Log Analytics 2019 - Coralogix partners with IDC Research to uncover the latest requirements by leading companies

FREE REPORT

INTEGRATIONS

Cloudwatch Logs

Cloudwatch logs & metrics coralogix

Coralogix provides a predefined Lambda function to forward your Cloudwatch logs straight to Coralogix.

Usage

Follow the following 5 steps to get your Cloudwatch logs streaming into Coralogix:

1. Create an “author from scratch” Node.js 8.10 runtime lambda.

2. At “Code entry type” choose “Edit code inline” and paste the following function

'use strict';
const AWS = require('aws-sdk');
const https = require('https');
const zlib = require('zlib');
const assert = require('assert');

assert(process.env.private_key, 'No private key')
const appName = process.env.app_name ? process.env.app_name : 'NO_APPLICATION';
const subName = process.env.sub_name ? process.env.sub_name : 'NO_SUBSYSTEM';
if (process.env.newline_pattern)
   newlinePattern = process.env.newline_pattern;


exports.handler = (event, context, callback) => {
   const payload = new Buffer(event.awslogs.data, 'base64');

   function parseEvent(logEvent, logGroupName, logStreamName) {
       return {
           "timestamp": logEvent.timestamp,
           "severity": getSeverityLevel(JSON.stringify(logEvent.message.toLowerCase())),
           "text": logEvent.message
       };
   }

   function postEventsToCoralogix(parsedEvents) {

       try {

           var options = {
               hostname: 'api.coralogix.com',
               port: 443,
               path: '/api/v1/logs',
               method: 'POST',
               headers: {
                   'Content-Type': 'application/json',
               }
           };

           let retries = 3;
           let timeoutMs = 10000;
           let retryNum = 0;

           let sendRequest = function sendRequest() {
               let req = https.request(options, function (res) {
                   console.log('Status: ' + res.statusCode);
                   console.log('Headers: ' + JSON.stringify(res.headers));
                   res.setEncoding('utf8');
                   res.on('data', function (body) {
                       console.log('Body: ' + body);
                   });
               });
               req.setTimeout(timeoutMs, () => {
                   req.abort();
                   if (retryNum++ < retries) {
                       console.log('problem with request: timeout reached. retrying ' + retryNum + '/' + retries);
                       sendRequest();
                   } else {
                       console.log('problem with request: timeout reached. failed all retries.');
                   }
               });
               req.on('error', function (e) {
                   console.log('problem with request: ' + e.message);
               });
               // write data to request body
               req.write(JSON.stringify(parsedEvents));
               req.end();
           }

           sendRequest();
       } catch (ex) {
           console.log(ex.message);
           callback(ex.message);
       }
   }

   zlib.gunzip(payload, (error, result) => {
       if (error) {
           callback(error);
       } else {
           const resultParsed = JSON.parse(result.toString('ascii'));
           const parsedEvents = resultParsed.logEvents.map((logEvent) =>
               parseEvent(logEvent, resultParsed.logGroup, resultParsed.logStream));
           const logs = {
               "privateKey": process.env.private_key,
               "applicationName": appName,
               "subsystemName": resultParsed.logGroup,
               "logEntries": parsedEvents
           }

           postEventsToCoralogix(logs);
       }

   });
   function getSeverityLevel(message) {
       var severity = 3;

       if(message.includes('debug'))
           severity = 1
       if(message.includes('verbose'))
           severity = 2
       if(message.includes('info'))
           severity = 3
       if(message.includes('warn') || message.includes('warning'))
           severity = 4
       if(message.includes('error'))
           severity = 5
       if(message.includes('critical') || message.includes('panic'))
           severity = 6

       return severity;
   }
};

3. Add the mandatory environment variables:

Private Key – A unique ID which represents your company, this Id will be sent to your mail once you register to Coralogix.

Application Name – Used to separate your environment, e.g. SuperApp-test/SuperApp-prod.

SubSystem Name – Your application probably has multiple subsystems, for example, Backend servers, Middleware, Frontend servers etc. 

cloudwatch definitions

4. go to Add triggers and add CloudWatch logs

cw logs to Coralogix

5.Configure the trigger, select the desired “Log group” and give it a name:
cloudwatch logs Coralogix
6. Increase Memory to 1024mb and Timeout to 30 sec.
Lambda config cw logs
7. repeat step 4 – 5  for each log group.

Start solving your production issues faster

Let's talk about how Coralogix can help you better understand your logs

No credit card required

Get a personalized demo

Jump on a call with one of our experts and get a live personalized demonstration