Send Amazon CloudWatch Logs to SolarWinds Loggly Using an AWS Lambda Function

SolarWinds Loggly is a log aggregation & analysis platform. You can send logs to Loggly from many sources. This article describes the steps to send CloudWatch logs to Loggly.

Start by creating an IAM role named “CloudWatchFullAccessRole” as shown below:

Next, create a CMK in KMS named “logglyCustomerToken” as shown below:

Next, create a Lambda function as shown below:

In the “CloudWatch Logs Trigger” section, select the log group whose logs you want to send to Loggly & provide any name for this filter.

In the “Environment Variables” section, set logglyHostName to logs-01.loggly.com & kmsEncryptedCustomerToken to your Loggly customer token. The token looks like this: 473e7116-b00f-43c7-9c89-030e8b4ddc4d & can be found here: https://your-company.loggly.com/tokens. Then expand the “Encryption Configuration” section & select “Enable helpers for encryption in transit”. Click the Encrypt button that appears next to kmsEncryptedCustomerToken, select the “logglyCustomerToken” CMK, encrypt & create function.

Test the Lambda using a test event created from the CloudWatch Logs event template:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.