CrowdStrike destination plugin

The CrowdStrike destination plugin lets you configure Chronosphere Telemetry Pipeline to send data from any of your sources to the CrowdStrike LogScale platform.

Supported telemetry types

This plugin supports these telemetry types:

Logs	Metrics	Traces

Configuration parameters

Use the parameters in this section to configure your plugin. The Telemetry Pipeline web interface uses the values in the Name column to describe the parameters. Items in the Key column are the YAML keys to use in pipeline configuration files.

General

Name	Key	Description	Default
Host	`host`	Required. IP address or hostname of the LogScale Server.	`cloud.community.humio.com`
Port	`port`	Required. TCP port of the targeted HTTP server.	`443`
Headers	`header`	Add the LogScale Ingest Token after the `Bearer`. You can add more than one header.	none

Advanced

Name	Key	Description	Default
URI	`uri`	Required. Specifies an optional HTTP URI for the target web server.	`/api/v1/ingest/json`
Format	`format`	Required. Specifies the data format to be used in the HTTP request body. Accepted values: `json`, `json_lines`, `json_stream`.	`json`
Compress	`compress`	Sets the payload compression mechanism. Accepted values: `gzip`, none.	none
HTTP Proxy	`proxy`	Specifies an HTTP Proxy. The expected format of this value is `http://host:port`.	none
JSON Date Format	`json_date_format`	Specifies the format of the date. Accepted values: `double`, `epoch`, `iso8601` (for example, `2018-05-30T09:39:52.000681Z`), `java_sql_timestamp` (for example, `2018-05-30 09:39:52.000681`, which can be used with AWS Athena).	`iso8601`
JSON Date Key	`json_date_key`	Specifies the name of the date field in output.	`_time`
Body Key	`body_key`	Specifies the key that contains the body.	none
Header Tag	`header_tag`	Sets an HTTP header whose value is the tag of the record.	none
Header Key	`headers_key`	Specifies the key that contains the headers.	none

Security and TLS

Name	Key	Description	Default
TLS	`tls`	Enables or disables TLS/SSL support. Accepted values: `true`, `false`.	`false`
TLS Certificate Validation	`tls.verify`	Enables or disables TLS/SSL certificate validation. TLS must be enabled for certificates to be validated. Accepted values: `off`, `on`.	`on`
TLS Debug Level	`tls.debug`	Sets TLS debug verbosity level. Accepted values: `0` (No debug), `1` (Error), `2` (State change), `3` (Informational), `4` (Verbose).	`1`
CA Certificate File Path	`tls.ca_file`	Absolute path to CA certificate file.	none
Certificate File Path	`tls.crt_file`	Absolute path to certificate file.	none
Private Key File Path	`tls.key_file`	Absolute path to private key file.	none
Private Key Path Password	`tls.key_passwd`	Password for private key file.	none
TLS SNI Hostname Extension	`tls.vhost`	Hostname to be used for TLS SNI extension.	none

Advanced Networking

Name	Key	Description	Default
DNS Mode	`net.dns.mode`	Selects the primary DNS connection type, which can be `TCP` or `UDP`.	none
DNS Resolver	`net.dns.resolver`	Selects the primary DNS connection type, which can be `LEGACY` or `ASYNC`.	none
Prefer IPv4	`net.dns.prefer_ipv4`	Prioritizes IPv4 DNS results when trying to establish a connection. Accepted values: `true`, `false`.	`false`
Keepalive	`net.keepalive`	Enables or disables Keepalive support. Accepted values: `true`, `false`.	`true`
Keepalive Idle Timeout	`net.keepalive_idle_timeout`	Sets the maximum time allowed for an idle Keepalive connection.	`30s`
Max Connect Timeout	`net.connect_timeout`	Sets the maximum time allowed to establish a connection, which includes the TLS handshake.	`10s`
Max Connect Timeout Log Error	`net.connect_timeout_log_error`	Specifies whether to log an error on connection timeout. When disabled, the timeout is logged as a debug message. Accepted values: `true`, `false`.	`true`
Max Keepalive Recycle	`net.keepalive_max_recycle`	Sets the maximum number of times a keepalive connection can be used before it's retired.	`2000`
Source Address	`net.source_address`	Specifies the network address to bind for data traffic.	none

Coralogix Datadog