DEV Community

Cover image for Hybrid Cloud - Install Log Agent to monitor your server with CloudWatch
Anuvindh Sankaravilasam for AWS Community Builders

Posted on • Updated on

Hybrid Cloud - Install Log Agent to monitor your server with CloudWatch

DAY 11 - Hybrid Cloud- AWS LogAgent for CloudWachLogs

☁️100 days of Cloud- Day Eleven
✅Connect with me on Twitter
🤝🏽Connect with me on Linkedin
🧑🏼‍🤝‍🧑🏻 Read more post on dev.to or iCTPro.co.nz

Image Cover

Tweet This Blog - 100 days of Cloud on GitHub - Read On iCTPro.co.nz


CloudWatch Logs agent - Helps to send Logs automatically flow from the instance to the log stream. The agent confirms that it has started and it stays running until you disable it.

IAM User - Programmatic access

Create a IAM user with programmatic access to CloudWatch. Make sure you give least privilege. We need access to deliver logs, create a log group & create log stream. Use the Policy shown below. Note down the AWS Programmatic access Key .

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "logs:CreateLogGroup",
        "logs:CreateLogStream",
        "logs:PutLogEvents",
        "logs:DescribeLogStreams"
    ],
      "Resource": [
        "*"
    ]
  }
 ]
}
Enter fullscreen mode Exit fullscreen mode

Adding role to EC2 (For Production attach as IAM role to Ec2.)

Comments Screenshots/Action
Goto IAM and click Roles then Create role
Select Trusted entity type AWS service
Common use cases EC2 & Click Next
Add permissions, search for CloudWatchAgentAdminPolicy then Click Next
Name the role Image role
Now Click Create role
  • Now attach the role to EC2, Goto Ec2 DashBoard Select Server >> Click Actions >> Security >> Modify IAM role
  • Enter EC2CloudWatch-Agent-AdminRole(IAM role name) >> Click Save.

Installing AWS Log Agent

  • SSH into your System , use PuTTY
  • once you log in update OS, here for demo purpose am using a server which is Debian based.
sudo apt-get update -y
Enter fullscreen mode Exit fullscreen mode
  • Install python if your server does not have Python.
sudo apt-get install python
Enter fullscreen mode Exit fullscreen mode
  • Download log Agent
curl https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py -O
Enter fullscreen mode Exit fullscreen mode
  • Install agent , make sure you add your ec2 region
sudo python ./awslogs-agent-setup.py --region ap-southeast-2
Enter fullscreen mode Exit fullscreen mode
  • Once installation Start, it will prompt you to enter AWS CLI access

Image awskey

  • Configuring the CloudWatch Logs Agent

Image AgentConfig

Verify Logs

  • Goto Cloud watch dashboard from your console Click on to Log groups.
  • You will be able to your log group, here for instance we named it as Ec2-Log-Group.Click on name.
  • if you scroll down you will be able to see the log stream with your AMI ID. Click to view the Logs.

Image logs

Now you can create specific metric according to your requirement and create alarm or deliver it to your dashboard to view events.

🎉Congratulations🎉 you have successfully configured CloudWatch Log Agent to deliver logs to Log Stream.

Discussion (0)