wiki.getshifting.com

--- Sjoerd Hooft's InFormation Technology ---

User Tools

Site Tools

Trace:
awslightsailcloudwatch
Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
awslightsailcloudwatch [2025/07/14 04:32] – created - external edit 127.0.0.1awslightsailcloudwatch [2025/08/05 05:51] (current) – [Share CloudWatch Dashboard] sjoerd
Line 74: Line 74:
   * SSM parameter store: No   * SSM parameter store: No
  
-> Choose Standard to create a basic [setup](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/create-cloudwatch-agent-configuration-file-wizard.html#cloudwatch-agent-preset-metrics)+> Choose Standard to create a basic [[https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/create-cloudwatch-agent-configuration-file-wizard.html#cloudwatch-agent-preset-metrics |setup]]
  
-Edit the file afterwards as explained [here](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html), so now open the config file: {{{sudo vi /opt/aws/amazon-cloudwatch-agent/bin/config.json}}}:+Edit the file afterwards as explained [[https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html |here]], so now open the config file: {{{sudo vi /opt/aws/amazon-cloudwatch-agent/bin/config.json}}}:
  
 <code json> <code json>
Line 428: Line 428:
 == Journalctl == == Journalctl ==
  
-Traditionally, log files on a linux system were stored in the `/var/log` directory, but nowadays on systemd-based systems, the logs are stored in the systemd journal. You could check {{{cat /var/log/README}}} for confirmation. To still be able to send the logs to cloudwatch, we'll configure [[[https://vector.dev/ |Vector.dev]]], which is a tool from datadog, to send the journalctl entries to cloudwatch.+Traditionally, log files on a linux system were stored in the `/var/log` directory, but nowadays on systemd-based systems, the logs are stored in the systemd journal. You could check {{{cat /var/log/README}}} for confirmation. To still be able to send the logs to cloudwatch, we'll configure [[https://vector.dev/ |Vector.dev]], which is a tool from datadog, to send the journalctl entries to cloudwatch.
  
 === Setup IAM User === === Setup IAM User ===
Line 566: Line 566:
 <code json> <code json>
 { {
-  "Version": "2012-10-17", +    "Version": "2012-10-17", 
-  "Statement":+    "Statement":
-    +        
-      "Effect": "Allow", +            "Effect": "Allow", 
-      "Action":+            "Action":
-        "ec2:DescribeTags", +                "ec2:DescribeTags", 
-        "cloudwatch:GetMetricData" +                "cloudwatch:GetMetricData" 
-      ], +            ], 
-      "Resource": "*" +            "Resource": "*" 
-    }, +        }, 
-    +        
-      "Effect": "Allow", +            "Effect": "Allow", 
-      "Action":+            "Action":
-        "cloudwatch:GetInsightRuleReport", +                "cloudwatch:GetInsightRuleReport", 
-        "cloudwatch:DescribeAlarms", +                "cloudwatch:DescribeAlarms", 
-        "cloudwatch:GetDashboard" +                "cloudwatch:GetDashboard" 
-      ], +            ], 
-      "Resource":+            "Resource":
-        "arn:aws:cloudwatch::410123456772:dashboard/GetShiftingDashboard" +                "arn:aws:cloudwatch:eu-west-1:412008408272:alarm:Wiki - Full Root Disk", 
-      +                "arn:aws:cloudwatch::412008408272:dashboard/GetShiftingDashboard" 
-    }, +            
-    +        }, 
-      "Effect": "Allow", +        
-      "Action":+            "Effect": "Allow", 
-          "logs:FilterLogEvents", +            "Action":
-          "logs:StartQuery", +                "logs:FilterLogEvents", 
-          "logs:StopQuery", +                "logs:StartQuery", 
-          "logs:GetLogRecord", +                "logs:StopQuery", 
-          "logs:DescribeLogGroups" +                "logs:GetLogRecord", 
-      ], +                "logs:DescribeLogGroups" 
-      "Resource":+            ], 
-          "arn:aws:logs:eu-west-1:410123456772:log-group:apache/access:*", +            "Resource":
-          "arn:aws:logs:eu-west-1:410123456772:log-group:apache/error:*", +                "arn:aws:logs:eu-west-1:412008408272:log-group:apache/access:*", 
-          "arn:aws:logs:eu-west-1:410123456772:log-group:dpkg-logs:*", +                "arn:aws:logs:eu-west-1:412008408272:log-group:apache/error:*", 
-          "arn:aws:logs:eu-west-1:410123456772:log-group:systemd-journal:*" +                "arn:aws:logs:eu-west-1:412008408272:log-group:dpkg-logs:*", 
-      +                "arn:aws:logs:eu-west-1:412008408272:log-group:systemd-journal:*" 
-    }, +            
-    +        
-      "Effect": "Allow", +    ]
-      "Action": "cloudwatch:DescribeAlarms", +
-      "Resource": "*" +
-    } +
-  ]+
 } }
 </code> </code>
awslightsailcloudwatch.1752467552.txt.gz · Last modified: by 127.0.0.1