Updated Apps With ARN Values

aws-observability-terraform/app-modules/alb/app.tf

@@ -1,6 +1,6 @@
 module "alb_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/apigateway/app.tf

@@ -1,6 +1,6 @@
 module "apigateway_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/dynamodb/app.tf

@@ -1,6 +1,6 @@
 module "dynamodb_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/ec2metrics/app.tf

@@ -1,6 +1,6 @@
 module "ec2metrics_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/ecs/app.tf

@@ -1,6 +1,6 @@
 module "ecs_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/elasticache/app.tf

@@ -1,6 +1,6 @@
 module "elasticache_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/elb/app.tf

@@ -1,6 +1,6 @@
 module "classic_elb_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/lambda/app.tf

@@ -1,6 +1,6 @@
 module "lambda_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/nlb/app.tf

@@ -1,6 +1,6 @@
 module "nlb_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/overview/app.tf

@@ -1,6 +1,6 @@
 module "overview_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/rds/app.tf

@@ -1,6 +1,6 @@
 module "rds_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/sns/app.tf

@@ -1,6 +1,6 @@
 module "sns_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/app-modules/sqs/app.tf

@@ -1,6 +1,6 @@
 module "sqs_module" {
-  source = "SumoLogic/sumo-logic-integrations/sumologic//sumologic"
-  version = "1.0.20"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//sumologic?ref=fy26q4"
+  #version = "1.0.21"
 
   access_id   = var.access_id
   access_key  = var.access_key

aws-observability-terraform/field.tf

@@ -183,14 +183,16 @@ resource "sumologic_field_extraction_rule" "AwsObservabilityALBCloudTrailLogsFER
       name = "AwsObservabilityALBCloudTrailLogsFER"
       scope = "account=* eventSource eventName \"elasticloadbalancing.amazonaws.com\" \"2015-12-01\""
       parse_expression = <<EOT
-              | json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.name", "requestParameters.type", "requestParameters.loadBalancerArn", "apiVersion" as event_source, region, accountid, loadbalancer, loadbalancertype, loadbalancerarn, api_version nodrop 
+              | json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.name", "requestParameters.type", "requestParameters.loadBalancerArn", "requestParameters.listenerArn", "apiVersion" as event_source, region, accountid, loadbalancer, loadbalancertype, loadbalancerarn, listenerarn, api_version nodrop
+              | where event_source = "elasticloadbalancing.amazonaws.com" and api_version matches "2015-12-01"
               | "" as namespace
-              | where event_source = "elasticloadbalancing.amazonaws.com" and api_version matches "2015-12-01" 
-              | parse field=loadbalancerarn ":loadbalancer/*/*/*" as balancertype, loadbalancer, f1 nodrop
-              | if(loadbalancertype matches "network", "aws/nlb", if(balancertype matches "net", "aws/nlb", namespace)) as namespace
-              | if(loadbalancertype matches "application", "aws/applicationelb", if(balancertype matches "app", "aws/applicationelb", namespace)) as namespace
+              | parse field=loadbalancerarn ":loadbalancer/*/*/*" as balancertype1, loadbalancer1, f1 nodrop
+              | parse field=listenerarn ":listener/*/*/*/*" as balancertype2, loadbalancer2, f1, f2 nodrop
+              | if(loadbalancertype matches "network", "aws/networkelb", if(balancertype1 matches "net", "aws/networkelb", if(balancertype2 matches "net", "aws/networkelb", namespace))) as namespace
+              | if(loadbalancertype matches "application", "aws/applicationelb", if(balancertype1 matches "app", "aws/applicationelb", if(balancertype2 matches "app", "aws/applicationelb", namespace))) as namespace
               | where namespace="aws/applicationelb" or isEmpty(namespace)
-              | toLowerCase(loadbalancer) as loadbalancer  
+              | if (!isEmpty(loadbalancer), loadbalancer, if (!isEmpty(loadbalancer1), loadbalancer1, loadbalancer2)) as loadbalancer
+              | toLowerCase(loadbalancer) as loadbalancer
               | fields region, namespace, loadbalancer, accountid
       EOT
       enabled = true
@@ -217,15 +219,17 @@ resource "sumologic_field_extraction_rule" "AwsObservabilityNLBCloudTrailLogsFER
       name = "AwsObservabilityNLBCloudTrailLogsFER"
       scope = "account=* eventSource eventName \"elasticloadbalancing.amazonaws.com\" \"2015-12-01\""
       parse_expression = <<EOT
-              | json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.name", "requestParameters.type", "requestParameters.loadBalancerArn", "apiVersion" as event_source, region, accountid, loadbalancer, loadbalancertype, loadbalancerarn, api_version nodrop 
+              | json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.name", "requestParameters.type", "requestParameters.loadBalancerArn", "requestParameters.listenerArn", "apiVersion" as event_source, region, accountid, networkloadbalancer, loadbalancertype, loadbalancerarn, listenerarn, api_version nodrop
+              | where event_source = "elasticloadbalancing.amazonaws.com" and api_version matches "2015-12-01"
               | "" as namespace
-              | where event_source = "elasticloadbalancing.amazonaws.com" and api_version matches "2015-12-01" 
-              | parse field=loadbalancerarn ":loadbalancer/*/*/*" as balancertype, loadbalancer, f1 nodrop
-              | if(loadbalancertype matches "network", "aws/nlb", if(balancertype matches "net", "aws/nlb", namespace)) as namespace
-              | if(loadbalancertype matches "application", "aws/applicationelb", if(balancertype matches "app", "aws/applicationelb", namespace)) as namespace
-              | where namespace="aws/applicationelb" or isEmpty(namespace)
-              | toLowerCase(loadbalancer) as loadbalancer  
-              | fields region, namespace, loadbalancer, accountid
+              | parse field=loadbalancerarn ":loadbalancer/*/*/*" as balancertype1, networkloadbalancer1, f1 nodrop
+              | parse field=listenerarn ":listener/*/*/*/*" as balancertype2, networkloadbalancer2, f1, f2 nodrop
+              | if(loadbalancertype matches "network", "aws/networkelb", if(balancertype1 matches "net", "aws/networkelb", if(balancertype2 matches "net", "aws/networkelb", namespace))) as namespace
+              | if(loadbalancertype matches "application", "aws/applicationelb", if(balancertype1 matches "app", "aws/applicationelb", if(balancertype2 matches "app", "aws/applicationelb", namespace))) as namespace
+              | where namespace="aws/networkelb" or isEmpty(namespace)
+              | if (!isEmpty(networkloadbalancer), networkloadbalancer, if (!isEmpty(networkloadbalancer1), networkloadbalancer1, networkloadbalancer2)) as networkloadbalancer
+              | toLowerCase(networkloadbalancer) as networkloadbalancer
+              | fields region, namespace, networkloadbalancer, accountid
       EOT
       enabled = true
 }

aws-observability-terraform/source-module/main.tf

@@ -25,8 +25,9 @@ resource "time_sleep" "wait_for_minutes" {
 module "cloudtrail_module" {
   depends_on = [time_sleep.wait_for_minutes]
   for_each   = toset(local.create_cloudtrail_source ? ["cloudtrail_module"] : [])
-  source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudtrail"
-  version = "1.0.20"
+  #source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudtrail"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudtrail?ref=fy26q4"
+  #version = "1.0.21"
 
   create_collector          = false
   create_trail              = var.cloudtrail_source_details.bucket_details.create_bucket ? true : false
@@ -65,8 +66,9 @@ module "cloudtrail_module" {
 module "elb_module" {
   depends_on = [time_sleep.wait_for_minutes]
   for_each   = toset(local.create_elb_source ? ["elb_module"] : [])
-  source = "SumoLogic/sumo-logic-integrations/sumologic//aws/elb"
-  version = "1.0.20"
+  #source = "SumoLogic/sumo-logic-integrations/sumologic//aws/elb"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/elb?ref=fy26q4"
+  #version = "1.0.21"
 
   create_collector          = false
   sumologic_organization_id = var.sumologic_organization_id
@@ -111,8 +113,9 @@ module "elb_module" {
 module "classic_lb_module" {
   depends_on = [time_sleep.wait_for_minutes]
   for_each   = toset(local.create_classic_lb_source ? ["classic_lb_module"] : [])
-  source = "SumoLogic/sumo-logic-integrations/sumologic//aws/elasticloadbalancing"
-  version = "1.0.20"
+  #source = "SumoLogic/sumo-logic-integrations/sumologic//aws/elasticloadbalancing"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/elasticloadbalancing?ref=fy26q4"
+  #version = "1.0.21"
 
   create_collector          = false
   sumologic_organization_id = var.sumologic_organization_id
@@ -157,8 +160,9 @@ module "classic_lb_module" {
 module "cloudwatch_custom_metrics_source_module" {
   depends_on = [time_sleep.wait_for_minutes]
   for_each   = toset(local.create_cw_metrics_source && length(local.custom_namespace) > 0 ? ["Custom"] : [])
-  source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudwatchmetrics"
-  version = "1.0.20"
+  #source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudwatchmetrics"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudwatchmetrics?ref=fy26q4"
+  #version = "1.0.21"
 
   create_collector          = false
   sumologic_organization_id = var.sumologic_organization_id
@@ -187,8 +191,9 @@ module "cloudwatch_custom_metrics_source_module" {
 module "cloudwatch_metrics_source_module" {
   depends_on = [time_sleep.wait_for_minutes]
   for_each   = local.create_cw_metrics_source && length(local.aws_namespace) > 0 ? toset(local.aws_namespace) : []
-  source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudwatchmetrics"
-  version = "1.0.20"
+  # source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudwatchmetrics"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudwatchmetrics?ref=fy26q4"
+  #version = "1.0.21"
 
   create_collector          = false
   sumologic_organization_id = var.sumologic_organization_id
@@ -217,8 +222,9 @@ module "cloudwatch_metrics_source_module" {
 module "kinesis_firehose_for_metrics_source_module" {
   depends_on = [time_sleep.wait_for_minutes]
   for_each   = toset(local.create_kf_metrics_source ? ["kinesis_firehose_for_metrics_source_module"] : [])
-  source = "SumoLogic/sumo-logic-integrations/sumologic//aws/kinesisfirehoseformetrics"
-  version = "1.0.20"
+  # source = "SumoLogic/sumo-logic-integrations/sumologic//aws/kinesisfirehoseformetrics"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/kinesisfirehoseformetrics?ref=fy26q4"
+  #version = "1.0.21"
 
   create_collector          = false
   sumologic_organization_id = var.sumologic_organization_id
@@ -250,8 +256,9 @@ module "kinesis_firehose_for_metrics_source_module" {
 module "cloudwatch_logs_lambda_log_forwarder_module" {
   depends_on = [time_sleep.wait_for_minutes]
   for_each   = toset(local.create_llf_logs_source ? ["cloudwatch_logs_lambda_log_forwarder_module"] : [])
-  source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudwatchlogsforwarder"
-  version = "1.0.20"
+  # source = "SumoLogic/sumo-logic-integrations/sumologic//aws/cloudwatchlogsforwarder"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/cloudwatchlogsforwarder?ref=fy26q4"
+  #version = "1.0.21"
 
   create_collector = false
 
@@ -282,8 +289,9 @@ module "cloudwatch_logs_lambda_log_forwarder_module" {
 module "kinesis_firehose_for_logs_module" {
   depends_on = [time_sleep.wait_for_minutes]
   for_each   = toset(local.create_kf_logs_source ? ["kinesis_firehose_for_logs_module"] : [])
-  source = "SumoLogic/sumo-logic-integrations/sumologic//aws/kinesisfirehoseforlogs"
-  version = "1.0.20"
+  #source = "SumoLogic/sumo-logic-integrations/sumologic//aws/kinesisfirehoseforlogs"
+  source = "git::https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations.git//aws/kinesisfirehoseforlogs?ref=fy26q4"
+  #version = "1.0.21"
 
   create_collector = false
 

aws-observability/apps/alb/alb_app.template.yaml

@@ -392,15 +392,17 @@ Resources:
       RemoveOnDeleteStack: false
       FieldExtractionRuleName: "AwsObservabilityALBCloudTrailLogsFER"
       FieldExtractionRuleScope: "account=* eventSource eventName \"elasticloadbalancing.amazonaws.com\" \"2015-12-01\""
-      FieldExtractionRuleParseExpression: '| json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.name", "requestParameters.type", "requestParameters.loadBalancerArn", "apiVersion" as event_source, region, accountid, loadbalancer, loadbalancertype, loadbalancerarn, api_version nodrop 
-                                            | "" as namespace
-                                            | where event_source = "elasticloadbalancing.amazonaws.com" and api_version matches "2015-12-01" 
-                                            | parse field=loadbalancerarn ":loadbalancer/*/*/*" as balancertype, loadbalancer, f1 nodrop
-                                            | if(loadbalancertype matches "network", "aws/nlb", if(balancertype matches "net", "aws/nlb", namespace)) as namespace
-                                            | if(loadbalancertype matches "application", "aws/applicationelb", if(balancertype matches "app", "aws/applicationelb", namespace)) as namespace
-                                            | where namespace="aws/applicationelb" or isEmpty(namespace)
-                                            | toLowerCase(loadbalancer) as loadbalancer  
-                                            | fields region, namespace, loadbalancer, accountid'
+      FieldExtractionRuleParseExpression: '| json "eventSource", "awsRegion", "recipientAccountId", "requestParameters.name", "requestParameters.type", "requestParameters.loadBalancerArn", "requestParameters.listenerArn", "apiVersion" as event_source, region, accountid, loadbalancer, loadbalancertype, loadbalancerarn, listenerarn, api_version nodrop
+                                          | where event_source = "elasticloadbalancing.amazonaws.com" and api_version matches "2015-12-01"
+                                          | "" as namespace
+                                          | parse field=loadbalancerarn ":loadbalancer/*/*/*" as balancertype1, loadbalancer1, f1 nodrop
+                                          | parse field=listenerarn ":listener/*/*/*/*" as balancertype2, loadbalancer2, f1, f2 nodrop
+                                          | if(loadbalancertype matches "network", "aws/networkelb", if(balancertype1 matches "net", "aws/networkelb", if(balancertype2 matches "net", "aws/networkelb", namespace))) as namespace
+                                          | if(loadbalancertype matches "application", "aws/applicationelb", if(balancertype1 matches "app", "aws/applicationelb", if(balancertype2 matches "app", "aws/applicationelb", namespace))) as namespace
+                                          | where namespace="aws/applicationelb" or isEmpty(namespace)
+                                          | if (!isEmpty(loadbalancer), loadbalancer, if (!isEmpty(loadbalancer1), loadbalancer1, loadbalancer2)) as loadbalancer
+                                          | toLowerCase(loadbalancer) as loadbalancer
+                                          | fields region, namespace, loadbalancer, accountid'
       FieldExtractionRuleParseEnabled: true
       SumoAccessID: !Ref Section1bSumoAccessID
       SumoAccessKey: !Ref Section1cSumoAccessKey