Start your 14-day free trial today

No Credit Card Required

Try Free

Already have an account? Sign In

Send data via CloudFront to your Logstash instance provided by


Ship logs from CloudFront to logstash

Step 1 - Confirm S3 BucketCopy

Ensure your logs are being sent to an S3 bucket. The following guide from Amazon will help you achieve this if you are not doing so already:

Cloudwatch to s3

Step 2 - Ensure Adequate Bucket PermissionsCopy

The following permissions applied to the AWS IAM Policy being used:

  • s3:ListBucket to check if the S3 bucket exists and list objects in it.
  • s3:GetObject to check object metadata and download objects from S3 buckets.

Below is how your permissions should appear:

    "Version": "2012-10-17",
    "Statement": [
            "Sid": "SidID",
            "Effect": "Allow",
            "Action": [
            "Resource": [

Step 3 - Start Sending Logs to a StackCopy

To start sending logs from CloudFront to your stack you need to setup and apply an AWS input on an available stack. will verify your input before it is applied. This should be actioned in less than 24 hours, we will contact you to verify.


Step 4 - Cloudfront Logging OverviewCopy

Amazon CloudFront is a popular content delivery network (CDN) that speeds up the load times of site content including video, .html, .css, & image files, for your site’s visitors by offering low latency & incredibly fast transfer speeds.

The platform delivers your style files & imagery through Amazon’s worldwide network of data centers. CloudFront is often used alongside AWS (Amazon Web Services) Shield to reduce the likelihood of DDoS attacks.

CloudFront can create log files for internal analysis within an AWS based logger but this may fall short as the CDN can produce logs faster than a rudimentary logging system can process and parse.

To solve this problem, CloudFront CDN can be configured to export access logs to a hosted Logstash service (like for improved analysis. These logs can then be used to explore users’ behaviour across web properties served by CloudFront side-by-side with the rest of your infrastructure.

As well as Cloudfront’s access logs,’s centralised log management platform allows you to view RTMP & web distribution Logs.

Bringing together all of your AWS, Google Cloud Platform, Ubuntu & IIS logs makes ongoing monitoring, alerting & managing your services a breeze thanks to our centralised monitoring platform.

If you need any assistance with analysing or viewing your cloudfront logs we're here to help. Feel free to reach out by contacting the support team via live chat & we'll be happy to help you get started.

Toggle View

Expand View

Return to Search

© 2023 Ltd, All rights reserved.