Ingestion API Keys
SUSE Observability
Overview
Ingestion API Keys are used by external tools to ingest data (like metrics, events, traces and so on) to the SUSE Observability cluster. These tools can be STS Agent or/and OTel Collector.
Manage Ingestion API Keys
Keys can be managed via the sts
CLI. The following commands are available:
Create Ingestion API Keys
To create a Key in your instance of SUSE Observability, you can use the sts
CLI.
Note that the Key will only be displayed once. It isn't possible to see the token again.
This command takes the following command line arguments:
For example, the command below will create a Key with the name my-ingestion-api-key
:
List Ingestion API Keys
The ID, name, expiration date and description of all created Ingestion API Keys can be seen using the sts
CLI. For example:
Delete Ingestion API Keys
An Ingestion API Key can be deleted using the sts
CLI. Pass the ID of the Key as an argument. For example:
Authenticating using service tokens
Once created, an Ingestion API Key can be used to authenticate:
stackstate-k8s-agent
OTel Collector
stackstate-k8s-agent
The SUSE Observability agent requires an API key for communication, historically known as the Receiver API Key. SUSE Observability now offers two options for authentication:
Receiver API Key: This key is typically generated during the initial installation of your SUSE Observability instance,
Ingestion API Key: You can create Ingestion API Keys using the SUSE Observability CLI (STS). These keys offer expiration dates, requiring periodic rotation for continued functionality.
OTel Collector
When using the SUSE Observability collector, you'll need to include an Authorization
header in your configuration. The collector accepts either a Receiver API Key or an Ingestion API Key for authentication. The following code snippet provides an example configuration:
Last updated