Amazon Web Services

Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow.

Sumo Logic offers hosted Sources to collect from many AWS products.

In this section, we will introduce the following concepts:

📄️ Amazon CloudFront Source

Amazon CloudFront is a content delivery network (CDN) that allows an easy way for companies to distribute content to end-users with low latency and high data transfer speeds. When logging is configured, CloudFront creates log files that contain detailed information about every user request that it receives. Add an Amazon CloudFront Source to upload these messages to Sumo Logic.

📄️ Amazon CloudWatch Source for Metrics

A Sumo Logic CloudWatch Source allows you to gather metrics data from an Amazon resource.

📄️ Amazon Path Expressions

Rules

📄️ Amazon S3 Audit Source

The Amazon S3 Audit Source, also called Server Access Logging, tracks and collects your Amazon S3 bucket's activity logs. Each access log record provides details about a single access request, such as the requester, bucket name, request time, request action, response status, and error code, if any. Add an Amazon S3 Audit Source to upload these messages to Sumo Logic.

📄️ AWS CloudTrail Source

AWS CloudTrail records API calls made to AWS. This includes calls made using the AWS Management Console, AWS SDKs, command line tools, and higher-level AWS services. Add an AWS CloudTrail Source to upload these messages to Sumo Logic. The AWS CloudTrail Source automatically parses the logs prior to upload.

📄️ AWS Elastic Load Balancing Source

AWS Elastic Load Balancing (ELB) distributes incoming application traffic across multiple Amazon EC2 instances in the AWS cloud. The access logs for AWS ELB capture detailed information for all requests made to your load balancer and stores them as log files in an Amazon S3 bucket. Add an AWS ELB Source to upload these messages to Sumo Logic.

📄️ AWS Metadata (Tag) Source

A Sumo Logic AWS Metadata Source allows you to collect tags from EC2 instances running on AWS. Tags are returned in your search results and can be referenced in queries. For information about assigning tags to EC2 instances, see Tagging Your Amazon EC2 Resources in AWS help. Only one AWS Metadata Source is required to collect tags from multiple hosts.

📄️ AWS S3 Scan Interval for Sources

When configuring an Amazon S3 Source, you'll set the scan interval, which defines the waiting time between scans of the objects in your S3 bucket. It's important to set an interval that is long enough to allow new files to be uploaded, but is not too short that scans are performed without any new files being available to upload.

📄️ AWS S3 Source

Amazon Simple Storage Service (Amazon S3) provides a web services interface that can be used to store and retrieve any amount of data from anywhere on the web. Use an Amazon S3 Source to upload data to Sumo Logic from S3.

📄️ AWS Kinesis Firehose for Logs Source

An AWS Kinesis Firehose for Logs Source allows you to ingest CloudWatch logs or any other logs streamed and delivered via AWS Kinesis Data Firehose.

📄️ AWS Kinesis Firehose for Metrics Source

This page has information about Sumo Logic’s AWS Kinesis Firehose for Metrics source.

📄️ AWS Sources

When you create an AWS Source, you associate it with a Hosted Collector. Before creating the Source, identify the Hosted Collector you want to use, or create a new Hosted Collector. For instructions, see Configure a Hosted Collector.

📄️ Collection from AWS GovCloud

AWS GovCloud regions are specific regions authorized to a FedRAMP-High baseline. This region is where users with strict compliance requirements may operate in adherence with ITAR, FedRAMP, and DoD requirements. See AWS GovCloud for more information.

📄️ Configuring your AWS Source with CloudFormation

You can use AWS CloudFormation to leverage AWS products without creating or configuring any AWS infrastructure. With AWS CloudFormation, you declare all of your resources and dependencies in a template file. The template defines a collection of resources as a single unit called a stack. AWS CloudFormation creates and deletes all member resources of the stack together and manages all dependencies between the resources for you.

📄️ Grant Access to an AWS Product

Sumo Logic requires access to the services in your AWS account(s) in order to collect data. This page has instructions for granting a Sumo Logic source access to AWS services.