We're launching a new cybersecurity venture! Learn more about Snowbit >

AWS ECS (EC2 – Fargate) Logs AWS ECS (EC2 – Fargate) Logs

Last Updated: Mar. 30, 2022

Coralogix provides integration to collect and send your ECS cluster logs straight to Coralogix.


Private Key – A unique ID that represents your company, this ID will be sent to your email once you sign up to Coralogix and can also be found under settings > send your logs.

Application Name – The name of your main application, for example, a company named “SuperData” would probably insert the “SuperData” string parameter or if they want to debug their test environment they might insert the “SuperData– Test”.

SubSystem Name – Your application probably has multiple subsystems, for example: Backend servers, Middleware, Frontend servers etc. in order to help you examine the data you need, inserting the subsystem parameter is vital.


This document includes cluster dependent URL’s. Each URL has a variable part (in Italic). Please match this part with a row entry within the following table. Copy the table row entry located under the column that matches the top level domain of your Coralogix account (.com, .in etc.). Replace the variable part of the URL with this entry.

 Elasticsearch-APISSL CertificatesCluster URL

Coralogix provides an integration both to EC2 and Fargate based clusters.


1. Create an AWS ECS Task Definition from predefined file and pass your Coralogix private key as an environment variable(PRIVATE_KEY). Optionally you can pass your application name as APP_NAME.

  1. Run AWS ECS Task on your cluster:
Task run

Choose Placement Template as One Task Per Host:

Task settings

When the task is ready, logs will start shipping to Coralogix.


  1. Create a new AWS ECS Task Definition or a New revision and enable FireLens integration:
Firelens settings

Required parameters:

  • Type – fluentd
  • Image – docker.io/coralogixrepo/fluentd-coralogix-ecs:latest

If your account top level domain is different than ‘.com’ launch fluentd using these environment variables:

CORALOGIX_LOG_URL=https://api.Cluster URL/api/v1/logs

CORALOGIX_TIME_DELTA_URL=https://api.Cluster URL/sdk/v1/time
  1. Configure awsfirelens logging driver for the container which you want to send the logs:
Logging driver settings

Required parameters:

  • @type – coralogix
  • privatekey – your Coralogix private key
  • appname – your application name
  • subsystemname – your application subsystem
  • is_json – true

If you want to send just the log message itself without additional metadata:

  • log_key_name – log
  • is_json – false

Note: To manage multiline messages refer to this page.

On this page