Headed to Las Vegas for AWS re:Invent? Come visit us at booth #118!

Extension Packages

Coralogix offers various data extensions out of the box. Each extension unlocks a set of predefined Coralogix alerts, parsing rules, and Kibana dashboards that are tailored for each extension with a click of a button. Amongst the extensions, you can find a Cloudflare extension, cloudtrail extension, Nginx extension, and more. This gives you a great jump start for monitoring your external-facing resources such as websites, APIs, and applications so you will be alert on abnormal activities.

Installation

In the Data Flow menu choose Extensions.

extension page of coralogix dashboard

You will be Prompted to the following screen. On the left, you may use different filter criteria to sort extensions by whether they contain Kibana dashboard, alerts, rules, or altogether, and of course, filter by which extensions are installed or not.

Coralogix list of extension packages

Click on Deploy to instantly deploy any of the extensions. Choose the relevant application name and subsystem name in order to make sure that the installed alerts and parsing rules will be applied only to the relevant set of data.

deploy a Coralogix extension package

If you wish to see some more details before installing the extension, click on the extension itself and the following screen will be opened. You’ll be presented with the extension details such as the different parsing rules, alerts, and dashboard you are about to install.

details of a coralogix extension package

If at some point you wish to uninstall the extension, enter the extension once again and click on uninstall package. This will remove the cloudflare rules, alerts, and kibana dashboards.

uninstall a Coralogix extension package

You are all set! don’t hesitate to chat with us if any question arises, we are always here to help.

Extensions summary

Nginx

Nginx extension includes parsing rules to parse your nginx logs, 7 predefined Coralogix alerts, and an overview dashboard of your nginx instances.

** Note that this package assumes a certain structure for an nginx instance logs. Once you enable this extension you will probably want to change the parsing rule it creates. Make sure you maintain the same fields naming in the new parsing for the equivalent values, e.g. client_ip for the client, status_code for the request status, request_uri for the request url, user_agent for the actual user agent within the request, etc…

Assumed original pre-parsing log text

129.159.145.58 - - [23/Nov/2021:21:12:46 +0000] "GET /database%20heuristic-empowering.svg HTTP/1.1" 400 7262 3.584 "Opera/10.61 (Windows NT 5.0; en-US) Presto/2.13.345 Version/13.00"


OKTA audit

Okta audit extension includes parsing rules, 6 predefined Coralogix alerts, and 4 dashboards including event actions, users actions, failed logins, and successful logins overview.

Onelogin

Onelogin extension includes parsing rules, 5 predefined Coralogix alerts, and 3 dashboards including Apps monitoring, security, and a general overview.

Auth0

Auth0 extension includes parsing rules, 6 predefined Coralogix alerts, and 2 dashboards including Connections and Clients and a general overview.

Cloudtrail

Cloudtrail extension includes 15 predefined Coralogix alerts and 3 dashboards including security, operations, and S3 activities.

Cloudflare

Cloudflare extension includes parsing rules to extract the event timestamp as Coralogix timestamp and the status code as Coralogix severity, 11 predefined Coralogix alerts and 9 dashboards including security, performance, and traffic overviews.

Fastly

Fastly extension includes parsing rules, 9 predefined Coralogix alerts, and 3 dashboards including quality of service, visitors, and a general overview.

Jenkins

Jenkins extension includes 4 dashboards including timings, job health, master health, and audit overviews.

CircleCI

CircleCI extension includes 1 dashboard of CircleCI jobs overview.