By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to deliver DNS log from Route 53 to on-premises ELK

0

Hi guys! I receive a requirement that needs to deliver public DNS query log from Route 53 to their existing ELK (Elasticsearch, Logstash, Kibana) located in on-premises. Although I recommended that they use CloudWatch Log, OpenSearch in AWS but they insist on leveraging their existing ELK, so I have to find solution to meet this requirement. If you know the answer, please help me. Thanks!

Topics
Management & GovernanceServerlessAnalyticsNetworking & Content Delivery
Tags
Amazon CloudWatchAmazon OpenSearch ServiceAmazon Route 53
Language
English
Steven
asked a year ago314 views
1 Answer
0
Accepted Answer

You could configure your Route53 logs to be sent to a Kinesis Data Firehose delivery stream, with the destination of the stream set to your ELK setup. Since you have an on-prem ELK, you would have to use an HTTP endpoint to receive this data - https://docs.aws.amazon.com/firehose/latest/dev/create-destination.html#create-destination-http

Chamal
answered a year ago
  • Steven
    a year ago

    thank you so much

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content