I want to check system logs in aws instance because my account being paused. sending to too many invalid emails please help me how we can check this thank u.
Related
I wish to know how to implement session logging from a ssh session.
I want to collect the session data from the ec2 ubuntu session connected via putty.
All the commands that has been run in the session must me streamed and sent to cloudwatch logs or s3.
Any Suggestions??
I found that we can store the session data( stream logs) from session started from the Session Manager. But I want the same to be done from Putty session too.
Hope I get a solution.
Thanks in Advance
You could use CloudWatch Agent to send the historycommand output to your desired CloudWatch log stream.
CloudWatch agent: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Install-CloudWatch-Agent.html
AmazonCloudWatch:
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/QuickStartEC2Instance.html
first time asker.
So I've been trying to implement AWS Cloud Watch to monitor Disk Usage on an EC2 instance running EC2 Linux. I'm interesting in doing this just using the CW Agent and I've installed it according to the how-to found here. The install runs fine and I've made sure I've created an IAM Role for the instance as is described here. Unfortunately whenever I run the amazon-cloudwatch-agent.service it only sends log files and not the custom used_percent measurement specified. I receive this error when I tail the logs.
2021-06-18T15:41:37Z E! WriteToCloudWatch failure, err: RequestError: send request failed
caused by: Post "https://monitoring.us-west-2.amazonaws.com/": dial tcp 172.17.1.25:443: i/o timeout
I've done my best googlefu but gotten nowhere thus far. If you've got any advice it would be appreciated.
Thank you
Belated answer to my own question. I had to create a security group that would accept traffic from that same security group!
Having the same issue, it definitely wasn't a network restriction as I was still able to telnet to the monitoring endpoint.
From AWS docs: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/create-iam-roles-for-cloudwatch-agent.html
One role or user enables CloudWatch agent to be installed on a server
and send metrics to CloudWatch. The other role or user is needed to
store your CloudWatch agent configuration in Systems Manager Parameter
Store. Parameter Store enables multiple servers to use one CloudWatch
agent configuration.
If you're using the default cloudwatchagent configuration wizard, you may require extra policy CloudWatchAgentAdminRole in your role for the agent to connect to the monitoring service.
WorkSpaces client is showing the above error message after giving credentials in loginscreen and clicking on login.
Amazon WorkSpaces
Unable to connect
We couldn't launch your WorkSpace. Please try again.
If you need help, contact your administrator.
You appear to be using Amazon WorkSpaces.
The error is saying that the nominated WorkSpace either does not exist, or there is a problem launching it.
You should look in the Amazon WorkSpaces management console to check the instance. If somebody else setup WorkSpaces for you, it is possible that you do not have enough permissions to look at this information. That is why the error message is suggests that you should contact your administrator.
I faced a similar issue a few times. Restarting the workspace (which takes around 5-10 minutes) and then logging in again worked for me.
Just have the Administrator reboot or stop on the Workspace console, it takes about 5min though, All the time i have experienced it its when there has been a network disruption.
Also, be aware that there is a Running Mode setting on the WorkSpaces console for the WorkSpace. If set to AutoStop, and set with a time period, it will be stopped automatically after the being idle for that period of time. Setting it to AlwaysOn will ensure it stays active, but beware that you'll move to a monthly billing model, not by-the-minute.
We are using log-entries as driver on AWS ECS service for sending logs to our logentries account. We have configured AWS ECS service with required parameters like logentries-token but it's observed that after certain amount of time certain containers are not able to send logs to logentries.
Appreciate your help in advance, I am unable to find proper documentation for this on both logenries as well as AWS.
Thanks,
We had the same issue, so I started digging deeper than usual.
Actual driver implementation is quite simple.
The dragon is a dependency that does the socket, tls handling
There is a open issue and a PR to solve a very similar issue.
The PR is stale and I don't see chance for it to land, so I move away from logentries and recommend doing the same. Probably cloudwatch will be better.
Amazon Web Services notified me
We've received a report that your instance(s):
Instance Id: XXXX IP Address: XXXX
has been making illegal intrusion attempts against remote hosts on the
Internet; check the information provided below by the abuse reporter.
I am running a Bitnami server on a single EC2 instance, which appears to have been compromised, and I'm trying to figure out the least disruptive way to fix the problem. Is the simplest solution to shut down the server, migrate my scripts and database to a new Bitnami instance, and change the administrator password?
I'm not sure if this is relevant, but Bitnami sent me an email late last year indicating that my server was running an older version of PHP vulnerable to this security problem and to remove this version by executing this command
sudo rm -f /opt/bitnami/apache2/cgi-bin/php-cgi /opt/bitnami/apache2/cgi-bin/php-cgi.bin
I did this, but received the AWS notification within a week after I received this notification from Bitnami.
Kill it with fire.
Seriously, if the instance has been compromised in some way, you'll never be sure you haven't inadvertently transferred something with a nasty hidden payload even if you create a new instance and attempt to salvage anything from the old.
So kill it, then create and configure a new server from scratch. Bear in mind that the AWS ToS allows Amazon to kill the instance themselves and/or even terminate your account if they think you're not taking the problem seriously, so better to get it done yourself and tell them what you've done.