Manual Installing AWS ServiceLogs
Please verify if the Prerequisites are met & satisfied on the AWS Console.
Steps for Manual Installation of AWS ServiceLogs
- Login to the AWS Console.
- Navigate to the Lambda service and create a simple Lambda function using Python as runtime.
- Deploy the Log forwarder function manually by uploading the zip file containing the log forwarder function code in the AWS Console.Note: Please reach out to Rakuten Sixthsense team to get URL and access token to download the zip file.
- Once function is deployed, change the time duration from 3 seconds to 60 seconds in Configuration/General Configuration to avoid exiting of the log forwarder function.
- Add Environment Variables for SS_AUTH_KEY & SS_LOG_ENDPOINT
- SS_AUTH_KEY is the access token for the SixthSense application, which can be found under Settings > General > Access Token.
- SS_LOG_ENDPOINT is the sixthsense collector log endpoint where the logs from your AWS services will be exported.
Note: Please reach out to Rakuten Sixthsense team to get SS_LOG_ENDPOINT. - Add the trigger for the log forwarder function manually under Function Overview section by selecting triggers for either of s3, cloudwatch log groups, eventbridge.
- Make changes in the config.json file present in the log forwarder function code uploaded as for the cloud watch log groups, S3 bucket and its file path, event bridge rules, enter the service name to which the logs should be forwarded within the Log Monitoring capability and save it.
- Deploy the changes of config.json file.
Sample Config.json file (This is used to configure the log forwarder during the manual installation of ServiceLogs)
{
"isMonitoringEnabled": true,
"s3": {
"serviceName1": {
"isEnabled": false,
"buckets": {
"bucket1": [
"path1",
"path2"
],
"bucket2": [
"path1",
"path2"
]
}
},
"serviceName2": {
"isEnabled": true,
"buckets": {
"bucket3": [
"path1",
"path2"
]
}
}
},
"cwl": {
"serviceName1": {
"isEnabled": true,
"logGroups": [
"/aws/lambda/log1",
"/aws/lambda/log2"
]
},
"serviceName2": {
"isEnabled": true,
"logGroups": [
"/aws/lambda/log1"
]
}
},
"eventbridge": {
"serviceName1": {
"isEnabled": true,
"rules": [
"rule1",
"rule2"
]
},
"serviceName2": {
"isEnabled": true,
"rules": [
"rule3"
]
}
}
}
Pre-cautions on the config.json
- The fields specified in the JSON must be present without any typographical errors. The structure is fully case-sensitive, so users must ensure accuracy.
- The isMonitoringEnabled field, along with at least one of the three log forwarders (s3, cwl, or eventbridge), must be present to pass validation checks.
- All fields within each log forwarder are mandatory; omission of any will result in JSON validation failures.
- Enter the name of the service to which logs should be forwarded within the Rakuten Sixthsense Log Monitoring capability.
- EventBridge rules must include rule names within the rules array. For S3, the buckets field should specify the bucket name, and within each bucket, an array of exact file paths to be monitored must be provided. In the case of CloudWatch Logs, the log group names should be listed in the logGroups array.