Cloud
Automation
November 22, 2021 By Frederic Lavigne 2 min read

How to use LogDNA provider for Terraform to define custom views.

IBM Log Analysis and IBM Cloud Activity Tracker are two critical components under the Observability category in IBM Cloud

They can be used to collect, filter, search and tail log data, define alerts and design custom views to monitor application and system logs. Both are based on the same underlying technology.

As more services and applications start sending logs to IBM Log Analysis and IBM Cloud Activity Tracker, it will quickly become very important to isolate logs between different teams and design custom views to make it easier for users to search and find relevant log statements.

LogDNA provider for Terraform

Of course, you can use the IBM Cloud console to configure these views. This works well for one Log Analysis instance and a few views. As your project grows and more applications are deployed (or more teams working on the project), you may want to (or I should say you should) automate the configuration. Fortunately, IBM Log Analysis supports the LogDNA provider for Terraform for its configuration. 

As an example, let’s say I want to create a view in Log Analysis to only show the logs produced by IBM Cloud Kubernetes Service. Using the LogDNA provider for Terraform, it’s pretty straightforward. It would be similar to something like this:

provider "logdna" {
  servicekey = var.logging_api_key
  url        = var.logging_api_url
}

resource "logdna_view" "containers" {
 name     = "Compute ~ Containers"
 query    = "host:containers-kubernetes"
}

In this Terraform snippet:

  • logging_api_key is the service key to access the LogDNA API (this is different from the Ingestion API key). It can be obtained from the Service Credentials of the Log Analysis instance.
  • logging_api_url is the API endpoint. It is specific to the region where the Log Analysis instance was created (e.g, https://api.us-south.logging.cloud.ibm.com).

Sample set of custom views

But that’s just one view; what about other IBM Cloud services? To help in this matter, I compiled a list of simple views to populate a Log Analysis or Activity Tracker instance in a Terraform module, released to the Terraform Registry. The module can be found here.

The example shows how to use the module:

module "views" {
  source          = "we-work-in-the-cloud/logging-default-views/ibm"
  logging_api_key = ibm_resource_key.logdna_ingestion_key.credentials.service_key
  logging_api_url = "https://api.${var.region}.logging.cloud.ibm.com"
}

Once applied, a set of views defined here is created in your Log Analysis or Activity Tracker instance. The current set of views covers Compute, Databases, Security and VPC logs:

This module aims to be a starting point and an example of what is possible with the LogDNA provider. The provider has even more options to configure your Log Analysis instances. You may want to clone the repo and customize the views or simply be inspired and start capturing your existing view configuration in Terraform. By doing so, it becomes easier to replicate a configuration from one instance to the next — across different regions or accounts, for example.

Feedback, questions and suggestions

If you have feedback, suggestions or questions about this post, please reach out to me on Twitter (@L2FProd).

Was this article helpful?
YesNo
Frederic Lavigne
Product Manager

More from Cloud
August 15, 2024

The power of embracing distributed hybrid infrastructure

2 min read - Data is the greatest asset to help organizations improve decision-making, fuel growth and boost competitiveness in the marketplace. But today’s organizations face the challenge of managing vast amounts of data across multiple environments. This is why understanding the uniqueness of your IT processes, workloads and applications demands a workload placement strategy based on key factors such as the type of data, necessary compute capacity and performance needed and meeting your regulatory security and compliance requirements. While hybrid cloud has become…

August 12, 2024

Serverless vs. microservices: Which architecture is best for your business?

7 min read - When enterprises need to build an application, one of the most important decisions their leaders must make is what kind of software development to use. While there are many software architectures to choose from, serverless and microservices architectures are increasingly popular due to their scalability, flexibility and performance. Also, with spending on cloud services expected to double in the next four years, both serverless and microservices instances should grow rapidly since they are widely used in cloud computing environments. While…

August 12, 2024

Seamless cloud migration and modernization: overcoming common challenges with generative AI assets and innovative commercial models

3 min read - As organizations continue to adopt cloud-based services, it’s more pressing to migrate and modernize infrastructure, applications and data to the cloud to stay competitive. Traditional migration and modernization approach often involve manual processes, leading to increased costs, delayed time-to-value and increased risk. Cloud migration and modernization can be complex and time-consuming processes that come with unique challenges; meanwhile there are many benefits to gen AI assets and assistants and innovative commercial models. Cloud Migration and Modernization Factory from IBM Consulting®…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters