Security log forwarding

AuraDB Enterprise AuraDS Enterprise

With security log forwarding, you can stream security logs directly to a cloud project owned by your organization, in real time.

To access Log forwarding:

  1. Navigate to the Neo4j Aura Console in your browser.

  2. Select Log forwarding from the sidebar menu.

This will display a list of currently configured log forwarding processes for the active tenant.

If no log forwarding process is set up, a button to do so is displayed in the center of the page.

A log forwarding process is scoped to a specific product and region combination, and limited to one for each.

Set up log forwarding

Aura Database and Analytics services are business critical for our users. We have requests to introduce more capabilities enabling access to logs and metrics to derive actionable insights using your choice of monitoring platform.

We have a strong roadmap of observability sharing features including security logs, query logs and other capabilities. Many of these logs can be of significant size hence we will introduce in the future a new consumption based billing model including cloud egress costs.

We believe security is of paramount importance hence we have decided to make security logs available for you initially at no extra charge.

The complete steps for setting up log forwarding depends on the chosen cloud provider.

Exhaustive instructions are provided in the wizard which appears by following the steps below.

  1. Navigate to the Log forwarding page as described above.

  2. Click Create new log forwarding process.

  3. Follow the instructions specific to your cloud provider.

Output destination

Log forwarding can forward logs to the log service of the same cloud provider as the monitored instance is located in.

Cross-region log forwarding is supported.

If your instance is in:

  • Google Cloud Platform - Forward logs to Google Cloud Logging in your own GCP project.

  • Amazon Web Services - Forward logs to CloudWatch in your own AWS account.

  • Azure - Forward logs to a Log Analytics workspace in your own Azure subscription.

Logs can be further forwarded into third party systems using the log routing capabilities provided by your cloud provider.