microsoft-sentinel-log-analytics-logstash-output-plugin 2.2.0-java → 2.2.1-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0f77b193c8121a3b1e99f505cbf101c5f882f8bc307c7e44d5d23c26775230a3
-  data.tar.gz: d4ad2452b52b6c7e17e7ee60264eece406f38a45f0be65c84fea33e770134d6c
+  metadata.gz: ea487790648bd37da80785720d41eba04d6e25d26b51acd4dedaae12d4df788e
+  data.tar.gz: 2c5e07886e64407c588ebae4d080796ae83e4a5c24a6dd287cc91a8858e1bea4
 SHA512:
-  metadata.gz: 1994c3752c45290802f5979b00ca25ac27e3bf3d5dd6237741ff29332077b255f433857ab3485c57cccdf2f402a2d7efd25b357b61ead3eb3dcb26515e4a9a22
-  data.tar.gz: cd681f40f8fa06b4eda60015052cd247904acdaefea5dc9294cdb017b64ffa30b10f15d47dfab9b539714cfd7f14d7fa4dd6c39893c12e56bb8bd750678c83d2
+  metadata.gz: 0a76b54722684ef96a897363bfe0b2104dc14c99ef7e196585a8e6ae2e03606e330c16ece586a262148a41cfee41797304ec8ecde13cdc3839005645b808d79c
+  data.tar.gz: d18a87da9ac8d7b5f19c3be49744d0ed7051b343fda7a8dc9dbb52c4f88c3c83dcb81310cbae590c910f0a2adb539c5dfe8ed4118303f4f24eb5969c7fe248a2

data/CHANGELOG.md

@@ -0,0 +1,18 @@
+## 2.2.1
+- Adds info-level logging line when batches are successfully sent.
+
+## 2.2.0
+- Adds ability to use either new or old configuration values.
+
+## 2.1.2
+- Documentation updates
+
+## 2.1.1
+- Improved efficiency.
+
+## 2.1.0
+- Fixed event normalization.
+
+## 2.0.0
+- Refactored the plugin from Ruby to Java.
+- Added ManagedIdentity authentication.

data/README.md

@@ -3,8 +3,8 @@
 Microsoft Sentinel provides a new output plugin for Logstash. Use this output plugin to send any log via Logstash to the Microsoft Sentinel/Log Analytics workspace. This is done with the Log Analytics DCR-based API.
 You may send logs to custom or standard tables.  
 
-Plugin version: v2.2.0  
-Released on: 2026-05-04  
+Plugin version: v2.2.1  
+Released on: 2026-05-27  
 
 This plugin is currently in development and is free to use. We request and appreciate feedback from users.  
 
@@ -25,12 +25,13 @@ If you do not have a direct internet connection, you can install the plugin to a
 
 Microsoft Sentinel's Logstash output plugin supports the following versions  
 - 7.0 - 7.17.13  
-- 8.0 - 8.9  
-- 8.11 - 8.15  
-- 8.19.2  
-- 9.0.8  
-- 9.1.10  
-- 9.2.4 - 9.2.5  
+- 8.0 - 8.9 (NOTE: these versions require a security update, according to Logstash!)  
+- 8.11 - 8.15 (NOTE: these versions require a security update, according to Logstash!)  
+- 8.19.2 (NOTE: this version requires a security update, according to Logstash!)  
+- 9.0.8 (NOTE: this version requires a security update, according to Logstash!)  
+- 9.1.10 (NOTE: this version requires a security update, according to Logstash!)  
+- 9.2.4 - 9.2.5 (NOTE: these versions require a security update, according to Logstash! [Security Update](https://discuss.elastic.co/t/logstash-8-19-14-9-2-8-9-3-3-security-update-esa-2026-29/385816))  
+- 9.3.3
 
 Please note that when using Logstash 8, it is recommended to disable ECS in the pipeline. For more information refer to [Logstash documentation.](<https://www.elastic.co/guide/en/logstash/8.4/ecs-ls.html>)  
 
@@ -94,7 +95,7 @@ To configure Microsoft Sentinel Logstash plugin you first need to create the DCR
 
 *Note:* The identity (service principal or managed identity) must have the **Monitoring Metrics Publisher** role on the target DCR:  
 
-    ```bash
+    ```
     az role assignment create \
       --assignee <object-id-of-identity> \
       --role "Monitoring Metrics Publisher" \
@@ -124,7 +125,7 @@ The plugin auto-detects the auth method based on which config values are present
 
 Provide `client_id`, `client_secret`, and `tenant_id` for your Azure App Registration / service principal.  
 
-    ```logstash
+    ```
     output {
       microsoft-sentinel-log-analytics-logstash-output-plugin {
         data_collection_endpoint => "https://<your-dce-name>.<region>.ingest.monitor.azure.com"
@@ -142,7 +143,7 @@ Provide `client_id`, `client_secret`, and `tenant_id` for your Azure App Registr
 
 When running on an Azure VM with a system-assigned managed identity, omit `client_id`, `client_secret`, and `tenant_id`. The plugin will automatically use the VM's managed identity.  
 
-    ```logstash
+    ```
     output {
       microsoft-sentinel-log-analytics-logstash-output-plugin {
         data_collection_endpoint => "https://<your-dce-name>.<region>.ingest.monitor.azure.com"
@@ -156,7 +157,7 @@ When running on an Azure VM with a system-assigned managed identity, omit `clien
 
 To authenticate against a sovereign cloud, add `azure_cloud`. Supported values: `AzurePublicCloud` (default), `AzureUSGovernment`, `AzureChinaCloud`, `AzureGermanyCloud`.  
 
-    ```logstash
+    ```
     output {
       microsoft-sentinel-log-analytics-logstash-output-plugin {
         data_collection_endpoint => "https://<your-dce-ingestion-endpoint>"
@@ -172,7 +173,7 @@ To authenticate against a sovereign cloud, add `azure_cloud`. Supported values:
 
 #### Option 4: Managed Identity + Sovereign Cloud
 
-    ```logstash
+    ```
     output {
       microsoft-sentinel-log-analytics-logstash-output-plugin {
         data_collection_endpoint => "https://<your-dce-ingestion-endpoint>"
@@ -192,7 +193,7 @@ Security notice: We recommend not to implicitly state client_id, client_secret,
 
 A complete `logstash.conf` using client secret auth with a Beats input:  
 
-    ```logstash
+    ```
     input {
       beats {
         port => 5044
@@ -243,7 +244,7 @@ When using Logstash installed on a Docker image of Lite Ubuntu, the following wa
     ```
 
 To resolve it, use the following commands to install the *netbase* package within your Dockerfile:  
-    ```bash
+    ```
     USER root
     RUN apt install netbase -y
     ```

data/VERSION

@@ -1 +1 @@
-2.2.0
+2.2.1

data/lib/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin_jars.rb

@@ -2,4 +2,4 @@
 # encoding: utf-8
 
 require 'jar_dependencies'
-require_jar('org.logstashplugins', 'logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin', '2.2.0')
+require_jar('org.logstashplugins', 'logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin', '2.2.1')

data/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin.gemspec

@@ -1,7 +1,7 @@
 # AUTOGENERATED BY THE GRADLE SCRIPT. EDITS WILL BE OVERWRITTEN.
 Gem::Specification.new do |s|
   s.name            = 'microsoft-sentinel-log-analytics-logstash-output-plugin'
-  s.version         = '2.2.0'
+  s.version         = '2.2.1'
   s.licenses        = ['Apache-2.0']
   s.summary         = 'Microsoft Sentinel Log Analytics output plugin'
   s.description     = 'Microsoft Sentinel provides a new output plugin for Logstash. Use this output plugin to send any log via Logstash to the Microsoft Sentinel/Log Analytics workspace. This is done with the Log Analytics DCR-based API.'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: microsoft-sentinel-log-analytics-logstash-output-plugin
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.2.1
 platform: java
 authors:
 - Microsoft
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-05-04 00:00:00.000000000 Z
+date: 2026-05-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -67,6 +67,7 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- CHANGELOG.md
 - Gemfile
 - README.md
 - VERSION
@@ -74,7 +75,7 @@ files:
 - lib/logstash/outputs/microsoft-sentinel-log-analytics-logstash-output-plugin.rb
 - lib/logstash_registry.rb
 - logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin.gemspec
-- vendor/jar-dependencies/org/logstashplugins/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin/2.2.0/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin-2.2.0.jar
+- vendor/jar-dependencies/org/logstashplugins/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin/2.2.1/logstash-output-microsoft-sentinel-log-analytics-logstash-output-plugin-2.2.1.jar
 homepage:
 licenses:
 - Apache-2.0