AWS CloudWatch Logs監控Apache日誌文件

使用CloudWatch Logs監控Apache日誌文件
具體的操做步驟以下；
添加IAM權限啓動EC2
建立EC2(AMI選擇CentOS7)
安裝Apache並啓動
安裝CloudWatch Logs代理(Agent)
查看CloudWatch Logs蒐集的日誌內容
編輯事件保留時間
建立篩選條件
建立警報

1.建立IAM角色
1.建立IAM角色

在這裏建立[CloudWatchLogsFullAccess]權限的角色後分配給Amazon EC2，這樣就能夠簡單的使用CloudWatch Logs監控。

給角色起個名稱--等下關聯EC2

啓動EC2實例

給分配一個公有IP地址-關聯建立的IAM角色


安全組須要容許22端口及80端口訪問。

等待EC2實例起來--鏈接EC2實例

使用CRT 鏈接 EC2實例公有IP地址
鏈接成功後進入EC2實例
安裝Apache

進入root模式

$ sudo -i
更新yum
yum -y update
#安裝Apache server
#yum -y install httpd
#啓動Apache server
#service httpd start
#下載安裝CloudWatch Logs代理(Agent)
[root@ip-172-31-17-22 ~]# wget https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py
--2020-03-13 08:47:58-- https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py
Resolving s3.amazonaws.com (s3.amazonaws.com)... 52.216.142.54
Connecting to s3.amazonaws.com (s3.amazonaws.com)|52.216.142.54|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 57644 (56K) [text/x-python]
Saving to: ‘awslogs-agent-setup.py’

awslogs-agent-setup 100%[===================>] 56.29K 132KB/s in 0.4s

2020-03-13 08:48:00 (132 KB/s) - ‘awslogs-agent-setup.py’ saved [57644/57644]
#運行CloudWatch Logs代理(Agent)
[root@ip-172-31-17-22 ~]# python ./awslogs-agent-setup.py --region ap-northeast-1
Launching interactive setup of CloudWatch Logs agent ...
downloading AgentDependencies.tar.gz with urllib
AgentDependencies/
AgentDependencies/awslogscli/
AgentDependencies/awslogscli/urllib3-1.25.6.tar.gz
AgentDependencies/awslogscli/jmespath-0.9.2.tar.gz
AgentDependencies/awslogscli/colorama-0.3.7.zip
---------------此處省略--------------------------------------
AgentDependencies/virtualenv-15.1.0/docs/changes.rst
AgentDependencies/virtualenv-15.1.0/docs/installation.rst
AgentDependencies/virtualenv-15.1.0/docs/make.bat
AgentDependencies/pip-6.1.1.tar.gz

Step 1 of 5: Installing pip ...DONE

Step 2 of 5: Downloading the latest CloudWatch Logs agent bits ... DONE

Step 3 of 5: Configuring AWS CLI ...
AWS Access Key ID [None]: 按回車 # 實驗默認沒有（受權的是IAM角色）
AWS Secret Access Key [None]: 按回車
Default region name [ap-northeast-1]: ap-east-1 #選擇EC2實例所在的區域（作實驗用的是香港：ap-east-1）
Default output format [None]: 按回車

Step 4 of 5: Configuring the CloudWatch Logs Agent ...
Path of log file to upload [/var/log/messages]: 按回車 固然也能夠選擇ec2別的服務日誌路徑
Destination Log Group name [/var/log/messages]: /var/log/messages #目標日誌組名稱（會自動建立在CloudWatch無需手動建立）

Choose Log Stream name:

1. Use EC2 instance id.
2. Use hostname.
3. Custom.
   Enter choice [1]: 按回車 #使用EC2 實例ID（自動建立的）

Choose Log Event timestamp format:

1. %b %d %H:%M:%S (Dec 31 23:59:59)
2. %d/%b/%Y:%H:%M:%S (10/Oct/2000:13:55:36)
3. %Y-%m-%d %H:%M:%S (2008-09-08 11:52:54)
4. Custom
   Enter choice [1]: 按回車

Choose initial position of upload:

1. From start of file.
2. From end of file.
   Enter choice [1]:
   More log files to configure? [Y]: N # 也能夠多選-配置更多日誌文件

Step 5 of 5: Setting up agent as a daemon ...DONE

• Configuration file successfully saved at: /var/awslogs/etc/awslogs.conf
• You can begin accessing new log events after a few moments at https://console.aws.amazon.com/cloudwatch/home?region=ap-northeast-1#logs:
• You can use 'sudo service awslogs start|stop|status|restart' to control the daemon.
• To see diagnostic information for the CloudWatch Logs Agent, see /var/log/awslogs.log

• You can rerun interactive setup using 'sudo python ./awslogs-agent-setup.py --region ap-northeast-1 --only-generate-config'

  ---

  進入 CloudWatch（自動建立的）
  查看CloudWatch Logs蒐集的日誌內容
  AWS管理頁面點擊[CloudWatch] -> [日誌] -> 日誌組[ /var/log/messages]。
  

修改日誌時間爲本地時間

修改日誌時間爲本地時間

建立警報文件！！
點擊[篩選條件]。

查看收集日誌的狀況