This article demonstrates building a serverless log analytics pipeline using Amazon OpenSearch Ingestion and managed OpenSearch Service.

• OpenSearch Ingestion is a fully managed, serverless data collector powered by open-source Data Prepper
• Fluent Bit collects Apache logs and forwards them to OpenSearch Ingestion for processing
• Pipeline filters, transforms, and conditionally routes logs to different OpenSearch indexes based on HTTP response codes
• Grok processor parses logs using COMMONAPACHELOG pattern for easy querying
• Requires IAM roles: IngestionRole for Fluent Bit and PipelineRole for OpenSearch Ingestion
• Automatic scaling handles up to 96 Ingestion OCUs based on workload demand
• CloudWatch metrics and alarms monitor pipeline performance and availability
• Production deployments should use minimum 2 OCUs for 99.9% availability

The post provides step-by-step configuration, deployment instructions using Docker Compose, and best practices for production workloads including cost management and monitoring strategies.