AWS EC2启动cloudwatch windows 2016图像中的日志
[英]AWS EC2 Launch logs in cloudwatch windows 2016 image
问题描述
I'm trying to forward the EC2 Launch logs to cloudwatch from my win 2016-based EC2 instance. 
我正试图从我的基于2016的EC2实例转发EC2启动日志到cloudwatch。
For some reason I can't see the log groups for this specific category. 由于某种原因,我无法看到此特定类别的日志组。
Here's example of my AWS.EC2.Windows.CloudWatch.json : 这是我的AWS.EC2.Windows.CloudWatch.json的示例:
{
"IsEnabled": true,
"EngineConfiguration": {
"PollInterval": "00:00:15",
"Components": [
{
"Id": "Ec2Config",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Log",
"TimestampFormat": "yyyy-MM-ddTHH:mm:ss.fffZ:",
"Encoding": "UTF-8",
"Filter": "UserdataExecution.log",
"CultureName": "en-US",
"TimeZoneKind": "UTC"
}
},
{
"Id": "EC2ConfigSink",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"Region": "eu-west-1",
"LogGroup": "/my-customer/deployment/ec2config-userdata",
"LogStream": "ec2config-userdata"
}
}
...
I have a few more definitions in this file
...],
"Flows": {
"Flows":
[
"Ec2Config,EC2ConfigSink",
... other references here
]
}
}
Cloudwatch agent starts and doesn't report any errors, I can see data from other sources (some application log files - I skipped the definitions intentionally) Cloudwatch代理启动并且不报告任何错误,我可以看到来自其他来源的数据(某些应用程序日志文件 - 我故意跳过定义)
It means the cloudwatch config file is correct and is applied / placed in a correct directory. 这意味着cloudwatch配置文件是正确的,并应用/放置在正确的目录中。
Logs are coming through with no problem except for the EC2 launch logs. 除了EC2启动日志之外,日志都没有问题。
I'm wondering if anybody ran into this problem? 我想知道是否有人遇到过这个问题? It works perfectly on Windows 2012 - based images 它在基于Windows 2012的图像上完美运行
1 个解决方案
解决方案1
0 已采纳 2017-04-05 18:12:54
Apparently, the SSM Agent starts after the EC2 Launch executes UserData script. 显然,SSM代理在 EC2 Launch执行UserData脚本后启动。 I can see it from the SSM Agent's log file modification timestamps. 我可以从SSM Agent's日志文件修改时间戳中看到它。
Therefore, there's no log forwarding happening during the EC2 Launch . 因此,在EC2 Launch期间没有发生日志转发。 When the SSM Agent starts and loads the cloudwatch plugin, the log files are already filled with entries and never change (wallpaper log is the only exception) So they never end up in cloudwatch console. 当SSM代理启动并加载cloudwatch插件时,日志文件已填充条目并且永远不会更改(壁纸日志是唯一的例外)因此它们永远不会在cloudwatch控制台中结束。
There's been a lot of changes implemented on AWS side: they switch to .Net core, removed EC2 config service and moved the log forwarding logic to SSM Agent (cloudwatch Plugin) for Windows 2016-based AMIs 在AWS方面实施了许多变更:他们切换到.Net核心,删除了EC2 config service ,并将日志转发逻辑移至Windows 2016-based AMI的SSM Agent (cloudwatch插件)
It looks like the behavior has changed quite significantly too so there's no way to get the EC2 launch logs in cloudwatch (when using AWS toolset-only) 看起来行为也发生了很大变化,因此无法在cloudwatch获取EC2 launch logs (仅限使用AWS工具集时)
Basically we have to stick to our Application logs only which is very unfortunate. 基本上我们必须坚持使用我们的应用程序日志,这是非常不幸的。 We rely on EC2 launch logs to see if the instance started & successfully executed user data. 我们依靠EC2 launch日志来查看实例是否已启动并成功执行用户数据。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.