1 of 100

v1.692.0

Welcome

Onum helps security and IT leaders focus on the most important data. Gain control of your data by cutting through the noise for deep insights in real-time.

Quick Links

Getting Started

About Onum

Observability & Orquestration in real time. Any format. Any source.

Overview

The exponential growth of data ingestion volumes can lead to reduced performance, slow response times, and increased costs. With this comes the need to implement optimization strategies & volume reduction control. We help you cut the noise of large data streams and reduce infrastructure by up to 80%.

Gain deep insights from any type of data, using any format, from any source.

All of this...

@ the Edge

By collecting and observing that data at the edge, as close as possible to where it’s being generated, gain real-time observations and take decisive action to prevent network downtime, payment system failures, malware infections, and more.

Unlike most tools that provide data observation and orchestration, Onum is not a data analytics space, which is already served well by security information and event management (SIEM) vendors and other analytics tools. Instead, Onum sits as close as possible to where the data is generated, and well in front of your analytics platforms, to collect and observe data across every aspect of your hybrid network.

Start with the basics

Architecture

Designed for the Edge, created in the Cloud

Easy, flexible deployment in any environment while keeping them as close as possible to where the data is produced delivers unparalleled speed and efficiency, enabling you to cut the infrastructure you have dedicated to orchestration by up to 80%.

The Onum infrastructure consists of:

Distributor: this is the service that hosts the Listener before forwarding it to Workers.
Worker: this is the service that runs the Pipelines, receiving data from its Distributor and contained within a Cluster.
Cluster: a container grouping Distributors and Workers. You can have as many clusters as required per Tenant.

Listeners are hosted within Distributors and are placed as close as possible to where data is generated. The Distributor pulls tasks from the data queue passing through the pipeline and distributes it to the next available worker in a Cluster. As soon as a Worker completes a task it becomes available again, and the Distributor in turn will assign it the next task from the queue.

The installation process creates the Distributor and all Workers for each data source in the cluster.

How it works

Deployment types

The Onum Platform supports any deployment type ― including on-premises, the Onum public cloud, or your own private cloud.

In a typical SaaS-based deployment, most processing activities are conducted in the Cloud.

Client-side components can be deployed on a Linux machine or on a Kubernetes cluster for easy, flexible deployment in any environment. Onum supports all major cloud environments, including Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure.

Delivery methods

Onum supports all major standards such as Netflow, Syslog, and Kafka to orchestrate data streams to any desired destination, including popular data analytics tools such as Splunk and Devo, as well as storage environments such as S3.

Deployment

In order to use Onum, there are certain system requirements.

The installation process creates the Distributor and all Workers for each data source in the cluster.

System requirements

Onum supports the following browsers:

Google Chrome

Once you have acquired an Onum account, there are a few steps required for Onum Installation:

Cloud

Onum’s Operations team will prepare the infrastructure on Onum’s SaaS based on the estimated volumetrics.

Cloud Listeners

On-Premise

The infrastructure requirements are shared with the Operations team of the client. Further steps cannot be conducted without the required infrastructure.
Access to the infrastructure is granted to Onum’s team with the right permissions for conducting the installation.
A validation script is run by Onum in order to assess if all requirements described in the Annex are met and all connectivities are opened.
If the above point is successful, an installation slot is scheduled and agreed.
Installation is conducted by Onum engineers using a Docker and a post-installation validation script is run.

You can now access its tenant, ingest data, invite users and use all of the Onum capabilities.

Dependencies:

Docker
Packages:
- gpg
- curl
- ipvsadm
- ca-certificates
SIEM access
Access to sources

Hardware requirements

Hardware (per Virtual Machine):

Distribution: Linux (Debian or Red Hat)
Server Hardware: 16GB RAM and 8 CPU
Disk Storage: 500GB

Access

In case of upcoming system maintenance, we kindly seek permission to access customer infrastructure. Our aim is to ensure seamless operations and address any potential issues promptly.

Getting Started with Onum

Welcome to Onum! This guide will help you start working with Onum, a powerful tool designed to enhance your data analysis and processing capabilities.

Accessing Onum

A Tenant is a domain that contains a set of data in your organization. You can use one or various Tenants and grant access to as many as required.

Navigating the Interface

You can access the rest of the areas in Onum using the left panel.

Create Your First Listener

Onum receives any data through Listeners.

These are logical entities created within a Distributor, acting as the gateway to the Onum system. Configuring a Listener involves defining an IP address, a listening port, and a transport layer protocol, along with additional settings depending on the type of Listener specialized in the data it will receive.

Create Your First Data Sink

Onum outputs data via Data sinks. Use them to define where and how to forward the results of your streamlined data.

Build Your First Pipeline

Use Pipelines to start transforming your data and build a data flow. Pipelines are made of the following components:

Use cases

Do you want to check the essential steps in Onum through specific Pipelines? Explore the most common use cases in this section.

Understanding The Essentials

Get to grips with the important concepts & best practices of the Onum application.

These articles contain information on functionalities across the entire platform.

Cards and Table Views

Viewing and modifying elements in the table.

Overview

In both views, you can:

Click the magnifying glass icon to look for specific elements in the list. You can search by name, status, or tag.
Display all the elements individually in a list or grouped by Status or Type. These grouping options vary depending on the area you are.

Table View

In the Table view, you can click the cog icon to begin customizing the table settings. You can reorder the columns in the table, hide or display the required ones or pin them.

Changes will be automatically applied. Click the Reset button to recover the original configuration.

Use the buttons at the top right part of the table to expand or collapse each row in the table. This will change the level of detail of each element.
Click the ellipsis button on each row to edit the element, copy its ID, or remove it.

Cards View

In this view, each element is displayed as a card that shows details about it.

Click the ellipsis button on each card to edit the element, copy its ID, or remove it.
Click the Add tag button and add the required tags to an element. For each tag you enter in the box, hit the Enter key. Click Save to add the tags.

Graph Calculations

Overview

This article outlines the more complex calculations that go on behind the graphs you see.

The line graph represents the events in/out, and the bar graph represents bytes in/on. Hover over a point on the chart to show a tooltip containing the events and bytes in for the selected time, as well as a percentage of how much increase/decrease has occurred since the previous lapse of time since the one currently selected.

Events

The values on the left-hand side represent the events in/out for the selected period.

AVG EPS

The average events per second ingested or sent by all listeners/Data sinks in your Tenant.

MAX EPS

The maximum number of events per second ingested or sent by all Listeners/Data sinks in your Tenant.

MIN EPS

The minimum number of events per second ingested or sent by all Listeners/Data sinks in your Tenant.

Bytes

The values on the right-hand side represent the bytes in/out for the selected period.

AVG Bytes

The average kilobytes per second ingested or sent by all Listeners/Data sinks in your Tenant.

MAX Bytes

The maximum kilobytes per second ingested or sent by all Listeners/Data sinks in your Tenant.

MIN Bytes

The minimum kilobytes per second ingested or sent by all Listeners/Data sinks in your Tenant.

The Time Range Selector

Overview

Throughout the entire Onum platform, you can set a period to either narrow down or extend the data shown. You can either select a predefined period or apply a custom time range.

The related graph and resources will be automatically updated to display data from the chosen period. To remove a selected period, simply click the bin icon that appears next to the period to go back to the default time range (1 hour ago).

The intervals will be calculated according to the Timezone of your browser. Keep an eye out for future implementations, where you can manually select a timezone.

Predefined and Custom time ranges

As well as predefined time intervals, you can also define a custom time range. To do it, simply select the required starting and ending dates in the calendar.

Comparisons

The interesting thing about Onum is that you can directly see how much volume you have saved compared to past ingestions, telling you what is going well and what requires further streamlining.

The comparison is direct/equivalent, meaning all data shown is analyzed compared to the previously selected equivalent time range.

For example, if the time range is 1 hour, the calculation of differences will be carried out using the previous one hour before the current selection =

Range selected: 10:00-11:00
Comparison: 09:00-10:00

Again, let´s say you now wish to view data over the last 7 days. The percentages will be calculated by measuring the volume retrospectively two weeks ago with the previous week.

Data Types

Easily identify data types using the color legend

Since Onum can process any data type, you may be wondering how to identify which is which. See the color legend below:

Field type

Description

A sequence of characters that is used primarily for textual data representation.

A string representing a list of values separated by commas (e.g. hello,my,name,is,John)

Used to represent whole numbers without any fractional or decimal component. Integers can be positive, negative, or zero.

Sequence of characters or encoded information that identifies the precise time at which an event occurred. Format: 2024-05-17T14:30:00Z

Used to represent real numbers with fractional parts, allowing for the representation of a wide range of values, including decimals. Format: 1.23456

Fundamental data type in computer programming that represents one of two possible values: true or false.

Characters that separate individual fields or columns of data. The delimiter ensures that each piece of data within a row is correctly identified and separated from the others.

In a JSON, fields are represented by keys within objects, and the corresponding values can be of any JSON data type. This flexibility allows a JSON to represent structured data in a concise and readable manner, making it suitable for various applications, especially in web development and API communication.

A simple and widely used file format for storing tabular data, such as a spreadsheet or database. In a CSV file, each line of the file represents a single row of data, and fields within each row are separated by a delimiter, usually a comma.

A key-value pair is a data structure commonly used in various contexts, including dictionaries, hash tables, and associative arrays. It consists of two components: a key and its corresponding value.

A literal data type, often referred to simply as a literal, represents a fixed value written directly into the source code of a program.

THE WORKSPACE

Listeners

Everything starts with a good Listener

Overview

A Push type of Listener passively sources data without explicitly requesting, whereas a Pull type is where the user actively requests data from an external source.

If you are using more than one Cluster, it is recommended not to use a Pull-type Listener. You can find out the Listener type in the integration-specific articles below.

Click the Listeners tab on the left menu for a general overview of the Listeners configured in your Tenant and the events generated.

Narrow Down Your Data

There are various ways to narrow down what you see in this view:

Add Filters

Add filters to narrow down the Listeners you see in the list. Click the + Add filter button and select the required filter type(s). You can filter by:

Name: Select a Condition (Contains, Equals, or Matches) and a Value to filter Listeners by their names.
Type: Choose the Listener type(s) you want to see in the list.
Version: Filter Listeners by their version.
Created by: Selecting this option opens a User drop-down where you can filter by creator.
Updated by: Selecting this option opens a User drop-down where you can filter by the last user to update a pipeline.

The filters applied will appear as tags at the top of the view.

Note that you can only add one filter of each type.

Select a Time Range

Select Tags

You can choose to view only those Listeners that have been assigned the desired tags. You can create these tags in the Listener settings or from the cards view. Press the Enter key to confirm the tag, then Save.

To filter by tags, click the + Tags button, select the required tag(s) and click Save.

Create a Listener

Depending on your permissions, you can create a new Listener from this view. To do it, simply click the New listener button at the top right corner.

This will open the Listener configuration.

Configure a Listener

Configuring your Listener involves various steps. You can open the configuration pane by creating a new Listener or by clicking a Listener in the Listener tab or the Pipeline view and selecting Edit Listener in the pane that opens.

Alternatively, click the ellipses in the card or table view and select Edit.

Type

The first step is to define the Listener Type. Select the desired type in this window and select Configuration.

Configuration

Labels

Cloud Listeners

Overview

If your Onum installation is deployed in our Cloud, the configuration settings of a Listener would be slightly different from Listeners defined in an On-Premise deployment:

Cloud Listeners do not have the TLS configuration settings in their creation form, as the connection is already secured.
Cloud Listeners have an additional step in their creation process: Network configuration. Use these details to configure your data source to communicate with Onum. Click Download certificate to get the required certificate for the connection. You can also download it from the Listener details once it is created.

Important Considerations

You must consider the following indications before using Cloud Listeners:

Cloud Listener endpoints are created in Onum's DNS. This process is usually fast and Listeners are normally available immediately. However, note that this may last up to 24-48 hours depending on your organization's DNS configuration.
Cloud Listener endpoints require Mutual TLS (mTLS) authentication, which means that your data input must be able to process a TLS connection and be authorized with a certificate.
Your data input must use the Server Name Indication (SNI) method, which means it must send its hostname in the TLS authentication process. If SNI is not used, the certificate routing will fail and data will not be received, even if the given certificate is valid.

If your organization software cannot meet points 2 and 3, you can use an intermediate piece of software to ensure the client-Onum connection, such as Stunnel.

Listener Integrations

Onum is compatible with any data source, regardless of technology and architecture. A Listener Type is not necessarily limited to one integration and can be used to connect to various.

Click a Listener to see how to configure it.

Amazon S3

Most recent version: v0.0.1

This is a Pull listener, therefore should not be used in environments with more than one cluster.

Overview

Onum supports integration with AWS S3. Select Amazon S3 from the list of Listener types and click Configuration to start.

Minimum requirements

Before configuring and starting to send data with the Amazon S3 Listener, you need to take into consideration the following requirements:

Your Amazon user needs at least permission to use the GetObject operation (S3) and the ReceiveMessage and DeleteMessageBatch operations (SQS Bucket) to make this Listener work.
You need to configure your Amazon S3 bucket to send notifications to an Amazon Simple Queue Service (SQS) queue when new files are added. Learn how to do it below:

Configure your Amazon S3 bucket to send notifications to an Amazon SQS when new files are added

1. Create an Amazon SQS Queue

Sign in to the AWS Management Console and open the Amazon SQS console.
Choose Create Queue and configure the queue settings as needed.
After creating the queue, note its Amazon Resource Name (ARN), which follows this format: arn:aws:sqs:<region>:<account-id>:<queue-name>.

2. Modify the SQS Queue Policy to Allow S3 to Send Messages

In the Amazon SQS console, select your queue.
Navigate to the Access Policy tab and choose Edit.
Replace the existing policy with the following, ensuring you update the placeholders with your specific details:

  ```json
  {
    "Version": "2012-10-17",
    "Id": "S3ToSQSPolicy",
    "Statement": [
      {
        "Sid": "AllowS3Bucket",
        "Effect": "Allow",
        "Principal": {
          "Service": "s3.amazonaws.com"
        },
        "Action": "SQS:SendMessage",
        "Resource": "arn:aws:sqs:<region>:<account-id>:<queue-name>",
        "Condition": {
          "ArnLike": {
            "aws:SourceArn": "arn:aws:s3:::<bucket-name>"
          },
          "StringEquals": {
            "aws:SourceAccount": "<account-id>"
          }
        }
      }
    ]
  }
  ```

Save the changes. This policy grants your S3 bucket permission to send messages to your SQS queue.

3. Configure S3 Event Notifications

Open the Amazon S3 console and select the bucket you want to configure.
Go to the Properties tab and find the "Event notifications" section.
Click on Create event notification.
Provide a descriptive name for the event notification.
In the Event types section, select All object create events or specify particular events that should trigger notifications.
In the Destination section, choose SQS Queue and select the queue you configured earlier.
Save the configuration.

4. Test the Configuration

Upload a new file to your S3 bucket.
Check your SQS queue to verify that a message has been received, indicating that the notification setup is functioning correctly.

Additional Considerations

Cross-Region Configurations: Ensure that your S3 bucket and SQS queue are in the same AWS Region, as S3 event notifications do not support cross-region targets.
Permissions: Confirm that the AWS Identity and Access Management (IAM) roles associated with your S3 bucket and SQS queue have the necessary permissions.
Object Key Name Filtering: If you use special characters in your prefix or suffix filters for event notifications, ensure they are URL-encoded.

Configuration

Now you need to specify how and where to collect the data, and how to establish a connection with AWS S3.

Metadata

Enter the basic information for the new Listener.

Parameter

Description

Name*

Enter a name for the new Listener.

Description

Optionally, enter a description for the Listener.

Tags

Add tags to easily identify your Listener. Hit the Enter key after you define each tag.

Configuration

Objects

Parameter

Description

Compression*

Select the compression method used in the ingested S3 files. This accepts the standard compression codecs (gzip, zlib, bzip2), none for no compression, and auto to autodetect the compression type from the file extension.

Format*

Select the format of the ingested S3 files. This currently accepts json array (a big json array containing a json object for each event), json lines (a json object representing an event on each line), and auto to autodetect the compression type from the file extension (.json or .jsonl, respectively).

Bucket

Parameter

Description

Region*

Choose the region the bucket is found in, found also in your Buckets area next to the name.

Parameter

Description

Name

Access key ID*

In the left panel, click on Users.
Select your IAM user.
Under the Security Credentials tab, scroll to Access Keys, and you will find existing Access Key IDs (but not the secret access key).

Secret access key*

Bucket Advanced

Proceed with caution when modifying these advanced options. Default values should be enough in most cases.

Parameter

Description

Service endpoint

Optionally, Amazon S3 provides different types of service endpoints based on the region and access type.

Select your bucket.
Go to the Properties tab.
Under Bucket ARN & URL, find the S3 endpoint URL.

Amazon Service Endpoint will usually be chosen automatically, so you should not normally have to fill this up. However, in case you need to override the default access point, you can do it here.

Queue

Parameter

Description

Region

Choose the region your queue is created in from the drop-down provided.

URL*

The URL of your existing Amazon SQS queue to send the data to.

Go to the AWS Management Console.
In the Search Bar, type SQS and click on Simple Queue Service (SQS).
Click on Queues in the left panel.
Locate your queue from the list and click it.
The Queue URL will be displayed in the table under URL.

The correct format: https://sqs.region.localhost/awsaccountnumber/storedinenvvar

Parameter

Description

Access key ID

In the left panel, click on Users.
Select your IAM user.
Under the Security Credentials tab, scroll to Access Keys, and you will find existing Access Key IDs (but not the secret access key).

Note that this can be the same as in the bucket, in which case you don't need to repeat it here, or it can be different, depending on how you have configured your bucket & queue

Secret access key

This can be the same as for the bucket, in which case you don't need to repeat it here, or it can be different, depending on how you have configured your bucket & queue.

Under Access keys, you can see your Access Key IDs, but AWS will not show the Secret Access Key. You must have it saved somewhere. If you don't have the secret key saved, you need to create a new one. Note that this can be the same as in the bucket, in which case you don't need to repeat it here, or it can be different, depending on how you have configured your bucket & queue.

Event name

When you configure your bucket to send notifications to your SQS queue, you choose a name for those notification events. You can provide that name here to check the notifications to match that name when they are read by the Listener, or leave this empty to avoid such checks.

Queue Advanced

Proceed with caution when modifying these advanced options. Default values should be enough in most cases.

Parameter

Description

Service endpoint

If you have a custom endpoint, enter it here. The default SQS regional service endpoint will be used by default.

Maximum number of messages*

Set a limit for the maximum number of messages to receive in the notifications queue for each request. The minimum value is 1, and the maximum and default value is 10.

Visibility timeout*

Set how many seconds to leave a message as hidden in the queue after being delivered, before redelivering it to another consumer if not acknowledged. The minimum value is 30s, and the maximum value is 12h. The default value is 1h.

Wait time*

When the queue is empty, set how long to wait for messages before deeming the request as timed out. The minimum value is 5s, and the maximum and default value is 20s.

General Advanced

Proceed with caution when modifying these advanced options. Default values should be enough in most cases.

Parameter

Description

Event batch size*

Enter a limit for the number of events allowed through per batch. The minimum value is 1, and the maximum and default value is 1000000.

Minimum retry time*

Set the minimum amount of time to wait before retrying. The default and minimum value is 1s, and the maximum value is 10m.

Maximum retry time*

Set the maximum amount of time to wait before retrying. The default value is 5m, and the maximum value is 10m. The minimum value is the one set in the parameter above.

Azure Event Hubs

Most recent version: v0.0.1

Overview

This is a Pull Listener and therefore should not be used in environments with more than one cluster.

The Azure Event Hubs Listener lets you receive messages from an Azure Event Hub for real-time data streaming, providing support for message batching, retries, and secure connection options.

Select Azure Event Hubs from the list of Listener types and click Configuration to start.

Configuration

Now you need to specify how and where to collect the data, and how to establish a connection with Microsoft Azure Event Hubs.

Metadata

Enter the basic information for the new Listener.

Parameter

Description

Name*

Enter a name for the new Listener.

Description

Optionally, enter a description for the Listener.

Tags

Add tags to easily identify your Listener. Hit the Enter key after you define each tag.

Configuration

Now add the configuration to establish the connection.

Parameter

Description

Connection params*

The URL for your Event Hub. To get it:

Click your Event Hubs namespace to view the Hubs it contains.
Scroll down to the bottom and click the specific event hub to connect to.
In the left menu, go to Shared Access Policies.
If there is no policy created for an event hub, create one with Manage, Send, or Listen access.
Select the policy from the list.
Select the copy button next to the Connection string-primary key field.

It is possible that the name of this field may not correspond, so look for the example string format:

Endpoint=sb://.servicebus.windows.net/; SharedAccessKeyName=RootManageSharedAccessKey; SharedAccessKey=

Cisco NetFlow

Most recent version: v0.1.0

Overview

Onum supports integration with Cisco NetFlow.

Select Cisco NetFlow from the list of Listener types and click Configuration to start.

Configuration

Now you need to specify how and where to collect the data, and how to establish a connection with Cisco NetFlow.

Metadata

Enter the basic information for the new Listener.

Configuration

Now add the configuration to establish the connection.

Socket

Flow

Access control

Arithmetic / Logic

Code tidy

Control characters

Conversion

Data format

Date / Time

Encryption / Encoding

File system permissions

Format conversion

Hashing

Amazon S3

Most recent version: v0.0.1

See the changelog of this Listener type .

This is a Pull listener, therefore should not be used in environments with more than one cluster.

Overview

Onum supports integration with AWS S3. Select Amazon S3 from the list of Listener types and click Configuration to start.

Minimum requirements

Before configuring and starting to send data with the Amazon S3 Listener, you need to take into consideration the following requirements:

Your Amazon user needs at least permission to use the GetObject operation (S3) and the ReceiveMessage and DeleteMessageBatch operations (SQS Bucket) to make this Listener work.
You need to configure your Amazon S3 bucket to send notifications to an Amazon Simple Queue Service (SQS) queue when new files are added. Learn how to do it below:

Configure your Amazon S3 bucket to send notifications to an Amazon SQS when new files are added

1. Create an Amazon SQS Queue

Sign in to the AWS Management Console and open the Amazon SQS console.
Choose Create Queue and configure the queue settings as needed.
After creating the queue, note its Amazon Resource Name (ARN), which follows this format: arn:aws:sqs:<region>:<account-id>:<queue-name>.

2. Modify the SQS Queue Policy to Allow S3 to Send Messages

In the Amazon SQS console, select your queue.
Navigate to the Access Policy tab and choose Edit.
Replace the existing policy with the following, ensuring you update the placeholders with your specific details:

  ```json
  {
    "Version": "2012-10-17",
    "Id": "S3ToSQSPolicy",
    "Statement": [
      {
        "Sid": "AllowS3Bucket",
        "Effect": "Allow",
        "Principal": {
          "Service": "s3.amazonaws.com"
        },
        "Action": "SQS:SendMessage",
        "Resource": "arn:aws:sqs:<region>:<account-id>:<queue-name>",
        "Condition": {
          "ArnLike": {
            "aws:SourceArn": "arn:aws:s3:::<bucket-name>"
          },
          "StringEquals": {
            "aws:SourceAccount": "<account-id>"
          }
        }
      }
    ]
  }
  ```

Save the changes. This policy grants your S3 bucket permission to send messages to your SQS queue.

3. Configure S3 Event Notifications

Open the Amazon S3 console and select the bucket you want to configure.
Go to the Properties tab and find the "Event notifications" section.
Click on Create event notification.
Provide a descriptive name for the event notification.
In the Event types section, select All object create events or specify particular events that should trigger notifications.
In the Destination section, choose SQS Queue and select the queue you configured earlier.
Save the configuration.

4. Test the Configuration

Upload a new file to your S3 bucket.
Check your SQS queue to verify that a message has been received, indicating that the notification setup is functioning correctly.

Additional Considerations

Cross-Region Configurations: Ensure that your S3 bucket and SQS queue are in the same AWS Region, as S3 event notifications do not support cross-region targets.
Permissions: Confirm that the AWS Identity and Access Management (IAM) roles associated with your S3 bucket and SQS queue have the necessary permissions.
Object Key Name Filtering: If you use special characters in your prefix or suffix filters for event notifications, ensure they are URL-encoded.

Configuration

Now you need to specify how and where to collect the data, and how to establish a connection with AWS S3.

Metadata

Enter the basic information for the new Listener.

Parameter

Description

Name*

Enter a name for the new Listener.

Description

Optionally, enter a description for the Listener.

Tags

Add tags to easily identify your Listener. Hit the Enter key after you define each tag.

Configuration

Objects

Parameter

Description

Compression*

Format*

Bucket

Parameter

Description

Region*

Choose the region the bucket is found in, found also in your Buckets area next to the name.

Parameter

Description

Name

The your data is stored in. This is the bucket name found in your Buckets area. You can fill this if you want to check that notifications come from that bucket, or leave it empty to avoid such checks.

Access key ID*

Add the access key from your or create one. The Access Key ID is found in the IAM Dashboard of the AWS Management Console.

In the left panel, click on Users.
Select your IAM user.
Under the Security Credentials tab, scroll to Access Keys, and you will find existing Access Key IDs (but not the secret access key).

Secret access key*

Add the secret access key from your or create one.

Bucket Advanced

Proceed with caution when modifying these advanced options. Default values should be enough in most cases.

Parameter

Description

Service endpoint

Optionally, Amazon S3 provides different types of service endpoints based on the region and access type.

Select your bucket.
Go to the Properties tab.
Under Bucket ARN & URL, find the S3 endpoint URL.

Amazon Service Endpoint will usually be chosen automatically, so you should not normally have to fill this up. However, in case you need to override the default access point, you can do it here.

Queue

Parameter

Description

Region

Choose the region your queue is created in from the drop-down provided.

URL*

The URL of your existing Amazon SQS queue to send the data to.

Go to the AWS Management Console.
In the Search Bar, type SQS and click on Simple Queue Service (SQS).
Click on Queues in the left panel.
Locate your queue from the list and click it.
The Queue URL will be displayed in the table under URL.

The correct format: https://sqs.region.localhost/awsaccountnumber/storedinenvvar

Parameter

Description

Access key ID

Add the access key from your or create one. The Access Key ID is found in the IAM Dashboard of the AWS Management Console.

In the left panel, click on Users.
Select your IAM user.
Under the Security Credentials tab, scroll to Access Keys, and you will find existing Access Key IDs (but not the secret access key).

Note that this can be the same as in the bucket, in which case you don't need to repeat it here, or it can be different, depending on how you have configured your bucket & queue

Secret access key

This can be the same as for the bucket, in which case you don't need to repeat it here, or it can be different, depending on how you have configured your bucket & queue.

Add the secret access key from your or create one.

Event name

Queue Advanced

Proceed with caution when modifying these advanced options. Default values should be enough in most cases.

Parameter

Description

Service endpoint

If you have a custom endpoint, enter it here. The default SQS regional service endpoint will be used by default.

Maximum number of messages*

Set a limit for the maximum number of messages to receive in the notifications queue for each request. The minimum value is 1, and the maximum and default value is 10.

Visibility timeout*

Wait time*

When the queue is empty, set how long to wait for messages before deeming the request as timed out. The minimum value is 5s, and the maximum and default value is 20s.

General Advanced

Proceed with caution when modifying these advanced options. Default values should be enough in most cases.

Parameter

Description

Event batch size*

Enter a limit for the number of events allowed through per batch. The minimum value is 1, and the maximum and default value is 1000000.

Minimum retry time*

Set the minimum amount of time to wait before retrying. The default and minimum value is 1s, and the maximum value is 10m.

Maximum retry time*

Set the maximum amount of time to wait before retrying. The default value is 5m, and the maximum value is 10m. The minimum value is the one set in the parameter above.

Click Create labels to move on to the next step and define the required .

v1.692.0

Welcome

Quick Links

Most popular

Getting Started

About Onum

Overview

@ the Edge

Start with the basics

Architecture

How it works

Deployment types

Delivery methods

Deployment

System requirements

Cloud

On-Premise

Hardware requirements

Access

Getting Started with Onum

Accessing Onum

Navigating the Interface

Create Your First Listener

Create Your First Data Sink

Build Your First Pipeline

Use cases

Understanding The Essentials

Cards and Table Views

Overview

Table View

Cards View

Graph Calculations

Overview

Events

Bytes

The Time Range Selector

Overview

Predefined and Custom time ranges

Comparisons

Data Types

THE WORKSPACE

Listeners

Overview

Narrow Down Your Data

Add Filters

Select a Time Range

Select Tags

Create a Listener

Configure a Listener

Type

Configuration

Labels

Cloud Listeners

Overview

Important Considerations

Listener Integrations

Amazon S3

Overview

Minimum requirements

1. Create an Amazon SQS Queue

2. Modify the SQS Queue Policy to Allow S3 to Send Messages

3. Configure S3 Event Notifications

4. Test the Configuration

Additional Considerations

Configuration

Metadata

Configuration

Objects

Bucket

Bucket Advanced

Queue

Queue Advanced

General Advanced

Azure Event Hubs

Overview

Configuration

Metadata

Configuration

Cisco NetFlow

Overview