Skip to main content

Step 2: Route by Geographic Region

In addition to routing on content like severity, a critical routing pattern is based on geography. For regulations like GDPR, you must ensure that data from a specific region is handled in a compliant way.

This step teaches you how to add a geographic routing rule that takes precedence over your existing severity-based rules.

The Goal

You will modify your switch output so that any message with region: "EU" is sent to a special, dedicated destination for GDPR compliance, regardless of its severity. All non-EU data will continue to be routed by severity as before.

Implementation

  1. Start with the Previous Pipeline: Copy the severity-router.yaml from Step 1 to a new file named geo-router.yaml.

    cp severity-router.yaml geo-router.yaml

  2. Add the Geographic Routing Rule: Open geo-router.yaml and add a new case to the top of your switch block. Because the switch stops at the first match, placing this rule at the top gives it the highest priority.

    Modify the 'output' in geo-router.yaml
    output:
      switch:
        cases:
          # --- START: New addition ---
          # Case 1: Handle all EU data first for GDPR compliance.
          - check: this.region == "EU"
            output:
              file:
                path: /tmp/eu-data.jsonl # A dedicated, compliant destination
                codec: lines
          # --- END: New addition ---

          # Case 2: Handle CRITICAL events (for non-EU data)
          - check: this.severity == "CRITICAL"
            output:
              file: # Your PagerDuty/alerting output from Step 1
                path: /tmp/critical.jsonl
                codec: lines

          # Case 3: Handle WARN events (for non-EU data)
          - check: this.severity == "WARN"
            output:
              file: # Your Slack/monitoring output from Step 1
                path: /tmp/warnings.jsonl
                codec: lines

          # Case 4 (Default): Handle all other non-EU events
          - output:
              file: # Your Elasticsearch/logging output from Step 1
                path: /tmp/other.jsonl
                codec: lines

  3. Deploy and Test:

    # Send a CRITICAL event from the EU region
    curl -X POST http://localhost:8080/events \
      -H "Content-Type: application/json" \
      -d '{"region": "EU", "severity": "CRITICAL", "message": "This must go to the EU file"}'

    # Send a CRITICAL event from the US region
    curl -X POST http://localhost:8080/events \
      -H "Content-Type: application/json" \
      -d '{"region": "US", "severity": "CRITICAL", "message": "This must go to the critical file"}'

  4. Verify: Check your output files.

    • The first event, despite being CRITICAL, will be in eu-data.jsonl because the first rule in the switch matched it.
    • The second event will be in critical.jsonl because it did not match the EU rule and fell through to the severity-based routing.

You have now implemented a priority-based routing system that handles compliance rules before falling back to other business logic.