search

lukewaite / logstash-input-cloudwatch-logs

Input plugin for Logstash to stream events from CloudWatch Logs
Other
142 stars 74 forks source link

Cloud watch logs are not read #83

Open RajezMariner opened 4 years ago

RajezMariner commented 4 years ago

Hi Team,

Below is the setting I have mentioned in my pipeline config. I am not able to fetch the aws cloud watch logs though. Not sure what I am missing. I have specified the correct access id and secret key. Also the logs group name is correct. Not sure what I am missing from the config perspective. Do we need to install any other beat shippers for this?

input {
    cloudwatch_logs {
        id => "cloudwatchid"
                log_group => "log group ID"
                access_key_id => ""
                secret_access_key => ""
        log_group_prefix => true
         }
}

filter {
}

output {
    elasticsearch {
        id => "elastic-search-id"
        hosts => "elasticsearch:9200"
        user => "elastic"
        password => "changeme"
    }
}

Thanks, Rajesh

RajezMariner commented 4 years ago

I could see the outputs are printed in the logstash stdout. But in Kibana , how to retrieve the elastic search? Is that a indices problem?

RollingFred commented 4 years ago

You should probably provide an index in your output configuration. Look there: https://www.elastic.co/guide/en/logstash/current/plugins-outputs-elasticsearch.html