How to Integrate Orchestrator with Elasticsearch Using API Key?
This Knowledge base provides guidance on configuring the integration of an Orchestrator with Elasticsearch for sending robot logs. The integration process involves configuring the Nlogs Orchestrator to communicate with Elasticsearch, utilizing API keys for secure and seamless data transmission.
Elasticsearch Configuration Approaches:
Approach #1: Direct Configuration in Nlogs
- Create API keys from elastic search
- Configure apikeyvalue and apikeyid in Nlogs Configuration:
Approach #2: Azure Key Vault Integration
- Create API keys from elastic search
- Store API Key in Azure Key Vault
- Configure the Nlog section in orchestrator to access the API key stored in Azure Key Vault:
Elasticsearch API Key Generation
- For above both methods generating apikeyvalue and apikeyid same in the Elasticsearch
- Follow the documentation to Generate the API Key value.
- A successful call returns a JSON structure that provides API key information.
{
"it": "VuaCfGcBCdbkQm-e5aOx",
"name": "my-api-key",
"expiration": 1544068612110,
"api_key": "ui2lp2axTNmsyakw9tvNnw",
"encoded": "VnVhQ2ZHY0JDZGJrUW0tZTVhT3g6dWkybHAyYXhUTm1zeWFrdzl0dk5udw=="
}
Integration with Orchestrator
Approach #1: Direct Configuration in Nlogs
Orchestrator Configuration
- Go to the UiPath.Orchestrator.dll.config file from the installation location
Rules section
Nlog section
- Save the Configuration file and Restart the IIS.
Approach #2: Store apikey in Azure key vault access and configure in the Nlogs configuration
Azure Configuration
AppRegistration configuration
- Open your web browser and go to the Azure portal
- In the left-hand navigation pane, click on "Azure Active Directory."
- In the Azure Active Directory blade, click on "App registrations" and Create new App registration
- Once created new App registration created and go the "Certificates & Secrets"
- Click on "Upload certificate" to upload your certificate (it can be self-sighed or domain) under the "certificate tab"
- Note down the certificate thumbprint value, client ID and Directory ID from the overview page of App registration.
KeyVault Configuration:
- Open your web browser and go to the Azure portal
- In search bar type Key vaults, click on "Key vaults." and Create a new keyvault
- Go the Access control (IAM) Click on "Add+" then click on "Add role assignment"
- Select "Key Vault Administrator" under the "Roles" Section
- Select "User, group, or service principal" and click "+Select members"
- Click on next and assign
- Once vault is ready create a secret with the value Encoded (VnVhQ2ZHY0JDZGJrUW0tZTVhT3g6dWkybHAyYXhUTm1zeWFrdzl0dk5udw) form the ES apikeyvalue generation script result.
Orchestrator Configuration
- Install SSL certificate
- Install the created certificate in the localmahcine with Key .pfx format same as uploaded in the App registration
Configuration settings
- Go to the UiPath.Orchestrator.dll.config file from the installation location
Rules section
Nlog section
Note: Update the values of apiKeySecretName, azureKeyVaultUri, azureKeyVaultDirectoryId, azureKeyVaultClientId and azureKeyVaultCertificateThumbprint.
- Save the Configuration file and Restart the IIS.