Our next-gen architecture is built to help you make sense of your ever-growing data Watch a 4-min demo video!

Back to All Integrations

Amazon Web Services (AWS) CloudWatch Logs Amazon Web Services (AWS) CloudWatch Logs

Last Updated: Mar. 19, 2023

Coralogix provides an easy way to collect your CloudWatch Logs. Use AWS Serverless Application Repository for seamless integration.

Requirements

  • Your AWS user should have permissions to create lambdas and IAM roles.

Installation

Once the deployment is done the lambda will listen in on the selected CloudWatch groups.

You can add more groups as triggers to the same lambda after the deployment is done.

To do so navigate to Configuration tab and from under ‘General configuration’ panel select Triggers. There just click on ‘Add trigger’ and select the desired source for your data.

Parameters and Descriptions

VariableDescription
Application NameStack name of this application created via AWS CloudFormation
NotificationEmailFailure notification email address
ApplicationNameApplication name in Coralogix
BufferCharsetCharset to use for buffer decoding, possible options are [utf8, ascii]
CloudWatchLogGroupNameName of the CloudWatch log group to watch
CoralogixRegionCoralogix region associated with your account domain
DebugCoralogix logger debug mode
FunctionArchitectureOur Function supports x86_64 or arm64
FunctionMemorySizeMax Memory for the function itself
FunctionTimeoutFunction TimeOut
NewlinePatternPattern for multiLine example: [\s(?={)|(?<=})\s,\s(?={)|(?<=})\s]
PrivateKeyCoralogix private key
SamplingRateSets the sampling rate. Default is 1 (every 1 message, to lower rate increase value)
SubsystemNameSubsystem name in Coralogix (can be empty to use log_group as subsystem name)

Secure PrivateKey Storage in SSM

To use AWS Secrets Manager to store your Coralogix PrivateKey, deploy Coralogix SecretLayer form AWS Serverless Repository. You are required to use the parameters below in your deployment.

Notes:

  • Both layers and lambda need to be in the same AWS Region.
  • Do not change the FunctionMemorySizeFunctionTimeout and NewlinePattern parameters. The application should be installed in the same AWS region as the CloudWatch log group.
  • You can use log field as Application/Subsystem names. Just use following syntax: $.my_log.field.

Parameters and Descriptions

VariableDescription
Application NameStack name of this application created via AWS CloudFormation
NotificationEmailFailure notification email address
ApplicationNameApplication name in Coralogix
CloudWatchLogGroupNameName of the CloudWatch log group to watch
CoralogixRegionCoralogix region associated with your account domain
PrivateKeyCoralogix private key
SsmEnabledSet this to TRUE to use AWS Secrets. When enabled, it creates the secret as follows: “lambda/coralogix//”
SubsystemNameSubsystem name in Coralogix (can be empty to use log_group as subsystem name)
LayerARNARN of the Coralogix SecurityLayer

Note: Parameters for SSM will be requested, but should be left empty.

Additional Resources

Github documentation

Support

Need help?

Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.

Feel free to reach out to us via our in-app chat or by sending us an email to [email protected].

On this page