Cloud Custodian - Cloud Watch Log S3 exporter

Project description

c7n-log-exporter: Cloud watch log exporter automation

A small serverless app to archive cloud logs across accounts to an archive bucket. It utilizes cloud log export to s3 feature for historical exports.

It also supports kinesis streams / firehose to move to realtime exports in the same format as the periodic historical exports.

Features

Log group filtering by regex
Incremental support based on previously synced dates
Incremental support based on last log group write time
Cross account via sts role assume
Lambda and CLI support.
Day based log segmentation (output keys look like $prefix/$account_id/$group/$year/$month/$day/$export_task_uuid/$stream/$log)

Assumptions

The archive bucket has already has appropriate bucket policy permissions. For details see: https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/S3ExportTasks.html#S3Permissions
Default periodicity for log group archival into s3 is daily.
Exporter is run with account credentials that have access to the archive s3 bucket.
Catch up archiving is not run in lambda (do a cli run first)

Cli usage

make install

You can run on a single account / log group via the export subcommand

c7n-log-exporter export --help

Config format

To ease usage when running across multiple accounts, a config file can be specified, as an example.

destination:
  bucket: custodian-log-archive
  prefix: logs2

accounts:
  - name: custodian-demo
    role: "arn:aws:iam::111111111111:role/CloudCustodianRole"
    groups:
      - "/aws/lambda/*"
      - "vpc-flow-logs"

Multiple accounts via cli

To run on the cli across multiple accounts, edit the config.yml to specify multiple accounts and log groups.

c7n-log-exporter run --config config.yml

Serverless Usage

Edit config.yml to specify the accounts, archive bucket, and log groups you want to use.

make install
make deploy

Project details

Release history Release notifications | RSS feed

0.4.40

Sep 18, 2024

0.4.39

Jul 23, 2024

0.4.38

Jul 23, 2024

0.4.37

Jun 18, 2024

0.4.36

Jun 5, 2024

0.4.35

Apr 29, 2024

0.4.34

Mar 26, 2024

0.4.33

Jan 18, 2024

0.4.32

Nov 29, 2023

0.4.31

Oct 3, 2023

0.4.30

Sep 6, 2023

0.4.29

Aug 15, 2023

0.4.28

Jul 20, 2023

0.4.27

Jun 28, 2023

0.4.26

May 25, 2023

0.4.25

Apr 12, 2023

0.4.24

Apr 11, 2023

0.4.23

Mar 16, 2023

0.4.22

Feb 16, 2023

0.4.21

Jan 18, 2023

0.4.20

Dec 15, 2022

0.4.19

Oct 26, 2022

0.4.18

Oct 5, 2022

0.4.17

Aug 11, 2022

0.4.16

Jun 21, 2022

0.4.15

May 10, 2022

0.4.14

Feb 24, 2022

0.4.13

Nov 16, 2021

0.4.12

Aug 10, 2021

0.4.11

Jun 28, 2021

0.4.10

Mar 22, 2021

0.4.9

Jan 11, 2021

0.4.8

Dec 14, 2020

0.4.7

Nov 17, 2020

0.4.6

Oct 15, 2020

This version

0.4.5

Sep 8, 2020

0.4.4

Aug 25, 2020

0.4.3

Jul 7, 2020

0.4.2

Jun 9, 2020

0.4.1

May 21, 2020

0.4.0

Apr 28, 2020

0.3.2

Sep 23, 2019

0.3.1

Sep 23, 2019

0.2

Feb 14, 2018

0.1

May 16, 2017

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

c7n_logexporter-0.4.5-py3-none-any.whl (14.0 kB view hashes)

Uploaded Sep 8, 2020 Python 3

Hashes for c7n_logexporter-0.4.5-py3-none-any.whl

Hashes for c7n_logexporter-0.4.5-py3-none-any.whl
Algorithm	Hash digest
SHA256	`b965b02bad44aadd8ada13bcf0d1e0bfff551156875132893a10bba389ae606f`
MD5	`b8c8d0059b16e027ca8ce3c88e1a860c`
BLAKE2b-256	`d7ba6ead4481c1b386fb91edb37593f84379e506e033121b60a1d8648d3daf0e`