Overview
You can use this document to learn about the configuration parameters available in a configuration file, specifically for Workflows.
A workflow maps inputs, processors, and outputs that are logically grouped, based on the underlying use-cases and analytics being performed.
Note
To create a new workflow, you must have existing inputs, processors, destinations, thresholds, and filters to add to the new workflow. You cannot create a workflow without these existing components.
Review Parameters for a Workflow
YAML | Description | Required or Optional |
name |
Enter a descriptive name for the workflow. A workflow name is used for labeling and organizing workflows within a configuration. A workflow name is not reported to any destination. This parameter is required. |
Required |
input_labels |
This parameter displays existing inputs that you can add to the workflow. This parameter is required. To learn more, see Inputs. |
Required |
processors |
This parameter displays existing processors that you can add to the workflow. This parameter is optional. To learn more, see Processors Overview. |
Optional |
destinations |
This parameter displays existing outputs that you can add to the workflow. This parameter is optional. To learn more, see Create and Manage Outputs and Integrations. |
Optional |
enabled_hosts |
You can use this parameter to limit the workflow to specific hosts. With this parameter, the workflow will only run if the agent host is specified. This parameter is optional. |
Optional |
thresholds |
This parameter displays existing thresholds that you can add to the workflow. This parameter is optional. To learn more, see Thresholds. |
Optional |
filters |
This parameter displays existing filters that you can add to the workflow. The filter step takes place before incoming logs are passed to the processors. This parameter is optional. To learn more, see Filters. |
Optional |
description |
Enter a brief description to describe the purpose of the workflow. This parameter is optional. |
Optional |
Review YAML Example of a Workflow
Review the following example of a YAML file populated with parameters:
workflows:
application_workflow:
input_labels:
- system_stats
- agent_stats
- application_logs
processors:
- error-check
- fail-check
- success-check
destinations:
- sumo-logic-devops-integration
- slack-devops-integration
security_workflow:
input_labels:
- syslog_traffic
- windows_events
- auth_logs
filters:
- not_debug
processors:
- traffic-patterns
- authentication-monitoring
- system-patterns
destinations:
- sumo-logic-security-integration
- slack-security-integration
enabled_hosts_workflow:
description: "runs only specified hosts"
input_labels:
- system
- docker
- agent
- infa-processes
filters:
- info
destinations:
- '{{ Env "TEST_SUMO" }}'
# workflow only runs if the agent host is one of these hosts.
enabled_hosts:
- my.host.us1
- my.host.us2
Configure an Expiring Workflow
To define an expiring workflow, set an expiration time in the workflow definition with the expires_in parameter.
With an expiring workflow, you can also enable log forwarding for a specified time with the log_forward_workflow parameter.
Note
The "expires_in" time format must be in RFC3339 format.
Review the following example:
workflows:
log_forward_workflow:
input_labels:
- system_stats
- agent_stats
- application_logs
filters:
- not_debug
destinations:
- sumo-logic-devops-integration
expires_in: 2021-06-01T12:00:00.000Z
Create and Manage a Workflow
To create and manage a workflow, you must populate a YAML file.
To access the YAML file for a new configuration:
Note
To create a new workflow, you must have existing inputs, processors, destinations, thresholds, and filters to add to the new workflow. You cannot create a workflow without these existing components.
- In the Edge Delta App, on the left-side navigation, click Data Pipeline, and then click Agent Settings.
- Click Create Configuration.
- Click YAML.
- Enter the desired parameters, specifically the desired inputs, processors, destinations, thresholds, and filters to add to the workflow.
- Click Save.
To access the YAML file for an existing configuration:
- In the Edge Delta App, on the left-side navigation, click Data Pipeline, and then click Agent Settings.
- Locate the desired configuration, then under Actions, click the vertical ellipses, and then click Edit.
- Review the YAML file, make your changes, and then click Save.