Centralize Logging Multi-AWS Account 

@zamirajaupaj About me Solution Architect AWS User Group Organizer AI & Serverless Lover AWS Customer since 2015 

Why logs Cross Account Solutions Data Processing (Stream) Demo Agenda 

Do I Have a logs? 

Let’s log everything 

Data overload 

Problem with Logs 

How we can mange all Accounts? 

Cross-Account Solution 

Stream Log Cross AWS Accounts CENTRAL LOGGING ACCOUNT Customer A Customer B Customer Z 

Network logs Flow Logs Infrastrutture logs CloudTrail Amazon S3 ELB/ALB Lambda Kinesis Host based logs Application Logs Windows Events Logs Database Logs Security Logs Third party logs …. What kind of logs you are collecting? 

Collect Logs in Source Account Source Amazon EC2 Amazon RDS Amazon ElastiCache Amazon DocumentDB AWS Lambda Amazon API Gateway AWS IoT Amazon CloudWatch SERVICE IAM ROLE CROSS-ROLE IAM CLOUDWATCH SUBSRIPTION IAM Role 

Stream Log Cross-Accounts Account A Account B Account Z CloudWatch Subscription Data Stream Firehose Transformation Storage in s3 Central Account ES 

Real-time analytics in Central log Account Data Stream Kinesis Data Analytics: Time window aggregation Kinesis Data Firehose: Error stream S3: Error records Record from Source Account Lambda: Alert function DynamoDB SNS: Notifications Log Destination 

Fully Serverless Architetture No server or container management Flexible scaling $ No idle capacity High availability 

Central Logging Service 

IDEs Languages AWS Cloud9 AWS Toolkit for PyCharm AWS Toolkit for IntelliJ AWS Toolkit for VS Code AWS Nested apps Websocket support for API Gateway ALB support for Lambda Programming Model AWS Lambda layers Workflows Step Functions API Connectors Amazon Managed Streaming for Kafka Build increasingly powerful applications,faster 

BUSINESS LOGIC LIB A LIB B BUSINESS LOGIC LIB A LIB B BUSINESS LOGIC LIB A LIB B BUSINESS LOGIC LIB A LIB B Before BUSINESS LOGIC BUSINESS LOGIC BUSINESS LOGIC BUSINESS LOGIC LIB A LIB B After Programming Model Lambda Layers Extend the Lambda execution environment with any binaries, dependencies, or runtimes 

Streaming with Amazon Kinesis Collect, process, and analyze video and data streams in realtime Kinesis Data Firehose SQL Kinesis Data Analytics Kinesis Data Streams Kinesis Video Streams 

Streaming dataingestion Amazon S3: Buffered files Kinesis Agent Record producers Amazon Redshift: Table loads Amazon Elasticsearch Service: Domain loads Amazon S3: Source record backup Transformed records Put Records Kinesis Firehose: Delivery stream AWS Lambda: Transformations & enrichment Amazon DynamoDB: Lookup tables Raw Lookup Transformed 

Kinesis Bestpractices Tune Firehose buffer size and buffer interval • Larger objects = fewer Lambda invocations & Amazon S3 PUTs Enable compression to reduce storage costs Enable Parquet format transformation (columnar) Enable Encryption with KMS Enable Source Record Backup for transformations • Recover from transformation errors 

CloudWatch VPC log Infrastrutture log Application log Alarms CloudWatch Metrics Event based Rules 

CloudTrail Benefits • Reduce the risck for a long tampering • Combination with Amazon s3 Enable CloudTrail Cross-Regions Enable log file Validation Encrypted with KMS Integration with CloudWatch 

Elasticsearch ElasticSearch Log Analytics Infrastrutture Monitoring Full Text Search 

Benefits of Amazon ElastiSearch Service Highly Scalable Secure Easy to use Highly Available Support open Source API Integrated with other AWS Services Use Case • Troubleshooting • Root cause analysis • Application performance management • Security intelligence • Applicating trucking • Business analytics 

Data Processing in Real-Time 

Processing real-time streaming data Data Source Ingest Analyse Query Customer Data Source Ingest Analyse Query Customer Data Source Ingest Analyse Query Customer 

Processing real-time streaming data Query Customer Analyse Data Source Ingest Data Source Ingest Data Source Ingest Query Customer Query Customer 

Real-time analytics Data Stream Kinesis Data Analytics: Time window aggregation Kinesis Data Firehose: Error stream S3: Error records Record producers Lambda: Alert function DynamoDB SNS: Notifications 



Thank you! Zamira Jaupaj Solution Architect AWS @zamirajaupaj