Cloudwatch logs input configuration help needed

tarp · March 28, 2017, 7:45pm

Hi,

I'm trying to configure the cloudwatch input plugin to pull in custom cloudwatch logs. Below is my config.
cloudwatch {
namespace => "AWS/LOGS"
metrics => ["IncomingBytes","IncomingLogEvents"]
filters => { "tag:Group" => "ops-incident-service-cloudwatch-alarmsvpc06752f63" }
region => "us-east-1"
}

I'm not very confident on the "metrics"variable.
In the AWS console, I can view my logs at
CloudWatch > Log Groups > ops-incident-service-cloudwatch-alarmsvpc06752f63

In the view I see headers [ "Log Streams", "Last Event Time"]
below the header I have records like this.

ip-10-212-100-108, 2017-03-28 14:31 UTC-5
And each of those is bunch of events.

So is it even possible to configure this plugin to suck in these logs?
Thanks,
Tim

system · April 25, 2017, 7:45pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cloudwatch input plugin configuration details for fetching AWS/ECS metrics Logstash	1	163	January 11, 2024
Cloudwatch input plugin- No Metrics to Query Logstash	2	782	June 20, 2018
Unable to fetch metrics from AWS/ECS - Cloudwatch input plugin Logstash	1	494	October 18, 2019
Cloudwatch logs input plugin not streaming all log groups Logstash	4	562	December 22, 2020
Logstash cloudwatch input plugn Logstash	1	337	December 12, 2018

Cloudwatch logs input configuration help needed

Related topics