Breaking News from AWS re:Invent
Coralogix receives AWS Rising Star award!

Back to All Docs

AWS S3 Log Collection AWS S3 Log Collection

Last Updated: Nov. 15, 2023

Seamlessly collect logs by sending them to your S3 buckets using our app in the AWS Serverless Application Repository.

Coralogix monitors and ships whole log files and not individual log lines.


  • A ready-made S3 bucket clear of any Lambda triggers
  • AWS user with permission to create Lambdas and IAM roles


  • Navigate to: Application Page
  • Fill in the required parameters
  • be sure to check the checkbox labeled as
    I acknowledge that this app creates custom IAM roles and resource policies.
  • Click Deploy

Once the deployment is done, every new gzipped log file placed in the Lambda will be sent to Coralogix.

Parameters and Descriptions

Application NameStack name of the application created via AWS CloudFormation
If your log is JSON format, use its dynamic value.
Example: $.level1.level2.value
NotificationEmailFailure notification email address
ApplicationNameApplication name as it appears in your Coralogix UI
BlockingPatternIf you wish to block some of the logs, adding a substring will act as selector.
Default is empty to send all logs.
BufferSizeBuffer size for logs in the Lambda function
CoralogixRegionRegion associated with your Coralogix account domain
DebugCoralogix logger debug mode
FunctionArchitectureFunction supports x86_64 or arm64
FunctionMemorySizeMax memory for the function itself
FunctionTimeoutMaximum time in seconds the function may be allowed to run
NewlinePatternPattern for lines splitting
Default is (?:\r\n|\r|\n).
S3BucketNameName of the S3 bucket to watch
S3KeyPrefixThe S3 path prefix to watch, if you want to watch a particular subfolder within the bucket
S3KeySuffixS3 path suffix to watch
SamplingRateSets the sampling rate
The rate is set to 1 by default, meaning that it collects every log message from the S3 bucket. Increase it to change the sampling rate [i.e. increase it to 2 to ship 1 out of every 2 logs, etc].
SubsystemNameSubsystem name as it appears in your Coralogix UI
If your log is JSON format, can use its dynamic value, for example: $.level1.level2.value.
CustomDomainCoralogix custom domain
Leave empty if you do not use a custom domain.
ApiKeyYour Coralogix Send-Your-Data API Key
If you have created a secret in AWS Secrets Manager, use the secret that contains your Coralogix Send-Your-Data API key.
LayerARNIf using AWS Secrets Manager, this is the ARN of the Coralogix Lambda layer. If not, leave empty.
CreateSecretIf you have created a secret in AWS Secrets Manager containing your Coralogix Send-Your-Data API key, set to False.


Need help?

Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.

Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].

On this page