How do I configure logging levels manually for specific resources in AWS IoT Core?
I want to configure resource-specific logging manually for my AWS IoT Core logs.
Short description
Note: This article relates only to V2 of AWS IoT Core logs.
AWS IoT Core logs allows you to set resource-specific logging levels for:
- Clients registered as things
- Clients not registered as things
This is done by creating a logging level for a specific target type and configuring its verbosity level. Target types include THING_GROUP, CLIENT_ID, SOURCE_IP, or PRINCIPAL_ID. It's a best practice to configure default logging to a lower verbosity level and configure resource-specific logging to a higher verbosity level.
Log verbosity levels include DISABLED (lowest), ERROR, WARN, INFO, and DEBUG (highest).
Important: Depending on your AWS IoT Core fleet size, turning on more verbose log levels can incur high costs and make troubleshooting more difficult. Turning on verbose logging also creates higher data traffic. INFO or DEBUG should only be used as a temporary measure while troubleshooting. After troubleshooting is complete, logging levels should be set back to a less verbose setting.
Resolution
Prerequisite
Make sure that you have the AWS Command Line Interface (AWS CLI) installed locally with IoT admin permission credentials. The default AWS Region for AWS CLI must point towards the targeted AWS Region. You must have clients connected to and interacting with your AWS IoT Core endpoints, either as registered or non-registered IoT things.
Note: If you receive errors when running AWS CLI commands, make sure that you're using the most recent version of the AWS CLI.
Configure manual logging for clients registered as things
You can manage resource-specific logging for multiple things at a defined logging level, and then add or remove things from the thing group manually. Your devices and clients must be registered as IoT things in AWS IoT Core and must connect using the same client ID associated thing name. You can then use a static thing group with a target type of THING_GROUP to manage the thing group. If you configure a parent thing group within a hierarchy, then the configuration applies to the child thing groups of the hierarchy as well.
Note: If you use static thing groups as a target type, then you must consider their quota limits. For more information, see AWS IoT Core thing group resource limits and quotas.
1. Create two static thing groups. You can do this using the AWS IoT console or using the create-thing-group command in the AWS CLI. In this example, the AWS CLI is used.
aws iot create-thing-group --thing-group-name logging_level_info aws iot create-thing-group --thing-group-name logging_level_debug
Note: If you are using existing thing groups, then replace logging_level_info and logging_level_debug with the names of your thing groups.
The output looks similar to the following message:
{ "thingGroupName": "logging_level_info", "thingGroupArn": "arn:aws:iot:eu-west1-1:123456789012:thinggroup/logging_level_info", "thingGroupId": "58dd497e-97fc-47d2-8745-422bb21234AA" } { "thingGroupName": "logging_level_debug", "thingGroupArn": "arn:aws:iot:eu-west-1:123456789012:thinggroup/logging_level_debug", "thingGroupId": "2a9dc698-9a40-4487-81ec-2cb4101234BB" }
2. Run the SetV2LoggingLevel command to set the logging levels for the thing groups: Note: It can take up to 10 minutes for log level configuration changes to be reflected.
aws iot set-v2-logging-level \ --log-target targetType=THING_GROUP,targetName=logging_level_info \ --log-level INFO aws iot set-v2-logging-level \ --log-target targetType=THING_GROUP,targetName=logging_level_debug \ --log-level DEBUG
Note: Replace INFO and DEBUG with the log levels that you want to set for each thing group.
3. Run the following command to confirm that the logging levels are configured correctly:
aws iot list-v2-logging-levels
The output looks similar to the following message:
{ "logTargetConfigurations": [ { "logTarget": { "targetType": "DEFAULT" }, "logLevel": "WARN" }, { "logTarget": { "targetType": "THING_GROUP", "targetName": "logging_level_debug" }, "logLevel": "DEBUG" }, { "logTarget": { "targetType": "THING_GROUP", "targetName": "logging_level_info" }, "logLevel": "INFO" } ] }
4. Run the AddThingToThingGroup command to add a thing to the appropriate things group:
aws iot add-thing-to-thing-group \ --thing-name YourThingName1 \ --thing-group-name logging_level_info
Note: Replace YourThingName1 with the name of the thing that you are adding to the thing group.
Configure manual logging for clients not registered as things
If you don't register your things to AWS IoT Core, you can still add resource-specific logging levels for multiple target types. These target types are client attributes and include CLIENT_ID, SOURCE_IP, or PRINCIPAL_ID. If your device is already registered as an AWS IoT Core thing, you can still use these client attributes to manage logging levels.
1. Run the SetV2LoggingLevel command to set the logging level for a specific client:
aws iot set-v2-logging-level \ --log-target targetType=CLIENT_ID,targetName=YourClientId \ --log-level YourLogLevel
Note: To use a different target type, replace CLIENT_ID with a supported value that is used by the targeted client, such as SOURCE_IP or PRINCIPAL_ID.
2. Run the following command to confirm the logging levels are configured correctly:
aws iot list-v2-logging-levels
The output looks similar to the following message:
... { "logTarget": { "targetType": "CLIENT_ID", "targetName": "YourClientId" }, "logLevel": "YourLogLevel" } ...
Monitoring generated logs
It's a best practice to monitor your IoT logs for issues or problems. You can use either the Amazon CloudWatch Logs Console or the AWS CLI to monitor your AWS IoT Core logs. For more information, see the "Monitoring log entries" section of How do I best manage the logging levels of my AWS IoT logs in AWS IoT Core?
Related information
How do I configure the default logging settings for AWS IoT Core?
How do I configure logging levels dynamically for specific resources in AWS IoT Core?
Relevant content
- asked 2 years agolg...
- asked 4 years agolg...
- asked 2 years agolg...
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago