I would like to view all my logs in cloudwatch.
I currently have a multi-docker Elastic beanstalk environment.
I have selected for the logs to push to cloudwatch by going to
Elastic Beanstalk > App > Env > Configuration > Software Configuration > CloudWatch Logs
This is enabled.
When I look in cloudwatch I see the following bits..
/aws/elasticbeanstalk/myapp-staging/var/log/docker-events.log
/aws/elasticbeanstalk/myapp-staging/var/log/eb-activity.log
/aws/elasticbeanstalk/myapp-staging/var/log/eb-ecs-mgr.log
/aws/elasticbeanstalk/myapp-staging/var/log/ecs/ecs-agent.log
/aws/elasticbeanstalk/myapp-staging/var/log/ecs/ecs-init.log
But I do not see the nginx access/error logs.
I have this in my Dockerrun.aws.json
"mountPoints":[
{
"sourceVolume": "awseb-logs-nginx",
"containerPath": "/var/log/nginx"
}
If i SSH to the instance with this contain on I can see these logs (when I hit URLS) being generated (as expected) on the local path of /var/log/containers/nginx/access.log
etc.
Also If i go to EBS > Logs and request recent logs I can also see them what is in the access log, it just not being sent to CloudWatch?
I wondered if I had to setup a Log Group
with the correct path, i tried this but it did not get populated?
I am sure that I am missing something to push this on to Cloudwatch, many thanks in advance!
Update:
I've since added the below, which was suggested as what is required. This file sits in .ebextensions
folder named nginx_logs.conf
.
packages:
yum:
awslogs: []
files:
"/etc/awslogs/config/nginx_logs.conf" :
mode: "000600"
owner: root
group: root
content: |
[/var/log/containers/nginx/access.log]
log_group_name = `{"Fn::Join":["/", ["/aws/elasticbeanstalk", { "Ref":"AWSEBEnvironmentName" }, "var/log/containers/nginx/access.log"]]}`
log_stream_name = {instance_id}
file = /var/log/containers/nginx/access.log*
[/var/log//containers/nginx/error.log]
log_group_name = `{"Fn::Join":["/", ["/aws/elasticbeanstalk", { "Ref":"AWSEBEnvironmentName" }, "var/log/containers/nginx/error.log"]]}`
log_stream_name = {instance_id}
file = /var/log/containers/nginx/error.log*
commands:
"01":
command: chkconfig awslogs on
"02":
command: service awslogs restart
Still no joy, as again I can still see them when I hit request logs or request last 100 logs. But nothing in cloudwatch…
Best Answer
According to the official AWS documentation, the following files are collected out of the box for Docker Multicontainer EB environments:
Since these paths don't include the directory which contains the nginx logs, it makes sense they won't be streamed to CloudWatch.
To stream your logs, looks like you will have to configure the CloudWatch Logs agent to collect the files in the containers directory. There are sample configurations here. Frankly it's a little strange the default config for Docker Multicontainer doesn't include container logs, but apparently this is how AWS has implemented this.