AWS CoudTrail Log Collection via SNS Trigger

Coralogix provides a predefined Lambda function to easily forward your CloudTrail logs through SNS to the Coralogix platform. For easy setup, use our app in the AWS serverless application repository.

Prerequisites

Active CloudTrail account
Ready-made SNS topic with permissions SNS:Publish to the bucket
Ready-made CloudTrail S3 bucket with configured event notifications to the above SNS topic
AWS permissions to create Lambdas and IAM roles

Installation

STEP 1. Navigate to the application page and search for Coralogix-CloudTrail-via-SNS.

STEP 2. Fill in the required parameters.

STEP 3. Click Deploy.

Parameters

Parameter	Description
Application Name	Stack name of the application created via AWS CloudFormation
ApplicationName	Application name as it will be seen in your Coralogix UI
SubsystemName	Subsystem name as it will appear in your Coralogix UI
NotificationEmail	A notification email will be sent to this address via SNS if the Lambda fails. Requires you have a working SNS with a validated domain
S3BucketName	Name of the S3 bucket with CloudTrail logs to watch. Must be in the same region as the stack that you create
SNSTopicARN	ARN of the SNS topic. Must be in the same region as the S3 bucket
CoralogixRegion	Region associated with your Coralogix domain
FunctionArchitecture	Lambda function architecture. Possible options: x86_64, arm64
FunctionMemorySize	Maximum allocated memory this Lambda may consume. Do not change default, which is set to 1024.
FunctionTimeout	Maximum time (seconds) that the function may be allowed to run. Do not change default, which is set to 300.
PrivateKey	Coralogix Send-Your-Data API Key