General availability (GA) Open source

otelcol.receiver.opencensus

Warning

The otelcol.receiver.opencensus component has been deprecated and will be removed in a future release. Use otelcol.reciver.otlp instead.

otelcol.receiver.opencensus accepts telemetry data via gRPC or HTTP using the OpenCensus format and forwards it to other otelcol.* components.

Note

otelcol.receiver.opencensus is a wrapper over the upstream OpenTelemetry Collector opencensus receiver. Bug reports or feature requests will be redirected to the upstream repository, if necessary.

You can specify multiple otelcol.receiver.opencensus components by giving them different labels.

Usage

alloy
otelcol.receiver.opencensus "<LABEL>" {
  output {
    metrics = [...]
    logs    = [...]
    traces  = [...]
  }
}

Arguments

You can use the following arguments with otelcol.receiver.opencensus:

NameTypeDescriptionDefaultRequired
authcapsule(otelcol.Handler)Handler from an otelcol.auth component to use for authenticating requests.no
cors_allowed_originslist(string)A list of allowed Cross-Origin Resource Sharing (CORS) origins.no
endpointstringhost:port to listen for traffic on."0.0.0.0:55678"no
include_metadataboolPropagate incoming connection metadata to downstream consumers.falseno
max_concurrent_streamsnumberLimit the number of concurrent streaming RPC calls.no
max_recv_msg_sizestringMaximum size of messages the server will accept."4MiB"no
read_buffer_sizestringSize of the read buffer the gRPC server will use for reading from clients."512KiB"no
transportstringTransport to use for the gRPC server."tcp"no
write_buffer_sizestringSize of the write buffer the gRPC server will use for writing to clients.no

cors_allowed_origins are the allowed CORS origins for HTTP/JSON requests. An empty list means that CORS isn’t enabled at all. A wildcard (*) can be used to match any origin or one or more characters of an origin.

The “endpoint” parameter is the same for both gRPC and HTTP/JSON, as the protocol is recognized and processed accordingly.

To write traces with HTTP/JSON, POST to [address]/v1/trace. The JSON message format parallels the gRPC protobuf format. For details, refer to its OpenApi specification.

max_recv_msg_size, read_buffer_size and write_buffer_size are formatted in a way so that the units are included in the string, such as “512KiB” or “1024KB”.

Blocks

You can use the following blocks with otelcol.receiver.opencensus:

BlockDescriptionRequired
outputConfigures where to send received telemetry data.yes
debug_metricsConfigures the metrics that this component generates to monitor its state.no
keepaliveConfigures keepalive settings for the configured server.no
keepalive > enforcement_policyEnforcement policy for keepalive settings.no
keepalive > server_parametersServer parameters used to configure keepalive settings.no
tlsConfigures TLS for the gRPC server.no
tls > tpmConfigures TPM settings for the TLS key_file.no

The > symbol indicates deeper levels of nesting. For example, keepalive > enforcesment_policy refers to an enforcement_policy block defined inside a keepalive block.

output

Required

The output block configures a set of components to forward resulting telemetry data to.

The following arguments are supported:

NameTypeDescriptionDefaultRequired
logslist(otelcol.Consumer)List of consumers to send logs to.[]no
metricslist(otelcol.Consumer)List of consumers to send metrics to.[]no
traceslist(otelcol.Consumer)List of consumers to send traces to.[]no

You must specify the output block, but all its arguments are optional. By default, telemetry data is dropped. Configure the metrics, logs, and traces arguments accordingly to send telemetry data to other components.

debug_metrics

The debug_metrics block configures the metrics that this component generates to monitor its state.

The following arguments are supported:

NameTypeDescriptionDefaultRequired
disable_high_cardinality_metricsbooleanWhether to disable certain high cardinality metrics.trueno

disable_high_cardinality_metrics is the Alloy equivalent to the telemetry.disableHighCardinalityMetrics feature gate in the OpenTelemetry Collector. It removes attributes that could cause high cardinality metrics. For example, attributes with IP addresses and port numbers in metrics about HTTP and gRPC connections are removed.

Note

If configured, disable_high_cardinality_metrics only applies to otelcol.exporter.* and otelcol.receiver.* components.

keepalive

The keepalive block configures keepalive settings for connections to a gRPC server.

keepalive doesn’t support any arguments and is configured fully through inner blocks.

enforcement_policy

The enforcement_policy block configures the keepalive enforcement policy for gRPC servers. The server closes connections from clients that violate the configured policy.

The following arguments are supported:

NameTypeDescriptionDefaultRequired
min_timedurationMinimum time clients should wait before sending a keepalive ping."5m"no
permit_without_streambooleanAllow clients to send keepalive pings when there are no active streams.falseno

server_parameters

The server_parameters block controls keepalive and maximum age settings for gRPC servers.

The following arguments are supported:

NameTypeDescriptionDefaultRequired
max_connection_age_gracedurationTime to wait before forcibly closing connections."infinity"no
max_connection_agedurationMaximum age for non-idle connections."infinity"no
max_connection_idledurationMaximum age for idle connections."infinity"no
timedurationHow often to ping inactive clients to check for liveness."2h"no
timeoutdurationTime to wait before closing inactive clients that don’t respond to liveness checks."20s"no

tls

The tls block configures TLS settings used for a server. If the tls block isn’t provided, TLS won’t be used for connections to the server.

The following arguments are supported:

NameTypeDescriptionDefaultRequired
ca_filestringPath to the CA file.no
ca_pemstringCA PEM-encoded text to validate the server with.no
cert_filestringPath to the TLS certificate.no
cert_pemstringCertificate PEM-encoded text for client authentication.no
cipher_suiteslist(string)A list of TLS cipher suites that the TLS transport can use.[]no
client_ca_filestringPath to the TLS cert to use by the server to verify a client certificate.no
curve_preferenceslist(string)Set of elliptic curves to use in a handshake.[]no
include_system_ca_certs_poolbooleanWhether to load the system certificate authorities pool alongside the certificate authority.falseno
key_filestringPath to the TLS certificate key.no
key_pemsecretKey PEM-encoded text for client authentication.no
max_versionstringMaximum acceptable TLS version for connections."TLS 1.3"no
min_versionstringMinimum acceptable TLS version for connections."TLS 1.2"no
reload_intervaldurationThe duration after which the certificate is reloaded."0s"no

If reload_interval is set to "0s", the certificate never reloaded.

The following pairs of arguments are mutually exclusive and can’t both be set simultaneously:

  • ca_pem and ca_file
  • cert_pem and cert_file
  • key_pem and key_file

If cipher_suites is left blank, a safe default list is used. Refer to the Go Cipher Suites documentation for a list of supported cipher suites.

client_ca_file sets the ClientCA and ClientAuth to RequireAndVerifyClientCert in the TLSConfig. Refer to the Go TLS documentation for more information.

The curve_preferences argument determines the set of elliptic curves to prefer during a handshake in preference order. If not provided, a default list is used. The set of elliptic curves available are X25519, P521, P256, and P384.

tpm

The tpm block configures retrieving the TLS key_file from a trusted device.

The following arguments are supported:

NameTypeDescriptionDefaultRequired
authstringThe authorization value used to authenticate the TPM device.""no
enabledboolLoad the tls.key_file from TPM.falseno
owner_authstringThe owner authorization value used to authenticate the TPM device.""no
pathstringPath to the TPM device or Unix domain socket.""no

The trusted platform module (TPM) configuration can be used for loading TLS key from TPM. Currently only TSS2 format is supported.

The path attribute is not supported on Windows.

Example

alloy
otelcol.example.component "<LABEL>" {
    ...
    tls {
        ...
        key_file = "my-tss2-key.key"
        tpm {
            enabled = true
            path = "/dev/tpmrm0"
        }
    }
}

In the above example, the private key my-tss2-key.key in TSS2 format will be loaded from the TPM device /dev/tmprm0.

Exported fields

otelcol.receiver.opencensus doesn’t export any fields.

Component health

otelcol.receiver.opencensus is only reported as unhealthy if given an invalid configuration.

Debug information

otelcol.receiver.opencensus doesn’t expose any component-specific debug information.

Example

This example forwards received telemetry data through a batch processor before finally sending it to an OTLP-capable endpoint:

alloy
otelcol.receiver.opencensus "default" {
    cors_allowed_origins = ["https://*.test.com", "https://test.com"]

    endpoint  = "0.0.0.0:9090"
    transport = "tcp"

    max_recv_msg_size      = "32KB"
    max_concurrent_streams = "16"
    read_buffer_size       = "1024KB"
    write_buffer_size      = "1024KB"
    include_metadata       = true

    tls {
        cert_file = "test.crt"
        key_file  = "test.key"
    }

    keepalive {
        server_parameters {
            max_connection_idle      = "11s"
            max_connection_age       = "12s"
            max_connection_age_grace = "13s"
            time                     = "30s"
            timeout                  = "5s"
        }

        enforcement_policy {
            min_time              = "10s"
            permit_without_stream = true
        }
    }

    output {
        metrics = [otelcol.processor.batch.default.input]
        logs    = [otelcol.processor.batch.default.input]
        traces  = [otelcol.processor.batch.default.input]
    }
}

otelcol.processor.batch "default" {
    output {
        metrics = [otelcol.exporter.otlp.default.input]
        logs    = [otelcol.exporter.otlp.default.input]
        traces  = [otelcol.exporter.otlp.default.input]
    }
}

otelcol.exporter.otlp "default" {
    client {
        endpoint = sys.env("<OTLP_ENDPOINT>")
    }
}

Enable authentication

You can create a otelcol.receiver.opencensus component that requires authentication for requests. This is useful for limiting who can push data to the server.

Note

Not all OpenTelemetry Collector authentication plugins support receiver authentication. Refer to the documentation for each otelcol.auth.* component to determine its compatibility.

alloy
otelcol.receiver.opencensus "default" {
  auth = otelcol.auth.basic.creds.handler
}

otelcol.auth.basic "creds" {
    username = sys.env("USERNAME")
    password = sys.env("PASSWORD")
}

Compatible components

otelcol.receiver.opencensus can accept arguments from the following components:

Note

Connecting some components may not be sensible or components may require further configuration to make the connection work correctly. Refer to the linked documentation for more details.