Data is not Forwarding from Sumo Logic to our S3 Bucket

Problem:

We had set up a new S3 bucket and prefix as a data forwarding target for files older than our current log file retention policy, however, we aren't seeing new files show up in the new S3 bucket with path prefix.

Solution:

Step 1 - Verify the Required Permissions

Make sure the accessID/Key supplied within your data forwarding rule has the required permissions for Sumo Logic to post to your S3 Bucket. See Grant Access for Data Forwarding from Sumo Logic to S3 for more information on the required permissions and how to configure your user policy. 

Step 2 - Verify your Forwarding Destination has been assigned to your Partition or Index

Once a new data forwarding destination is created and permissions have been verified, you will need to configure your Partition or Index to forward data using this rule. Once the data forwarding destination is assigned to the specific Partition or Index files should begin to show up within your S3 bucket within a few minutes.

1. In Sumo Logic, go to Manage Data > Settings > Partitions, or Manage Data > Settings > Scheduled Views, depending on whether you want to forward data from a Partition or a Scheduled View.
2. Click the three-dot icon to the right of the Partition or View for which you want to enable data forwarding and select Edit Data Forwarding. (The screenshot below is the Partitions page.)
   
   
   
   
3. On the Edit Data Forwarding page, click the Enable Data Forwarding checkbox.
   
   
   
   
4. Select the forwarding destination. You can choose a previously configured destination, or click New Amazon S3 Destination to set up a new one. If you select the new option, you’ll see all of the settings to add a new Data Forwarding destination. See the previous procedure in this topic for instructions on configuring the settings.
   
   
   
   
5. For File Format, you can enter a path name or other file format and include any of the following variables, as in the previous screenshot:  {day} Replace with the day of the year in the yyyy-MM-dd format
   {hour} Replace with hour in day (0-23)
   {minute} Replace with minute in hour
   {second} Replace with second in hour
   {uuid} Replace with a unique, randomly generated identifier (UUID)
   If you leave this field blank, the default format {index}_{day}_{hour}_{minute}_{second} is used.
   
6. Click Save to save your changes and start forwarding data. 

You can also enable Data Forwarding when you first create a Partition or Scheduled View by selecting the Enable Data Forwarding check box.