AWSKinesisFirehose,TransformationLambdaandOpenSearchlogprocessing
使用AWS Kinesis Firehose将日志数据发送到S3存储桶中,然后使用AWS Lambda进行转换处理,并将处理好的数据存储到OpenSearch中。具体示例代码如下:
1、创建Firehose Delivery Stream
const AWS = require('aws-sdk'); const firehose = new AWS.Firehose({region: 'us-east-1'});
exports.handler = async (event) => { const params = { DeliveryStreamName: 'firehose_delivery_stream', S3DestinationConfiguration: { BucketARN: 'arn:aws:s3:::my-s3-bucket', RoleARN: 'arn:aws:iam::aws:policy/AmazonS3FullAccess', Prefix: 'logs/year=!{timestamp:yyyy}/month=!{timestamp:MM}/day=!{timestamp:dd}/hour=!{timestamp:HH}/', BufferingHints: { SizeInMBs: 1, IntervalInSeconds: 60 }, CompressionFormat: 'GZIP', CloudWatchLoggingOptions: { Enabled: true, LogGroupName: 'my-firehose-logs', LogStreamName: 'my-firehose-stream' } } };
try {
const stream = await firehose.createDeliveryStream(params).promise();
console.log(stream);
return {
statusCode: 200,
body: JSON.stringify('Stream created successfully')
};
} catch (err) {
console.log(err);
return {
statusCode: 500,
body: JSON.stringify('Failed to create stream')
};
}
};
2、创建转换Lambda函数
exports.handler = async (event) => { let records = event.records.map((record) => { const payload = JSON.parse(Buffer.from(record.data, 'base64').toString('utf8'));
let newPayload = {
// transform the payload here
};
return {
recordId: record.recordId,
result: 'Ok',
data: Buffer.from(JSON.stringify(newPayload)).toString('base64')
};
});
return { records }; };
3、创建OpenSearch索引
const { OpenSearchService } = require("aws-sdk");
const opensearch = new OpenSearchService({ region: "us-east-1" });
const domainName = "my-opensearch-domain";
exports.handler = async function (event) { await opensearch.createIndex({ DomainName: domainName, Body: {}}).promise();
let response = { statusCode: 200, body: JSON.stringify("Index created successfully") }; return response; };
4、使用Lambda将数据发送到OpenSearch
const { OpenSearchService } = require("aws-sdk");
const opensearch = new OpenSearchService({ region: "us-east-1" });
const domainName = "my-opensearch-domain";
exports.handler = async (event) => { let records = event.records.map((record) => { const payload = JSON.parse(Buffer.from(record.data, 'base64').toString('utf8'));
// transform the payload here
return {
index: {
_index: 'my-index',
_type: '_doc',
_id: 'my-id', // optional
_source: payload
}
};
});
await opensearch.bulk({ DomainName: domainName, Body: records }).promise();
return { records }; };