Windows data
This page is designed to help customers leverage the Forward Events integration within their Anvilogic account for FluentBit.
Pre-Reqs
Anvilogic account
Snowflake data repository connected to your Anvilogic account
Setting up FluentBit Config
Anvilogic will provide a S3 bucket and the corresponding access keys/ids (note these change for each integration) when you create a forward events integration in your Anvilogic deployment.
Following the steps of the AWS CLI install, once you have done the installation correctly - Please run
aws configure
and paste in the access key and id provided. Once this is completed, validate that the credentials have been created - usuallyC:\Users\YourUsername.aws\credentials
.Once that has been validated, we need to create a system variable in order for fluentBit to read/use these credentials. To do so;
Open the Start Menu and search for “Environment Variables.”
Select Edit the system environment variables.
In the System Properties window, click the Environment Variables button.
Under System variables, click New.
Enter the following:
Variable name: AWS_SHARED_CREDENTIALS_FILE
Variable value: C:\Users\YourUsername\.aws\credentials
Next we need to configure fluentbit to read our logs and send them to S3. In this example, we will be ingesting the windows event logs. You can change what channels by simply adding or removing them.
Please note, the bucket will be the bucket name/path.
This could mean that it is sdi_customer_data-1 or -2 or -3.
Once you have pasted the above config into your fluentBit.conf file (typically located at C:\Program Files\fluent-bit\conf )
NOTE: You can also edit or add any of your own customer parsers for logs by editing the parser.conf file at /etc/fluent-bit/
Once you have edited your fluent-bit.conf, please restart the fluentBit application
You can now confirm that data has landed in your snowflake account.
Please update the input section of this example config to fit your exact needs.
Last updated