browse
Overview
Once your Log Management in the Amazon S3 has been set up you may wish to test the log files are being written and are downloadable.
In order to do this, we'll outline an approach using Amazons 'AWS Command Line Interface' For alternative methods please see here
Prerequisites
- Download and install the AWS CLI from https://aws.amazon.com/cli/
- Create your Cisco managed bucket as described here
- Alternatively, configure logging to use your own S3 bucket as described here
Configuring your Security Credentials in AWS CLI
At the command line enter:
aws configure
You will be presented with the following 4 questions. If you created a Cisco Managed Bucket, the first three were provided when you created the bucket. For Cisco Managed Buckets, the 'Default region name' will be listed in your bucket name. For example, the region for "cisco-managed-us-west-2" is "us-west-2". For your own bucket, the region will be set according to your S3 settings. For a full list of Amazon S3 regions please see here
You can rerun this configuration at any time, and it will show a reduced version of your credentials e.g.
AWS Access Key ID [****************HVBA]:
AWS Secret Access Key [****************OuFw]:
Default region name [us-west-2]:
Default output format [None]:
Sync your bucket contents to local folder
Enter the following command, replacing with "yourbucketname" and "prefix" with your bucket details. Prefix is optional for admin owned buckets, and mandatory for Cisco Managed ones:
aws s3 sync s3://<yourbucketname>/<prefix>/ <your local folder path>
e.g.
aws s3 sync s3://cisco-managed-us-west-2/2293370_96b88e0e21ac0136373b7009a340dc5f/ c:\temp\
You should see an output like this:
download: s3://cisco-managed-us-west-2/2293370_96b88e0e21ac0136373b7009a340dc5f/dnslogs/2018-05-01/2018-05-01-12-30-0e41.csv.gz to dnslogs\2018-05-01\2018-05-01-12-30-0e41.csv.gz
download: s3://ccisco-managed-us-west-2/2293370_96b88e0e21ac0136373b7009a340dc5f/dnslogs/2018-05-01/2018-05-01-12-40-0e41.csv.gz to dnslogs\2018-05-01\2018-05-01-12-40-0e41.csv.gz
download: s3://cisco-managed-us-west-2/2293370_96b88e0e21ac0136373b7009a340dc5f/dnslogs/2018-05-01/2018-05-01-12-30-b3ab.csv.gz to dnslogs\2018-05-01\2018-05-01-12-30-b3ab.csv.gz
Note:
Attempting to list the contents of a Cisco Managed bucket root will generally result in an error as the access level provided does not have the rights to list bucket root contents. You can however list the contents of the prefix and folders within the bucket using a command similar to this:
aws s3 ls s3://<your_bucketname>/<prefix>/dnslogs
Please note: The full command line interface documentation is available from Amazon here