This lambda function indexes files dumpled periodically on S3 to AWS Elasticsearch (or self hosted). It uses the bulk API to index. See below for the log format.
Deploying this stack will create a new lambda function, triggers and alarm (to alert if the function errors out).
- AWS CLI (preferably v2)
- Serverless framework
- AWS Account with -
- S3 bucket to use for serverless framework's artifacts
- S3 bucket where the logs (in json format) are dumped periodically.
- Log format -
- Valid json string on each new line
- S3 path -
s3://bucket/service/date/logfile-sequence.log - A new index is created daily during ingestion. Index name pattern is
service-date. Example -httpd-2020.01.01
-
Create and activate virtual environment
$ python3 -m venv env $ source env/bin/activate -
Install dependencies
(env) $ pip3 install -r requirements.txt -
Format, lint, run tests, check coverage reports etc.
(env) $ black src/*.py (env) $ flake8 (env) $ pytest (env) $ coverage run -m pytest (env) $ coverage html -
Modify configs as per your environment - ES base url, account number etc.
-
Export the AWS credentials as environment variables. Either access/secret keys or the aws cli profile
-
Deploy/Update the service to AWS
sls deploy
- Remove the service
sls remove