amazon-web-services - AWS Elastic Beanstalk : Custom Cloudwatch Logs not showing despite IAM permissions and custom config

我在设置自定义日志文件从我的 AWS Elastic Beanstalk 项目流式传输到 CloudWatch 时遇到了问题。作为引用，我尝试了 "AWS Elastic Beanstalk: Add custom logs to CloudWatch?" 中的建议无济于事。本质上，当我从主机下载日志时，我想要的日志文件位于 /var/log/containers/api-1c080332ba3f-stdouterr.log, /var/log/containers/nginx-a5057f87f4cf-stdouterr.log 和 /var/log/containers/web-0a2e0762e8f0-stdouterr.log (每次更新时数字都会变化).

我在 .ebextensions/log.config ( following this for reference ) 中添加了一个新的自定义日志配置文件:

packages:
  yum:
    awslogs: []

files:
  "/etc/awslogs/awscli.conf" :
    mode: "000600"
    owner: root
    group: root
    content: |
      [plugins]
      cwlogs = cwlogs
      [default]
      region = `{"Ref":"AWS::Region"}`

  "/etc/awslogs/awslogs.conf" :
    mode: "000600"
    owner: root
    group: root
    content: |
      [general]
      state_file = /var/lib/awslogs/agent-state

  "/etc/awslogs/config/logs.conf" :
    mode: "000600"
    owner: root
    group: root
    content: |
      [/var/log/containers/nginx-stdouterr.log]
      log_group_name = `{"Fn::Join":["/", ["/aws/elasticbeanstalk", { "Ref":"AWSEBEnvironmentName" }, "var/log/containers/nginx-stdouterr.log"]]}`
      log_stream_name = {instance_id}
      file = /var/log/containers/nginx*

      [/var/log/containers/web-stdouterr.log]
      log_group_name = `{"Fn::Join":["/", ["/aws/elasticbeanstalk", { "Ref":"AWSEBEnvironmentName" }, "var/log/containers/web-stdouterr.log"]]}`
      log_stream_name = {instance_id}
      file = /var/log/containers/web*

      [/var/log/containers/api-stdouterr.log]
      log_group_name = `{"Fn::Join":["/", ["/aws/elasticbeanstalk", { "Ref":"AWSEBEnvironmentName" }, "var/log/containers/api-stdouterr.log"]]}`
      log_stream_name = {instance_id}
      file = /var/log/containers/api*

commands:
  "01":
    command: systemctl enable awslogsd.service
  "02":
    command: systemctl restart awslogsd

我已将此策略另外添加到服务和 ec2 角色:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "logs:CreateLogStream",
                "logs:CreateLogGroup",
                "logs:PutLogEvents",
                "logs:DescribeLogGroups",
                "logs:DescribeLogStreams"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

最后，我在 /var/logs/awslogs.log 中没有看到任何错误。

我还有什么遗漏的吗？到目前为止，查看官方文档没有运气。

最佳答案

不要将您自己的策略添加到实例角色，而是尝试添加 CloudWatchAgentServerPolicy 托管策略。

当我的工作正常时，我还删除了 /etc/awslogs/awslogs.conf 文件定义。

最后，当行被写入日志文件时，代理似乎只在 CloudWatch 中创建日志组。确保您正在收集的文件已写入并查看是否已创建日志组。祝你好运!

关于amazon-web-services - AWS Elastic Beanstalk : Custom Cloudwatch Logs not showing despite IAM permissions and custom config，我们在Stack Overflow上找到一个类似的问题： https://stackoverflow.com/questions/66845057/

amazon-web-services - AWS Elastic Beanstalk : Custom Cloudwatch Logs not showing despite IAM permissions and custom config

上一篇：mongodb - nestjs mongoose 类型 'string' 不可分配给类型 'Condition<LeanDocument<User>>

下一篇：javascript - 建立网站时出现搜索引擎问题(TypeError : Cannot read property 'toLowerCase' of undefined)