使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Logging with CloudWatch vs. ElasticSearch/Kibana

0

I have a customer who is currently using Logstash. They are asking about Logstash integrating with CloudWatch vs. ElasticSearch/Kibana. Also a general comparison of Cloudwatch vs ElasticSearch logging. What are some pros/cons/recommendataions of each approach.

主題
管理與治理無伺服器分析
標籤
Amazon CloudWatchAmazon OpenSearch Service
語言
English
AWS-User-9980413
已提問 7 年前檢視次數 7701 次
1 個回答
1
已接受的答案

Comparison

Cloudwatch Logs offers highly durable centralized storage for logs. It also allows customers to track things like the number of errors appearing in the logs and create alerts. It also supports simple querying (http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html) Customers do not need to worry about cluster sizing, storage, scaling etc - there are not servers to manage.

Elasticsearch with Kibana provide a lot more functionality in terms of searching and visualizing your logs. While our managed Elasticsearch service removes a lot of the undifferentiated heavy lifting customers still need to put some thought and monitoring to ensure they have the right capacity in place and that they backup Elasticsearch data to a more durable location like S3.

Cloudwatch Logs AND Elasticsearch

  • Cloudwatch Logs -> Elasticsearch

Customers can get best of both worlds by streaming CloudWatch Logs into Elasticsearch http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_ES_Stream.html

  • Logstash -> Cloudwatch Logs

Since they are already pushing their data into Logstash this plugin can send the data to Cloudwatch Logs: https://github.com/awslabs/logstash-output-cloudwatchlogs

  • Cloudwatch Agent -> Cloudwatch Logs

However the Cloudwatch Logs agent is probably the easiest way to get logs into CloudWatch logs: http://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_GettingStarted.html

hope this helps

PS if they decide not to use Cloudwatch Logs here are the options:

Elasticsearch (without Cloudwatch Logs)

  • Logstash -> Elasticsearch

Since they are already using Logstash the easiest way to get started would be to use this connector to send data to Amazon Elasticsearch https://github.com/awslabs/logstash-output-amazon_es

  • Kinesis Firehose -> Elasticsearch

Of course there is also the option to replace logstash with Kinesis Firehose which removes the operational burden of managing Logstash EC2 instances: https://aws.amazon.com/kinesis/firehose/firehose-to-elasticsearch-service/

AWS
AWS-User-7011152
已回答 7 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容