无法通过Terraform在Azure中创建数据收集规则。

huangapple
go评论99阅读模式
英文:

Unable to create Data Collection Rule via Terraform in Azure

问题

"我的代码如下-"
"错误"
"请帮助找出问题所在。"

英文:

My Code looks like-

#dcr
无法通过Terraform在Azure中创建数据收集规则。
Error

无法通过Terraform在Azure中创建数据收集规则。

Please help to find where the issue is.

答案1

得分: 0

I tried to provision a Data Collection Rule via Terraform and I was able to deploy successfully using my code.

To achieve this configuration, I referred the documentation from Terraform registry.

I also tried with the code mentioned in Image. The reason for error is incorrect destination names in data flows and version of providers.

By changing the names and update the provider to the latest version and rewriting the code as per the requirement we will be able to provision the resource mentioned.

My Main.tf:

  1. provider "azurerm" {
  2.   features {}
  3.   subscription_id = "00000000"
  4.   client_id       = "0000000"
  5.   tenant_id       = "0000000"
  6.   client_secret   = "0000000"
  7. }
  10. resource "azurerm_resource_group" "example" {
  11.   name     = "Demorg-vk"
  12.   location = "East US"
  13. }
  15. resource "azurerm_user_assigned_identity" "example" {
  16.   name                = "demovk-uai"
  17.   resource_group_name = azurerm_resource_group.example.name
  18.   location            = azurerm_resource_group.example.location
  19. }
  21. resource "azurerm_log_analytics_workspace" "example" {
  22.   name                = "demovk-workspace"
  23.   resource_group_name = azurerm_resource_group.example.name
  24.   location            = azurerm_resource_group.example.location
  25. }
  27. resource "azurerm_log_analytics_solution" "example" {
  28.   solution_name         = "WindowsEventForwarding"
  29.   location              = azurerm_resource_group.example.location
  30.   resource_group_name   = azurerm_resource_group.example.name
  31.   workspace_resource_id = azurerm_log_analytics_workspace.example.id
  32.   workspace_name        = azurerm_log_analytics_workspace.example.name
  33.   plan {
  34.     publisher = "Microsoft"
  35.     product   = "OMSGallery/WindowsEventForwarding"
  36.   }
  37. }
  39. resource "azurerm_eventhub_namespace" "example" {
  40.   name                = "exeventns"
  41.   location            = azurerm_resource_group.example.location
  42.   resource_group_name = azurerm_resource_group.example.name
  43.   sku                 = "Standard"
  44.   capacity            = 1
  45. }
  47. resource "azurerm_eventhub" "example" {
  48.   name                = "exevent2"
  49.   namespace_name      = azurerm_eventhub_namespace.example.name
  50.   resource_group_name = azurerm_resource_group.example.name
  51.   partition_count     = 2
  52.   message_retention   = 1
  53. }
  55. resource "azurerm_storage_account" "example" {
  56.   name                     = "demovkstorage"
  57.   resource_group_name      = azurerm_resource_group.example.name
  58.   location                 = azurerm_resource_group.example.location
  59.   account_tier             = "Standard"
  60.   account_replication_type = "LRS"
  61. }
  63. resource "azurerm_storage_container" "example" {
  64.   name                  = "demovkcontainer"
  65.   storage_account_name  = azurerm_storage_account.example.name
  66.   container_access_type = "private"
  67. }
  69. resource "azurerm_monitor_data_collection_endpoint" "example" {
  70.   name                = "demovk-dcre"
  71.   resource_group_name = azurerm_resource_group.example.name
  72.   location            = azurerm_resource_group.example.location
  74.   lifecycle {
  75.     create_before_destroy = true
  76.   }
  77. }
  79. resource "azurerm_monitor_data_collection_rule" "example" {
  80.   name                        = "demovkrule"
  81.   resource_group_name         = azurerm_resource_group.example.name
  82.   location                    = azurerm_resource_group.example.location
  83.   data_collection_endpoint_id = azurerm_monitor_data_collection_endpoint.example.id
  85.   destinations {
  86.     log_analytics {
  87.       workspace_resource_id = azurerm_log_analytics_workspace.example.id
  88.       name                  = "example-destination-log"
  89.     }
  91.     event_hub {
  92.       event_hub_id = azurerm_eventhub.example.id
  93.       name         = "example-destination-eventhub"
  94.     }
  96.     storage_blob {
  97.       storage_account_id = azurerm_storage_account.example.id
  98.       container_name     = azurerm_storage_container.example.name
  99.       name               = "example-destination-storage"
  100.     }
  102.     azure_monitor_metrics {
  103.       name = "example-destination-metrics"
  104.     }
  105.   }
  107.   data_flow {
  108.     streams      = ["Microsoft-InsightsMetrics"]
  109.     destinations = ["example-destination-metrics"]
  110.   }
  112.   data_flow {
  113.     streams      = ["Microsoft-InsightsMetrics", "Microsoft-Syslog", "Microsoft-Perf"]
  114.     destinations = ["example-destination-log"]
  115.   }
  117.   data_flow {
  118.     streams       = ["Custom-MyTableRawData"]
  119.     destinations  = ["example-destination-log"]
  120.     output_stream = "Microsoft-Syslog"
  121.     transform_kql = "source | project TimeGenerated = Time, Computer, Message = AdditionalContext"
  122.   }
  124.   data_sources {
  125.     syslog {
  126.       facility_names = ["*"]
  127.       log_levels     = ["*"]
  128.       name           = "example-datasource-syslog"
  129.     }
  131.     iis_log {
  132.       streams         = ["Microsoft-W3CIISLog"]
  133.       name            = "example-datasource-iis"
  134.       log_directories = ["C:\\Logs\\W3SVC1"]
  135.     }
  137.     log_file {
  138.       name          = "example-datasource-logfile"
  139.       format        = "text"
  140.       streams       = ["Custom-MyTableRawData"]
  141.       file_patterns = ["C:\\JavaLogs\\*.log"]
  142.       settings {
  143.         text {
  144.           record_start_timestamp_format = "ISO 8601"
  145.         }
  146.       }
  147.     }
  149.     performance_counter {
  150.       streams                       = ["Microsoft-Perf", "Microsoft-InsightsMetrics"]
  151.       sampling_frequency_in_seconds = 60
  152.       counter_specifiers            = ["Processor(*)\\% Processor Time"]
  153.       name                          = "example-datasource-perfcounter"
  154.     }
  156.     windows_event_log {
  157.       streams        = ["Microsoft-WindowsEvent"]
  158.       x_path_queries = ["*![System/Level=1]"]
  159.       name           = "example-datasource-wineventlog"
  160.     }
  162.     extension {
  163.       streams            = ["Microsoft-WindowsEvent"]
  164.       input_data_sources = ["example-datasource-wineventlog"]
  165.       extension_name     = "example-extension-name"
  166.       extension_json = jsonencode({
  167.         a = 1
  168.         b = "hello"
  169.       })
  170.       name = "example-datasource-extension"
  171.     }
  172.   }
  174.   stream_declaration {
  175.     stream_name = "Custom-MyTableRawData"
  176.     column {
  177.       name = "Time"
  178.       type = "datetime"
  179.     }
  180.     column {
  181.       name = "Computer"
  182.       type = "string"
  183.     }
  184.     column {
  185.       name = "AdditionalContext"
  186.       type = "string"
  187.     }
  188.   }
  190.   identity {
  191.     type         = "UserAssigned"
  192.     identity_ids = [azurerm_user_assigned_identity.example.id]
  193.   }
  195.   description = "data collection rule example"
  196.   tags = {
  197.     foo = "bar"
  198.   }
  199.   depends_on = [
  200.     azurerm_log_analytics_solution.example
  201.   ]
  202. }

This script is provided as a demo version. I took this code because the Query asked was Incomplete.

Output:

  1. terraform plan
  2. <details>
  3. <summary>英文:</summary>
  4. &gt; I tried to provision a Data Collection Rule via Terraform and I was able to deploy successfully using my code.
  5. To achieve this configuration, I referred the documentation from [Terraform](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_data_collection_rule) registry.
  6. I also tried with the code mentioned in Image. The reason for error is incorrect destination names in data flows and version of providers.
  7. By changing the names and update the provider to the latest version and rewriting the code as per the requirement we will be able to provision the resource mentioned.
  8. My **Main.tf**:
  9. provider &quot;azurerm&quot; {
  10. features {}
  11. subscription_id = &quot;00000000&quot;
  12. client_id       = &quot;0000000&quot;
  13. tenant_id       = &quot;0000000&quot;
  14. client_secret   = &quot;0000000&quot;
  15. }
  16. resource &quot;azurerm_resource_group&quot; &quot;example&quot; {
  17. name     = &quot;Demorg-vk&quot;
  18. location = &quot;East US&quot;
  19. }
  20. resource &quot;azurerm_user_assigned_identity&quot; &quot;example&quot; {
  21. name                = &quot;demovk-uai&quot;
  22. resource_group_name = azurerm_resource_group.example.name
  23. location            = azurerm_resource_group.example.location
  24. }
  25. resource &quot;azurerm_log_analytics_workspace&quot; &quot;example&quot; {
  26. name                = &quot;demovk-workspace&quot;
  27. resource_group_name = azurerm_resource_group.example.name
  28. location            = azurerm_resource_group.example.location
  29. }
  30. resource &quot;azurerm_log_analytics_solution&quot; &quot;example&quot; {
  31. solution_name         = &quot;WindowsEventForwarding&quot;
  32. location              = azurerm_resource_group.example.location
  33. resource_group_name   = azurerm_resource_group.example.name
  34. workspace_resource_id = azurerm_log_analytics_workspace.example.id
  35. workspace_name        = azurerm_log_analytics_workspace.example.name
  36. plan {
  37. publisher = &quot;Microsoft&quot;
  38. product   = &quot;OMSGallery/WindowsEventForwarding&quot;
  39. }
  40. }
  41. resource &quot;azurerm_eventhub_namespace&quot; &quot;example&quot; {
  42. name                = &quot;exeventns&quot;
  43. location            = azurerm_resource_group.example.location
  44. resource_group_name = azurerm_resource_group.example.name
  45. sku                 = &quot;Standard&quot;
  46. capacity            = 1
  47. }
  48. resource &quot;azurerm_eventhub&quot; &quot;example&quot; {
  49. name                = &quot;exevent2&quot;
  50. namespace_name      = azurerm_eventhub_namespace.example.name
  51. resource_group_name = azurerm_resource_group.example.name
  52. partition_count     = 2
  53. message_retention   = 1
  54. }
  55. resource &quot;azurerm_storage_account&quot; &quot;example&quot; {
  56. name                     = &quot;demovkstorage&quot;
  57. resource_group_name      = azurerm_resource_group.example.name
  58. location                 = azurerm_resource_group.example.location
  59. account_tier             = &quot;Standard&quot;
  60. account_replication_type = &quot;LRS&quot;
  61. }
  62. resource &quot;azurerm_storage_container&quot; &quot;example&quot; {
  63. name                  = &quot;demovkcontainer&quot;
  64. storage_account_name  = azurerm_storage_account.example.name
  65. container_access_type = &quot;private&quot;
  66. }
  67. resource &quot;azurerm_monitor_data_collection_endpoint&quot; &quot;example&quot; {
  68. name                = &quot;demovk-dcre&quot;
  69. resource_group_name = azurerm_resource_group.example.name
  70. location            = azurerm_resource_group.example.location
  71. lifecycle {
  72. create_before_destroy = true
  73. }
  74. }
  75. resource &quot;azurerm_monitor_data_collection_rule&quot; &quot;example&quot; {
  76. name                        = &quot;demovkrule&quot;
  77. resource_group_name         = azurerm_resource_group.example.name
  78. location                    = azurerm_resource_group.example.location
  79. data_collection_endpoint_id = azurerm_monitor_data_collection_endpoint.example.id
  80. destinations {
  81. log_analytics {
  82. workspace_resource_id = azurerm_log_analytics_workspace.example.id
  83. name                  = &quot;example-destination-log&quot;
  84. }
  85. event_hub {
  86. event_hub_id = azurerm_eventhub.example.id
  87. name         = &quot;example-destination-eventhub&quot;
  88. }
  89. storage_blob {
  90. storage_account_id = azurerm_storage_account.example.id
  91. container_name     = azurerm_storage_container.example.name
  92. name               = &quot;example-destination-storage&quot;
  93. }
  94. azure_monitor_metrics {
  95. name = &quot;example-destination-metrics&quot;
  96. }
  97. }
  98. data_flow {
  99. streams      = [&quot;Microsoft-InsightsMetrics&quot;]
  100. destinations = [&quot;example-destination-metrics&quot;]
  101. }
  102. data_flow {
  103. streams      = [&quot;Microsoft-InsightsMetrics&quot;, &quot;Microsoft-Syslog&quot;, &quot;Microsoft-Perf&quot;]
  104. destinations = [&quot;example-destination-log&quot;]
  105. }
  106. data_flow {
  107. streams       = [&quot;Custom-MyTableRawData&quot;]
  108. destinations  = [&quot;example-destination-log&quot;]
  109. output_stream = &quot;Microsoft-Syslog&quot;
  110. transform_kql = &quot;source | project TimeGenerated = Time, Computer, Message = AdditionalContext&quot;
  111. }
  112. data_sources {
  113. syslog {
  114. facility_names = [&quot;*&quot;]
  115. log_levels     = [&quot;*&quot;]
  116. name           = &quot;example-datasource-syslog&quot;
  117. }
  118. iis_log {
  119. streams         = [&quot;Microsoft-W3CIISLog&quot;]
  120. name            = &quot;example-datasource-iis&quot;
  121. log_directories = [&quot;C:\\Logs\\W3SVC1&quot;]
  122. }
  123. log_file {
  124. name          = &quot;example-datasource-logfile&quot;
  125. format        = &quot;text&quot;
  126. streams       = [&quot;Custom-MyTableRawData&quot;]
  127. file_patterns = [&quot;C:\\JavaLogs\\*.log&quot;]
  128. settings {
  129. text {
  130. record_start_timestamp_format = &quot;ISO 8601&quot;
  131. }
  132. }
  133. }
  134. performance_counter {
  135. streams                       = [&quot;Microsoft-Perf&quot;, &quot;Microsoft-InsightsMetrics&quot;]
  136. sampling_frequency_in_seconds = 60
  137. counter_specifiers            = [&quot;Processor(*)\\% Processor Time&quot;]
  138. name                          = &quot;example-datasource-perfcounter&quot;
  139. }
  140. windows_event_log {
  141. streams        = [&quot;Microsoft-WindowsEvent&quot;]
  142. x_path_queries = [&quot;*![System/Level=1]&quot;]
  143. name           = &quot;example-datasource-wineventlog&quot;
  144. }
  145. extension {
  146. streams            = [&quot;Microsoft-WindowsEvent&quot;]
  147. input_data_sources = [&quot;example-datasource-wineventlog&quot;]
  148. extension_name     = &quot;example-extension-name&quot;
  149. extension_json = jsonencode({
  150. a = 1
  151. b = &quot;hello&quot;
  152. })
  153. name = &quot;example-datasource-extension&quot;
  154. }
  155. }
  156. stream_declaration {
  157. stream_name = &quot;Custom-MyTableRawData&quot;
  158. column {
  159. name = &quot;Time&quot;
  160. type = &quot;datetime&quot;
  161. }
  162. column {
  163. name = &quot;Computer&quot;
  164. type = &quot;string&quot;
  165. }
  166. column {
  167. name = &quot;AdditionalContext&quot;
  168. type = &quot;string&quot;
  169. }
  170. }
  171. identity {
  172. type         = &quot;UserAssigned&quot;
  173. identity_ids = [azurerm_user_assigned_identity.example.id]
  174. }
  175. description = &quot;data collection rule example&quot;
  176. tags = {
  177. foo = &quot;bar&quot;
  178. }
  179. depends_on = [
  180. azurerm_log_analytics_solution.example
  181. ]
  182. }
  183. This script is provided as demo version. I took this code because Query asked was Incomplete.
  184. **Output :**
  185. terraform plan
  186. ![enter image description here](https://i.imgur.com/eWmuMmg.png)
  187. terraform apply
  188. ![enter image description here](https://i.imgur.com/i84Za6s.png)
  189. ![enter image description here](https://i.imgur.com/LLykLZR.png)
  190. By making the changes in the code snippet with the code as I mentioned. we will be able to provision the required resource in Portal.
  191. </details>

huangapple
  • 本文由 发表于 2023年7月6日 16:28:35
  • 转载请务必保留本文链接:https://go.coder-hub.com/76626921.html
  • azure
  • terraform
  • terraform-provider-azure
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定