logstash-input-cloudwatch-logs icon indicating copy to clipboard operation
logstash-input-cloudwatch-logs copied to clipboard

Published 20 hours ago verified publisher icon lukewaite

Cloud watch logs are not read

Open RajezMariner opened this issue 5 years ago • 2 comments

Hi Team,

Below is the setting I have mentioned in my pipeline config. I am not able to fetch the aws cloud watch logs though. Not sure what I am missing. I have specified the correct access id and secret key. Also the logs group name is correct. Not sure what I am missing from the config perspective. Do we need to install any other beat shippers for this?

input {
	cloudwatch_logs {
		id => "cloudwatchid"
                log_group => "log group ID"
                access_key_id => ""
                secret_access_key => ""
		log_group_prefix => true
         }
}

filter {
}

output {
	elasticsearch {
		id => "elastic-search-id"
		hosts => "elasticsearch:9200"
		user => "elastic"
		password => "changeme"
	}
}

Thanks, Rajesh

RajezMariner avatar Jan 23 '20 11:01 RajezMariner

I could see the outputs are printed in the logstash stdout. But in Kibana , how to retrieve the elastic search? Is that a indices problem?

RajezMariner avatar Jan 24 '20 06:01 RajezMariner

You should probably provide an index in your output configuration. Look there: https://www.elastic.co/guide/en/logstash/current/plugins-outputs-elasticsearch.html

RollingFred avatar Mar 24 '20 20:03 RollingFred