使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

Logging with CloudWatch vs. ElasticSearch/Kibana

0

I have a customer who is currently using Logstash. They are asking about Logstash integrating with CloudWatch vs. ElasticSearch/Kibana. Also a general comparison of Cloudwatch vs ElasticSearch logging. What are some pros/cons/recommendataions of each approach.

主题
管理与治理无服务器分析
标签
Amazon CloudWatch亚马逊开放搜索服务
语言
English
AWS-User-9980413
已提问 7 年前7702 查看次数
1 回答
1
已接受的回答

Comparison

Cloudwatch Logs offers highly durable centralized storage for logs. It also allows customers to track things like the number of errors appearing in the logs and create alerts. It also supports simple querying (http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) Customers do not need to worry about cluster sizing, storage, scaling etc - there are not servers to manage.

Elasticsearch with Kibana provide a lot more functionality in terms of searching and visualizing your logs. While our managed Elasticsearch service removes a lot of the undifferentiated heavy lifting customers still need to put some thought and monitoring to ensure they have the right capacity in place and that they backup Elasticsearch data to a more durable location like S3.

Cloudwatch Logs AND Elasticsearch

  • Cloudwatch Logs -> Elasticsearch

Customers can get best of both worlds by streaming CloudWatch Logs into Elasticsearch http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_ES_Stream.html

  • Logstash -> Cloudwatch Logs

Since they are already pushing their data into Logstash this plugin can send the data to Cloudwatch Logs: https://github.com/awslabs/logstash-output-cloudwatchlogs

  • Cloudwatch Agent -> Cloudwatch Logs

However the Cloudwatch Logs agent is probably the easiest way to get logs into CloudWatch logs: http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_GettingStarted.html

hope this helps

PS if they decide not to use Cloudwatch Logs here are the options:

Elasticsearch (without Cloudwatch Logs)

  • Logstash -> Elasticsearch

Since they are already using Logstash the easiest way to get started would be to use this connector to send data to Amazon Elasticsearch https://github.com/awslabs/logstash-output-amazon_es

  • Kinesis Firehose -> Elasticsearch

Of course there is also the option to replace logstash with Kinesis Firehose which removes the operational burden of managing Logstash EC2 instances: https://aws.amazon.com/kinesis/firehose/firehose-to-elasticsearch-service/

AWS
AWS-User-7011152
已回答 7 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容