You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: pipeline/outputs/azure_kusto.md
+65-1Lines changed: 65 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,41 @@ description: Send logs to Azure Data Explorer (Kusto)
6
6
7
7
The _Kusto_ output plugin lets you ingest your logs into an [Azure Data Explorer](https://azure.microsoft.com/en-us/products/data-explorer/) cluster, using the [Queued Ingestion](https://learn.microsoft.com/en-us/kusto/api/netfx/about-kusto-ingest?view=azure-data-explorer&preserve-view=true&tabs=csharp#queued-ingestion) mechanism. This output plugin can also be used to ingest logs into an [Eventhouse](https://blog.fabric.microsoft.com/en-us/blog/eventhouse-overview-handling-real-time-data-with-microsoft-fabric/) cluster in Microsoft Fabric Real Time Analytics.
8
8
9
-
## Ingest into Azure Data Explorer: create a Kusto cluster and database
9
+
## Authentication Methods
10
+
11
+
Fluent-Bit can use various authentication methods to connect to your Azure Data Explorer cluster:
12
+
13
+
### Service Principal Authentication (Default)
14
+
15
+
For service principal authentication, you'll need to create an Azure AD application:
16
+
17
+
-[Register an Application](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#register-an-application)
18
+
-[Add a client secret](https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app#add-a-client-secret)
19
+
-[Authorize the app in your database](https://docs.microsoft.com/en-us/azure/data-explorer/kusto/management/access-control/principals-and-identity-providers#azure-ad-tenants)
20
+
21
+
Configure Fluent Bit with your application's `tenant_id`, `client_id`, and `client_secret`.
22
+
23
+
### Managed Identity Authentication
24
+
25
+
When running on Azure services that support Managed Identities (such as Azure VMs, AKS, or App Service):
26
+
27
+
1.[Assign the managed identity appropriate permissions to your Kusto database](https://learn.microsoft.com/en-us/azure/data-explorer/configure-managed-identities-cluster)
28
+
2. Configure Fluent Bit with `auth_type` set to `managed_identity`
29
+
3. For system-assigned identity, set `client_id` to `system`
30
+
4. For user-assigned identity, set `client_id` to the managed identity's client ID (GUID)
31
+
32
+
### Workload Identity Authentication
33
+
34
+
For Kubernetes environments using Azure Workload Identity:
35
+
36
+
1.[Set up Azure Workload Identity in your Kubernetes cluster](https://learn.microsoft.com/en-us/azure/aks/workload-identity-deploy-cluster)
37
+
2. Configure your pod to use a service account with Workload Identity Federation
38
+
3. Configure Fluent Bit with:
39
+
-`auth_type` set to `workload_identity`
40
+
-`tenant_id` and `client_id` of your Azure AD application
41
+
-`workload_identity_token_file` pointing to your token file path (typically `/var/run/secrets/azure/tokens/azure-identity-token`)
42
+
43
+
## For ingesting into Azure Data Explorer: Creating a Kusto Cluster and Database
10
44
11
45
Create an Azure Data Explorer cluster in one of the following ways:
12
46
@@ -197,6 +231,36 @@ pipeline:
197
231
Io_Timeout 60s
198
232
```
199
233
234
+
#### Managed Identity Authentication
235
+
236
+
```
237
+
[OUTPUT]
238
+
Match *
239
+
Name azure_kusto
240
+
Auth_Type managed_identity
241
+
Client_Id <managed_identity_client_id> # Use 'system' for system-assigned managed identity
0 commit comments