This integration will send your AWS Fargate to using FireLens.


Build the task execution role

Create a new role in the IAM console.

Make sure AWS service is selected at the top of the page. In the Choose a use case section, click Elastic Container Service, and then scroll to the bottom of the page and click Elastic Container Service Task.

Click Next: Permissions to continue.

Select AmazonECSTaskExecutionRolePolicy.

Click Next: Tags and then Next: Review

Set Role name to “logzioEcsTaskExecutionRole”, and click Create role to save.

Click the newly created role to go to its Summary page. Copy the Role ARN (at the top of the page) to your text editor so you can paste it in the deployment JSON.

Create a Fluent Bit task definition

In the ECS console Task Definitions page, click Create new Task Definition.

Choose Fargate, and click Next step to continue.

Scroll to the Volumes section (near the bottom of the page) and click Configure via JSON.

Replace the default JSON with this code block.

You’ll need to replace the values in between angle brackets (<< >>) using the parameters below the code block. 👇

When you’re done, click Save, and then click Create.

  "family": "logzio-fargate-task",
  "requiresCompatibilities": [ "FARGATE" ],
  "containerDefinitions": [
      "name": "logzio-log-router",
      "image": "amazon/aws-for-fluent-bit:latest",
      "essential": true,
      "firelensConfiguration": {
        "type": "fluentbit",
        "options": { "enable-ecs-log-metadata": "true" }
      "logConfiguration": {
        "logDriver": "awslogs",
        "options": {
          "awslogs-group": "/aws/ecs/logzio-fargate-logs",
          "awslogs-region": "<<AWS-REGION>>",
          "awslogs-stream-prefix": "aws/ecs"
      "name": "app",
      "essential": true,
      "image": "<<YOUR-APP-IMAGE>>",
      "logConfiguration": {
        "logDriver": "awsfirelens",
        "options": {
          "Name": "Http",
          "Host": "<<LISTENER-HOST>>",
          "URI": "/?token=<<SHIPPING-TOKEN>>&type=fargate",
          "Port": "8071",
          "tls": "on",
          "tls.verify": "off",
          "Format": "json_lines"
  "cpu": "256",
  "executionRoleArn": "arn:aws:iam::<<AWS-ACCOUNT-ID>>:role/logzioEcsTaskExecutionRole",
  "memory": "512",
  "volumes": [ ],
  "placementConstraints": [ ],
  "networkMode": "awsvpc",
  "tags": [ ]
Parameters in “logzio-log-router”
Parameter Description
logConfiguration.options.awslogs-group In the CloudWatch left menu, select Logs > Log groups, and then click Actions > Create log group. Give the Log Group Name “/aws/ecs/logzio-fargate-logs”.
logConfiguration.options.awslogs-region The AWS region of your cluster.
Parameters in “app”
Parameter Description
image Replace <<YOUR-APP-IMAGE>> with the name of the image you want to ship logs from.
logConfiguration.options.Host Replace <<LISTENER-HOST>> with with the listener URL of the account you want to ship to. For more information on finding your account’s region, see Account region.
logConfiguration.options.URI Replace <<SHIPPING-TOKEN>> with the token of the account you want to ship to.
Remaining parameters
Parameter Description
executionRoleArn Replace <<AWS-ACCOUNT-ID>> with your AWS account Id.
Run the task on your cluster

Go back to your new task’s definition page, and click Actions > Run Task.

Click Switch to launch type, and fill in these details:

  • For Launch Type, choose FARGATE.
  • For Cluster, choose your cluster.
  • For Subnets, choose a subnet from your cluster.

Click Run task.

The logs created by the Fluent Bit shipper are in Cloudwatch under the /aws/ecs/logzio-fargate-logs log group.

Check for your logs

Give your logs some time to get from your system to ours, and then open Kibana.

You’ll be able to find these logs by searching for type:"fargate".