/aws-serverless-centralized-logs

The purpose of this sample is to show how to create a serverless and centralized architecture to ingest, store and query logs utilizing Amazon Kinesis Data Firehose, Amazon S3 and Amazon Athena.

MIT No AttributionMIT-0

AWS Serverless Centralized Logs Solution

architecture

🔧 Getting Started

As a first step we will execute a template in AWS Cloudformation which creates a stack that configures the following services:

Service Description
IAM Role Creates roles and permissions for Amazon Kinesis Data Firehose and AWS Glue Crawler
Amazon S3 Creates log bucket with lifecycle policy
AWS Glue Creates AWS Glue database and crawler
Amazon Kinesis Data Firehose Creates one Amazon Kinesis Data Firehose for each log producer

Cloudformation link

When you upload the template for the stack in AWS Console > Cloudformation, it will request that you provided the parameters that will define the retention period of logs.

CF

☁️ Running Samples

ECS

ECS sample link

Lambda & API Gateway

Lambda & API Gateway sample link

EC2

EC2 sample link

🔍 Query Logs

Now go to Athena Query Editor on the AWS Console. Then you can select the name (logdb-your_accountid) you created in CloudFormation in the "Database" option of the Query Editor, and you should now be able to see the list of registered tables. If you want to click on the three dots next to a table name and request a preview of it, it will run a query for the first 10 lines. Check that it is working.

PS.: Check if the AWS Glue Crawler was executed or execute it manually on Glue console.

query1

Also, you are able to do more specific queries on logs.

query2

💵 Costs

This is an estimation of the solution based on the following requirements:

  • Total of 1 TB/month logs ingested and stored;
  • Total of 1 TB/month logs consumed;
  • Calculated on N.Virginia (us-east-1) region at June, 2021;

PS.: You can utilize the AWS Calculator to estimate your costs https://calculator.aws/

serverless cloudwatch

🔒 Security

See CONTRIBUTING for more information.

📜 License

This library is licensed under the MIT-0 License. See the LICENSE file.

📝 References and Links