{"id":22747511,"url":"https://github.com/resurfaceio/azure-eh","last_synced_at":"2026-03-01T15:01:27.197Z","repository":{"id":39968455,"uuid":"371523247","full_name":"resurfaceio/azure-eh","owner":"resurfaceio","description":"Capture API calls from Azure APIM with Azure Event Hubs","archived":false,"fork":false,"pushed_at":"2024-08-21T15:55:13.000Z","size":119,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-22T15:45:32.640Z","etag":null,"topics":["api-logger","azure","azure-api-management","azure-event-hubs","cybersecurity","graylog","http-logger","java","logger-java","observability"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/resurfaceio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-05-27T22:55:58.000Z","updated_at":"2024-08-21T15:54:58.000Z","dependencies_parsed_at":"2024-01-08T15:05:49.450Z","dependency_job_id":"f00b328e-dbff-476d-9d57-8378a77e580b","html_url":"https://github.com/resurfaceio/azure-eh","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/resurfaceio/azure-eh","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/resurfaceio%2Fazure-eh","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/resurfaceio%2Fazure-eh/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/resurfaceio%2Fazure-eh/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/resurfaceio%2Fazure-eh/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/resurfaceio","download_url":"https://codeload.github.com/resurfaceio/azure-eh/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/resurfaceio%2Fazure-eh/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29973091,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-01T14:44:57.896Z","status":"ssl_error","status_checked_at":"2026-03-01T14:43:27.662Z","response_time":124,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-logger","azure","azure-api-management","azure-event-hubs","cybersecurity","graylog","http-logger","java","logger-java","observability"],"created_at":"2024-12-11T03:16:11.000Z","updated_at":"2026-03-01T15:01:27.168Z","avatar_url":"https://github.com/resurfaceio.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# azure-eh\nCapture API calls from Azure API Management to your own \u003ca href=\"https://resurface.io\"\u003esecurity data lake\u003c/a\u003e using Azure Event Hubs.\n\n[![License](https://img.shields.io/github/license/resurfaceio/azure-eh)](https://github.com/resurfaceio/azure-eh/blob/master/LICENSE)\n[![Contributing](https://img.shields.io/badge/contributions-welcome-green.svg)](https://github.com/resurfaceio/azure-eh/blob/master/CONTRIBUTING.md)\n\n## Contents\n\n- [Deployment](#deployment)\n- [Configuration](#configuration)\n- [Running on AKS](#running-on-aks)\n- [Protecting User Privacy](#protecting-user-privacy)\n\n## Deployment\nIn order to run Resurface for Azure APIM, some previous configuration is needed. Specifically, four resources need to be created and deployed: an [Event Hub](https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-about), a [Storage Account](https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview), a [Logger](https://docs.microsoft.com/en-us/rest/api/apimanagement/current-ga/logger/create-or-update), and a [Policy](https://docs.microsoft.com/en-us/azure/api-management/set-edit-policies) for your APIM instance.\n\n### Automatic deployment\nClick the **Deploy to Azure** button below to deploy all necessary resources using an [ARM template](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/overview):\n\n[![Deploy to Azure](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fresurfaceio%2Fiac-templates%2Fmaster%2Fazure%2Fazuredeployresources.json)\n\nThis uses [a custom template](https://github.com/resurfaceio/iac-templates/blob/master/azure/azuredeployresources.json) to create and deploy an [Event Hubs instance](https://github.com/resurfaceio/iac-templates/blob/master/azure/event-hub.json), a [Storage Account](https://github.com/resurfaceio/iac-templates/blob/master/azure/storageaccount.json), and adds a [Logger and Policy](https://github.com/resurfaceio/iac-templates/blob/master/azure/logger-and-policy.json) to your existing APIM instance\n\n\u003e [!WARNING]\n\u003e This will overwrite any global policies you have in place in your APIM instance. Make sure you back up existing policies!\n\nOnce the automatic deployment finishes, go to the **Outputs** section.\n\u003cdetails\u003e\n  \u003csummary\u003e Click to expand\u003c/summary\u003e\n  \n  ![image](https://user-images.githubusercontent.com/7117255/169603018-76e9ec7b-918e-4d47-87a7-253c2e820d08.png)\n\u003c/details\u003e\n\nCopy the listed values and update the [required environment variables](#logging-from-azure-event-hubs) accordingly.\n\u003cdetails\u003e\n  \u003csummary\u003eClick to expand\u003c/summary\u003e\n  \n  ![image](https://user-images.githubusercontent.com/7117255/169605750-911491c0-43b0-4caa-9ccb-911ad723bd1a.png)\n\u003c/details\u003e\n\n### Manual setup\n\nIf you would like to configure everything yourself using the Azure console instead, just follow Resurface's [Capturing from APIM get-started guide](https://resurface.io/azure-get-started#manual-setup), where the entire process is documented in a step-by-step manner.\n\n## Configuration\n\n- Set following the environment variables in your `.env` file:\n\n| Variable | Set to |\n|:---------|:-------|\n|`AZURE_EH_CONNECTION_STRING`|[Connection string for a specific Azure Event Hubs namespace](https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-get-connection-string)|\n|`EVENT_HUB_NAME`            |Name of your Event Hub instance|\n|`AZURE_STORAGE_CONNECTION_STRING`|[Connection string for a specific Azure Storage Account]([https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-get-connection-string](https://docs.microsoft.com/en-us/azure/storage/common/storage-configure-connection-string))|\n|`STORAGE_CONTAINER_NAME`    |Name of your storage container|\n|`USAGE_LOGGERS_URL`         |DB capture endpoint for your [Resurface instance](https://resurface.io/installation)|\n|`USAGE_LOGGERS_RULES`       |(**Optional**) Set of [rules](#protecting-user-privacy).\u003cbr /\u003eOnly necessary if you want to exclude certain API calls from being logged.|\n|`EVENT_HUB_CONSUMER_GROUP`  |(**Optional**) Name of a consumer group from your Event Hub.\u003cbr /\u003eOnly necessary if you have created a specific consumer group for your Event Hub instance|\n|`PARTITION_NUMBER`          |(**Deprecated**) Partition number configured in `policy.xml`. Should be `\"0\"` by default.|\n\n- (Optional) Build the container image\n\n```bash\ndocker build -t azure-eh-consumer:1.0.1 .\n```\n\n- Run the container\n\n```bash\ndocker run -d --name azure-eh --env-file .env resurfaceio/azure-eh-consumer:1.0.1\n```\n\nOr, if you built the image yourself in the previous step:\n\n```bash\ndocker run -d --name azure-eh --env-file .env azure-eh-consumer:1.0.1\n```\n\n- Use your API as you always do.\n- Go to the web UI for your Graylog API Security instance and verify that API Calls are being captured.\n\n## Running on AKS\n\nUsing [Helm](https://helm.sh/) you can deploy this listener application to your running cluster\n\n```bash\nhelm upgrade -i resurface resurfaceio/resurface --namespace resurface \\\n--set consumer.azure.enabled=true \\\n--set consumer.azure.ehconnstring=YOUR_AZURE_EH_CONNECTION_STRING \\\n--set consumer.azure.ehname=YOUR_AZURE_EVENT_HUBS_INSTANCE_NAME \\\n--set consumer.azure.storageconnstring=YOUR_AZURE_STORAGE_CONNECTION_STRING \\\n--set consumer.azure.storagecontainer=YOUR_AZURE_STORAGE_CONTAINER_NAME\n```\n\n## Protecting User Privacy\n\nLoggers always have an active set of \u003ca href=\"https://resurface.io/rules.html\"\u003erules\u003c/a\u003e that control what data is logged\nand how sensitive data is masked. All of the examples above apply a predefined set of rules (`include debug`),\nbut logging rules are easily customized to meet the needs of any application.\n\n\u003ca href=\"https://resurface.io/rules.html\"\u003eLogging rules documentation\u003c/a\u003e\n\n\u003csmall\u003e\u0026copy; 2016-2024 \u003ca href=\"https://resurface.io\"\u003eGraylog, Inc.\u003c/a\u003e\u003c/small\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fresurfaceio%2Fazure-eh","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fresurfaceio%2Fazure-eh","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fresurfaceio%2Fazure-eh/lists"}