AWS Lambda for sending CloudWatch logs

You can send your CloudWatch logs to New Relic using our AWS Lambda function, newrelic-log-ingestion, which can be easily deployed from the AWS Serverless application repository.

Requirements

To use our CloudWatch logs Lambda function, you only need a New Relic license key.

Install the Cloudwatch logs Lambda function

To install the Cloudwatch logs Lambda function:

  1. Open the AWS Serverless Application Repository in your browser.
  2. Search for newrelic and check Show apps that create custom IAM roles or resource policies to find newrelic-log-ingestion.
  3. Open the newrelic-log-ingestion details and click Deploy.
  4. Scroll to the Application settings and enter your configure your Lambda function.
  5. Acknowledge that the app creates custom IAM roles and then click Deploy.

Configure your Lambda function

You can configure logs forwarding using the following environment variables:

Key Description Value
LICENSE_KEY New Relic License key, needed for sending data to New Relic Infrastructure and Logs. If set, it enables forwarding to New Relic Infrastructure by default. Required. Your New Relic license key.
LOGGING_ENABLED Determines if logs are forwarded to New Relic. Required. Default: false
INFRA_ENABLED Determines if logs are forwarded to New Relic Infrastructure. Required. Default: false
NR_LOGGING_ENDPOINT New Relic ingestion endpoint for Logs. Optional. US: https://log-api.newrelic.com/log/v1
EU: https://log-api.eu.newrelic.com/log/v1
NR_INFRA_ENDPOINT New Relic ingestion endpoint for Infrastructure. Optional. https://cloud-collector.newrelic.com
  • Once you have updated the function.py and added the environment variables, click Save. Once complete, link your Lambda function to CloudWatch Logs.

Create a Lambda trigger

To get your logs streaming to New Relic you will need to attach a trigger to the Lambda:

  1. From the left side menu, select Functions.
  2. Find and select the previously created newrelic-log-ingestion function.
  3. Under Designer, click Add Triggers, and select Cloudwatch Logs from the dropdown.
  4. Select the the appropriate Log group for your application.
  5. Enter a name for your filter.
  6. Optional: Enter a filter pattern.
  7. Check the Enable trigger checkbox, then click Add to create the trigger.

Configure retries (optional)

You can configure the number of retries you want to perform in case the function fails to send the data in case of communication issues. Recommended number is 3 retries, but you can change the retry behavior by changing the below parameters:

Be aware that more number of retries can make the function run for longer time and therefore increases the probability of having higher costs for Lambda. On the contrary, decreasing the number of retries could increase the probability of data loss.

MAX_RETRIES = 3  # Defines the number of retries after lambda failure to deliver data
INITIAL_BACKOFF = 1  # Defines the initial wait seconds until next retry is executed
BACKOFF_MULTIPLIER = 2  # Time multiplier between the retries
As an example, in default above configuration, first retry will happen after 1 second, second retry after 2 seconds and third retry will happen after 4 seconds.

Resources created by the SAM template

There are few resources that will be created when you create the application from the repository:

  • The Lambda function itself
  • A Role used to give execution permissions to the Lambda function based in CloudWatch Logs.

All other lambda configurations not listed in the steps above can be left as the defaults.

View log data

If everything is configured correctly and your data is being collected, you should see data logs in both of these places:

What's next?

Now that you've enabled Logs, here are some potential next steps:

If no data appears after you enable log monitoring, follow the troubleshooting procedures.

For more help