This article is to introduce how to send CloudWatch log event from Lambda function to a specific log stream.
A log event is a record of some activity recorded by the application or resource being monitored.
A log stream is a sequence of log events that share the same source.
A log group is a groups of log streams that share the same retention, monitoring, and access control settings.
CloudWatch : Create log group and log stream
First we create a log group named: test/log/group
Once the log group created, keep its ARN handy, we will need it soon.
Now click “Create log stream” to create a log steam named: test/log/stream
Lambda : Create function
Then we go to Lambda service console to create a function, which will send log event to the log stream we just created.
Lets name this function “log_event_to_cloud_watch”
As for permissions, we leave it as default : “Create a new role with basic Lambda permissions”.
Once the function is created, go to “Configuration” -> “Permissions”, we can see a role is created.
Click the role, it will direct us to the IAM management console for this role.
IAM : Add permission to Lambda function
There should be only one policy “AWSLambdaBasicExecutionRole” attached to this role, click the policy to edit it.
Select JSON tab.
Paste our log group ARN to “Resource” object.
Note we also add one more action “logs:DescribeLogStreams” into “Action” object, because our Lambda function also calls this API to get the sequenceToken for “PutLogEvents”.
Lambda : execute function
In our Lambda function, we will call “putLogEvents” API to write the message to CloudWatch “test/log/stream”.
The request parameter “sequenceToken” is not needed when we write to the log stream for the first time, but it is mandatory for all the subsequent requests.
After executing the function, we will see our log events are populated in the specified CloudWatch log stream successfully.
Next, we can send log events to Kinesis stream in a real-time manner.