DAY 11 - Hybrid Cloud- AWS LogAgent for CloudWachLogs
☁️100 days of Cloud- Day Eleven
✅Connect with me on Twitter
🤝🏽Connect with me on Linkedin
🧑🏼🤝🧑🏻 Read more post on dev.to or iCTPro.co.nz
Tweet This Blog - 100 days of Cloud on GitHub - Read On iCTPro.co.nz
CloudWatch Logs agent - Helps to send Logs automatically flow from the instance to the log stream. The agent confirms that it has started and it stays running until you disable it.
IAM User - Programmatic access
Create a IAM user with programmatic access to CloudWatch. Make sure you give least privilege. We need access to deliver logs, create a log group & create log stream. Use the Policy shown below. Note down the AWS Programmatic access Key .
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Resource": [
"*"
]
}
]
}
Adding role to EC2 (For Production attach as IAM role to Ec2.)
Comments | Screenshots/Action |
---|---|
Goto IAM and click | Roles then Create role |
Select Trusted entity type | AWS service |
Common use cases | EC2 & Click Next |
Add permissions, search for | CloudWatchAgentAdminPolicy then Click Next |
Name the role | |
Now Click | Create role |
- Now attach the role to EC2, Goto Ec2 DashBoard Select Server >> Click Actions >> Security >> Modify IAM role
- Enter EC2CloudWatch-Agent-AdminRole(IAM role name) >> Click Save.
Installing AWS Log Agent
- SSH into your System , use PuTTY
- once you log in update OS, here for demo purpose am using a server which is Debian based.
sudo apt-get update -y
- Install python if your server does not have Python.
sudo apt-get install python
- Download log Agent
curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O
- Install agent , make sure you add your ec2 region
sudo python ./awslogs-agent-setup.py --region ap-southeast-2
- Once installation Start, it will prompt you to enter AWS CLI access
- Configuring the CloudWatch Logs Agent
Verify Logs
- Goto Cloud watch dashboard from your console Click on to Log groups.
- You will be able to your log group, here for instance we named it as Ec2-Log-Group.Click on name.
- if you scroll down you will be able to see the log stream with your AMI ID. Click to view the Logs.
Now you can create specific metric according to your requirement and create alarm or deliver it to your dashboard to view events.
🎉Congratulations🎉 you have successfully configured CloudWatch Log Agent to deliver logs to Log Stream.
Top comments (0)