Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support wildcard for cloudwatch logs input ids #334

Open
dchocoboo opened this issue Apr 14, 2023 · 4 comments
Open

Support wildcard for cloudwatch logs input ids #334

dchocoboo opened this issue Apr 14, 2023 · 4 comments

Comments

@dchocoboo
Copy link

dchocoboo commented Apr 14, 2023

Currently in the inputs i specify in the block

- type: "cloudwatch-logs"
    id: "arn:aws:logs:ap-southeast-1:awsaccountid:log-group:myloggroup:*"
    outputs:
      - type: "elasticsearch"
        args:
          cloud_id: "${elastic_cloud_id}"
          api_key: "${elastic_api_key}"
          es_datastream_name: "logs-generic-default"
          batch_max_actions: 500 # optional: default value is 500
          batch_max_bytes: 10485760 # optional: default value is 10485760

would be nice if the log group can also use wildcard? instead of just log stream.

arn:aws:logs:ap-southeast-1:awsaccountid:log-group:application1-loggroup-*:*
arn:aws:logs:ap-southeast-1:awsaccountid:log-group:application2-loggroup-*:*

currently i have massive amounts of log groups to be ingested, while their outputs are identical.
its really redundant to loop every single one of them

@dchocoboo dchocoboo changed the title Support wildcard ids for cloudwatch logs input Support wildcard for cloudwatch logs input ids Apr 14, 2023
@girodav
Copy link
Contributor

girodav commented Aug 25, 2023

Hey @dchocoboo, apologies for the long delay. I added this to our backlog and let you know :).

@dimuskin
Copy link

dimuskin commented Dec 8, 2023

Hey, this functionality would be very cool, we also have a large number of groups and it is very inconvenient to make a configuration for each.

@LiamStorkey
Copy link

👍🏻
would love this to be available too 🙏🏻

@keiransteele-phocas
Copy link

We were recommended the Serverless Forwarder by Elastic Support to help replace the 50+ integrations we are using in an Elastic Fleet policy to get logs out of Cloudwatch but without wildcards it unfortunately becomes a non-starter. I have been trying to make the DX for getting logs into Elastic from a number of apps and as most remaining logs going into Cloudwatch will be from Lambda's it will degrade the experience to require a config file in S3 to be updated when a simple naming scheme would be better. Hopefully you can give an update if this is being worked on.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants