Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/azure/fluent-plugin-azuremonitorlog
Input plugin of Azure Monitor Logs for Fluentd
https://github.com/azure/fluent-plugin-azuremonitorlog
azure azuremonitoring fluentd log monitor
Last synced: 4 months ago
JSON representation
Input plugin of Azure Monitor Logs for Fluentd
- Host: GitHub
- URL: https://github.com/azure/fluent-plugin-azuremonitorlog
- Owner: Azure
- License: mit
- Archived: true
- Created: 2017-10-17T08:25:45.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2017-12-09T12:54:11.000Z (about 7 years ago)
- Last Synced: 2024-09-17T14:47:23.030Z (4 months ago)
- Topics: azure, azuremonitoring, fluentd, log, monitor
- Language: Ruby
- Homepage:
- Size: 16.6 KB
- Stars: 7
- Watchers: 11
- Forks: 6
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# fluent-plugin-azuremonitorlog, a plugin for [Fluentd](http://fluentd.org)
## Overview
[Azure Monitor log](https://docs.microsoft.com/en-us/rest/api/monitor/ActivityLogs/List) input plugin.
This plugin gets the monitor activity logs from Azure Monitor API to fluentd.
## Installation
To use this plugin, you need to have Azure Service Principal.
Create an Azure Service Principal through [Azure CLI](https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli?toc=%2fazure%2fazure-resource-manager%2ftoc.json) or [Azure portal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal).
Install plugin from RubyGems:
```
$ gem install fluent-plugin-azuremonitorlog
```
## Configuration
```config
@type azuremonitorlog
tag azuremonitorlog
tenant_id [Azure_Tenant_ID]
subscription_id [Azure_Subscription_Id]
client_id [Azure_Client_Id]
client_secret [Azure_Client_Secret]
select [selected fields to query]
filter [filter the query query] (default: eventChannels eq 'Admin, Operation')
interval [interval in seconds] (default: 300)
api_version [api version] (default: 2015-04-01)
```
Documentation for select and filter can be found [here](https://docs.microsoft.com/en-us/rest/api/monitor/ActivityLogs/List#activitylogs_list_uri_parameters)
### Example for source config
```config
@type azuremonitorlog
tag azuremonitorlog
tenant_id [Azure_Tenant_ID]
subscription_id [Azure_Subscription_Id]
client_id [Azure_Client_Id]
client_secret [Azure_Client_Secret]
select_filter eventName,id,resourceGroupName,resourceProviderName,operationName,status,eventTimestamp,correlationId,submissionTimestamp,level
```
Start fluentd:
```
$ fluentd -c ./fluentd.conf
```
output example:
```
{
"correlationId": "00000000-0000-0000-0000-000000000000",
"eventName": {
"value": "EndRequest",
"localizedValue": "End request"
},
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/myresourcegroup/events/00000000-0000-0000-0000-000000000000/ticks/636444295616045190",
"resourceGroupName": "myresourcegroup",
"resourceProviderName": {
"value": "Microsoft.Resources",
"localizedValue": "Microsoft Resources"
},
"operationName": {
"value": "Microsoft.Resources/subscriptions/resourcegroups/write",
"localizedValue": "Update resource group"
},
"status": {
"value": "Succeeded",
"localizedValue": "Succeeded"
},
"eventTimestamp": "2017-10-24T08:12:41.604519Z"
}
```
## Test
Run tests:
```
$ rake test
```
## Contributing
1. Fork it
2. Create your feature branch (`git checkout -b my-new-feature`)
3. Commit your changes (`git commit -am 'Added some feature'`)
4. Push to the branch (`git push origin my-new-feature`)
5. Create new Pull Request