Logs From EC2 instances using CloudWatch Agent
-
We will configure Cloud watch agent to push the system logs from /var/log
-
Cloud watch logs enable us to store and access logfiles from ec2, Route53 and other sources at one centralized location.
-
Now we nee to have IAM Role for CloudWatchAgentServerRole and CloudWatchLogsFullAccess
-
Create an ec2 instance with the IAM role
-
Install CloudWatchAgent
-
Install APACHE
sudo yum install httpd -y
sudo systemctl enable httpd
sudo systemctl start httpd
- Apache logs are created in folder /var/log/httpd/access_log, error_log
- Now launch the AWS Cloud Watch Agent config wizard
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard
- Now stop the CloudWatch agen and start it by running the following commands
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -m ec2 -a stop amazon-cloudwatch-agent stop/waiting
sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -m ec2 -a start amazon-cloudwatch-agent start/running
- Now Navigate to Log group
- Refer Here for the log insights query syntax
Next Steps:
- BCDR
