[aws_vpcflow_otel] Content pack of EDOT Cloud Forwarder for AWS - VPC Flow Logs

[mykola-elastic]

Content pack for EDOT Cloud Forwarder for AWS - VPC Flow Logs - Dashboard

Proposed commit message

See title.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.
• I have verified that any added dashboard complies with Kibana's Dashboard good practices
• Add auto-install via discovery.datasets

Screenshots

[mykola-elastic]

For Comparison

The dashboard from AWS package (AWS VPC Flow Logs), added the dashboard and changed some fields to match EDOT Cloud Forwarder for AWS field names

The Dashboard from this PR (using ES|QL)

I removed the map, I don't think I can draw anything on it using the data we have (I may be wrong)

[ishleenk17]

I removed the map, I don't think I can draw anything on it using the data we have (I may be wrong)

You are right. Till we have geo location fields populated. We can't use the map

[daniela-elastic]

Looks good, just needs minor tweaking as per my comment.

[mykola-elastic]

@daniela-elastic this one OK?

[elastic-sonarqube]

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
95.1% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube

[ishleenk17]

I am good with the PR too.
We will merge the PR once the final dataset changes are out.

cc: @MichaelKatsoulis

[ishleenk17]

@mykola-elastic : In dashboard under overview we need not mention that we are collecting data through EDOT Cloud forwarder as we will be using the same dashboard for AWS VPC logs via other data flows in AWS.

[mykola-elastic]

@ishleenk17 removed it from dashboard

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: 608c8a2

History

• 💚 Build #32804 succeeded 1aca1e0
• 💚 Build #32536 succeeded 7a3fed8
• 💚 Build #32189 succeeded 6588c44
• 💚 Build #32029 succeeded baa05c3
• 💚 Build #31965 succeeded 5a83df9
• 💚 Build #31895 succeeded 747ea49

cc @mykola-elastic

[MichaelKatsoulis]

@mykola-elastic LGTM. You just need to update the dashboard snapshot because it still references the old filter.

[mykola-elastic]

@MichaelKatsoulis thanks!

I can't find any reference to generic.otel in the dashboard. Did you mean some other filter?

EDIT: Oh, I see, in the PR description, updated, thanks!

[ishleenk17]

Looks good!

[ishleenk17]

@mykola-elastic : I was checking in the dashboard, there is no mention of the word "OpenTelemetry" in the title, description of the dashboard. Anyone looking at just the dashboard will not get to know it is having OTEL data.

Do we have this present somewhere ?

[mykola-elastic]

@ishleenk17 the dashboard title is [AWS VPC OTEL] VPC Flow Logs Overview

[ishleenk17]

@ishleenk17 the dashboard title is [AWS VPC OTEL] VPC Flow Logs Overview

Ohk. Missed searching for OTEL.
It would be good to have this as part of description too.
Not a blocker though.

[lalit-satapathy]

triaging approved.

[elastic-vault-github-plugin-prod]

Package aws_vpcflow_otel - 0.1.0 containing this change is available at https://epr.elastic.co/package/aws_vpcflow_otel/0.1.0/