Presentation

Component Architecture

Two scenarii will be considered:

• collecting usage data from the Security Proxy / Gateway access logs
• collecting usage data from file-based access logs data (e.g. reverse-proxy access logs)

Scenario 1: Automated workflow

Collecting usage data from the Security Proxy / Gateway access logs

Workflow

Checklist

• Read the full installation doc before proceeding
• Preparation
  • Superset up and running
  • Timescale DB up and running
    • Use gateway v. >= 2.0.3
• Configuration
  • Have gateway expose logs using OpenTelemetry
    • Run and configure Vector:
      • Run vector
      • Configure vector
    • Set up the analytics CLI as a cron task
    • Import Analytics dashboards in Superset]
• Troubleshooting

Scenario 2: Manual, file-based workflow

Manually pushing access log files

Workflow

The Security Proxy/Gateway are the place where most of the information is available (user information, http requests, response time and success) so this is the first place to look at.

It is also possible to read access logs from a classic reverse proxy like Apache, nginx etc. The only difference is that you won't get the user information (id, roles, org).

But you will also probably want to feed the database with historic access logs collected over time to preseed the database with as much information as possible.

This scenario will skip the OpenTelemetry part: the logs will be directly processed by the Analytics CLI and pushed on the database. Main related documentation pages:

• TimescaleDB configuration
• Analytics CLI configuration
• Superset configuration
• TODO: check the list of related pages

Checklist

• Read the full installation doc before proceeding
• Preparation
  • Superset up and running
  • Timescale DB up and running
• Configuration
  • Configure the analytics CLI
  • Import Analytics dashboards in Superset]
• Troubleshooting