Ports Inputs

George Alpizar
George Alpizar
  • Updated

Overview

This input type allows you to specify a set of ports and protocols that the agent will listen for.

Ports are typically used to listen to incoming traffic from:

  • Network devices (firewalls, switches, routers)
  • Time-series metrics (statsd, graphite, carbon)
  • Centralized logging architectures (rsyslog, syslog-ng)

Review Parameters

Review the following parameters that you can configure in the Edge Delta App:

Visual Editor YAML Description
Labels labels

Enter a descriptive label for this input. 

When you create a workflow, you will use this label to enter your input into the workflow. 

errorcheck is the default label. 

This parameter is required. 

Review the following example: 

labels: "syslog,firewall"
Protocol protocol

Select (or enter) tcp or udp.

This parameter is required. 

Review the following example: 

protocol: tcp
Port port

Enter the port that the agent should listen for. 

This parameter is required. 

Review the following example: 

port: 514
Filters filters

Select an existing filter to add to this input. 

To learn how to create a filter, see Filters.

This parameter is optional. 

Review the following example: 

test
Not applicable  line_patterns

To have the agent process lines for a specific line separation rule, you need to define a "line_pattern" regex rule.

  • When you define a "line_pattern" regex rule, the agent will not process lines for New Line("\n").

This parameter is optional. 

Review the following example: 

line_pattern: '^\d{4}-\d{2}-\d{2}\s+\d{2}:\d{2}:\d{2}'
Not applicable tls

You can use this parameter to verify a certificate. 

Enter the certificate's path. 

This parameter is optional. 

Review the following example: 

tls:
  crt_file: /certs/server-cert.pem
  key_file: /certs/server-key.pem
  ca_file: /certs/ca.pem
Not applicable

enrichments

You can use this parameter to enrich data with specified extracted fields. 

To learn how to enrich data from inputs, see Enrich Input Data.

This parameter is optional. 

Review the following example: 

   - labels: k8s_log
      path: /var/logs/anyDir/MyApp/users/MyPodID/transaction.log
      enrichments:
        from_path:
          field_mappings:
            - field_name: application
              pattern: /var/logs/anyDir/(?:(.+)/)?users/.*

Review Sample Configuration

Review the following sample configuration:

  ports:
    - protocol: tcp
      port: 514
      labels: "syslog,firewall"
      line_pattern: '^\d{4}-\d{2}-\d{2}\s+\d{2}:\d{2}:\d{2}'
    - protocol: tcp
      port: 24680
      labels: "errorcheck"
    - protocol: udp
      port: 13579
      labels: "errorcheck"
    - protocol: tcp
      port: 8080
      labels: "syslog,tls,service_a"
      tls:
        crt_file: /certs/server-cert.pem
        key_file: /certs/server-key.pem
        ca_file: /certs/ca.pem

 

Share this document