メインコンテンツまでスキップ

AWS Observability Resources

Deployment using Terraform and the CloudFormation template creates a number of resources in AWS and in Sumo Logic.

Resources created in AWS

Executing the Terraform script and the AWS CloudFormation template creates or modifies the following resources in the AWS account if you are not already collecting data from those AWS services. If you are, the AWS CloudFormation template will simply integrate with your existing collector sources.

note

In the table below, the "Applicable AWS Observability Dashboards" column lists the app dashboards that make use of the data source in the "AWS Data Source" column.

AWS Data SourceAWS Resources CreatedApplicable AWS Observability Dashboards
AWS CloudTrail LogsS3 Bucket
SNS Topic
AWS Trail
SNS Subscription
AWS Lambda
IAM Roles
AWS API Gateway
AWS Lambda
Amazon DynamoDB
Amazon RDS
Amazon ECS
Amazon ElastiCache
Amazon CloudWatch MetricsAWS Lambda
IAM Roles
Kinesis Firehose
CloudWatch Metrics Stream
AWS API Gateway
AWS Lambda
Amazon DynamoDB
AWS Application Load Balancer
Amazon RDS
Amazon ECS
Amazon ElastiCache
AWS Network Load Balancer
Amazon Application Load Balancer logsS3 Bucket
SNS Topic
SNS Subscription
AWS Lambda
IAM Role
AWS Application Load Balancer
AWS Lambda CloudWatch logsAWS Lambda
IAM Roles
AWS Lambda
AWS Classic Load Balancer LogsS3 Bucket
SNS Topic
SNS Subscription
AWS Lambda
IAM Role
AWS Classic Load Balancer

If you are using an existing bucket to collect AWS ELB logs, the Amazon S3 bucket policy for this bucket will be updated to include the policy below, if in case the policy does not already exist:

{
"Sid": "AwsAlbLogs",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam:::root"
},
"Action": [
"s3:PutObject"
],
"Resource": "arn:aws:s3:::{bucket_name}/*"
}

Resources created in Sumo Logic

Terraform

Terraform execution creates the following resources in Sumo Logic.

ResourceName
CloudTrail Logs SourceCloudTrail Logs \<AWS Region>
Application Load Balancer - Access Logs SourceElb Logs \<AWS Region>
Metrics - AWS CloudWatch Metric SourceCloudWatch Metrics \<AWS Region> \<AWS Service name>
Metrics - Kinesis Firehose for Metrics SourceCloudWatch Metrics \<AWS Region>
CloudWatch Logs - Lambda Log forwarder SourceCloudWatch Logs \<AWS Region>
CloudWatch Logs - Kinesis Firehose for Logs SourceCloudWatch Logs \<AWS Region>
Inventory SourceAWS Inventory \<AWS Region>
Xray SourceAWS Xray \<AWS Region>

AWS CloudFormation

The AWS CloudFormation template execution creates the following resources in Sumo Logic.

ResourceName
App folderAWS Observability-\<Version> \<Date of installation>
Alerts
AWS Observability \<Version> \<Date and Time of Installation>
Hosted Collectoraws-observability-\<AccountAlias>-\<AccountID>
Field Extraction RuleAwsObservabilityFieldExtractionRule
AwsObservabilityAlbAccessLogsFER
AwsObservabilityApiGatewayCloudTrailLogsFER
AwsObservabilityDynamoDBCloudTrailLogsFER
AwsObservabilityLambdaCloudWatchLogsFER
AwsObservabilityRdsCloudTrailLogsFER
AwsObservabilityECSCloudTrailLogsFER
AwsObservabilityElastiCacheCloudTrailLogsFER
AwsObservabilityElbAccessLogsFER
AwsObservabilityEC2CloudTrailLogsFER
Explorer View
AWS Observability
Metric RulesAwsObservabilityRDSClusterMetricsEntityRule
AwsObservabilityRDSInstanceMetricsEntityRule
AwsObservabilityNLBMetricsEntityRule
CloudTrail sourcecloudtrail-logs-\<AWS::Region>
CloudWatch logs (HTTP) sourcecloudwatch-logs-\<AWS::Region>
Kinesis Firehose for Metricscloudwatch-metrics-\<AWS::Region>
CloudWatch Metrics sourcecloudwatch-metrics-\<AWS::Region>-ApplicationELB
cloudwatch-metrics-\<AWS::Region>-ApiGateway
cloudwatch-metrics-\<AWS::Region>-DynamoDB
cloudwatch-metrics-\<AWS::Region>-Lambda
cloudwatch-metrics-\<AWS::Region>-ELB
cloudwatch-metrics-\<AWS::Region>-RDS
cloudwatch-metrics-\<AWS::Region>-ECS
cloudwatch-metrics-\<AWS::Region>-NetworkELB
cloudwatch-metrics-\<AWS::Region>-ElastiCache
cloudwatch-metrics-\<AWS::Region>-SQS
cloudwatch-metrics-<AWS::Region>-SNS
Amazon S3 Alb log sourcealb-logs-\<AWS::Region>
Amazon S3 Classic Load Balancer log sourceclassic-lb-logs-\<AWS::Region>
Kinesis Firehose for Logskinesis-firehose-cloudwatch-logs-\<AWS::Region>
Inventory Sourceinventory-\<AWS::Region>
XRay Sourcexray-\<AWS::Region>
S3 Bucket Nameaws-observability-logs-\<StackID>
Fieldsaccount
accountid
region
namespace
tablename
loadbalancer
functionname
apiname
dbidentifier
dbinstanceidentifier
dbclusteridentifier
instanceid
clustername
cacheclusterid
networkloadbalancer
loadbalancername
note

To improve the solution performance the configurations below are done by CloudFormation template.

Sumo Logic hosted collector is created for each AWS Account.