CloudWatch Logs Insights
CloudWatch Logs Insights
- You access the EC2 interface
- Select Instances
- Select /Instance-A/test-instance
- Then select Connect
- In the Connect to instance interface
- Select Session Manager
- Select Connect
- We will have a new interface on the browser
- After accessing the Session Manager interface. You execute the following script:
cd /tmp
sudo aws s3 cp s3://workshop-template-bucket/logger.py .
- Continue granting permission by running the next script
sudo chmod +x logger.py
python3 logger.py &
5 . We check again with the following command:
ps -aux | grep logger
- View the log with the following command:
sudo tail -f /var/log/messages
Find logs in CloudWatch Log Insights
- Access to CloudWatch interface
- Select Logs Insights
- Select Select log group(s)
- Select /ec2/linux/var/log/messages.
- Execute Run query
fields @timestamp, @message
| sort @timestamp desc
| limit 20
- Notice that we are querying the logs from the past one hour, select Custom
- We will see the following log:
- Filter error logs
fields @timestamp, @message
| filter @message like /ERROR/
| sort @timestamp desc
| limit 20
- View logs containing WARN
fields @timestamp, @message
| filter @message like /WARN/
| sort @timestamp desc
| limit 20
- Then retry running the query ERROR
fields @timestamp, @message
| filter @message like /ERROR/
| sort @timestamp desc
| stats count (*) by @logStream
- Continue query
fields @timestamp, @message
| filter @message like /eth0/
| sort @timestamp desc
| stats count (*) by bin(5m)
- Then you see Visualization
- Execute Save query
fields @timestamp, @message
| filter @message like /ERROR/
| sort @timestamp desc
| limit 20
- Save query successfully.
- View query history.
