Trying to send logs to AWS CloudWatch via logstash output plugin

Randika_Madhushan · December 1, 2022, 12:25pm

Hello there,

Currently, I'm trying to send the applications logs to AWS CloudWatch via logstash agent output plugin. So I tried the below configuration. But that did not work. Could you please help with this?

input {
  file {
    path => "/var/log/messages"
    start_position => beginning
    tags => ["msg-log"]
  }
}

filter {
  grok {
    match => { "message" => "%{MONTH:month}%{SPACE}%{MONTHDAY:date}%{SPACE}%{TIME:time}%{SPACE}%{GREEDYDATA:msg}" }
  }
  date {
    match => [ "timestamp", "MMM dd HH:mm:ss" ]
    target => "@timestamp"
  }
}

output {
  if "msg-log" in [tags] {
    cloudwatch {
      region => "us-west-2"
      access_key_id => "XXXXXXXXXX"
      secret_access_key => "XXXXXXXXXXXXXXXXXXXXXXX"
    }
  }
}

system · December 29, 2022, 12:26pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.