Create Diagnostic setting with terraform to send specific log categories to Log Analytics and Storage Accounts?
I am hoping to configure the streaming export of platform logs on Azure for some Kubernetes service, i wish to send some of the logs to log analytics workspace and others to a storage account. I wish to do this via terraform.
I looked at the documentation for azurerm_monitor_diagnostic_setting, however i am unsure how to go about specifically allocating log categories between log analytics workspace and storage accounts.
I Created a Diagnostic setting with Terraform to send specific log categories to Log Analytics and Storage Accounts and I was successful in provisioning the requirement.
To configure the streaming export of platform logs on Azure for a Kubernetes service and allocate log categories between a Log Analytics workspace and a storage account using Terraform, you can use the azurerm_monitor_diagnostic_setting resource.
My Terraform configuration:
data "azurerm_resource_group" "main"{
name = "v-bolliv"
}
resource "azurerm_kubernetes_cluster" "example" {
name = "demovk"
location = "eastus"
resource_group_name = data.azurerm_resource_group.main.name
dns_prefix = "demovkaks1"
default_node_pool {
name = "default"
node_count = 1
vm_size = "Standard_D2_v2"
}
identity {
type = "SystemAssigned"
}
}
resource "azurerm_log_analytics_workspace" "example" {
name = "og-analyticsvk-workspace"
location = "eastus"
resource_group_name = data.azurerm_resource_group.main.name
# Add other required configuration for your Log Analytics workspace
}
resource "azurerm_storage_account" "example" {
name = "demostoragevksb"
resource_group_name = data.azurerm_resource_group.main.name
location = "eastus"
account_tier = "Standard"
account_replication_type = "GRS"
# Add other required configuration for your storage account
}
resource "azurerm_monitor_diagnostic_setting" "example" {
name = "diagnosticvk-setting"
target_resource_id = azurerm_kubernetes_cluster.example.id
storage_account_id = azurerm_storage_account.example.id
enabled_log {
category = "kube-apiserver"
}
enabled_log {
category = "kube-controller-manager"
}
}
resource "azurerm_eventhub_namespace" "example" {
name = "monitorlog"
location = data.azurerm_resource_group.main.location
resource_group_name = data.azurerm_resource_group.main.name
sku = "Standard"
capacity = 2
}
resource "azurerm_monitor_log_profile" "example" {
name = "default"
categories = [
"Action",
"Delete",
"Write",
]
locations = [
"eastus",
"global",
]
servicebus_rule_id = "${azurerm_eventhub_namespace.example.id}/authorizationrules/RootManageSharedAccessKey"
storage_account_id = azurerm_storage_account.example.id
retention_policy {
enabled = true
days = 7
}
}
Specify the desired log categories and their corresponding destinations within the azurerm_monitor_diagnostic_setting resource. In the above, kube-apiserver and kube-controller-manager logs are sent to the Log Analytics workspace, while other logs will be sent to the storage account.
Output:
- How can I define compile time constants in bicep configuration language?
- Outlook calendar don't render with FullCalendar
- Azure functions decoding error for IotHub device connection state message schema
- How do I set scope in Azure API Manager (APIM) when using D_application_id
- How to mount multiple disks in a loop using ansible
- How can I get sub value in nested json via KQL?
- Azure .NET SDK: Scale Azure SQL databases through SDK
- How can I invoke Azure Trusted Signing from a Linux OS?
- How to transfer "Set Variable" activity output into Json file using "Copy Data" activity or any other options?
- Verify Microsoft Access token on my ASP.NET Core Web API
- I'm trying to install the package from a private Azure DevOps repository using the pip install command, but I'm encountering an error
- Unable to define the sites for an App Registration for SahrePoint with Site.Selected
- Check if the resource exists before using data
- Not able to see azure 'LifecyclePolicyCompleted event' log
- Direct Web Push gives Error when used from Notification Hub
- Azure Remove User Consent to API
- Flutter-Azure Deviops pipelineThe discrepancy between the number of tests reported as passed or failed in the pipeline output and the test report
- App_location on deployment of a static webapp
- MSINotEnabled - Can't use KeyVault Reference in Azure Function
- Reading values from a key value based file and passing these values to azure devops template
- Deleting an Azure Loadbalancer Frontend IP configuration from python?
- How to retrieve the front door id from a Microsoft CDN (classic)
- What is HEAD operation in CosmosDB reported in Azure Monitoring
- Deploying a Python App to Azure App Service with Github Actions
- How to Query User Access Logs for Azure Front Door
- How can I add email recipients to a Graph API request programmatically?
- How to create Azure Devops Service Connection Docker Registry Type Other
- Problem with CORS policy in React front end with FastAPI on the back trying to use Microsoft Single Sign-on
- Azure Document Intelligence Custom Classification Python API
- Azure Function App unaccounted for time in Application Insights Timeline