Support Logging setup Amazon CloudWatch logs

Send Amazon Cloudwatch Logs to Loggly

You can push Amazon Cloudwatch Logs (CWL) to Loggly using an Amazon Lambda Blueprint. Please note these instructions are for Cloudwatch Logs, which are different from Cloudwatch metrics. Follow the instructions below.

AWS Setup

1. Encypt Loggly Customer Token

Upgrade AWS CLI to the latest version to get all the updated features.

pip install --upgrade awscli

Create a KMS key using the steps mentioned in the link with alias name : logglyCustomerToken
Encrypt the Loggly Customer Token using the AWS CLI

aws kms encrypt --key-id alias/logglyCustomerToken --plaintext "TOKEN"

Replace:

 

2. Create Lambda Function from the blueprint

Go to AWS Lambda Console. Click the “Create a Lambda function” button.

 

Select the “cloudwatch-logs-to-loggly” Loggly blueprint

 

3. Configure triggers

Configure the triggers to call your Lambda function as below.

Log Group: Select your log group whose logs you want to send to Loggly.
Filter Name: Provide your filter name.
Filter Pattern: This is not a mandatory field. You can keep it empty.
Enable trigger: Check this option to enable the trigger. You could also come back to this setting later to enable it.
Click on Next button.

 

4. Configure function and Add Environment Variables:

Below window will open where you need to add environment variables for this function to work.

 

Configure Environment Variables as below:

kmsEncrptedCustomerToken: Copy the base-64 encoded, encrypted token from step 1's CLI output (CiphertextBlob attribute) and paste it in kmsEncryptionCustomerToken key. 

logglyTags: Enter logglyTags as per your requirement

logglyHostName: Enter logs-01.loggly.com

 

5. Configure Lambda function handler and role

Role: Create new role from template(s) only. This will add KMS decryption permission automatically. Please use this option. 
Role name: Enter the role name that you want.
Memory (MB): set memory to 512. You can increase it as needed.
Timeout: Set time out to 1min.You can increase it as needed.
KMS key: Select logglyCustomerToken from the dropdown
Click on the next button to review the function and then click on “Create function”.  

6. Test your function

Configure the test function by clicking under Actions -> Configure test event.
A window will open. Select Cloudwatch Logs from the dropdown and click Save and test.
If it tests successfully, then you will see below message. If you get an error then check the troubleshooting section below:
 
If you haven’t enabled the trigger under step 3, then,  you can go to configure trigger from the left side menu to enable it.

7. Verify Events

Search Loggly events with the tag as cloudwatch2loggly over the past 20 minutes. It may take few minutes to index the events. If doesn’t work, see the troubleshooting section below.

tag:cloudwatch2loggly
aws-cloudwatch

Advanced Amazon CloudWatch Options

Troubleshooting

If you don’t see any data show up in the verification step, then check for these common problems.

    • Make sure you’ve included your own customer token
    • Make sure you are using the latest version of AWS CLI
    • Make sure you have configured same roles as mentioned above.
    • Create new role from template(s) only.
    • Go to your Lamda function in AWS Console and click on View logs in Cloudwatch in the Monitoring tab to view logs.
    • Search or post your own Amazon Cloudwatch logging questions in the community forum.

 

Thanks for the feedback! We'll use it to improve our support documentation.