• EnglishEspañol日本語한국어Português
  • Log inStart now

AWS Lambda for sending CloudWatch logs

You can send your Amazon CloudWatch logs to New Relic using our AWS Lambda function, newrelic-log-ingestion. This can be easily deployed from the AWS Serverless application repository.

Forwarding your CloudWatch logs to New Relic will give you enhanced capabilities to collect, process, explore, query, and alert on your log data.

Install and configure the CloudWatch logs Lambda function

The following setup shows one approach for configuring environment variables. You can also configure them from the Functions page.

Complete the following:

  1. Make sure you have a .

  2. Open the AWS Serverless Application Repository in your browser.

  3. Search for newrelic and check Show apps that create custom IAM roles or resource policies to find newrelic-log-ingestion.

  4. Open the newrelic-log-ingestion details and click Deploy.

  5. In the function's Configure menu, go to Environment Variables and configure log forwarding using the following environment variables:




    A boolean to determine if you want to output debug messages in the CloudWatch console. Optional.

    To turn on debug logs, set this to true. Default is false.


    is used for sending data to New Relic. Required.


    Determines if logs are forwarded to New Relic. Required. To turn on logging, set this to true.


    Specify tags to be added to all log events. Optional.

    Each tag is composed of a colon-delimited key and value. Multiple key-value pairs are semicolon-delimited; for example, env:prod;team:myTeam.


    If you've configured your Lambda log group to use a different path than /aws/lambda, you can specify it with this variable. Optional.


    If you've configured your VPC log group to use a different path than /aws/vpc/flow-log, you can specify it with this variable. Optional.

  6. Acknowledge that the app creates custom IAM roles, and then click Deploy.

Once the process completes, create a Lambda trigger to link your Lambda function to CloudWatch logs.

Create a Lambda trigger

Be sure to set up a trigger, not a log subscription, on the ingestion function. If a subscription was set up in the Lambda console, this could lead to a cascade of logs generated and forwarded to New Relic.

To get your logs streaming to New Relic, attach a trigger to the Lambda:

  1. From the left side menu, select Functions.
  2. Find and select the previously created newrelic-log-ingestion function.
  3. Under Triggers, click Add Triggers, and select CloudWatch Logs from the dropdown.
  4. Select the the appropriate Log group for your application.
  5. Enter a name for your filter.
  6. Optional: Enter a filter pattern.
  7. Check the Enable trigger checkbox, then click Add to create the trigger.

Did this doc help with your installation?

Optional: Configure different logging endpoints

You can set a custom logging endpoint if needed, this will allow you for example to use our FedRAMP compliant endpoints.

For that, you should deploy the application and explained above and then:

  1. Go to the recently deployed lambda function view in AWS.
  2. Scroll down and click on the Configuration tab.
  3. On the left menu inside the Configuration tab, click on Environment Variables.
  4. Here you can see a list of the already existing environment variables, just click Edit on the top right of the Environment Variables table.
  5. Update the NR_LOGGING_ENDPOINT with the appropiate endpoint:
    • For US: https://log-api.newrelic.com/log/v1
    • For EU: https://log-api.eu.newrelic.com/log/v1
    • For FedRAMP: https://gov-log-api.newrelic.com/log/v1
  6. Click Save.

Optional: Configure retries

You can configure the number of retries you want to perform in case the function fails to send the data in case of communication issues. Recommended number is three retries, but you can change the retry behavior by changing the below parameters:


The more the number of retries there are can make the function run for longer times. This increases the probability of having higher costs for Lambda. However, decreasing the number of retries could increase the probability of data loss.

# Defines the number of retries after lambda failure to deliver data
# Defines the initial wait seconds until next retry is executed
# Time multiplier between the retries

As an example, in the default configuration above the first retry will happen after 1 second, the second retry after 2 seconds and third retry will happen after 4 seconds.

Resources created by the SAM template

When you create the application from the repository, the following resources are also created:

  • The Lambda function itself
  • A role used to give execution permissions to the Lambda function based in CloudWatch Logs.

All other Lambda configurations not listed can be left as the defaults.

View log data

If everything is configured correctly and your data is being collected, you should see log data in both of these places:

  • Our logs UI
  • New Relic tools for running NRQL queries. For example, you can execute a query like this:

If no data appears after you enable our log management capabilities, follow our standard log troubleshooting procedures.

What's next?

Explore logging data across your platform.

Disable log forwarding

To disable log forwarding capabilities, follow standard procedures in Amazon CloudWatch documentation. You do not need to do anything else in New Relic.

Copyright © 2024 New Relic Inc.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.