Some AWS services can be configured to ship their logs to an S3 bucket, where can fetch those logs.

You can add your buckets in by providing your S3 credentials and configuration.

Best practices

The S3 API does not allow retrieval of object timestamps, so must collect logs in alphabetical order. Please keep these notes in mind when configuring logging.

  • Make the prefix as specific as possible
    The prefix is the part of your log path that remains constant across all logs. This can include folder structure and the beginning of the filename.

  • The log path after the prefix must come in alphabetical order
    We recommend starting the object name (after the prefix) with the Unix epoch time. The Unix epoch time is always increasing, ensuring we can always fetch your incoming logs.


You’ll need: s3:ListBucket and s3:GetObject permissions for the required S3 bucket

Configure to fetch logs from an S3 bucket
  1. Add the S3 bucket information

    To use the S3 fetcher, fill out the S3 bucket information on the S3 fetcher log shipping page. You must be logged in to

  2. Check for your logs

    Give your logs a few minutes to get from your system to ours, and then open Kibana.

    If you still don’t see your logs, see log shipping troubleshooting.