Chipper Access
Before Chipper can read logs from your Azure Blob Storage, you need to generate storage account credentials. This one-time setup allows Chipper to securely access your log files.
Prerequisites
Before setting up Azure Blob integration, you’ll need:
- An Azure account with access to create/manage storage
- A Storage account (General Purpose v2 is fine)
Step 1: Create a Blob Container
- Log in to Azure Portal.
- Navigate to your Storage Account.
- Example:
hardwarestorage
- Example:
- In the left menu, under Data storage, click Containers.
- Click + Container at the top.
- Fill in:
- Name:
logs(or similar) - Public access level: Private (no anonymous access)
- Leave other options as defaults
- Name:
- Click Create.
Your container is now ready to store log files.
Step 2: Prepare for Chipper Access
Your storage container will need to allow for public network access in order for authorized external systems to read files. Note that this does not mean anyone can access your logs, it just allows for authorized systems to.
- In the Azure porta, go to the storage container
- On the Security + networking tab, go to the Networking page and allow for public access
- Click Save
Step 3: Generate a SAS Token
- In the Azure Portal, go to your Storage Account.
- Under Data storage, click Containers.
- Select the container you just created (e.g.,
logs). - At the top, click Shared access tokens.
- Configure the SAS token with the following fields:
- Signing method:
Account key - Signing key:
Key 1(default) - Permissions: check ✅
Readand ✅List - Start and expiry date/time:
- Start: today
- Expiry: choose a future date (e.g., 1–3 years, depending on policy)
- Allowed IP addresses: leave blank (or restrict if required)
- Allowed protocols:
HTTPS only
- Click Generate SAS token and URL.
- Copy the Blob SAS URL, which looks like:
sp=rl&st=<start_timestamp>&se=<end_timestamp>&spr=https&sv=2024-11-04&sr=c&sig=<token> - Use this SAS Token when creating the Chipper Log Source