Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[azure_logs] Add Custom Azure Logs input package #11552

Open
wants to merge 19 commits into
base: main
Choose a base branch
from
Open

[azure_logs] Add Custom Azure Logs input package #11552

wants to merge 19 commits into from
+1,118 −0

Conversation

zmoog
Copy link
Contributor

@zmoog zmoog commented Oct 28, 2024
edited
Loading

Proposed commit message

Add a new input package to collect custom logs from Event Hub.

This input package is a thin wrapper on the azure-eventhub input that allows users to receive JSON log events from an event hub and transform them using custom pipelines and mappings.

Users should use this input package instead of generic integration in the Azure Logs integration.

Checklist

  • I have reviewed tips for building integrations and this pull request is aligned with them.
  • I have verified that all data streams collect metrics or logs.
  • I have added an entry to my package's changelog.yml file.
  • I have verified that Kibana version constraints are current according to guidelines.
  • I have verified that any added dashboard complies with Kibana's Dashboard good practices

Author's Checklist

  • Add pipeline override
  • Replace the logo with the one used in all input packages
  • Write the docs (overview, requirements, setup)
  • How to deal with routing

Reviewer's Checklist

Please review the following items and, ideally, leave your thoughts in the comments.

  • Routing: I could not find a way to add an OOTB pipeline to route logs to other data streams. Do you know a method?
  • Logo: all the input packages use the same logo. Should we adopt the same logo or use something Azure-specific?
  • Data model: Currently, the input package stores the log events sent by the input without any additional change. The log event contains the JSON document as a string in the message field. This gives users all the options to transform the log event in the custom pipeline. Do you have any suggestions?
  • Ownership: I currently set the package ownership to elastic/obs-ds-hosted-services. Should we set the ownership to elastic/obs-infraobs-integrations?

Related issues

Screenshots

CleanShot 2024-10-30 at 16 37 42@2x

CleanShot 2024-10-30 at 16 39 26@2x

CleanShot 2024-10-30 at 16 42 28@2x

CleanShot 2024-10-30 at 16 44 44@2x

@zmoog zmoog self-assigned this Oct 28, 2024
@zmoog zmoog added enhancement New feature or request Team:obs-ds-hosted-services Label for the Observability Hosted Services team [elastic/obs-ds-hosted-services] Integration:azure_logs Custom Azure Event Hub Input [Integration not found in source] labels Oct 28, 2024
@zmoog
Add azure_logs to CODEOWNERS
f188321
@zmoog
Fix owner
a892a79 
Death by 1000 copy & paste
@zmoog
Switch license to Elastic-2.0
5718f2c 
It seems all other integrations use Elastic-2.0
@zmoog zmoog mentioned this pull request Oct 28, 2024
Open
@zmoog
Add pipeline override option
1d586c5 
With this pipeline override, users can run a custom pipeline only
for a specific input package installation.
@zmoog
Replace stock logo with the standard inputs logo
234f06e 
All other input packages seem to use this logo.
@zmoog
Add integration docs
31e9012
@zmoog
Add tags, processors, and sanitization settings
e55bc81
@zmoog
Add parse_message config option
e678854
@zmoog
Add route_message config option
c11a733
@zmoog
Remove route_message option
86962f7 
It seems we cannot build OOTB routing into an input package
@zmoog
Remove parse_message option
2d6035c 
I don't think we can (or want) offer this option.
@zmoog
Make clear we're fetching logs from event hub
5fd7295
@zmoog zmoog marked this pull request as ready for review October 30, 2024 15:52
@zmoog zmoog requested review from a team October 30, 2024 15:57
@zmoog
Copy link
Contributor Author

zmoog commented Oct 30, 2024

cc @lalit-satapathy for the ownership topic in the reviewer's checklist

Kavindu-Dodan
Kavindu-Dodan reviewed Oct 30, 2024
View reviewed changes
packages/azure_logs/manifest.yml
license: Elastic-2.0
description: "Collect log events from Azure Event Hubs with Elastic Agent"
type: input
categories:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit - should we add observability here. AWS logs do have this 1

Footnotes

  1. https://github.com/elastic/integrations/blob/main/packages/aws_logs/manifest.yml#L7-L10

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point! Adding it.

packages/azure_logs/manifest.yml Outdated Show resolved Hide resolved
packages/azure_logs/docs/README.md Outdated Show resolved Hide resolved
packages/azure_logs/docs/README.md Outdated Show resolved Hide resolved
zmoog and others added 5 commits October 30, 2024 23:40
@zmoog
Add observability category
c07ad7e
@zmoog @Kavindu-Dodan
Update packages/azure_logs/docs/README.md
53288b9 
Co-authored-by: Kavindu Dodanduwa <[email protected]>
@zmoog @Kavindu-Dodan
Update packages/azure_logs/docs/README.md
003ef00 
Co-authored-by: Kavindu Dodanduwa <[email protected]>
@zmoog
Update docs source
1f2a92e
@zmoog
Remove "Input" from the package name
de5fd1a 
- it's consistent with the equivalent AWS integration
- end users a probably not aware of the input vs. integration
@elasticmachine
Copy link

💚 Build Succeeded

History

cc @zmoog

@elastic-sonarqube Elastic SonarQube
Copy link

Quality Gate failed Quality Gate failed

Failed conditions
0.0% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Kavindu-Dodan Kavindu-Dodan Kavindu-Dodan left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@zmoog zmoog

Labels
enhancement New feature or request Integration:azure_logs Custom Azure Event Hub Input [Integration not found in source] New Integration Team:obs-ds-hosted-services Label for the Observability Hosted Services team [elastic/obs-ds-hosted-services]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@zmoog @elasticmachine @Kavindu-Dodan @andrewkroh