GSA / data.gov

Main repository for the data.gov service
https://data.gov
Other
659 stars 102 forks source link

Make it easier to get CloudFront logs #750

Open adborden opened 5 years ago

adborden commented 5 years ago

User Story

As an operator, I need easier access to the CloudFront logs so that when there is an outage, it is relatively straight forward to see what errors CloudFront is seeing.

Details

As part of the site certificate update, the full certificate chain was not pushed to NetScaler or the Palo Alto firewall. This caused CloudFront to fail because it couldn't validate the certificate without the issuer certificate. We had to dig through the S3 bucket to get recent logs. If there is a way to make these quicker to access, we should investigate doing that work.

Acceptance Criteria

Definition of Done

Operators can quickly identify where to get the CloudFront logs and access them.

jbrown-xentity commented 1 month ago

Tagging @FuhuXia to assess priority

FuhuXia commented 1 month ago

We can pipe the CloudFront logs to NewRelic. We can to do an estimate on the size of the logs and consult with NewRelic folks on the cost of this change.