microsoft-sentinel-log-analytics-logstash-output-plugin hardcoded for public clouds; no national cloud support #9644
Comments
|
Thank you for submitting an Issue to the Azure Sentinel GitHub repo! You should expect an initial response to your Issue from the team within 5 business days. Note that this response may be delayed during holiday periods. For urgent, production-affecting issues please raise a support ticket via the Azure Portal. |
|
Hi @benatsb , Thanks for flagging this issue, we will investigate this issue and get back to you with some updates by 25Dec2023. Thanks! |
|
Adding an optional configuration parameter to the plugin to take a cloud environment option (e.g. AzureUSGovernment), then on initialization of the 'LogstashLoganalyticsOutputConfiguration' class to select the appropriate root URIs if the option was selected, otherwise give set the defaults, appears straightforward. I just would really love for this to be in the 'official' plugin and not have to modify and distribute our own. |
|
Hi @benatsb, we are reached out to our respective concerned team for this issue, once we get any information on this, we will update you. Thanks! |
|
Hi @benatsb, As per our concern team response, currently there is no plan on including national clouds to public preview phase of the plugin. if there is any plan or update on this, the respective team update below document - |
|
Hello @benatsb |
Hello,
The values for Azure Monitor scope and authentication endpoint of the plugin for Logstash 'microsoft-sentinel-log-analytics-logstash-output-plugin' are hardcoded for only public clouds.
Is there any updates or plan to support national cloud endpoints?
There is a related issue: #8861.
Specific code in question:
https://github.com/Azure/Azure-Sentinel/blob/72b443d59ba7d6d5d9e7d73e220d29443ab6d3d2/DataConnectors/microsoft-sentinel-log-analytics-logstash-output-plugin/lib/logstash/sentinel_la/logAnalyticsAadTokenProvider.rb#L12C1-L13C1
The text was updated successfully, but these errors were encountered: