We got caught off-guard by a logstash upgrade (version was not completely pinned in our puppet manifest).
This is now fixed (D544).
We kept the latest version (6.4.2) as this fixed some issues on the indexed logs.
In general though, that begs the elasticsearch upgrade policy question.
Do we synchronize or not those version number between the elk stack (recently they started sharing the same numbering)?
This needs further digging to know if it's worth it or not to upgrade.
It's not a simple matter as the elasticsearch upgrade is apparently not easily done (manual intervention needed).