Live Workshop: Integrate Google SecOps with Bindplane - Join Us on January 29th at 11 AM ET!Sign Up Now

Azure Event Hub

Prerequisites

The source must have access to an Azure Event Hub with the necessary permissions, the minimum permission being Listen. You can configure resources' Diagnostic settings to send logs to the Azure Event Hub. Read more here: Azure Event Hub.

Each event hub should only accept one telemetry type.

Supported Platforms

Bindplane Agent: v1.39.0+

PlatformMetricsLogsTraces
Linux
Windows
macOS

Configuration

FieldDescription
Telemetry TypeThe type of telemetry to gather with this receiver.
ConnectionA string describing the connection to an Azure event hub.
Consumer GroupThe Consumer Group to read from. Defaults to $$Default. Dollar signs must be escaped with another dollar sign.
PartitionThe partition to watch. If empty, it will watch all partitions.
OffsetThe offset at which to start watching the event hub. If empty, starts with the latest offset.
Log FormatThe log format to use when parsing logs from Event Hub. Must be one of azure or raw. Raw logs are byte encoded, see the "Raw Encoding" option.
Raw EncodingThe encoding used when decoding the raw logs into human readable text. Defaults to utf-8. The raw byte encoding can be preserved by selected byte.

Example Configuration

Basic Configuration

For basic configuration, the connection parameter is required. Optionally, specify consumer group, partition, and offset.

Web Interface

observIQ docs - Azure Event Hub Source - image 1

Standalone Source

yaml
1apiVersion: bindplane.observiq.com/v1
2kind: Source
3metadata:
4  id: azure_event_hub
5  name: azure_event_hub
6spec:
7  type: azure_event_hub
8  parameters:
9    - name: telemetry_types
10      value: Logs
11    - name: connection
12      value: '<your_connection_string>'
13    - name: group
14      value: '$Default' # optional
15    - name: partition
16      value: '1' # optional
17    - name: offset
18      value: '-1' # optional