Support Automation Workflow (SAW) Runbook: Upload EC2 Rescue log bundle from the target instance to the specified Amazon S3 bucket

5 minuto de leitura
Nível de conteúdo: Intermediário
0

How can I use the AWSSupport-SendLogBundleToS3Bucket automation runbook to collect troubleshooting logs from the target instance, and upload them to Amazon Simple Storage Service (Amazon S3) bucket in my account ?

In this article, I will show you how to use the AWSSupport-SendLogBundleToS3Bucket, AWS Systems Manager automation runbook to install the platform specific version of EC2Rescue tool based on the target Amazon Elastic Compute Cloud (Amazon EC2) instance platform to collect common operating system (OS) logs and configuration files, and uploads them to Amazon Simple Storage Service (Amazon S3) bucket in your account.

By default, the automation runbook identifies the instance platform type and install the platform specific EC2Rescue tool.

EC2Rescue for Windows Server is an easy-to-use tool that you run on an Amazon EC2 Windows Server instance to diagnose and troubleshoot possible problems. It is valuable for collecting log files and troubleshooting issues and also proactively searching for possible areas of concern. It can even examine Amazon EBS root volumes from other instances and collect relevant logs for troubleshooting Windows Server instances using that volume. The AWSSupport-ExecuteEC2Rescue runbook uses the EC2Rescue tool to troubleshoot and, where possible, fix common issues with the specified EC2 instance.

EC2Rescue for Linux is an easy-to-use, open-source tool that can be run on an Amazon EC2 Linux instance to diagnose and troubleshoot common issues using its library of over 100 modules. A few generalized use cases for EC2Rescue for Linux include gathering syslog and package manager logs, collecting resource utilization data, and diagnosing/remediating known problematic kernel parameters and common OpenSSH issues. The AWSSupport-TroubleshootSSH automation runbook installs EC2Rescue for Linux and then uses the tool to check or remediate common issues that prevent a remote connection to a Linux machine via Secure Shell (SSH).

Learn more about Support Automation Workflows >>

How it works?

The runbook AWSSupport-SendLogBundleToS3Bucket installs the platform specific version of EC2Rescue tool, based on the platform of the target instance, and uploads a log bundle generated from the target instance to the specified S3 bucket. EC2Rescue tool is then used to collect all the available operating system (OS) logs.

The successful runbook execution will show you the output of collectAndUploadLinuxLogBundle.Output or collectAndUploadWindowsLogBundle.Output according to the Amazon EC2 instance platform type.

Required IAM permissions

The AutomationAssumeRole parameter requires the following actions to successfully use the runbook:

  • ssm:StartAutomationExecution
  • ssm:SendCommand
  • ssm:GetAutomationExecution
  • ssm:DescribeInstanceInformation
  • ssm:ListCommands
  • ssm:ListCommandInvocations

It is recommended that the Amazon EC2 instance receiving the command has an IAM role with the AmazonSSMManagedInstanceCore Amazon managed policy attached.

Instructions

  1. Navigate to the AWSSupport-SendLogBundleToS3Bucket in the AWS Systems Manager console.
  2. Click on Execute automation.
  3. For the input parameters enter the following:
    • AutomationAssumeRole (optional): This is the Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) role that allows Systems Manager Automation to perform the actions on your behalf. If no role is specified, Systems Manager Automation will use the permissions of the user that starts this runbook.
    • InstanceId (required): The ID of the Windows or Linux managed instance you want to collect logs from.
    • S3BucketName (required): S3 bucket to upload the logs to.
    • S3Path (required): S3 path for the collected logs. Default: AWSSupport-SendLogBundleToS3Bucket/

The following example demonstrates how to use the* AWSSupport-SendLogBundleToS3Bucket* automation runbook to upload the instance logs to S3 bucket.

The runbook input parameters

  1. Click on Execute.
  2. You should see that the automation has been initiated.
  3. Document will perform the following steps:
  • aws:runCommand: Install EC2Rescue via AWS-ConfigureAWSPackage.
  • aws:runCommand: Run the PowerShell script to collect Windows troubleshooting logs with EC2Rescue.
  • aws:runCommand: Run the bash script to collect Linux troubleshooting logs with EC2Rescue.
  1. Once completed, you can review the Outputs section to see a summary of the upload results according to instance platform type.

Windows Platform (collectAndUploadWindowsLogBundle.Output)

Enter image description here

Linux Platform (collectAndUploadLinuxLogBundle.Output)

Enter image description here

To review the troubleshooting logs uploaded to the S3 bucket:

  1. Open the Amazon S3 console.
  2. In the Buckets list, choose the name of the bucket that you specified to store the logs.
  3. Choose the Objects tab, and select the S3path to view the stored logs bundle.

Enter image description here

Conclusion

In this article, I demonstrated how to collect and upload troubleshooting logs from managed instances to AmazonS3 bucket using the SAW runbook AWSSupport-SendLogBundleToS3Bucket, available in the AWS System Manager.

References

Systems Manager Automation

Run this Automation (console)

Running a simple automation: https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-working-executing.html

Setting up Automation: https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-setup.html

Documentation related to the AWS service

AWS public document AWSSupport-SendLogBundleToS3Bucket.

To help you troubleshoot, remediate, manage, and reduce costs on your AWS resources, AWS Support maintains a subset of the AWS provided predefined runbooks . These runbooks are prefixed with “AWSSupport-“ or “AWSPremiumSupport-“.