The Data Streamer is an optional component that enables integration with SIEM (Security Information and Event Management) systems by forwarding audit logs. Configuration is split into two sections:
general.data_streamer: Controls global settings such as enabling the component and retry policies.deployments.data_streamer: Defines deployment-specific settings such as scaling, resource allocation, and health probes.
general:
data_streamer:
enabled: false # Enables or disables the Data Streamer deployment
authorization_header_name: Authorization # Header used for authentication
do_not_retry_on:
- 403 # HTTP status codes upon which retries will not be attemptedloglevel: INFO # Logging level
useJsonLogFormat: false # Enables structured JSON logging
replicas: 2rollout_strategy: "RollingUpdate" image:
repository: lightruncom/data-streamer # Docker image repository
tag: "rpk-4.45.1-alpine" # Image tag
pullPolicy: IfNotPresent # Image pull policy resources:
cpu: 100m # CPU limit
memory: 128Mi # Memory limit podLabels: {}
podAnnotations: {}
annotations: {} # Deployment annotations
extraEnvs: [] podSecurityContext: {}
containerSecurityContext: {} service:
annotations: {}
labels: {} extraVolumes: []
extraVolumeMounts: [] podDisruptionBudget: {} # [minAvailable|maxUnavailable] either integer or percentage
topologySpreadConstraints: []
affinity: {}
livenessProbe:
initialDelaySeconds: 10
periodSeconds: 20
timeoutSeconds: 10
successThreshold: 1
failureThreshold: 3
path: /ping
readinessProbe:
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 3
path: /ready