How do I configure logging levels manually for specific resources in AWS IoT Core?

Short description

Note: This article relates only to V2 of AWS IoT Core logs.

AWS IoT Core logs allows you to set resource-specific logging levels for:

• Clients registered as things
• Clients not registered as things

This is done by creating a logging level for a specific target type and configuring its verbosity level. Target types include THING_GROUP, CLIENT_ID, SOURCE_IP, or PRINCIPAL_ID. It's a best practice to configure default logging to a lower verbosity level and configure resource-specific logging to a higher verbosity level.

Log verbosity levels include DISABLED (lowest), ERROR, WARN, INFO, and DEBUG (highest).

Important: Depending on your AWS IoT Core fleet size, turning on more verbose log levels can incur high costs and make troubleshooting more difficult. Turning on verbose logging also creates higher data traffic. INFO or DEBUG should only be used as a temporary measure while troubleshooting. After troubleshooting is complete, logging levels should be set back to a less verbose setting.

Resolution

Prerequisite

Make sure that you have the AWS Command Line Interface (AWS CLI) installed locally with IoT admin permission credentials. The default AWS Region for AWS CLI must point towards the targeted AWS Region. You must have clients connected to and interacting with your AWS IoT Core endpoints, either as registered or non-registered IoT things.

Note: If you receive errors when running AWS CLI commands, make sure that you're using the most recent version of the AWS CLI.

Configure manual logging for clients registered as things

You can manage resource-specific logging for multiple things at a defined logging level, and then add or remove things from the thing group manually. Your devices and clients must be registered as IoT things in AWS IoT Core and must connect using the same client ID associated thing name. You can then use a static thing group with a target type of THING_GROUP to manage the thing group. If you configure a parent thing group within a hierarchy, then the configuration applies to the child thing groups of the hierarchy as well.

Note: If you use static thing groups as a target type, then you must consider their quota limits. For more information, see AWS IoT Core thing group resource limits and quotas.

1.    Create two static thing groups. You can do this using the AWS IoT console or using the create-thing-group command in the AWS CLI. In this example, the AWS CLI is used.

aws iot create-thing-group --thing-group-name logging_level_info
aws iot create-thing-group --thing-group-name logging_level_debug

Note: If you are using existing thing groups, then replace logging_level_info and logging_level_debug with the names of your thing groups.

The output looks similar to the following message:

{
 "thingGroupName": "logging_level_info",
 "thingGroupArn": "arn:aws:iot:eu-west1-1:123456789012:thinggroup/logging_level_info",
 "thingGroupId": "58dd497e-97fc-47d2-8745-422bb21234AA"
}
{
 "thingGroupName": "logging_level_debug",
 "thingGroupArn": "arn:aws:iot:eu-west-1:123456789012:thinggroup/logging_level_debug",
 "thingGroupId": "2a9dc698-9a40-4487-81ec-2cb4101234BB"
}

2.    Run the SetV2LoggingLevel command to set the logging levels for the thing groups: Note: It can take up to 10 minutes for log level configuration changes to be reflected.

aws iot set-v2-logging-level \
 --log-target targetType=THING_GROUP,targetName=logging_level_info \
 --log-level INFO

aws iot set-v2-logging-level \
--log-target targetType=THING_GROUP,targetName=logging_level_debug \
--log-level DEBUG

Note: Replace INFO and DEBUG with the log levels that you want to set for each thing group.

3.    Run the following command to confirm that the logging levels are configured correctly:

aws iot list-v2-logging-levels

The output looks similar to the following message:

{
 "logTargetConfigurations": [
 {
 "logTarget": {
 "targetType": "DEFAULT"
 },
 "logLevel": "WARN"
 },
 {
 "logTarget": {
 "targetType": "THING_GROUP",
 "targetName": "logging_level_debug"
 },
 "logLevel": "DEBUG"
 },
 {
 "logTarget": {
 "targetType": "THING_GROUP",
 "targetName": "logging_level_info"
 },
 "logLevel": "INFO"
 }
 ]
}

4.    Run the AddThingToThingGroup command to add a thing to the appropriate things group:

aws iot add-thing-to-thing-group \
 --thing-name YourThingName1 \
 --thing-group-name logging_level_info

Note: Replace YourThingName1 with the name of the thing that you are adding to the thing group.

Configure manual logging for clients not registered as things

If you don't register your things to AWS IoT Core, you can still add resource-specific logging levels for multiple target types. These target types are client attributes and include CLIENT_ID, SOURCE_IP, or PRINCIPAL_ID. If your device is already registered as an AWS IoT Core thing, you can still use these client attributes to manage logging levels.

1.    Run the SetV2LoggingLevel command to set the logging level for a specific client:

aws iot set-v2-logging-level \
 --log-target targetType=CLIENT_ID,targetName=YourClientId \
 --log-level YourLogLevel

Note: To use a different target type, replace CLIENT_ID with a supported value that is used by the targeted client, such as SOURCE_IP or PRINCIPAL_ID.

2.    Run the following command to confirm the logging levels are configured correctly:

aws iot list-v2-logging-levels

The output looks similar to the following message:

...
 {
 "logTarget": {
 "targetType": "CLIENT_ID",
 "targetName": "YourClientId"
 },
 "logLevel": "YourLogLevel"
 }
...

Monitoring generated logs

It's a best practice to monitor your IoT logs for issues or problems. You can use either the Amazon CloudWatch Logs Console or the AWS CLI to monitor your AWS IoT Core logs.  For more information, see the "Monitoring log entries" section of How do I best manage the logging levels of my AWS IoT logs in AWS IoT Core?

Related information

Monitoring AWS IoT

How do I configure the default logging settings for AWS IoT Core?

How do I configure logging levels dynamically for specific resources in AWS IoT Core?