Cloudwatch logs

Coralogix provides a predefined Lambda function to forward your Cloudwatch logs straight to Coralogix.

Usage

Follow the following 5 steps to get your Cloudwatch logs streaming into Coralogix:

1. Create an “author from scratch” Node.js 8.10 runtime lambda.

2. At “Code entry type” choose “Edit code inline” and paste the following function

'use strict';
const AWS = require('aws-sdk');
const https = require('https');
const zlib = require('zlib');
const assert = require('assert');

assert(process.env.private_key, 'No private key')
const appName = process.env.app_name ? process.env.app_name : 'NO_APPLICATION';
const subName = process.env.sub_name ? process.env.sub_name : 'NO_SUBSYSTEM';
if (process.env.newline_pattern)
   newlinePattern = process.env.newline_pattern;


exports.handler = (event, context, callback) => {
   const payload = new Buffer(event.awslogs.data, 'base64');

   function parseEvent(logEvent, logGroupName, logStreamName) {
       return {
           "timestamp": logEvent.timestamp,
           "severity": getSeverityLevel(JSON.stringify(logEvent.message.toLowerCase())),
           "text": logEvent.message
       };
   }

   function postEventsToCoralogix(parsedEvents) {

       try {

           var options = {
               hostname: 'api.coralogix.com',
               port: 443,
               path: '/api/v1/logs',
               method: 'POST',
               headers: {
                   'Content-Type': 'application/json',
               }
           };

           let retries = 3;
           let timeoutMs = 10000;
           let retryNum = 0;

           let sendRequest = function sendRequest() {
               let req = https.request(options, function (res) {
                   console.log('Status: ' + res.statusCode);
                   console.log('Headers: ' + JSON.stringify(res.headers));
                   res.setEncoding('utf8');
                   res.on('data', function (body) {
                       console.log('Body: ' + body);
                   });
               });
               req.setTimeout(timeoutMs, () => {
                   req.abort();
                   if (retryNum++ < retries) {
                       console.log('problem with request: timeout reached. retrying ' + retryNum + '/' + retries);
                       sendRequest();
                   } else {
                       console.log('problem with request: timeout reached. failed all retries.');
                   }
               });
               req.on('error', function (e) {
                   console.log('problem with request: ' + e.message);
               });
               // write data to request body
               req.write(JSON.stringify(parsedEvents));
               req.end();
           }

           sendRequest();
       } catch (ex) {
           console.log(ex.message);
           callback(ex.message);
       }
   }

   zlib.gunzip(payload, (error, result) => {
       if (error) {
           callback(error);
       } else {
           const resultParsed = JSON.parse(result.toString('ascii'));
           const parsedEvents = resultParsed.logEvents.map((logEvent) =>
               parseEvent(logEvent, resultParsed.logGroup, resultParsed.logStream));
           const logs = {
               "privateKey": process.env.private_key,
               "applicationName": appName,
               "subsystemName": resultParsed.logGroup,
               "logEntries": parsedEvents
           }

           postEventsToCoralogix(logs);
       }

   });
   function getSeverityLevel(message) {
       var severity = 3;

       if(message.includes('debug'))
           severity = 1
       if(message.includes('verbose'))
           severity = 2
       if(message.includes('info'))
           severity = 3
       if(message.includes('warn') || message.includes('warning'))
           severity = 4
       if(message.includes('error'))
           severity = 5
       if(message.includes('critical') || message.includes('panic'))
           severity = 6

       return severity;
   }
};

3. Add the mandatory environment variables:

Private Key – A unique ID which represents your company, this Id will be sent to your mail once you register to Coralogix.

Application Name – Used to separate your environment, e.g. SuperApp-test/SuperApp-prod.

SubSystem Name – Your application probably has multiple subsystems, for example, Backend servers, Middleware, Frontend servers etc. 

cloudwatch definitions

4. go to Add triggers and add CloudWatch logs

cw logs to Coralogix

5.Configure the trigger, select the desired “Log group” and give it a name:
cloudwatch logs Coralogix
6. repeat step 4 – 5  for each log group.

 

Signup to Coralogix

WordPress Lightbox