/logs/enrichment/configs
This API allows you to configure log enrichment settings for a specified tenant. It supports two key functionalities:
Add Log Enrichment Configs on Lookup Table:
- Enables users to define log enrichment rules that utilize lookup tables.
- lookupTableId is mandatory for creating log enrichment configurations on a lookup table. You will receive this ID after creating the lookup table.
- conditions, rules, key, operator and fields are mandatory to create the Config.
- The key is used as a search label from the CSV file to its corresponding fields, and the operator is used to apply a condition to the key.
- fields can have a list of labels to add as extra attributes in the logs, mapping from the CSV file to its corresponding fields.
Add Log Enrichment Configs on sourceTags:
- Allows users to apply log enrichment based on source tags.
- sourceTags is true mandatory create Log Enrichment config on source tags.
- conditions, rules, key, operator and resourceKey are mandatory to create the Config.
- The key is used as a search label on the source log's corresponding fields, the resourceKey is used as a search label on the OpsRamp resource field, and the operator is used to apply the condition on the resourceKey.
- fields are not required for source tags because it's automatically adds the resourceUUID and its custom attributes by default.
Limitations:
- A maximum of 10 enricher configurations can be created per tenant.
- Each enricher configuration can include up to 10 enrichment conditions.
- Every enrichment configuration must have unique condition keys.
- If multiple enrichment conditions match, the first record from the lookup table is selected based on the condition keys.
- When multiple enrichment configurations exist, they are executed in order of priority.
Allows you to create log enrichment configurations for a specific tenant.
Path Parameters
- tenantId
Describes the ID of the tenant.
Request Body
application/json
- name
The name of the log enrichment configuration.
- sourceTags
Indicates whether the enrichment is based on source tags. Set to true for source tag enrichment.
- lookupTableId
The unique identifier of the lookup table used for enrichment. Required when using lookup table-based enrichment.
- filterQuery
The filter expression used to match incoming log data.
- priorityOrder
The priority order for applying the enrichment configuration. Lower values indicate higher priority.
- conditions
A list of conditions that define when and how enrichment should occur.
Responses
- name
The name of the log enrichment configuration.
- sourceTags
Set to true if the enrichment configuration is based on source tags.
- lookupTableId
The unique identifier of the lookup table used for enrichment. Required for lookup table-based enrichment.
- filterQuery
The filter expression to match log records, such as by source.
- conditions
A list of enrichment conditions that define matching rules and enrichment fields.
- priorityOrder
Defines the execution order of the enrichment configuration. Lower values indicate higher priority.
- orgId
The organization ID to which the enrichment configuration belongs.
- createdBy
The ID of the user who created the configuration.
- createdTime
The timestamp (in epoch format) when the configuration was created.
- enricherConfigId
The unique identifier of the enrichment configuration.
Deletes multiple log enrichment configurations for the specified tenant based on the provided configuration IDs.
Path Parameters
- tenantId
Describes the ID of the tenant.
Request Body
application/json
- enricherConfigIds
A list of unique identifiers for the enrichment configurations to be deleted.