AWS CDK

We've created an AWS CDK stack that will set up a few resources that you can use to try out LogSlash. You can find those resources in our public copper-interface GitHub repository.

Prerequisites

Setup

  1. Clone the LogSlash interface repositories

git clone git@github.com:arctype-dev/copper-interface.git && cd copper-interface
  1. Install the necessary prerequisites and libraries

npm i -g aws-cdk
pip install -r aws_cdk/requirements.txt
  1. Change into the aws_cdk directory

cd aws_cdk
  1. Create an AWS bootstrap stack

cdk bootstrap
  1. Deploy the AWS bootstrap stack

cdk deploy
  1. Update the constant values associated with your team's LogSlash AWS deployment

    1. Log in to your team's AWS console

    2. Navigate to: "Systems Manager" > "Parameter Store"

    3. Select the constant value to be changed

    4. Click Edit

    5. Set "Value" to:

Usage

  1. Upload log files into your team's LogSlash AWS Simple Storage Service (S3)

    1. Log in to your team's AWS console

    2. Navigate to: "S3"

    3. Select the "copper-logs-bucket" S3 Bucket

    4. Click Upload

    5. Upload the log file(s) you'd like to be processed (note: this file(s) must be in .json, .xml, or .evt)

  2. The LogSlash engine intelligently deduplicates and normalizes this file(s)

  3. The processed files are sent to your team's Splunk HEC endpoint

  4. The uploaded log files are deleted from the S3 Bucket

Removal

  1. Change into the aws_cdk directory

cd aws_cdk
  1. Destroy the AWS bootstrap stack

cdk destroy

Last updated