DCR based Logstash plugin - limit excon version and handle client tim…

…eout (#11539)

* Handle client timeout with an additional retry
* Limit excon version to lower than v1.0.0 to avoid omit_default_port deprecation
* Update version.rb
* Update CHANGELOG.md

---------

Co-authored-by: Haim Naamati <haimnaamati@microsoft.com>
Co-authored-by: Roei Dimi <roeid@microsoft.com>

DataConnectors/microsoft-sentinel-log-analytics-logstash-output-plugin/CHANGELOG.md

@@ -1,3 +1,6 @@
+## 1.1.4
+-  Limit `excon` library version to lower than 1.0.0 to make sure port is always used when using a proxy.
+
 ## 1.1.3
 -  Replaces the `rest-client` library used for connecting to Azure with the `excon` library.
 
@@ -10,4 +13,4 @@
 - Renames the plugin to microsoft-sentinel-log-analytics-logstash-output-plugin.
 
 ## 1.0.0
-- The initial release for the Logstash output plugin for Microsoft Sentinel. This plugin uses Data Collection Rules (DCRs) with Azure Monitor's Logs Ingestion API.
+- The initial release for the Logstash output plugin for Microsoft Sentinel. This plugin uses Data Collection Rules (DCRs) with Azure Monitor's Logs Ingestion API.

DataConnectors/microsoft-sentinel-log-analytics-logstash-output-plugin/lib/logstash/sentinel_la/logStashEventsBatcher.rb

@@ -72,7 +72,7 @@ def send_message_to_loganalytics(call_payload, amount_of_documents)
                     elsif ewr.class ==  Excon::Error::RequestTimeout
                         force_retry = true
                     elsif ewr.class ==  Excon::Error::TooManyRequests
-                        # thrutteling detected, backoff before resending
+                        # throttling detected, backoff before resending
                         parsed_retry_after = response.data[:headers].include?('Retry-After') ? response.data[:headers]['Retry-After'].to_i : 0
                         seconds_to_sleep = parsed_retry_after > 0 ? parsed_retry_after : 30
 
@@ -82,6 +82,9 @@ def send_message_to_loganalytics(call_payload, amount_of_documents)
                 rescue Excon::Error::Socket => ex
                     @logger.trace("Exception: '#{ex.class.name}]#{ex} in posting data to #{api_name}. [amount_of_documents=#{amount_of_documents}]'")
                     force_retry = true
+                rescue Excon::Error::Timeout => ex
+                    @logger.trace("Exception: '#{ex.class.name}]#{ex} in posting data to #{api_name}. [amount_of_documents=#{amount_of_documents}]'")
+                    force_retry = true
                 rescue Exception => ex
                     @logger.trace("Exception in posting data to #{api_name}.[amount_of_documents=#{amount_of_documents} request payload=#{call_payload}]")       
                     @logger.error("Exception in posting data to #{api_name}. [Exception: '[#{ex.class.name}]#{ex}, amount of documents=#{amount_of_documents}]'")

DataConnectors/microsoft-sentinel-log-analytics-logstash-output-plugin/lib/logstash/sentinel_la/version.rb

@@ -1,10 +1,10 @@
 module LogStash; module Outputs;
 class MicrosoftSentinelOutputInternal
-  VERSION_INFO = [1, 1, 3].freeze
+  VERSION_INFO = [1, 1, 4].freeze
   VERSION = VERSION_INFO.map(&:to_s).join('.').freeze
 
   def self.version
     VERSION
   end
 end
-end;end
+end;end

DataConnectors/microsoft-sentinel-log-analytics-logstash-output-plugin/microsoft-sentinel-log-analytics-logstash-output-plugin.gemspec

@@ -22,6 +22,6 @@ Gem::Specification.new do |s|
   # Gem dependencies
   s.add_runtime_dependency "logstash-core-plugin-api", ">= 1.60", "<= 2.99"
   s.add_runtime_dependency "logstash-codec-plain"
-  s.add_runtime_dependency "excon", ">= 0.88.0"
+  s.add_runtime_dependency "excon", ">= 0.88.0", "< 1.0.0"
   s.add_development_dependency "logstash-devutils"
 end