Firehose Metrics Module
Firehose Metrics module is designed to support AWS Firehose Metrics integration with Coralogix. Leveraging AWS CloudWatch Metrics Stream.
Metrics - Usage
Delivering all CloudWatch metrics
Provision a firehose delivery stream with CloudWatch metric stream to stream metrics to Coralogix.
module "cloudwatch_firehose_metrics_coralogix" {
source = "coralogix/aws/coralogix//modules/firehose-metrics"
firehose_stream = var.coralogix_firehose_stream_name
api_key = var.api_key
coralogix_region = var.coralogix_region
}
By default, the metric stream includes all namespaces [AWS/EC2, AWS/EBS, etc..] and metric names.
Delivering selected CloudWatch metrics by namespaces
Provision a firehose delivery stream with CloudWatch metric stream. The metric stream includes only selected namespaces and sends the metrics to Coralogix: When including specific namespaces, the variable 'include_metric_stream_namespaces' needs to include a list of the desired namespaces, which are case-sensitive. please see the AWS namespaces list.
module "cloudwatch_firehose_metrics_coralogix" {
source = "coralogix/aws/coralogix//modules/firehose-metrics"
firehose_stream = var.coralogix_firehose_stream_name
api_key = var.api_key
include_metric_stream_namespaces = var.include_metric_stream_namespaces
coralogix_region = var.coralogix_region
}
Filtering selected metric names from namespaces
Provision a firehose delivery stream with CloudWatch metric stream. For more granular inclusive filters of metric names belonging to an included namespace:
The variable include_metric_stream_filter can be used to send only conditional metric names belonging to a selected metric namespace. For any selected namespace where the metric names list is empty or not specified, all metrics in that namespace is included.
Note: include_metric_stream_namespaces and include_metric_stream_filter are independent but related the same metric stream include filter and may conflict. If error or metrics do not show, check console CloudWatch -> Metrics -> Streams -> Selected Metrics table on result.
Metric namespaces are also case-sensitive, please see the AWS namespaces list. For case-sensitive metric names belonging to a namespace, please see the AWS View available metrics guide
module "cloudwatch_firehose_metrics_coralogix" {
source = "coralogix/aws/coralogix//modules/firehose-metrics"
firehose_stream = var.coralogix_firehose_stream_name
api_key = var.api_key
# If metric names is empty or not specified, the whole metric namespace is included
include_metric_stream_filter = [
{
namespace = "AWS/EC2"
metric_names = ["CPUUtilization", "NetworkOut"]
},
{
namespace = "AWS/S3"
metric_names = ["BucketSizeBytes"]
},
]
coralogix_region = var.coralogix_region
}
Additional Statistics
Also, additional_metric_statistics provide a means to configure additional statistics to a given metric. This is done by specifying the metric_name and namespace and corresponding list of additional statistics. Read metric streams for more infomation. Set additional_metric_statistics_enable to true to enable this featurem,
Depending on the output_format variable configured (default opentelemetry0.7). The json format would support streaming of statistics provided by CloudWatch and the opentelemetry0.7 (default) supports streaming percentile statistics (p99.).
If additional_metric_statistics is not configured but is enabled true, the module's default configuration of recommended metric and statistics is used which is configured to the p50, p75, p95 and p99 percentiles.
In the below example, additional_metric_statistics is enabled and the default configured metrics, namespaces and additional statistics percentiles are used. Note: as output_format of opentelemetry0.7 is configured, only percentile values are supported.
output_format = "opentelemetry0.7"
additional_metric_statistics_enable = true
additional_metric_statistics = [
{
additional_statistics = ["p50", "p75", "p95", "p99"],
metric_name = "VolumeTotalReadTime",
namespace = "AWS/EBS"
},
{
additional_statistics = ["p50", "p75", "p95", "p99"],
metric_name = "VolumeTotalWriteTime",
namespace = "AWS/EBS"
},
{
additional_statistics = ["p50", "p75", "p95", "p99"],
metric_name = "Latency",
namespace = "AWS/ELB"
},
{
additional_statistics = ["p50", "p75", "p95", "p99"],
metric_name = "Duration",
namespace = "AWS/ELB"
},
{
additional_statistics = ["p50", "p75", "p95", "p99"],
metric_name = "PostRuntimeExtensionsDuration",
namespace = "AWS/Lambda"
},
{
additional_statistics = ["p50", "p75", "p95", "p99"],
metric_name = "FirstByteLatency",
namespace = "AWS/S3"
},
{
additional_statistics = ["p50", "p75", "p95", "p99"],
metric_name = "TotalRequestLatency",
namespace = "AWS/S3"
}
]
Cross-account Tag Enrichment (OAM)
When using OAM linked accounts, enable Lambda cross-account tag enrichment to fetch tags from source accounts:
## Enable cross-account tag enrichment
cross_account_enabled = true
## Map each source account ID to the role to assume in that account
cross_account_roles = {
"123456789012" = "arn:aws:iam::123456789012:role/CoralogixMetricsReader"
}
Required permissions: - Monitoring account Lambda role must allow sts:AssumeRole on each role in cross_account_roles. - Each linked account role trust policy must allow the monitoring account Lambda processor role to assume it. - Linked account role policy should include at least tag:GetResources and service-specific read actions used for resource discovery.
Removal of CloudWatch Metric Streams Lambda transformation
By default, a Coralogix Lambda Transformation Function has been added to the Kinesis Firehose Data Transformation as a processing_configuration. This is done, to enrich the metrics from CloudWatch Metric Streams with AWS resource tags. The optional lambda function is deployed as part of the module, and can be removed by setting the variable lambda_processor_enable to false.
module "cloudwatch_firehose_metrics_coralogix" {
source = "coralogix/aws/coralogix//modules/firehose-metrics"
lambda_processor_enable = false
firehose_stream = var.coralogix_firehose_stream_name
api_key = var.api_key
coralogix_region = var.coralogix_region
}
Read more about the following:
Examples
Examples can be found under the firehose-metrics examples directory
Override Coralogix applicationName and subsystemName
The application name and subsystem name by default is the firehose delivery stream arn and name, but it can be overriden by setting an environment variable called application_name and subsystem_name.
Coralogix account region
The coralogix region variable accepts one of the following regions: * EU1 * EU2 * AP1 * AP2 * AP3 * US1 * US2
Coralogix Regions & Description.
| Region | Domain | Endpoint |
|---|---|---|
| EU1 | eu1.coralogix.com | https://ingress.coralogix.com/aws/firehose |
| EU2 | eu2.coralogix.com | https://ingress.eu2.coralogix.com/aws/firehose |
| AP1 | ap1.coralogix.com | https://ingress.app.ap1.coralogix.com/aws/firehose |
| AP2 | ap2.coralogix.com | https://ingress.ap2.coralogix.com/aws/firehose |
| AP3 | ap3.coralogix.com | https://ingress.ap3.coralogix.com/aws/firehose |
| US1 | us1.coralogix.com | https://ingress.us1.coralogix.com/aws/firehose |
| US2 | us2.coralogix.com | https://ingress.us2.coralogix.com/aws/firehose |
Custom endpoints
It is possible to pass a custom firehose ingress endpoint with by using the coralogix_firehose_custom_endpoint variable.
Metrics Output Format
Coralogix suppots both JSON format and OpenTelemtry format. The default format configured here is OpenTelemtry. if using Json in the firehose output format, which is configured via the integration_type_metrics variable, then the CloudWatch metric stream must be configured with the same format, configured via the output_format variable.
Requirements
| Name | Version |
|---|---|
| aws | ~> 4.17.1 |
| terraform | >= 1.6.0 |
Providers
| Name | Version |
|---|---|
| aws | ~> 4.17.1 |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| coralogix_region | Coralogix account region: EU1, EU2, AP1, AP2, AP3, US1, US2 [exact] | any | n/a | yes |
| api_key | Coralogix account logs api key | string | n/a | yes |
| firehose_stream | AWS Kinesis firehose delivery stream name | string | n/a | yes |
| application_name | The name of your application in Coralogix | string | n/a | yes |
| subsystem_name | The subsystem name of your application in Coralogix | string | n/a | yes |
| cloudwatch_retention_days | Days of retention in Cloudwatch retention days | number | n/a | no |
| custom_domain | Custom domain for Coralogix firehose integration endpoint (private.coralogix.net:8443) | string | null | no |
| integration_type_metrics | The integration type of the firehose delivery stream: CloudWatch_Metrics_OpenTelemetry070 or CloudWatch_Metrics_OpenTelemetry070_WithAggregations. For _WithAggregations choice, additional aggregations here are _min, _max, _avg recorded as gauges. See https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-metric-streams-formats-opentelemetry-translation.html | string | "CloudWatch_Metrics_OpenTelemetry070_WithAggregations" | no |
| output_format | The output format of the cloudwatch metric stream: 'json' or 'opentelemetry0.7' | string | "opentelemetry0.7" | no |
| enable_cloudwatch_metricstream | Should be true if you want to create a new CloudWatch metric stream and attach it to Firehose | bool | true | no |
| cloudwatch_metric_stream_custom_name | Set the name of the CloudWatch Metric Stream resource, otherwise variable firehose_stream will be used | string | null | no |
| include_metric_stream_namespaces | List of specific namespaces to include in the CloudWatch metric stream, see https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html | list(string) | [] | no |
| include_metric_stream_filter | Guide to view specific metric names of namespaces, see https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/viewing_metrics_with_cloudwatch.html | list(object({namespace=string, metric_names=list(string)}) | [] | no |
| include_linked_accounts_metric | Guide to view specific metric names of namespaces, see https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/viewing_metrics_with_cloudwatch.html | list(object({namespace=string, metric_names=list(string)}) | [] | no |
| additional_metric_statistics_enable | To enable the inclusion of additional statistics to the streaming metrics | bool | true | no |
| additional_metric_statistics | For each entry, specify one or more metrics (metric_name and namespace) and the list of additional statistics to stream for those metrics. Each configuration of metric name and namespace can have a list of additional_statistics included into the AWS CloudWatch Metric Stream. | list(object({additional_statistics=list(string), metric_name=string, namespace=string})) | See variables.tf | no |
| s3_backup_custom_name | Set the name of the S3 backup bucket, otherwise variable '{firehose_stream}-backup-metrics' will be used. | string | n/a | no |
| existing_s3_backup | Use an existing S3 bucket to use as a backup bucket. | string | n/a | no |
| govcloud_deployment | Enable if you deploy the integration in govcloud | bool | false | no |
| custom_s3_bucket | The name of the s3 bucket that exists in your account to save the lambda zip code in | string | n/a | no |
| lambda_processor_enable | Enable the lambda processor function. Set to false to remove the lambda and all associated resources. | bool | true | no |
| lambda_processor_custom_name | Set the name of the lambda processor function, otherwise variable '{firehose_stream}-metrics-transform' will be used | string | null | no |
| lambda_processor_iam_custom_name | Set the name of the lambda processor IAM role, otherwise variable '{firehose_stream}-lambda-processor-iam' will be used. | string | n/a | no |
| existing_lambda_processor_iam | Use an existing lambda processor IAM role. | string | n/a | no |
| firehose_iam_custom_name | Set the name of the IAM role & policy, otherwise variable '{firehose_stream}-firehose-metrics-iam' will be used. | string | n/a | no |
| existing_firehose_iam | Use an existing IAM role to use as a firehose role. | string | n/a | no |
| metric_streams_iam_custom_name | Set the name of the cloudwatch metric streams IAM role & policy, otherwise variable '{firehose_stream}-cw-iam. | string | n/a | no |
| existing_metric_streams_iam | Use an existing IAM role to use as a metric streams role. | string | n/a | no |
| user_supplied_tags | Tags supplied by the user to populate to all generated resources | map(string) | n/a | no |
| override_default_tags | Override and remove the default tags by setting to true | bool | false | no |
Coralgoix regions
| Coralogix region | AWS Region | Coralogix Domain |
|---|---|---|
Europe | eu-west-1 | eu1.coralogix.com |
Europe2 | eu-north-1 | eu2.coralogix.com |
India | ap-south-1 | ap1.coralogix.com |
Singapore | ap-southeast-1 | ap2.coralogix.com |
AP3 | ap-southeast-3 | ap3.coralogix.com |
US | us-east-2 | us1.coralogix.com |
US2 | us-west-2 | us2.coralogix.com |
Note
When trying to deploy the lambda in govcloud, you will need to set the variable govcloud_deployment to true and set the variable custom_s3_bucket to a bucket that exists in your account, the module will upload the function source code into this bucket
Outputs
| Name | Description |
|---|---|
| firehose_stream_arn | ARN of the Firehose Delivery Stream |
| firehose_stream_name | Name of the Firehose Delivery Stream |
| firehose_iam_role_arn | ARN of the Firehose IAM role |
| s3_backup_bucket_arn | ARN of the Firehose S3 Backup Bucket |
| lambda_processor_arn | ARN of the Lambda Processor |
| lambda_processor_iam_arn | ARN of the Lambda Processor IAM role |
| metric_stream_arn | ARN of the CloudWatch Metric Stream |
| metric_stream_iam_role_arn | ARN of the CloudWatch Metric Stream IAM role |