Add cloudwatchlogs.js for reading generic cloudwatch logs

Author: duchatran

cloudwatchlogs/README.md

@@ -4,6 +4,7 @@ Sumo Logic Functions for AWS CloudWatch Logs
 Files 
 -----
 *	*node.js/cloudwatchlogs.js*:  node.js file to collect data from AWS CWL. Can also be used to collect AWS VPC Flowlogs sent via CWL.
+*	*node.js/cloudwatchlogs_vpc.js*:  node.js file to collect AWS VPC Flowlogs sent via CWL.
 *	*node.js/cloudwatchlogs_lambda.js*:  node.js file to collect AWS Lambda logs via CWL. This version extracts and add a "RequestId" field to each log line to make correlations easier.
 
 Usage

cloudwatchlogs/node.js/cloudwatchlogs_vpc.js

@@ -0,0 +1,52 @@
+///////////////////////////////////////////////////////////////////////////////////////////////////////////
+// Remember to change the hostname and path to match your collection API and specific HTTP-source endpoint
+// See more at: https://service.sumologic.com/help/Default.htm#Collector_Management_API.htm
+///////////////////////////////////////////////////////////////////////////////////////////////////////////
+var sumoEndpoint = 'https://collectors.sumologic.com/receiver/v1/http/<XXX>'
+
+var https = require('https');
+var zlib = require('zlib');
+var url = require('url');
+
+exports.handler = function(event, context) {
+    var urlObject = url.parse(sumoEndpoint);
+	    
+    var options = { 'hostname': urlObject.hostname,
+			'path': urlObject.pathname,
+			'method': 'POST'
+		};
+	var zippedInput = new Buffer(event.awslogs.data, 'base64');
+
+	zlib.gunzip(zippedInput, function(e, buffer) {
+		if (e) { context.fail(e); }       
+
+		var awslogsData = JSON.parse(buffer.toString('ascii'));
+
+		if (awslogsData.messageType === "CONTROL_MESSAGE") {
+			console.log("Control message");
+			context.succeed("Success");
+		}
+
+		var req = https.request(options, function(res) {
+			var body = '';
+			console.log('Status:', res.statusCode);
+			res.setEncoding('utf8');
+			res.on('data', function(chunk) { body += chunk; });
+			res.on('end', function() {
+				console.log('Successfully processed HTTPS response');
+				context.succeed("Success"); });
+		});
+
+		req.on('error', context.fail);
+
+		stream=awslogsData.logStream;
+		group=awslogsData.logGroup;
+		awslogsData.logEvents.forEach(function(val, idx, arr) {
+			val.logStream = stream;
+			val.logGroup = group;
+			req.write(JSON.stringify(val) + '\n');
+			});
+		req.end();
+	});    
+};
+