Collect data from Cloudflare
See the changelog of the HTTP Listener here.
Overview
The following article outlines a basic data flow from Cloudflare to the Onum HTTP Listener.
Prerequisites
Contact Onum to get the required JWT token, which will be needed on the Listener setup.
You can also contact us if you cannot generate the required TLS certificates. Note that these certificates must be signed by a recognized Certificate Authority (CA). Self-signed certificates are not accepted.
Cloudflare Setup
Cloudflare Logpush supports the ability to send logs to configurable HTTP endpoints. Follow these instructions to enable log sending before starting the configuration in Onum.
Important Considerations Regarding Cloud Listeners
In cloud-based Onum installations, the TLS configuration section of the HTTP Listener is not visible and you won't need to enter these values. In these setups, Onum automatically manages TLS certificates, eliminating the need for manual configuration. If your HTTP Listener configuration requires you to manually enter these TLS certificates, you can generate them following the instructions in this article.
If you are defining this Listener in a cloud instance, Onum will automatically provide the Port and TLS configuration.
Cloud Listeners have an additional step in their creation process: Network configuration. Use these details to configure your data source to communicate with Onum. Click Download certificate to get the required certificate for the connection. You can also download it from the Listener details once it is created.
When configuring a Listener in a Cloud tenant, the port will be
443. In on-prem, the selected port must fall within the range of1024to10000.Cloud Listener endpoints are created in Onum's DNS. This process is usually fast, and Listeners are normally available immediately. However, note that this may last up to 24-48 hours, depending on your organization's DNS configuration.
Your data input must use the Server Name Indication (SNI) method, which means it must send its hostname in the TLS authentication process. If SNI is not used, the certificate routing will fail, and data will not be received, even if the certificate is valid.
If your organization's software cannot meet points 2 and 3, you can use an intermediate piece of software to ensure the client-Onum connection, such as Stunnel.
Onum Setup
Here we will detail the steps for the HTTP Listener.
Log in to your Onum tenant and click Listeners > New listener.
Double-click the HTTP Listener.
Enter a Name for the new Listener. Optionally, add a Description and some Tags to identify the Listener.
For most cloud-based Onum installations, the Socket section is not visible, and port 443 is used by default. If you see it, enter the required port in the Port field. At this time, all TCP ports from 1024 to 10000 are open.
In most cloud-based Onum installations, the TLS configuration section is not visible. In these setups, Onum automatically manages TLS certificates, eliminating the need for manual configuration.
If you see this section, you must enter the required Certificate, Private key and CA Chain. Learn how to generate these self-signed certificates in this article. Once you have them, click New secret in each field and add the corresponding values.
Now there are two possible scenarios:
If you didn't enter your TLS certificates, when you click Create listener you'll see the Network configuration screen, which shows the Address and Port needed to communicate with Onum. Here you will download the certificate (see the steps after creation to do this).
You can access all this information in the Listener details after creation, so don't worry.
If you entered the TLS certificates, you'll go directly to the Labels when you eventually click create Listener.
In the Authentication section, choose Bearer as the Authentication Type.
Open the Token Secret field and click New secret to create a new one:
Give the token a Name.
Turn off the Expiration date option.
Click Add new value and paste the secret corresponding to the JWT token you received. Remember that the token will be added in the Cloudflare configuration.
Click Save.
Learn more about secrets in Onum in this article.
You can now select the secret you just created in the Token Secret field.
In the Endpoint section, choose POST as the method.
In the Request path field, enter /
In the Message extraction section, choose Single event as body (full) in the Strategy field.
In the General behavior section, set Propagate headers strategy to Allow.
Then, configure the following settings:
Content-EncondingContent-Type
For cloud installments, copy the DNS Address details to configure your data source in order to communicate with Onum. This contains the IP address of the DNS (Domain Name System) server to connect to.
Note that you will only see this section if you're defining this Listener in a Cloud instance.
Finally, click Create labels. Optionally, you can set labels to be used for internal Onum routing of data. By default, data will be set as Unlabeled. Click Create listener when you're done.
Learn more about labels in this article.
Click Create listener when you're done.
Download certificate
Now, download the certificate from the Listeners view by clicking the created listener and selecting the three dots in the top right-hand corner of the menu > Download Certificate.
This .p12 does not require password to access.
To extract the certificates from the download:
Ports
The HTTP Listener has two output ports:
Default port - Events are sent through this port if no error occurs while processing them.
Error port - Events are sent through this port if an error occurs while processing them.
The error message is provided in a free-text format and may change over time. Please consider this if performing any post-processing based on the message content.
Click Create listener when you're done.
Last updated
Was this helpful?