AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Logging with CloudWatch vs. ElasticSearch/Kibana

0

I have a customer who is currently using Logstash. They are asking about Logstash integrating with CloudWatch vs. ElasticSearch/Kibana. Also a general comparison of Cloudwatch vs ElasticSearch logging. What are some pros/cons/recommendataions of each approach.

주제
관리 및 거버넌스서버리스분석
태그
아마존 CloudWatch아마존 OpenSearch 서비스
언어
English
AWS-User-9980413
질문됨 7년 전7702회 조회
1개 답변
1
수락된 답변

Comparison

Cloudwatch Logs offers highly durable centralized storage for logs. It also allows customers to track things like the number of errors appearing in the logs and create alerts. It also supports simple querying (http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) Customers do not need to worry about cluster sizing, storage, scaling etc - there are not servers to manage.

Elasticsearch with Kibana provide a lot more functionality in terms of searching and visualizing your logs. While our managed Elasticsearch service removes a lot of the undifferentiated heavy lifting customers still need to put some thought and monitoring to ensure they have the right capacity in place and that they backup Elasticsearch data to a more durable location like S3.

Cloudwatch Logs AND Elasticsearch

  • Cloudwatch Logs -> Elasticsearch

Customers can get best of both worlds by streaming CloudWatch Logs into Elasticsearch http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_ES_Stream.html

  • Logstash -> Cloudwatch Logs

Since they are already pushing their data into Logstash this plugin can send the data to Cloudwatch Logs: https://github.com/awslabs/logstash-output-cloudwatchlogs

  • Cloudwatch Agent -> Cloudwatch Logs

However the Cloudwatch Logs agent is probably the easiest way to get logs into CloudWatch logs: http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_GettingStarted.html

hope this helps

PS if they decide not to use Cloudwatch Logs here are the options:

Elasticsearch (without Cloudwatch Logs)

  • Logstash -> Elasticsearch

Since they are already using Logstash the easiest way to get started would be to use this connector to send data to Amazon Elasticsearch https://github.com/awslabs/logstash-output-amazon_es

  • Kinesis Firehose -> Elasticsearch

Of course there is also the option to replace logstash with Kinesis Firehose which removes the operational burden of managing Logstash EC2 instances: https://aws.amazon.com/kinesis/firehose/firehose-to-elasticsearch-service/

AWS
AWS-User-7011152
답변함 7년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠