A webserver like nginx can have some important logs that is crucial to the security of server. but as cloud provider its not convenient to always login manually to check the logs file yourself. to automate this task Cloudwatch can be a huge help to monitor the direct logs generated by nginx and other webserver.
Here we will see how to set up Logs monitoring with Cloudwatch.
Step 1: Create ec2 instance
- install nginx
- activate service
- check port 80 on browser to generate some logs
- check if these files get created
sudo ls /var/log/nginx/
access.log error.logStep 2: to send these logs to cloudwatch
- create IAM role
- give that role
ec2-describepermission - attach role to instance
Step 3: Setup Agent
- install agent
sudo yum install amazon-cloudwatch-agent -y- enable agent service
systemctl enable --now amazon-cloudwatch-agent- Goto this directory
cd /opt/aws/amazon-cloudwatch-agent/bin/- create configuration file
sudo ./amazon-cloudwatch-agent-config-wizardafter finishing whole setup it will generate config.json file in that folder
Log file path:
/var/log/nginx/access.logconfig.json generated in bin folder
Try validating this config with amazon-cloudwatch-agent
./amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c file:config.jsonCheck over cloudwatch Log events should be visible like this
Troubleshooting
if you get error of collectd folder or file not found
create an empty collectd file in that said location