(output.elasticsearch) force user agent to be logstash

[stefnestor]

👋 howdy, team!

For the Logstash API outputs or at least for its Elasticsearch output would you kindly consider forcing its HTTP user agent to report as Logstash? "Manticore" still creeps through sometimes-almost-randomly which most team mates don't know how to interpret.

Example from Elastic Cloud proxy logging showing even recent versions affected by user_agent: Manticore *

Vs expected user agent formats Logstash/* like

TIA! 🙏

(Self-note: data uncertainty would be further exposed once es#112845 done, but concern would be reduced by ls#16448 if implemented instead.)

[robbavey]

@stefnestor That is surprising, as we have set the user-agent to Logstash/xxxx in all of our Elasticsearch plugins for a while now - we have shipped versions of the elasticsearch input, filter and output that populated the user-agent with Logstash/<VERSION> since 7.16.0. They used manticore-0.7.1, so I am surprised to see versions of manticore higher than that in your proxy logs.

What does the handling_version in the first table refer to?

Is there a way to understand which endpoints are being hit, so we can isolate where we believe the issue is? I would be particularly interested in seeing the proxy logs when the user-agent is Manticore > 0.7.1