Connect S3 Archive

This tutorial demonstrates how to configure an S3 bucket to send your telemetry data to Coralogix.

Use your archive buckets to store all of your data as long as you need, on your own S3 buckets, for infinite retention. Your logs & traces archive bucket can be stored in CX data format. Metrics archive bucket stores Prometheus index blocks.

S3 Bucket Configuration

The following section demonstrates how to configure your S3 bucket. You have the option to do so automatically or manually.

Automatic Configuration

1. Create a new stack.

• Input the following URL in the Amazon S3 URL field: https://coralogix-public.s3.eu-west-1.amazonaws.com/tools/ArchiveS3Template.yaml. This will create the required bucket with the necessary policies.
• Run the stack in the same region in which the bucket is created.
• To avoid additional data transfer costs, match your bucket region with the region associated with your Coralogix account.

2. Specify your stack details.

• Input a unique LogsBucketName and / or MetricsBucketName. Leave irrelevant fields blank.

Note: Please follow AWS bucket naming rules as described here: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html

3. Run the template to validate the configuration.

Manual Configuration

1. Create an S3 bucket for configuration with default parameters.

2. Search S3 in your AWS search bar and select this service.

3. Find and click the bucket of choice for storing the archive.

4. Navigate to the Permissions tab. Edit the Bucket policy.

5. Paste the following code and update the name of your bucket. The following provides both a logs and metrics archive bucket configuration snippet. Note that the configuration snippet for metrics contains an additional delete permission.

• Logs / traces archive bucket configuration snippet:

{
    "Version": "2012-10-17",
    "Id": "MyPolicyID",
    "Statement": [
        {
            "Sid": "MyStatementSid",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::625240141681:root"
            },
            "Action": [
                "s3:GetObject",
                "s3:ListBucket",
                "s3:PutObject",
                "s3:PutObjectTagging",
                "s3:GetObjectTagging"
            ],
            "Resource": [
                "arn:aws:s3:::<bucket name>",
                "arn:aws:s3:::<bucket name>/*"
            ]
        }
    ]
}

Note! For metric buckets, you are required to add the following value to the code above:"s3:DeleteObject".

• Metrics archive bucket configuration snippet:

{
    "Version": "2012-10-17",
    "Id": "MyPolicyID",
    "Statement": [
        {
            "Sid": "MyStatementSid",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::625240141681:root"
            },
            "Action": [
                "s3:GetObject",
                "s3:ListBucket",
                "s3:PutObject",
                "s3:DeleteObject"
            ],
            "Resource": [
                "arn:aws:s3:::<bucket name>",
                "arn:aws:s3:::<bucket name>/*"
            ]
        }
    ]
}

6. Click Save changes.

7. Copy and save the name of the archive for your Coralogix platform setup.

8. Click Validate Settings to ensure your archive has been configured properly.

KMS Encrypted Bucket (Optional)

If your bucket needs to be encrypted and you are using KMS, you will need to grant Coralogix permission to use the specific key to encrypt and decrypt the data when we store it on your bucket.

Note! Only those keys that are ‘Customer Managed’ may have their policy modified.

1. Access KMS and choose the key used for encryption.

2. Edit the Key Policy and add the highlighted section below to your KMS key policy or copy the code in full to also give your root user full access.

{
    "Version": "2012-10-17",
    "Id": "key-consolepolicy-3",
    "Statement": [
        {
            "Sid": "Enable Coralogix Permissions",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::625240141681:root"
            },
            "Action": [
                "kms:Encrypt",
                "kms:Decrypt",
                "kms:ReEncrypt*",
                "kms:GenerateDataKey*",
                "kms:DescribeKey"
            ],
            "Resource": "*"
        },
        {
            "Sid": "Enable root Permissions",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::<your-user>:root"
            },
            "Action": "kms:*",
            "Resource": "*"
        }
     ]
}

Note! For key policy, an asterisk “*” on resource field refers to the specific KMS Key and not all resources.

Coralogix Platform Setup

1. Select the Data Flow tab and click on Setup Archive.

2. Choose from two bucket options: one for logs / traces (CX data) and one for metrics. You cannot use the same bucket for metrics and logs together.

3. Input bucket name and region. To avoid additional data transfer costs, match your bucket region to the region associated with your Coralogix account.

4. Click Save. Note: This will activate your Archive Storage settings. Find out more here.

5. Query your Metrics S3 bucket through our hosted Grafana metric index or using our plugin and inputting metrics_index.

Support

Need help?

Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.

Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].