CloudWatch Internal Agent Configuration

0

We are a tier 1 service owner and because of high traffic we want to push client logs to client owned accounts

I am using Cloudwatch Internal Agent in Amazon and wanted to check if this is possible

This is my agent configuration

{
  "agent": {
    "metrics_collection_interval": 1,
    "region": "us-west-1",
    "logfile": "/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log",
    "debug": false,
    "run_as_user": "nobody"
  },
  "logs": {
    "logs_collected": {
      "files": {
        "collect_list": [
          {
            "file_path": "/apollo/env/SampleDOTAdopter/var/output/logs/website-log-pusher*",
            "log_group_name": "SampleDOTAdopter/{stage}/application_log",
            "log_stream_name": "{hostname}",
            "timezone": "UTC",
            "retention_in_days": 30
          }
        ]
      }
    },
    "credentials": {
      "role_arn" : "**:role/SampleDOTAdopter"
    }
  },
  "logs": {
    "logs_collected": {
      "files": {
        "collect_list": [
          {
            "file_path": "/apollo/env/SampleDOTAdopter/var/output/logs/service_log.*",
            "log_group_name": "SampleDOTAdopter/{stage}/service_log.",
            "log_stream_name": "{hostname}",
            "timezone": "UTC",
            "retention_in_days": 30
          }
        ]
      }
    },
    "credentials": {
      "role_arn" : "**:role/DOTPlayground"
    }

  }
}

asked a year ago300 views
1 Answer
0

I don't know with the CW Agent, I haven't tried that. But with something like Fluent-Bit you most definitely can do that. I have started off a blog post in fact here to document just that.

I typically output all the logs to CW Logs in the same account, but you can change that behaviour by using an IAM role to assume to publish the logs into another account. I prefer to use Firehose to send the logs into another account which lands the log files to S3 but that pretty much achieves the same thing.

profile picture
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions