This project, microsoft-sentinel-logstash-output, is a specialized fork of the official Microsoft Sentinel repository, specifically tailored for the LogStash data connector with support for managed ...
Pull the class from each log line into a field called class Change the CREATION tag if block to use the class field instead of scanning the body Pull the Interesting Parameter value out of the log ...