• Log inStart now

AWS Lambda for sending CloudWatch logs

You can send your Amazon CloudWatch logs to New Relic using our AWS Lambda function, newrelic-log-ingestion. This can be easily deployed from the AWS Serverless application repository.

Forwarding your CloudWatch logs to New Relic will give you enhanced log management capabilities to collect, process, explore, query, and alert on your log data.

Install and configure the Cloudwatch logs Lambda function

The following setup shows one approach for configuring environment variables. You can also configure them from the Functions page.

Complete the following:

  1. Make sure you have a New Relic license key.
  2. Open the AWS Serverless Application Repository in your browser.
  3. Search for newrelic and check Show apps that create custom IAM roles or resource policies to find newrelic-log-ingestion.
  4. Open the newrelic-log-ingestion details and click Deploy.
  5. In the function's Configure menu, go to Environment Variables and configure log forwarding using the following environment variables:

Key

Description

DEBUG_LOGGING_ENABLED

A boolean to determine if you want to output debug messages in the CloudWatch console. Optional.

To turn on debug logs, set this to true. Default is false.

LICENSE_KEY

New Relic license key is used for sending data to New Relic. Required.

LOGGING_ENABLED

Determines if logs are forwarded to New Relic. Required. To turn on logging, set this to true.

NR_LOGGING_ENDPOINT

New Relic ingestion endpoint for logs. Required. Two endpoints are available:

  • US: https://log-api.newrelic.com/log/v1
  • EU: https://log-api.eu.newrelic.com/log/v1

NR_TAGS

Specify tags to be added to all log events. Optional.

Each tag is composed of a colon-delimited key and value. Multiple key-value pairs are semicolon-delimited; for example, env:prod;team:myTeam.

NR_LAMBDA_LOG_GROUP_PREFIX

If you've configured your Lambda log group to use a different path than /aws/lambda, you can specify it with this variable. Optional.

NR_VPC_LOG_GROUP_PREFIX

If you've configured your VPC log group to use a different path than /aws/vpc/flow-log, you can specify it with this variable. Optional.

  1. Acknowledge that the app creates custom IAM roles, and then click Deploy.

Once the process completes, create a Lambda trigger to link your Lambda function to CloudWatch logs.

Create a Lambda trigger

Be sure to set up a trigger, not a log subscription, on the ingestion function. If a subscription was set up in the Lambda console, this could lead to a cascade of logs generated and forwarded to New Relic.

To get your logs streaming to New Relic, attach a trigger to the Lambda:

  1. From the left side menu, select Functions.
  2. Find and select the previously created newrelic-log-ingestion function.
  3. Under Designer, click Add Triggers, and select Cloudwatch Logs from the dropdown.
  4. Select the the appropriate Log group for your application.
  5. Enter a name for your filter.
  6. Optional: Enter a filter pattern.
  7. Check the Enable trigger checkbox, then click Add to create the trigger.

Configure retries (optional)

You can configure the number of retries you want to perform in case the function fails to send the data in case of communication issues. Recommended number is 3 retries, but you can change the retry behavior by changing the below parameters:

Tip

The more the number of retries there are can make the function run for longer times. This increases the probability of having higher costs for Lambda. However, decreasing the number of retries could increase the probability of data loss.

MAX_RETRIES = 3 # Defines the number of retries after lambda failure to deliver data
INITIAL_BACKOFF = 1 # Defines the initial wait seconds until next retry is executed
BACKOFF_MULTIPLIER = 2 # Time multiplier between the retries
As an example, in default above configuration, first retry will happen after 1 second, second retry after 2 seconds and third retry will happen after 4 seconds.

Resources created by the SAM template

When you create the application from the repository, the following resources are also created:

  • The Lambda function itself
  • A role used to give execution permissions to the Lambda function based in CloudWatch Logs.

All other Lambda configurations not listed can be left as the defaults.

View log data

If everything is configured correctly and your data is being collected, you should see data logs in both of these places:

SELECT * FROM Log

If no data appears after you enable our log management capabilities, follow our standard log troubleshooting procedures.

What's next?

Explore logging data across your platform.

Disable log forwarding

To disable log forwarding capabilities, follow standard procedures in Amazon CloudWatch documentation. You do not need to do anything else in New Relic.

Copyright © 2022 New Relic Inc.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.