cloudaustin the twelve clouds of christmas 2015
TRANSCRIPT
![Page 1: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/1.jpg)
AWS Lambda Function– https://github.com/SumoGoodies/Scripts/blob/master/
AWS_CloudWatch_Logs_to_Sumo.js– http://bit.ly/1lNwVHw (Python by David Gadoury)
Configuration – Sumo (source and app)– AWS (Log Group, Enable Log, attach Lambda function)
Demo
The Flow
Sumo Logic Confidential1
![Page 2: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/2.jpg)
Additional Info
Sumo Logic Confidential2
Sign up a Sumo Free for yourselfFreeSumo.com
Check out Sumo’s Docker Log Analyzer– https://www.sumologic.com/application/docker
Monty Yao– [email protected]– @montythereal
David Rogers (sales)– [email protected]
![Page 3: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/3.jpg)
Two Years ago, at this meetup, I showed you
Sumo Logic Confidential3
![Page 4: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/4.jpg)
You can really do that in 5min or less
Sumo Logic Confidential4
Joe Hacker recorded that
http://blog.joehack3r.com/cloudtrail-and-sumologic-getting-started/
![Page 5: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/5.jpg)
In Sumo, configure an HTTP endpoint– Manage->Collections->Collector->Add Source– Key in the VPC flow name and a category– Hit Save (5 clicks + 10-20 key strokes)
Install the Out of the Box VPC Flow app– Library->AWS Apps->VPC Flow App->Install->Pick
SourceCategory->Done. (6 clicks)
1 min (max)
Steps for VPC Flow via Lambda – Sumo Side
Sumo Logic Confidential5
![Page 6: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/6.jpg)
Import Lambda function, and update the URL from Sumo
Create a Cloud Watch Log group
Attached the Lambda function to the Log group
Browse to VPC and enable Log Flow.
2 mins (est)
Setup for VPC Flow via Lambda on AWS
Sumo Logic Confidential6
![Page 7: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/7.jpg)
Validate VPC Flow is logging
Sumo Logic Confidential7
![Page 8: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/8.jpg)
Validate VPC Flow is going to Sumo
Sumo Logic Confidential8
![Page 9: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/9.jpg)
Check out the Sumo VPC Flow app
Sumo Logic Confidential9
![Page 10: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/10.jpg)
Check out the Sumo VPC Flow app
Sumo Logic Confidential10
![Page 11: CloudAustin The Twelve Clouds of Christmas 2015](https://reader036.vdocuments.mx/reader036/viewer/2022062503/58eced6f1a28ab265f8b47cd/html5/thumbnails/11.jpg)
Check out the Sumo VPC Flow app
Sumo Logic Confidential11