CloudWatch
Overview
AWS CloudWatch is a comprehensive monitoring and management service designed to provide real-time insights into your AWS resources and applications. It enables you to collect and track metrics, collect and monitor log files, set alarms, and automatically react to changes in your AWS environment.
By utilizing AWS CloudWatch, you can gain valuable insights into your system’s performance, troubleshoot issues promptly, and maintain a high level of operational health. Its integration with other AWS services makes it an essential tool for maintaining and optimizing your cloud infrastructure.
Follow the steps below to configure log shipping to CloudWatch.
Step 1 - Credential Procurement
AWS credentials are required to ship logs to CloudWatch.
To obtain AWS credentials and store it, follow the guide here: AWS key
Step 2 - Configure External Logging
External logging can be configured by using either the UI Console or CLI.
For groupName and streamName follow Fluent Bit templating. Use location, replica, gvc, container, $version to template.
Enable Logging using the UI Console
- From the Control Plane Console UI, click on
Orgin the left menu. - Click
External Logsin the middle context menu. - Select
CloudWatchand fill out the required fields. - Select the AWS secret created to authenticate to AWS. Refer to the credential procurement section to obtain and configure the necessary credentials.
- Click
Save. - After the configuration is complete, log entries will be available at CloudWatch within a few minutes.
Enable Logging using the CLI
The external logging configuration can be created / updated using the CLI’s cpln org patch ORG_NAME -f FILE.yaml command.
Below is an example Org manifests (in YAML). Edit and save the YAML as a file and use it as an input to the CLI’s cpln org patch ORG_NAME -f FILE.yaml command.
Refer to the credential procurement section to obtain and configure the necessary credentials.
- Substitute: ORG_NAME, AWS_SECRET and possibly the region, retentionDays, groupName and streamName.