0x4447's solution for collecting and storing logs across the AWS Organization is more efficient and can help organizations save money on their AWS bill. It also gives you the flexibility to easily forward the logs to 3rd parties for further analysis.
0x4447's Rsyslog Server With Kinesis Forwarding
0x4447 creates products that promote uniformity and security in AWS Organizations while designing them to be easy to maintain and fail-tolerant.
This product is 0x4447's interpretation and custom setup of the Rsyslog project, allowing you to collect logs throughout your AWS VPC via SSL and transmit them to an existing Amazon Kinesis Data Firehose stream for subsequent analysis.
Plus, the solution is intended to ensure that no custom data is lost. This implies that if the instance is accidentally terminated, you may revert to the original setup, providing you with the peace of mind you deserve.
How It Works
If you already have a data stream established in your AWS account, you only need to give the stream's name at deployment time, and the logs will be automatically routed to the data stream.
In addition, 0x4447 provides an additional bash script for auto configuring EC2 Instances. The scripts configure the server automatically with all best practices in mind and allow a Cloud Engineer to configure the pre-existing servers quickly or automate the configuration of new ones.
There are no hard restrictions on the number of clients that can connect to the server. Instead, you are primarily restricted by the bandwidth capabilities of the EC2 Instance. If you need extra bandwidth, modify the instance type to a larger one by updating the CloudFormation file.
Benefits
Easy to use and made easy for beginners
Provides clear documentation
The team can deploy the product with you if you are inexperienced
Free training and 24-hour support
Easy refund system policy
0x4447's Rsyslog Server safeguards and maintains the security of your AWS Organizations by having a well-designed configuration that allows you to lower your logging costs. The product also gives you the flexibility to forward the logs to 3rd parties, thanks to the Kinesis Firehose integration. Freeing you to analyze your logs with your favorite services.
Moreover, Rsyslog Server is subjected to CVE scans regularly, and if flaws are discovered, patches are released as quickly as feasible. If you use the CloudFormation file to set up 0x4447's Rsyslog Server, you should be able to use it within 3 minutes.
The company also has an Evaluation Program that can help your team test for free the product for months to see how well it integrates with other tools. But if you want to start immediately, you can find more on Rsyslog Server's product page.