Section 4 – Link Access Module (Lam) aka Data Adapters Lam Overview
Objectives
Topics In This Section Lam Basics REST Lam Walkthrough Binaries Service Script Lam Configuration File REST Lam Walkthrough Starting Lam From Command Prompt
lam.conf Basics
Components of Lam Configuration Lam Binary $MOOGSOFT_HOME/bin lamtype_lam Service Script Lam binary Specify lam.conf Lam Service Log Level lam.conf Port Capture Log Parsing Token>>Field Mapping Lambot Pass or Drop Event Manipulate Fields Set Custom Info Service Script Lam Binary Lam Service Log Level lam.conf to use lam.conf IP,Port/File Name Capture Log Parsing Token>>Field Mapping LAMBot.js file to use LAMBot.js Pass or Drop Event Manipulate Fields Set Custom Info
Lam Binaries
Lam Binaries Located in $MOOGSOFT_HOME/bin
Lam Service Startup Script somethinglamd
Lam Service Startup Scripts Located in /etc/init.d Follow Naming Convention All lower case Lam Name/Type Ends with ”lamd” Always configure to run on startup
Script Settings SERVICE_NAME=restlamd SERVICE_INSTANCE="" PROCESS_HOME=/usr/share/moogsoft PROCESS_NAME=bin/rest_lam PROCESS_OWNER=moogsoft PID_FILE=/var/run/moogsoft/$SERVICE_NAME.pid LOG_FILE=/var/log/moogsoft/$SERVICE_NAME.log CONFIG_FILE=$PROCESS_HOME/config/rest_lam.conf LOG_LEVEL=WARN
Script Environment export JAVA_HOME=/usr/java/jdk1.8.0_20 export LD_LIBRARY_PATH=$PROCESS_HOME/lib:/usr/GNUstep.... export MOOGSOFT_HOME=$PROCESS_HOME
Remaining RETVAL=0 MOOG_WRAPPER=$PROCESS_HOME/bin/utils/moog_wrapper.sh start, stop, restart, reload, status Functions
Lam Configuration File something_lam.conf
Lam conf file monitor: Lam name, class, port, other high level information agent: a variable you can define and reference for the Lam and the name and location for the capture JSON Formatted text parsing: Defines how to separate message into tokens constants: place to map incoming severity to AIOps severity conversations: helpers for converting values from one format to another mapping: used to map the incoming json payload to the AIOps event fields filter: specifies the Lambot and any modules you want to make available to the Lambot
Monitor Section Describes the the object to be monitored Defines Class of Lam For Network Based LAMs Address Lam listens to Port Lam listens to For Log File Lam Files to monitor
Agent Section Defines Name of the Lam Capture Log
Parsing Section Any received data needs to be broken up into tokens Define what to consider the beginning and end of the message Delimiters section is used to define How to handle quotes What, if anything, to ignore Delimiters to use to break the message into tokens
Variables Section For each event in the file, there is a positioned collection of tokens Way to define friendly name for the token parts of the event Used in the mapping section to associate tokens with event values
Constants and Conversions Sections Rules that can be used on tokens for lookups and/or conversion Lookups – Simple matching of token to other value Can specify value to use when match not found Conversions – Used to convert token from one data type to another
Mapping Section Describes how parsed tokens get mapped to alert fields Enabling CJsonDecoder bypasses rules and uses property names from JSON catchAll defines variable that will contain all the values not mapped to fields in rules
Filter Section Defines whether the Lam uses a Lambot Specifies a JavaScript to use to pass or drop the event If commented out all events are passed “as-is” to the message bus
REST Lam Walk Through
REST Data Ingestion Config Example Let’s take a look at a sample configuration together. Here’s an example without authorization enabled.
REST Data Ingestion Config Example Let’s take a look at a sample configuration together. Here’s an example without authorization enabled.
REST Data Ingestion Config Example conversions. constants = lookups Simple way to convert one constant to another conversions = type change string to integer integer to string date to integer (using string to integer) severity – string to list to integer Let’s take a look at a sample configuration together. Here’s an example without authorization enabled.
REST Data Ingestion Config Example Let’s take a look at a sample configuration together. Here’s an example without authorization enabled. JSON property names or field tokens from variables section if CJsonDecoder is not used
Friendly URL to port Mapping for LAMs Solarwinds nginx Proxy Lam Provided by nginx solarwinds Lam listening on port 17778 https://hostname/solarwinds
Starting and Troubleshooting Your New Lam
Command Line Options rest_lam –help [rest_lam Moog Version 5.2.1_ESR (c) 2011/2012 Moogsoft Ltd] Usage: rest_lam Command line options: --cluster [Name of HA cluster (to overwrite the config file)] --config [Specify full path to config file, default $MOOGSOFT_HOME/config/appname.conf] --group [Name of HA group (to overwrite the config file)] --instance [Identify this Lam with a unique name] --mode [Start the process in passive/active mode (default will be active)] --service_instance [Suffix for the service's name] -h, -help, --help [Display this help information] --version [Display version information for this app] --loglevel (INFO|WARN|ALL|NONE) [Set minimum level for logging level, default of ALL]
Starting Lam from Command Line Useful for testing Does not require a service script Example: rest_lam --config myrest_lam.conf --loglevel INFO
Lam Logs Default Location: /var/log/moogsoft Two types of logs Service Log – restlamd.log Data Capture Log – rest_lam.log LAMs not processing? Consult the Moog Troubleshooting Guide
Lab 4 - Data Ingestion I Configure a REST data ingestion settings
Labs To Run AIOps Admin Training AIOps Implementer Training Section 1 Lab 1a, 1b, 1c, 1d AIOps Implementer Training Section 2 Lab2a Section 4 Lab 4a, 4b, 4c
Lab Summary AIOps Admin Training AIOps Implementer Training Section 2 Lab 2a, 2b, 2c, 2d – Logging into your student instance, Create situations, Run ChatOps, Clear dynamic data AIOps Implementer Training Lab2a – ssh to system, Installation Validation Section 4 Lab 4a, 4b, 4c – Create New Rest Lam, Using Constants in lam.conf, Using other JSON fields in lam.conf
Questions
AIOps Implementer Enablement Training Kirk Sievers university@moogsoft.com Day 2
Where are we? Architecture Intro to moogfarmd Installation LAMBots Exploring Data Ingestion Link Access Modules (LAMs) Intro to moogfarmd LAMBots Basics of Alert Creation Maintenance Window Manager Alert Rules Engine Alert Clustering Enriching Alerts Enriching Situations Integrating with 3rd Party Tools Configuring Moog Tool Runner Message Bus Housekeeping Tasks Entropy Security You Are Here