Create an index for each Cloudwatch logstream

  1. Go to the AWS Lambda function and search your ElasticSearch lambda function associated with your wanted ES instance. The name of the function should start with: LogsToElasticsearch_
  2. Then in this JS file search for a code of line that generated the logging entry to be pushed to an ES index. This should be in a function named as: function transform(payload) {…}
  3. In here search for the line that created the index: var indexName = [ … ]
  4. Change it to the following(NOTICE: The index name must be in lower case):
    var indexName = [
    ‘cwl-‘ + payload.logStream.toLowerCase() + “-” + timestamp.getUTCFullYear(), // year
    (‘0’ + (timestamp.getUTCMonth() + 1)).slice(-2), // month
    (‘0’ + timestamp.getUTCDate()).slice(-2) // day
    ].join(‘.’)
Advertisements