Edge Delta AWS CloudWatch Output

Stream data to AWS CloudWatch.

  4 minute read  

Configuration v2

Overview

The AWS CloudWatch output will stream logs to a specified CloudWatch log group.

Before you can create an output, you must have available the CloudWatch log group name and log stream name. To learn how to create a log group, review this document from Amazon. To learn how to create a log stream, review this document from Amazon.

Example

The following sample configuration displays an output without the name of the organization-level integration:

      - name: cloudwatch
        type: cloudwatch
        region: us-west-2
        log_group_name: /ecs/microservice
        log_stream_prefix: ecs
        auto_create: true
        features: log

If the auto_create parameter is not set, then you can assign the following permission to taskExecutionRoleArnto put log events into CloudWatch.

 {
      "Version": "2012-10-17",
      "Statement": [{
        "Effect": "Allow",
        "Action": [
          "logs:PutLogEvents"
        ],
        "Resource": "*"
      }]
    }

If the auto_create parameter is set, then assign the following permission to taskExecutionRoleArn.

{
      "Version": "2012-10-17",
      "Statement": [{
        "Effect": "Allow",
        "Action": [
          "logs:CreateLogStream",
          "logs:CreateLogGroup",
          "logs:DescribeLogStreams",
          "logs:PutLogEvents"
        ],
        "Resource": "*"
      }]
    }

Parameters

name

Required

Enter a descriptive name for the output or integration.

For outputs, this name will be used to map this destination to a workflow.

name: cloudwatch-auto

integration_name

Optional

This parameter refers to the organization-level integration created in the Integrations page.

If you need to add multiple instances of the same integration into the config, then you can add a custom name to each instance via the name parameter. In this situation, the name should be used to refer to the specific instance of the destination in the workflows.

integration_name: orgs-cloudwatch

type: cloudwatch

Optional

Enter cloudwatch.

type: cloudwatch

aws_key_id

Optional

If you want to use role-based authentication, then do not enter an AWS key.

aws_key_id: '{{ Env "AWS_KEY_ID" }}'

aws_sec_key

Optional

If you want to use role-based authentication, then do not enter an AWS secret key.

aws_sec_key: '{{ Env "AWS_SECRET_KEY" }}'

region

Required

Enter the AWS region destination to send logs.

region: us-west-2

role_arn

Optional

To assume an AWS IAM role, enter the account ID and role name.

role_arn: "arn:aws:iam::<ACCOUNT_ID>:role/<ROLE_NAME>"

external_id

Optional

Enter a unique identifier to avoid a confused deputy attack.

external_id: "053cf606-8e80-47bf-b849-8cd1cc826cfc"

log_group_name

Required

Enter the CloudWatch log group name.

log_group_name: test_log_group

log_stream_name

Required

Enter the CloudWatch log stream name.

You can enter a name or prefix, but not both.

log_stream_name: test_log_stream

log_stream_prefix

Required

Enter the CloudWatch log stream prefix.

You can enter a name or prefix, but not both.

log_stream_prefix: ecs

allow_label_override

Optional

Enter true or false to override the default values for:

  • log group name
  • log stream name
  • log stream prefix

The default values will be replaced based on the configurations for the following labels from your ECS or EKS deployment:

  • ed_log_group_name
  • ed_log_stream_name
  • ed_log_stream_prefix
allow_label_override: true

auto_configure

Optional

Enter true or false to automatically create:

  • LogGroupName in the /ecs/task_definition_family format
  • LogsStreamPrefix in the ecs/container_name/task_id format

This parameter is only supported for ECS environments. Additionally, only region configurations can be provided.

auto_configure: true

host

Optional

If you enter a host, then this output will be tailed by the agent.

This parameter can be useful to avoid duplicate consumption if you have more than 1 agent running the same agent configuration.

host: "myhost"

features

Optional

This parameter defines which data types to stream to the destination.

You can enter log, edac, and / or cluster pattern.

To learn more, see the following section on supported feature types.

features: log

buffer_ttl

Optional

Enter a length of time to retry failed streaming data.

After this length of time is reached, the failed streaming data will no longer be tried.

buffer_ttl: 2h

buffer_path

Optional

Enter a folder path to temporarily store failed streaming data.

The failed streaming data will be retried until the data reaches its destinations or until the Buffer TTL value is reached.

If you enter a path that does not exist, then the agent will create directories, as needed.

buffer_path: /var/log/edgedelta/pushbuffer/

buffer_max_bytesize

Optional

Enter the maximum size of failed streaming data that you want to retry.

If the failed streaming data is larger than this size, then the failed streaming data will not be retried.

buffer_max_bytesize: 100MB

auto_create

Optional

If this parameter is set, then IAM policies will be set.

If this parameter is not set, then log group and log stream will be created.

auto_create: true

Supported Features

See Streaming Features.

Feature Type Supported?
Log Yes
Metrics No
Alert as event No
Alert as log No
Health No
Dimensions as attribute No
Send as is No
Send as JSON No
Custom tags No
EDAC enrichment No
Message template No
outgoing_bytes.sum Yes
outgoing__raw_bytes.sum Yes
outgoing_lines.count No
output buffering to disk No