Configuring Custom Logs on AWS CloudWatch Console

You can send logs from an appliance which is on-premise or launched on any of the cloud platforms, such as, AWS, GCP, or Azure. The logs are sent from the appliances and stored on the AWS CloudWatch Console. By default, the following logs are sent from the appliances:

  • Syslogs
  • Current events logs
  • Apache2 error logs
  • Service dispatcher error logs
  • Web services error logs

You can send custom log files to the AWS CloudWatch Console. To send custom log files to the AWS CloudWatch Console, you must create a file in the /opt/aws/pty/cloudwatch/config.d/ directory. You can add or edit the log streams in this file to generate the custom logs with the following parameters.

You must not edit the default configuration file, appliance.conf, in the /opt/aws/pty/cloudwatch/config.d/ directory.

The following table explains the parameters that you must use to configure the log streams.

ParameterDescriptionExample
file_pathLocation where the file or log is stored“/var/log/appliance.log”
log_stream_nameName of the log that will appear on the AWS CloudWatch Console“Appliance_Logs”
log_group_nameName under which the logs are displayed on the CloudWatch Console- On the CloudWatch Console, the logs appear under the hostname of the ESA instance.
- Ensure that you must not modify the parameter log_group_name and its value {hostname}.

Sample configuration files

Do not edit the appliance.conf configuration file in the /opt/aws/pty/cloudwatch/config.d/ directory.

If you want to configure a new log stream, then you must use the following syntax:

[
    {
            "file_path": "<path_of_the_first_log_file>",
            "log_stream_name": "<Name_of_the_log_stream_to_be_displayed_in_CloudWatch>",
            "log_group_name": "{hostname}"
    },
                .
                .
                .
    {
            "file_path": "<path_of_the_nth_log_file>",
            "log_stream_name": "<Name_of_the_log_stream_to_be_displayed_in_CloudWatch>",
            "log_group_name": "{hostname}"
    }                          
]

The following snippet displays the sample configuration file, configuration_filename.conf, that sends appliance logs to the AWS CloudWatch Console.

[
    {
            "file_path": "/var/log/syslog",
            "log_stream_name": "Syslog",
            "log_group_name": "{hostname}"
    },
    {
            "file_path": "/var/log/user.log",
            "log_stream_name": "Current_Event_Logs",
            "log_group_name": "{hostname}"
    }
]

If you configure custom log files to send to CloudWatch Console, then you must reload the CloudWatch integration or restart the CloudWatch service. Also, ensure that the CloudWatch integration is enabled and running.

For more information about Reloading AWS CloudWatch Integration, refer to Reloading AWS CloudWatch Integration.