TELEMETRY PIPELINE
Amazon Kinesis Firehose

Amazon Kinesis Firehose destination plugin

The Amazon Kinesis Firehose destination plugin lets you configure Chronosphere Telemetry Pipeline to collect various data types such as logs, metrics, traces, and events and stream them directly to your Kinesis Firehose delivery stream.

Supported telemetry types

This plugin supports these telemetry types:

LogsMetricsTraces

Configuration parameters

Use the parameters in this section to configure your plugin. The Telemetry Pipeline web interface uses the values in the Name column to describe the parameters. Items in the Key column are the YAML keys to use in pipeline configuration files.

Required

NameKeyDescriptionDefault
RegionregionRequired. The AWS region to which to send your data.us-east-1
Firehouse delivery stream namedelivery_streamKinesis Firehouse name.none

AWS Authentication

NameKeyDescriptionDefault
IAM Role ARNrole_arnARN of an IAM role to assume. For example, for cross account access.none
Firehose API EndpointendpointCustom endpoint for the Firehose API.none
STS API Endpointsts_endpointCustom endpoint for the STS API.none
External ID for STS APIexternal_idSpecifies an external ID for the STS API. Can be used with the role_arn parameter if your role requires an external ID.none

Advanced

NameKeyDescriptionDefault
CompressioncompressionCompression type for Firehose records. Each log record is individually compressed and sent to Firehose. Accepted values: gzip, arrow (with arrow available only if Apache Arrow is enabled at compile time).none
Time Keytime_keyAdds the timestamp to the record under this key. By default, the timestamp from Telemetry Pipeline isn't added to records sent to Kinesis.none
Time Key Formattime_key_formatstrftime-compliant format string for the timestamp. This option is used with time_key.%Y-%m-%dT%H:%M:%S
Log Keylog_keyBy default, the entire log record is sent to Kinesis. If you specify a key name with this option, only the value of that key is sent to Kinesis. For example, if you're using the Fluentd Docker log driver, you can specify log_key log, and only the log message is sent to Kinesis.none
Enable Auto Retry Requestsauto_retry_requestsWhether to immediately retry failed requests to AWS services one time. This option doesn't affect the normal Telemetry Pipeline retry mechanism with backoff. Instead, it enables an immediate retry with no delay for networking errors, which can help improve throughput when there are transient or random networking issues. Accepted values: true, false.false

Security and TLS

NameKeyDescriptionDefault
TLStlsEnables or disables TLS/SSL support. Accepted values: true, false.false
TLS Certificate Validationtls.verifyEnables or disables TLS/SSL certificate validation. TLS must be enabled for certificates to be validated. Accepted values: off, on.on
TLS Debug Leveltls.debugSets TLS debug verbosity level. Accepted values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose).1
CA Certificate File Pathtls.ca_fileAbsolute path to CA certificate file.none
Certificate File Pathtls.crt_fileAbsolute path to certificate file.none
Private Key File Pathtls.key_fileAbsolute path to private key file.none
Private Key Path Passwordtls.key_passwdPassword for private key file.none
TLS SNI Hostname Extensiontls.vhostHostname to be used for TLS SNI extension.none

Advanced Networking

NameKeyDescriptionDefault
DNS Modenet.dns.modeSelects the primary DNS connection type, which can be TCP or UDP.none
DNS Resolvernet.dns.resolverSelects the primary DNS connection type, which can be LEGACY or ASYNC.none
Prefer IPv4net.dns.prefer_ipv4Prioritizes IPv4 DNS results when trying to establish a connection. Accepted values: true, false.false
Keepalivenet.keepaliveEnables or disables Keepalive support. Accepted values: true, false.true
Keepalive Idle Timeoutnet.keepalive_idle_timeoutSets the maximum time allowed for an idle Keepalive connection.30s
Max Connect Timeoutnet.connect_timeoutSets the maximum time allowed to establish a connection, which includes the TLS handshake.10s
Max Connect Timeout Log Errornet.connect_timeout_log_errorSpecifies whether to log an error on connection timeout. When disabled, the timeout is logged as a debug message. Accepted values: true, false.true
Max Keepalive Recyclenet.keepalive_max_recycleSets the maximum number of times a keepalive connection can be used before it's retired.2000
Source Addressnet.source_addressSpecifies the network address to bind for data traffic.none