Azure Data Explorer destination plugin
Azure Data Explorer (Kusto) is a cloud-based analytics service offered by Microsoft Azure. It's designed to help users analyze large amounts of data. Kusto uses a proprietary query language called KQL (Kusto Query Language) that enables users to perform complex data queries and visualizations. Kusto can be used for log and telemetry data analysis, as it is designed to handle large amounts of structured and unstructured data in real-time. Use the Azure Monitor Logs destination plugin to configure your Calyptia Core pipeline to send your logs and metrics data directly to Azure Data Explorer (Kusto).
Configuration parameters
The Azure Data Explorer (Kusto) destination plugin provides these configuration parameters.
General
| Key | Description |
|---|---|
| Tenant ID | The tenant/domain ID of the AAD registered application. |
| Client ID | Required - The client ID of the AAD registered application. |
| Ingestion Endpoint | The clusters ingestion endpoint, usually in the form https://ingest-cluster\_name.region.kusto.windows.net. |
| Database Name | The database name. |
| Table Name | The table name. |
Advanced
| Key | Description |
|---|---|
| Ingestion Mapping Reference | The name of a JSON ingestion mapping that will be used to map the ingested payload into the table columns. |
| Log Key | Key name of the log content. |
| Enable Tag Key | If enabled, the tag is appended to output. The key name is used tag_key property. |
| Tag Key | Optional. Specify the key name where the tag is stored. |
| Enable Time Key | If enabled, a timestamp is appended to output. The key name is used time_key property. |
| Time Key | Optional. Specify the key name where the timestamp is stored. |
Security and TLS
| Key | Description |
|---|---|
| TLS | Enable or disable TLS/SSL support. |
| TLS Certificate Validation | Turn TLS/SSL certificate validation on or off. TLS must be on for this setting to be enabled. |
| TLS Debug Level | Set TLS debug verbosity level. Accepts these values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose). |
| CA Certificate File Path | Absolute path to CA certificate file. |
| Certificate File Path | Absolute path to certificate file. |
| Private key File Path | Absolute path to private key file. |
| Private Key Path Password | Optional password for tls.key_file file. |
| TLS SNI Hostname Extension | Hostname to be used for TLS SNI extension. |
The following are Advanced Networking configuration Parameters for Azure Data Explorer (Kusto) Destination Plugin.
| Key | Description |
|---|---|
| DNS Mode | Select the primary DNS connection type (TCP or UDP) |
| DNS Resolver | Select the primary DNS connection type (TCP or UDP) |
| Prefer IPv4 | Prioritize IPv4 DNS results when trying to establish a connection |
| Keepalive | Enable or disable Keepalive support |
| Keepalive Idle Timeout | Set maximum time allowed for an idle Keepalive connection |
| Max Connect Timeout | Set maximum time allowed to establish a connection, this time includes the TLS handshake |
| Max Connect Timeout Log Error | On connection timeout, specify if it should log an error. When disabled, the timeout is logged as a debug message |
| Max Keepalive Recycle | Set maximum number of times a keepalive connection can be used before it is retired. |
| Source Address | Specify network address to bind for data traffic |