# CloudWatch Log Group & Eventbridge Rule

{% hint style="success" %}
The **CloudFormation template** for **WorkSpaces Manager** in the **AWS Marketplace** automatically creates an **EventBridge Rule** and a **CloudWatch Log Group** in the same region where the appliance is deployed. The default **CloudWatch Log Group** is called: <mark style="color:red;">**"/aws/events/WorkSpacesAccessLG"**</mark>
{% endhint %}

**Amazon EventBridge** is a serverless event bus service that allows you to respond to changes in your AWS environment or applications. It helps you build event-driven architectures by capturing real-time data from various AWS services, custom applications, or SaaS providers, and routing that data to different targets.

**Amazon CloudWatch Logs**, a service that collects, monitors, and stores log data from AWS resources, applications, and services. A **Log Group** is a container for logs, grouping together logs from similar sources, such as specific applications or AWS services. Within each Log Group, logs are organized into **Log Streams** (individual log files).

EventBridge can send event data to **CloudWatch Logs** for storage and analysis. EventBridge Rules can collect specific insights for Amazon WorkSpaces that are not available through standard APIs.

## Multi-Region Deployment

When setting up **WorkSpaces Manager** to operate across multiple regions, it’s essential to have an **EventBridge Rule** linked to a **CloudWatch Log Group** in each region where WorkSpaces are deployed. The only caveat is that the **CloudWatch Log Group** must have the exact same name in every region: <mark style="color:red;">**"/aws/events/WorkSpacesAccessLG"**</mark>.

To create new **Rules** and a **CloudWatch Log Group** in a different region from where WorkSpaces Manager was deployed via the **CloudFormation template**, navigate to EventBridge. Click on "Buses" > "Rules":

<figure><img src="/files/wBKmnBHFRkWKTTteNUdA" alt=""><figcaption><p>Amazon Eventbridge</p></figcaption></figure>

Click **"Create rule".**

<figure><img src="/files/U3JIUlBBNhnFqXsehMwM" alt=""><figcaption></figcaption></figure>

Rules can be created in two different ways:

1. Visual Rule Builder (selected by default)
2. Standard (preferred)

<figure><img src="/files/lUZUppBLr7QCBfCZqiqR" alt=""><figcaption></figcaption></figure>

We recommend switching off the "**Visual Rule Builder**". If needed, it can still be used by applying the same logic described below for the "**Standard view**". The process is then divided in 5 steps:

1. Define Rule Detail
2. Build Event Pattern
3. Select Target(s)
4. Configure Tags
5. Review and Create

In the **"Rule Detail"** section, add a **Name** and **Description** (e.g., **WorkSpaces\_Rule**) and leave the "default" configuration for the Event Bus, as displayed below:

<figure><img src="/files/EBks2FU5G7LwfJJGlfmc" alt=""><figcaption></figcaption></figure>

In the **"Events"** section, select **"AWS events or EventBridge partner events"**:

<figure><img src="/files/BuMvQZHx8THEVWZMnXdt" alt=""><figcaption></figcaption></figure>

Below, in the **"Sample event - optional"** drop down, select **"AWS Events"** and search for **"WorkSpaces Access."**

<figure><img src="/files/cp2NkwI13DVXCATumLeL" alt=""><figcaption></figcaption></figure>

In the last step, under **"Event pattern,"** select the following options:

* **Creation Method: "Use pattern form"**
* **Event Source**: **"AWS Services"**
* **AWS Service**: **"WorkSpaces"**
* **Event Type**: **"WorkSpaces Access"**

<figure><img src="/files/ozorw3J4UaQJ6lyAnkC2" alt=""><figcaption></figcaption></figure>

Click on **"Next"**. In the Select Target(s)s section, for **"Target 1"**, choose:

* Target Type: **"AWS Service"**
* Select a target: **"CloudWatch Log Group"**
* Log Group: <mark style="color:red;">**"/aws/events/WorkSpacesAccessLG"**</mark>

<figure><img src="/files/pST8Da1iuKxLUMwPrBfm" alt=""><figcaption></figcaption></figure>

Configure the optional tags as required by your IT Policy.

<figure><img src="/files/gLa4hnD9boXteSdVRmIa" alt=""><figcaption></figcaption></figure>

And then review and create the rule:

<figure><img src="/files/ShCvVebQowlmE4guFCqs" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/HIwYoYknqjte3DwHVAtW" alt=""><figcaption></figcaption></figure>

A success banner should appear on top of the page.

<figure><img src="/files/7QyfCTecHVAZr5165un3" alt=""><figcaption></figcaption></figure>

On CloudWatch, click on **“Logs”** > **“Log Management”** > confirm that the new log group exists.

<figure><img src="/files/OS8JMWKOs2DttXxk6dPG" alt=""><figcaption></figcaption></figure>

Now, in WorkSpaces Manager, click on the **“Configuration”** drop-down, select **“Settings”**, and then **“Amazon Web Services”** Scroll down to the Account settings and select account, fill in the **“Access Log Group”** field with the following information: `/aws/events/WorkSpacesAccessLG`.

<figure><img src="/files/nEOibSv6nTwNnFT6tTjs" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.nuvens.cloud/install/installation-prerequisites/cloudwatch-log-group-and-eventbridge-rule.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.