Dash0 Raises $110M Series B at $1B Valuation
Dash0 integrates AWS CloudWatch Logs via Firehose, delivering log data directly to Dash0 for centralized monitoring and analysis.
AWS CloudWatch Logs is a service that allows you to monitor, store, and access log files from your AWS resources and applications. It can collect logs from various AWS services such as EC2, Lambda, API Gateway, and more. For better usability and control, you can send these logs to Dash0 via Firehose stream.
There are two approaches to send AWS logs to Dash0 via Firehose:
CloudWatch Logs Subscription Filters (Standard approach): CloudWatch Logs events can be sent to Firehose using CloudWatch subscription filters. This approach works with all CloudWatch Log groups and retains logs in AWS.
Lambda Direct Logging to Firehose: AWS Lambda supports sending logs directly to Firehose without storing them in CloudWatch Logs. This approach is more cost-effective but only works with Lambda functions.
This guide will show you how to set up both approaches.
| Feature | CloudWatch Logs Subscription Filters | Lambda Direct Logging to Firehose |
|---|---|---|
| Supported Services | All AWS services that use CloudWatch Logs | Lambda functions only |
| Cost | Standard CloudWatch Logs pricing | 50% less on ingest, no storage costs |
| Log Retention in AWS | Yes, logs are stored in CloudWatch | No, logs are not stored after delivery |
| CloudWatch Features | Full access to CloudWatch Logs features (Logs Insights, Live Tail, etc.) | No access to CloudWatch Logs Standard features |
| Setup Complexity | More complex (requires subscription filters and IAM roles) | Simpler (direct configuration in Lambda) |
When to use CloudWatch Logs Subscription Filters:
When to use Lambda Direct Logging to Firehose:
Follow AWS documentation to create a Firehose delivery stream from AWS console:
1. Choose source and destination
Choose "Direct PUT" as the source and "HTTP Endpoint" as the destination of your Firehose stream.
2. Firehose stream name
Give your Firehose stream a name.
3. Destination settings
In HTTP Endpoint URL, enter AWS CloudWatch Logs via Firehose HTTP endpoint, which can be found in your Dash0 organization settings under Endpoints:
Create a Dash0 authentication token for the Firehose stream. By default, data will be sent to the default dataset. If you want to send the data to another dataset, you can restrict the token access to that specific dataset. It's also recommended to grant only the ingestion permission to this token.
In the authentication section, you can either choose "Use access key" option and enter the authentication token directly as the Access Key:
or use AWS Secrets Manager to retrieve the token programmatically.
In the Parameters section, you can add additional attributes to the log events.
For example, you can add cloud.region as key and specify the region of your firehose stream such as eu-west-1 as value.
This attribute will be added to the log group resource in Dash0 and allows to distinguish log groups from different regions.
You can keep the rest of the settings as default. Data sent from CloudWatch Logs to Amazon Data Firehose is already compressed with gzip level 6 compression, so you do not need to use compression within your Firehose delivery stream.
4. Backup settings
Create or choose an existing S3 bucket to store data in case of delivery failures.
Follow AWS documentation to create a CloudWatch subscription filter that sends any incoming log events that match your defined filters to your Firehose delivery stream previously created. You can skip step 1-7 in the AWS documentation which are about creating a Firehose delivery stream and go directly to step 8.
1. Create an IAM role to set up permissions for CloudWatch Logs to send data to Firehose
Step 8-11 in the AWS documentation will guide you through creating such IAM role through the command line.
If you are using the AWS Management Console, you can go to IAM > Roles and create a new role.
Choose Custom trust policy and update the trust policy statement with:
Note: Make sure to replace <REGION> and <ACCOUNT_ID> with your AWS region and account ID.
Click Next to go to the Add Permissions step. You can either select AmazonKinesisFirehoseFullAccess policy or create a custom
policy which only grants firehose:PutRecord permission to the role with the following statement.
Note: Make sure to replace <REGION>, <ACCOUNT_ID> and <DELIVERY_STREAM_NAME> with your AWS region, account ID and Firehose delivery stream name.
At the final step, name the role and click Create role to complete the setup.
2. Create a subscription filter for the log group
In the AWS console, go to CloudWatch > Logs > Log groups and select the log group you want to send to Firehose. Click Actions > Create subscription filter > Create Amazon Data Firehose Subscription filter.
In Choose destination, select the Firehose delivery stream you created in the previous step.
In Grant permission, select the IAM role you created in the previous step.
Choose the log format and filter pattern for the log data you want to send to Firehose.
When sendings logs into a Firehose delivery stream, you should enable system fields to ensure proper resource attribution in Dash0. This adds cloud.account.id and
cloud.region attributes to your spans, making it easy to identify the source account and region for each log and helps with detecing the right resource who emitted the log.
AWS Lambda supports sending logs directly to Firehose without storing them in CloudWatch Logs. This approach is more cost-effective (50% less on ingest, no storage costs) but only works with Lambda functions and doesn't support CloudWatch Logs Standard features like Logs Insights and Live Tail.
Prerequisites:
Steps to configure Lambda direct logging to Firehose:
1. Navigate to the Lambda console
Go to the AWS Lambda console and select or create a function to set up Firehose as the logging destination.
2. Configure logging settings
3. Select Firehose as the log destination
4. Configure the delivery log group
If creating a new delivery log group:
If using an existing delivery log group:
5. Configure advanced logging options (optional)
You can configure advanced logging controls for your Lambda function:
6. Save your configuration
Click Save to apply your changes. Your Lambda function will now send logs directly to Firehose, which will deliver them to Dash0.
Once everything is set up, you can find CloudWatch logs by using the built-in AWS CloudWatch logging view.
The Lambda direct logging to Firehose approach offers significant cost savings:
When using Lambda direct logging to Firehose, be aware of these limitations: