Introduction
Terraform Enterprise can forward its logs to Fluent Bit by enabling the log forwarding.
Following the official documentation for enabling the log forwarding, in order to get only the Audit Logs the fluent-bit.conf file needs to be configured accordingly.
Use Case
We want to forward only the audit logs to Amazon CloudWatch using Fluent Bit.
Procedure
The fluent-bit.conf file needs to be configured like this:
[FILTER]
Name rewrite_tag
Match tfe_all
Rule $message ^\[Audit\sLog\]$ tfe_audit true
[OUTPUT]
Name cloudwatch_logs
Match tfe_audit
log_stream_name fluent-bit-cloudwatch
log_group_name hoalt-test
region ap-southeast-1
log_format json/emf
metric_namespace fluent-bit-metrics
metric_dimensions ec2_instance_id,az
auto_create_group false
NOTE: Please pay close attention to how the [FILTER] section needs to be configured and use your own [OUTPUT] section with your own configuration for the desired external destination supported by Terraform.