Forked from adam-hanna/systemd-cloudwatch-logs-tutorial.md
Created
March 3, 2025 18:42
-
-
Save luisc009/6bd716c0927f33871a3771df63198b8f to your computer and use it in GitHub Desktop.
Revisions
-
adam-hanna revised this gist
Jun 4, 2019 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -5,7 +5,7 @@ I often find myself ssh'ing into my servers and checking my systemd service logs Overall, it's a fairly simple process consisting of the following few steps. ### 1. Modify the service file Open the service file with `$ sudo vi /lib/systemd/system/{name}.service` Modify the `[Service]` section: ``` -
Jun 4, 2019 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,7 +2,7 @@ I often find myself ssh'ing into my servers and checking my systemd service logs with `$ journalctl -f -u {name}.service`. One day I got tired of this and wanted all of my important logs in once place (Amazon AWS Cloudwatch). To my dismay, there weren't any real good tutorials on how to do so. So, voilà. ## Steps Overall, it's a fairly simple process consisting of the following few steps. ### 1. Modify the service file Open the service file with `$ sudo vi /lib/systemd/system/{service}.service` -
Jun 4, 2019 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,5 +1,5 @@ ## Introduction I often find myself ssh'ing into my servers and checking my systemd service logs with `$ journalctl -f -u {name}.service`. One day I got tired of this and wanted all of my important logs in once place (Amazon AWS Cloudwatch). To my dismay, there weren't any real good tutorials on how to do so. So, voilà. ## Steps Overall, it's a fairly simple process consisting of the following steps. -
Jun 4, 2019 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -90,4 +90,4 @@ Copy/paste the below json being sure to change settings as appropriate: } ``` Finally, start the cloudwatch agent `$ sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:/home/ubuntu/cloudwatch/config.json -s` -
Jun 4, 2019 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,93 @@ ## Introduction I often find myself ssh'ing into my servers and checking my systemd service logs with `$ journalctl -f -u {name}.service`. One day I got tired of this and wanted all of my important logs in once place. To my dismay, there weren't any real good tutorials on how to do so. So, voilà. ## Steps Overall, it's a fairly simple process consisting of the following steps. ### 1. Modify the service file Open the service file with `$ sudo vi /lib/systemd/system/{service}.service` Modify the `[Service]` section: ``` [Service] ... StandardOutput=file:/var/log/{name}/logs.log StandardError=file:/var/log/{name}/logs.log ``` Next, create the directory `$ sudo mkdir /var/log/{name}` Finally, restart the service: ``` sudo systemctl daemon-reload sudo systemctl stop {name}.service sudo systemctl start {name}.service ``` Wait a little bit, and confirm logs are being written `$ cat /var/log/{name}/logs.log` ### 2. Install the cloudwatch agent ``` $ mkdir /tmp/cloudwatch-logs && cd /tmp/cloudwatch-logs $ wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb $ sudo dpkg -i -E ./amazon-cloudwatch-agent.deb ``` Be sure to download the appropriate agent [for your OS](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/download-cloudwatch-agent-commandline.html) ### 3. Create an IAM role See, [here](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/create-iam-roles-for-cloudwatch-agent-commandline.html) (copied below for convenience). > 1. Sign in to the AWS Management Console and open the IAM console at https://console.aws.amazon.com/iam/. > 2. In the navigation pane on the left, choose Roles and then Create role. > 3. For Choose the service that will use this role, choose EC2 Allows EC2 instances to call AWS services on your behalf. Choose Next: Permissions. > 4. In the list of policies, select the check box next to CloudWatchAgentServerPolicy. If necessary, use the search box to find the policy. > 5. Choose Next: Review. > 6. Confirm that CloudWatchAgentServerPolicy appears next to Policies. In Role name, enter a name for the role, such as CloudWatchAgentServerRole. Optionally give it a description. Then choose Create role. ### 4. Attach the IAM role to your EC2 instance See, [here](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/iam-roles-for-amazon-ec2.html#attach-iam-role) (copied below for convenience) > 1. Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/. > 2. In the navigation pane, choose Instances. > 3. Select the instance, choose Actions, Instance Settings, Attach/Replace IAM role. > 4. Select the IAM role to attach to your instance, and choose Apply. ### 5. Create the log stream in cloudwatch 1. Navigate to https://console.aws.amazon.com/cloudwatch 2. Click `Logs` from the left menu. Then click `Actions` > `Create log group`. Name it `/{service}/`. 3. Click on the newly greated log group. Then click `Create Log Stream`. Name it `logs`. ### 6. Create a config file and start cloudwatch ``` $ mkdir ~/cloudwatch && cd ~/cloudwatch $ vi config.json ``` Copy/paste the below json being sure to change settings as appropriate: ```json { "agent": { "metrics_collection_interval": 60, "logfile": "/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log" }, "logs": { "logs_collected": { "files": { "collect_list": [ { "file_path": "/var/log/{service}/logs.log", "log_group_name": "/{service}/", "log_stream_name": "logs", "timezone": "UTC" } ] } }, "log_stream_name": "logs", "force_flush_interval" : 60 } } ``` Finally, start the cloudwatch agent `sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -c file:/home/ubuntu/cloudwatch/config.json -s`