使用CloudWatch Logs监控Apache日志文件
具体的操作步骤如下;
添加IAM权限启动EC2
创建EC2(AMI选择CentOS7)
安装Apache并启动
安装CloudWatch Logs代理(Agent)
查看CloudWatch Logs搜集的日志内容
编辑事件保留时间
创建筛选条件
创建警报

1.创建IAM角色
1.创建IAM角色

在这里创建[CloudWatchLogsFullAccess]权限的角色后分配给Amazon EC2,这样就可以简单的使用CloudWatch Logs监控。


给角色起个名称--等下关联EC2

启动EC2实例

给分配一个公有IP地址-关联创建的IAM角色


安全组需要允许22端口及80端口访问。


等待EC2实例起来--连接EC2实例

使用CRT 连接 EC2实例公有IP地址
连接成功后进入EC2实例
安装Apache

进入root模式

$ sudo -i
更新yum
yum -y update
#安装Apache server
#yum -y install httpd
#启动Apache server
#service httpd start

#下载安装CloudWatch Logs代理(Agent)
[root@ip-172-31-17-22 ~]# wget https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py
--2020-03-13 08:47:58-- https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py
Resolving s3.amazonaws.com (s3.amazonaws.com)... 52.216.142.54
Connecting to s3.amazonaws.com (s3.amazonaws.com)|52.216.142.54|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 57644 (56K) [text/x-python]
Saving to: ‘awslogs-agent-setup.py’

awslogs-agent-setup 100%[===================>] 56.29K 132KB/s in 0.4s

2020-03-13 08:48:00 (132 KB/s) - ‘awslogs-agent-setup.py’ saved [57644/57644]
#运行CloudWatch Logs代理(Agent)
[root@ip-172-31-17-22 ~]# python ./awslogs-agent-setup.py --region ap-northeast-1
Launching interactive setup of CloudWatch Logs agent ...
downloading AgentDependencies.tar.gz with urllib
AgentDependencies/
AgentDependencies/awslogscli/
AgentDependencies/awslogscli/urllib3-1.25.6.tar.gz
AgentDependencies/awslogscli/jmespath-0.9.2.tar.gz
AgentDependencies/awslogscli/colorama-0.3.7.zip
---------------此处省略--------------------------------------
AgentDependencies/virtualenv-15.1.0/docs/changes.rst
AgentDependencies/virtualenv-15.1.0/docs/installation.rst
AgentDependencies/virtualenv-15.1.0/docs/make.bat
AgentDependencies/pip-6.1.1.tar.gz

Step 1 of 5: Installing pip ...DONE

Step 2 of 5: Downloading the latest CloudWatch Logs agent bits ... DONE

Step 3 of 5: Configuring AWS CLI ...
AWS Access Key ID [None]: 按回车 # 实验默认没有(授权的是IAM角色)
AWS Secret Access Key [None]: 按回车
Default region name [ap-northeast-1]: ap-east-1 #选择EC2实例所在的区域(做实验用的是香港:ap-east-1)
Default output format [None]: 按回车

Step 4 of 5: Configuring the CloudWatch Logs Agent ...
Path of log file to upload [/var/log/messages]: 按回车 当然也可以选择ec2别的服务日志路径
Destination Log Group name [/var/log/messages]: /var/log/messages #目标日志组名称(会自动创建在CloudWatch无需手动创建)

Choose Log Stream name:

  1. Use EC2 instance id.
  2. Use hostname.
  3. Custom.
    Enter choice [1]: 按回车 #使用EC2 实例ID(自动创建的)

Choose Log Event timestamp format:

  1. %b %d %H:%M:%S (Dec 31 23:59:59)
  2. %d/%b/%Y:%H:%M:%S (10/Oct/2000:13:55:36)
  3. %Y-%m-%d %H:%M:%S (2008-09-08 11:52:54)
  4. Custom
    Enter choice [1]: 按回车

Choose initial position of upload:

  1. From start of file.
  2. From end of file.
    Enter choice [1]:
    More log files to configure? [Y]: N # 也可以多选-配置更多日志文件

Step 5 of 5: Setting up agent as a daemon ...DONE

  • Configuration file successfully saved at: /var/awslogs/etc/awslogs.conf
  • You can begin accessing new log events after a few moments at https://console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#logs:
  • You can use 'sudo service awslogs start|stop|status|restart' to control the daemon.
  • To see diagnostic information for the CloudWatch Logs Agent, see /var/log/awslogs.log
  • You can rerun interactive setup using 'sudo python ./awslogs-agent-setup.py --region ap-northeast-1 --only-generate-config'


    进入 CloudWatch(自动创建的)
    查看CloudWatch Logs搜集的日志内容
    AWS管理页面点击[CloudWatch] -> [日志] -> 日志组[ /var/log/messages]。


修改日志时间为本地时间

修改日志时间为本地时间

创建警报文件!!
点击[筛选条件]。





查看收集日志的情况