How do I use the unified CloudWatch agent to troubleshoot log timestamp issues?
2 minute read
0
I want to use the unified Amazon CloudWatch agent to troubleshoot log timestamp issues.
Short description
The unified CloudWatch agent uses the PutlogEvents API to upload a batch of log events to Amazon CloudWatch Logs. Log events in a batch can't be more than 2 hours in the future and can't be more than 14 days old. Also, log events can't be from earlier than the retention period of the log group.
If you have log timestamp issues, then you might receive an error message that's similar to one of the following:
- "<timestamp> E! [outputs.cloudwatchlogs] The log entry in (<Log Group Name>/(<Log Stream Name>) with timestamp (<actual log timestamp>) comparing to the current time (<current timestamp> m=+100) is out of accepted time range. Discard the log entry."
- "<timestamp> W! [outputs.cloudwatchlogs] 1 log events for log '<Log Group Name>/(<Log Stream Name>' are expired."
Resolution
To troubleshoot these errors, complete the following steps:
- Make sure that you use timestamp_format in the unified CloudWatch agent configuration file that specifies the timestamp format.
- (Optional) If necessary, remove the timestamp_format from the unified CloudWatch agent configuration file.
- Restart the unified CloudWatch agent, and then confirm that the current time is used.
Related information
AWS OFFICIALUpdated 2 months ago
No comments
Relevant content
- asked 3 years ago
- Accepted Answerasked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated a year ago
