Coralogix provides a predefined Lambda function to forward your VPC Flow Logs
flow logs straight to Coralogix.
Setup
-
- Setup delivery of your VPC Flow Logs to S3 bucket:
https://docs.aws.amazon.com/en_us/vpc/latest/userguide/flow-logs-s3.html - Create an
“author from scratch”
Node.js 8.10 runtime lambda with S3 read permission:
- At
“Code entry type”
choose“Upload a ZIP file”
and upload“s3ToCoralogixVPC.zip”
:
https://s3-eu-west-1.amazonaws.com/coralogix-public/tools/s3ToCoralogixVPC.zip
- Add the mandatory environment variables:
private_key
,app_name
,sub_name
:
- Private Key – A unique ID which represents your company, this Id will be sent to your mail once you register to Coralogix.
- Application Name – Used to separate your environment, e.g. SuperApp-test/SuperApp-prod.
- SubSystem Name – Your application probably has multiple subsystems, for example, Backend servers, Middleware, Frontend servers etc.
- Choose the S3 bucket you want to get triggered by and change the event type from
“PUT”
to“Object Created(All)”
:
- Increase
Memory
to1024MB
andTimeout
to30 sec
:
- Click “save”.
- Setup delivery of your VPC Flow Logs to S3 bucket: