Coralogix provides a predefined Lambda function to easily forward your CloudTrail logs straight to the Coralogix platform.
Make sure you have CloudTrail enabled or create a trail in your AWS account and setup storage in your S3 bucket.
If you don’t have an active trail yet, you can find instructions in the AWS documentation. As with all of our AWS integrations, we have a published application on the Serverless Application Repository.
3. Scroll to the bottom of the page and fill in the relevant fields.
Note! Ensure that the region in which the CloudFormation application is being run is identical to the region in which the CloudTrail S3 bucket exists.
4. Check the checkbox: I acknowledge that this app creates custom IAM roles and resource policies.
5. Click Deploy.
6. View your logs in your Coralogix dashboard.
Parameters & Details
Below is a table of references to the parameters you will see in the deployment screen.
Parameter Name
Description
Application Name
Name of the lambda function in your account
NotificationEmail
Failure notification email address. Requires a working SNS with a validated domain.
S3BucketName
Name of the S3 bucket with CloudTrail logs to watch
ApplicationName
Application name as it appears in your Coralogix UI, i.e. CloudTrail
CoralogixRegion
Region [Europe, Europe2, India, Singapore, or US] associated with your Coralogix account domain. In case that you want to use a custom domain, leave this as default and input the custom domain in the CustomDomain field.
CustomDomain
Coralogix custom domain. Leave empty if you do not use a custom domain.
FunctionArchitecture
Function supports x86_64 or arm64
FunctionMemorySize
Max memory for the function itself. Default is 1024.
FunctionTimeout
Maximum time in seconds the function may be allowed to run. Default is 300.
Oh no!We didn’t find anything for “”,
