: Add logs stream support.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/TBD
 - version: "2.2.1"
   changes:
     - description: Changed owners.
diff --git a/packages/udp/manifest.yml b/packages/udp/manifest.yml
@@ -3,7 +3,7 @@ name: udp
 title: Custom UDP Logs
 description: Collect raw UDP data from listening UDP port with Elastic Agent.
 type: input
-version: "2.2.1"
+version: "2.3.0"
 conditions:
   kibana:
     version: "^8.13.0 || ^9.0.0"
@@ -36,6 +36,14 @@ policy_templates:
         required: true
         show_user: true
         default: 8080
+      - name: use_logs_stream
+        type: bool
+        title: Use the "logs" data stream
+        description: |
+          Enabling this will send all the ingested data to the "logs" data stream. This feature is disabled by default. If enabled the Dataset name option is ignored. "Write to logs streams" option must be enabled in the output settings for this to work.
+        required: false
+        show_user: true
+        default: false
       - name: data_stream.dataset
         type: text
         title: Dataset name
