Workflows

George Alpizar
George Alpizar
  • Updated

Overview

You can use this document to learn about the configuration parameters available in a configuration file, specifically for Workflows.

A workflow maps inputs, processors, and outputs that are logically grouped, based on the underlying use-cases and analytics being performed.

Note

To create a new workflow, you must have existing inputs, processors, destinations, thresholds, and filters to add to the new workflow. You cannot create a workflow without these existing components.

Review Sample Configuration

Review the following sample configuration:

workflows:
  application_workflow:
    input_labels:
      - system_stats
      - agent_stats
      - application_logs
    processors:
      - error-check
      - fail-check
      - success-check
    destinations:
      - sumo-logic-devops-integration
      - slack-devops-integration

  security_workflow:
    input_labels:
      - syslog_traffic
      - windows_events
      - auth_logs
    filters:
      - not_debug
    processors:
      - traffic-patterns
      - authentication-monitoring
      - system-patterns
    destinations:
      - sumo-logic-security-integration
      - slack-security-integration

  enabled_hosts_workflow:
    description: "runs only specified hosts"
    input_labels:
      - system
      - docker
      - agent
      - infa-processes
    filters:
      - info
    destinations:
      - '{{ Env "TEST_SUMO" }}'
    enabled_hosts:
      - my.host.us1
      - my.host.us2

Review Parameters 

Review the following parameters that you can configure in the Edge Delta App.

name

Required

Enter a descriptive name for the workflow.

A workflow name is used for labeling and organizing workflows within a configuration.

A workflow name is not reported to any destination.

Review the following example: 

billing-cluster-workflow:

input_labels

Required

This parameter displays existing inputs that you can add to the workflow.

Review the following example:

input_labels:
  - billing

processors

Optional

This parameter displays existing processors that you can add to the workflow.

Review the following example: 

processors:
  - clustering

destinations

Optional 

This parameter displays existing outputs that you can add to the workflow.

Review the following example: 

destinations:
      - datadog-default

enabled_hosts

Optional

You can use this parameter to limit the workflow to specific hosts.

With this parameter, the workflow will only run if the agent host is specified. 

Review the following example: 

enabled_hosts:
  - my.host.us1
  - my.host.us2

thresholds

Optional

This parameter displays existing thresholds that you can add to the workflow.

Review the following example: 

thresholds:
  - cluster-errors-threshold

filters

Optional 

This parameter displays existing filters that you can add to the workflow.

The filter step takes place before incoming logs are passed to the processors.

Review the following example: 

filters:
  - info

description

Optional 

Enter a brief description to describe the purpose of the workflow.

Review the following example: 

description: "runs only specified hosts"

Configure an Expiring Workflow

To define an expiring workflow, set an expiration time in the workflow definition with the expires_in parameter.

With an expiring workflow, you can also enable log forwarding for a specified time with the log_forward_workflow parameter.

Note

The "expires_in" time format must be in RFC3339 format.

Review the following sample configuration:

workflows:
  log_forward_workflow:
    input_labels:
      - system_stats
      - agent_stats
      - application_logs
    filters:
      - not_debug
    destinations:
      - sumo-logic-devops-integration
    expires_in: 2021-06-01T12:00:00.000Z

Create and Manage a Workflow

To create and manage a workflow, you must populate a YAML file.

To access the YAML file for a new configuration:

Note

To create a new workflow, you must have existing inputs, processors, destinations, thresholds, and filters to add to the new workflow. You cannot create a workflow without these existing components.

  1. In the Edge Delta App, on the left-side navigation, click Data Pipeline, and then click Agent Settings.
  2. Click Create Configuration.
  3. Click YAML.
  4. Enter the desired parameters, specifically the desired inputs, processors, destinations, thresholds, and filters to add to the workflow.
  5. Click Save

To access the YAML file for an existing configuration:

  1. In the Edge Delta App, on the left-side navigation, click Data Pipeline, and then click Agent Settings.
  2. Locate the desired configuration, then under Actions, click the vertical ellipses, and then click Edit.
  3. Review the YAML file, make your changes, and then click Save.
Share this document