Add an integrations doc for Fluentd #5190
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
philrz
force-pushed
the
fluentd-integration-doc
branch
from
9180cf3 to
613e641
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What's Changing
This PR adds a new article to the "Integrations" section of the Zed docs site that shows example configuration using Fluentd for "live" log ingest of Zeek logs to a Zed lake.
Why
Features like compaction have made it such that the Zed lake should be suited for such use cases, at least at modest scale. A community user found open issue #4271 that had a preliminary configuration and they expressed an interest in using it in a Zeek-related project. That motivated me to more thoroughly test the configuration using current software versions and commit it to a proper article. Once on the docs site, I could potentially promote this content within the Zeek community and perhaps find interest from more users seeking alternatives to their current log storage solutions.
Discussion
While I'd be happy if a reviewer actually ran through the steps in the article, if that's not palatable, since I expect I'll likely be providing front-line support for any users attempting to follow it, I'd be content with reviews just for style and correctness of how I describe the relevant Zed components.
Closes #4271