Destination Settings - Amazon Data Firehose

Amazon Data Firehose was previously known as Amazon Kinesis Data Firehose

Destination Settings

This topic describes the destination settings for your delivery stream. For more information on buffering hints, see Buffering hints.

Choose Amazon S3 for Your Destination

You must specify the following settings in order to use Amazon S3 as the destination for your Firehose stream:

  • Enter values for the following fields:

    S3 bucket

    Choose an S3 bucket that you own where the streaming data should be delivered. You can create a new S3 bucket or choose an existing one.

    New line delimiter

    You can configure your delivery stream to add a new line delimiter between records in objects that are delivered to Amazon S3. To do so, choose Enabled. To not add a new line delimiter between records in objects that are delivered to Amazon S3, choose Disabled. If you plan to use Athena to query S3 objects with aggregated records, enable this option.

    Dynamic partitioning

    Choose Enabled to enable and configure dynamic partitioning.

    Multi record deagreggation

    This is the process of parsing through the records in the delivery stream and separating them based either on valid JSON or on the specified new line delimiter.

    If you aggregate multiple events, logs, or records into a single PutRecord and PutRecordBatch API call, you can still enable and configure dynamic partitioning. With aggregated data, when you enable dynamic partitioning, Amazon Data Firehose parses the records and looks for multiple valid JSON objects within each API call. When the Firehose stream is configured with Kinesis Data Stream as a source, you can also use the built-in aggregation in the Kinesis Producer Library (KPL). Data partition functionality is executed after data is de-aggregated. Therefore, each record in each API call can be delivered to different Amazon S3 prefixes. You can also leverage the Lambda function integration to perform any other de-aggregation or any other transformation before the data partitioning functionality.

    Important

    If your data is aggregated, dynamic partitioning can be applied only after data deaggregation is performed. So if you enable dynamic partitioning to your aggregated data, you must choose Enabled to enable multi record deaggregation.

    Firehose stream preforms the following processing steps in the following order: KPL (protobuf) de-aggregation, JSON or delimiter de-aggregation, Lambda processing, data partitioning, data format conversion, and Amazon S3 delivery.

    Multi record deaggreation type

    If you enabled multi recrord deaggregation, you must specify the method for Amazon Data Firehose to deaggregate your data. Use the drop-down menu to choose either JSON or Delimited.

    Inline parsing

    This is one of the supported mechanisms to dynamically partition your data that is bound for Amazon S3. To use inline parsing for dynamic partitioning of your data, you must specify data record parameters to be used as partitioning keys and provide a value for each specified partitioning key. Choose Enabled to enable and configure inline parsing.

    Important

    If you specified an AWS Lambda function in the steps above for transforming your source records, you can use this function to dynamically partition your data that is bound to S3 and you can still create your partitioning keys with inline parsing. With dynamic partitioning, you can use either inline parsing or your AWS Lambda function to create your partitioning keys. Or you can use both inline parsing and your AWS Lambda function at the same time to create your partitioning keys.

    Dynamic partitioning keys

    You can use the Key and Value fields to specify the data record parameters to be used as dynamic partitioning keys and jq queries to generate dynamic partitioning key values. Amazon Data Firehose supports jq 1.6 only. You can specify up to 50 dynamic partitioning keys. You must enter valid jq expressions for your dynamic partitioning key values in order to successfully configure dynamic partitioning for your Firehose stream.

    S3 bucket prefix

    When you enable and configure dynamic partitioning, you must specify the S3 bucket prefixes to which Amazon Data Firehose is to deliver partitioned data.

    In order for dynamic partitioning to be configured correctly, the number of the S3 bucket prefixes must be identical to the number of the specified partitioning keys.

    You can partition your source data with inline parsing or with your specified AWS Lambda function. If you specified an AWS Lambda function to create partitioning keys for your source data, you must manually type in the S3 bucket prefix value(s) using the following format: "partitionKeyFromLambda:keyID". If you are using inline parsing to specify the partitioning keys for your source data, you can either manually type in the S3 bucket preview values using the following format: "partitionKeyFromQuery:keyID" or you can choose the Apply dynamic partitioning keys button to use your dynamic partitioning key/value pairs to auto-generate your S3 bucket prefixes. While partitioning your data with either inline parsing or AWS Lambda, you can also use the following expression forms in your S3 bucket prefix: !{namespace:value}, where namespace can be either partitionKeyFromQuery or partitionKeyFromLambda.

    S3 bucket and S3 error output prefix time zone

    Choose a time zone that you want to use for date and time in Custom Prefixes for Amazon Simple Storage Service Objects. By default, Firehose adds a time prefix in UTC. You can change the time zone used in S3 prefixes if you want to use different time zone.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

    S3 compression

    Choose GZIP, Snappy, Zip, or Hadoop-Compatible Snappy data compression, or no data compression. Snappy, Zip, and Hadoop-Compatible Snappy compression is not available for delivery streams with Amazon Redshift as the destination.

    S3 file extension format (optional)

    Specify a file extension format for objects delivered to Amazon S3 destination bucket. If you enable this feature, specified file extension will override default file extensions appended by Data Format Conversion or S3 compression features such as .parquet or .gz. Make sure if you configured the right file extension when you use this feature with Data Format Conversion or S3 compression. File extension must start with a period (.) and can contain allowed characters: 0-9a-z!-_.*‘(). File extension cannot exceed 128 characters.

    S3 encryption

    Firehose supports Amazon S3 server-side encryption with AWS Key Management Service (SSE-KMS) for encrypting delivered data in Amazon S3. You can choose to use the default encryption type specified in the destination S3 bucket or to encrypt with a key from the list of AWS KMS keys that you own. If you encrypt the data with AWS KMS keys, you can use either the default AWS managed key (aws/s3) or a customer managed key. For more information, see Protecting Data Using Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS).

Choose Amazon Redshift for Your Destination

This section describes settings for using Amazon Redshift as your Firehose stream destination.

Choose either of the following procedures based on whether you have an Amazon Redshift provisioned cluster or an Amazon Redshift Serverless workgroup.

Amazon Redshift Provisioned Cluster

This section describes settings for using Amazon Redshift provisioned cluster as your Firehose stream destination.

  • Enter values for the following fields:

    Cluster

    The Amazon Redshift cluster to which S3 bucket data is copied. Configure the Amazon Redshift cluster to be publicly accessible and unblock Amazon Data Firehose IP addresses. For more information, see Grant Amazon Data Firehose Access to an Amazon Redshift Destination .

    User name

    An Amazon Redshift user with permissions to access the Amazon Redshift cluster. This user must have the Amazon Redshift INSERT permission for copying data from the S3 bucket to the Amazon Redshift cluster.

    Password

    The password for the user who has permissions to access the cluster.

    Database

    The Amazon Redshift database to where the data is copied.

    Table

    The Amazon Redshift table to where the data is copied.

    Columns

    (Optional) The specific columns of the table to which the data is copied. Use this option if the number of columns defined in your Amazon S3 objects is less than the number of columns within the Amazon Redshift table.

    Intermediate S3 destination

    Amazon Data Firehose delivers your data to your S3 bucket first and then issues an Amazon Redshift COPY command to load the data into your Amazon Redshift cluster. Specify an S3 bucket that you own where the streaming data should be delivered. Create a new S3 bucket, or choose an existing bucket that you own.

    Amazon Data Firehose doesn't delete the data from your S3 bucket after loading it to your Amazon Redshift cluster. You can manage the data in your S3 bucket using a lifecycle configuration. For more information, see Object Lifecycle Management in the Amazon Simple Storage Service User Guide.

    Intermediate S3 prefix

    (Optional) To use the default prefix for Amazon S3 objects, leave this option blank. Amazon Data Firehose automatically uses a prefix in "YYYY/MM/dd/HH" UTC time format for delivered Amazon S3 objects. You can add to the start of this prefix. For more information, see Amazon S3 Object Name Format.

    COPY options

    Parameters that you can specify in the Amazon Redshift COPY command. These might be required for your configuration. For example, "GZIP" is required if Amazon S3 data compression is enabled. "REGION" is required if your S3 bucket isn't in the same AWS Region as your Amazon Redshift cluster. For more information, see COPY in the Amazon Redshift Database Developer Guide.

    COPY command

    The Amazon Redshift COPY command. For more information, see COPY in the Amazon Redshift Database Developer Guide.

    Retry duration

    Time duration (0–7200 seconds) for Amazon Data Firehose to retry if data COPY to your Amazon Redshift cluster fails. Amazon Data Firehose retries every 5 minutes until the retry duration ends. If you set the retry duration to 0 (zero) seconds, Amazon Data Firehose does not retry upon a COPY command failure.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

    S3 compression

    Choose GZIP, Snappy, Zip, or Hadoop-Compatible Snappy data compression, or no data compression. Snappy, Zip, and Hadoop-Compatible Snappy compression is not available for delivery streams with Amazon Redshift as the destination.

    S3 file extension format (optional)

    S3 file extension format (optional) – Specify a file extension format for objects delivered to Amazon S3 destination bucket. If you enable this feature, specified file extension will override default file extensions appended by Data Format Conversion or S3 compression features such as .parquet or .gz. Make sure if you configured the right file extension when you use this feature with Data Format Conversion or S3 compression. File extension must start with a period (.) and can contain allowed characters: 0-9a-z!-_.*‘(). File extension cannot exceed 128 characters.

    S3 encryption

    Firehose supports Amazon S3 server-side encryption with AWS Key Management Service (SSE-KMS) for encrypting delivered data in Amazon S3. You can choose to use the default encryption type specified in the destination S3 bucket or to encrypt with a key from the list of AWS KMS keys that you own. If you encrypt the data with AWS KMS keys, you can use either the default AWS managed key (aws/s3) or a customer managed key. For more information, see Protecting Data Using Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS).

Amazon Redshift Serverless Workgroup

This section describes settings for using Amazon Redshift Serverless workgroup as your Firehose stream destination.

  • Enter values for the following fields:

    Workgroup name

    The Amazon Redshift Serverless workgroup to which S3 bucket data is copied. Configure the Amazon Redshift Serverless workgroup to be publicly accessible and unblock the Firehose IP addresses. For more information, see the Connect to a publicly accessible Amazon Redshift Serverless instance section in Connecting to Amazon Redshift Serverless and also Grant Amazon Data Firehose Access to an Amazon Redshift Destination .

    User name

    An Amazon Redshift user with permissions to access the Amazon Redshift Serverless workgroup. This user must have the Amazon Redshift INSERT permission for copying data from the S3 bucket to the Amazon Redshift Serverless workgroup.

    Password

    The password for the user who has permissions to access the Amazon Redshift Serverless workgroup.

    Database

    The Amazon Redshift database to where the data is copied.

    Table

    The Amazon Redshift table to where the data is copied.

    Columns

    (Optional) The specific columns of the table to which the data is copied. Use this option if the number of columns defined in your Amazon S3 objects is less than the number of columns within the Amazon Redshift table.

    Intermediate S3 destination

    Amazon Data Firehose delivers your data to your S3 bucket first and then issues an Amazon Redshift COPY command to load the data into your Amazon Redshift Serverless workgroup. Specify an S3 bucket that you own where the streaming data should be delivered. Create a new S3 bucket, or choose an existing bucket that you own.

    Amazon Data Firehose doesn't delete the data from your S3 bucket after loading it to your Amazon Redshift Serverless workgroup. You can manage the data in your S3 bucket using a lifecycle configuration. For more information, see Object Lifecycle Management in the Amazon Simple Storage Service User Guide.

    Intermediate S3 prefix

    (Optional) To use the default prefix for Amazon S3 objects, leave this option blank. Amazon Data Firehose automatically uses a prefix in "YYYY/MM/dd/HH" UTC time format for delivered Amazon S3 objects. You can add to the start of this prefix. For more information, see Amazon S3 Object Name Format.

    COPY options

    Parameters that you can specify in the Amazon Redshift COPY command. These might be required for your configuration. For example, "GZIP" is required if Amazon S3 data compression is enabled. "REGION" is required if your S3 bucket isn't in the same AWS Region as your Amazon Redshift Serverless workgroup. For more information, see COPY in the Amazon Redshift Database Developer Guide.

    COPY command

    The Amazon Redshift COPY command. For more information, see COPY in the Amazon Redshift Database Developer Guide.

    Retry duration

    Time duration (0–7200 seconds) for Amazon Data Firehose to retry if data COPY to your Amazon Redshift Serverless workgroup fails. Amazon Data Firehose retries every 5 minutes until the retry duration ends. If you set the retry duration to 0 (zero) seconds, Amazon Data Firehose does not retry upon a COPY command failure.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

    S3 compression

    Choose GZIP, Snappy, Zip, or Hadoop-Compatible Snappy data compression, or no data compression. Snappy, Zip, and Hadoop-Compatible Snappy compression is not available for delivery streams with Amazon Redshift as the destination.

    S3 file extension format (optional)

    S3 file extension format (optional) – Specify a file extension format for objects delivered to Amazon S3 destination bucket. If you enable this feature, specified file extension will override default file extensions appended by Data Format Conversion or S3 compression features such as .parquet or .gz. Make sure if you configured the right file extension when you use this feature with Data Format Conversion or S3 compression. File extension must start with a period (.) and can contain allowed characters: 0-9a-z!-_.*‘(). File extension cannot exceed 128 characters.

    S3 encryption

    Firehose supports Amazon S3 server-side encryption with AWS Key Management Service (SSE-KMS) for encrypting delivered data in Amazon S3. You can choose to use the default encryption type specified in the destination S3 bucket or to encrypt with a key from the list of AWS KMS keys that you own. If you encrypt the data with AWS KMS keys, you can use either the default AWS managed key (aws/s3) or a customer managed key. For more information, see Protecting Data Using Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS).

Choose OpenSearch Service for Your Destination

This section describes options for using OpenSearch Service for your destination.

  • Enter values for the following fields:

    OpenSearch Service domain

    The OpenSearch Service domain to which your data is delivered.

    Index

    The OpenSearch Service index name to be used when indexing data to your OpenSearch Service cluster.

    Index rotation

    Choose whether and how often the OpenSearch Service index should be rotated. If index rotation is enabled, Amazon Data Firehose appends the corresponding timestamp to the specified index name and rotates. For more information, see Index Rotation for the OpenSearch Service Destination.

    Type

    The OpenSearch Service type name to be used when indexing data to your OpenSearch Service cluster. For Elasticsearch 7.x and OpenSearch 1.x, there can be only one type per index. If you try to specify a new type for an existing index that already has another type, Amazon Data Firehose returns an error during runtime.

    For Elasticsearch 7.x, leave this field empty.

    Retry duration

    Time duration (0–7200 seconds) for Amazon Data Firehose to retry if an index request to your OpenSearch Service cluster fails. Amazon Data Firehose retries every 5 minutes until the retry duration ends. If you set the retry duration to 0 (zero) seconds, Amazon Data Firehose does not retry upon an index request failure.

    DocumentID type

    Indicates the method for setting up document ID. The supported methods are Amazon Data Firehose-generated document ID and OpenSearch Service-generated document ID. Firehose-generated document ID is the default option when the document ID value is not set. OpenSearch Service-generated document ID is the recommended option because it supports write-heavy operations, including log analytics and observability, consuming fewer CPU resources at the OpenSearch Service domain and thus, resulting in improved performance.

    Destination VPC connectivity

    If your OpenSearch Service domain is in a private VPC, use this section to specify that VPC. Also specify the subnets and subgroups that you want Amazon Data Firehose to use when it sends data to your OpenSearch Service domain. You can use the same security groups that the OpenSearch Service domain is using. If you specify different security groups, ensure that they allow outbound HTTPS traffic to the OpenSearch Service domain's security group. Also ensure that the OpenSearch Service domain's security group allows HTTPS traffic from the security groups that you specified when you configured your Firehose stream. If you use the same security group for both your Firehose stream and the OpenSearch Service domain, make sure the security group's inbound rule allows HTTPS traffic. For more information about security group rules, see Security group rules in the Amazon VPC documentation.

    Important

    When you specify subnets for delivering data to the destination in a private VPC, make sure you have enough number of free IP addresses in chosen subnets. If there is no available free IP address in a specified subnet, Firehose cannot create or add ENIs for the data delivery in the private VPC, and the delivery will be degraded or fail.

    Buffer hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

Choose OpenSearch Serverless for Your Destination

This section describes options for using OpenSearch Serverless for your destination.

  • Enter values for the following fields:

    OpenSearch Serverless collection

    The endpoint for a group of OpenSearch Serverless indexes to which your data is delivered.

    Index

    The OpenSearch Serverless index name to be used when indexing data to your OpenSearch Serverless collection.

    Destination VPC connectivity

    If your OpenSearch Serverless collection is in a private VPC, use this section to specify that VPC. Also specify the subnets and subgroups that you want Amazon Data Firehose to use when it sends data to your OpenSearch Serverless collection.

    Important

    When you specify subnets for delivering data to the destination in a private VPC, make sure you have enough number of free IP addresses in chosen subnets. If there is no available free IP address in a specified subnet, Firehose cannot create or add ENIs for the data delivery in the private VPC, and the delivery will be degraded or fail.

    Retry duration

    Time duration (0–7200 seconds) for Amazon Data Firehose to retry if an index request to your OpenSearch Serverless collection fails. Amazon Data Firehose retries every 5 minutes until the retry duration ends. If you set the retry duration to 0 (zero) seconds, Amazon Data Firehose does not retry upon an index request failure.

    Buffer hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

Choose HTTP Endpoint for Your Destination

This section describes options for using HTTP endpoint for your destination.

Important

If you choose an HTTP endpoint as your destination, review and follow the instructions in Appendix - HTTP Endpoint Delivery Request and Response Specifications.

  • Provide values for the following fields:

    HTTP endpoint name - optional

    Specify a user friendly name for the HTTP endpoint. For example, My HTTP Endpoint Destination.

    HTTP endpoint URL

    Specify the URL for the HTTP endpoint in the following format: https://xyz.httpendpoint.com. The URL must be an HTTPS URL.

    Access key - optional

    Contact the endpoint owner to obtain the access key (if it is required) to enable data delivery to their endpoint from Firehose.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP or Disabled to enable/disable content encoding of your request.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to the selected HTTP endpoint.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

    Important

    For the HTTP endpoint destinations, if you are seeing 413 response codes from the destination endpoint in CloudWatch Logs, lower the buffering hint size on your Firehose stream and try again.

Choose Datadog for Your Destination

This section describes options for using Datadog for your destination. For more information about Datadog, see https://docs.datadoghq.com/integrations/amazon_web_services/.

  • Provide values for the following fields:

    HTTP endpoint URL

    Choose the HTTP endpoint URL from the following options in the drop down menu:

    • Datadog logs - US1

    • Datadog logs - US5

    • Datadog logs - EU

    • Datadog logs - GOV

    • Datadog metrics - US

    • Datadog metrics - EU

    API key

    Contact Datadog to obtain the API key required to enable data delivery to this endpoint from Amazon Data Firehose.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP or Disabled to enable/disable content encoding of your request.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to the selected HTTP endpoint.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

Choose Honeycomb for Your Destination

This section describes options for using Honeycomb for your destination. For more information about Honeycomb, see https://docs.honeycomb.io/getting-data-in/metrics/aws-cloudwatch-metrics/ .

  • Provide values for the following fields:

    Honeycomb Kinesis endpoint

    Specify the URL for the HTTP endpoint in the following format: https://api.honeycomb.io/1/kinesis_events/{{dataset}}

    API key

    Contact Honeycomb to obtain the API key required to enable data delivery to this endpoint from Amazon Data Firehose.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP to enable content encoding of your request. This is the recommended option for the Honeycomb destination.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to the selected HTTP endpoint.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

Choose Coralogix for Your Destination

This section describes options for using Coralogix for your destination. For more information about Coralogix, see https://coralogix.com/integrations/aws-firehose .

  • Provide values for the following fields:

    HTTP endpoint URL

    Choose the HTTP endpoint URL from the following options in the drop down menu:

    • Coralogix - US

    • Coralogix - SINGAPORE

    • Coralogix - IRELAND

    • Coralogix - INDIA

    • Coralogix - STOCKHOLM

    Private key

    Contact Coralogix to obtain the private key required to enable data delivery to this endpoint from Amazon Data Firehose.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP to enable content encoding of your request. This is the recommended option for the Coralogix destination.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to the selected HTTP endpoint.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    • applicationName: the environment where you are running Data Firehose

    • subsystemName: the name of the Data Firehose integration

    • computerName: the name of the Firehose stream in use

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

Choose Dynatrace for Your Destination

This section describes options for using Dynatrace for your destination. For more information, see https://www.dynatrace.com/support/help/technology-support/cloud-platforms/amazon-web-services/integrations/cloudwatch-metric-streams/.

  • Provide values for the following fields:

    HTTP endpoint URL

    Choose the HTTP endpoint URL (Dynatrace US, Dynatrace EU, or Dynatrace Global) from the drop down menu.

    API token

    Generate the Dynatrace API token required for data delivery from Amazon Data Firehose. For more information, see https://www.dynatrace.com/support/help/dynatrace-api/basics/dynatrace-api-authentication/.

    API URL

    Provide the API URL of your Dynatrace environment.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP or Disabled to enable/disable content encoding of your request.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to the selected HTTP endpoint.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

Choose LogicMonitor for Your Destination

This section describes options for using LogicMonitor for your destination. For more information, see https://www.logicmonitor.com.

  • Provide values for the following fields:

    HTTP endpoint URL

    Specify the URL for the HTTP endpoint in the following format: https://ACCOUNT.logicmonitor.com

    API key

    Contact LogicMonitor to obtain the API key required to enable data delivery to this endpoint from Amazon Data Firehose.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP or Disabled to enable/disable content encoding of your request.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to the selected HTTP endpoint.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

Choose Logz.io for Your Destination

This section describes options for using Logz.io for your destination. For more information, see https://logz.io/.

Note

In the Europe (Milan) region, Logz.io is not supported as an Amazon Data Firehose destination.

  • Provide values for the following fields:

    HTTP endpoint URL

    Specify the URL for the HTTP endpoint in the following format: https://listener-aws-metrics-stream-<region>.logz.io/. For example, https://listener-aws-metrics-stream-us.logz.io/. The URL must be an HTTPS URL.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP or Disabled to enable/disable content encoding of your request.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to Logz.io.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

Choose MongoDB Cloud for Your Destination

This section describes options for using MongoDB Cloud for your destination. For more information, see https://www.mongodb.com.

  • Provide values for the following fields:

    MongoDB Realm webhook URL

    Specify the URL for the HTTP endpoint in the following format: https://webhooks.mongodb-realm.com. The URL must be an HTTPS URL.

    API key

    Contact MongoDB Cloud to obtain the API key required to enable data delivery to this endpoint from Amazon Data Firehose.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP or Disabled to enable/disable content encoding of your request.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to the selected third-party provider.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

Choose New Relic for Your Destination

This section describes options for using New Relic for your destination. For more information, see https://newrelic.com.

  • Provide values for the following fields:

    HTTP endpoint URL

    Choose the HTTP endpoint URL from the following options in the drop down menu:

    • New Relic logs - US

    • New Relic metrics - US

    • New Relic metrics - EU

    API key

    Enter your License Key (40-characters hexadecimal string) from your New Relic One Account settings. This API key is required to enable data delivery to this endpoint from Firehose.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP or Disabled to enable/disable content encoding of your request.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to the New Relic HTTP endpoint.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

Choose Snowflake for Your Destination

This section describes options for using Snowflake for your destination.

Connection settings
  • Provide values for the following fields:

    Snowflake account URL

    Specify a regional account URL provided by Snowflake. Firehose does not support a region-less URL in preview when private link is enabled. Refer to Snowflake documentation on how to determine your account URL. For example: xy12345.us-east-1.aws.snowflakecomputing.com. Note that port number must not be specified, whereas protocol (https://) is optional.

    User login

    Specify the Snowflake user to be used for loading data. Make sure the user has access to insert data into the Snowflake table.

    Private key

    Specify the user’s private key of the key pair used for authentication with Snowflake. Make sure the private key is in PKCS8 format. Do not include PEM header and footer as part of Private Key. If the key is split across multiple lines, remove the line breaks.

    Passphrase

    Passphrase to decrypt the private key when the key is encrypted. Leave this field empty if private key is not encrypted. For information, see Using Key Pair Authentication & Key Rotation.

    Role configuration

    Use default Snowflake role – If this option is selected, Firehose will not pass any role to Snowflake. Default role is assumed to load data. Please make sure the default role has permission to insert data in to Snowflake table.

    Use custom Snowflake role – Enter a non-default Snowflake role to be assumed by Firehose when loading data into Snowflake table.

    Snowflake connectivity

    Options are Private or Public.

    Private VPCE ID (optional)

    The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-[id]. For more information, see AWS PrivateLink & Snowflake.

    Note

    During the public preview, make sure that your Snowflake network permits access to Firehose. To gain access, either contact AWS Support to add a Firehose VPC endpoint to your allow list, or consider disabling the network policy on your Snowflake cluster.

Database configuration
  • You must specify the following settings in order to use Snowflake as the destination for your Firehose delivery stream:

    • Snowflake database – All data in Snowflake is maintained in databases.

    • Snowflake schema – Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views

    • Snowflake table – All data in Snowflake is stored in database tables, logically structured as collections of columns and rows.

Data loading options for your Snowflake table

  • Use JSON keys as column names

  • Use VARIANT columns

    • Content column name – Specify a column name in the table, where the raw data has to be loaded.

    • Metadata column name (optional) – Specify a column name in the table, where the metadata information has to be loaded.

Choose Splunk for Your Destination

This section describes options for using Splunk for your destination.

Note

Firehose delivers data to Splunk clusters configured with Classic Load Balancer or an Application Load Balancer.

  • Provide values for the following fields:

    Splunk cluster endpoint

    To determine the endpoint, see Configure Amazon Amazon Data Firehose to Send Data to the Splunk Platform in the Splunk documentation.

    Splunk endpoint type

    Choose Raw endpoint in most cases. Choose Event endpoint if you preprocessed your data using AWS Lambda to send data to different indexes by event type. For information about what endpoint to use, see Configure Amazon Amazon Data Firehose to send data to the Splunk platform in the Splunk documentation.

    Authentication token

    To set up a Splunk endpoint that can receive data from Amazon Data Firehose, see Installation and configuration overview for the Splunk Add-on for Amazon Amazon Data Firehose in the Splunk documentation. Save the token that you get from Splunk when you set up the endpoint for this Firehose stream, and add it here.

    HEC acknowledgement timeout

    Specify how long Amazon Data Firehose waits for the index acknowledgement from Splunk. If Splunk doesn’t send the acknowledgment before the timeout is reached, Amazon Data Firehose considers it a data delivery failure. Amazon Data Firehose then either retries or backs up the data to your Amazon S3 bucket, depending on the retry duration value that you set.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to Splunk.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from Splunk. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to Splunk (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from Splunk.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

Choose Splunk Observability Cloud for Your Destination

This section describes options for using Splunk Observability Cloud for your destination. For more information, see https://docs.splunk.com/observability/en/gdi/get-data-in/connect/aws/aws-apiconfig.html#connect-to-aws-using-the-splunk-observability-cloud-api.

  • Provide values for the following fields:

    Cloud Ingest Endpoint URL

    You can find your Splunk Observability Cloud’s Real-time Data Ingest URL in Profile > Organizations > Real-time Data Ingest Endpoint in Splunk Observability console.

    Access Token

    Copy your Splunk Observability access token with INGEST authorization scope from Settings > Access Tokens in Splunk Observability console

    Content Encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP or Disabled to enable/disable content encoding of your request.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to the selected HTTP endpoint.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the destination varies from service provider to service provider.

Choose Sumo Logic for Your Destination

This section describes options for using Sumo Logic for your destination. For more information, see https://www.sumologic.com.

  • Provide values for the following fields:

    HTTP endpoint URL

    Specify the URL for the HTTP endpoint in the following format: https://deployment name.sumologic.net/receiver/v1/kinesis/dataType/access token. The URL must be an HTTPS URL.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP or Disabled to enable/disable content encoding of your request.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to Sumo Logic.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the Elastic destination varies from service provider to service provider.

Choose Elastic for Your Destination

This section describes options for using Elastic for your destination.

  • Provide values for the following fields:

    Elastic endpoint URL

    Specify the URL for the HTTP endpoint in the following format: https://<cluster-id>.es.<region>.aws.elastic-cloud.com. The URL must be an HTTPS URL.

    API key

    Contact Elastic service to obtain the API key required to enable data delivery to their service from Amazon Data Firehose.

    Content encoding

    Amazon Data Firehose uses content encoding to compress the body of a request before sending it to the destination. Choose GZIP (which is what selected by default) or Disabled to enable/disable content encoding of your request.

    Retry duration

    Specify how long Amazon Data Firehose retries sending data to Elastic.

    After sending data, Amazon Data Firehose first waits for an acknowledgment from the HTTP endpoint. If an error occurs or the acknowledgment doesn’t arrive within the acknowledgment timeout period, Amazon Data Firehose starts the retry duration counter. It keeps retrying until the retry duration expires. After that, Amazon Data Firehose considers it a data delivery failure and backs up the data to your Amazon S3 bucket.

    Every time that Amazon Data Firehose sends data to the HTTP endpoint (either the initial attempt or a retry), it restarts the acknowledgement timeout counter and waits for an acknowledgement from the HTTP endpoint.

    Even if the retry duration expires, Amazon Data Firehose still waits for the acknowledgment until it receives it or the acknowledgement timeout period is reached. If the acknowledgment times out, Amazon Data Firehose determines whether there's time left in the retry counter. If there is time left, it retries again and repeats the logic until it receives an acknowledgment or determines that the retry time has expired.

    If you don't want Amazon Data Firehose to retry sending data, set this value to 0.

    Parameters - optional

    Amazon Data Firehose includes these key-value pairs in each HTTP call. These parameters can help you identify and organize your destinations.

    Buffering hints

    Amazon Data Firehose buffers incoming data before delivering it to the specified destination. The recommended buffer size for the Elastic destination is 1 MiB.