Loggly provides the infrastructure to aggregate and normalize log events so they are available to explore interactively, build visualizations, or create threshold-based alerting. In general, any method to send logs from a system or application to an external source can be adapted to send logs to Loggly. The following instructions provide one scenario for sending logs to Loggly.
You can now push your AWS Config logs through Amazon Web Services Simple Notification Service (SNS) directly to Loggly via HTTP/HTTPS endpoints. Loggly automatically parses your AWS Config logs in JSON format so you can easily drill down and analyze the logs using the Dynamic Field Explorer.
Make sure your Amazon Web Services SNS account is connected to your Loggly account.
Follow the Amazon SNS guide to set up and verify the SNS to Loggly connection.
Log into your Amazon SNS console, from the Navigation sidebar select your Topic that contains the Subscription that is linked to your Loggly account. Select your Subscription, click Subscription Attributes and set Raw Message Delivery to True.
Within your AWS Config console, go to Settings and choose the topic you created earlier that is connected to your Loggly account.
The next screen asks you to provide AWS with proper permissions so that it can read your resources’ configurations.
Good news, you are done! Usually AWS Config events can talk a few minutes to push out to Loggly. Below you can see a sample AWS Config event within Loggly:
If you don’t see any data show up in the verification step, then check for these common problems.
- Wait a few minutes in case indexing needs to catch up
- Make sure you configured Amazon SNS correctly with your Loggly HTTP Endpoint by following our Amazon SNS integration guide.
- Verify that you configured AWS Config with the SNS Topic that you created in step 1 of this guide.
- Search or post your own Amazon SNS logging questions in the community forum.