How do I push SSM Agent logs to CloudWatch?
1 minute read
0
I want to send AWS Systems Manager Agent (SSM Agent) logs to Amazon CloudWatch Logs.
Resolution
Create a log group in CloudWatch Logs
Complete the following steps:
- Open the CloudWatch console.
- In the navigation pane, choose Log groups.
- Choose Create log group.
- For Log group name, enter a name.
- Choose Create.
Attach permissions
To send the logs, the Amazon Elastic Compute Cloud (Amazon EC2) instance must include AWS Identity and Access Management (IAM) permissions.
Attach an IAM role to the instance that has the following permissions:
- logs:CreateLogStream
- logs:DescribeLogGroups
- logs:DescribeLogStreams
- logs:CreateLogGroup
- logs:PutLogEvent
Note: You can include the preceding permissions with already existing permissions, and narrow the permissions based on your requirements.
Configure SSM Agent to send logs to CloudWatch Logs
To configure SSM Agent to send logs to CloudWatch Logs, see Sending SSM Agent logs to CloudWatch Logs.
Related information
Checking SSM Agent status and starting the agent
AWS OFFICIALUpdated 4 days ago
No comments
Relevant content
- Accepted Answerasked 3 months ago
- asked 9 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 3 months ago
