CloudWatch Logs (Manual)
AWS CloudWatch Logs are used to monitor and store log files from AWS EC2 (Elastic Compute Cloud) instances, AWS Route 53 and other sources. Fluency can retrieve these logs via an IAM user with the permissions to access CloudWatch.
The Official CloudWatch Logs user guide can be found at the following link:
https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/WhatIsCloudWatchLogs.html
CloudFormation
Note: For an easier set up using AWS CloudFormation, please follow the guide for CloudFormation: Setup Guide via CloudFormation.
CloudWatch Logs Integration (Manual Set-up/Configuration)
In the figure below, we see an example of two CloudWatch Log Groups, both originating from EC2 instances.
For complete instructions on using AWS CloudWatch, you may vist the Official AWS Documentation:
Additionally, each AWS service will have it’s own set of instructions on configuring and using CloudWatch logs:
Adding permissions to the IAM user
For CloudWatch Logs, the only required action is to configure the IAM user assigned to Fluency with Read-only permissions to CloudWatch services.
Navigate to the IAM section of the AWS Mangement console. In the "Users" tab, select the IAM user to modify.
Choose the Permissions tab, and select "Add permissions".
In the "Attach existing polices directly" panel, add the following two pre-defined permissions to the IAM user. You may use the search functions to locate these entries.
CloudWatchReadOnlyAccess
CloudWatchLogsReadOnlyAccess
Review and add these permissions.
Fluency interface configurations
Configure the log groups to be collected by going to the Fluency interface.
Continue configuration on Fluency.
Page last updated: 2023 Aug 07 11:49:33 EDT