Edge Delta Cribl Output
3 minute read
Overview
The Cribl output will stream analytics and insights to your Cribl endpoint.
Example
- name: cribl-http
type: cribl
endpoint: http://in.logstream..cribl.cloud:10080/crible/_bulk
token: ""
features: log,edac,metric,alert
Parameters
name
Required
Enter a descriptive name for the output or integration.
For outputs, this name will be used to map this destination to a workflow.
name: cribl-http
integration_name
Optional
This parameter refers to the organization-level integration created in the Integrations page.
If you need to add multiple instances of the same integration into the config, then you can add a custom name to each instance via the name parameter. In this situation, the name should be used to refer to the specific instance of the destination in the workflows.
integration_name: orgs-cribl
type
Required
Enter cribl.
type: cribl
endpoint
Required
Enter the full Cribl ingress endpoint.
endpoint: http://in.logstream.<tenant-id>.cribl.cloud:10080/crible/_bulk
token
Required
Enter the Cribl token.
token: "<add token>"
tls: disable_verify
Optional
To disable a TLS verification of a certificate, in the YAML file, enter disable_verify:true. To enable a TLS verification of the certificate, in the YAML file, you can enter disable_verify:false or you can remove this line entirely.
tls:
disable_verify: true
tls: ca_file
Optional
Enter the absolute file path to the CA certificate file.
tls:
ca_file: /var/etc/cribl/ca_file
tls: ca_path
Optional
Enter the absolute path to scan the CA certificate file.
tls:
ca_path: /var/etc/cribl
tls: crt_file
Optional
Enter the absolute path to the certificate file.
tls:
crt_file: /var/etc/kafka/crt_file
tls: key_file
Optional
Enter the absolute path to the private key file.
tls:
key_file: /certs/server-key.pem
tls: key_password
Optional
Enter the password for the key file.
tls:
key_password: p@ssword123
tls: client_auth_type
Optional
Enter a client authorization type.
You can enter:
- noclientcert
- requestclientcert
- requireanyclientcert
- verifyclientcertifgiven
- requireandverifyclientcert
tls:
client_auth_type: noclientcert
tls: min_version
Optional
Enter the minimum version of TLS to accept.
tls:
min_version: TLSv1_1
tls: max
Optional
Enter the maximum version of TLS to accept.
tls:
max_version: TLSv1_3
features
Optional
This parameter defines which data types to stream to the destination.
To learn more, see the following section on supported feature types.
features: log,edac,metric,alert
buffer_ttl
Optional
Enter a length of time to retry failed streaming data.
After this length of time is reached, the failed streaming data will no longer be tried.
buffer_ttl: 2h
buffer_path
Optional
Enter a folder path to temporarily store failed streaming data.
The failed streaming data will be retried until the data reaches its destinations or until the Buffer TTL value is reached.
If you enter a path that does not exist, then the agent will create directories, as needed.
buffer_path: /var/log/edgedelta/pushbuffer/
buffer_max_bytesize
Optional
Enter the maximum size of failed streaming data that you want to retry.
If the failed streaming data is larger than this size, then the failed streaming data will not be retried.
buffer_max_bytesize: 100MB
Supported Features
See Streaming Features.
| Feature Type | Supported? |
|---|---|
| Log | Yes |
| Metrics | Yes |
| Alert as event | Yes |
| Alert as log | No |
| Health | No |
| Dimensions as attribute | No |
| Send as is | No |
| Send as JSON | No |
| Custom tags | No |
| EDAC enrichment | No |
| Message template | No |
| outgoing_bytes.sum | Yes |
| outgoing__raw_bytes.sum | Yes |
| outgoing_lines.count | Yes |
| output buffering to disk | No |