Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to rotate logs in AWS CloudWatch?

Tags:

logging

amazon-web-services

amazon-cloudwatch

I am using the Amazon CloudWatch Log Agent (AWS documentation) to upload logs from my EC2 instances to the CloudWatch console.

For my CloudWatch Log Agent configuration on EC2, I have the following:

[general]
state_file = /var/awslogs/state/agent-state  

[applog]
file = /var/www/html/logs/applog.log
log_group_name = MyApp
log_stream_name = applog.log
datetime_format = %Y-%m-%d %H:%M:%S

My question is, how do I get the applog.log to rotate on a daily basis? In the AWS Documentation (link above), it mentions being able to configure log rotation policies, but I can't find any mention/example of how to actually do this. I've tried specifying the log_stream_name as applog_%Y-%m-%d.log, but it interprets this literally.

Any ideas or pointers in the right direction would be very welcome - thanks!

like image 280
darkrider1287 Avatar asked Feb 21 '16 18:02

darkrider1287

People also ask

What is log rotation policy in AWS?

Rotating your logs makes sure that old logs are deleted automatically from your environment's EC2 instances. If you want your old logs to persist, you can enable rotated logs to be uploaded to Amazon Simple Storage Service (Amazon S3) before the logs are deleted from an instance.

Why do we rotate logs?

The main purpose of log rotation is to restrict the volume of the log data to avoid overflowing the record store, while keeping the log files small enough so viewers can still open them.

How do you rotate a log in Linux?

Running logrotate is pretty simple—just run logrotate -vs state-file config-file . In the above command, the v option enables verbose mode, s specifies a state file, and the final config-file mentions the configuration file, where you specify what you need done.

Can you edit a CloudWatch log?

As you probably already know,Cloud-watch helps to record the logs of all aws services. Cloud-watch Log streams helps to listen the event automatically without any triggers. Using this Cloud-watch Log streams we can able to edit the cloud-watch logs.

2 Answers

I don't think there is a way to rotate the log_stream_name using Amazon's CloudWatch Log Agent. The log rotation described in the documentation is related to ingesting log files that get rotated by your system, the CloudWatch Log Agent does not perform any log rotation itself.

According to the documentation the only variables allowed in the log_stream_name property are {instance_id}, {hostname} and {ip_address}

like image 160
Mark B Avatar answered Oct 02 '22 18:10

Mark B

I think what you are asking for is log expiry. At least that is what I was looking for. And here is how you can expire logs after a certain amount of time:

  1. Through sam template
  2. Through console:
    1. On the AWS console dashboard, navigate to Cloudwatch>>Logs.
    2. In the table which lists all the logs, for your particular log in question:, click on "Never expire", in the "Expire Events After" column. The popup will allow you to choose the retention period
like image 34
vecktorking Avatar answered Oct 02 '22 18:10

vecktorking
Sign in to Comment

Related questions

Does ELB connection draining apply when spot instances are terminated?
Can AWS SES send bounce/complaint objects to an http endpoint?
AWS, Can't change ec2 instance type
AWS S3 cp failing to go through
s3_direct_upload is not working in production server
Amazon RDS Read Replica -- Skipping Replication Errors
Amazon Cognito connection cannot find IdentityPool
How to load gzipped json data from a copy
What happen when I set Quiet to true in Amazon S3 for anabling Quiet Mode in deleteObjects() method?
Cluster hangs in 'ssh-ready' state using Spark 1.2.0 EC2 launch script
aws kinesis get-records returns empty array
Using amazon RDS with WordPress over SSL
Cookies set, but not sent to Cloudfront
Serving private content from CloudFront with Signed Cookies
CloudFormation SQS Queue Redrive policy dependency on a DLQ created
How to get a response from NSURLSessionDownloadTask downloadTaskWithRequest
Failing to deploy a Laravel app to EC2
Change hostname for AWS ec2 instance
How can I detect if a tcp connection has been forwarded from a ssl connection?
Difference between S3 public files and static websites

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!