How to get only the Audit Logs from Terraform Enterprise through Fluent Bit – HashiCorp Help Center

Introduction
Terraform Enterprise can forward its logs to Fluent Bit by enabling the log forwarding.
Following the official documentation for enabling the log forwarding, in order to get only the Audit Logs the fluent-bit.conf file needs to be configured accordingly.

Use Case
We want to forward only the audit logs to Amazon CloudWatch using Fluent Bit.

Procedure

The fluent-bit.conf file needs to be configured like this:

[FILTER]
    Name  rewrite_tag
    Match  tfe_all
    Rule  $message ^\[Audit\sLog\]$ tfe_audit true

[OUTPUT]
    Name cloudwatch_logs
    Match tfe_audit
    log_stream_name fluent-bit-cloudwatch
    log_group_name hoalt-test
    region ap-southeast-1
    log_format json/emf
    metric_namespace fluent-bit-metrics
    metric_dimensions ec2_instance_id,az
    auto_create_group false

NOTE: Please pay close attention to how the [FILTER] section needs to be configured and use your own [OUTPUT] section with your own configuration for the desired external destination supported by Terraform.

Additional Information

IntroductionTerraform Enterprise can forward its logs to Fluent Bit by enabling the log forwarding. Following the official documentation for enabling the log forwarding, in order to get only the Audit Logs the fluent-bit.conf file needs to be configured accordingly.

Use CaseWe want to forward only the audit logs to Amazon CloudWatch using Fluent Bit.

Procedure

Additional Information

Articles in this section

Related articles

Introduction
Terraform Enterprise can forward its logs to Fluent Bit by enabling the log forwarding.
Following the official documentation for enabling the log forwarding, in order to get only the Audit Logs the fluent-bit.conf file needs to be configured accordingly.

Use Case
We want to forward only the audit logs to Amazon CloudWatch using Fluent Bit.