Integration-Pages (#104)

* added integration for VPC Flow logs

* modifying image dimensions

* Added integration page for Amazon RDS

* Added integration page for Amazon RDS

* Added integration page for Amazon RDS

* resolved duplication

* added Integration page for Cloudfront

* added Integration page for AWS API Gateway

* added Integration page for AWS cloudwatch metrics

* Added integration page for aws route 53

* added integration page for aws network firewall

* added integration page for aws waf

---------

Co-authored-by: simranquirky <simranquirky>

Author: simranquirky

docs/integration/aws/.pages

@@ -4,6 +4,14 @@ nav:
     - Application Load Balancer(ALB) : alb.md
     - Amazon Virtual Private Cloud : vpc-flow.md
     - Amazon Cognito : cognito.md
+    - AWS Network Firewall : network-firewall.md
     - AWS Cloudwatch logs: cloudwatch-logs.md
+    - AWS Cloudwatch metrics: cloudwatch-metrics.md
+    - Amazon Relational Database Service (RDS) : rds.md
+    - AWS Route 53 : route-53.md
+    - AWS Web Application Firewall (WAF): waf.md
+    - API Gateway logs: api-gateway.md
+    - Amazon CloudFront : cdn.md 
     - Amazon EventBridge : eventbridge.md
-
+    
+  

docs/integration/aws/api-gateway.md

@@ -0,0 +1,80 @@
+---
+title: API Gateway Logs Integration Guide
+description: Stream AWS API Gateway access logs to OpenObserve using Kinesis Firehose for real-time API observability.
+---
+
+# Integration with API Gateway Access Logs via Kinesis Firehose
+
+This guide explains how to stream AWS API Gateway access logs into OpenObserve using Amazon Kinesis Data Firehose and the HTTP endpoint ingestion method.
+
+## Overview
+
+API Gateway can send access logs directly to a Kinesis Firehose delivery stream. OpenObserve ingests these logs in real-time via an HTTP endpoint, allowing you to monitor API request rates, status codes, latency, and failure patterns.
+
+
+## Steps to Integrate
+
+??? "Prerequisites"
+    - OpenObserve account ([Cloud](https://cloud.openobserve.ai/web/) or [Self-Hosted](../../../quickstart/#self-hosted-installation))
+    - AWS API Gateway already configured
+    - IAM permissions to manage API Gateway, Firehose, and roles
+    - An S3 bucket for Firehose backup (optional but recommended)
+
+??? "Step 1: Get OpenObserve Ingestion URL and Access Key"
+
+    1. In OpenObserve: go to **Data Sources → Recommended → AWS**
+    2. Copy the ingestion URL and Access Key
+
+    ![Get OpenObserve Ingestion URL and Access Key](../images/aws-integrations/vpc-flow/fetch-url.png)
+
+    > Update the URL to include your desired stream name:
+    ```
+    https://<your-openobserve-domain>/aws/default/<stream_name>/_kinesis_firehose
+    ```
+
+??? "Step 2: Create Kinesis Firehose Delivery Stream"
+
+    1. Go to **Amazon Kinesis → Firehose → Create delivery stream**
+    2. Choose:
+        - **Source**: `Direct PUT`
+        - **Destination**: `HTTP Endpoint`
+    3. Provide:
+        - **HTTP Endpoint URL**: the OpenObserve Firehose ingestion URL
+        - **Access Key / Secret Key**: from OpenObserve
+    4. Optional: Configure backup to an S3 bucket (recommended)
+    5. Give it a name and complete creation of the stream
+
+??? "Step 3: Enable Access Logging in API Gateway"
+
+    1. Go to your API → **Stages → [Stage Name] → Logs/Tracing**
+    2. Select **Error and Info logs** (collects all events) and Enable: **Custom Access Logging**
+    3. Set **Log Destination ARN**: paste the ARN of the Firehose stream
+    4. Set **Log Format**, for example:
+        ```
+        RequestId: $context.requestId, SourceIP: $context.identity.sourceIp, Method: $context.httpMethod, ResourcePath: $context.resourcePath, StatusCode: $context.status, ResponseLength: $context.responseLength, RequestTime: $context.requestTime
+        ```
+    5. Save changes
+
+        ![Enable Access Logging in API Gateway](../images/aws-integrations/api-gateway/enable-access-log.png)
+
+
+??? "Step 4: Generate API Traffic (Optional)" 
+
+    Use curl, Postman, or your app to trigger API requests:
+
+??? "Step 5: Verify Logs in OpenObserve"
+
+    1. Go to **Logs** in Openobserve → select **stream** → set **time range** → **Run Query** to check for EC2 logs.
+
+    ![Verify Logs in OpenObserve](../images/aws-integrations/api-gateway/verify-logs.png)
+
+??? "Troubleshooting"
+
+    **No logs?**
+    
+    - Confirm IAM role is attached and has correct permissions
+    - Verify the log format and destination ARN in API Gateway
+    - Check the Firehose delivery stream status for delivery failures
+    - Inspect your S3 bucket for failed log records
+    - Confirm the OpenObserve URL and credentials are valid
+

docs/integration/aws/cdn.md

@@ -0,0 +1,76 @@
+---
+title: AWS CloudFront Logs Integration Guide
+description: Stream Amazon CloudFront access logs to OpenObserve using Kinesis Streams and Firehose for real-time visibility.
+---
+
+# Integration with Amazon CloudFront Logs
+
+This guide explains how to ingest Amazon CloudFront access logs into OpenObserve using Amazon Kinesis Data Streams and Kinesis Firehose.
+
+## Overview
+
+CloudFront access logs contain detailed request-level data. By streaming them to OpenObserve, you can monitor CDN performance, detect anomalies, and build custom dashboards in real time.
+
+## Steps to Integrate
+
+??? "Prerequisites"
+    - OpenObserve account ([Cloud](https://cloud.openobserve.ai/web/) or [Self-Hosted](../../../quickstart/#self-hosted-installation))
+    - Amazon CloudFront distribution
+    - S3 bucket to store CloudFront logs
+    - IAM role with necessary permissions
+    - AWS Kinesis Data Stream and Firehose access
+
+??? "Step 1: Get OpenObserve Ingestion URL and Access Key"
+
+    1. In OpenObserve: go to **Data Sources → Recommended → AWS**
+    2. Copy the ingestion URL and Access Key
+
+    ![Get OpenObserve Ingestion URL and Access Key](../images/aws-integrations/vpc-flow/fetch-url.png)
+    
+    > Update the URL to have the stream name of your choice:
+        ```
+        https://<your-openobserve-domain>/aws/default/<stream_name>/_kinesis_firehose
+        ```
+
+??? "Step 2: Create a Kinesis Data Stream"
+
+    1. Navigate to **Kinesis → Data streams → Create data stream**
+    2. Enter stream name: `cloudfront-stream`
+    3. Choose number of shards (default 1 is fine for most use cases)
+    4. Click **Create data stream**
+
+??? "Step 3: Enable Real-Time Log Configuration in CloudFront"
+
+    1. Go to **CloudFront → Telemetry → Logs → Real-time log configurations → Create configuration**
+    2. Set configuration name: e.g., `cloudfront-realtime-logs`
+    3. Choose fields to include in the logs, such as:
+        - `timestamp`, `c-ip`, `cs-uri-stem`, `sc-status`, `cs(User-Agent)` (and others as needed)
+    4. Set sampling rate: e.g., `100` (for 100% of requests)
+    5. Select the **Kinesis data stream** created earlier as Endpoint
+    6. Select the cloudfront distribution to which you want to apply this configuration
+    7. Create the real-time log configuration
+
+    ![Enable Real-Time Log Configuration in CloudFront](../images/aws-integrations/rds/create-config.png)
+
+??? "Step 4: Create a Firehose Delivery Stream to OpenObserve"
+
+    1. Go to **Kinesis → Delivery streams → Create delivery stream**
+    2. Choose:
+        - Source: `Kinesis Data Stream`
+        - Stream name: the stream created in step 2
+        - Destination: `HTTP Endpoint`
+    3. In HTTP endpoint settings, provide OpenObserve's HTTP Endpoint URL and Access Key, and set an S3 backup bucket.
+    4. Give the stream a meaningful name and Click **Create delivery stream**
+
+??? "Step 5: Verify Logs in OpenObserve"
+
+    1. Go to **Logs** → select your log stream → Set time range → Click **Run Query**
+    ![Verify Logs](https://openobserve-prod-website.s3.us-west-2.amazonaws.com/assets/8_view_logs_in_o2_93b009c027.gif)
+
+??? "Troubleshooting"
+
+    **No logs visible?**
+    
+    - Check Firehose delivery status
+    - Verify OpenObserve ingestion URL and access key
+    - Check S3 backup for failed logs

docs/integration/aws/cloudwatch-metrics.md

@@ -0,0 +1,71 @@
+---
+title: AWS CloudWatch Metrics Integration Guide
+description: Stream AWS CloudWatch metrics to OpenObserve via Metric Streams and Kinesis Data Streams for real-time infrastructure monitoring.
+---
+
+# Integration with AWS CloudWatch Metrics via Metric Stream
+
+This guide explains how to stream AWS CloudWatch metrics (e.g., EC2, RDS, Lambda) into OpenObserve using CloudWatch Metric Streams and Kinesis Data Streams.
+
+## Overview
+
+CloudWatch Metric Streams allow efficient, near real-time delivery of metrics to a Kinesis Data Stream. OpenObserve pulls these metrics via an HTTP endpoint, enabling unified, real-time observability across your AWS infrastructure and applications.
+
+## Steps to Integrate
+
+??? "Prerequisites"
+    - OpenObserve account ([Cloud](https://cloud.openobserve.ai/web/) or [Self‑Hosted](../../../quickstart/#self‑hosted‑installation))
+    - AWS IAM permissions for:
+        - CloudWatch: `ListMetrics`, `GetMetricData`, `GetMetricStatistics`
+        - Kinesis Data Streams: `CreateStream`, `PutRecord`
+    - OpenObserve ingestion URL and Access Key
+
+??? "Step 1: Get OpenObserve Ingestion URL and Access Key"
+
+    1. In OpenObserve: go to **Data Sources → Recommended → AWS**
+    2. Copy the ingestion HTTP URL and Access Key
+
+        ![Fetch OpenObserve Ingestion URL](../images/aws-integrations/vpc-flow/fetch-url.png)
+
+    > Example format:
+    > ```
+    > https://<your-openobserve-domain>/aws/default/cloudwatch-logs/_kinesis_firehose
+    > ```
+
+??? "Step 2: Create a Kinesis Firehose Delivery Stream"
+
+    1. In AWS Kinesis Firehose, Create delivery stream.
+    2. Set Source: `Direct PUT` and Destination: `HTTP Endpoint`.
+    3. Provide OpenObserve's HTTP Endpoint URL and Access Key, and set an S3 backup bucket.
+    4. Give the stream a meaningful name and Create it.
+
+    ![Kinesis Firehose Delivery Stream](../images/aws-integrations/cloudwatch-metrics/firehose-stream.png){: style="height:800px"}
+
+??? "Step 3: Create CloudWatch Metric Stream"
+
+    1. Navigate to **CloudWatch → Metric Streams → Create**
+    2. Choose **Custom** setup
+        ![Create Metric Stream](../images/aws-integrations/cloudwatch-metrics/custom-setup.png)
+    3. For **Destination**, select **Kinesis Data Stream** → Select your newly created stream
+    4. Choose AWS namespaces to monitor (e.g., `AWS/EC2`, `AWS/RDS`, `AWS/Lambda`)
+    5. Optional: Filter specific metrics
+    6. Name your stream and click **Create Stream**
+
+    ![Create Metric Stream](../images/aws-integrations/cloudwatch-metrics/metric-stream.png){: style="height:500px"}
+
+
+??? "Step 4: Verify Metrics in OpenObserve"
+
+    1. Go to **Logs** → select your stream → Set time range → Click **Run Query**
+
+    ![Verify Metrics](https://openobserve-prod-website.s3.us-west-2.amazonaws.com/assets%2Frds_metrics_logs_d773f2b4ef.gif)
+
+??? "Troubleshooting"
+
+    **No metrics appearing?**
+    
+    - Confirm Kinesis Data Stream exists and is active
+    - Verify Metric Stream configuration in CloudWatch
+    - Check IAM permissions for CloudWatch and Kinesis
+    - Validate ingestion URL and Access Key in OpenObserve
+

docs/integration/aws/network-firewall.md

@@ -0,0 +1,103 @@
+---
+title: AWS Network Firewall Logs Integration Guide
+description: Stream AWS Network Firewall flow and alert logs to OpenObserve via CloudWatch Logs and Kinesis Firehose for real-time network traffic monitoring.
+---
+
+# Integration with AWS Network Firewall Logs via Firehose
+
+This guide explains how to configure AWS Network Firewall to stream flow and alert logs to OpenObserve using Kinesis Data Firehose.
+
+## Overview
+
+AWS Network Firewall allows you to log network traffic data, including both flow logs and alert logs ,and stream it to destinations like Amazon S3 and Amazon Kinesis. This integration forwards logs to OpenObserve via Firehose, enabling real-time monitoring of your VPC traffic.
+
+## Steps to Integrate
+
+??? "Prerequisites"
+    - OpenObserve account ([Cloud](https://cloud.openobserve.ai/web/) or [Self‑Hosted](../../../quickstart/#self‑hosted‑installation))
+    - AWS IAM permissions to manage Network Firewall, Kinesis Firehose, and IAM roles
+    - S3 bucket for backup (recommended)
+    - A configured AWS Network Firewall deployment
+
+??? "Step 1: Get OpenObserve Ingestion URL and Access Key"
+
+    1. In OpenObserve: go to **Data Sources → Recommended → AWS**
+    2. Copy the HTTP ingestion URL and Access Key
+
+    ![Get OpenObserve Ingestion URL and Access Key](../images/aws-integrations/vpc-flow/fetch-url.png)
+
+    > Example ingestion URL:
+    > ```
+    > https://<your-openobserve-domain>/aws/default/<stream_name>/_kinesis_firehose
+    > ```
+
+??? "Step 2: Create a Kinesis Data Firehose Delivery Stream"
+
+    1. Go to **Kinesis → Firehose → Create delivery stream**
+    2. Choose:
+        - **Source**: `Direct PUT`
+        - **Destination**: `HTTP Endpoint`
+    3. Provide:
+        - **Endpoint URL**: OpenObserve Firehose ingestion URL
+        - **Access Key / Secret Key**: from OpenObserve
+    4. Optionally configure an S3 bucket as a backup
+    5. Name the delivery stream (e.g., `network-firewall-logs`)
+    6. Complete stream creation
+
+    > NOTE: You can create multiple streams for different types of logs
+    
+    ![Create a Kinesis Data Firehose Delivery Stream](../images/aws-integrations/firewall/firehose-streams.png)
+
+??? "Step 3: Enable Logging in AWS Network Firewall"
+
+    1. Go to **VPC → Network Firewall → Firewalls**
+    2. Select your firewall → Navigate to the **Monitoring and Observability** tab → Enable Detailed Monitoring
+    3. Click **Configure** button under **logging configuration**
+        
+        ![Enable Logging in AWS Network Firewall](../images/aws-integrations/firewall/enable-monitoring.png)
+
+    4. Enable logging for alerts and Flow logs 
+    5. Set the **Log destination type** to **Kinesis Data Firehose**
+    6. Select the delivery stream you created earlier 
+        > NOTE: In case you created multiple firehose streams, select respective streams for each log type
+    7. Save the configuration
+
+        ![Enable Logging in AWS Network Firewall](../images/aws-integrations/firewall/firewall-logging-config.png)
+
+
+??? "Step 4: Generate Traffic to Create Logs (Optional)"
+
+    1. Deploy an EC2 instance into a subnet protected by the Network Firewall
+    2. Allow outbound internet access (via NAT or Internet Gateway)
+    3. From the instance, generate traffic:
+        ```bash
+        curl -I https://google.com
+        ```
+
+    This will help trigger flow and alert logs.
+
+??? "Step 5: Verify Log Ingestion in OpenObserve"
+
+    1. Go to **Logs** → select your log stream → Set time range → Click **Run Query**
+
+        ![AWS Network Firewall alert logs in Openobserve](../images/aws-integrations/firewall/alert-logs.png)
+        ![AWS Network Firewall flow logs in Openobserve](../images/aws-integrations/firewall/flow-logs.png)
+
+
+??? "Troubleshooting"
+
+    - No logs visible in OpenObserve
+        - Ensure logging is enabled in Network Firewall and that network traffic is actually flowing through it. 
+        - Also, confirm that your delivery stream is properly configured.
+
+    - Firehose delivery failures
+        - Verify that the OpenObserve ingestion URL and access credentials (Access Key and Secret Key) are correct. 
+        - Check if the Firehose role has the necessary permissions.
+
+    - Log fields are missing or incomplete
+        - Check your S3 backup (if enabled) for any malformed or truncated records. This can help identify issues with the Firehose delivery configuration or log formatting.
+
+    - No alert logs are received
+        - Confirm that your firewall policies include rules with the alert action. Only these rules generate alert logs. Without such rules, only flow logs will be produced.
+
+