Releases: SumoLogic/sumologic-azure-function
v4.1.5
What's New
- Added support for Virtual Network Flow Logs Collection in Block Blobs Reader Solution.
- Updated tests to incorporate fixtures for Virtual Network Flow Logs.
Commits
v4.1.4
What's new
- CodeQL and Security fixes
- Test updates for json log type
- Bug fixes (undefined rowKey, metadata length limit extended to 1024)
Commits
- 2dffce2: updated dependencies (Himanshu Pal) #121
- 59da290: updated readme,tests,fixed regex security issue (Himanshu Pal) #121
- 80a6993: added test dependency (Himanshu Pal) #121
- 1187447: updated readme (Himanshu Pal) #121
- 424323f: disable storage account related tests (Himanshu Pal) #121
- 54ebf2c: limit raised to 1024 for all metadata fields (Himanshu Pal) #121
- b394bb3: app service plan zone redundant check skipped (Himanshu Pal) #121
- 3fefd1c: skipping health,redundance,network access checks (Himanshu Pal) #121
- 91cb034: adding decoded file size, removed newline from file (Himanshu Pal) #122
- 640ab36: fixed undefined rowKey error (Himanshu Pal) #122
- 64bab20: updated zip file paths (Himanshu Pal) #122
- dd9fe99: updated tag (Himanshu Pal) #122
v4.1.3
v4.1.2
v4.1.1
What's New
Updated NSG Flow logs collection to handle log truncation or overwritten scenario caused by following 3 ways: Host
Fault, VM Redeploy to a new Host , and re-use of MAC addresses.
Full Changelog
SumoLogic/sumologic-lambda-extensions@v4.1.0...v4.1.1
Commits
v4.1.0
What's New
Updates to Append Blob Reader (beta to GA) docs
- Updated Append Blob Reader with Azure Function Runtime from 1.x to 4.x
- Function app node version has been updated to node v18
- We updated all the primary and secondary resources of the ARM template with new api versions that are compatible with the template pipeline
- Added automatic creation of FileOffsetMap table
Updates to Block Blob Reader docs
- Updated blobreaderzipdeploy.json for deploying using zip files.
- Fixed bug by converting type of offset attribute to int64 in FileOffsetMap Table
- Added automatic creation of FileOffsetMap table
- Fixed bug with long blob file name
- Dependency upgrades (azure-identity ^4.2.1)
- Fixed bug in deployment with same storage account again.
- Added filters for unknown file extensions and blob type.
- Fixed memory issue by changing worker bitness to 64 bit.
- Addition of default _sourceHost and _sourceName metadata
Full Changelog
v4.1.0-rc
Commits
- Fixed the always on bug and added cors (Himanshu Pal) #86
- Added return for retryMax and passed context (Himanshu Pal) #88
- Added test for validating logs in Sumo Logic for BlobReader Solution(Himanshu Pal) #93
- Added test for validating metrics in Sumo Logic for EventHub Metrics Solution(Priyansh Patel) #94
- Build and package BlockBlobReader functions when releasing (Bradley Ford) #95
Azure Block Blob Collection security fixes and automation test updates
Changelog
Below changes are done for Azure Block Blob Collection
-
Features
- Added automated tests for ARM templates in github action.
- Added automated tests for finding older dependencies.
- Updated function app logging with log levels.
-
Enhancements / Updates
- Fixed broken unit tests for Azure Block Blob collection and upgraded test dependencies.
- Added support for collector and source creation in unit tests.
- Added test storage account creation in unit tests.
- Upgraded api version in ARM template resources.
-
Fixes for soon to be deprecated resources
- Migrated classic application Insights to workspace-based Application Insights Details
-
Security / CVE fixes
Below fixes were done for security and best practices in the ARM template- BC_AZR_GENERAL_117: "Ensure that 'supportsHttpsTrafficOnly' is set to 'true'"
- BC_AZR_NETWORKING_5: "Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service"
- BC_AZR_NETWORKING_8: "Ensure that 'HTTP Version' is the latest if used to run the web app"
- BC_AZR_NETWORKING_6: "Ensure web app is using the latest version of TLS encryption"
- apiVersions Should Be Recent In Reference Functions
- Location Should Not Be Hardcoded
Upgradation Steps
- Deploy the new template, in a new resource group with same http source url as was configured in earlier deployment.
- Configure the metrics export to this new event hub namespace by updating the new diagnostic settings.
- Verify whether the metrics are coming to Sumo Logic.
- After verification, delete the resources in the older resource group created by earlier deployment.
Azure Metrics Function Runtime Upgraded to V4
Changelog
Below changes are done for Azure Metric Collection
-
Features
- Added automated tests for ARM templates in github action.
-
Enhancements / Updates
-
- Fixed broken unit tests for Event Hub Metrics collection and upgraded test dependencies.
-
- Added support for collector and source creation in unit tests.
-
- Upgraded function runtime version to ~4 and nodejs version to node 18
-
- Upgraded api version in ARM template resources
-
-
Fixes for soon to be deprecated resources
- Migrated classic application Insights to workspace-based Application Insights Details
-
Security / CVE fixes
Below fixes were done for security and best practices for Event Hub Metrics ARM template- BC_AZR_GENERAL_117: "Ensure that 'supportsHttpsTrafficOnly' is set to 'true'"
- BC_AZR_NETWORKING_16: "Ensure 'Trusted Microsoft Services' is enabled for Storage Account access"
- BC_AZR_NETWORKING_5: "Ensure web app redirects all HTTP traffic to HTTPS in Azure App Service"
- BC_AZR_NETWORKING_8: "Ensure that 'HTTP Version' is the latest if used to run the web app"
- BC_AZR_NETWORKING_6: "Ensure web app is using the latest version of TLS encryption"
- apiVersions Should Be Recent In Reference Functions
- Location Should Not Be Hardcoded
- Parameter Types and Names Should Be Consistent
Upgradation Steps
- Deploy the new template, in a new resource group with same http source url as was configured in earlier deployment.
- Configure the metrics export to this new event hub namespace by updating the new diagnostic settings.
- Verify whether the metrics are coming to Sumo Logic.
- After verification, delete the resources in the older resource group created by earlier deployment.
Azure BlockBlob Reader V2
Summary:
-
Updated BlockBlob Reader with Azure Function Runtime from 1.x to 4.x
-
Storage account can be in a different region than the collection resources deployment region, so a new user parameter, 'StorageAccountRegion' has been introduced
-
Any JSON file in jsonlines format can be uploaded to send its data to SUMO
Architecture Overview:
-
We updated all the primary and secondary resources of the ARM template with new api versions that are compatible with the template pipeline
-
We added two new resources namely, EventGrid/systemTopics and EventGrid/systemTopics/eventSubscriptions in the ARM template
-
Two other resources, namely, EventGrid/topics and Storage/storageAccounts/providers/eventSubscriptions have been removed from the original ARM template.
-
New user parameter, 'StorageAccountRegion' has been introduced
-
Storage account role assignment has been updated to storage account blob reader access role
-
Function app node version has been updated to node v18
-
Depreciated function code packages have been removed and updated with new code packages
-
Node module libraries have been removed from function app folders
-
Max retry of the consumer function has been set to 3 times from the current value of 10 times