@twec/serverless-es-logs

serverless-es-logs

A Serverless plugin for transporting Cloudwatch log groups within your CloudFormation stack into Elasticsearch.

Table of Contents

• Installation
• Usage

Installation

Install the plugin in your project:

$ yarn add serverless-es-logs --dev
$ npm install serverless-es-logs --save-dev

Add the plugin to your serverless.yml:

plugins:
  - serverless-es-logs

Usage

Define your configuration using the custom configuration option in serverless.yml:

custom:
  esLogs:
    endpoint: some-elasticsearch-endpoint.us-east-1.es.amazonaws.com
    index: some-index

Your logs will now be transported to the specified elasticsearch instance using the provided index.

Options

endpoint

(Required) The endpoint of the Elasticsearch instance the logs should be transported to.

custom:
  esLogs:
    endpoint: some-elasticsearch-endpoint.us-east-1.es.amazonaws.com

filterPattern

(Optional) The filter pattern that the Cloudwatch subscription should use for your lambda functions. Default is [timestamp=*Z, request_id="*-*", event]. See Cloudwatch filter pattern syntax for more info.

custom:
  esLogs:
    filterPattern: '[timestamp=*Z, request_id="*-*", event]'

includeApiGWLogs

(Optional) An option to be used in conjunction with the serverless-aws-alias plugin. This will capture logs created by API Gateway and transport them to Elasticsearch.

custom:
  esLogs:
    includeApiGWLogs: true

index

(Required) The Elasticsearch index that should be applied to the logs.

custom:
  esLogs:
    index: some-index

retentionInDays

(Optional) The number of days that Cloudwatch logs should persist. Default is to never expire.

custom:
  esLogs:
    retentionInDays: 7