You can use an Amazon CloudWatch Log Group subscription to collect log events from CloudWatch Logs in real-time, and send them to Sumo Logic.
Sumo Logic’s LogGroup Lambda Connector is a Lambda function that automates the process of subscribing to Amazon CloudWatch Log Group subscriptions. You can use the connector in conjunction with an Amazon Kinesis Firehose data delivery stream, Sumo Logic Lambda function that sends Amazon CloudWatch logs to Sumo Logic, or with another Lambda functions of your choice.
This section provides instructions for both deployment methods, and covers how to troubleshoot the connector.
These instructions assume that your Amazon CloudWatch log groups and this Lambda function are in the same AWS region.
The connector can be used with existing or new log groups.
Deploying the LogGroup Lambda Connector function from a serverless repo
This section explains how to deploy the SAM application from a serverless repo. Click links for the related tasks.
To deploy LogGroup Lambda Connector, do the following:
- Open a browser window and enter the following URL: https://serverlessrepo.aws.amazon.com/application
- In the Serverless Application Repository, search for sumologic.
- Select Show apps that create custom IAM roles or resource policies check box.
- Click the sumologic-loggroup-connector,link, and then click Deploy.
- In the AWS Lambda > Functions > Application Settings panel, configure the parameters as described in configuring parameters section below.
- Click the checkbox to acknowledge that the template creates IAM resources.
- Scroll to the bottom of the window and click Deploy. After a few minutes, CREATE_COMPLETE should appear in the status column corresponding to all resources in the Resources section.
- Test the Lambda function.