diff --git a/content/en/observability_pipelines/destinations/amazon_opensearch.md b/content/en/observability_pipelines/destinations/amazon_opensearch.md index 32da937ef90..9c82f338da3 100644 --- a/content/en/observability_pipelines/destinations/amazon_opensearch.md +++ b/content/en/observability_pipelines/destinations/amazon_opensearch.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' Amazon OpenSearch destination to send logs to Amazon OpenSearch. ## Setup diff --git a/content/en/observability_pipelines/destinations/amazon_s3.md b/content/en/observability_pipelines/destinations/amazon_s3.md index 16c5bb44cf1..237c890de8f 100644 --- a/content/en/observability_pipelines/destinations/amazon_s3.md +++ b/content/en/observability_pipelines/destinations/amazon_s3.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use the Amazon S3 destination to send logs to Amazon S3. If you want to send logs to Amazon S3 for [archiving][1] and [rehydration][2], you must [configure Log Archives](#configure-log-archives). If you don't want to rehydrate your logs in Datadog, skip to [Set up the destination for your pipeline](#set-up-the-destination-for-your-pipeline). You can also [route logs to Snowflake using the Amazon S3 destination](#route-logs-to-snowflake-using-the-amazon-s3-destination). diff --git a/content/en/observability_pipelines/destinations/amazon_security_lake.md b/content/en/observability_pipelines/destinations/amazon_security_lake.md index 9b06bc88095..f37bf38c6b4 100644 --- a/content/en/observability_pipelines/destinations/amazon_security_lake.md +++ b/content/en/observability_pipelines/destinations/amazon_security_lake.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' Amazon Security Lake destination to send logs to Amazon Security Lake. ## Prerequisites @@ -41,13 +43,7 @@ Set up the Amazon Security Lake destination and its environment variables when y ##### Enable TLS -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required. -**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][4] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your Amazon Security Lake key pass. If you leave it blank, the [default](#set-secrets) is used. - - **Note**: Only enter the identifier for the key pass. Do **not** enter the actual key pass. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ##### Buffering @@ -93,5 +89,4 @@ A batch of events is flushed when one of these parameters is met. See [event bat [1]: https://app.datadoghq.com/observability-pipelines [2]: /observability_pipelines/destinations/#event-batching [3]: /observability_pipelines/processors/remap_ocsf -[4]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [5]: /observability_pipelines/destinations/amazon_security_lake/#aws-authentication \ No newline at end of file diff --git a/content/en/observability_pipelines/destinations/azure_storage.md b/content/en/observability_pipelines/destinations/azure_storage.md index 6932a12b57a..fa70774eef5 100644 --- a/content/en/observability_pipelines/destinations/azure_storage.md +++ b/content/en/observability_pipelines/destinations/azure_storage.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use the Azure Storage destination to send logs to an Azure Storage bucket. If you want to send logs to Azure Storage for [archiving][1] and [rehydration][2], you must [configure Log Archives](#configure-log-archives). If you don't want to rehydrate logs in Datadog, skip to [Set up the destination for your pipeline](#set-up-the-destination-for-your-pipeline). ## Configure Log Archives diff --git a/content/en/observability_pipelines/destinations/cloudprem.md b/content/en/observability_pipelines/destinations/cloudprem.md index d0493f59c90..7317bc5f49f 100644 --- a/content/en/observability_pipelines/destinations/cloudprem.md +++ b/content/en/observability_pipelines/destinations/cloudprem.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' CloudPrem destination to send logs to Datadog CloudPrem. diff --git a/content/en/observability_pipelines/destinations/crowdstrike_ng_siem.md b/content/en/observability_pipelines/destinations/crowdstrike_ng_siem.md index 68546b914a8..69ddcb77109 100644 --- a/content/en/observability_pipelines/destinations/crowdstrike_ng_siem.md +++ b/content/en/observability_pipelines/destinations/crowdstrike_ng_siem.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' CrowdStrike Next-Gen SIEM destination to send logs to CrowdStrike Next-Gen SIEM. ## Setup @@ -34,13 +36,7 @@ To use the CrowdStrike NG-SIEM destination, you need to set up a CrowdStrike dat ##### Enable TLS -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required. -**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][4] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. - -- Enter the identifier for your CrowdStrike NG-SIEM key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ##### Buffering @@ -83,4 +79,3 @@ A batch of events is flushed when one of these parameters is met. See [event bat [1]: https://app.datadoghq.com/observability-pipelines [2]: /observability_pipelines/destinations/#event-batching [3]: https://falcon.us-2.crowdstrike.com/documentation/page/bdded008/hec-http-event-connector-guide -[4]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ \ No newline at end of file diff --git a/content/en/observability_pipelines/destinations/datadog_logs.md b/content/en/observability_pipelines/destinations/datadog_logs.md index 8b329027c0e..85abdeb5211 100644 --- a/content/en/observability_pipelines/destinations/datadog_logs.md +++ b/content/en/observability_pipelines/destinations/datadog_logs.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' Datadog Logs destination to send logs to Datadog Log Management. You can also use [AWS PrivateLink](#aws-privatelink) to send logs from Observability Pipelines to Datadog. ## Setup diff --git a/content/en/observability_pipelines/destinations/datadog_metrics.md b/content/en/observability_pipelines/destinations/datadog_metrics.md index e3b50cc6fd6..7a2d4bd6fba 100644 --- a/content/en/observability_pipelines/destinations/datadog_metrics.md +++ b/content/en/observability_pipelines/destinations/datadog_metrics.md @@ -10,6 +10,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' Datadog Metrics destination ({{< tooltip glossary="preview" case="title" >}}) to send metrics to Datadog. You can also use [AWS PrivateLink](#aws-privatelink) to send metrics from Observability Pipelines to Datadog. ## Setup diff --git a/content/en/observability_pipelines/destinations/elasticsearch.md b/content/en/observability_pipelines/destinations/elasticsearch.md index 9b14d575267..e1d153606be 100644 --- a/content/en/observability_pipelines/destinations/elasticsearch.md +++ b/content/en/observability_pipelines/destinations/elasticsearch.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' Elasticsearch destination to send logs to Elasticsearch. ## Setup diff --git a/content/en/observability_pipelines/destinations/google_cloud_storage.md b/content/en/observability_pipelines/destinations/google_cloud_storage.md index b10e92e9b62..ae218af1ef3 100644 --- a/content/en/observability_pipelines/destinations/google_cloud_storage.md +++ b/content/en/observability_pipelines/destinations/google_cloud_storage.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview +
For Worker versions 2.7 and later, the Google Cloud destination supports uniform bucket-level access. Google recommends using uniform bucket-level access.
For Worker version older than 2.7, only Access Control Lists is supported.
Use the Google Cloud Storage destination to send your logs to a Google Cloud Storage bucket. If you want to send logs to Google Cloud Storage for [archiving][1] and [rehydration][2], you must [configure Log Archives](#configure-log-archives). If you do not want to rehydrate logs in Datadog, skip to [Set up the destination for your pipeline](#set-up-the-destinations). diff --git a/content/en/observability_pipelines/destinations/google_pubsub.md b/content/en/observability_pipelines/destinations/google_pubsub.md index f4416e02b6f..ce526bba6ad 100644 --- a/content/en/observability_pipelines/destinations/google_pubsub.md +++ b/content/en/observability_pipelines/destinations/google_pubsub.md @@ -101,10 +101,7 @@ Set up the Google Pub/Sub destination and its environment variables when you [se ##### Enable TLS -Toggle the switch to **Enable TLS** if your organization requires secure connections with custom certificates. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) Root File in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) Root File in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ##### Buffering diff --git a/content/en/observability_pipelines/destinations/google_secops.md b/content/en/observability_pipelines/destinations/google_secops.md index 87e1aa81794..d41dedf1de9 100644 --- a/content/en/observability_pipelines/destinations/google_secops.md +++ b/content/en/observability_pipelines/destinations/google_secops.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' Google SecOps destination to send logs to Google SecOps. The Observability Pipelines Worker uses standard Google authentication methods. See [Authentication methods at Google][3] for more information about choosing the authentication method for your use case. diff --git a/content/en/observability_pipelines/destinations/http_client.md b/content/en/observability_pipelines/destinations/http_client.md index 0f738ece719..0bc2598421a 100644 --- a/content/en/observability_pipelines/destinations/http_client.md +++ b/content/en/observability_pipelines/destinations/http_client.md @@ -41,12 +41,7 @@ Toggle the switch to **Enable Compression**. If enabled: #### Enable TLS -Toggle the switch to enable TLS. If you enable TLS, the following certificate and key files are required: -- Enter the identifier for your HTTP Client key pass. If you leave it blank, the [default](#set-secrets) is used. - - **Note**: Only enter the identifier for the key pass. Do **not** enter the actual key pass. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} #### Buffering diff --git a/content/en/observability_pipelines/destinations/kafka.md b/content/en/observability_pipelines/destinations/kafka.md index b602b24f829..651da43aabe 100644 --- a/content/en/observability_pipelines/destinations/kafka.md +++ b/content/en/observability_pipelines/destinations/kafka.md @@ -43,11 +43,7 @@ Set up the Kafka destination and its environment variables when you [set up a pi ##### Enable TLS -Toggle the switch to enable **TLS**. The following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][6] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your Kafka TLS key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ##### Enable SASL authentication @@ -155,7 +151,6 @@ A batch of events is flushed when one of these parameters is met. See [event bat [3]: https://docs.databricks.com/aws/en/connect/streaming/kafka [4]: https://learn.microsoft.com/en-us/azure/event-hubs/azure-event-hubs-apache-kafka-overview [5]: https://app.datadoghq.com/observability-pipelines -[6]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [7]: https://docs.confluent.io/platform/current/clients/librdkafka/html/md_CONFIGURATION.html [8]: /observability_pipelines/monitoring/metrics/ [9]: /observability_pipelines/destinations/#event-batching \ No newline at end of file diff --git a/content/en/observability_pipelines/destinations/microsoft_sentinel.md b/content/en/observability_pipelines/destinations/microsoft_sentinel.md index 2c95f75e831..3dae655ce00 100644 --- a/content/en/observability_pipelines/destinations/microsoft_sentinel.md +++ b/content/en/observability_pipelines/destinations/microsoft_sentinel.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' Microsoft Sentinel destination to send logs to Microsoft Sentinel. See [Logs Ingestion API][3] for API call limits in Microsoft Sentinel. ## Setup diff --git a/content/en/observability_pipelines/destinations/new_relic.md b/content/en/observability_pipelines/destinations/new_relic.md index 42e95a617ad..64640bd35f8 100644 --- a/content/en/observability_pipelines/destinations/new_relic.md +++ b/content/en/observability_pipelines/destinations/new_relic.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' New Relic destination to send logs to New Relic. ## Setup diff --git a/content/en/observability_pipelines/destinations/opensearch.md b/content/en/observability_pipelines/destinations/opensearch.md index 742f7f1e1b7..4ca38207589 100644 --- a/content/en/observability_pipelines/destinations/opensearch.md +++ b/content/en/observability_pipelines/destinations/opensearch.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' OpenSearch destination to send logs to OpenSearch. ## Setup diff --git a/content/en/observability_pipelines/destinations/sentinelone.md b/content/en/observability_pipelines/destinations/sentinelone.md index 515d308d8e1..33a43c75ff8 100644 --- a/content/en/observability_pipelines/destinations/sentinelone.md +++ b/content/en/observability_pipelines/destinations/sentinelone.md @@ -13,6 +13,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' SentinelOne destination to send logs to SentinelOne. ## Setup diff --git a/content/en/observability_pipelines/destinations/socket.md b/content/en/observability_pipelines/destinations/socket.md index 1d623ff884c..90361b9f72e 100644 --- a/content/en/observability_pipelines/destinations/socket.md +++ b/content/en/observability_pipelines/destinations/socket.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' Socket destination to send logs to a socket endpoint. ## Setup @@ -27,12 +29,7 @@ Set up the Socket destination and its environment variables when you [set up a p ##### Enable TLS -If you enabled **TCP** mode, you can toggle the switch to **Enable TLS**. The following certificate and key files are required for TLS: -- Enter the identifier for your socket key pass. If you leave it blank, the [default](#set-secrets) is used. - -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} #### Buffering diff --git a/content/en/observability_pipelines/destinations/splunk_hec.md b/content/en/observability_pipelines/destinations/splunk_hec.md index a06d2111656..fc39d456d21 100644 --- a/content/en/observability_pipelines/destinations/splunk_hec.md +++ b/content/en/observability_pipelines/destinations/splunk_hec.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' Splunk HTTP Event Collector (HEC) destination to send logs to Splunk HEC. ## Setup diff --git a/content/en/observability_pipelines/destinations/sumo_logic_hosted_collector.md b/content/en/observability_pipelines/destinations/sumo_logic_hosted_collector.md index 85edf015218..8cf48735d51 100644 --- a/content/en/observability_pipelines/destinations/sumo_logic_hosted_collector.md +++ b/content/en/observability_pipelines/destinations/sumo_logic_hosted_collector.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' Sumo Logic destination to send logs to your Sumo Logic Hosted Collector. ## Setup diff --git a/content/en/observability_pipelines/destinations/syslog.md b/content/en/observability_pipelines/destinations/syslog.md index e23a0226077..16b6808d7b5 100644 --- a/content/en/observability_pipelines/destinations/syslog.md +++ b/content/en/observability_pipelines/destinations/syslog.md @@ -9,6 +9,8 @@ products: {{< product-availability >}} +## Overview + Use Observability Pipelines' syslog destinations to send logs to rsyslog or syslog-ng. ## Setup @@ -42,11 +44,7 @@ To set up the syslog destination in the UI: ##### Enable TLS -Toggle the switch to enable TLS. If you enable TLS, the following certificate and key files are required: -- Enter the identifier for your syslog key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ##### Wait time for TCP keepalive probes diff --git a/content/en/observability_pipelines/sources/amazon_data_firehose.md b/content/en/observability_pipelines/sources/amazon_data_firehose.md index 6497b0350cc..5e650b6b51a 100644 --- a/content/en/observability_pipelines/sources/amazon_data_firehose.md +++ b/content/en/observability_pipelines/sources/amazon_data_firehose.md @@ -35,11 +35,7 @@ Select an **AWS authentication** option. If you select **Assume role**: #### Enable TLS -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][2] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your Amazon Data Firehose key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets @@ -76,7 +72,6 @@ Toggle the switch to **Enable TLS**. If you enable TLS, the following certificat {{% observability_pipelines/aws_authentication/amazon_s3_source/permissions %}} [1]: /observability_pipelines/configuration/set_up_pipelines/ -[2]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [3]: https://app.datadoghq.com/observability-pipelines [4]: /api/latest/observability-pipelines/ [5]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline \ No newline at end of file diff --git a/content/en/observability_pipelines/sources/amazon_s3.md b/content/en/observability_pipelines/sources/amazon_s3.md index 23565d5cbaf..cbc9e193933 100644 --- a/content/en/observability_pipelines/sources/amazon_s3.md +++ b/content/en/observability_pipelines/sources/amazon_s3.md @@ -36,11 +36,7 @@ Select an **AWS authentication** option. If you select **Assume role**: #### Enable TLS -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][2] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your Amazon S3 key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets @@ -74,7 +70,6 @@ Toggle the switch to **Enable TLS**. If you enable TLS, the following certificat [1]: /observability_pipelines/configuration/set_up_pipelines/ -[2]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [3]: https://app.datadoghq.com/observability-pipelines [4]: /api/latest/observability-pipelines/ [5]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline \ No newline at end of file diff --git a/content/en/observability_pipelines/sources/cloudflare_logpush.md b/content/en/observability_pipelines/sources/cloudflare_logpush.md index 9fa9c6e3813..7775cc0c59f 100644 --- a/content/en/observability_pipelines/sources/cloudflare_logpush.md +++ b/content/en/observability_pipelines/sources/cloudflare_logpush.md @@ -36,15 +36,7 @@ The following are required to send Cloudflare Logpush logs to Observability Pipe 1. Select your authorization strategy. If you selected **Plain**: - Enter the identifiers for the HTTP/S Server username and password. See [Set secrets][3] for the defaults used. 1. In the **Decoding** dropdown menu, select **Bytes**. -1. Toggle the switch to **Enable TLS**. - - If you are using Secrets Management, enter the identifier for the HTTP/S Server key pass. See [Set secrets][3] for the defaults used. - - The following certificate and key files are required. - - `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER, PEM, or CRT (X.509). - - `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER, PEM, or CERT (X.509). - - `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER, PEM, or CERT (PKCS #8) format. - - **Notes**: - - The configuration data directory `/var/lib/observability-pipelines-worker/config/` is automatically appended to the file paths. See [Advanced Worker Configurations][7] for more information. - - The file must be readable by the `observability-pipelines-worker` group and user. +{{% observability_pipelines/tls_settings %}} 1. Copy your certificates into the configuration directory: ```shell # Create the configuration directory @@ -90,4 +82,3 @@ After your Logpush job has been successfully created, you can view your Cloudfla [4]: /observability_pipelines/configuration/install_the_worker/?tab=docker#pipeline-ui-setup [5]: https://developers.cloudflare.com/logs/logpush/logpush-job/enable-destinations/http/ [6]: https://app.datadoghq.com/logs -[7]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ \ No newline at end of file diff --git a/content/en/observability_pipelines/sources/datadog_agent.md b/content/en/observability_pipelines/sources/datadog_agent.md index 386ff6f30c2..84ad74a7e8d 100644 --- a/content/en/observability_pipelines/sources/datadog_agent.md +++ b/content/en/observability_pipelines/sources/datadog_agent.md @@ -42,12 +42,7 @@ Enter the identifier for your Datadog Agent address. If you leave it blank, the ### Optional settings -Toggle the switch to **Enable TLS**. The following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][5] for more information. The file must be owned by the `observability-pipelines-worker` user and group, or at least readable by the group or user. -- Enter the identifier for your Datadog Agent key pass. If you leave it blank, the [default](#set-secrets) is used. - - **Note**: Only enter the identifier for the key pass. Do **not** enter the actual key pass. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509) format. -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509) format. -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets diff --git a/content/en/observability_pipelines/sources/fluent.md b/content/en/observability_pipelines/sources/fluent.md index ecf84e208af..8c2d8787767 100644 --- a/content/en/observability_pipelines/sources/fluent.md +++ b/content/en/observability_pipelines/sources/fluent.md @@ -27,11 +27,7 @@ Set up this source when you [set up a pipeline][1]. You can set up a pipeline in ### Optional settings -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][2] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your Fluent key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509) format. -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509) format. -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets @@ -60,7 +56,6 @@ Toggle the switch to **Enable TLS**. If you enable TLS, the following certificat {{% observability_pipelines/log_source_configuration/fluent %}} [1]: /observability_pipelines/configuration/set_up_pipelines/ -[2]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [3]: https://app.datadoghq.com/observability-pipelines [4]: /api/latest/observability-pipelines/ [5]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline \ No newline at end of file diff --git a/content/en/observability_pipelines/sources/google_pubsub.md b/content/en/observability_pipelines/sources/google_pubsub.md index b7c72cbd13a..d2e6f3d6362 100644 --- a/content/en/observability_pipelines/sources/google_pubsub.md +++ b/content/en/observability_pipelines/sources/google_pubsub.md @@ -27,10 +27,7 @@ Set up this source when you [set up a pipeline][1]. You can set up a pipeline in - The Worker uses standard [Google authentication methods][4]. 1. Enter the subscription name. 1. Select the decoder you want to use (Bytes, GELF, JSON, syslog). -1. Optionally, toggle the switch to enable TLS. If you enable TLS, the following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][3] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. - - `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). - - `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). - - `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS #8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets @@ -52,7 +49,6 @@ There are no default secret identifiers for this source. [1]: /observability_pipelines/configuration/set_up_pipelines/ [2]: https://cloud.google.com/kubernetes-engine/docs/concepts/workload-identity -[3]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [4]: https://cloud.google.com/docs/authentication#auth-flowchart [5]: https://app.datadoghq.com/observability-pipelines [6]: /api/latest/observability-pipelines/ diff --git a/content/en/observability_pipelines/sources/http_client.md b/content/en/observability_pipelines/sources/http_client.md index 28c5fbaf0b5..fc340dbee5b 100644 --- a/content/en/observability_pipelines/sources/http_client.md +++ b/content/en/observability_pipelines/sources/http_client.md @@ -38,12 +38,7 @@ To configure your HTTP/S Client source: #### Enable TLS -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][2] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. - - Enter the identifier for your HTTP Client key pass. If you leave it blank, the [default](#set-secrets) is used. - - **Note**: Only enter the identifier for the key pass. Do **not** enter the actual key pass. - - `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509) format. - - `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509) format. - - `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} #### Scrape settings @@ -83,7 +78,6 @@ Toggle the switch to **Enable TLS**. If you enable TLS, the following certificat {{< /tabs >}} [1]: /observability_pipelines/configuration/set_up_pipelines/ -[2]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [3]: https://app.datadoghq.com/observability-pipelines [4]: /api/latest/observability-pipelines/ [5]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline \ No newline at end of file diff --git a/content/en/observability_pipelines/sources/http_server.md b/content/en/observability_pipelines/sources/http_server.md index 4875eb76c13..02503d9c82e 100644 --- a/content/en/observability_pipelines/sources/http_server.md +++ b/content/en/observability_pipelines/sources/http_server.md @@ -35,11 +35,7 @@ To configure your HTTP/S Server source, enter the following: ### Optional settings -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][2] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your HTTP Server key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS #8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets @@ -86,7 +82,6 @@ To send AWS vended logs to Observability Pipelines with the HTTP/S Server source {{% observability_pipelines/lambda_forwarder/deploy_forwarder %}} [1]: https://app.datadoghq.com/observability-pipelines -[2]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [3]: /observability_pipelines/configuration/set_up_pipelines/ [4]: /api/latest/observability-pipelines/ [5]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline diff --git a/content/en/observability_pipelines/sources/kafka.md b/content/en/observability_pipelines/sources/kafka.md index 4660f36cfe3..45c89d47db2 100644 --- a/content/en/observability_pipelines/sources/kafka.md +++ b/content/en/observability_pipelines/sources/kafka.md @@ -40,11 +40,7 @@ Set up this source when you [set up a pipeline][1]. You can set up a pipeline in #### Enable TLS -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][5] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your Kafka key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} #### Add additional librdkafka options @@ -107,7 +103,6 @@ See the [librdkafka documentation][3] for more information and to ensure your va [2]: https://github.com/confluentinc/librdkafka/tree/master [3]: https://docs.confluent.io/platform/current/clients/librdkafka/html/md_CONFIGURATION.html [4]: https://docs.confluent.io/platform/current/clients/librdkafka/html/md_CONFIGURATION.html -[5]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [6]: /observability_pipelines/sources/azure_event_hubs/ [7]: https://app.datadoghq.com/observability-pipelines [8]: /api/latest/observability-pipelines/ diff --git a/content/en/observability_pipelines/sources/logstash.md b/content/en/observability_pipelines/sources/logstash.md index 8698d4b0ebb..a1097fecc7a 100644 --- a/content/en/observability_pipelines/sources/logstash.md +++ b/content/en/observability_pipelines/sources/logstash.md @@ -29,11 +29,7 @@ Set up this source when you [set up a pipeline][1]. You can set up a pipeline in ### Optional settings -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][3] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your Logstash key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS #8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets @@ -63,7 +59,6 @@ Toggle the switch to **Enable TLS**. If you enable TLS, the following certificat [1]: /observability_pipelines/configuration/set_up_pipelines/ [2]: /observability_pipelines/sources/filebeat/ -[3]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [4]: https://app.datadoghq.com/observability-pipelines [5]: /api/latest/observability-pipelines/ [6]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline \ No newline at end of file diff --git a/content/en/observability_pipelines/sources/okta.md b/content/en/observability_pipelines/sources/okta.md index bdfc29e33cd..60e2a9e3c31 100644 --- a/content/en/observability_pipelines/sources/okta.md +++ b/content/en/observability_pipelines/sources/okta.md @@ -32,15 +32,7 @@ The following are required to send Okta logs to Observability Pipelines using Am 1. Select your authorization strategy. If you selected **Plain**: - Enter the identifiers for the HTTP/S Server username and password. See [Set secrets][2] for the defaults used. 1. In the **Decoding** dropdown menu, select **Bytes**. -1. Toggle the switch to **Enable TLS**. - - If you are using Secrets Management, enter the identifier for the HTTP/S Server key pass. See [Set secrets][2] for the defaults used. - - The following certificate and key files are required. - - `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER, PEM, or CRT (X.509). - - `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER, PEM, or CERT (X.509). - - `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER, PEM, or CERT (PKCS #8) format. - - **Notes**: - - The configuration data directory `/var/lib/observability-pipelines-worker/config/` is automatically appended to the file paths. See [Advanced Worker Configurations][5] for more information. - - The file must be readable by the `observability-pipelines-worker` group and user. +{{% observability_pipelines/tls_settings %}} 1. Copy your certificates into the configuration directory: ```shell # Create the configuration directory @@ -96,5 +88,4 @@ After configuring the Amazon EventBridge, you can view your Okta logs in [Log Ex [2]: /observability_pipelines/sources/http_server/?tab=secretsmanagement#set-secrets [3]: /observability_pipelines/configuration/install_the_worker/?tab=docker#pipeline-ui-setup [4]: https://help.okta.com/en-us/content/topics/reports/log-streaming/add-aws-eb-log-stream.htm -[5]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [6]: https://app.datadoghq.com/logs diff --git a/content/en/observability_pipelines/sources/opentelemetry.md b/content/en/observability_pipelines/sources/opentelemetry.md index a2e767b9dc8..982d2602840 100644 --- a/content/en/observability_pipelines/sources/opentelemetry.md +++ b/content/en/observability_pipelines/sources/opentelemetry.md @@ -44,11 +44,7 @@ Set up this source when you [set up a pipeline][6]. You can set up a pipeline in ### Optional TLS settings -Toggle the switch to enable TLS. The following certificate and key files are required for TLS.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][3] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your OTel TLS key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS #8) format. +{{% observability_pipelines/tls_settings %}} {{< img src="observability_pipelines/sources/otel_settings.png" alt="The OpenTelemetry source settings" style="width:35%;" >}} diff --git a/content/en/observability_pipelines/sources/socket.md b/content/en/observability_pipelines/sources/socket.md index 8344dd75bcf..a6e8e3cc389 100644 --- a/content/en/observability_pipelines/sources/socket.md +++ b/content/en/observability_pipelines/sources/socket.md @@ -61,11 +61,7 @@ Set up this source when you [set up a pipeline][1]. You can set up a pipeline in ### Optional settings -If you selected **TCP** mode, toggle the switch to **Enable TLS**. The following certificate and key files are required for TLS.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][2] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your socket key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS #8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets @@ -90,7 +86,6 @@ If you selected **TCP** mode, toggle the switch to **Enable TLS**. The following {{< /tabs >}} [1]: /observability_pipelines/configuration/set_up_pipelines/ -[2]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [3]: https://app.datadoghq.com/observability-pipelines [4]: /api/latest/observability-pipelines/ [5]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline \ No newline at end of file diff --git a/content/en/observability_pipelines/sources/splunk_hec.md b/content/en/observability_pipelines/sources/splunk_hec.md index fa24b5ca33a..8554c860638 100644 --- a/content/en/observability_pipelines/sources/splunk_hec.md +++ b/content/en/observability_pipelines/sources/splunk_hec.md @@ -29,11 +29,7 @@ Set up this source when you [set up a pipeline][1]. You can set up a pipeline in ### Optional settings -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][5] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your Splunk HEC key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets @@ -87,7 +83,6 @@ To send logs from the Splunk Distribution of the OpenTelemetry Collector: [2]: https://help.splunk.com/en/splunk-observability-cloud/manage-data/splunk-distribution-of-the-opentelemetry-collector/get-started-with-the-splunk-distribution-of-the-opentelemetry-collector/collector-for-kubernetes [3]: https://help.splunk.com/en/splunk-observability-cloud/manage-data/splunk-distribution-of-the-opentelemetry-collector/get-started-with-the-splunk-distribution-of-the-opentelemetry-collector/collector-for-linux [4]: /observability_pipelines/configuration/set_up_pipelines -[5]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [6]: https://app.datadoghq.com/observability-pipelines [7]: /api/latest/observability-pipelines/ [8]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline \ No newline at end of file diff --git a/content/en/observability_pipelines/sources/splunk_tcp.md b/content/en/observability_pipelines/sources/splunk_tcp.md index a8c3bf4a83c..470150eb49b 100644 --- a/content/en/observability_pipelines/sources/splunk_tcp.md +++ b/content/en/observability_pipelines/sources/splunk_tcp.md @@ -27,11 +27,7 @@ Set up this source when you [set up a pipeline][1]. You can set up a pipeline in ### Optional settings -Click the toggle to **Enable TLS**. If you enable TLS, the following certificate and key files are required: -- Enter the identifier for your Splunk TCP key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509). -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in either DER or PEM (X.509). -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets @@ -60,4 +56,4 @@ Click the toggle to **Enable TLS**. If you enable TLS, the following certificate [1]: /observability_pipelines/configuration/set_up_pipelines/ [2]: https://app.datadoghq.com/observability-pipelines [3]: /api/latest/observability-pipelines/ -[4]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline +[4]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline \ No newline at end of file diff --git a/content/en/observability_pipelines/sources/syslog.md b/content/en/observability_pipelines/sources/syslog.md index 129c4e94313..80927576f75 100644 --- a/content/en/observability_pipelines/sources/syslog.md +++ b/content/en/observability_pipelines/sources/syslog.md @@ -32,11 +32,7 @@ To configure your Syslog source: ### Optional settings -Toggle the switch to **Enable TLS**. If you enable TLS, the following certificate and key files are required.
**Note**: All file paths are made relative to the configuration data directory, which is `/var/lib/observability-pipelines-worker/config/` by default. See [Advanced Worker Configurations][6] for more information. The file must be owned by the `observability-pipelines-worker group` and `observability-pipelines-worker` user, or at least readable by the group or user. -- Enter the identifier for your syslog key pass. If you leave it blank, the [default](#set-secrets) is used. -- `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER or PEM (X.509) format. -- `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER or PEM (X.509) format. -- `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER or PEM (PKCS#8) format. +{{% observability_pipelines/tls_settings %}} ## Set secrets @@ -81,7 +77,6 @@ Syslog is a widely used logging protocol for sending network logs to a central s [3]: https://help.fortinet.com/fadc/4-5-1/olh/Content/FortiADC/handbook/log_remote.htm [4]: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/monitoring/configure-log-forwarding [5]: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClRxCAK -[6]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/ [7]: https://app.datadoghq.com/observability-pipelines [8]: /api/latest/observability-pipelines/ [9]: https://registry.terraform.io/providers/datadog/datadog/latest/docs/resources/observability_pipeline \ No newline at end of file diff --git a/layouts/shortcodes/observability_pipelines/tls_settings.en.md b/layouts/shortcodes/observability_pipelines/tls_settings.en.md new file mode 100644 index 00000000000..c31eefc02d4 --- /dev/null +++ b/layouts/shortcodes/observability_pipelines/tls_settings.en.md @@ -0,0 +1,11 @@ +Toggle the switch to **Enable TLS**. +- If you are using Secrets Management, enter the identifier for the key pass. See [Set secrets](#set-secrets) for the default used if the field is left blanks. +- The following certificate and key files are required: + - `Server Certificate Path`: The path to the certificate file that has been signed by your Certificate Authority (CA) root file in DER, PEM, or CRT (X.509). + - `CA Certificate Path`: The path to the certificate file that is your Certificate Authority (CA) root file in DER, PEM, or CERT (X.509). + - `Private Key Path`: The path to the `.key` private key file that belongs to your Server Certificate Path in DER, PEM, or CERT (PKCS #8) format. + - **Notes**: + - The configuration data directory `/var/lib/observability-pipelines-worker/config/` is automatically appended to the file paths. See [Advanced Worker Configurations][101] for more information. + - The file must be readable by the `observability-pipelines-worker` group and user. + +[101]: /observability_pipelines/configuration/install_the_worker/advanced_worker_configurations/