From f9c7b6e9658f7962686cca063c020a0378894e89 Mon Sep 17 00:00:00 2001 From: Jed Laundry Date: Sat, 10 Feb 2024 11:29:24 +1300 Subject: [PATCH 1/2] Update azure_logs_ingestion.md Signed-off-by: Jed Laundry --- pipeline/outputs/azure_logs_ingestion.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pipeline/outputs/azure_logs_ingestion.md b/pipeline/outputs/azure_logs_ingestion.md index e008ac4da..20e071be1 100644 --- a/pipeline/outputs/azure_logs_ingestion.md +++ b/pipeline/outputs/azure_logs_ingestion.md @@ -33,6 +33,7 @@ To get more details about how to setup these components, please refer to the fol | client\_secret| _Required_ - The client secret of the AAD application ([App Secret](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret)). || | dce\_url | _Required_ - Data Collection Endpoint(DCE) URL. || | dcr\_id | _Required_ - Data Collection Rule (DCR) immutable ID (see [this document](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/tutorial-logs-ingestion-portal#collect-information-from-the-dcr) to collect the immutable id) || +| stream\_name | _Required_ - Data Collection Rule (DCR) stream name (see [this document](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/tutorial-logs-ingestion-portal#collect-information-from-the-dcr) to collect the stream name) || | table\_name | _Required_ - The name of the custom log table (include the `_CL` suffix as well if applicable) || | time\_key | _Optional_ - Specify the key name where the timestamp will be stored. | `@timestamp` | | time\_generated | _Optional_ - If enabled, will generate a timestamp and append it to JSON. The key name is set by the 'time_key' parameter. | `true` | @@ -83,6 +84,7 @@ Use this configuration to quickly get started: dce_url https://log-analytics-dce-XXXX.region-code.ingest.monitor.azure.com dcr_id dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx table_name ladcr_CL + stream_name Custom-ladcr_CL time_generated true time_key Time Compress true From b6d4b54025280c67c840adffa593f6e54e3ef246 Mon Sep 17 00:00:00 2001 From: Jed Laundry Date: Thu, 28 Nov 2024 14:43:21 +1300 Subject: [PATCH 2/2] update docs with new Microsoft link --- pipeline/outputs/azure_logs_ingestion.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/pipeline/outputs/azure_logs_ingestion.md b/pipeline/outputs/azure_logs_ingestion.md index 20e071be1..b144dd044 100644 --- a/pipeline/outputs/azure_logs_ingestion.md +++ b/pipeline/outputs/azure_logs_ingestion.md @@ -33,8 +33,7 @@ To get more details about how to setup these components, please refer to the fol | client\_secret| _Required_ - The client secret of the AAD application ([App Secret](https://docs.microsoft.com/en-us/azure/active-directory/develop/howto-create-service-principal-portal#option-2-create-a-new-application-secret)). || | dce\_url | _Required_ - Data Collection Endpoint(DCE) URL. || | dcr\_id | _Required_ - Data Collection Rule (DCR) immutable ID (see [this document](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/tutorial-logs-ingestion-portal#collect-information-from-the-dcr) to collect the immutable id) || -| stream\_name | _Required_ - Data Collection Rule (DCR) stream name (see [this document](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/tutorial-logs-ingestion-portal#collect-information-from-the-dcr) to collect the stream name) || -| table\_name | _Required_ - The name of the custom log table (include the `_CL` suffix as well if applicable) || +| stream\_name | _Required_ - Data Collection Rule (DCR) stream name (see [this document](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/tutorial-logs-ingestion-api)) || | time\_key | _Optional_ - Specify the key name where the timestamp will be stored. | `@timestamp` | | time\_generated | _Optional_ - If enabled, will generate a timestamp and append it to JSON. The key name is set by the 'time_key' parameter. | `true` | | compress | _Optional_ - Enable HTTP payload gzip compression. | `true` | @@ -83,7 +82,6 @@ Use this configuration to quickly get started: tenant_id XXXXXXXX-xxxx-yyyy-zzzz-xxxxyyyyzzzzxyzz dce_url https://log-analytics-dce-XXXX.region-code.ingest.monitor.azure.com dcr_id dcr-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx - table_name ladcr_CL stream_name Custom-ladcr_CL time_generated true time_key Time