Start by creating an IAM role named “CloudWatchFullAccessRole” as shown below:
Next, create a CMK in KMS named “logglyCustomerToken” as shown below:
Next, create a Lambda function as shown below:
In the “CloudWatch Logs Trigger” section, select the log group whose logs you want to send to Loggly & provide any name for this filter.
In the “Environment Variables” section, set
kmsEncryptedCustomerToken to your Loggly customer token. The token looks like this:
473e7116-b00f-43c7-9c89-030e8b4ddc4d & can be found here:
https://your-company.loggly.com/tokens. Then expand the “Encryption Configuration” section & select “Enable helpers for encryption in transit”. Click the Encrypt button that appears next to
kmsEncryptedCustomerToken, select the “logglyCustomerToken” CMK, encrypt & create function.
Test the Lambda using a test event created from the CloudWatch Logs event template: