Problem
There's a security requirement to have centralized application logging. How can I do that?
Solution
The easiest way to do this is to take advantage of the Cloudwatch agent that's already installed on the "CIS Secure" images offered as part of a Moderate of or High risk data space. To do so:
- Edit the file /var/awslogs/etc/awslogs.conf . If this file does not exist, the cloud watch agent is not set up and will have to be installed first.
Add a stanza like the one below to the bottom of the file. Parts in bold should be edited to match the specifics of what you want logged. Make sure the path is correct and that the log_stream_name contains a description of what the file is in the third pipe separated field (no spaces are allowed) in the third pipe separeted field. \ {instance_id\} and \ {ip_address\} can be left as is, they will get replaced automatically with the actual values.
...
4. Logs will begin being sent to Cloudwatch.
Related articles
| Filter by label (Content by label) | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
| Page Properties | ||
|---|---|---|
| ||
|