Is it possible to rename an AWS CloudWatch Log Group?

Question

I have created an AWS CloudWatch log group with a name which was not very future proof. Is it possible to rename such a log group? I could find no option to do this via the CloudWatch console.

I guess an alternative would be to export the content of the log group, create a new log group with the desired name, and then re-consume the exported logs to the new log group. I would prefer to avoid this approach though, as (apart from being tedious) this would reset the ingestionTime of all the log events in the log group.

Answer 1

It does not seem to be possible at the current time. The AWS CLI only lists the following log-group-related actions at this time:

• create-log-group
• delete-log-group
• describe-log-groups
• list-tags-log-group
• tag-log-group
• untag-log-group

My solution, since the log-group was only recently created and all the original log files were still on the EC2 instance, was to:

1. stop the CloudWatch Logs agent on the EC2 instance with $ /etc/init.d/awslogs stop.
2. ensure the application was not currently running/logging on the EC2 instance
3. delete the existing log-group on CloudWatch
4. move the existing log files out of the expected directory on the EC2 instance
5. edit the file /var/awslogs/etc/awslogs.conf on the EC2 instance to specify the desired log group name instead of the previous one.
6. start the CloudWatch Logs agent on the EC2 instance with $ /etc/init.d/awslogs start.
7. move each log file back into the expected directory on the EC2 instance, one at a time, from the earliest to the latest (in terms of file modification time), so the log agent will process all of them (and not just ignore files with non-latest modification time) and send them to the new log-group.
8. restart the application on the EC2 instance

Quite the tedious procedure, especially with having to manually move the log files, one at a time, in the correct order. Would be neat if there was functionality in the future to rename a log group.