NerdGraph tutorial: Stream your data to an AWS Kinesis Firehose, Azure Event Hub, or GCP Pub/Sub
With the streaming export feature available through Data Plus, you can send your data to AWS Kinesis Firehose, Azure Event Hub, or GCP Pub/Sub by creating custom rules using NRQL to specify which data should be exported. This guide explains how to create and update streaming rules using NerdGraph and view the existing rules. You can use the NerdGraph explorer to make these calls. Additionally, you have the option to compress the data before exporting with the Export Compression feature.
Here are some examples of how you can use the streaming export feature:
To populate a data lake
Enhance AI/ML training
Ensure long-term retention for compliance, legal, or security reasons
You can enable or disable streaming export rules at any time. However, be aware that streaming export only processes currently ingested data. If you disable and later re-enable the feature, any data ingested while it was off will not be exported. To export past data, you should use the Historical data export feature.
Requirements and limits
Limits on streamed data: The amount of data you can stream per month is limited by your total ingested data per month. If your streaming data amount exceeds your ingested data amount, we may suspend your access to and use of streaming export.
You must have an AWS Kinesis Firehose, Azure Event Hub, or GCP Pub/Sub set up to receive New Relic data. If you haven't already done this, you can follow our steps below for AWS, Azure or GCP Pub/Sub.
NRQL requirements:
Must be flat queries, with no aggregation. For example, SELECT * or SELECT column1, column2 forms are supported.
Applicable for anything in the WHERE clause, except subqueries.
Query cannot have a FACET clause, COMPARE WITH, or LOOKUP.
Specifies the AWS region where the resources are deployed.
For example: us-east-1.
awsParameters.role
String
Yes
Specifies the AWS IAM role configured for New Relic. This will always be firehose-role.
Sample request
mutation{
streamingExportCreateRule(
accountId:YOUR_NR_ACCOUNT_ID
ruleParameters:{
description:"ADD_RULE_DESCRIPTION"
name:"PROVIDE_RULE_NAME"
nrql:"SELECT * FROM NodeStatus"
payloadCompression:DISABLED
}
awsParameters:{
awsAccountId:"YOUR_AWS_ACCOUNT_ID"
deliveryStreamName:"FIREHOSE_STREAM_NAME"
region:"SPECIFY_AWS_REGION"
role:"firehose-role"
}
){
id
status
}
}
Response: You receive a response with the rule ID and status. The status will be CREATION_IN_PROGRESS initially, and it can take up to six minutes for the rule to complete creation. Points to note:
Before the rule finishes registering, you can't initiate another mutation action (like Enable, Disable, or Update) because the rule is locked for the creation process. If you try another mutation action before the rule completes the registration process, you'll get a message like, "The export rule is currently being updated by another request, please wait and try again later."
You can use Delete at any time.
The creation can finish and change the status at any time within the roughly six minutes required for rule creation. The status will change to ENABLED, DISABLED, or CREATION_FAILED.
See these details on the values:
ENABLED means the rule is created successfully and data has started to be streamed.
CREATION_FAILED means the rule failed on creation. This can happen for several reasons, but is often due to AWS policy or Azure SAS validation failing.
DISABLED means the rule is created but is not enabled yet due to reasons such as filter stream limit being reached, or failing on filter stream rule creation. If the status still remains as CREATION_IN_PROGRESS after six minutes, that means the rule creation failed due to a system error on our service. You can delete the rule and try to create a new one again.
This API allows you to retrieve a comprehensive list of all stream rules associated with your account ID.
Sample request
{
actor{
account(id:YOUR_NR_ACCOUNT_ID){
streamingExport{
streamingRules{
aws{
awsAccountId
region
deliveryStreamName
role
}
createdAt
description
id
message
name
nrql
status
updatedAt
payloadCompression
}
}
}
}
}
This API allows you to query information about a specific stream rule by providing the account ID and rule ID.
Sample request
{
actor{
account(id:YOUR_NR_ACCOUNT_ID){
streamingExport{
streamingRule(id:"RULE_ID"){
aws{
awsAccountId
deliveryStreamName
region
role
}
createdAt
description
id
message
name
nrql
status
updatedAt
payloadCompression
}
}
}
}
}
This API allows you to modify an existing streaming export rule.
Input parameters
Parameter
Data Type
Is it Required?
Description
id
ID
Yes
The id of the streaming rule to update.
ruleParameters.description
String
No
A brief description of the rule. Use this to provide any additional information or context about the export rule.
Specifies the AWS region where the resources are deployed.
For example: us-east-1.
awsParameters.role
String
Yes
Specifies the AWS IAM role configured for New Relic. This will always be firehose-role.
Sample request
mutation{
streamingExportUpdateRule(
id:RULE_ID
ruleParameters:{
description:"ADD_RULE_DESCRIPTION"
name:"PROVIDE_RULE_NAME"
nrql:"YOUR_NRQL_QUERY"
payloadCompression:DISABLED
}
awsParameters:{
awsAccountId:"YOUR_AWS_ACCOUNT_ID"
deliveryStreamName:"FIREHOSE_STREAM_NAME"
region:"SPECIFY_AWS_REGION"
role:"firehose-role"
}
){
id
status
}
}
Response: You receive a response with the rule ID and status. Points to note:
When updating, you'll get a message in the message field: “The export rule is being updated and the process may take a few minutes to complete. Please check again later.” It can take up to six minutes to be fully updated.
You can check whether the rule is updated by calling streamingRule to retrieve the rule. During the period that the rule is under updating, the rule is locked, and no other mutation action can act on the rule. If you are trying to perform another mutation action on the same rule, you will get a message saying, “The export rule is currently being updated by another request, please wait and try again later.” A user can update a rule of any status except a deleted rule.
This API allows you to enable an existing streaming rule, facilitating the continuous export of data for real-time processing and integration with other services.
Input parameters
Parameter
Data Type
Is it Required?
Description
id
ID
Yes
The id of the streaming rule to enable.
Sample request
mutation{
streamingExportEnableRule(id:RULE_ID){
id
status
message
}
}
Response: If you're trying to enable a rule that's in another state, it returns the error message like, "The export rule can't be enabled or disabled due to status not being allowed." You can't enable the rule if the rule is locked due to another mutation being done.
Importante
You can only enable the rule when it has a status of DISABLED.
This API allows you to disable an existing streaming rule, stopping the continuous export of data.
Input parameters
Parameter
Data Type
Is it Required?
Description
id
ID
Yes
The id of the streaming rule to disable.
Sample request
mutation{
streamingExportDisableRule(id:RULE_ID){
id
status
message
}
}
Response: If you're trying to disable a rule that's in another state, it returns the error message like, "The export rule can't be enabled or disabled due to status not being allowed." You can't disable the rule if the rule is locked due to another mutation being done.
Importante
You can only disable the rule when it has a status of ENABLED.
This API allows you to delete a streaming rule and stop all data export related to that rule.
Input parameters
Parameter
Data Type
Is it Required?
Description
id
ID
Yes
The id of the streaming rule to delete.
Sample request
mutation{
streamingExportDeleteRule(id:RULE_ID){
id
}
}
Importante
Deleting can be performed on a rule of any status unless it's already deleted. Once a rule is deleted, it can't be reactivated again. The rule can be still viewed within the first 24 hours after deletion by calling the steamingRule API with the rule ID. After 24 hours, the rule won't be searchable anymore through NerdGraph.
Set up an Azure Event Hub
To set up streaming data export to Azure, you must first set up an Event Hub. Follow these steps:
Alternatively, you can follow the Azure guide here.
Create an Event Hubs namespace
From your Microsoft Azure account, navigate to Event Hubs.
Follow the steps to create an Event Hubs namespace. We recommend enabling auto-inflate to ensure you receive all of your data.
Ensure public access is enabled, as we will use a Shared Access Policy to securely authenticate with your Event Hub.
Once your Event Hubs namespace is deployed, click Go to resource.
Create an Event Hub
In the left column, click Event Hubs.
To create an Event Hub, click +Event Hub.
Enter the desired Event Hub Name. Save this, as you need it later to create the streaming export rule.
For Retention, select DeleteCleanup policy and desired Retention time (hrs).
Importante
Streaming export is currently not supported for Event Hubs with Compact retention policy.
Once the Event Hub is created, click Event Hub.
Create and attach a shared access policy
In the left column, go to Shared access policies.
Click +Add near the top of the page.
Choose a name for your shared access policy.
Check Send, and click Create.
Click the created policy, and copy the Connection string–primary key. Save this, as you need it later to authenticate and send data to your Event Hub.
When you're done with these steps, you can set up your export rules using NerdGraph.
This API allows you to create a streaming export rule to send data to an Azure Event Hub.
DISABLED: By default, payloads will not be compressed before being exported.
GZIP: Select this to compress payloads before being exported.
azureParameters.eventHubConnectionString
String
Yes
This parameter is the connection string which provides access to a specific Event Hub.
Looks similar to: Endpoint=sb://<NamespaceName>.servicebus.windows.net/;SharedAccessKeyName=<KeyName>;SharedAccessKey=<KeyValue>;EntityPath=<EventHubName>
azureParameters.eventHubName
String
Yes
This parameter specifies the name of the Event Hub where events will be sent and processed.
For example: my-event-hub.
Response: You receive a response with the rule ID and status. The status will be CREATION_IN_PROGRESS initially, and it can take up to six minutes for the rule to complete creation.
This API allows you to retrieve a comprehensive list of all stream rules associated with your account ID.
Sample request
{
actor{
account(id:YOUR_NR_ACCOUNT_ID){
streamingExport{
streamingRules{
azure{
eventHubConnectionString
eventHubName
}
createdAt
description
id
message
name
nrql
status
updatedAt
payloadCompression
}
}
}
}
}
This API allows you to query information about a specific stream rule by providing the account ID and rule ID.
Sample request
{
actor{
account(id:YOUR_NR_ACCOUNT_ID){
streamingExport{
streamingRule(id:"RULE_ID"){
azure{
eventHubConnectionString
eventHubName
}
createdAt
description
id
message
name
nrql
status
updatedAt
payloadCompression
}
}
}
}
}
This API allows you to modify an existing streaming export rule.
Input parameters
Parameter
Data Type
Is it Required?
Description
id
ID
Yes
The id of the streaming rule to update.
ruleParameters.description
String
No
A brief description of the rule. Use this to provide any additional information or context about the export rule.
DISABLED: By default, payloads will not be compressed before being exported.
GZIP: Select this to compress payloads before being exported.
azureParameters.eventHubConnectionString
ID
Yes
This parameter is the connection string which provides access to a specific Event Hub.
Looks similar to: Endpoint=sb://<NamespaceName>.servicebus.windows.net/;SharedAccessKeyName=<KeyName>;SharedAccessKey=<KeyValue>;EntityPath=<EventHubName>
azureParameters.eventHubName
String
Yes
This parameter specifies the name of the Event Hub where events will be sent and processed.
For example: my-event-hub.
Response: You receive a response with the rule ID and status.
To enable an existing streaming rule, facilitating the continuous export of data for real-time processing and integration with other services, refer here.
To disable an existing streaming rule, stopping the continuous export of data, refer here.
To delete a streaming rule and stop all data export related to that rule, refer here.
Set up a GCP Pub/Sub
To set up streaming data export to GCP, you must first set up a Pub/Sub. Follow these steps:
Create a Pub/Sub topic
Form your GCP Console, navigate to the Pub/Sub page.
Click Create topic.
Enter a topic ID and click Create.
Set up permissions on Pub/Sub
In the right column of the created topic, click More actions.
Select View permissions.
Click Add Principal, and in the new principals box, enter the service account email provided by us:
US Region: us-prod-uds-streaming-export@h0c17c65df9291b526b433650e6a0a.iam.gserviceaccount.com
EU Region: eu-prod-uds-streaming-export@h0c17c65df9291b526b433650e6a0a.iam.gserviceaccount.com
Under Assign roles section, search for Pub/Sub Publisher and click Save.
When you're done with these steps, you can set up your export rules using NerdGraph.
This API allows you to create a streaming export rule to send data to GCP Pub/Sub.
DISABLED: By default, payloads will not be compressed before being exported.
GZIP: Select this to compress Payloads before being exported.
gcpParameters.gcpProjectId
String
Yes
This parameter represents the unique identifier for your GCP project.
For example: google-project-id
gcpParameters.pubsubTopicId
String
Yes
This parameter specifies the topic in GCP Pub/Sub, used for sending and receiving messages within your cloud applications.
For example: pub-sub-topic-id.
Sample request
mutation{
streamingExportCreateRule(
accountId:YOUR_NR_ACCOUNT_ID
ruleParameters:{
description:"ADD_RULE_DESCRIPTION"
name:"PROVIDE_RULE_NAME"
nrql:"SELECT * FROM NodeStatus"
payloadCompression:DISABLED
}
gcpParameters:{
gcpProjectId:"project-id"
pubsubTopicId:"pub-sub-topic-id"
}
){
id
status
}
}
Response: You receive a response with the rule ID and status. The status will be CREATION_IN_PROGRESS initially, and it can take up to six minutes for the rule to complete creation.
This API allows you to retrieve a comprehensive list of all stream rules associated with your account ID.
Sample request
{
actor{
account(id:YOUR_NR_ACCOUNT_ID){
streamingExport{
streamingRules{
gcp{
gcpProjectId
pubsubTopicId
}
createdAt
description
id
message
name
nrql
status
updatedAt
payloadCompression
}
}
}
}
}
This API allows you to query information about a specific stream rule by providing the account ID and rule ID.
Sample request
{
actor{
account(id:YOUR_NR_ACCOUNT_ID){
streamingExport{
streamingRule(id:"RULE_ID"){
gcp{
gcpProjectId
pubsubTopicId
}
createdAt
description
id
message
name
nrql
status
updatedAt
payloadCompression
}
}
}
}
}
This API allows you to modify an existing streaming export rule.
Input parameters
Parameter
Data Type
Is it Required?
Description
id
ID
Yes
The id of the streaming rule to update.
ruleParameters.description
String
No
A brief description of the rule. Use this to provide any additional information or context about the export rule.
DISABLED: By default, payloads will not be compressed before being exported.
GZIP: Select this to compress payloads before being exported.
gcpParameters.gcpProjectId
String
Yes
This parameter represents the unique identifier for your Google Cloud Platform (GCP) project.
For example: google-project-id
gcpParameters.pubsubTopicId
String
Yes
This parameter specifies the topic in Google Cloud Pub/Sub, used for sending and receiving messages within your cloud applications.
For example: pub-sub-topic-id.
Sample request
mutation{
streamingExportUpdateRule(
id:RULE_ID
ruleParameters:{
description:"ADD_RULE_DESCRIPTION"
name:"PROVIDE_RULE_NAME"
nrql:"YOUR_NRQL_QUERY"
payloadCompression:DISABLED
}
gcpParameters:{
gcpProjectId:"project-id"
pubsubTopicId:"pub-sub-topic-id"
}
){
id
status
}
}
Response: You receive a response with the rule ID and status.
To enable an existing streaming rule, facilitating the continuous export of data for real-time processing and integration with other services, refer here.
To disable an existing streaming rule, stopping the continuous export of data, refer here.
To delete a streaming rule and stop all data export related to that rule, refer here.
Understand export compression
You can choose to compress data before exporting it. This feature is off by default. Compressing can help prevent exceeding your data limit and lower outbound data costs.
You can enable compression using the payloadCompression field under ruleParameters. This field can be any of the following values:
DISABLED: Payloads will not be compressed before being exported. If unspecified, payloadCompression will default to this value.
GZIP: Compress payloads with the GZIP format before exporting.
GZIP is the only compression format currently available, though we may choose to make more formats available in the future.
When compression is enabled on an existing AWS export rule, the next message from Kinesis Firehose may contain both compressed and uncompressed data. This is due to buffering within Kinesis Firehose. To avoid this, you can temporarily disable the export rule before enabling compression, or create a new Kinesis Firehose stream for the compressed data alone to flow through.
If you do encounter this issue and you're exporting to S3 or another file storage system, you can view the compressed part of the data by following these steps:
Manually download the object.
Separate the object into two separate files by copying the compressed data into a new file.
Decompress the new, compressed-only data file.
Once you have the compressed data, you can re-upload it to S3 (or whatever other service you're using) and delete the old file.
Please be aware that in S3 or another file storage system, objects may consist of multiple GZIP-encoded payloads that are appended consecutively. Therefore, your decompression library should have the capability to handle such concatenated GZIP payloads.
Automatic decompression in AWS
Once your data has arrived in AWS, you may want options to automatically decompress it. If you're streaming that data to an S3 bucket, there are two ways to enable automatic decompression:
Access points function as separate methods by which objects in S3 buckets can be accessed and downloaded. AWS supplies a feature called Object Lambda access points, which perform a Lambda function on each S3 object accessed via the access point. Follow these steps to enable such an access point:
Navigate to this page, click the link to the serverless repo.
The Supporting Access Point on this Lambda access point will need to be set to the access point you set up on the S3 bucket.
Under Transformation Configuration:
Select GetObject.
Specify the DecompressGZFunction Lambda function, or another necessary function if using a different compression format.
AWS will automatically decompress objects downloaded from S3, if those objects have the correct metadata set. We have written a function that automatically applies this metadata to every new object downloaded to a set S3 object. Here's how to set it up:
Navigate here, clone the repository locally, and follow the provided steps in the README file to generate a ZIP file containing the lambda function.
Click Change default execution role > Use an existing role. Enter the role you created in step 2 here.
Scroll down and click Create function.
Once the function has been created, click Upload from and select .zip or .jar file from the dropdown.
Click Upload from the box that pops up, and select the ZIP file created in step 1.
Once the upload has finished, click Save to exit the pop-up box.
Edit Runtime settings by adding the handler. In our provided function the handler is metadatasetter.App::handleRequest.
All that's left to do now is enable this Lambda function to trigger on S3 object creation. Click Add trigger to start setting that up.
From the dropdown, select S3 as your source.
Enter the name of the S3 bucket you'd like to apply the metadata to in the Bucket field.
Remove the default All object create events from the event types. From the Event types dropdown, select PUT.
Check the Recursive invocation box, then click Add in the bottom right.
The Lambda function will now start automatically adding the compression metadata to all newly added S3 objects.
Automatic decompression in Azure
If you're exporting data to Azure, it's possible to view decompressed versions of the objects stored in your event hub using a Stream Analytics Job. To do so, follow these steps:
On step 13, you may choose to use the same event hub as the output without breaking anything, but this is not recommended if you intend to proceed to step 17 and start the job, as this approach has not been tested.
In the left pane of your streaming analytics job, click Inputs, then click the input you set up.
Scroll down to the bottom of the pane that appears on the right, and configure the input with these settings:
Event serialization format: JSON
Encoding: UTF-8
Event compression type: GZip
Click Save at the bottom of the pane.
Click Query on the side of the screen.
Using the Input preview tab, you should now be able to query the event hub from this screen.
Automatic decompression in GCP
In GCP Cloud Storage, objects will automatically decompress when downloaded if the metadata is set to Content-Encoding: gzip. For more details, check the GCP documentation.