AWS CloudWatch Logs

mattymatt79 · January 6, 2021, 8:54pm

Is there a simple way to ingest cloudwatch logs to ElasticSearch?
Or is the lambda way the only easy way?

jasonrojas · January 7, 2021, 11:35pm

The setup I have done in the past for this is to create a Kinesis Data Stream (lets call it logstash-kinesis)
From there, assuming you are asking about indexing Cloudwatch log groups into elasticsearch, for each log group you have, you want to add a subscription filter to it, pointing that log group’s subscription filter to the kinesis data stream (logstash-kinesis)…
From there you can run an indexing process like logstash using the cloudwatch codec and input directly from the kinesis data stream (logstash-kinesis)
ie:

input {
  kinesis {
    kinesis_stream_name => "logstash-kinesis"
    application_name => "logstash-kinesis"
    region => "us-west-2"
    codec => cloudwatch_logs
  }
}
...

Topic		Replies	Views
Cloudwatch logs into opensearch functionbeat / kinesis + logstash OpenSearch	4	667	August 5, 2022
Create index cwl-* (timestamp) logs lambda OpenDistro discuss , troubleshoot , configure , install	1	390	February 7, 2023
Cloudwatch is not sending data to Elasticsearch domain Open Source Elasticsearch and Kibana	1	690	February 7, 2023
Logstash Elasticsearch Input Plugin, Request signing Open Source Elasticsearch and Kibana	2	705	December 27, 2021
What are the monitoring options for the OpenSearch Service? Open Source Elasticsearch and Kibana	4	308	November 26, 2023

AWS CloudWatch Logs

Related Topics