Skip to main content

Azure Forwarder

Bronto Log Forwarder for Azure

Overview

This guide explains how to forward Azure logs to Bronto using Azure Event Hub and the Bronto log forwarder.

How it works

The Bronto log forwarder for Azure is built around a Function App that collects log data from Azure Event Hub and sends it to Bronto.

Resources

For Terraform users, Bronto offers a module that simplifies the setup of the forwarding Function App and its associated Event Hub resources. You can access the module source at this URL.

Below is an example of how to use the Terraform module for Bronto log forwarding. This example assumes that a Resource Group, Event Hub, and all necessary resources for deploying the Bronto Function App will be created.

module "forwarder" {
  source = "https://releases.bronto.io/integrations/azure/terraform/latest/brontoForwarder.zip"
  location  = "canadacentral"
  resource_group = {
    create = true
    name   = "brontoforwarder"
  }
  eventhub  = {
    create = true
    name = "brontoforwarder"
    namespace = {
      name = "brontoforwarder"
      sku  = "Basic"
    }
    retention_days = 1
  }
  forwarder = {
    name = "brontoforwarder"
    service_plan_type = "Y1"
    storage_account = {
      name             = "brontoforwarder"
      replication_type = "LRS"
      tier             = "Standard"
    }
    bronto_config = {
      ingestion_endpoint = "https://ingestion.eu.staging.bronto.io"
      ingestion_key      = data.aws_kms_secrets.secrets.plaintext["bronto_ingestion_key"]
      default_collection = "azure"
    }
  }
}

If an Event Hub for receiving log data is already configured in your environment, you can create only the resources related to the forwarding Bronto Function App using a configuration like the one below (not create = false):

module "forwarder" {
  source    = "https://releases.bronto.io/integrations/azure/terraform/latest/brontoForwarder.zip"
  location  = "canadacentral"
  resource_group = {
    create = false
    name   = "brontoforwarder"
  }
  eventhub  = {
    create    = false
    name      = var.eventhub.name
    namespace = var.eventhub.namespace
  }
  forwarder = {
    name              = "brontoforwarder"
    service_plan_type = "Y1"
    storage_account = {
      name             = "brontoforwarder"
      replication_type = "LRS"
      tier             = "Standard"
    }
    bronto_config = {
      ingestion_endpoint = "https://ingestion.eu.staging.bronto.io"
      ingestion_key      = data.aws_kms_secrets.secrets.plaintext["bronto_ingestion_key"]
      default_collection = "azure"
    }
  }
}

For those not using Terraform, the Function App forwarder artifact is available for download at this URL.

Additionally, guidance on sending logs from various Azure resources to Event Hub can be found in Azure documentation.

If you have any questions or need assistance, please don’t hesitate to reach out to us at support@bronto.io.