Home Contact Us Support

AWS CDK

We've created an AWS CDK stack that will set up a few resources that you can use to try out LogSlash. You can find those resources in our public copper-interface GitHub repository.

Prerequisites

Node.js

Install

Node Package Manager (npm)

Install

Python

Install

AWS Account

Register

AWS CLI

Configure

AWS CDK

Install

Splunk HTTP Event Collector (HEC)

Create

Setup

  1. Clone the LogSlash interface repositories

git clone git@github.com:arctype-dev/copper-interface.git && cd copper-interface

  1. Install the necessary prerequisites and libraries

npm i -g aws-cdk
pip install -r aws_cdk/requirements.txt

  1. Change into the aws_cdk directory

cd aws_cdk

  1. Create an AWS bootstrap stack

cdk bootstrap

  1. Deploy the AWS bootstrap stack

cdk deploy

  1. Update the constant values associated with your team's LogSlash AWS deployment

    1. Log in to your team's AWS console

    2. Navigate to: "Systems Manager" > "Parameter Store"

    3. Select the constant value to be changed

    4. Click Edit

    5. Set "Value" to:

ParameterValue

splunk_host

The Splunk endpoint of your team's Splunk instance (e.g., https://prd-5-f232.splunkcloud.com)

splunk_hec_token

The HEC token for your team's Splunk instance.

copper_api_token

The LogSlash API token for your team.

Usage

  1. Upload log files into your team's LogSlash AWS Simple Storage Service (S3)

    1. Log in to your team's AWS console

    2. Navigate to: "S3"

    3. Select the "copper-logs-bucket" S3 Bucket

    4. Click Upload

    5. Upload the log file(s) you'd like to be processed (note: this file(s) must be in .json, .xml, or .evt)

  2. The LogSlash engine intelligently deduplicates and normalizes this file(s)

  3. The processed files are sent to your team's Splunk HEC endpoint

  4. The uploaded log files are deleted from the S3 Bucket

Removal

  1. Change into the aws_cdk directory

cd aws_cdk

  1. Destroy the AWS bootstrap stack

cdk destroy
PreviousAPINextTerraform

Last updated