search

Azure / oms-log-analytics-firehose-nozzle

Microsoft Azure Log Analytics Nozzle
Apache License 2.0
11 stars 14 forks source link

Add an exclusion list property for excluding apps belonging to a set of orgs and spaces #25

Open bgandon opened 5 years ago

bgandon commented 5 years ago

We have a use-case for separating logs from different spaces of a CF foundation.

For this, we use two instances of the Nozzle (replicating the Azure Log Analytics Nozzle tile), and we apply two different (but complementary) configurations to each one.

For example, let's say we have a Foundation with an ACME org, and spaces like development, staging, preprod and prod. When we need to isolate the logs for prod space, we setup this space_whitelist for the second Nozzle:

space_whitelist:
  ACME.prod

But for the main Nozzle, we must built a kind of “catch-all” space_whitelist to capture everything else.

space_whitelist:
  system.*,
  eventhub-firehose.*,
  credhub-service-broker-org.*,
  ACME.development,
  ACME.staging,
  ACME.preprod

The drawback is that any time anyone (or anything) adds a new org or a new space to the ACME org, then we must re-configure the main Nozzle to include it in the “catch-all” space_whitelist of the main Nozzle. This breaks the self-service nature of Cloud Foundry, that lets developers create orgs and spaces without any extra toil for platform engineers.

The missing feature that we need here would be a space_exclusion_list that would do the opposite of space_whitelist. Then, the config of the main Nozzle would be super easy.

space_exclusion_list:
  ACME.prod

And we wouldn't have any new toil anytime a new org or a new space is created in the ACME org.

Don't hesitate to ask for any further information in order to fully understand this feature request.

Best, Benjamin