Overview
This input type allows you to specify a set of AWS CloudWatch Log Events for Edge Delta to monitor.
With this input, you can monitor multiple regions and log streams.
Review Sample Configuration
Review the following sample configuration:
cloudwatches:
- labels: "us-west-2_ed-log-group_admin-api"
region: "^us.*$"
log_group: /ed-log-group
log_stream: "^log.*$"
lookback: 1h
interval: 1m
prepend_timestamp: true
result_limit: 5000
- labels: "us_ed-log-group_admin"
region: "^us.*$"
log_group: "/ed-log-group"
log_stream: "^admin.*$"
interval: 5m
- labels: "ed-log-group"
region: ".*"
log_group: "/ed-log-group"
log_stream: ".*"
interval: 5m
- labels: "ed-log-with-regex-group-name"
region: ".*"
log_group: "^/ed-log"
log_stream: ".*"
interval: 5m
- labels: "cloudwatch-input-assumes-role"
region: "us-west-2"
log_group: "/ed-log-group"
log_stream: ".*"
interval: 5m
role_arn: "arn:aws:iam::<ACCOUNT_ID>:role/<ROLE_NAME>"
external_id: "053cf606-8e80-47bf-b849-8cd1cc826cfc"
- labels: "cloudwatch-input-host-filtered"
host: "myhost"
region: ".*"
log_group: "^/ed-log"
log_stream: ".*"
interval: 5m
- labels: "cloudwatch-input-with-aws-creds"
region: ".*"
log_group: "^/ed-log"
log_stream: ".*"
interval: 5m
aws_key_id: '{{ Env "AWS_KEY_ID" }}'
aws_sec_key: '{{ Env "AWS_SECRET_KEY" }}'
Review Parameters
Review the following parameters that you can configure in the Edge Delta App.
labels
Required
Enter a descriptive name for this input.
When you create a workflow, you will use this label to enter your input into the workflow.
Review the following example:
- labels: "us-west-2_ed-log-group_admin-api"
region
Optional
You can define a region pattern via regex expression.
For example, for all regions in United States, enter:
region: "^us.*$"
Note
By default, an AWS account is not enabled with all regions. As a result, you can monitor AWS CloudWatch Log Events for all regions without defining a region in the config file; the Edge Delta Agent will obtain and monitor logs from all enabled regions in your account. To accomplish this, you must add the ec2:DescribeRegions permission to your account.
To learn more, review the AWS document about DescribeRegions.
Review the following example:
region: "us-west-2"
log_group
Required
Enter the Log Group name via a regex expression that is associated with the CloudWatch Logs agent.
Review the following example:
log_group: /ed-log-group
log_stream
Optional
Enter a log stream pattern via a regex expression.
For example, for streams that start with log, enter:
log_stream: ^log.*$""
Review the following example:
log_stream: "^log.*$"
lookback
Optional
Enter an internal rate to monitor past data.
By default, this parameter is set to 1 hour.
Review the following example:
lookback: 1h
interval
Optional
Enter an internal rate to look for new, incoming log events.
By default, this parameter is set to 1 minute.
Review the following example:
interval: 1m
prepend_timestamp
Optional
Enter true or false to add an event timestamp as a prefix to the event message with a tab ("\t") delimiter.
Review the following example:
prepend_timestamp: true
result_limit
Optional
Enter a limit for the the maximum number of log events that should be returned.
By default, this parameter will return up to 1 MB of log events, which can be up to 10,000 log events.
Review the following example:
result_limit: 5000
filters
Optional
Enter an existing filter to add to this input.
To learn more, see Filters.
Review the following example:
filters:
- info
Quick links