我无法将自定义日志发送到 Cloudwatch。 我创建了
/opt/aws/amazon-cloudwatch-agent/etc/shoryuken.json
其中包含
{
"logs": {
"logs_collected": {
"files": {
"collect_list": [
{
"file_path": "/var/app/current/log/shoryuken.log",
"log_group_name": "/aws/elasticbeanstalk/Demo-env/var/app/current/log/shoryuken.log",
"log_stream_name": "{instance_id}"
}
]
}
}
}
}
然后使用此命令附加此更改
/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a append-config -m ec2 -c file:/opt/aws/amazon-cloudwatch-agent/etc/shoryuken.json -s
输出:
/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json does not exist or cannot read. Skipping it.
I! Detecting run_as_user...
I! Trying to detect region from ec2
D! [EC2] Found active network interface
/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent -schematest -config /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.toml
Configuration validation second phase succeeded
Configuration validation succeeded
我可以看到 amazon-cloudwatch-agent.toml 具有附加的配置
我停下来又开始了
/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl
仍然没有收到任何到cloudwatch的日志。
经过大量挖掘后我能够解决这个问题。我必须修复 IAM 策略并需要使用 systemd 命令重新启动 cloudwatch 代理
IAM 策略附加到我的 ec2 配置文件用户
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:CreateLogGroup",
"logs:DescribeLogStreams",
"logs:PutLogEvents",
"logs:DescribeLogGroups"
],
"Resource": "*"
}
]
}
重新启动 amazon-cloudwatch-agent 的命令
sudo /bin/systemctl restart amazon-cloudwatch-agent.service