AWS load balancer

Coralogix allows an easy way to collect your AWS load balancer (ELB, ALB, NLB) logs while decrypting them and using their original timestamp without you having to install anything on your environment, but simply deploying a Lambda. 

AWS Load Balancer logs are written by AWS to S3, in order to ship them into Coralogix and enjoy our queries, alerts, visualizations, and ML capabilities, you should read the log data bucket using our proprietary Lambda.  

Usage

Make sure you add the following environment variables when using this lambda.

1. Create an “author from scratch” Node.js 8.10 runtime lambda with an S3 read permissions 

logs from S3 to Coralogix

2. At “Code entry type” choose “Upload a ZIP file” and upload “s3ToCoralogixELB.zip”

https://s3-eu-west-1.amazonaws.com/coralogix-public/tools/s3ToCoralogixELB.zip

coralogix S3 logs

3. Add the mandatory environment variables: private_key, app_name, sub_name

env vars for coralogix S3 lambda

4. Choose the S3 bucket you want to get triggered by and change the event type from “PUT” to “Object Created(All)”

S3 bucket for coralogix

6. Multiline pattern: Coralogix supports multiline pattern by default, you can define a custom pattern with an environment variables, for example: newline_pattern [\s(?={)|(?<=})\s,\s(?={)|(?<=})\s\]. 

custom multiline in S3

7. Increase Memory to 1024mb and Timeout to 30 sec.
Lambda config cw logs

8. Click ‘Save’

Your all set! Your AWS load balancer log data should now be streaming to Coralogix.

To parse your data into JSON format, use our Rules engine with a “parse” rule. 

Need help? ping us on our in-app chat for our world-class tech support. 

Signup to Coralogix

WordPress Lightbox