Exporting System Logs via Azure Event Hub

Updated

Overview

Red Hat managed Ansible Automation Platform (AAP) on Azure supports the export of system logs via the Azure Event Hub. The Event Hub collects log events from resources in the Managed Resource Group and these events can be consumed through external tools that support Event Hub as a source of data.

Setting up the Event Hub

  1. In order to set up the Event Hub to integrate with the system logs, a This content is not included.setup and configuration request must be submitted to the Red Hat SRE team using information below:

  2. Once the SRE team processes the support ticket, they will set up Event Hub in the customer’s deployment Node Pool Resource Group (NPRG) and configure the Event Hub to ingest events from deployment resources in Managed Resource Group (MRG).

  3. The shared access key of Event Hub will be shared with the customer. This includes the following information:

    • Primary key
    • Secondary key
    • Connection string-primary key
    • Connection string-secondary key
    • SAS Policy ARM ID

  4. Using the shared access key information above, any external tool, for example Rapid7 InsightIDR can be configured to consume events from Event Hub.

Cost

There is no additional cost from Red Hat to support this implementation. However, there is additional Azure infrastructure cost when implementing this feature. The cost can vary depending on the amount of logging required.
For more information refer to Content from azure.microsoft.com is not included.Event Hubs pricing. The minimum required pricing tier for Rapid7 InsightIDR integration is the “Standard” tier.

Additional Resources

Product(s)
Category
Tags
Article Type