1 of 1

Azure Logs Ingestion API

Send logs to Azure Log Analytics using Logs Ingestion API with DCE and DCR

Azure Logs Ingestion plugin allows you ingest your records using Logs Ingestion API in Azure Monitor to supported Azure tables or to custom tables that you create.

The Logs ingestion API requires the following components:

A Data Collection Endpoint (DCE)
A Data Collection Rule (DCR) and
A Log Analytics Workspace

Note: According to , all resources should be in the same region.

To visualize basic Logs Ingestion operation, see the following image:

To get more details about how to setup these components, please refer to the following documentations:

Configuration Parameters

Key

Description

Default

Getting Started

To send records into an Azure Log Analytics using Logs Ingestion API the following resources needs to be created:

A Data Collection Endpoint (DCE) for ingestion
A Data Collection Rule (DCR) for data transformation
Either an or

You can follow to setup the DCE, DCR, app registration and a custom table.

Configuration File

Use this configuration to quickly get started:

Setup your DCR transformation accordingly based on the json output from fluent-bit's pipeline (input, parser, filter, output).

Azure Logs Ingestion API

Send logs to Azure Log Analytics using Logs Ingestion API with DCE and DCR

Azure Logs Ingestion plugin allows you ingest your records using Logs Ingestion API in Azure Monitor to supported Azure tables or to custom tables that you create.

The Logs ingestion API requires the following components:

A Data Collection Endpoint (DCE)
A Data Collection Rule (DCR) and
A Log Analytics Workspace

Note: According to , all resources should be in the same region.

To visualize basic Logs Ingestion operation, see the following image:

To get more details about how to setup these components, please refer to the following documentations:

Configuration Parameters

Key

Description

Default

Getting Started

To send records into an Azure Log Analytics using Logs Ingestion API the following resources needs to be created:

A Data Collection Endpoint (DCE) for ingestion
A Data Collection Rule (DCR) for data transformation
Either an or

You can follow to setup the DCE, DCR, app registration and a custom table.

Configuration File

Use this configuration to quickly get started:

Setup your DCR transformation accordingly based on the json output from fluent-bit's pipeline (input, parser, filter, output).

[INPUT]
    Name    tail
    Path    /path/to/your/sample.log
    Tag     sample
    Key     RawData
# Or use other plugins Plugin
# [INPUT]
#     Name    cpu
#     Tag     sample

[FILTER]
    Name modify
    Match sample
    # Add a json key named "Application":"fb_log"
    Add Application fb_log

# Enable this section to see your json-log format
#[OUTPUT]
#    Name stdout
#    Match *
[OUTPUT]
    Name            azure_logs_ingestion
    Match           sample
    client_id       XXXXXXXX-xxxx-yyyy-zzzz-xxxxyyyyzzzzxyzz
    client_secret   some.secret.xxxzzz
    tenant_id       XXXXXXXX-xxxx-yyyy-zzzz-xxxxyyyyzzzzxyzz
    dce_url         https://log-analytics-dce-XXXX.region-code.ingest.monitor.azure.com
    dcr_id          dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    table_name      ladcr_CL
    time_generated  true
    time_key        Time
    Compress        true

[INPUT]
    Name    tail
    Path    /path/to/your/sample.log
    Tag     sample
    Key     RawData
# Or use other plugins Plugin
# [INPUT]
#     Name    cpu
#     Tag     sample

[FILTER]
    Name modify
    Match sample
    # Add a json key named "Application":"fb_log"
    Add Application fb_log

# Enable this section to see your json-log format
#[OUTPUT]
#    Name stdout
#    Match *
[OUTPUT]
    Name            azure_logs_ingestion
    Match           sample
    client_id       XXXXXXXX-xxxx-yyyy-zzzz-xxxxyyyyzzzzxyzz
    client_secret   some.secret.xxxzzz
    tenant_id       XXXXXXXX-xxxx-yyyy-zzzz-xxxxyyyyzzzzxyzz
    dce_url         https://log-analytics-dce-XXXX.region-code.ingest.monitor.azure.com
    dcr_id          dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    table_name      ladcr_CL
    time_generated  true
    time_key        Time
    Compress        true

Azure Logs Ingestion API

hashtagConfiguration Parameters

hashtagGetting Started

hashtagConfiguration File

Azure Logs Ingestion API

hashtagConfiguration Parameters

hashtagGetting Started

hashtagConfiguration File

Configuration Parameters

Getting Started

Configuration File

Configuration Parameters

Getting Started

Configuration File