Skip to content

Latest commit

 

History

History
677 lines (415 loc) · 9.88 KB

configuration-parameters-1830bca.md

File metadata and controls

677 lines (415 loc) · 9.88 KB

Configuration Parameters

SAP Cloud Logging supports the following parameters for create service and update service operations.

Note:

Configuration parameters may impact pricing. Pricing information is available via Discovery Center and SAP Cloud Logging Capacity Unit Estimator.

Configuration Parameters

Name

Required

Type

Description

backend

No

backend

Configures the OpenSearch backend.

dashboards

No

dashboards

Configures the dashboards UI.

ingest

No

ingest

Configures the ingest endpoint.

ingest_otlp

No

ingest_otlp

Configures the data ingestion over the ingest-otlp endpoint (OpenTelemetry Protocol).

retention_period

No

Integer

The time in days until data (see Ingest Observability Data) is deleted. The range is between 1 and 90 and it defaults to 7. Data can also be deleted if the file grows too large, due to size-based curation. Changing this parameter will only affect newly-created indices.

saml

No

saml

Configures the SAML Integration to authenticate in dashboards.

rotate_root_ca

No

Boolean

Note:

Updating this parameter can invalidate bindings permanently

Controls the rotation of the ingestion root Certificate Authority (CA) certificate. Defaults to false.

Refer to Rotate the Ingestion Root CA Certificate for more details.

Configuration Parameters for backend

Name

Required

Type

Description

max_data_nodes

No

Integer

Indirectly, this parameter sets the maximum disk size for storing observability data as described in Service Plans. This parameter has no effect for the dev plan. Needs to be between 2 and 10. Default is 10.

Configuration Parameters for dashboards

Name

Required

Type

Description

custom_label

No

String

Set a custom label to be displayed in OpenSearch Dashboards in the top bar to identify and distinguish multiple service instances. The label is embedded into a fixed sized element due to technical limitations. It gets cut off if the content is too long. 12 characters is ideal, and the maximum length is 20. Supported characters are A-Z, a-z, 0-9, #, +, -, _, /, *, (, ), and space.

Configuration Parameters for ingest

Name

Required

Type

Description

max_instances

No

Integer

Specifies the maximum number of provisionable ingest instances, which are scaled automatically based on their overall CPU utilization. Must be between 2 and 10. Defaults to 2. This parameter impacts peak throughput and buffering. Scale-out happens when the overall CPU utilization exceeds 80%. Scale-in happens when the overall CPU utilization or configuration parameter decreases. This parameter has no effect on the dev plan, which is limited to a single instance.

Configuration Parameters for ingest_otlp

Name

Required

Type

Description

enabled

No

Boolean

Enables ingestion over the OpenTelemetry Protocol. Defaults to false. For more information, refer to Ingest via OpenTelemetry API Endpoint.

Configuration Parameters for saml

Caution:

Ensure that you consider the SAP BTP Security Recommendation BTP-CLS-0001.

Configuration to integrate the service with a SAML Idenditiy Provider (IdP), like SAP Cloud Identity Services - Identity Authentication (Identity Authentication). See Prerequisites on how to integrate SAP Cloud Logging with Identity Authentication. This configuration exposes a subset of the SAML parameters of OpenSearch. Learn more about configuration parameters from OpenSearch

Name

Required

Type

Description

enabled

Yes

Boolean

Enables SAML authentication. We strongly recommend SAML authentication for production use cases, because of improved security and login flow. Basic authentication is configured if this parameter is set to false.

admin_group

Conditionally

String

The SAML group to grant administrative access and permissions to modify the security module. Required if enabled is set to true.

initiated

Conditionally

Boolean

Enables IdP-initiated SSO. Required if enabled is set to true.

roles_key

Conditionally

String

The list of backend_roles will be read from this attribute during user login.

This field must be set to the corresponding attribute for IdP groups,usually groups. Required if enabled is set to true.

idp.metadata_url

Conditionally

URL

The URL to get the SAML IdP metadata from. Required if enabled is set to true.

idp.entity_id

Conditionally

String

The Entity ID of the SAML IdP.

Open the metadata URL in your browser and copy the full value of the entityID field. It is located in the first line of the response. Required if enabled is set to true.

sp.entity_id

Conditionally

String

The Entity ID of the service provider. Generally, this parameter is set to the name of your application configured in your IdP. Required if enabled is set to true.

sp.signature_private_key

No

String

The private key is used to sign the requests. This parameter must be valid base64 encoded and PKCS8 format.

sp.signature_private_key_password

No

String

The private key used to sign the requests. Valid base64 encoded and PKCS8 format of private key.

exchange_key

No

String

Key to sign tokens. Provide a random key with an even number (min. length: 32) of alphanumeric characters (A-Z, a-z, 0-9). A random key is generated if the key isn't provided.