Login
January 25, 2023|
Voiced by Amazon Polly |
AWS Logging: An Overview
A logging methodology gives you continuous visibility of your resources. It also helps you in designing an incident response strategy. A lot of logging services are available in AWS, but most of us are aware of only the few which are more popular. In this blog, we will explore all those logging services, features, and best practices to be followed for logging in to AWS.
From where can you collect the logs, and what information do they capture?
Below are some services and features available with other services to capture the logs.
1. CloudWatch Logs-
Capture logs from Amazon EC2 instances, AWS CloudTrail, AWS Lambda, and other AWS resources in real-time.
2. CloudTrail-
Captures all the API calls as events.
3. VPC Flow Logs-
Captures information for all the network traffic flowing in and out of an Elastic Network Interface inside a VPC.
4. ALB Access Logs-
Captures information about requests sent to your Application Load Balancer.
5. API Access Logs-
Captures information about requests sent to your API in the API Gateway.
6. S3 Server Access Logs-
Captures information regarding the requests made related to objects within the S3 bucket.
7. WAF access logs-
Captures information about requests coming to WAF (WebACL)
8. CloudFront Access Logs-
Captures information about viewer requests coming to CloudFront distribution.
Where are these options available?
1. CloudWatch Logs-
Install CloudWatch agent in EC2, and create a Trail in CloudTrail, For Lambda (Select Lambda Function-> Configuration tab-> Monitoring and operations tools-> Log and Metrics)
2. CloudTrail-
CloudTrail -> Dashboard -> Create Trail
3. VPC Flow Logs-
VPC -> Select VPC -> below, click the ‘Flow Logs’ tab -> Create Flow Log
4. ALB Access Logs-
EC2 -> Load Balancers -> Click on ALB created -> Attributes tab -> Edit -> Monitoring -> Access Logs
5. API Access Logs-
API Gateway -> Select your API -> Stages -> Select the stage -> Logs/Tracing tab -> check to Enable Access Logging
6. S3 Server Access Logs-
S3 -> select bucket -> Properties tab -> Server Access Logging -> Enable
7. WAF Access Logs-
WAF -> WebACL -> select your WebACL -> Logging and Metrics tab -> Logging -> Enable
8. CloudFront Access Logs-
CloudFront -> Select your distribution -> General tab -> Settings -> Edit -> scroll down and select ‘Standard Logging’ -> on
Logging - Best Practices
Below are some best practices that you can follow for any type of logging.
- Always store all your logs in a centralized, secure repository by provisioning a separate AWS account specially created for logs collection and storage.
- Try to keep the logs for a long-term duration with the help of the S3 Glacier storage class, as you may require these logs for analysis and auditing purposes.
- Try to capture all possible logs that you can, as you never know when you may require them in the future.
Conclusion
Thus, we can conclude that if you want a detect any abnormal activities and respond to them with the help of a well-designed incident response strategy, then Logging will help you a lot. Also, logging will help you in analyzing a lot of things from your AWS environment to improve the performance and security posture of your workload running in AWS Cloud.
About CloudThat
CloudThat is a cloud-agnostic organization. We are AWS Advanced Consulting Partner, Microsoft Gold Partner, and Training partner, Google Cloud Partner, VMware Training Reseller, empowering organizations and professionals with cloud skills. It is our mission to build a robust cloud computing ecosystem by disseminating knowledge on technological intricacies within the cloud space. Our blogs, webinars, case studies, and white papers enable all the stakeholders in the cloud computing sphere.
FAQs
1. What is Logging?
ANS: – To understand what is happening in your environment and respond with some action in case of some abnormal activity or incident, you can use logging. It also helps you to analyze the findings and get insights.
2. Are these logging services free or chargeable?
ANS: – Some are free, and some are chargeable. Also, you must consider the expenses for storing the logs.
WRITTEN BY Abhijit Dilip Powar
PREV
Anush G R
Jan 28, 2023
Good One Abhijit