Skip to content

Anarhyst266/logstash-output-awslogs

BranchesTags
 
 

Repository files navigation

Logstash Output Plugin for AWS CloudWatch Logs

This plugin for Logstash allows you to send events to AWS CloudWatch Logs.

Installation

The plugin is published on RubyGems. You can install it directly using the logstash-plugin command:

logstash-plugin install logstash-output-awslogs

Ensure that you have Logstash installed and properly configured before proceeding.

Usage

After installing the plugin, add it to your Logstash configuration file:

output {
  awslogs {
    access_key_id => "YOUR_ACCESS_KEY_ID"
    secret_access_key => "YOUR_SECRET_ACCESS_KEY"
    region => "us-east-1"
    log_group_name => "your_log_group_name"
    log_stream_name => "your_log_stream_name"
  }
}

Alternative Configuration Options

  1. Using AWS Session Token: If your environment requires temporary credentials with a session token, you can include it as follows:

    output {
  awslogs {
    access_key_id => "YOUR_ACCESS_KEY_ID"
    secret_access_key => "YOUR_SECRET_ACCESS_KEY"
    session_token => "YOUR_SESSION_TOKEN"
    region => "us-east-1"
    log_group_name => "your_log_group_name"
    log_stream_name => "your_log_stream_name"
  }
}

  2. Using IRSA (IAM Roles for Service Accounts): If you are running Logstash in an environment like Amazon EKS or EC2, where IAM roles are available, you can omit access_key_id, secret_access_key, and session_token. The plugin will automatically use the IAM role assigned to the service account or instance.

    output {
  awslogs {
    region => "us-east-1"
    log_group_name => "your_log_group_name"
    log_stream_name => "your_log_stream_name"
  }
}

    Ensure that the IAM role has the necessary permissions to write to CloudWatch Logs.

Parameters:

  • access_key_id: Your AWS Access Key ID.
  • secret_access_key: Your AWS Secret Access Key.
  • session_token: (Optional) Your AWS session token for temporary credentials.
  • region: AWS Region (e.g., us-east-1).
  • log_group_name: The name of the CloudWatch Logs group.
  • log_stream_name: The name of the CloudWatch Logs stream.

Make sure the provided AWS credentials or IAM roles have sufficient permissions to write to CloudWatch Logs.

Development

  1. Clone the repository:

    git clone https://github.com/Anarhyst266/logstash-output-awslogs.git

  2. Navigate to the plugin directory:

    cd logstash-output-awslogs

  3. Install dependencies:

    bundle install

  4. For local testing with Logstash:

    • Clone the Logstash repository.

    • In the Gemfile of Logstash, add the following line:

      gem "logstash-output-awslogs", :path => "/path/to/your/plugin"

    • Install the plugin:

      bin/logstash-plugin install --no-verify

    • Start Logstash with your configuration.

Contribution

Contributions are welcome! Please create issues or submit pull requests to help improve the project.

License

This project is licensed under the Apache 2.0 License. See the LICENSE file for details.

Acknowledgments

This plugin is based on the work by RickyCook.

About

Logstash output plugin that writes events to AWS CloudWatch logs

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 2

v1.1.4 Latest
Jan 25, 2024
+ 1 release

Packages

No packages published

Languages

  • Ruby 100.0%