Skip to content

AWS CoudTrail Log Collection via SNS Trigger

Coralogix provides a predefined Lambda function to easily forward your CloudTrail logs through SNS to the Coralogix platform. For easy setup, use our app in the AWS serverless application repository.

Prerequisites

  • Active CloudTrail account

  • Ready-made SNS topic with permissions SNS:Publish to the bucket

  • Ready-made CloudTrail S3 bucket with configured event notifications to the above SNS topic

  • AWS permissions to create Lambdas and IAM roles

Installation

STEP 1. Navigate to the application page and search for Coralogix-CloudTrail-via-SNS.

STEP 2. Fill in the required parameters.

STEP 3. Click Deploy.

Parameters

Parameter Description
Application Name Stack name of the application created via AWS CloudFormation
ApplicationName Application name as seen in the Coralogix UI
SubsystemName Subsystem name as seen in the Coralogix UI
NotificationEmail A notification email will be sent to this address via SNS if the Lambda fails. Requires you have a working SNS with a validated domain
S3BucketName Name of the S3 bucket with CloudTrail logs to watch. Must be in the same region as the stack that you create
SNSTopicARN ARN of the SNS topic. Must be in the same region as the S3 bucket
CoralogixRegion Region associated with your Coralogix domain
FunctionArchitecture Lambda function architecture. Possible options: x86_64, arm64
FunctionMemorySize Maximum allocated memory this Lambda may consume. Do not change default, which is set to 1024.
FunctionTimeout Maximum time (seconds) that the function may be allowed to run. Do not change default, which is set to 300.
PrivateKey Coralogix Send-Your-Data API Key

Notes:

  • Do not change the **FunctionMemorySize** and **FunctionTimeout** parameters.

Additional Resources
Documentation AWS CloudTrail

Support

Need help?

Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.

Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].

Previous Previous AWS Kinesis with Lambda Function Terraform Module
Next AWS VPC Flow Logs Terraform Module Next
Home
User Guides User Guides
DataPrime DataPrime
Integrations Integrations
OpenTelemetry OpenTelemetry
Developer Portal Developer Portal