observIQ · jsirianni · Jan 30, 2026 · Jan 30, 2026 · Jan 30, 2026 · Jan 30, 2026
@@ -0,0 +1,72 @@
+name: Slack PR Review Notifications
+
+on:
+  issue_comment:
+    types: [created]
+  pull_request_review:
+    types: [submitted]
+  pull_request:
+    types: [closed]
+
+jobs:
+  # Handle @iris cr commands in PR comments
+  pr-notify:
+    name: PR Review Notification
+    # Only run on PR comments that mention the bot
+    if: |
+      github.event_name == 'issue_comment' &&
+      github.event.issue.pull_request &&
+      contains(github.event.comment.body, '@iris')
+    uses: observIQ/gha-workflows/.github/workflows/reusable-slack-pr-notify.yml@main
+    with:
+      comment_body: ${{ github.event.comment.body }}
+      pr_api_url: ${{ github.event.issue.pull_request.url }}
+      pr_labels: ${{ toJSON(github.event.issue.labels) }}
+      comment_id: ${{ github.event.comment.id }}
+    secrets:
+      SLACK_BOT_TOKEN: ${{ secrets.ORG_IRIS_SLACK_BOT_TOKEN }}
+      GHA_WORKFLOWS_TOKEN: ${{ secrets.ORG_BINDPLANE_BOT_PR_NOTIFY_TOKEN }}
+
+  # Add emoji reactions to Slack message when PR is reviewed
+  review-status:
+    name: Add Review Status Reaction
+    if: |
+      github.event_name == 'pull_request_review' &&
+      (github.event.review.state == 'approved' || github.event.review.state == 'changes_requested')
+    uses: observIQ/gha-workflows/.github/workflows/reusable-slack-pr-review-status.yml@main
+    with:
+      pr_number: ${{ github.event.pull_request.number }}
+      reaction_type: ${{ github.event.review.state }}
+    secrets:
+      SLACK_BOT_TOKEN: ${{ secrets.ORG_IRIS_SLACK_BOT_TOKEN }}
+      GHA_WORKFLOWS_TOKEN: ${{ secrets.ORG_BINDPLANE_BOT_PR_NOTIFY_TOKEN }}
+
+  # Add emoji reaction when PR is merged
+  pr-merged:
+    name: Add Merged Reaction
+    if: |
+      github.event_name == 'pull_request' &&
+      github.event.action == 'closed' &&
+      github.event.pull_request.merged == true
+    uses: observIQ/gha-workflows/.github/workflows/reusable-slack-pr-review-status.yml@main
+    with:
+      pr_number: ${{ github.event.pull_request.number }}
+      reaction_type: merged
+    secrets:
+      SLACK_BOT_TOKEN: ${{ secrets.ORG_IRIS_SLACK_BOT_TOKEN }}
+      GHA_WORKFLOWS_TOKEN: ${{ secrets.ORG_BINDPLANE_BOT_PR_NOTIFY_TOKEN }}
+
+  # Add emoji reaction when PR is closed without merging
+  pr-closed:
+    name: Add Closed Reaction
+    if: |
+      github.event_name == 'pull_request' &&
+      github.event.action == 'closed' &&
+      github.event.pull_request.merged == false
+    uses: observIQ/gha-workflows/.github/workflows/reusable-slack-pr-review-status.yml@main
+    with:
+      pr_number: ${{ github.event.pull_request.number }}
+      reaction_type: closed
+    secrets:
+      SLACK_BOT_TOKEN: ${{ secrets.ORG_IRIS_SLACK_BOT_TOKEN }}
+      GHA_WORKFLOWS_TOKEN: ${{ secrets.ORG_BINDPLANE_BOT_PR_NOTIFY_TOKEN }}
@@ -0,0 +1,106 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code when working with the Blitz repository.
+
+## Repository Overview
+
+Blitz is an open-source load generation tool for testing OpenTelemetry collectors. It generates synthetic log data in various formats and sends it to configurable destinations.
+
+## Architecture
+
+### Generators (`generator/`)
+
+Each generator creates a specific log format:
+- `json/` - Structured JSON logs (supports `default` and `pii` log types)
+- `winevt/` - Windows Event logs
+- `paloalto/` - Palo Alto firewall logs
+- `apache/` - Apache Common Log Format
+- `apache_combined/` - Apache Combined Log Format
+- `apache_error/` - Apache Error logs
+- `nginx/` - NGINX logs
+- `postgres/` - PostgreSQL logs
+- `kubernetes/` - Kubernetes container logs (CRI-O format)
+- `filegen/` - File-based log generation
+
+### Outputs (`output/`)
+
+Outputs send generated logs to destinations:
+- `stdout/` - Standard output
+- `tcp/` - TCP socket
+- `udp/` - UDP socket
+- `syslog/` - Syslog protocol
+- `otlp/` - OpenTelemetry Protocol (gRPC)
+- `file/` - File output with rotation
+
+## Important: Keeping Docker Telemetry Generator in Sync
+
+When adding a new generator to Blitz, you **MUST** also update the Docker telemetry generator setup:
+
+### Files to Update
+
+1. **`docker/docker-compose.telemetry-generator.yml`**
+   - Add a new service block for the generator following the existing pattern
+   - Use the `x-blitz-common` anchor for common configuration
+   - Set appropriate environment variables for the generator type
+
+2. **`docker/README.md`**
+   - Add the new generator to the "Included Generators" table
+   - Update the architecture diagram if needed
+
+3. **`docs/generator/<name>.md`**
+   - Create documentation for the new generator
+
+### Example: Adding a New Generator
+
+When adding a generator called `syslog-rfc5424`, update docker-compose:
+
+```yaml
+  # Syslog RFC5424 Log Generator
+  blitz-syslog-rfc5424:
+    <<: *blitz-common
+    environment:
+      BLITZ_GENERATOR_TYPE: syslog-rfc5424
+      BLITZ_GENERATOR_SYSLOGRFC5424_WORKERS: ${BLITZ_WORKERS:-1}
+      BLITZ_GENERATOR_SYSLOGRFC5424_RATE: ${BLITZ_RATE:-1s}
+      BLITZ_OUTPUT_TYPE: otlp-grpc
+      BLITZ_OUTPUT_OTLPGRPC_HOST: bdot-collector
+      BLITZ_OUTPUT_OTLPGRPC_PORT: "4317"
+```
+
+## PII Generator
+
+The JSON generator supports a `pii` log type that generates 37 different sensitive data types. When adding new PII types:
+
+1. Update `internal/generator/logtypes/types.go` - Add field to `PIILogData` struct
+2. Update `internal/generator/logtypes/pii.go` - Add generator function and call it in `GeneratePIIData()`
+3. Update `generator/json/json.go` - Add field to JSON output in `formatAsJSON()`
+4. Update `docs/generator/json.md` - Document the new PII type
+
+## Common Commands
+
+```bash
+# Build
+make build
+
+# Run tests
+make test
+
+# Run linter
+make lint
+
+# Security scan
+make security
+
+# Generate man pages
+make man
+
+# Generate shell completions
+make completion
+```
+
+## Code Style
+
+- Use lowercase "Bindplane" (not "BindPlane") in all documentation and comments
+- Follow existing patterns for new generators
+- Include metrics for new components
+- Add tests for new functionality
@@ -0,0 +1,124 @@
+# Telemetry Generator
+
+A Docker Compose setup that runs all Blitz log generators simultaneously and sends telemetry to Bindplane via a Bindplane Agent.
+
+## Architecture
+
+```
+┌─────────────────┐
+│   blitz-json    │──┐
+├─────────────────┤  │
+│   blitz-pii     │──┤  (10x workers - 37 PII types)
+├─────────────────┤  │
+│  blitz-winevt   │──┤
+├─────────────────┤  │
+│ blitz-palo-alto │──┤
+├─────────────────┤  │    ┌──────────────────┐    ┌─────────────────┐
+│ blitz-apache-*  │──┼───►│  BDOT Collector  │───►│    Bindplane    │
+├─────────────────┤  │    │  (OTLP receiver) │    │     (OpAMP)     │
+│   blitz-nginx   │──┤    └──────────────────┘    └─────────────────┘
+├─────────────────┤  │
+│ blitz-postgres  │──┤
+├─────────────────┤  │
+│ blitz-kubernetes│──┘
+└─────────────────┘
+```
+
+## Prerequisites
+
+- Docker and Docker Compose
+- Bindplane instance with OpAMP enabled
+- Bindplane secret key
+
+## Quick Start
+
+```bash
+# From the blitz repo root directory
+OPAMP_ENDPOINT=wss://your-bindplane.com/v1/opamp \
+OPAMP_SECRET_KEY=your-secret-key \
+docker compose -f docker/docker-compose.telemetry-generator.yml up
+```
+
+## Configuration
+
+### Required Environment Variables
+
+| Variable | Description | Example |
+|----------|-------------|---------|
+| `OPAMP_ENDPOINT` | Bindplane OpAMP WebSocket endpoint | `wss://app.bindplane.com/v1/opamp` |
+| `OPAMP_SECRET_KEY` | Bindplane secret key for authentication | `your-secret-key` |
+
+### Optional Environment Variables
+
+| Variable | Default | Description |
+|----------|---------|-------------|
+| `BLITZ_RATE` | `1s` | Log generation rate per generator |
+| `BLITZ_WORKERS` | `1` | Number of workers per generator |
+| `BLITZ_PII_WORKERS` | `10` | Number of workers for PII generator (10x default for comprehensive testing) |
+
+### Examples
+
+**Increase log generation rate:**
+```bash
+OPAMP_ENDPOINT=wss://your-bindplane.com/v1/opamp \
+OPAMP_SECRET_KEY=your-secret-key \
+BLITZ_RATE=100ms \
+docker compose -f docker/docker-compose.telemetry-generator.yml up
+```
+
+**Run with more workers:**
+```bash
+OPAMP_ENDPOINT=wss://your-bindplane.com/v1/opamp \
+OPAMP_SECRET_KEY=your-secret-key \
+BLITZ_WORKERS=3 \
+docker compose -f docker/docker-compose.telemetry-generator.yml up
+```
+
+**Run in background:**
+```bash
+OPAMP_ENDPOINT=wss://your-bindplane.com/v1/opamp \
+OPAMP_SECRET_KEY=your-secret-key \
+docker compose -f docker/docker-compose.telemetry-generator.yml up -d
+```
+
+## Included Generators
+
+| Generator | Log Type | Description |
+|-----------|----------|-------------|
+| `blitz-json` | JSON | Structured JSON logs |
+| `blitz-pii` | PII | JSON logs with 37 PII types (SSN, credit card, email, passport, API keys, JWT, etc.) - runs at 10x rate |
+| `blitz-winevt` | Windows Event | Windows Event logs in XML format |
+| `blitz-palo-alto` | Palo Alto | Firewall syslog entries |
+| `blitz-apache-common` | Apache Common | Apache Common Log Format (CLF) |
+| `blitz-apache-combined` | Apache Combined | Apache Combined Log Format with referer/user-agent |
+| `blitz-apache-error` | Apache Error | Apache error log format |
+| `blitz-nginx` | NGINX | NGINX Combined Log Format |
+| `blitz-postgres` | PostgreSQL | PostgreSQL database logs |
+| `blitz-kubernetes` | Kubernetes | Container logs in CRI-O format |
+
+## Running Individual Generators
+
+To run only specific generators:
+
+```bash
+OPAMP_ENDPOINT=wss://your-bindplane.com/v1/opamp \
+OPAMP_SECRET_KEY=your-secret-key \
+docker compose -f docker/docker-compose.telemetry-generator.yml up bdot-collector blitz-json blitz-nginx
+```
+
+## Stopping
+
+```bash
+docker compose -f docker/docker-compose.telemetry-generator.yml down
+```
+
+## Files
+
+| File | Description |
+|------|-------------|
+| `docker-compose.telemetry-generator.yml` | Docker Compose configuration |
+| `collector-config.yaml` | Bindplane Agent OTLP receiver configuration |
+
+## Kubernetes Deployment
+
+For Kubernetes deployment, see the `app/telemetry-generator/` directory in the [iris-cluster-config](https://github.com/observIQ/iris-cluster-config) repository.
@@ -0,0 +1,38 @@
+# BDOT Collector Configuration for Telemetry Generator
+#
+# This is a minimal configuration that enables the OTLP receiver.
+# The actual export configuration will be managed by Bindplane via OpAMP.
+#
+# When connected to Bindplane via OpAMP, the configuration will be replaced
+# with the configuration pushed from Bindplane.
+
+receivers:
+  otlp:
+    protocols:
+      grpc:
+        endpoint: 0.0.0.0:4317
+      http:
+        endpoint: 0.0.0.0:4318
+
+processors:
+  batch:
+    timeout: 5s
+    send_batch_size: 1000
+
+exporters:
+  # Debug exporter for initial testing - Bindplane will configure actual exporters via OpAMP
+  debug:
+    verbosity: basic
+    sampling_initial: 5
+    sampling_thereafter: 200
+
+service:
+  pipelines:
+    logs:
+      receivers: [otlp]
+      processors: [batch]
+      exporters: [debug]
+
+  telemetry:
+    metrics:
+      level: none