We're launching a new cybersecurity venture! Learn more about Snowbit >

AWS VPC Flow Logs AWS VPC Flow Logs

Last Updated: Mar. 30, 2022

Coralogix provides a predefined Lambda function to forward your VPC Flow Logs straight to Coralogix.

Setup

1. Setup delivery of your VPC Flow Logs to S3 bucket:
https://docs.aws.amazon.com/en_us/vpc/latest/userguide/flow-logs-s3.html

2. Create an “author from scratch” Node.js 10.x runtime lambda with S3 read permission:

“author from scratch” Node.js 10.x

3. At “Code entry type” choose “Upload a ZIP file” and upload “s3ToCoralogixVPC.zip”:
https://s3-eu-west-1.amazonaws.com/coralogix-public/tools/s3ToCoralogixVPC.zip

Code entry type

4. Add the mandatory environment variables: private_key, app_name, sub_name:
amazon vpc to coralogix integration mandatory environment variables

  • Private Key – A unique ID which represents your company, this Id will be sent to your mail once you register to Coralogix.
  • Application Name – Used to separate your environment, e.g. SuperApp-test/SuperApp-prod.
  • SubSystem Name – Your application probably has multiple subsystems, for example, Backend servers, Middleware, Frontend servers etc.
  • If your account URL ends with ‘.in’, add the following environment variable:
    CORALOGIX_URL=https://api.app.coralogix.in/api/v1/logs

5. Choose the S3 bucket you want to get triggered by and change the event type from “PUT” to “Object Created(All)”:

6. Increase Memory to 1024MB and Timeout to 30 sec:
amazon vpc to coralogix integration increasing memory

7. Click “save”.

On this page