Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
128088a
DOCS-1710 - AWSO Apps documentation consistency updates for ElastiCac…
amee-sumo Jun 19, 2026
6ac019d
Merge branch 'main' into awso-apps-doc-consistency
sachin-sumologic Jun 23, 2026
22d2bcf
Update elasticache.md
amee-sumo Jun 23, 2026
59855aa
DOCS-1710 - AWSO Apps doc consistency updates for API Gateway and Net…
amee-sumo Jun 24, 2026
7e0fa11
Merge branch 'main' into awso-apps-doc-consistency
amee-sumo Jun 25, 2026
1c69507
DOCS-1710 - AWSO Apps doc consistency updates and fix invalid cid-red…
amee-sumo Jun 25, 2026
17808c7
DOCS-1710 - Minor fixes to API Gateway, ElastiCache, and Lambda docs
amee-sumo Jun 25, 2026
240b5d3
DOCS-1710 - Fix ElastiCache and Lambda docs
amee-sumo Jun 25, 2026
8047ad4
DOCS-1710 - Update cid-redirects and Lambda doc fix
amee-sumo Jun 25, 2026
89ae1ed
Update cid-redirects.json
amee-sumo Jun 25, 2026
37af7e5
Merge branch 'main' into awso-apps-doc-consistency
amee-sumo Jun 25, 2026
0dcc1b0
DOCS-1710 - AWSO Apps doc consistency updates for RDS, SNS, SQS, NLB,…
amee-sumo Jun 26, 2026
fd04d81
DOCS-1710 - AWSO Apps doc consistency updates for ALB and minor fixes…
amee-sumo Jun 26, 2026
2b837a7
DOCS-1710 - Minor fixes to ALB and API Gateway docs
amee-sumo Jun 26, 2026
3a583a0
DOCS-1710 - AWSO Apps doc consistency updates for CLB and DynamoDB
amee-sumo Jun 26, 2026
78c2e17
DOCS-1710 - Fix cross-references in API Gateway, Lambda, Threat Intel…
amee-sumo Jun 26, 2026
a81b168
Merge branch 'main' into awso-apps-doc-consistency
amee-sumo Jun 26, 2026
a6bc29e
Merge branch 'main' into awso-apps-doc-consistency
amee-sumo Jun 26, 2026
91cb680
Merge branch 'awso-apps-doc-consistency' of github.com:SumoLogic/sumo…
amee-sumo Jun 26, 2026
21ccfdb
DOCS-1710 - AWSO Apps doc consistency updates for ECS and AWS API Gat…
amee-sumo Jun 29, 2026
5404383
DOCS-1710 - AWSO Apps doc consistency updates for EC2 CloudWatch Metr…
amee-sumo Jun 29, 2026
a491cc4
moved metrics section
sachin-sumologic Jun 29, 2026
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
460 changes: 250 additions & 210 deletions docs/integrations/amazon-aws/api-gateway.md

Large diffs are not rendered by default.

155 changes: 100 additions & 55 deletions docs/integrations/amazon-aws/application-load-balancer.md

Large diffs are not rendered by default.

131 changes: 88 additions & 43 deletions docs/integrations/amazon-aws/classic-load-balancer.md

Large diffs are not rendered by default.

156 changes: 88 additions & 68 deletions docs/integrations/amazon-aws/dynamodb.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,52 +14,53 @@ Amazon DynamoDB is a fast and flexible NoSQL database service that provides cons

The Sumo app for Amazon DynamoDB uses both logs and metrics to is a unified logs and metrics app that provides operational insights into your DynamoDB. The app includes Dashboards that allow you to monitor key metrics, view the throttle events, errors, and latency, and also help you plan the capacity of your DynamoDB instances.

## Collect Logs and Metrics for the Amazon DynamoDB app
## Log and metric types

### Log and metric types
The Sumo Logic app for AWS DynamoDB uses the following logs and metrics:
* [Amazon DynamoDB CloudTrail Logs](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/logging-using-cloudtrail.html)
* [Amazon DynamoDB CloudWatch Metrics](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/metrics-dimensions.html)

The AWS DynamoDB app uses the following logs and metrics:
### Sample log messages

* [DynamoDB CloudWatch Metrics](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/metrics-dimensions.html)
* [DynamoDB operations using AWS CloudTrail](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/logging-using-cloudtrail.html)

### Sample CloudTrail log message
<details>
<summary>Sample CloudTrail Log Message</summary>

```json
{
"eventVersion":"1.05",
"userIdentity":{
"type":"IAMUser",
"principalId":"AIDAIBF5TU7HNYUE7V676",
"arn":"arn:aws:iam::568388783903:user/ankit",
"accountId":"568388783903",
"accessKeyId":"ASIAI3Q5RU4FIZFHFJZA",
"userName":"ankit",
"sessionContext":{
"attributes":{
"mfaAuthenticated":"false",
"creationDate":"2017-10-10T23:01:45+0000"
}
},
"invokedBy":"signin.amazonaws.com"
},
"eventTime":"2017-10-10T23:01:45+0000",
"eventSource":"dynamodb.amazonaws.com",
"eventName":"DescribeTable",
"awsRegion":"us-east-1",
"sourceIPAddress":"38.99.50.98",
"userAgent":"signin.amazonaws.com",
"requestParameters":{
"tableName":"users3"
},
"responseElements":null,
"requestID":"AIFQQ1I27ASKDSAQ4L9L4DTQPVVV4KQNSO5AEMVJF66Q9ASUAAJG",
"eventID":"f2bec08c-a56a-4f04-be92-0cac7aaabe9b",
"eventType":"AwsApiCall",
"apiVersion":"2012-08-10",
"recipientAccountId":"568388783903"
}
{
"eventVersion":"1.05",
"userIdentity":{
"type":"IAMUser",
"principalId":"AIDAIBF5TU7HNYUE7V676",
"arn":"arn:aws:iam::568388783903:user/ankit",
"accountId":"568388783903",
"accessKeyId":"ASIAI3Q5RU4FIZFHFJZA",
"userName":"ankit",
"sessionContext":{
"attributes":{
"mfaAuthenticated":"false",
"creationDate":"2017-10-10T23:01:45+0000"
}
},
"invokedBy":"signin.amazonaws.com"
},
"eventTime":"2017-10-10T23:01:45+0000",
"eventSource":"dynamodb.amazonaws.com",
"eventName":"DescribeTable",
"awsRegion":"us-east-1",
"sourceIPAddress":"38.99.50.98",
"userAgent":"signin.amazonaws.com",
"requestParameters":{
"tableName":"users3"
},
"responseElements":null,
"requestID":"AIFQQ1I27ASKDSAQ4L9L4DTQPVVV4KQNSO5AEMVJF66Q9ASUAAJG",
"eventID":"f2bec08c-a56a-4f04-be92-0cac7aaabe9b",
"eventType":"AwsApiCall",
"apiVersion":"2012-08-10",
"recipientAccountId":"568388783903"
}
```
</details>

### Sample queries

Expand All @@ -78,37 +79,54 @@ account=dev namespace=aws/dynamodb region=us-east-1 "\"eventSource\":\"dynamodb.
| limit 20
```

### Collect Metrics for Amazon DynamoDB

Sumo Logic supports collecting metrics using two source types:
* Configure an [AWS Kinesis Firehose for Metrics Source](/docs/send-data/hosted-collectors/amazon-aws/aws-kinesis-firehose-metrics-source) (Recommended); or
* Configure an [Amazon CloudWatch Source for Metrics](/docs/send-data/hosted-collectors/amazon-aws/amazon-cloudwatch-source-metrics)

Namespace for **Amazon DynamoDB** Service is **AWS/DynamoDB**.
## Collect logs and metrics for Amazon DynamoDB

* **Metadata**. Add an **account** field to the source and assign it a value that is a friendly name/alias to your AWS account from which you are collecting metrics. Metrics can be queried via the “account field”.
### Configure Hosted Collector

When you create an AWS Source, you'll need to identify the Hosted Collector you want to use or create a new Hosted Collector. Once you create an AWS Source, associate it with a Hosted Collector. For instructions, see [Configure a Hosted Collector and Source](/docs/send-data/hosted-collectors/configure-hosted-collector).

### Collect Amazon DynamoDB CloudTrail Logs
### Collect Amazon DynamoDB CloudWatch metrics

1. To your Hosted Collector, add an [AWS CloudTrail Source](/docs/send-data/hosted-collectors/amazon-aws/aws-cloudtrail-source.md).
* **Name**. Enter a name to display the new Source.
* **Description**. Enter an optional description.
* **S3 Region**. Select the Amazon Region for your **Amazon DynamoDB** S3 bucket.
* **Bucket Name**. Enter the exact name of your **Amazon DynamoDB** S3 bucket.
* **Path Expression**. Enter the string that matches the S3 objects you'd like to collect. You can use a wildcard (`*`) in this string. (DO NOT use a leading forward slash. See [Amazon Path Expressions](/docs/send-data/hosted-collectors/amazon-aws/amazon-path-expressions).) The S3 bucket name is not part of the path. Don’t include the bucket name when you are setting the Path Expression
* **Source Category**. Enter `aws/observability/cloudtrail/logs`
* **Fields**. Add an **account** field and assign it a value that is a friendly name/alias to your AWS account from which you are collecting logs. Logs can be queried via the “account field”.
* **Access Key ID and Secret Access Key**. Enter your Amazon [Access Key ID and Secret Access Key](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSGettingStartedGuide/AWSCredentials.html). Learn how to use Role-based access to AWS [here](/docs/send-data/hosted-collectors/amazon-aws/aws-sources)
* **Log File Discovery -> Scan Interval**. Use the default of 5 minutes. Alternately, enter the frequency. Sumo Logic will scan your S3 bucket for new data. Learn how to configure **Log File Discovery** [here](/docs/send-data/hosted-collectors/amazon-aws/aws-sources).
* **Enable Timestamp Parsing**. Select the **Extract timestamp information from log file entries** check box.
* **Time Zone**. Select **Ignore time zone from the log file and instead use**, and select **UTC** from the dropdown.
* **Timestamp Format.** Select **Automatically detect the format**.
* **Enable Multiline Processing**. Select the **Detect messages spanning multiple lines** check box, and select **Infer Boundaries**.
2. Click **Save**.
Sumo Logic supports collecting metrics using one of the following source types:

* Configure an [AWS Kinesis Firehose for Metrics Source](/docs/send-data/hosted-collectors/amazon-aws/aws-kinesis-firehose-metrics-source) (**recommended**)
* Configure an [Amazon CloudWatch Source for Metrics](/docs/send-data/hosted-collectors/amazon-aws/amazon-cloudwatch-source-metrics)

### Centralized AWS CloudTrail Log Collection
:::note
Namespace for **Amazon DynamoDB** service is **AWS/DynamoDB**.
:::

Follow the steps below to add custom metadata [fields](/docs/manage/fields) with your metrics:
1. Click **+Add Field** under **Metadata**. Each field consists of a name (key) and a corresponding value.
1. Create a field named `account` and assign it a value that represents a friendly name or alias to your AWS account from which metrics are collected. This value will appear in the [AWS Observability view](/docs/dashboards/explore-view/#aws-observability), and metrics can be queried using the `account` field.<br/><img src={useBaseUrl('https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/AWS-Lambda/Metadata.png')} alt="Metadata" style={{border: '1px solid gray'}} width="500" />
1. After adding fields, check their status indicators:
* <img src={useBaseUrl('img/reuse/green-check-circle.png')} alt="Green check circle" width="20"/> A green check mark indicates the field exists and is enabled in the Fields table schema.
* <img src={useBaseUrl('img/reuse/orange-exclamation-point.png')} alt="Orange exclamation point" width="20"/> An orange exclamation icon indicates the field does not exist or is disabled in the schema.
* You will have the option to automatically add or enable the field.
* If a field is sent but not present or enabled in the schema, it is ignored and marked as **Dropped**.

### Collect Amazon DynamoDB CloudTrail logs

1. [Grant Sumo Logic access](/docs/send-data/hosted-collectors/amazon-aws/grant-access-aws-product) to an Amazon S3 bucket.
2. [Create a trail for your AWS account](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-create-and-update-a-trail.html).
3. Confirm that logs are being delivered to the Amazon S3 bucket.

:::note
Namespace for **Amazon DynamoDB** service is **AWS/DynamoDB**.
:::

Follow the steps below to collect logs for Amazon DynamoDB:
1. Configure a [CloudTrail Logs Source](/docs/send-data/hosted-collectors/amazon-aws/aws-cloudtrail-source/).
1. Add custom metadata [fields](/docs/manage/fields) with your logs:
1. Click **+Add Field** under **Metadata**. Each field consists of a name (key) and a corresponding value.
1. Create a field named `account` and assign it a value that represents a friendly name or alias to your AWS account from which logs are collected. This value will appear in the [AWS Observability view](/docs/dashboards/explore-view/#aws-observability), and logs can be queried using the `account` field.<br/><img src={useBaseUrl('https://sumologic-app-data-v2.s3.amazonaws.com/dashboards/AWS-Lambda/Metadata.png')} alt="Metadata" style={{border: '1px solid gray'}} width="500" />
1. After adding fields, check their status indicators:
* <img src={useBaseUrl('img/reuse/green-check-circle.png')} alt="Green check circle" width="20"/> A green check mark indicates the field exists and is enabled in the Fields table schema.
* <img src={useBaseUrl('img/reuse/orange-exclamation-point.png')} alt="Orange exclamation point" width="20"/> An orange exclamation icon indicates the field does not exist or is disabled in the schema.
* You will have the option to automatically add or enable the field.
* If a field is sent but not present or enabled in the schema, it is ignored and marked as **Dropped**.

### Centralized AWS CloudTrail log collection

In case you have a centralized collection of CloudTraillogs and are ingesting them from all accounts into a single Sumo Logic CloudTraillog source, create following Field Extraction Rule to map proper AWS account(s) friendly name/alias. Create it if not already present / update it as required.
```sql
Expand All @@ -118,7 +136,7 @@ Scope (Specific Data):
_sourceCategory=aws/observability/cloudtrail/logs
```

**Parse Expression**
#### Parse Expression

Enter a parse expression to create an “account” field that maps to the alias you set for each sub-account. For example, if you used the `“dev”` alias for an AWS account with ID `"528560886094"` and the `“prod”` alias for an AWS account with ID `"567680881046"`, your parse expression would look like this:
```sumo
Expand All @@ -138,15 +156,17 @@ import AppInstall from '../../reuse/apps/app-install-v2.md';

<AppInstall/>

As part of the app installation process, the following fields will be created by default:
As part of the app installation process, the following **content** will be created by default along with dashboards and monitor template:

#### Fields

- `account` Name / alias to the AWS account.
- `accountid` AWS account id.
- `region` The region to which the resource name belongs to.
- `namespace` Namespace for Amazon DynamoDB Service is AWS/DynamoDB.
- `tablename` DynamoDB table name.

### Field Extraction Rule(s)
#### Field Extraction Rule(s)

The FER **AwsObservabilityDynamoDBCloudTrailLogsFER** to extract fields `region`, `namespace`, `tablename`, and `accountid` will be created as a part of app installation.

Expand Down
Loading