AppSync Lambda logging

Deploy the FireTail AppSync Lambda integration using AWS CloudFormation and enable CloudWatch logging for AppSync APIs. Once configured, your AppSync API will forward log data to the FireTail platform for monitoring and analysis.

Create the Integration in FireTail

1. ‍Navigate to Integrations in the FireTail platform.
2. Select the FireTail AppSync Lambda integration.
3. Enter a Name for the integration.
4. Select the AWS Region where your AppSync resources are deployed.
5. Choose an existing Application or click Create to add a new one.
   
   • Note: Recommended to use the application where you have the AppSync APIs.
6. Under App Token, click Create:
   
   • Enter a name for your token.
   • Click Submit.
   • Copy the generated token, you’ll need it during deployment.

Deployment

Cloudformation deployment

1. In FireTail, click Launch CloudFormation.
2. In the AWS Console:
   
   • Enter a unique Stack name.
   • Paste the copied App Token into the FTAPPKEY parameter.
3. Tick the checkboxes and click Create Stack.
4. Wait for the stack to finish deploying.

Manual deployment

1. Log in to the AWS Console.
2. Switch to the AWS Region where your AppSync API is deployed.
3. Download the CloudFormation template from FireTail.
4. Go to the CloudFormation Console, click  Create Stack and select  With new resources (standard).
5. Upload the CloudFormation template.
6. Click Next.

7. Enter a unique Stack Name.

8. Paste your App Token into the FTAPPKEY parameter.

9. Click Next.

10. In the Capabilities and transforms section, check all required boxes.

11. Click Next, review your setup, and click Submit.

Enable Logging for Each AppSync API

This must be done for each AppSync API you want to monitor.

Enable AppSync Logging

1. In AWS, open the AWS AppSync service.
2. Select the target API.
3. In the left menu, go to Settings.
4. Click Edit in the API Configuration section.
5. Enable Logging.
6. Enable Include verbose content.
7. Set Log level to Error.
8. Configure a Logging Role if not already set.
9. Click Save.

Create CloudWatch Log Group

If a log group for the API does not exist then you need to create one.

1. Navigate to CloudWatch in the AWS Console.
2. In the left menu, select Log groups.
3. Click Create log group and enter the following details:
   
   • Enter a log group name.
     
     • The log group name should be in this format: /aws/appsync/apis/<AppSync API ID>
     • Replace <AppSync API ID> with your actual AppSync API ID. This ID can be found on the AppSync console dashboard. To find this:
       
       • Open the AWS AppSync service.
       • Click the relevant API.
       • Go to Settings, the ID is located in the API details section.
   • Select retention settings, this is how long the logs stay in there.
   • Click Create.

Create Subscription Filter to Stream Logs

1. Open the Log Group you just created, or existing log group.
2. Navigate to the Subscription filters tab.
3. Click Create, then Create Lambda subscription filter.

4. Locate the FireTail AppSync Logger Lambda deployed via CloudFormation:

• Open the CloudFormation stack (Open a new tab or window).
• In the nested stack, go to Resources.
• Copy the FireTail AppSync Logger ID.

5. Go back to the subscription filter setup:

• Search for the FireTail Lambda function using the copied ID.
• Add a Subscription Filter Name.
• Click Start streaming.
  

Repeat these steps for each AppSync API you want to log.

For large environments, contact FireTail Support to request scripts for deploying at scale.