Workflows

George Alpizar
George Alpizar
  • Updated

Overview

You can use this document to learn about the configuration parameters available in a configuration file, specifically for Workflows.

A workflow maps inputs, processors, and outputs that are logically grouped, based on the underlying use-cases and analytics being performed.

Note

To create a new workflow, you must have existing inputs, processors, destinations, thresholds, and filters to add to the new workflow. You cannot create a workflow without these existing components.

Review Parameters for a Workflow

Visual Editor YAML Description Required or Optional 
Name name

Enter a descriptive name for the workflow.

A workflow name is used for labeling and organizing workflows within a configuration.

A workflow name is not reported to any destination.

 Required
Input Labels  input_labels

This parameter displays existing inputs that you can add to the workflow.

To learn more, see Inputs.

 Required
Processors processors

This parameter displays existing processors that you can add to the workflow.

To learn more, see Processors Overview.

 Optional
Destinations destinations

This parameter displays existing outputs that you can add to the workflow.

To learn more, see Create and Manage Outputs and Integrations.

 Optional
Not applicable enabled_hosts

You can use this parameter to limit the workflow to specific hosts.

With this parameter, the workflow will only run if the agent host is specified. 

 Optional
Thresholds thresholds

This parameter displays existing thresholds that you can add to the workflow.

To learn more, see Thresholds.

 Optional
Filters filters

This parameter displays existing filters that you can add to the workflow.

The filter step takes place before incoming logs are passed to the processors.

To learn more, see Filters.

 Optional
Description description Enter a brief description to describe the purpose of the workflow. Optional

 

Review YAML Example of a Workflow

Review the following example of a YAML file populated with parameters:

workflows:
  application_workflow:
    input_labels:
      - system_stats
      - agent_stats
      - application_logs
    processors:
      - error-check
      - fail-check
      - success-check
    destinations:
      - sumo-logic-devops-integration
      - slack-devops-integration

  security_workflow:
    input_labels:
      - syslog_traffic
      - windows_events
      - auth_logs
    filters:
      - not_debug
    processors:
      - traffic-patterns
      - authentication-monitoring
      - system-patterns
    destinations:
      - sumo-logic-security-integration
      - slack-security-integration

  enabled_hosts_workflow:
    description: "runs only specified hosts"
    input_labels:
      - system
      - docker
      - agent
      - infa-processes
    filters:
      - info
    destinations:
      - '{{ Env "TEST_SUMO" }}'
    # workflow only runs if the agent host is one of these hosts.
    enabled_hosts:
      - my.host.us1
      - my.host.us2

Configure an Expiring Workflow

To define an expiring workflow, set an expiration time in the workflow definition with the expires_in parameter.

With an expiring workflow, you can also enable log forwarding for a specified time with the log_forward_workflow parameter.

Note

The "expires_in" time format must be in RFC3339 format.

Review the following example:

workflows:
  log_forward_workflow:
    input_labels:
      - system_stats
      - agent_stats
      - application_logs
    filters:
      - not_debug
    destinations:
      - sumo-logic-devops-integration
    expires_in: 2021-06-01T12:00:00.000Z

Create and Manage a Workflow

At a high level, there are 2 ways to create and manage Workflows:

  • If you need to create a new configuration, then you can use the visual editor to populate a YAML file, as well as make changes directly in the YAML file.
  • If you already have an existing configuration, then you can update the configuration in the YAML file.

Option 1: Access the visual editor for a new configuration

Note

To create a new workflow, you must have existing inputs, processors, destinations, thresholds, and filters to add to the new workflow. You cannot create a workflow without these existing components.

  1. In the Edge Delta App, on the left-side navigation, click Data Pipeline, and then click Agent Settings.
  2. Click Create Configuration.
  3. Click Visual.
  4. On the right-side, select Workflows.
  5. Enter a Name and Description.
  6. Select the desired inputs, processors, destinations, thresholds, and filters to add to the workflow.
  7. To make additional configurations to the configuration file, click the back button, and then select a new configuration parameter to manage.
  8. To save the configuration and exit the visual editor, click Save.
  9. Refresh the page to view the newly created configuration in the table.

Option 2: Access the YAML file for an existing configuration

  1. In the Edge Delta App, on the left-side navigation, click Data Pipeline, and then click Agent Settings.
  2. Locate the desired configuration, then under Actions, click the vertical ellipses, and then click Edit.
  3. Review the YAML file, make your changes, and then click Save.
Share this document