Grafana Cloud
Instrument and send data
Grafana Alloy
Reference
Components
otelcol
otelcol.receiver.opencensusotelcol.receiver.opencensus
Warning
The
otelcol.receiver.opencensuscomponent has been deprecated and will be removed in a future release. Useotelcol.reciver.otlpinstead.
otelcol.receiver.opencensus accepts telemetry data via gRPC or HTTP using the OpenCensus format and forwards it to other otelcol.* components.
Note
otelcol.receiver.opencensusis a wrapper over the upstream OpenTelemetry Collectoropencensusreceiver. Bug reports or feature requests will be redirected to the upstream repository, if necessary.
You can specify multiple otelcol.receiver.opencensus components by giving them different labels.
Usage
otelcol.receiver.opencensus "<LABEL>" {
output {
metrics = [...]
logs = [...]
traces = [...]
}
}Arguments
You can use the following arguments with otelcol.receiver.opencensus:
| Name | Type | Description | Default | Required |
|---|---|---|---|---|
auth | capsule(otelcol.Handler) | Handler from an otelcol.auth component to use for authenticating requests. | no | |
cors_allowed_origins | list(string) | A list of allowed Cross-Origin Resource Sharing (CORS) origins. | no | |
endpoint | string | host:port to listen for traffic on. | "0.0.0.0:55678" | no |
include_metadata | bool | Propagate incoming connection metadata to downstream consumers. | false | no |
max_concurrent_streams | number | Limit the number of concurrent streaming RPC calls. | no | |
max_recv_msg_size | string | Maximum size of messages the server will accept. | "4MiB" | no |
read_buffer_size | string | Size of the read buffer the gRPC server will use for reading from clients. | "512KiB" | no |
transport | string | Transport to use for the gRPC server. | "tcp" | no |
write_buffer_size | string | Size of the write buffer the gRPC server will use for writing to clients. | no |
cors_allowed_origins are the allowed CORS origins for HTTP/JSON requests.
An empty list means that CORS isn’t enabled at all. A wildcard (*) can be used to match any origin or one or more characters of an origin.
The “endpoint” parameter is the same for both gRPC and HTTP/JSON, as the protocol is recognized and processed accordingly.
To write traces with HTTP/JSON, POST to [address]/v1/trace.
The JSON message format parallels the gRPC protobuf format.
For details, refer to its OpenApi specification.
max_recv_msg_size, read_buffer_size and write_buffer_size are formatted in a way so that the units are included in the string, such as “512KiB” or “1024KB”.
Blocks
You can use the following blocks with otelcol.receiver.opencensus:
| Block | Description | Required |
|---|---|---|
output | Configures where to send received telemetry data. | yes |
debug_metrics | Configures the metrics that this component generates to monitor its state. | no |
keepalive | Configures keepalive settings for the configured server. | no |
keepalive > enforcement_policy | Enforcement policy for keepalive settings. | no |
keepalive > server_parameters | Server parameters used to configure keepalive settings. | no |
tls | Configures TLS for the gRPC server. | no |
tls > tpm | Configures TPM settings for the TLS key_file. | no |
The > symbol indicates deeper levels of nesting.
For example, keepalive > enforcesment_policy refers to an enforcement_policy block defined inside a keepalive block.
output
RequiredThe output block configures a set of components to forward resulting telemetry data to.
The following arguments are supported:
| Name | Type | Description | Default | Required |
|---|---|---|---|---|
logs | list(otelcol.Consumer) | List of consumers to send logs to. | [] | no |
metrics | list(otelcol.Consumer) | List of consumers to send metrics to. | [] | no |
traces | list(otelcol.Consumer) | List of consumers to send traces to. | [] | no |
You must specify the output block, but all its arguments are optional.
By default, telemetry data is dropped.
Configure the metrics, logs, and traces arguments accordingly to send telemetry data to other components.
debug_metrics
The debug_metrics block configures the metrics that this component generates to monitor its state.
The following arguments are supported:
| Name | Type | Description | Default | Required |
|---|---|---|---|---|
disable_high_cardinality_metrics | boolean | Whether to disable certain high cardinality metrics. | true | no |
disable_high_cardinality_metrics is the Alloy equivalent to the telemetry.disableHighCardinalityMetrics feature gate in the OpenTelemetry Collector.
It removes attributes that could cause high cardinality metrics.
For example, attributes with IP addresses and port numbers in metrics about HTTP and gRPC connections are removed.
Note
If configured,
disable_high_cardinality_metricsonly applies tootelcol.exporter.*andotelcol.receiver.*components.
keepalive
The keepalive block configures keepalive settings for connections to a gRPC server.
keepalive doesn’t support any arguments and is configured fully through inner blocks.
enforcement_policy
The enforcement_policy block configures the keepalive enforcement policy for gRPC servers.
The server closes connections from clients that violate the configured policy.
The following arguments are supported:
| Name | Type | Description | Default | Required |
|---|---|---|---|---|
min_time | duration | Minimum time clients should wait before sending a keepalive ping. | "5m" | no |
permit_without_stream | boolean | Allow clients to send keepalive pings when there are no active streams. | false | no |
server_parameters
The server_parameters block controls keepalive and maximum age settings for gRPC servers.
The following arguments are supported:
| Name | Type | Description | Default | Required |
|---|---|---|---|---|
max_connection_age_grace | duration | Time to wait before forcibly closing connections. | "infinity" | no |
max_connection_age | duration | Maximum age for non-idle connections. | "infinity" | no |
max_connection_idle | duration | Maximum age for idle connections. | "infinity" | no |
time | duration | How often to ping inactive clients to check for liveness. | "2h" | no |
timeout | duration | Time to wait before closing inactive clients that don’t respond to liveness checks. | "20s" | no |
tls
The tls block configures TLS settings used for a server.
If the tls block isn’t provided, TLS won’t be used for connections to the server.
The following arguments are supported:
| Name | Type | Description | Default | Required |
|---|---|---|---|---|
ca_file | string | Path to the CA file. | no | |
ca_pem | string | CA PEM-encoded text to validate the server with. | no | |
cert_file | string | Path to the TLS certificate. | no | |
cert_pem | string | Certificate PEM-encoded text for client authentication. | no | |
cipher_suites | list(string) | A list of TLS cipher suites that the TLS transport can use. | [] | no |
client_ca_file | string | Path to the TLS cert to use by the server to verify a client certificate. | no | |
curve_preferences | list(string) | Set of elliptic curves to use in a handshake. | [] | no |
include_system_ca_certs_pool | boolean | Whether to load the system certificate authorities pool alongside the certificate authority. | false | no |
key_file | string | Path to the TLS certificate key. | no | |
key_pem | secret | Key PEM-encoded text for client authentication. | no | |
max_version | string | Maximum acceptable TLS version for connections. | "TLS 1.3" | no |
min_version | string | Minimum acceptable TLS version for connections. | "TLS 1.2" | no |
reload_interval | duration | The duration after which the certificate is reloaded. | "0s" | no |
If reload_interval is set to "0s", the certificate never reloaded.
The following pairs of arguments are mutually exclusive and can’t both be set simultaneously:
ca_pemandca_filecert_pemandcert_filekey_pemandkey_file
If cipher_suites is left blank, a safe default list is used.
Refer to the Go Cipher Suites documentation for a list of supported cipher suites.
client_ca_file sets the ClientCA and ClientAuth to RequireAndVerifyClientCert in the TLSConfig.
Refer to the Go TLS documentation for more information.
The curve_preferences argument determines the set of elliptic curves to prefer during a handshake in preference order.
If not provided, a default list is used.
The set of elliptic curves available are X25519, P521, P256, and P384.
tpm
The tpm block configures retrieving the TLS key_file from a trusted device.
The following arguments are supported:
| Name | Type | Description | Default | Required |
|---|---|---|---|---|
auth | string | The authorization value used to authenticate the TPM device. | "" | no |
enabled | bool | Load the tls.key_file from TPM. | false | no |
owner_auth | string | The owner authorization value used to authenticate the TPM device. | "" | no |
path | string | Path to the TPM device or Unix domain socket. | "" | no |
The trusted platform module (TPM) configuration can be used for loading TLS key from TPM. Currently only TSS2 format is supported.
The path attribute is not supported on Windows.
Example
otelcol.example.component "<LABEL>" {
...
tls {
...
key_file = "my-tss2-key.key"
tpm {
enabled = true
path = "/dev/tpmrm0"
}
}
}In the above example, the private key my-tss2-key.key in TSS2 format will be loaded from the TPM device /dev/tmprm0.
Exported fields
otelcol.receiver.opencensus doesn’t export any fields.
Component health
otelcol.receiver.opencensus is only reported as unhealthy if given an invalid configuration.
Debug information
otelcol.receiver.opencensus doesn’t expose any component-specific debug information.
Example
This example forwards received telemetry data through a batch processor before finally sending it to an OTLP-capable endpoint:
otelcol.receiver.opencensus "default" {
cors_allowed_origins = ["https://*.test.com", "https://test.com"]
endpoint = "0.0.0.0:9090"
transport = "tcp"
max_recv_msg_size = "32KB"
max_concurrent_streams = "16"
read_buffer_size = "1024KB"
write_buffer_size = "1024KB"
include_metadata = true
tls {
cert_file = "test.crt"
key_file = "test.key"
}
keepalive {
server_parameters {
max_connection_idle = "11s"
max_connection_age = "12s"
max_connection_age_grace = "13s"
time = "30s"
timeout = "5s"
}
enforcement_policy {
min_time = "10s"
permit_without_stream = true
}
}
output {
metrics = [otelcol.processor.batch.default.input]
logs = [otelcol.processor.batch.default.input]
traces = [otelcol.processor.batch.default.input]
}
}
otelcol.processor.batch "default" {
output {
metrics = [otelcol.exporter.otlp.default.input]
logs = [otelcol.exporter.otlp.default.input]
traces = [otelcol.exporter.otlp.default.input]
}
}
otelcol.exporter.otlp "default" {
client {
endpoint = sys.env("<OTLP_ENDPOINT>")
}
}Enable authentication
You can create a otelcol.receiver.opencensus component that requires authentication for requests.
This is useful for limiting who can push data to the server.
Note
Not all OpenTelemetry Collector authentication plugins support receiver authentication. Refer to the documentation for each
otelcol.auth.*component to determine its compatibility.
otelcol.receiver.opencensus "default" {
auth = otelcol.auth.basic.creds.handler
}
otelcol.auth.basic "creds" {
username = sys.env("USERNAME")
password = sys.env("PASSWORD")
}Compatible components
otelcol.receiver.opencensus can accept arguments from the following components:
- Components that export OpenTelemetry
otelcol.Consumer
Note
Connecting some components may not be sensible or components may require further configuration to make the connection work correctly. Refer to the linked documentation for more details.
