Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Current version v0.1.1
See the changelog of this Listener type .
Onum supports integration with HTTP. Select HTTP from the list of Listener types and click Configuration to start.
Now you need to specify how and where to collect the data, and how to establish an HTTP connection.
Enter the basic information for the new Listener.
Name* - Enter a name for the new Listener.
Description - Optionally, enter a description for the Listener.
Tags - Add tags to easily identify your Listener. Hit the Enter key after you define each tag.
Port* - Enter the IP port number.
TLS Configuration
Certificate* - This is the predefined TLS certificate.
Private key for this listener* - The private key of the corresponding certificate.
CA chain - The path containing the CA certificates.
Client authentication method* - Choose between No, Request, Require, Verify, and Require & Verify.
Minimum TLS version* - Select the required version from the menu.
HTTP Method* - Choose GET, POST, or PUT method.
Request path* - Enter the RegEx used to request access.
Strategy* - Choose what and how to extract.
Extraction info - Any additional information on the strategy to use.
Propogate headers strategy - Choose between None or Allow.
Header keys - Enter the required header keys in this field. Click Add element for each one.
Exported headers format - Choose the required format for your headers.
Maximum message length - Maximum characters.
Response code - Specify the response code to show when successful.
Response Content-Type - Choose the text or application type.
Response Text - The text that will show in case of success.
Click Create labels to move on to the next step and define the required Labels if needed.
Everything starts with a good Listener
Essentially, Onum receives any data through Listeners. These are logical entities created within a Distributor, acting as the gateway to the Onum system. Due to this, configuring a Listener involves defining an IP address, a listening port, and a transport layer protocol, along with additional settings depending on the type of Listener specialized in the data it will receive.
Click the Listeners tab on the left menu for a general overview of the Listeners configured in your Tenant and the events generated.
The graph at the top plots the volume ingested by your listeners. The line graph represents the events in, and the bar graph represents bytes in. Learn more about this graph in this article.
At the bottom, you have a list of all the Listeners in your Tenant. You can switch between the Cards view, which shows each Listener in a card, and the Table view, which displays Listeners listed in a table. Learn more about the cards and table views in this article.
There are various ways to narrow down what you see in this view:
Add filters to narrow down the Listeners you see in the list. Click the + Add filter button and select the required filter type(s). You can filter by:
Name: Select a Condition (Contains, Equals, or Matches) and a Value to filter Listeners by their names.
Type: Choose the Listener type(s) you want to see in the list.
Version: Filter Listeners by their version.
Created by: Selecting this option opens a User drop-down where you can filter by creator.
Updated by: Selecting this option opens a User drop-down where you can filter by the last user to update a pipeline.
The filters applied will appear as tags at the top of the view.
Note that you can only add one filter of each type.
If you wish to see data for a specific time period, this is the place to click. Go to this article to dive into the specifics of how the time range works.
You can choose to view only those Listeners that have been assigned the desired tags. You can create these tags in the Listener settings or from the cards view. Press the Enter key to confirm the tag, then Save.
To filter by tags, click the + Tags button, select the required tag(s) and click Save.
Depending on your permissions, you can create a new Listener from this view. To do it, simply click the New listener button at the top right corner.
This will open the Listener configuration.
Configuring your Listener involves various steps. You can open the configuration pane by creating a new Listener or by clicking a Listener in the Listener tab or the Pipeline view and selecting Edit Listener in the pane that opens.
Alternatively, click the ellipses in the card or table view and select Edit.
The first step is to define the Listener Type. Select the desired type in this window and select Configuration.
The configuration is different for each Listener type. Check the different Listener types and how to configure them in this section.
If your Listener is deployed in the Cloud, you will see an extra step for the network properties.
Use Onum's labels to cut out the noise with filters and search criteria based on specific metadata. This way, you can categorize events sent on and processed in your Pipelines.
Learn more about labels in this article.
Onum is compatible with any data source, regardless of technology and architecture. A Listener Type is not necessarily limited to one integration and can be used to connect to various.
Although there are only a limited number of types available for use, the integration possibilities are endless. Alternatively, you can contact us to request a Listener type.
Click a Listener to see how to configure it.
Current version v0.1.0
See the changelog of this Listener type .
Onum supports integration with Cisco System NetFlow. Select Flow from the list of Listener types and click Configuration to start.
Now you need to specify how and where to collect the data, and how to establish a connection with Cisco NetFlow.
Enter the basic information for the new Listener.
Name* - Enter a name for the new Listener.
Description - Optionally, enter a description for the Listener.
Tags - Add tags to easily identify your Listener. Hit the Enter key after you define each tag.
Now add the configuration to establish the connection.
Transport protocol* - Currently, Onum supports the UDP protocol.
Port* - Enter the required IP port number.
Protocols to process* - Select the required protocol(s) from the list.
Fields to include* - Select all the fields you wish to include in the output data.
Access control type* - Choose between None, Whitelist, or Blacklist.
IPs - Enter the IPs you wish to apply the access control to. Click Add element to add as many as required.
Click Create labels to move on to the next step and define the required if needed.
Use Onum's labels to cut out the noise with filters and search criteria based on specific metadata. This way, you can categorize the events that Listeners receive before being processed in your Pipelines.
As different log formats are being ingested in real-time, the same Listener may ingest different technologies. Labels are useful for categorizing events based on specific criteria.
When creating or editing a Listener, use Labels to categorize and assign filters to your data.
For most Listeners, you will see two main event categories on this screen:
All Data - Events that follow the structure defined by the specified protocol, for example, Syslog events with the standard fields, or most of them.
Unparsed - These are events that do not follow the structure defined in the selected protocol.
You can define filters and rules for each of these main categories.
Once you've defined your labels to filter specific events, you can use them in your Pipelines.
Instead of using the whole set of events that come into your Listeners, you can use your defined labels to use only specific sets of data filtered by specific rules.
When you create a new Listener, you'll be prompted to the Labels screen after configuring your Listener data.
Click the + button under the set of data you want to filter (All Data or Unparsed). You'll see your first label. Click the pencil icon a give it a name that describes the data that will filter out.
In this example, we want to filter only events whose version is 2.x, so we named our label accordingly:
Below, see the Add filter button. This is where you add the criteria to categorize the content under that label. Choose the field you want to filter by.
In this example, we're choosing Version.
Now, define the filter criteria:
Condition - Choose between:
Contains - Checks when the indicated value appears anywhere in the log.
Equals - Filters for exact matches of the value in the log.
Matches - Filters for exact matches of the value in the log, allowing for regular expressions.
Value - Enter the value to filter by.
In this example, we are setting the Condition to Contains and Value to 2.
Click Save and see the header appear for your first label.
From here, you have various options:
To create a new subset of data, select the + sign that extends directly from the All data or Unparsed bars. Be aware that if you select the + sign extending from the header bar, you will create a subheader.
You can create a branch from your primary header by clicking the plus button that extends from the main header. There is no limit to the amount that you can add.
Notice that the subheader shows a filter icon with a number next to it to indicate the string of filters applied to it already.
To duplicate a label, simply select the duplicate button in its row.
To delete a label, simply select the delete button in its row.
If you attempt to delete a Label that is being used in a Pipeline, you will be asked to confirm where to remove it from.
Once you have completed your chain, click Save.
Any data that has not been assigned a label will be automatically categorized as unlabeled. This allows you to see the data that is not being processed by any Pipeline, but has not been lost.
This label will appear in the list of Labels for use in your Pipeline so that you can process the data in its unfiltered form.
Your Listener is now ready to use and will appear in the list.
Current version v0.0.1
See the changelog of this Listener type .
Onum supports integration with Google Pub/Sub. Select Google Sub from the list of Listener types and click Configuration to start.
Now you need to specify how and where to collect the data, and establish a connection with your Google account.
Enter the basic information for the new Listener.
Name* - Enter a name for the new Listener.
Description - Optionally, enter a description for the Listener.
Tags - Add tags to easily identify your Listener. Hit the Enter key after you define each tag.
Now add the configuration to establish the connection.
Project ID* - This is a unique string found in the Manage all projects area of the projects list.
Subscription Name* - Find your subscription in the Google Cloud console, Pub/Sub Subscriptions page, Metrics tab.
Credentials File* - The Google Pub/Sub connector uses OAuth 2.0 credentials for authentication and authorization. Create a secret containing these credentials or select one already created.
Enabled* - Decide whether or not to activate the bulk message option.
Message Format - Choose the required message format.
Delimiter Char Codes - Enter the characters you want to use as delimiters.
Click Create labels to move on to the next step and define the required Labels if needed.
Current version v0.1.1
See the changelog of this Listener type .
Onum receives data from Syslog, supporting TCP and UDP protocols. Select Syslog from the list of types.
Now you need to specify how and where to collect the data, and how to establish a connection with Syslog.
Enter the basic information for the new Listener.
Name* - Enter a name for the new Listener.
Description - Optionally, enter a description for the Listener.
Tags - Add tags to easily identify your Listener. Hit the Enter key after you define each tag.
Port* - Enter the IP port number.
Protocol* - Onum supports TCP and UDP protocols.
Framing Method* - Choose the required framing method between: Auto-Detect, Non-Transparent (newline), Non-Transparent (zero), or Octet Counting (message length).
Certificate* - This is the predefined TLS certificate.
Private key for this listener* - The private key of the corresponding certificate.
CA chain - The path containing the CA certificates.
Client authentication method* - Choose between No, Request, Require, Verify, and Require & Verify.
Minimum TLS version* - Select the required version from the menu.
Click Create labels to move on to the next step and define the required Labels if needed.
Current version v0.1.0
See the changelog of this Listener type .
Onum supports integration with Transmission Control Protocol. Select TCP from the list of types.
Now you need to specify how and where to collect the data, and how to establish a connection with TCP.
Enter the basic information for the new Listener.
Name* - Enter a name for the new Listener.
Description - Optionally, enter a description for the Listener.
Tags - Add tags to easily identify your Listener. Hit the Enter key after you define each tag.
Port* - Enter the IP port number.
Trailer Character* - Choose between LF, CR+LF, or NULL.
TLS configuration
Certificate* - This is the predefined TLS certificate.
Private Key* - The private key of the corresponding certificate.
CA chain - The path containing the CA certificates.
Client Authentication Method* - Choose between No, Request, Require, Verify, and Require & Verify.
Minimum TLS version* - Select a version from the menu.
Click Create labels to move on to the next step and define the required Labels if needed.
Amazon CloudFront
Amazon CloudWatch Logs
Amazon ELB
Amazon Route 53
Apache Flume
AWS CloudTrail
AWS Lambda
Cisco Umbrella
Cloudflare
Confluent
Crowdstrike
Fastly
Fluent Bit
Juniper
Kafka
Splunk
Zeek/Bro
Zoom