What does this AWS Solution do?
The Centralized Logging solution enables organizations to collect, analyze, and display logs on AWS across multiple accounts and AWS Regions. The solution uses Amazon Elasticsearch Service (Amazon ES), a managed service that simplifies the deployment, operation, and scaling of Elasticsearch clusters in the AWS Cloud, as well as Kibana, an analytics and visualization platform that is integrated with Amazon ES. In combination with other AWS managed services, this solution offers customers a customizable, multi-account environment to begin logging and analyzing their AWS environment and applications.
AWS Solution overview
The following diagram demonstrates the architecture on AWS for centralized logging across multiple accounts and AWS Regions. You can automatically deploy using the solutions’ implementation guide accompanying AWS CloudFormation template.

Centralized Logging architecture
The primary template deploys an Amazon ES domain, which is the hardware, software, and data exposed by Amazon ES endpoints. A custom AWS Lambda function is deployed to load log data from Amazon CloudWatch to an Amazon ES domain, configured with a set of default Kibana dashboards as a starting point for data visualization.
A secondary template enables customers to index logs from secondary accounts and regions on the Amazon ES domain in the primary account or region.
A demo template deploys sample logs that customers can use for testing purposes.
Centralized Logging
Version 1.1
Last updated: 06/2020
Author: AWS
Estimated deployment time: 30 min
Features
Centralized logging reference implementation
Optimized Resources for China Customers
Logging capabilities beyond default AWS service logs
Data visualization using built-in Amazon ES support

Browse our portfolio of AWS-built solutions to common architectural problems.

Find AWS certified consulting and technology partners to help you get started.