Our next-gen architecture is built to help you make sense of your ever-growing data Watch a 4-min demo video!

Back to All Integrations

AWS Load Balancer AWS Load Balancer

Last Updated: Jun. 18, 2023

This tutorial demonstrates how to collect your AWS Elastic Load Balancers, Application Load Balancers, and Network Load Balancers using Elastic Load Balancing. The data, decrypted and retaining original timestamps, is sent to Coralogix. The process is installation-free and entails simply deploying a Lambda function.

Once ingested by Coralogix, view and analyze your logs on our platform using queries, alerts, visualizations, and ML capabilities.


  • AWS account with permissions to create Lambdas and IAM roles
  • An operating load balancer that writes its access log to S3
  • An S3 bucket clear of any triggers and with a policy that grants the load balancer permission to write access logs to the bucket


STEP 1. Navigate to Coralogix Lambda creation.

STEP 2. Fill in the required parameters.

STEP 3. Check the checkbox: “I acknowledge that this app creates custom IAM roles and resource policies.”

STEP 4. Deploy.

Parameters & Descriptions

Application NameStack name of the application created via AWS CloudFormation.
If your log is JSON format, use its dynamic value.
Example: $.level1.level2.value
NotificationEmailFailure notification email address
ApplicationNameApplication name as it appears in your Coralogix UI
BlockingPatternIf you wish to block some of the logs adding a substring will act as selector.
Default is empty to send all logs.
BufferSizeBuffer size for logs in the lambda function
CoralogixRegionRegion [Europe, Europe2, India, Singapore, or US] associated with your Coralogix account domain
DebugCoralogix logger debug mode
FunctionArchitectureFunction supports x86_64 or arm64
FunctionMemorySizeMax memory for the function itself
FunctionTimeoutMaximum time in seconds the function may be allowed to run
NewlinePatternPattern for lines splitting. Default is (?:\r\n|\r|\n).
S3BucketNameName of the S3 bucket to watch
S3KeyPrefixThe S3 path prefix to watch, if you want to watch a particular subfolder within the bucket
S3KeySuffixS3 path suffix to watch
SamplingRateSets the sampling rate
SsmEnabledTrue if you want to store your coralogix private_key as a secret and False if you do not
SubsystemNameSubsystem name as it appears in your Coralogix UI. If your log is JSON format, can use its dynamic value, for example: $.level1.level2.value.
CustomDomainCoralogix custom domain. Leave empty if you do not use a custom domain.
PrivateKeyYour Coralogix Send-Your-Data API Key
LayerARNYour Coralogix SSM Layer ARN

Additional Resources

BlogHow to Get the Most Out of Your ELB Logs


Need help?

Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.

Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].

On this page