How to Install and Configure the CloudWatch Logs Agent on a Running EC2 Linux Instance & Push the logs to cloudwatch using Agent.

Priya
April 15, 2021

How to Install and Configure the CloudWatch Logs Agent on a Running EC2 Linux Instance & Push the logs to cloudwatch using Agent.

Step 1: Launch a EC2 Linuc instance & Attached IAM Role for CloudWatch Logs.

To configure your IAM role or user for CloudWatch Logs

Open the IAM console at https://console.aws.amazon.com/iam/.

In the navigation pane, choose Roles.

Choose the role by selecting the role name (do not select the check box next to the name).

Choose Attach Policies, Create Policy.

A new browser tab or window opens.

Choose the JSON tab and type the following JSON policy document.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "logs:CreateLogGroup",
        "logs:CreateLogStream",
        "logs:PutLogEvents",
        "logs:DescribeLogStreams"
    ],
      "Resource": [
        "*"
    ]
  }
 ]
}

When you are finished, choose Review policy. The Policy Validator reports any syntax errors.

On the Review Policy page, type a Name and a Description (optional) for the policy that you are creating. Review the policy Summary to see the permissions that are granted by your policy. Then choose Create policy to save your work.

Close the browser tab or window, and return to the Add permissions page for your role. Choose Refresh, and then choose the new policy to attach it to your role.

Choose Attach Policy.

Step 2: Install CloudWatch Logs agent on an Existing Amazon EC2 Instance.

sudo yum update -y

sudo yum install -y awslogs

Step 3: Install nginx web server on an Existing Amazon EC2 Instance.

sudo amazon-linux-extras install nginx1

Step 4: start & enable nginx web server.

systemctl start nginx

systemctl enable nginx

Step 5: Edit the /etc/awslogs/awslogs.conf file to configure the logs to track.

[/var/log/nginx/access.log]

datetime_format = %b %d %H:%M:%S

file = /var/log/nginx/access.log

buffer_duration = 5000

log_stream_name = amazonlinux-{instance_id}

initial_position = start_of_file

log_group_name = /var/log/nginx/access_log

Step 6: By default, the /etc/awslogs/awscli.conf points to the us-east-1 region. To push your logs to a different region, edit the awscli.conf file and specify that region.

Step 7: Start the awslogs service.

sudo systemctl start awslogsd

Step 8: After this, Go to CloudWatch Service–>check Log groups.

Step 9: Click on /var/log/nginx/access_log log group name –>Click on Log stream-→show nginx logs

Leave a Reply Cancel reply

You must be logged in to post a comment.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others