Configure Global Log Receiver

• In the Console home page, select Cloud and Edge Sites service or Shared Configuration service.

• Select Management > Log Management in the primary navigation menu for Cloud and Edge Sites service. If it is Shared Configuration, select Manage > Global Log Receiver.

• Select Global Log Receiver in case of Cloud and Edge Sites service.

• Select Add Global Log Receiver button.

Do the following in the Global Log Receiver section:

• Enter a name in the metadata section. Optionally, set labels and add a description.

• Select Request Logs or Security Events for the Log Type field. The request logs are set by default.

• In case of Cloud and Edge Sites service, select logs from current namespace for the Log Message Selection field. This is also the default option.

• In case of Shared Configuration, you can select one of the following options:

  • Select logs from current namespace - send logs from the shared namespace.
  • Select logs from all namespaces - send logs from all namespaces.
  • Select logs in specific namespaces - send logs from specified namespaces. Enter the namespace name in the displayed namespaces list. Use Add item button to add more than one namespace.

• Select S3 Receiver for the Receiver Configuration box. Configure following for S3 receiver:

  • Enter your AWS S3 bucket name in the S3 Bucket Name field.

  • Select AWS Cloud Credentials box, select a cloud credentials object from the drop-down. Alternatively, you can also use the Create new Cloud Credential button to create new object. For instructions on creating cloud credentials, see Cloud Credentials.

  • Select AWS Region box, select a region from the drop-down. Ensure that you select the same region in which the S3 storage is configured.

Note: Similarly, you can configure receivers for other systems such as HTTP(s) server, Datadog, Splunk, Azure Hub Events, or Azure Blob Storage.

Advanced settings include configuring batch options and TLS. Using batch options, you can apply limits such as maximum number of messages bytes or timeout for a batch of logs to be sent to the receiver.

Select Show Advanced Fields toggle and do the following in the Batch Options section:

• Select Timeout Seconds for the Batch Timeout Options and enter a timeout value in the Timeout Seconds box.
• Select Max Events for the Batch Max Events and enter a value between 32 and 2000 in the Max Eventss box.
• Select Max Bytes for the Batch Bytes and enter a value between 4096 and 1048576 in the Batch Bytes box. Logs will be sent after the batch is size is equal to or more than the specified byte size.

Do the following for TLS section:

• Select Use TLS for the TLS field.
• Select Server CA Certificates for the Trusted CA field. Enter the certificates in PEM or Base64 format in the Server CA Certificates box.
• Select Enable mTLS for mTLS config and enter client certificate in PEM or Base64 format in the Client Certificate box.
  • Select Configure in the Client Private Key field, enter the secret in the box with type selected as Text.
  • Select Blindfold, wait for the operation to complete, and click Apply.

Select Save & Exit to complete creating the global log receiver. Verify that logs are received into your S3 bucket in AWS.