Offloading data to a third-party system

Update the analytics-extra-values.yaml file to configure data offloading from your API Connect Analytics deployment to a third-party system.

1. Open the analytics-extra-values.yaml file for editing.
   Remember: All additions to the file must appear after the spec: statement.
2. Add the following section to the file:

   
   spec:
     external:
       offload:
         enabled: true
         output: |
           $EXTERNAL_OFFLOAD_OUTPUT

   where $EXTERNAL_OFFLOAD_OUTPUT is the plugin output for the target third-party system.

   For example, the following example enables offloading to HTTP:

   
   spec:
     external:
       offload:
         enabled: true
         output: |
           http {
             url => "example.com"
             http_method => "post"
             codec => "json"
             content_type => "application/json"
             headers => {
               "x-acme-index" => "8"
               "x-acme-key" => "0d5d259f-b8c5-4398-9e58-77b05be67037"
             }
             id => "offload_http"
           }

   For examples of output plugins, see Sample output plugins for offloading data.

3. Optional: Modify the output plugin to include certificates for connecting to a secure endpoint.
   Important: Certificates can only be applied after the Analytics subsystem is deployed. If you want to configure an output plugin that references a certificate, you must install the Analytics subsystem first, then create a secret and apply it to the Analytics deployment, configure the output plugin, and re-install Analytics. For instructions on the correct procedure for applying a certificate to the Analytics deployment, see Providing a custom certificate for Analytics offload.

   If your third-party endpoint requires a particular certificate, you can configure the certificate and then reference it in the offload plugin. Include the secretName as well as the cacert, client_cert, and client_key settings.

   For example, the following output plugin enables offloading to HTTP and provides information on the certificate that is needed for authenticating with the endpoint:

   
   spec:
     external:
       offload:
         secretName: offload-certificates
         enabled: true
         output: |
           http {
             url => "https://example.com:443"
             http_method => "post"
             codec => "json"
             content_type => "application/json"
             headers => {
               "x-acme-index" => "8"
               "x-acme-key" => "0d5d259f-b8c5-4398-9e58-77b05be67037"
             }
             id => "offload_http"
             cacert => "/etc/velox/external_certs/offload/cacert.pem"
             client_cert => "/etc/velox/external_certs/offload/client.pem"
             client_key => "/etc/velox/external_certs/offload/client.key"
           }

   The secret and its defined files are mounted to the /etc/velox/external_certs/offload directory.

4. Optional: Add a filter after the output plugin to modify data prior to offloading it.

   The following example filter removes the query_string field:

   
   spec:
     external:
       offload:
         enabled: true
         output: |
           http {
             url => "example.com"
             http_method => "post"
             codec => "json"
             content_type => "application/json"
             headers => {
               "x-acme-index" => "8"
               "x-acme-key" => "0d5d259f-b8c5-4398-9e58-77b05be67037"
             }
             id => "offload_http"
           }
         filter: |
           ruby {
             remove_field => ["query_string"]
           }

   For information about modifying offloaded data, see Planning to modify your analytics data.

5. Save the file.