Contoso Corporation faces challenges in efficiently analyzing API failures recorded in Kusto logs, hindering prompt issue identification. This GitHub repository offers a robust solution for analyzing API failures recorded in Kusto using Astronomer on Azure. The workflow seamlessly configures an Astronomer resource from the Azure, establishes Single Sign-On (SSO) integration with an Astronomer organization in a designated workspace, and deploys a Directed Acyclic Graph (DAG) through the user-friendly Astronomer or Airflow UI. Solution implemented is described in the image follows:
- App Registration in Azure Entra: Create and register your Azure AAD/Entra application and keep ApplicationId, ClientSecret, TenantId with you for later configurations and settings, know more about Apps on Azure Entra here.
- Assign App to Kusto Database: Assign application to kusto database and keep Data Explorer Connection String, ClientId, ClientSecret and TenantID for the app for further steps. Make sure necessary data is present in Kusto Database. To learn more about Kusto and Azure Data Explorer refer link
- Create CosmosDB: Create Cosmos DB and keep secret and connection string safe. To learn more about CosmoDB refer link
- Create StorageAccount: Create Storage Account, and queue and provide necessary permissions for them to app created in first step. To learn more about storage queue refer link
- Go to Azure portal and search for Astronomer and hit Create.
- Fill the resource creation form with details including Subscription, Resource Group, Azure Resource Name, Region, Astro Organization Name, Astro Workspace Name, Billing Term, Price+Payment options and hit "review+create".
- Once Create is succeful open the create resource and navigate to Astronomer from using the SSO link in resoure.
- Create a new deployment on Astronomer portal and hit "Create Deployment".
- Clone this repository use:
git clone https://github.com/Azure/AirflowMeetHyderabadDemo2023
- Install Astro CLI, use: https://docs.astronomer.io/astro/cli/install-cli
- Use
astro login
and follow prompted steps to login using the same your microsoft account used in Azure. - Use
astro workspace list
to list your workspaces and make sure that you are in the currect workspace. - Use
astro deploy
to deploy the code in your astro deployment created in step 4. - From deployment created in step 4, navigate to "Open in Airflow"
- In Airflow UI, select Admin > Variables and create following variables
Varaible | Value |
---|---|
DEMO_CLIENT_ID |
ClientId/AppId for AAD/Entra Application Created |
DEMO_CLIENT_SECRET |
ClientSecret for the above app |
DEMO_COSMOS_COLLECTION |
Collection Name to be used in CosmosDB |
DEMO_COSMOS_DATABASE |
Database Name to be used in CosmosDB |
DEMO_KUSTO_DATABASE |
Database Name to be used in Kusto/Azure Data Explorer |
DEMO_QUEUE_NAME |
Name of the queue to be used |
DEMO_STORAGE_ACCOUNT |
Storage account name to be used |
DEMO_TENANT_ID |
TenantId for components to used. |
- Create a new connection with
adx
id for Azure Data Explorer from Admin > Connections. Select Connection Type as:Azure Data Explorer
, provide cluster url, provide client/appId in cluster name, provide clientSecret in Password, add TenatID and in Authentication Method selectAAD_APP
. Ref screenshot below: - Create another connection with id as
cosmos_db
and select connection type as:Azure CosmosDB
, provide CosmosEndpoint and in Cosmos Master Key Token provide primary key for Comsos DB - Once done, go ahead and click run from Astronomer portal, your DAG should be running in a few minutes.
The DAG orchestrates the following tasks:
-
Log Retrieval
Fetch API failure logs from Kusto for analysis.
-
Data Analysis
Analyze the retrieved logs to identify patterns and trends related to API failures.
-
Azure Cosmos DB Storage
Store the processed data in Azure Cosmos DB for future reference and analysis.
-
Alert Generation and Azure Queue Storage
Trigger alerts based on predefined criteria for proactive issue identification and forward generated alerts to Azure Queue Storage for further processing and action.
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.