Forwarding logs from Azure log analytics and other managed azure services
In-order to send the logs from Azure we need to use Azure EventHub. Please get the
- Installing using Azure Cloud Shell
- Run the below command to download
logs-forwarder.ps1in the Azure cloud Shell (select Powershell)
(New-Object System.Net.WebClient).DownloadFile("https://raw.githubusercontent.com/PacketAI/azure-logs-forwarder/main/logs-forwarder.ps1", "logs-forwarder.ps1")
./logs-forwarder.ps1 -SubscriptionId YOUR_SID -PAI_IID YOUR_PAI_IID -PAI_TOKEN YOUR_PAI_TOKEN -PacketAISite vector-ingester-logpatterns.packetai.co -ResourceGroupLocation westeurope
- ResourceLocation(region) should be where your application logs are located on Azure
SubscriptionIdenter the subscription id which will be used to deploy azure functions forward the data PacketAI.
YOUR_PAI_TOKENneeds to get them from
Goto App Insights page on Azure portal.
Click on one of the application and click on Diagnose settings and Click on Add diagnosis settings.
Enter diagnosis setting name, and select the categories and click on the checkboxes. you can exclude the metrics. Afterwards select the Stream to an event hub, Select the subscription (the same as the one we used when installing packetai log forwarder), Select the hub namespace (should starts with packetai-ns-uid), and event hub name (packetai-eventhub). Afterwards, you can click on save button on top left.
PS: The event hub namespace and you application should be in the same region, otherwise event hub won't be visible
To forward logs from Azure Log Analytics, go to Log analytics page in Azure portal.
Click on New export rule, to select the logs to forward to event hub.
Enter the Rule name (packetai-eventhub)
Select the list of log sources to export
Select the destination: select the event hub namespace previously created and the even hub name as packetai-eventhub
Review and click on Create
It's possible to forward the logs from other services of Azure, As long as the resource has a
Diagnostic settingsavailable it's possible to forward the logs to Event hub, and then sent to PacketAI backend server. The process is same as App Insights