Skip to main content
Sumo Logic

Collect Streaming Data from AWS Data Types

The Setup Wizard allows you to configure the following Amazon Web Services (AWS) data types with a Hosted Collector:

  • Amazon CloudFront
  • AWS CloudWatch Metrics
  • Amazon S3 Audit
  • AWS CloudTrail
  • AWS Elastic Load Balancing

To collect from AWS Data Types:

  1. Click the button for your AWS data type to configure.
  2. Source Category, which will help you search your logs later, is filled automatically. You can edit the name if you like. This Source Category value is stored in a searchable metadata field called _sourceCategory. See our Best Practices: Good Source Category, Bad Source Category.
  3. Enter the AWS S3 bucket details.
    • For Bucket Name, enter the exact name of your organization's S3 bucket.
    • For Path Expression enter the wildcard pattern that matches the S3 objects you'd like to collect. You can use one wildcard (*) in this string. Recursive path expressions use a single wildcard and do NOT use a leading forward slash. See About Amazon Path Expressions for details.
    • For S3 Region, select the S3 region or keep the default value of Others. The S3 region must match the appropriate S3 bucket created in your Amazon account.
  4. Configure how to grant Sumo access to your AWS S3 bucket. You have two options, Role-based access or Key access. Role-based access is preferred, see how to Grant Sumo Logic access to an AWS Product.
    • For Role-based access enter the Role ARN that was provided by AWS after creating the role. 
      data forwarding Role ARN input blur.png
    • For Key access enter the Access Key ID and Secret Access Key. See AWS Access Key ID and AWS Secret Access Key for details.
  5. Additional configuration is required for the AWS CloudWatch Metrics Source. See Amazon CloudWatch Source for Metrics for details.
  6. Copy and paste the provided Policy document containing your S3 bucket name into the AWS Console.

While the data type is being configured, the Setup Wizard provides a progress bar, and at this point, you can either add more data or go to the Sumo Logic Web Application. If you leave the wizard and go to the Sumo Logic Web Application, a progress bar is displayed in the main navigation bar to let you know when the configuration is finished.

Finish

When the Finish page displays, you can:

  • Add More Data. Click to return to the Setup Wizard to configure more sources.
  • Start Searching My Logs. When your data is ready, to go to the Search page and view the results of the search configured for your file. In a separate search tab, you can view the High Priority Keyword search, which displays results if your data contains "error", "fail", or "exception" keywords.
  • Dashboards. After your search is launched, you will be notified when your Sumo Logic App Dashboards are ready to use. All Dashboards are launched in Live Mode for Setup Wizard users. 
  • You can also watch videos and tutorials to learn how to use Sumo Logic.

Click Go Back to return to the main Setup Wizard screen.

Click Exit Setup Wizard to exit.