Workflows

George Alpizar
George Alpizar
  • Updated

Overview

You can use this document to learn about the configuration parameters available in a configuration file, specifically for Workflows.

A workflow maps inputs, processors, and outputs that are logically grouped, based on the underlying use-cases and analytics being performed.

Note

To create a new workflow, you must have existing inputs, processors, destinations, thresholds, and filters to add to the new workflow. You cannot create a workflow without these existing components.


Review Parameters for a Workflow

YAML Description Required or Optional 
name

Enter a descriptive name for the workflow.

A workflow name is used for labeling and organizing workflows within a configuration.

A workflow name is not reported to any destination.

This parameter is required. 

Required
input_labels

This parameter displays existing inputs that you can add to the workflow.

This parameter is required. 

To learn more, see Inputs.

Required
processors

This parameter displays existing processors that you can add to the workflow.

This parameter is optional. 

To learn more, see Processors Overview.

Optional
destinations

This parameter displays existing outputs that you can add to the workflow.

This parameter is optional. 

To learn more, see Create and Manage Outputs and Integrations.

Optional
enabled_hosts

You can use this parameter to limit the workflow to specific hosts.

With this parameter, the workflow will only run if the agent host is specified. 

This parameter is optional. 

Optional
thresholds

This parameter displays existing thresholds that you can add to the workflow.

This parameter is optional. 

To learn more, see Thresholds.

Optional
filters

This parameter displays existing filters that you can add to the workflow.

The filter step takes place before incoming logs are passed to the processors.

This parameter is optional. 

To learn more, see Filters.

Optional
description

Enter a brief description to describe the purpose of the workflow.

This parameter is optional. 

Optional

 


Review YAML Example of a Workflow

Review the following example of a YAML file populated with parameters:

workflows:
  application_workflow:
    input_labels:
      - system_stats
      - agent_stats
      - application_logs
    processors:
      - error-check
      - fail-check
      - success-check
    destinations:
      - sumo-logic-devops-integration
      - slack-devops-integration

  security_workflow:
    input_labels:
      - syslog_traffic
      - windows_events
      - auth_logs
    filters:
      - not_debug
    processors:
      - traffic-patterns
      - authentication-monitoring
      - system-patterns
    destinations:
      - sumo-logic-security-integration
      - slack-security-integration

enabled_hosts_workflow: description: "runs only specified hosts" input_labels: - system - docker - agent - infa-processes filters: - info destinations: - '{{ Env "TEST_SUMO" }}' # workflow only runs if the agent host is one of these hosts. enabled_hosts: - my.host.us1 - my.host.us2

Configure an Expiring Workflow

To define an expiring workflow, set an expiration time in the workflow definition with the expires_in parameter.

With an expiring workflow, you can also enable log forwarding for a specified time with the log_forward_workflow parameter.

Note

The "expires_in" time format must be in RFC3339 format.

Review the following example:

workflows:
  log_forward_workflow:
    input_labels:
      - system_stats
      - agent_stats
      - application_logs
    filters:
      - not_debug
    destinations:
      - sumo-logic-devops-integration
    expires_in: 2021-06-01T12:00:00.000Z

Create and Manage a Workflow

To create and manage a workflow, you must populate a YAML file.

To access the YAML file for a new configuration:

Note

To create a new workflow, you must have existing inputs, processors, destinations, thresholds, and filters to add to the new workflow. You cannot create a workflow without these existing components.

  1. In the Edge Delta App, on the left-side navigation, click Data Pipeline, and then click Agent Settings.
  2. Click Create Configuration.
  3. Click YAML.
  4. Enter the desired parameters, specifically the desired inputs, processors, destinations, thresholds, and filters to add to the workflow.
  5. Click Save

To access the YAML file for an existing configuration:

  1. In the Edge Delta App, on the left-side navigation, click Data Pipeline, and then click Agent Settings.
  2. Locate the desired configuration, then under Actions, click the vertical ellipses, and then click Edit.
  3. Review the YAML file, make your changes, and then click Save.

Share this document