EC2Config Cloudwatch 日志流式传输不起作用

【问题标题】:EC2Config Cloudwatch logs streaming not workingEC2Config Cloudwatch 日志流式传输不起作用
【发布时间】:2016-11-30 22:55:40
【问题描述】:

我希望有人能提供帮助,我正在尝试从安装了 EC2config 服务的 Windows Server 2012 流式传输日志。

我已遵循以下文档: https://aws.amazon.com/blogs/devops/using-cloudwatch-logs-with-amazon-ec2-running-microsoft-windows-server/

不幸的是,没有任何内容流式传输到 cloudwatch 日志。

这是我正在使用的 Json:

{
"EngineConfiguration": {
    "PollInterval": "00:00:15",
    "Components": [
        {
            "Id": "ApplicationEventLog",
            "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
            "Parameters": {
                "LogName": "Application",
                "Levels": "1"
            }
        },
        {
            "Id": "SystemEventLog",
            "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
            "Parameters": {
                "LogName": "System",
                "Levels": "7"
            }
        },
        {
            "Id": "SecurityEventLog",
            "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
            "Parameters": {
            "LogName": "Security",
            "Levels": "7"
            }
        },
        {
            "Id": "ETW",
            "FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
            "Parameters": {
                "LogName": "Microsoft-Windows-WinINet/Analytic",
                "Levels": "7"
            }
        },
        {
            "Id": "IISLog",
            "FullName": "AWS.EC2.Windows.CloudWatch.IISLogOutput,AWS.EC2.Windows.CloudWatch",
            "Parameters": {
        "LogDirectoryPath": "C:\\inetpub\\logs\\LogFiles\\W3SVC1"
        "AccessKey": "",
        "SecretKey": "",
        "Region": "eu-west-1",
        "LogGroup": "Web-Logs",
        "LogStream": "IIStest"
            }
        },
        {
            "Id": "CustomLogs",
            "FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
            "Parameters": {
                "LogDirectoryPath": "C:\\CustomLogs\\",
                "TimestampFormat": "MM/dd/yyyy HH:mm:ss",
                "Encoding": "UTF-8",
                "Filter": "",
                "CultureName": "en-US",
                "TimeZoneKind": "Local"
            }
        },
        {
            "Id": "PerformanceCounter",
            "FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
            "Parameters": {
                "CategoryName": "Memory",
                "CounterName": "Available MBytes",
                "InstanceName": "",
                "MetricName": "Memory",
                "Unit": "Megabytes",
                "DimensionName": "",
                "DimensionValue": ""
            }
        },
        {
            "Id": "CloudWatchLogs",
            "FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
            "Parameters": {
                "AccessKey": "",
                "SecretKey": "",
                "Region": "eu-west-1",
                "LogGroup": "Win2Test",
                "LogStream": "logging-test"
            }
        },
        {
            "Id": "CloudWatch",
            "FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
            "Parameters": 
            {
                "AccessKey": "",
                "SecretKey": "",
                "Region": "eu-west-1",
                "NameSpace": "Windows/Default"
            }
        }
    ],
    "Flows": {
        "Flows": 
        [
            "(ApplicationEventLog,SystemEventLog),CloudWatchLogs",
    "IISLog"
        ]
    }
} 
}

目前我只想流式传输 IIS 日志,据我了解,Cloudwatch 日志组和流应该会自动创建。

【问题讨论】:

  • 您的实例是否具有实例配置文件,该配置文件通过角色授予其访问云监视组/s3 存储桶的权限以获取日志?

标签: amazon-web-services amazon-ec2 amazon-cloudwatchlogs


【解决方案1】:

Flows 部分的问题是缺少 Flow 定义的第二个组件:

而不是

"Flows": {
    "Flows": 
    [
        "(ApplicationEventLog,SystemEventLog),CloudWatchLogs",
"IISLog"
    ]
}

应该是

    [
        "(ApplicationEventLog,SystemEventLog),CloudWatchLogs",
        "IISLog,CloudWatchLogs"
    ]

Flows 部分定义了来自Components 部分的组件的源和目标,首先是什么/如何获取,其次是如何发送。 例如考虑在此处关注 sn-p ApplicationEventLogSystemEventLog 将被发送到 CloudWatch(指的是在 Components 中定义的 "Id" : "CloudWatch" 而不是 AWS CloudWatch)。

第二行定义第二个流,即PerformanceCounter发送到CloudWatch1

    "Flows": {
        "Flows": 
        [
            "(ApplicationEventLog,SystemEventLog),CloudWatchLogs",
            "PerformanceCounter,CloudWatch1"
        ]
    }

希望这能解释它是如何解决问题的。

【讨论】:

    【解决方案2】:

    看起来我在 JSON 文件本身上犯了一些错误,特别是 FLOW 区域。

    现在开始工作了 :)

    【讨论】:

    • 有没有机会说得更具体些?
    猜你喜欢
    • 2019-11-19
    • 2018-08-29
    • 2020-07-24
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2020-05-26
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode