Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add vpcflow logs standalone S3 option #6936

Merged
merged 5 commits into from Aug 1, 2023
Merged

Add vpcflow logs standalone S3 option #6936

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
3182d67
Add vpcflow logs standalone S3 option
tdancheva Jul 12, 2023
9d115ab
Changelog and manifest
tdancheva Jul 12, 2023
14bcf13
Move SQS field
tdancheva Jul 21, 2023
837074b
Merge branch 'main' into vpcflow-s3-option
tdancheva Jul 24, 2023
ae118b2
Merge branch 'main' into vpcflow-s3-option
tdancheva Aug 1, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 5 additions & 0 deletions packages/aws/changelog.yml
View file
Open in desktop
@@ -1,4 +1,9 @@
# newer versions go on top
- version: "1.47.0"
changes:
- description: Add standalone S3 option for vpcflow
type: enhancement
link: https://github.com/elastic/integrations/pull/6936
- version: "1.46.3"
changes:
- description: Add missing S3 fields for vpcflow
Expand Down
32 changes: 27 additions & 5 deletions packages/aws/data_stream/vpcflow/agent/stream/aws-s3.yml.hbs
View file
Open in desktop
@@ -1,9 +1,22 @@
queue_url: {{queue_url}}
{{#if credential_profile_name}}
credential_profile_name: {{credential_profile_name}}
{{#if collect_s3_logs}}

{{#if bucket_arn}}
bucket_arn: {{bucket_arn}}
{{/if}}
{{#if shared_credential_file}}
shared_credential_file: {{shared_credential_file}}
{{#if number_of_workers}}
number_of_workers: {{number_of_workers}}
{{/if}}
{{#if interval}}
bucket_list_interval: {{interval}}
{{/if}}
{{#if bucket_list_prefix}}
bucket_list_prefix: {{bucket_list_prefix}}
{{/if}}

{{else}}

{{#if queue_url}}
queue_url: {{queue_url}}
{{/if}}
{{#if visibility_timeout}}
visibility_timeout: {{visibility_timeout}}
Expand All @@ -14,6 +27,15 @@ api_timeout: {{api_timeout}}
{{#if max_number_of_messages}}
max_number_of_messages: {{max_number_of_messages}}
{{/if}}

{{/if}}

{{#if credential_profile_name}}
credential_profile_name: {{credential_profile_name}}
{{/if}}
{{#if shared_credential_file}}
shared_credential_file: {{shared_credential_file}}
{{/if}}
{{#if default_region}}
default_region: {{default_region}}
{{/if}}
Expand Down
58 changes: 48 additions & 10 deletions packages/aws/data_stream/vpcflow/manifest.yml
View file
Open in desktop
Expand Up @@ -7,27 +7,65 @@ streams:
description: Collect AWS vpcflow logs using s3 input
enabled: false
vars:
- name: collect_s3_logs
required: true
show_user: true
title: Collect logs via S3 Bucket
description: To Collect logs via S3 bucket enable the toggle switch. By default, it will collect logs via SQS Queue.
type: bool
multi: false
default: false
- name: bucket_arn
type: text
title: "[S3] Bucket ARN"
multi: false
required: false
show_user: true
description: Mandatory if the "Collect logs via S3 Bucket" switch is on. It is a required parameter for collecting logs via the AWS S3 Bucket.
- name: queue_url
type: text
title: "[SQS] Queue URL"
multi: false
required: false
show_user: true
description: Mandatory if the "Collect logs via S3 Bucket" switch is off. URL of the AWS SQS queue that messages will be received from.
- name: bucket_list_prefix
type: text
title: "[S3] Bucket Prefix"
multi: false
required: false
show_user: false
description: Prefix to apply for the list request to the S3 bucket.
- name: interval
type: text
title: "[S3] Interval"
multi: false
required: false
show_user: false
default: 1m
description: "Time interval for polling listing of the S3 bucket. NOTE: Supported units for this parameter are h/m/s."
- name: number_of_workers
type: integer
title: "[S3] Number of Workers"
multi: false
required: false
show_user: false
default: 5
description: Number of workers that will process the S3 objects listed.
- name: visibility_timeout
type: text
title: Visibility Timeout
title: "[SQS] Visibility Timeout"
multi: false
required: false
show_user: false
description: The duration that the received messages are hidden from subsequent retrieve requests after being retrieved by a ReceiveMessage request. The maximum is 12 hours.
- name: api_timeout
type: text
title: API Timeout
title: "[SQS] API Timeout"
multi: false
required: false
show_user: false
description: The maximum duration of AWS API can take. The maximum is half of the visibility timeout value.
- name: queue_url
type: text
title: Queue URL
multi: false
required: true
show_user: true
description: URL of the AWS SQS queue that messages will be received from.
- name: fips_enabled
type: bool
title: Enable S3 FIPS
Expand Down Expand Up @@ -64,7 +102,7 @@ streams:
default: false
- name: max_number_of_messages
type: integer
title: Maximum Concurrent SQS Messages
title: "[SQS] Maximum Concurrent SQS Messages"
description: The maximum number of SQS messages that can be inflight at any time.
default: 5
required: false
Expand Down
2 changes: 1 addition & 1 deletion packages/aws/manifest.yml
View file
Open in desktop
@@ -1,7 +1,7 @@
format_version: 1.0.0
name: aws
title: AWS
version: 1.46.3
version: 1.47.0
license: basic
description: Collect logs and metrics from Amazon Web Services (AWS) with Elastic Agent.
type: integration
Expand Down