Fred Damstra [afs macbook]
7a08ba10cf
Migrated most variables out of xdr-terraform-live and into xdr-terraform-modules
|
hace 3 años | |
|---|---|---|
| .. | ||
| README.md | hace 3 años | |
| config.tf | hace 3 años | |
| constants.tf | hace 3 años | |
| globals.tf | hace 3 años | |
| hec_moose.tf | hace 3 años | |
| main.tf | hace 3 años | |
| vars.tf | hace 3 años | |
README.md
Moose Cloudwatch Logs
The purpose of this module is to contain all the bits to pull cloudwatch logs into Splunk via the HEC. The module is designed to pull an already existing cloudwatch log group. Before trying to collect a new cloudwatch log group, be sure to create the HEC token first. This module is dependent on ../../thirdparty/terraform-aws-kinesis-firehose-splunk.
This is the flow of the logs: Cloudwatch logs ( gzipped logs ) > Kinesis firehose > Lambda ( to be decompressed ) > Kinesis firehose > Splunk HEC.