Cloud provider log forwarding
powered by Grail
You can configure cloud log forwarding to stream the following log data to Dynatrace using API:
- Amazon Web Services
AWS log forwarding for ingesting your logs from Amazon CloudWatch and AWS S3.
- Microsoft Azure
Stream Azure logs from Azure Event Hubs into Dynatrace logs via an Azure Function App instance.
- Google Cloud Platform
After running the deployment script in Google Cloud Shell, you'll get metrics, logs, dashboards, and alerts for your configured services in Dynatrace.
The DDU consumption model applies to cloud Log Management and Analytics. For details, see DDUs for Log Management and Analytics.
Amazon Web Services
AWS log forwarding allows you to ingest your logs from Amazon CloudWatch and AWS S3.
Log ingestion from Amazon CloudWatch
You can stream logs from Amazon CloudWatch into Dynatrace logs via an ActiveGate.
To enable AWS log forwarding, you need to deploy our special-purpose CloudFormation stack into your AWS account. The stack consists of a Kinesis Firehose instance and a Lambda function. These resources incur AWS costs according to standard AWS billing policy. The same applies to included self-monitoring resources (CloudWatch dashboards and metrics).
|Service name||CloudWatch log forwarding||Log enrichment||Entity linking|
|AWS App Runner||✔️||✔️||✔️|
|AWS CloudTrail 1||✔️||✔️||-|
|Amazon API Gateway||✔️||✔️||-|
|All services that write to CloudWatch||✔️||✔️||-|
AWS CloudTrail log group name is chosen by user. For log enrichment, start the log group name with
For detailed instructions on how to set up AWS log forwarding, see CloudWatch Logs.
Log ingestion from Amazon S3
Note: This service is not officially supported by Dynatrace, but is maintained on a best-effort basis.
You can stream logs from AWS S3 to Dynatrace using a serverless architecture. For detailed instructions on how to set up log ingestion from AWS S3, see Set up AWS S3 log forwarder.
Azure log forwarding allows you to stream Azure logs from Azure Event Hubs into Dynatrace logs via an Azure Function App instance. It supports both Azure resource logs and activity logs.
Azure log forwarding is performed directly through Cluster API. If you don't want to use direct ingest through the Cluster API, you have to use an existing ActiveGate for log ingestion.
The following resources will be created by the Azure logs forwarder deployment script:
- Storage account (
- Storage Account Blob Service (
- Azure App Service plan (
- Azure Function App (
For details about the resources created, see the Azure Resource Manager file on GitHub
For detailed instruction on how to set up Azure log forwarding see, Azure Logs.
Google Cloud Platform
To set up Google Cloud Platform monitoring for metrics and logs, you'll run the deployment script in Google Cloud Shell. During setup, a new Pub/Sub subscription will be created. GKE will run two containers: a metric forwarder and a log forwarder. After installation, you'll get metrics, logs, dashboards, and alerts for your configured services in Dynatrace. Instructions will depend on the location where you want the deployment script to run:
- On a new GKE Autopilot cluster created automatically. recommended
- On an existing GKE standard or GKE Autopilot cluster.
Note: Depending on where you want log ingestion to be performed, you may need additional resources. For example, for Managed deployments, the installation script will create a new container on top of the other containers, if you choose to have the installation script create a dedicated ActiveGate for log ingestion.
For all log ingestion options, see Log ingestion.