Sends logs from Cloudwatch logs to Loggly using Lamda function
- Clone the git repo
git clone https://github.com/psquickitjayant/cloudwatch2loggly.git
cd cloudwatch2loggly
- Install required npm packages.
npm install
- zip up your code
zip -r cloudwatch2loggly.zip index.js node_modules
The resulting zip (cloudwatch2loggly.zip) is what you will upload to AWS.
For all of the AWS setup, I used the AWS console following this example. Below, you will find a high-level description of how to do this. I also found this blog post on how to set things up using the command line tools.
- Create Role
- Sign in to your AWS account and open IAM console https://console.aws.amazon.com/iam/
- In your IAM console create a new Role say, 'cloudwatch-full-access'
- Select Role Type as 'AWS Lambda'
- Apply policy 'CloudWatchFullAccess' and save.
- Create KMS Key
- Create a KMS key - http://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html
- Encrypt the Loggly Customer Token using the AWS CLI - aws kms encrypt --key-id alias/<your KMS key arn> --plaintext "<your loggly customer token>"
- Copy the base-64 encoded, encrypted token from step 2's CLI output (CiphertextBlob attribute) and replace it with the "your KMS encypted key" in the script at line no 22
- Create lambda function
- https://console.aws.amazon.com/lambda/home
- Click "Create a Lambda function" button. (Choose "Upload a .ZIP file") * Name: cloudwatch2loggly * Upload lambda function (zip file you made above.) * Handler:* index.handler * Set Role : cloudwatch-full-access * Set Timeout to 2 minutes
- Go to your Lamda function and select the "Event sources" tab * Click on Add Event Source * Event Source Type : CloudWatch Logs * Log Group : Select your log group whose logs you want to send to Loggly. * Filter Name: Provide your filter name. * Filter Pattern: This is not a mandatory field. You can keep it empty. * Enable Event Source : Enable Now Now click on submit and wait for the events to occur in Loggly
NOTE: Always use latest version of AWSCLI. Some features like KMS may not work on older versions of AWSCLI. To upgrade, use the command given below
pip install --upgrade awscli