microsoft-sentinel-log-analytics-logstash-output-plugin 2.1.2-java → 2.2.1-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -0
- data/README.md +13 -8
- data/VERSION +1 -1
- data/lib/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin_jars.rb +1 -1
- data/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin.gemspec +1 -1
- data/vendor/jar-dependencies/org/logstashplugins/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin/{2.1.2/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin-2.1.2.jar → 2.2.1/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin-2.2.1.jar} +0 -0
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ea487790648bd37da80785720d41eba04d6e25d26b51acd4dedaae12d4df788e
|
|
4
|
+
data.tar.gz: 2c5e07886e64407c588ebae4d080796ae83e4a5c24a6dd287cc91a8858e1bea4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0a76b54722684ef96a897363bfe0b2104dc14c99ef7e196585a8e6ae2e03606e330c16ece586a262148a41cfee41797304ec8ecde13cdc3839005645b808d79c
|
|
7
|
+
data.tar.gz: d18a87da9ac8d7b5f19c3be49744d0ed7051b343fda7a8dc9dbb52c4f88c3c83dcb81310cbae590c910f0a2adb539c5dfe8ed4118303f4f24eb5969c7fe248a2
|
data/CHANGELOG.md
ADDED
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
## 2.2.1
|
|
2
|
+
- Adds info-level logging line when batches are successfully sent.
|
|
3
|
+
|
|
4
|
+
## 2.2.0
|
|
5
|
+
- Adds ability to use either new or old configuration values.
|
|
6
|
+
|
|
7
|
+
## 2.1.2
|
|
8
|
+
- Documentation updates
|
|
9
|
+
|
|
10
|
+
## 2.1.1
|
|
11
|
+
- Improved efficiency.
|
|
12
|
+
|
|
13
|
+
## 2.1.0
|
|
14
|
+
- Fixed event normalization.
|
|
15
|
+
|
|
16
|
+
## 2.0.0
|
|
17
|
+
- Refactored the plugin from Ruby to Java.
|
|
18
|
+
- Added ManagedIdentity authentication.
|
data/README.md
CHANGED
|
@@ -3,8 +3,8 @@
|
|
|
3
3
|
Microsoft Sentinel provides a new output plugin for Logstash. Use this output plugin to send any log via Logstash to the Microsoft Sentinel/Log Analytics workspace. This is done with the Log Analytics DCR-based API.
|
|
4
4
|
You may send logs to custom or standard tables.
|
|
5
5
|
|
|
6
|
-
Plugin version: v2.1
|
|
7
|
-
Released on: 2026-
|
|
6
|
+
Plugin version: v2.2.1
|
|
7
|
+
Released on: 2026-05-27
|
|
8
8
|
|
|
9
9
|
This plugin is currently in development and is free to use. We request and appreciate feedback from users.
|
|
10
10
|
|
|
@@ -25,12 +25,13 @@ If you do not have a direct internet connection, you can install the plugin to a
|
|
|
25
25
|
|
|
26
26
|
Microsoft Sentinel's Logstash output plugin supports the following versions
|
|
27
27
|
- 7.0 - 7.17.13
|
|
28
|
-
- 8.0 - 8.9
|
|
29
|
-
- 8.11 - 8.15
|
|
30
|
-
- 8.19.2
|
|
31
|
-
- 9.0.8
|
|
32
|
-
- 9.1.10
|
|
33
|
-
- 9.2.4 - 9.2.5
|
|
28
|
+
- 8.0 - 8.9 (NOTE: these versions require a security update, according to Logstash!)
|
|
29
|
+
- 8.11 - 8.15 (NOTE: these versions require a security update, according to Logstash!)
|
|
30
|
+
- 8.19.2 (NOTE: this version requires a security update, according to Logstash!)
|
|
31
|
+
- 9.0.8 (NOTE: this version requires a security update, according to Logstash!)
|
|
32
|
+
- 9.1.10 (NOTE: this version requires a security update, according to Logstash!)
|
|
33
|
+
- 9.2.4 - 9.2.5 (NOTE: these versions require a security update, according to Logstash! [Security Update](https://discuss.elastic.co/t/logstash-8-19-14-9-2-8-9-3-3-security-update-esa-2026-29/385816))
|
|
34
|
+
- 9.3.3
|
|
34
35
|
|
|
35
36
|
Please note that when using Logstash 8, it is recommended to disable ECS in the pipeline. For more information refer to [Logstash documentation.](<https://www.elastic.co/guide/en/logstash/8.4/ecs-ls.html>)
|
|
36
37
|
|
|
@@ -225,6 +226,10 @@ A complete `logstash.conf` using client secret auth with a Beats input:
|
|
|
225
226
|
| `initial_wait_time_seconds` | `1` | Initial backoff between retries |
|
|
226
227
|
| `max_graceful_shutdown_time_seconds` | `60` | Max wait for graceful shutdown |
|
|
227
228
|
| `max_waiting_time_for_batch_seconds` | `10` | Max wait before flushing a batch |
|
|
229
|
+
| `max_waiting_for_unifier_time_seconds` | `10` | Max wait before flushing the unifier |
|
|
230
|
+
| `max_batch_size` | `10000` | Maximum number of events per batch. When a batch reaches this size it is flushed immediately, regardless of the time window |
|
|
231
|
+
| `input_queue_capacity` | `50000` | Maximum capacity of the input queue. Bounds memory usage under high-volume ingestion. When full, back-pressure is applied to the Logstash pipeline |
|
|
232
|
+
| `internal_queue_capacity` | `500` | Maximum capacity of the internal queues between batcher, unifier, and sender workers. Bounds memory usage for in-flight batches |
|
|
228
233
|
| `worker_sleep_time_millis` | `10` | Delay between worker iterations |
|
|
229
234
|
| `batcher_workers_count` | *(auto)* | Number of batcher threads |
|
|
230
235
|
| `sender_workers_count` | *(auto)* | Number of sender threads |
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.1
|
|
1
|
+
2.2.1
|
|
@@ -2,4 +2,4 @@
|
|
|
2
2
|
# encoding: utf-8
|
|
3
3
|
|
|
4
4
|
require 'jar_dependencies'
|
|
5
|
-
require_jar('org.logstashplugins', 'logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin', '2.1
|
|
5
|
+
require_jar('org.logstashplugins', 'logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin', '2.2.1')
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# AUTOGENERATED BY THE GRADLE SCRIPT. EDITS WILL BE OVERWRITTEN.
|
|
2
2
|
Gem::Specification.new do |s|
|
|
3
3
|
s.name = 'microsoft-sentinel-log-analytics-logstash-output-plugin'
|
|
4
|
-
s.version = '2.1
|
|
4
|
+
s.version = '2.2.1'
|
|
5
5
|
s.licenses = ['Apache-2.0']
|
|
6
6
|
s.summary = 'Microsoft Sentinel Log Analytics output plugin'
|
|
7
7
|
s.description = 'Microsoft Sentinel provides a new output plugin for Logstash. Use this output plugin to send any log via Logstash to the Microsoft Sentinel/Log Analytics workspace. This is done with the Log Analytics DCR-based API.'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: microsoft-sentinel-log-analytics-logstash-output-plugin
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1
|
|
4
|
+
version: 2.2.1
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Microsoft
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2026-
|
|
11
|
+
date: 2026-05-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -67,6 +67,7 @@ executables: []
|
|
|
67
67
|
extensions: []
|
|
68
68
|
extra_rdoc_files: []
|
|
69
69
|
files:
|
|
70
|
+
- CHANGELOG.md
|
|
70
71
|
- Gemfile
|
|
71
72
|
- README.md
|
|
72
73
|
- VERSION
|
|
@@ -74,7 +75,7 @@ files:
|
|
|
74
75
|
- lib/logstash/outputs/microsoft-sentinel-log-analytics-logstash-output-plugin.rb
|
|
75
76
|
- lib/logstash_registry.rb
|
|
76
77
|
- logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin.gemspec
|
|
77
|
-
- vendor/jar-dependencies/org/logstashplugins/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin/2.1
|
|
78
|
+
- vendor/jar-dependencies/org/logstashplugins/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin/2.2.1/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin-2.2.1.jar
|
|
78
79
|
homepage:
|
|
79
80
|
licenses:
|
|
80
81
|
- Apache-2.0
|