Start TrialStart Free TrialStart Free TrialBook Your DemoSign In


Ship logs from CloudFront to logstash

Send Your DataLogsAWSCloudFront Guide

Follow this step by step guide to get 'logs' from your system to

Step 1 - Confirm S3 Bucket

Ensure your logs are being sent to an S3 bucket. The following guide from Amazon will help you achieve this if you are not doing so already:

Cloudwatch to s3

Step 2 - Ensure Adequate Bucket Permissions

The following permissions applied to the AWS IAM Policy being used:

  • s3:ListBucket to check if the S3 bucket exists and list objects in it.
  • s3:GetObject to check object metadata and download objects from S3 buckets.

Below is how your permissions should appear:

    "Version": "2012-10-17",
    "Statement": [
            "Sid": "SidID",
            "Effect": "Allow",
            "Action": [
            "Resource": [

Step 3 - Start Sending Logs to a Stack

To start sending logs from CloudFront to your stack you need to setup and apply an AWS input on an available stack. will verify your input before it is applied. This should be actioned in less than 24 hours, we will contact you to verify.


Step 4 - Check for your logs

Now you should view your data:

Launch Dashboard

If you don't see logs take a look at How to diagnose no data in Stack below for how to diagnose common issues.

Step 5 - Cloudfront Logging Overview

Amazon CloudFront is a popular content delivery network (CDN) that speeds up the load times of site content including video, .html, .css, & image files, for your site’s visitors by offering low latency & incredibly fast transfer speeds.

The platform delivers your style files & imagery through Amazon’s worldwide network of data centers. CloudFront is often used alongside AWS (Amazon Web Services) Shield to reduce the likelihood of DDoS attacks.

CloudFront can create log files for internal analysis within an AWS based logger but this may fall short as the CDN can produce logs faster than a rudimentary logging system can process and parse.

To solve this problem, CloudFront CDN can be configured to export access logs to a hosted Logstash service (like for improved analysis. These logs can then be used to explore users’ behaviour across web properties served by CloudFront side-by-side with the rest of your infrastructure.

As well as Cloudfront’s access logs,’s centralised log management platform allows you to view RTMP & web distribution Logs.

Bringing together all of your AWS, Google Cloud Platform, Ubuntu & IIS logs makes ongoing monitoring, alerting & managing your services a breeze thanks to our centralised monitoring platform.

If you need any assistance with analysing or viewing your cloudfront logs we're here to help. Feel free to reach out by contacting the support team via live chat & we'll be happy to help you get started.

Return to Search
Sign Up

© 2023 Ltd, All rights reserved.