diff --git a/packages/logstash/changelog.yml b/packages/logstash/changelog.yml
index 632cf76e0e6..089f63d397c 100644
--- a/packages/logstash/changelog.yml
+++ b/packages/logstash/changelog.yml
@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.11.1"
+  changes:
+    - description: Added logstash-json to default, if log.format is changed https://www.elastic.co/docs/reference/logstash/logstash-settings-file. Adding processor, preserve_original_event and tag as option to logstash stream.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/18316
 - version: "2.11.0"
   changes:
     - description: Update existing batch graphs with 50th and 90th percentiles during last minute. Replace average lifetime metric with last one minute, for both batch's byte size and value, to be coherent with the other graphed percentiles.. Note that these metrics will only show results for Logstash versions 9.4.0 or later.
diff --git a/packages/logstash/data_stream/log/agent/stream/log.yml.hbs b/packages/logstash/data_stream/log/agent/stream/log.yml.hbs
index 5d4c37df1ce..7b9e55094ca 100644
--- a/packages/logstash/data_stream/log/agent/stream/log.yml.hbs
+++ b/packages/logstash/data_stream/log/agent/stream/log.yml.hbs
@@ -15,6 +15,16 @@ processors:
     target: ''
     fields:
       ecs.version: 1.10.0
+{{#if processors}}
+{{processors}}
+{{/if}}
+tags:
+{{#if preserve_original_event}}
+  - preserve_original_event
+{{/if}}
+{{#each tags as |tag|}}
+  - {{tag}}
+{{/each}}  
 {{#if condition}}
 condition: {{ condition }}
 {{/if}}
diff --git a/packages/logstash/data_stream/log/manifest.yml b/packages/logstash/data_stream/log/manifest.yml
index db998376e05..5a0d59b318e 100644
--- a/packages/logstash/data_stream/log/manifest.yml
+++ b/packages/logstash/data_stream/log/manifest.yml
@@ -11,6 +11,30 @@ streams:
         show_user: true
         default:
           - /var/log/logstash/logstash-plain*.log
+          - /var/log/logstash/logstash-json*.log
+      - name: tags
+        type: text
+        title: Tags
+        multi: true
+        required: false
+        show_user: false
+        default:        
+      - name: processors
+        type: yaml
+        title: Processors
+        multi: false
+        required: false
+        show_user: false
+        description: >
+          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
+      - name: preserve_original_event
+        required: true
+        show_user: true
+        title: Preserve original event
+        description: Preserves a raw copy of the original event, added to the field `event.original`
+        type: bool
+        multi: false
+        default: false          
     template_path: log.yml.hbs
     title: Logstash logs
     description: Collect Logstash logs from standard files
diff --git a/packages/logstash/data_stream/slowlog/agent/stream/log.yml.hbs b/packages/logstash/data_stream/slowlog/agent/stream/log.yml.hbs
index 5cf49c2f446..fb7fb642d9e 100644
--- a/packages/logstash/data_stream/slowlog/agent/stream/log.yml.hbs
+++ b/packages/logstash/data_stream/slowlog/agent/stream/log.yml.hbs
@@ -11,6 +11,16 @@ processors:
     target: ''
     fields:
       ecs.version: 1.10.0
+{{#if processors}}
+{{processors}}
+{{/if}}
+tags:
+{{#if preserve_original_event}}
+  - preserve_original_event
+{{/if}}
+{{#each tags as |tag|}}
+  - {{tag}}
+{{/each}}      
 {{#if condition}}
 condition: {{ condition }}
 {{/if}}
diff --git a/packages/logstash/data_stream/slowlog/manifest.yml b/packages/logstash/data_stream/slowlog/manifest.yml
index b87be24942f..356258c8267 100644
--- a/packages/logstash/data_stream/slowlog/manifest.yml
+++ b/packages/logstash/data_stream/slowlog/manifest.yml
@@ -11,6 +11,30 @@ streams:
         show_user: true
         default:
           - /var/log/logstash/logstash-slowlog-plain*.log
+          - /var/log/logstash/logstash-slowlog-json*.log
+      - name: tags
+        type: text
+        title: Tags
+        multi: true
+        required: false
+        show_user: false
+        default:        
+      - name: processors
+        type: yaml
+        title: Processors
+        multi: false
+        required: false
+        show_user: false
+        description: >
+          Processors are used to reduce the number of fields in the exported event or to enhance the event with metadata. This executes in the agent before the logs are parsed. See [Processors](https://www.elastic.co/guide/en/beats/filebeat/current/filtering-and-enhancing-data.html) for details.
+      - name: preserve_original_event
+        required: true
+        show_user: true
+        title: Preserve original event
+        description: Preserves a raw copy of the original event, added to the field `event.original`
+        type: bool
+        multi: false
+        default: false          
     template_path: log.yml.hbs
     title: Logstash slowlog logs
     description: Collect logstash slowlog logs using log input
diff --git a/packages/logstash/manifest.yml b/packages/logstash/manifest.yml
index 59ca72a635e..826be779984 100644
--- a/packages/logstash/manifest.yml
+++ b/packages/logstash/manifest.yml
@@ -1,6 +1,6 @@
 name: logstash
 title: Logstash
-version: 2.11.0
+version: 2.11.1
 description: Collect logs and metrics from Logstash with Elastic Agent.
 type: integration
 icons: