Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ECI-396] Add logging module #31

Merged
merged 10 commits into from
Feb 5, 2025
Merged

[ECI-396] Add logging module #31

merged 10 commits into from
Feb 5, 2025

Conversation

sva91
Copy link
Contributor

@sva91 sva91 commented Jan 22, 2025
edited
Loading

What

  • Get All log groups in tenancy, and get all logs from log groups. This is required because log resources for resources from which we want to forward logs maybe present in other compartments.
  • Add timeCreated field for resources in discovery. This helps add deterministic behavior for log creation
  • Add logging module
  1. It takes in resources from which logs should be forwarded for a compartment, all existing log resources in tenancy and services from which logs need to be forwarded.
  2. It finds existing loggroups from which logs should be forwarded.
  3. It creates a new log group "datadog-service-logs" in the compartment.
  4. It generates log resources for resources which don't have logging already enabled.
  5. It outputs existing loggroups and loggroup id for the newly created "datadog-service-logs" group.

Why

  • Setting up infrastructure for log forwarding

Testing

  1. Base Case : Stack Link
  2. Re-execution of stack with more compartments: If more compartments are added in compartments csv and stack is reexecuted, logs from new compartments will be generated, and nothing will happen to existing log resources.
  3. Re-execution of stack with no variables changed: New resources generated since the last execution will be found, and log forwarding will be setup from these new resources
  4. Re-execution of stack with change in exclude_services variable : This should also be honored correctly, although we might regenerate some log resources in this case.

Issues Fixed During Testing

  • Display Name of resource may have a space. To derive log resource display name from resource name, replace " " with "_".
  • Resource Types from resourcediscovery may be Camelcase. Make them lower case to match existing log resources.
  • Objectstorage is a special case requiring resource.display_name instead of resource.id, in order to generate logging resource.
  • If there is a log-category = "all", we can't enable specific categories. For example, for flowlogs, categories = ["all", "flowlogs"]. We only need to enable logs of "all" category, which collects information for the entire service. This is now handled in the code.

@sva91 sva91 marked this pull request as ready for review January 24, 2025 18:45
@sva91 sva91 changed the title prepare tuples for log forwarding [ECI-396] Add logging module Jan 24, 2025
@sva91 sva91 added the eci label Jan 28, 2025
@sva91 sva91 requested a review from a team January 29, 2025 23:00
@sva91
Sva91/eci 397 handle audit log configs (#32)
1ff1476 
* ECI-397 Add Audit Log Forwarding

* Uncomment audit log name

* reviewer comment
bengillmandd
bengillmandd approved these changes Jan 30, 2025
View reviewed changes
Copy link
Contributor

@bengillmandd bengillmandd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just had a couple of nitpicks. I'm not the best person to review this so might be good to get Kanishk's review too

datadog-logs-oci-orm/modules/logging/main.tf
@@ -0,0 +1,35 @@
resource "oci_logging_log_group" "datadog_service_log_group" {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This exists already for audit logs yeah? That is why we don't need to create this for audit logs too?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's correct. Audit Log group for a compartment is created when the compartment itself is created.

sva91 added 2 commits February 5, 2025 13:20
@sva91
ECI-398 Add connectorhub module (#35)
947c16e 
* ECI-398 Add connectorhub module

* fix bugs

* simplify audit log input

* uncomment modules

* Sva91/ECI-399 E2E logs private beta update stack (#36)

* modify as per updated requirements

* remove resource prefix from policy

* fix bug

* fix login issue

* Reviewer comments
ECI-399

* Reviewer comments
@sva91
reviewer comments
7bd7284
@sva91 sva91 merged commit e1360d3 into sva91/log_forwarding_automation_modules Feb 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bengillmandd bengillmandd bengillmandd approved these changes

Assignees
No one assigned
Labels
eci
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@sva91 @bengillmandd