-
Notifications
You must be signed in to change notification settings - Fork 4.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Filebeat] [AWS] Add support to source AWS cloudwatch logs from linked accounts #41188
[Filebeat] [AWS] Add support to source AWS cloudwatch logs from linked accounts #41188
Conversation
Pinging @elastic/obs-ds-hosted-services (Team:obs-ds-hosted-services) |
|
Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are just a couple of small things to fix:
- The changelog entry
- Addressing the comment from @kaiyan-sheng.
…meter, field renaming Signed-off-by: Kavindu Dodanduwa <[email protected]>
Signed-off-by: Kavindu Dodanduwa <[email protected]>
Signed-off-by: Kavindu Dodanduwa <[email protected]>
Signed-off-by: Kavindu Dodanduwa <[email protected]>
Signed-off-by: Kavindu Dodanduwa <[email protected]>
90fb3d5
to
e280d23
Compare
@kaiyan-sheng @belimawr thanks for the reviews, I added proposed changes with my latest commit :) appreciate another look |
Signed-off-by: Kavindu Dodanduwa <[email protected]>
@belimawr appreciate another review from you :) |
This pull request is now in conflicts. Could you fix it? 🙏
|
…d accounts (#41188) * use LogGroupIdentifier fiter instead of LogGroupName and related parameter, field renaming Signed-off-by: Kavindu Dodanduwa <[email protected]> * configuration parsing to support arn & linked accounts Signed-off-by: Kavindu Dodanduwa <[email protected]> * document the ARN usage Signed-off-by: Kavindu Dodanduwa <[email protected]> * add changelog entry Signed-off-by: Kavindu Dodanduwa <[email protected]> * code review changes Signed-off-by: Kavindu Dodanduwa <[email protected]> * code review change - fix typo Signed-off-by: Kavindu Dodanduwa <[email protected]> --------- Signed-off-by: Kavindu Dodanduwa <[email protected]> Co-authored-by: kaiyan-sheng <[email protected]> (cherry picked from commit 42f2d41)
…udwatch logs from linked accounts (#41240) * [Filebeat] [AWS] Add support to source AWS cloudwatch logs from linked accounts (#41188) * use LogGroupIdentifier fiter instead of LogGroupName and related parameter, field renaming Signed-off-by: Kavindu Dodanduwa <[email protected]> * configuration parsing to support arn & linked accounts Signed-off-by: Kavindu Dodanduwa <[email protected]> * document the ARN usage Signed-off-by: Kavindu Dodanduwa <[email protected]> * add changelog entry Signed-off-by: Kavindu Dodanduwa <[email protected]> * code review changes Signed-off-by: Kavindu Dodanduwa <[email protected]> * code review change - fix typo Signed-off-by: Kavindu Dodanduwa <[email protected]> --------- Signed-off-by: Kavindu Dodanduwa <[email protected]> Co-authored-by: kaiyan-sheng <[email protected]> (cherry picked from commit 42f2d41) * fix backport commit Signed-off-by: Kavindu Dodanduwa <[email protected]> --------- Signed-off-by: Kavindu Dodanduwa <[email protected]> Co-authored-by: Kavindu Dodanduwa <[email protected]> Co-authored-by: Kavindu Dodanduwa <[email protected]>
Proposed commit message
PR adds support to Cloudwatch logs from source linked accounts. This is implemented by using existing configuration
log_group_arn
and mapping it toLogGroupIdentifier
of FilterLogEvents API [1]Checklist
CHANGELOG.next.asciidoc
orCHANGELOG-developer.next.asciidoc
.Note for reviewers
You could review commit by commit for better understanding of the changes
How to test this PR locally
This require a linked cloudwatch account. If already has one, then,
CLOUDWATCH_LOG
) [2]log_group_arn
Related issues
Addresses: #36642
And makes #36645 PR obsolete
closes #37681
Next step
Utilize
includeLinkedAccounts
when dealing with prefixes. To be done in a dedicated PR.[1] - https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_FilterLogEvents.html
[1] - https://github.com/Kavindu-Dodan/data-gen