chronicle) lets you configure your telemetry pipeline to output data to
Google Chronicle.
Supported telemetry types
The for Chronosphere Telemetry Pipeline supports these telemetry types:| Logs | Metrics | Traces |
|---|---|---|
Configuration parameters
Use the parameters in this section to configure the . The Telemetry Pipeline web interface uses the items in the Name column to describe these parameters. Pipeline configuration files use the items in the Key column as YAML keys.Chronicle Settings
| Name | Key | Description | Default |
|---|---|---|---|
| Google Service Credentials Path | google_service_credentials | The Service Credentials file lets Telemetry Pipeline communicate directly with Google Cloud Services using a service account. | none |
| GCP Service Account Email | service_account_email | Account email associated with the service. Available only if no credentials file has been provided. | none |
| GCP Service Account Secret | service_account_secret | Private key content associated with the service account. Available only if no credentials file has been provided. | none |
| GCP Project Id | project_id | The project ID containing the tenant of Google Chronicle to stream into. | none |
| Google Chronicle Customer ID | customer_id | Required. The customer ID to identify the tenant of Google Chronicle to stream into. | none |
| Google Chronicle Log Type | log_type | Required. The log type to handle the request entries. Users must set up the valid, supported log type or the Google Chronicle service denies log ingestion. | none |
| Google Chronicle Log Key | log_key | Required. Specifies the field that contains the log type specified in log_type. By default, the whole log record is sent to Google Chronicle. | none |
Advanced
| Name | Key | Description | Default |
|---|---|---|---|
| Region Location | region | The GCP region in which to store Google Chronicle security logs. Accepted values: ASIA, EU, UK, US. | US |
Security and TLS
| Name | Key | Description | Default |
|---|---|---|---|
| TLS | tls | If true, enables TLS/SSL. If false, disables TLS/SSL. Accepted values: true, false. | false |
| TLS Certificate Validation | tls.verify | If on, and if tls is true, enables TLS/SSL certificate validation. If off, disables TLS/SSL certificate validation. Accepted values: on, off. | on |
| TLS Debug Level | tls.debug | Sets TLS debug verbosity level. Accepted values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose). | 1 |
| CA Certificate File Path | tls.ca_file | Absolute path to CA certificate file. | none |
| Certificate File Path | tls.crt_file | Absolute path to certificate file. | none |
| Private Key File Path | tls.key_file | Absolute path to private key file. | none |
| Private Key Path Password | tls.key_passwd | Password for private key file. | none |
| TLS SNI Hostname Extension | tls.vhost | Hostname to be used for TLS SNI extension. | none |
Advanced Networking
| Name | Key | Description | Default |
|---|---|---|---|
| DNS Mode | net.dns.mode | Selects the primary DNS connection type, which can be TCP or UDP. | none |
| DNS Resolver | net.dns.resolver | Selects the primary DNS connection type, which can be LEGACY or ASYNC. | none |
| Prefer IPv4 | net.dns.prefer_ipv4 | Prioritizes IPv4 DNS results when trying to establish a connection. Accepted values: true, false. | false |
| Keepalive | net.keepalive | Enables or disables Keepalive support. Accepted values: true, false. | true |
| Keepalive Idle Timeout | net.keepalive_idle_timeout | Sets the maximum time allowed for an idle Keepalive connection. | 30s |
| Max Connect Timeout | net.connect_timeout | Sets the maximum time allowed to establish a connection, which includes the TLS handshake. | 10s |
| Max Connect Timeout Log Error | net.connect_timeout_log_error | Specifies whether to log an error on connection timeout. When disabled, the timeout is logged as a debug message. Accepted values: true, false. | true |
| Max Keepalive Recycle | net.keepalive_max_recycle | Sets the maximum number of times a keepalive connection can be used before it’s retired. | 2000 |
| Source Address | net.source_address | Specifies the network address to bind for data traffic. | none |