Cloudwatch Logs

Coralogix provides a predefined Lambda function to forward your Cloudwatch logs straight to Coralogix.

The preferred and easiest integration method will be to use our aws Serverless Application Repository. Search for ‘coralogix’. Don’t forget to check the ‘Show apps that create custom IAM roles or resource policies’ box located just under the search field to see all available applications. Select your application of choice and click on it. You will see detailed instructions in the readme section on the left.

Automation

You can include SAM (Serverless Application Model) in your automation frameworks. If you need access to the latest and greatest Lambda code go to https://github.com/coralogix/coralogix-aws-serverless/tree/master/src.

The rest of this document describes a manual configuration of this integration and the Lambda associated with it and should be used if there is a need for special customization.

Follow the following 7 steps to get your Cloudwatch logs streaming into Coralogix:

This document includes cluster dependent URL’s. Each URL has a variable part (in Italic). Please match this part with a row entry within the following table. Copy the table row entry located under the column that matches the top level domain of your Coralogix account (.com, .in etc.). Replace the variable part of the URL with this entry.

 .com.us.in
Elasticsearch-APIhttps://coralogix-esapi.coralogix.com:9443https://esapi.coralogix.us:9443https://es-api.app.coralogix.in:9443
SSL Certificateshttps://coralogix-public.s3-eu-west-1.amazonaws.com/certificate/Coralogix-EU.crthttps://www.amazontrust.com/repository/AmazonRootCA1.pemhttps://coralogix-public.s3-eu-west-1.amazonaws.com/certificate/Coralogix-IN
.pem
Cluster URLcoralogix.comcoralogix.usapp.coralogix.in

1. Create an “author from scratch” Node.js 12.x runtime lambda with basic permissions:

2. At “Code entry type” choose “Edit code inline” and paste the function code.

3. Add the mandatory environment variables private_keyapp_namesub_name:

Private Key – A unique ID that represents your company, this Id will be sent to your mail once you register to Coralogix.

Application Name – Used to separate your environment, e.g. SuperApp-test/SuperApp-prod.

SubSystem Name – Your application probably has multiple subsystems, for example, Backend servers, Middleware, Frontend servers, etc. If the Subsystem name environment variable is left empty, The Lambda function will assign the appropriate log group name as the Subsystem name value. 

If your Coralogix account top level domain is not ‘.com’ add the following environment variables:

CORALOGIX_URL=api.Cluster URL

cloudwatch definitions

4. Go to “Add triggers” and add “CloudWatch logs”:

cw logs to Coralogix

5.Configure the trigger, select the desired “Log group” and give it a name:
cloudwatch logs Coralogix
If more than one log group needs to be monitored, add an additional trigger per log group.
6. Increase Memory to1024MB and Timeout to 30 sec:
Lambda config cw logs
7. Repeat step 4 – 5 for each log group.