false warning for elasticsearch output config when using monitoring

[jpcarey]

In 6.5.4, if you have monitoring setup - it produces a false warning for logstash.outputs.elasticsearch. I'm not sure why this message is triggered at all, and why it is flagged as logstash.outputs.elasticsearch instead of the appropriate monitoring module.

[2019-01-11T11:16:28,685][WARN ][logstash.outputs.elasticsearch] ** WARNING ** Detected UNSAFE options in elasticsearch output configuration!
** WARNING ** You have enabled encryption but DISABLED certificate verification.
** WARNING ** To make sure your data is secure change :ssl_certificate_verification to true 

[2019-01-11T11:16:28,654][WARN ][logstash.outputs.elasticsearch] You are using a deprecated config setting "document_type" set in elasticsearch.

[Pectojin]

Facing the same issue in 6.6.2. There's no monitoring value for setting validation either which makes you wonder if it's a false warning or a default false value that can't be changed.

[jgrevich]

I noticed the same issue with a cluster running 6.4.2. I also verified with tcpdump+wireshark that it's a false alarm and all elasticsearch outputs are using tls1.2 as configured.

[davtex]

Facing same problem in 7.0.1. I assume there are incorrect defaults configured for monitoring exporter.

[fholzer]

I though it may have been fixed in 78bc47d
but after installing 7.2 and setting xpack.monitoring.elasticsearch.ssl.verification_mode: certificate the warning still shows up.

[saifat29]

Having same issue on 7.2.0

[rustamxp]

Have the same issue on 7.3.0

[geekpete]

Seems a few related or possibly duplicate issues around this:
#10524
#9716
#9734

possibly related upstream issue:
cheald/manticore#52

[Erni]

Facing the same issue in 6.8

[adoerrES]

Another user also experiencing the issue in 6.8.

[mohclips]

Same on 7.4

[danlsgiga]

Same on 7.5.1

[maggieghamry]

Same issue on 7.6

[rom1b31]

Same issue on 7.6.1

[rhizoet]

Always same on latest 7.8.0. Please fix. This makes me and my teammates nervous 😆

[aruandre]

same on 7.9.3

[sastorsl]

And on 7.11.1

The documentation explicitly says that certificate validation is enabled by default:
https://www.elastic.co/guide/en/logstash/current/plugins-outputs-elasticsearch.html#plugins-outputs-elasticsearch-ssl_certificate_verification

Even explicitly setting it still produces the warning.

output {
    elasticsearch {
    ...
    ssl => true
    ssl_certificate_verification => true
    ....
    }
}