Coralogix offers various data extensions out of the box. Each extension unlocks a set of predefined Coralogix alerts, parsing rules, and Kibana dashboards that are tailored for each extension with a click of a button.
Among the extensions, you can find a Cloudflare extension, Cloudtrail extension, Nginx extension, and more. This gives you a great jump start for monitoring your external-facing resources such as websites, APIs, and applications so you will be alerted to abnormal activities.
In the Data Flow menu choose Extensions.
You will be redirected to the following screen. On the left, you may use different filter criteria to sort extensions by whether they contain Kibana dashboard, alerts, rules, or altogether, and of course, filter by which extensions are installed or not.
Click on Deploy to instantly deploy any of the extensions. Choose the relevant application name and subsystem name in order to make sure that the installed alerts and parsing rules will be applied only to the relevant set of data.
If you wish to see some more details before installing the extension, click on the extension itself and the following screen will be opened. You’ll be presented with the extension details such as the different parsing rules, alerts, and dashboard you are about to install.
If at some point you wish to uninstall the extension, enter the extension once again and click on uninstall package. This will remove the Cloudflare rules, alerts, and Kibana dashboards.
You are all set! don’t hesitate to chat with us if any question arises, we are always here to help.
Nginx extension includes parsing rules to parse your Nginx logs, 7 predefined Coralogix alerts, and an overview dashboard of your Nginx instances.
** Note that this package assumes a certain structure for Nginx instance logs. Once you enable this extension you will probably want to change the parsing rule it creates. Make sure you maintain the same fields naming in the new parsing for the equivalent values, e.g. client_ip for the client, status_code for the request status, request_url for the request URL, user_agent for the actual user agent within the request, etc…
Assumed original pre-parsing log text
129.159.145.58 - - [23/Nov/2021:21:12:46 +0000] "GET /database%20heuristic-empowering.svg HTTP/1.1" 400 7262 3.584 "Opera/10.61 (Windows NT 5.0; en-US) Presto/2.13.345 Version/13.00"
Okta audit extension includes parsing rules, 6 predefined Coralogix alerts, and 4 dashboards including event actions, users actions, failed logins, and successful logins overview.
OneLogin extension includes parsing rules, 5 predefined Coralogix alerts, and 3 dashboards including Apps monitoring, security, and a general overview.
Auth0 extension includes parsing rules, 6 predefined Coralogix alerts, and 2 dashboards including Connections and Clients and a general overview.
Cloudtrail extension includes 15 predefined Coralogix alerts and 3 dashboards including security, operations, and S3 activities.
Cloudflare extension includes parsing rules to extract the event timestamp as Coralogix timestamp and the status code as Coralogix severity, 11 predefined Coralogix alerts, and 9 dashboards including security, performance, and traffic overviews.
Fastly extension includes parsing rules, 9 predefined Coralogix alerts, and 3 dashboards including quality of service, visitors, and a general overview.
Jenkins extension includes 4 dashboards including timings, job health, master health, and audit overviews.
CircleCI extension includes 1 dashboard of CircleCI jobs overview.