Documentation
¶
Overview ¶
ABOUTME: Implements log searching against Azure Monitor Log Analytics workspaces. ABOUTME: Executes KQL queries and maps tabular results to canonical LogLine format.
ABOUTME: Defines request types for querying Azure Monitor Log Analytics workspaces. ABOUTME: Uses KQL (Kusto Query Language) queries against Log Analytics workspace IDs.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var DefaultFieldMappingConfig = logs.FieldMappingConfig{ Timestamp: []string{"TimeGenerated", "Timestamp"}, Message: []string{"Message", "RenderedDescription", "ResultDescription"}, Severity: []string{"SeverityLevel", "Level", "EventLevelName"}, Host: []string{"Computer", "_ResourceId"}, Source: []string{"Source", "Category", "OperationName"}, }
DefaultFieldMappingConfig defines sensible defaults for common Azure Monitor log columns.
Functions ¶
This section is empty.
Types ¶
type Request ¶
type Request struct {
logs.LogsRequestBase `json:",inline" template:"true"`
// WorkspaceID is the Azure Log Analytics workspace ID to query.
WorkspaceID string `json:"workspaceID" template:"true"`
// Query is the KQL (Kusto Query Language) query to execute.
Query string `json:"query" template:"true"`
}
Request represents parameters for Azure Log Analytics queries.
+kubebuilder:object:generate=true
func (*Request) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Request.
func (*Request) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Searcher ¶
type Searcher struct {
// contains filtered or unexported fields
}
Searcher implements log searching using Azure Log Analytics.
func New ¶
func New(conn connection.AzureConnection, mappingConfig *logs.FieldMappingConfig) *Searcher
New creates a new Azure Log Analytics searcher.
Source Files