Hi All,
I am little new in this world and really struggling in setting up a centralized log management server for AWS cloud servers. I am using logstash-cloudwatch-input plugin to do the same.
Below is my Logstash configuration for the same
####################################################
input {
cloudwatch {
namespace => "AWS/EC2"
metrics => [ "CPUUtilization" ]
filters => { "tag:Name" => "CodeDeployDemo" }
region => "us-east-1"
interval => 240
period => 120
}
}
input {
cloudwatch {
namespace => "AWS/EBS"
metrics => ["VolumeQueueLength"]
filters => { "tag:Name" => "codedemo-ebs" }
region => "us-east-1"
}
}
input {
cloudwatch {
namespace => "AWS/RDS"
metrics => ["CPUUtilization", "CPUCreditUsage"]
filters => { "EngineName" => "mysql" } # Only supports EngineName, DatabaseClass and DBInstanceIdentifier
region => "us-west-2"
}
}
output {
elasticsearch {
hosts => ["localhost:9200"]
}
}
#########################################################
As per the documents published on google, I have created the required permissions for AWS cloud account and attached it with my instance profile.
In the debug logs (bin/logstash -f /etc/logstash/conf.d/4-cloudwatch.conf --debug), I can see , that it is fetching some information from AWS account, but it is not there in the elasticsearch.
Information
DPs: {:datapoints=>[{:timestamp=>2016-04-09 10:48:00 UTC, :sample_count=>1.0, :unit=>"Count", :minimum=>0.05, :maximum=>0.05, :sum=>0.05, :average=>0.05}, {:timestamp=>2016-04-09 10:43:00 UTC, :sample_count=>1.0, :unit=>"Count", :minimum=>0.05, :maximum=>0.05, :sum=>0.05, :average=>0.05}], :label=>"CPUCreditUsage", :response_metadata=>{:request_id=>"fc14aa0c-fe41-11e5-9c12-b9cb38b8a2a0"}} {:level=>:debug, :file=>"logstash/inputs/cloudwatch.rb", :line=>"183", :method=>"fetch_resource_events"}
DPs: {:datapoints=>[{:timestamp=>2016-04-09 10:43:00 UTC, :sample_count=>5.0, :unit=>"Percent", :minimum=>0.67, :maximum=>1.48, :sum=>4.83, :average=>0.966}, {:timestamp=>2016-04-09 10:53:00 UTC, :sample_count=>4.0, :unit=>"Percent", :minimum=>0.66, :maximum=>1.17, :sum=>3.68, :average=>0.92}, {:timestamp=>2016-04-09 10:48:00 UTC, :sample_count=>5.0, :unit=>"Percent", :minimum=>0.82, :maximum=>1.36, :sum=>4.67, :average=>0.9339999999999999}], :label=>"CPUUtilization", :response_metadata=>{:request_id=>"fbd88b24-fe41-11e5-85b1-613fee1f7a40"}} {:level=>:debug, :file=>"logstash/inputs/cloudwatch.rb", :line=>"183", :method=>"fetch_resource_events"}
Logs are not showing anything unusual.
This is installed on
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.2 LTS
Release: 14.04
Codename: trusty
Elasticsearch version is 2.3.1
Kibana is 4.4.1
Logstash : 2.3.1
logstash-input-cloudwatch:1.1.0
Logstash and Elasticsearch logs are not showing any error and I am able to telnet elasticsearch port on localhost.