Terraform Enterprise can forward its logs to Fluent Bit by enabling the log forwarding.
Following the official documentation for enabling the log forwarding, in order to get only the Audit Logs the fluent-bit.conf file needs to be configured accordingly.
We want to forward only the audit logs to Amazon CloudWatch using Fluent Bit.
The fluent-bit.conf file needs to be configured like this:
[FILTER] Name rewrite_tag Match tfe_all Rule $message ^\[Audit\sLog\]$ tfe_audit true [OUTPUT] Name cloudwatch_logs Match tfe_audit log_stream_name fluent-bit-cloudwatch log_group_name hoalt-test region ap-southeast-1 log_format json/emf metric_namespace fluent-bit-metrics metric_dimensions ec2_instance_id,az auto_create_group false
NOTE: Please pay close attention to how the [FILTER] section needs to be configured and use your own [OUTPUT] section with your own configuration for the desired external destination supported by Terraform.