Overview

The integration uses Amazon Data Firehose to forward CloudFront real-time logs to our Agent Analytics API. Amazon Data Firehose is an AWS service that enables reliable delivery of streaming data to various destinations including HTTP endpoints. For more information about CloudFront real-time logs, visit the AWS documentation.

Prerequisites

  • An AWS Account with CloudFront and AmazonData Firehose permissions
  • Access to your CloudFront distribution configuration
  • API credentials for the Profound Agent Analytics platform

Configuration

1

Step 1

Sign in to the AWS Console and navigate to the Amazon Data Firehose consoleFirehose Console Navigation
2

Step 2

Create a new delivery stream, select “Direct PUT” as source and “HTTP Endpoint” as destinationFirehose HTTP Destination
3

Step 3

  1. Configure the HTTP endpoint with the following URL format:
https://artemis.api.tryprofound.com/v1/logs/aws_data_firehose_cloudfront
  1. For authentication, provide your Profound API key as the access key (we recommend using AWS Secrets Manager for secure key storage).
If you are using the AWS Secrets Manager, please use the following JSON format when creating the secret:
{
  "api_key": "bot_your_api_key_here"
}
  1. Enable GZIP content encoding. Firehose Destination Settings
  2. Create a new S3 bucket to store failed delivery logs (required by AWS) Firehose S3 Destination
4

Step 4

Go to your CloudFront distribution and navigate to the “Logging” tab.CloudFront Logging TabClick the “Add” button and select “Kinesis Data Firehose” as the destination. (Kinesis Data Firehose is the legacy name for Amazon Data Firehose)CloudFront Logging Add
5

Step 5

Now you should be in the “Add standard logging destination” screen. Select the delivery stream you created in Step 3.CloudFront Logging SelectUnder “Additional settings - optional”, select the following fields:CloudFront Logging Additional Settings
  • Time and IP
    • date - Date when the request was completed
    • time - Time when the request was completed
    • c-ip - Client IP address
  • Request Details
    • cs-method - HTTP request method
    • cs(Host) - Requested host header
    • cs-uri-stem - Request URI path
    • cs-uri-query - Request query string
    • cs(User-Agent) - Client user agent
    • cs(Referer) - Request referrer
  • Response Details
    • sc-status - HTTP response status
    • sc-bytes - Response size in bytes
    • time-taken - Request processing time
6

Step 6

Select JSON as the Output format.Output formatClick Submit to save the configuration.
That’s it! CloudFront will now send real-time logs to Data Firehose, which forwards them to Profound. Data should begin appearing in your dashboard within a few minutes.

Troubleshooting

  • If logs aren’t appearing, verify your Firehose delivery stream status in CloudWatch
  • Check Data Firehose monitoring for delivery errors
  • Ensure your API credentials are correct
  • Verify CloudFront real-time logging is enabled for your distribution
  • Check IAM roles have proper permissions for both CloudFront and Firehose

Additional Resources

Security Considerations

  • Store API keys in AWS Secrets Manager
  • Regularly rotate your API credentials
  • Monitor CloudWatch logs for unusual patterns
  • Enable CloudTrail for API activity monitoring
  • Use IAM roles with least privilege access