Amazon S3
To add an Amazon S3 destination to Axoflow, complete the following steps.
Prerequisites
-
An existing S3 bucket configured for programmatic access, and the related
ACCESS_KEY
andSECRET_KEY
of a user that can access it. The user needs to have the following permissions:kms:Decrypt
kms:Encrypt
kms:GenerateDataKey
s3:ListBucket
s3:ListBucketMultipartUploads
s3:AbortMultipartUpload
s3:ListMultipartUploadParts
s3:PutObject
-
To configure Axoflow, you’ll need the bucket name, region (or URL), access key, and the secret key of the bucket.
Steps
-
Create a new destination.
- Open the Axoflow Console.
- Select Topology.
- Select + > Destination.
-
Configure the destination.
-
Select Amazon S3.
-
Enter a name for the destination.
-
Enter the name of the bucket you want to use.
-
Enter the region code of the bucket into the Region field (for example,
us-east-1
.), or select the Use custom endpoint URL option, and enter the URL of the endpoint into the URL field. -
Enter the Access key and the Secret key for the account you want to use.
-
Enter the Object key (or key name), which uniquely identifies the object in an Amazon S3 bucket, for example:
my-logs/${HOSTNAME}/
.You can use AxoSyslog macros in this field.
- Select the Object key timestamp format you want to use, or select Use custom object key timestamp and enter a custom template. For details on the available date-related macros, see the AxoSyslog documentation.
- Set the maximal size of the S3 object. If an object reaches this size, Axoflow appends an index ("-1", “-2”, …) to the end of the object key and starts a new object after rotation.
- Select Create.
-
-
Create a flow to connect the new destination to an AxoRouter instance.
-
Select Flows.
-
Select Create New Flow.
-
Enter a name for the flow, for example,
my-test-flow
. -
In the Router Selector field, enter an expression that matches the router(s) you want to apply the flow. To select a specific router, use a name selector, for example,
name = my-axorouter-hostname
. -
Select the Destination where you want to send your data. If you don’t have any destination configured, see Destinations.
-
(Optional) To process the data transferred in the flow, select Add New Processing Step. For details, see Processing steps. For example:
- Add a Reduce step to automatically remove redundant and empty fields from your data.
- To select which messages are processed by the flow, add a Select Messages step, and enter a filter into the Query field. For example, to select only the messages received from Fortinet Fortigate firewalls, use the
meta.vendor = fortinet + meta.product = fortigate
query. - Save the processing steps.
-
Select Create.
-
The new flow appears in the Flows list.
-