Skip to main content

Send Torq Audit and Activity Logs to Elasticsearch - Workflow Template

Pull the logs from Torq on a schedule and send to Elasticsearch in a batch transaction.

Updated over a year ago

Enhance your log analysis capabilities with the "Send Torq Audit and Activity Logs to Elasticsearch" workflow template. Intended for scheduled batch transfers, this template manages the routine collection and transformation of Torq logs, before utilizing Elasticsearch's _bulk API for efficient, single-call upload. Facilitate advanced search and analytics operations by systematically organizing logs into separate Elasticsearch indexes, streamlining data-driven decision-making.

Take Me to the Template

Use Cases

null

Workflow Breakdown

  1. Set the required parameters in the Workflow Context for the Elasticsearch Indexes.

  2. Pull the desired logs using the included nested workflow.

  3. Transform the logs into one log per line and a create command line before each log line.

  4. Use _bulk endpoint to upload all logs in a single API call.

Vendors

Utils, HTTP, Torq

Workflow Output

Logs will be stored in separated Indexes for further analysis.

Tips

Use 'Analytics' to create Activity and Audit Dashboards

Related Articles
Collect Torq Audit or Activity Logs - Workflow Template
Send Torq Audit or Activity Logs to Azure Blob Storage - Workflow Template
Send Torq Audit and Activity Logs to Snowflake - Workflow Template
Send Torq Audit or Activity logs to Sumo Logic on a Schedule - Workflow Template
Send Torq Audit or Activity Logs on a Schedule to Splunk - Workflow Template
Did this answer your question?