I am trying to send the application logs deployed on ECS Fargate to Datadog using Fluent Bit and following the steps mentioned https://docs.datadoghq.com/integrations/ecs_fargate/?tab=fluentbitandfirelens#
However "ECS Deployment on service X" is the only log I'm seeing in Datadog. I believe it is the ECS Metadata log which I have set to true.
I have configured to send the Fluent Bit logs to CloudWatch and the last line I see there is "stream processor started" , no errors.
So I'm guessing everything is setup correctly. Am I missing something?
Related
I got aws eks cluster and deploy some application that got Haproxy pod and application pods. To get logs in CloudWatch i install aws fluent bit using this instruction https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Container-Insights-setup-logs-FluentBit.html
All works as expected but i see that my application writes logs to separate log group and to /aws/containerinsights/Cluster_Name/application so i got duplicated logs.
If i turn off fluent bit logs i miss Haproxy logs that i need
How i can turn all logs exept Haproxy one ? Haproxy pod writes logs to stdoud
So my understanding is that when I deploy a new service to ECS using AWS Copilot, logs are forwarded to CloudWatch automatically by default.
Copilot creates log groups for each service, I can see that in CloudWatch Logs.
However, according to AWS docs, logging can be also implemented using Copilot sidecars and AWS FireLens, which uses FluentD or FluentBit to collect logs, and then it forwards stuff CloudWatch.
I don't understand why is this necessary. I mean, why to create a sidecar for logging to CloudWatch, when logging seems to work automatically, without any sidecar.
https://aws.github.io/copilot-cli/docs/developing/sidecars/
There is an example here for logging via FireLens. What's the benefit of doing this over the logging mechanism that just works by default?
Thanks in advance!
AWS Copilot builds an image for you application that already has an agent configured to forward logs to CloudWatch, however you might want to deploy other images to ECS that don't have this agent installed. For example, suppose you wanted to deploy an nginx container to ECS, you might choose to use a sidecar to forward logs instead of customizing the nginx image.
first time asker.
So I've been trying to implement AWS Cloud Watch to monitor Disk Usage on an EC2 instance running EC2 Linux. I'm interesting in doing this just using the CW Agent and I've installed it according to the how-to found here. The install runs fine and I've made sure I've created an IAM Role for the instance as is described here. Unfortunately whenever I run the amazon-cloudwatch-agent.service it only sends log files and not the custom used_percent measurement specified. I receive this error when I tail the logs.
2021-06-18T15:41:37Z E! WriteToCloudWatch failure, err: RequestError: send request failed
caused by: Post "https://monitoring.us-west-2.amazonaws.com/": dial tcp 172.17.1.25:443: i/o timeout
I've done my best googlefu but gotten nowhere thus far. If you've got any advice it would be appreciated.
Thank you
Belated answer to my own question. I had to create a security group that would accept traffic from that same security group!
Having the same issue, it definitely wasn't a network restriction as I was still able to telnet to the monitoring endpoint.
From AWS docs: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/create-iam-roles-for-cloudwatch-agent.html
One role or user enables CloudWatch agent to be installed on a server
and send metrics to CloudWatch. The other role or user is needed to
store your CloudWatch agent configuration in Systems Manager Parameter
Store. Parameter Store enables multiple servers to use one CloudWatch
agent configuration.
If you're using the default cloudwatchagent configuration wizard, you may require extra policy CloudWatchAgentAdminRole in your role for the agent to connect to the monitoring service.
I created 2 applications with spring boot. I deployed them on Amazon Elastic Beanstalk. One is deployed in a Java environment, the other one in Tomcat.
Tomcat has its catalina.out log, where I can find the logs written by my spring application with log4j. The Java application has a log web-1.log, but it is rolled every hour, and I can only find the last 5 logs.
Is there a better way to log, or to store the old logs (maybe on S3), or to change the retention policy?
You can apply log rotation to S3. You also have the elk stack option but requires effort.
If you want a more aws solution you can utilize cloudwatch. For example you set up your logger with a custom appender that sends logs back to cloudwatch.
By using cloudwatch you can have a more friendly way to check your logs.
I have tried sending custom metrics to Cloud Watch.
For Ec2Config version till 4.1, I had to enable the cloud watch logs integration. It looked like the following :
Now, I am trying to do it for the instances whose Ec2Config service version is 4.2.1442, but the Cloud Watch Integration Checkbox is not visible. Infact, the CloudWatch Logs section is not being shown. Because of this, I am unable to send custom metrics to CLoudWatch.
How do I enable CloudWatch Logs integration now? Please suggest.
I am using an updated version of EC2Config (4.2.x), and this is the reason why I am unable to find the CloudWatch Logs Integration checkbox.
According to AWS Documentation :
http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/send_logs_to_cwl.html
Step 2 clearly notes the following :
NOTE :
If you don't see the Enable CloudWatch Logs integration option, then you are using an updated version of the EC2Config service that no longer supports enabling CloudWatch integration. You must use Systems Manager Run Command to enable CloudWatch integration.
As suggested, I followed the following link :
http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/remote-commands-cloudwatch.html
By following that, I was able to solve it. My instance had no IAM Role attached, so I attached it using the AWS CLI. Then, I ran the Run Command from the AWS EC2 console which automatically pushed custom performance counters to CloudWatch.