Merge pull request #226424 from damendo/main

Court72 · web-flow · commit 6b8d02263652 · 2023-02-06T16:46:17.000-07:00
Adding ARM template
diff --git a/articles/azure-monitor/containers/container-insights-syslog.md b/articles/azure-monitor/containers/container-insights-syslog.md
@@ -25,6 +25,8 @@ Container Insights offers the ability to collect Syslog events from Linux nodes
   
 Use the following command in Azure CLI to enable syslog collection when you create a new AKS cluster.
 
+### Using Azure CLI commands
+
 ```azurecli
 az aks create -g syslog-rg -n new-cluster --enable-managed-identity --node-count 1 --enable-addons monitoring --enable-msi-auth-for-monitoring --enable-syslog --generate-ssh-key
 ```
@@ -35,6 +37,56 @@ Use the following command in Azure CLI to enable syslog collection on an existin
 az aks enable-addons -a monitoring --enable-msi-auth-for-monitoring --enable-syslog -g syslog-rg -n existing-cluster
 ```
 
+### Using ARM templates
+
+You can also use ARM templates for enabling syslog collection
+
+1. Download the template in the [GitHub content file](https://aka.ms/aks-enable-monitoring-msi-onboarding-template-file) and save it as **existingClusterOnboarding.json**.
+
+1. Download the parameter file in the [GitHub content file](https://aka.ms/aks-enable-monitoring-msi-onboarding-template-parameter-file) and save it as **existingClusterParam.json**.
+
+1. Edit the values in the parameter file:
+
+   - `aksResourceId`: Use the values on the **AKS Overview** page for the AKS cluster.
+   - `aksResourceLocation`: Use the values on the **AKS Overview** page for the AKS cluster.
+   - `workspaceResourceId`: Use the resource ID of your Log Analytics workspace.
+   - `resourceTagValues`: Match the existing tag values specified for the existing Container insights extension data collection rule (DCR) of the cluster and the name of the DCR. The name will be *MSCI-\<clusterName\>-\<clusterRegion\>* and this resource created in an AKS clusters resource group. If this is the first time onboarding, you can set the arbitrary tag values.
+   - `enableSyslog`: Set to true
+   - `syslogLevels`: Array of syslog levels to collect. Default collects all levels.
+   - `syslogFacilities`: Array of syslog facilities to collect. Default collects all facilities
+
+> [!NOTE]
+> Syslog level and facilities customization is currently only available via ARM templates.
+
+### Deploy the template
+
+Deploy the template with the parameter file by using any valid method for deploying Resource Manager templates. For examples of different methods, see [Deploy the sample templates](../resource-manager-samples.md#deploy-the-sample-templates).
+
+#### Deploy with Azure PowerShell
+
+```powershell
+New-AzResourceGroupDeployment -Name OnboardCluster -ResourceGroupName <ResourceGroupName> -TemplateFile .\existingClusterOnboarding.json -TemplateParameterFile .\existingClusterParam.json
+```
+
+The configuration change can take a few minutes to complete. When it's finished, a message similar to the following example includes this result:
+
+```output
+provisioningState       : Succeeded
+```
+
+#### Deploy with Azure CLI
+
+```azurecli
+az login
+az account set --subscription "Subscription Name"
+az deployment group create --resource-group <ResourceGroupName> --template-file ./existingClusterOnboarding.json --parameters @./existingClusterParam.json
+```
+
+The configuration change can take a few minutes to complete. When it's finished, a message similar to the following example includes this result:
+
+```output
+provisioningState       : Succeeded
+```
 
 ## How to access Syslog data
  
@@ -85,4 +137,3 @@ Select the minimum log level for each facility that you want to collect.
 
 - Read more about [Syslog record properties](/azure/azure-monitor/reference/tables/syslog)
 
-
