Skip to content
Log Forwarding Template in Serverless Framework. To be used with other Serverless projects.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Serverless Log Forwarder Example

This creates a lambda function and a special log group that other serverless functions will make a reference to so that their logs get aggregated in one place.

The sample forwarder only outputs the log but that's where we would create an integration function into something like Splunk, etc.

This project should be deployed first so that the log group ARN is exposed for other serverless functions.

Provider: AWS


With MFA enabled on the AWS account, we need to first grab a temporary session token and use it.

  1. Get an AWS Temporary Session Token:
    aws sts get-session-token --serial-number <MFA ARN> --token-code <MFA AUTH CODE>
  1. Update AWS Credentials and Profile files:

Once you have the output, put it in your credentials file and ensure the named profile file also has the MFA ARN listed.

Example ~/.aws/credentials:

    aws_access_key_id = xxx
    aws_secret_access_key = xxx
    aws_access_key_id = xxx
    aws_secret_access_key = xxx
    aws_session_token = xxx

Example ~/.aws/config:

    [profile TEMPSESSION]
    region = ap-southeast-2
    source_profile = TEMPSESSION
    mfa_serial = <ARN>

Alternatively, you can use pip install awsmfa to handle the MFA for you. Then run awsmfa -i <Profile name with long term access key and secret> e.g:


  aws_access_key_id = xxx
  aws_secret_access_key = xxx
  aws_mfa_device = <ARN>


  [profile LongTerm]
  region = ap-southeast-2
  output = json

This will update the [default] profile with the temporary credentials and then we can use --aws-profile default parameters below.

  1. Run Serverless Deployment
    serverless deploy -v --aws-profile <Profile>

Integration into other Serverless Project

After the logging function has been deployed, we need to take the ARN of the log group from the output and plug it into our other serverless project. Additionally, we need to use the serverless-log-forwarding plugin:

  1. npm install --save-dev serverless-log-forwarding

  2. Modify serverless.yml to have:

  - serverless-log-forwarding

    destinationARN: <forwarding-function-ARN>
    filterPattern: "-\"RequestId: \""

Clean Up

    serverless remove -v --aws-profile <Profile>
You can’t perform that action at this time.