Amazon API Gateway logs¶
Observe supports ingesting Amazon API Gateway logs via CloudWatch and the Observe Lambda forwarder.
For access logs: create a CloudWatch log group¶
API Gateway access logs use a CloudWatch log group. To create one:
Follow the directions at Create a log group in CloudWatch Logs in the AWS documentation.
Note the ARN for this log group, as you will need it in a later step.
Configure API Gateway for logging¶
Following Setting up CloudWatch logging for a REST API in API Gateway in the AWS documentation, configure logging and grant API Gateway permission to send logs to CloudWatch.
Summary of steps:
To enable API Gateway logging:
In the IAM console, create an API Gateway role with the
In the API Gateway console settings, configure the CloudWatch log role ARN with the ARN of this role.
To configure logging for your API:
In the API Gateway console, navigate to the desired stage of your API and click the Logs/Tracing tab.
In CloudWatch Settings:
Enable the desired CloudWatch logs (execution logs).
In Custom Access Logging:
Enable access logging by providing the log group ARN and the desired log format.
Click Save Changes
See the AWS documentation for further details.
Install the Observe Lambda forwarder¶
If needed, install the Observe Lambda forwarder. If you are already using the Lambda forwarder for another source, you do not need to install it again.
Following the instructions at AWS CloudWatch Logs, create a Lambda subscription filter.
As your API handles requests, API Gateway sends execution and access logs to CloudWatch, and then the Observe Lambda forwarder sends them to Observe.