Amazon CloudFront is a content delivery network operated by Amazon Web Services. When you set Layerlog to fetch CloudFront logs, Layerlog will periodically read logs from the configured S3 bucket.

When you set Layerlog to fetch CloudFront logs, Layerlog will periodically read logs from the configured S3 bucket. CloudFront logs are useful for auditing/security monitoring and business intelligence.

This CloudFront integration is specifically designed to work with the destination bucket to which CloudFront writes its logs.

It is based on CloudFront’s naming convention and path structure.

If you’re looking to ship CloudFront logs from a different bucket, please use the S3 Bucket shipping method instead.

Configuration

Before you begin, you’ll need:

  • s3:ListBucket and s3:GetObject permissions for the required S3 bucket

  • File names in ascending alphanumeric order. This is important because the S3 fetcher’s offset is determined by the name of the last file fetched. We recommend using standard AWS naming conventions to determine the file name ordering and to avoid log duplication.

Send your logs to an S3 bucket

Layerlog fetches your CloudFront logs from an S3 bucket. CloudFront access logs are not enabled by default, so you’ll need to set this up.

For help with this, see Configuring and Using CloudFront Access Logs from AWS.

Add a new S3 bucket using the dedicated Layerlog configuration wizard

Log into the app to use the dedicated Layerlog configuration wizard and add a new S3 bucket.

  1. Click + Add a bucket
  2. Select your preferred method of authentication - an IAM role or access keys.

The configuration wizard will open.

  1. Select the hosting region from the dropdown list.
  2. Provide the S3 bucket name
  3. Optional You have the option to add a prefix.
  4. Save your information.

S3 bucket IAM authentication wizard S3 bucket keyaccess authentication wizard

Layerlog fetches logs that are generated after configuring an S3 bucket. Layerlog cannot fetch old logs retroactively.

Check Layerlog for your logs

Give your logs some time to get from your system to ours, and then open Kibana.

If you still don’t see your logs, see log shipping troubleshooting.