无法在 windows 2016 年使用 ec2 cloudwatch 日志
Unable to use ec2 cloudwatch logs on windows 2016
我添加了一个 \Program Files\Amazon\SSM\Plugins\awsCloudWatch\AWS.EC2.Windows.Cloudwatch.json 文件,如我的用户数据启动所解释的那样,并重新启动了 ssm 服务,如 windows 2016 的文档中所解释的那样。有ssm 代理日志中没有错误。但是,我没有看到 AWS.Cloudwatch.exe 运行,也没有日志发送到 cloudwatch。
我真正感兴趣的只是应用程序和系统事件日志以及 \programdata\amazon\ecs\log 目录。如果我成功了,我也会添加启动日志。
在哪里可以找到线索?我确实尝试过手动启动 aws.cloudwatch.exe,但不知道配置参数应该是什么样子。
这是我的配置
$ssmconfig = @"
{
"IsEnabled": true,
"EngineConfiguration": {
"PollInterval": "00:00:05",
"Components": [
{
"Id": "ApplicationEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Application",
"Levels": "1"
}
},
{
"Id": "SystemEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "System",
"Levels": "7"
}
},
{
"Id": "SecurityEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Security",
"Levels": "7"
}
},
{
"Id": "CustomLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\ProgramData\Amazon\ECS\Log
",
"TimestampFormat": "MM/dd/yyyy HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "Local"
}
},
{
"Id": "CloudWatchLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"Region": "MYREGION}",
"LogGroup": "MYLOGGGROUP/win-host-eventlog",
"LogStream": "THISINSTANCEID"
}
},
{
"Id": "CloudWatchEcsLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"Region": "MYREGION",
"LogGroup": "MYLOGGROUP/win-host-ecs-logs",
"LogStream": "THISINSTANCEID"
}
}
],
"Flows": {
"Flows": [
"(ApplicationEventLog,SystemEventLog),CloudWatchLogs"
"CustomLogs,CloudWatchEcsLogs"
]
}
}
}
"@
Add-Content "C:\Program Files\Amazon\SSM\Plugins\awsCloudWatch\AWS.ECS.Windows.CloudWatch.json" $ssmconfig
Restart-Service AmazonSSMAgent
`
根据 documentation:
EC2Config 服务未包含在 AWS Windows 2016 AMI 中,您需要手动安装它。安装它,运行它,启用日志集成,并更新位于以下路径的 JSON 文件(通常):
C:\Program Files\Amazon\SSM\Plugins\awsCloudWatch
这是我在服务器上的配置。它工作正常,我得到了日志和性能指标。
{
"IsEnabled": true,
"EngineConfiguration": {
"Components": [{
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "ApplicationEventLog",
"Parameters": {
"Levels": "1",
"LogName": "Application"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "SystemEventLog",
"Parameters": {
"Levels": "7",
"LogName": "System"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "SecurityEventLog",
"Parameters": {
"Levels": "7",
"LogName": "Security"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "ETW",
"Parameters": {
"Levels": "7",
"LogName": "Microsoft-Windows-WinINet/Analytic"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.IisLog.IisLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "IISLog",
"Parameters": {
"LogDirectoryPath": "C:\inetpub\logs\LogFiles\W3SVC1"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "CustomLogs",
"Parameters": {
"CultureName": "en-US",
"Encoding": "UTF-8",
"Filter": "",
"LogDirectoryPath": "C:\Logs\",
"TimeZoneKind": "Local",
"TimestampFormat": "yyyy-MM-dd HH:mm:ss"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "PerformanceCounterMemory",
"Parameters": {
"CategoryName": "Memory",
"CounterName": "Available MBytes",
"DimensionName": "InstanceId",
"DimensionValue": "{instance_id}",
"InstanceName": "",
"MetricName": "Memory",
"Unit": "Megabytes"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "PerformanceCounterDisk",
"Parameters": {
"CategoryName": "LogicalDisk",
"CounterName": "Free Megabytes",
"DimensionName": "InstanceId",
"DimensionValue": "{instance_id}",
"InstanceName": "D:",
"MetricName": "FreeDisk",
"Unit": "Megabytes"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Id": "CloudWatchLogs",
"Parameters": {
"AccessKey": "",
"LogGroup": "ASG",
"LogStream": "{instance_id}",
"Region": "eu-west-1",
"SecretKey": ""
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "CloudWatch",
"Parameters": {
"AccessKey": "",
"NameSpace": "PerformanceMonitor",
"Region": "eu-west-1",
"SecretKey": ""
}
}],
"Flows": {
"Flows": [
"(PerformanceCounterMemory,PerformanceCounterDisk),CloudWatch",
"(ApplicationEventLog,SystemEventLog),CloudWatchLogs"
]
},
"PollInterval": "00:00:15"
}
}
我添加了一个 \Program Files\Amazon\SSM\Plugins\awsCloudWatch\AWS.EC2.Windows.Cloudwatch.json 文件,如我的用户数据启动所解释的那样,并重新启动了 ssm 服务,如 windows 2016 的文档中所解释的那样。有ssm 代理日志中没有错误。但是,我没有看到 AWS.Cloudwatch.exe 运行,也没有日志发送到 cloudwatch。
我真正感兴趣的只是应用程序和系统事件日志以及 \programdata\amazon\ecs\log 目录。如果我成功了,我也会添加启动日志。
在哪里可以找到线索?我确实尝试过手动启动 aws.cloudwatch.exe,但不知道配置参数应该是什么样子。
这是我的配置
$ssmconfig = @"
{
"IsEnabled": true,
"EngineConfiguration": {
"PollInterval": "00:00:05",
"Components": [
{
"Id": "ApplicationEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Application",
"Levels": "1"
}
},
{
"Id": "SystemEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "System",
"Levels": "7"
}
},
{
"Id": "SecurityEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Security",
"Levels": "7"
}
},
{
"Id": "CustomLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\ProgramData\Amazon\ECS\Log
",
"TimestampFormat": "MM/dd/yyyy HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "Local"
}
},
{
"Id": "CloudWatchLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"Region": "MYREGION}",
"LogGroup": "MYLOGGGROUP/win-host-eventlog",
"LogStream": "THISINSTANCEID"
}
},
{
"Id": "CloudWatchEcsLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"Region": "MYREGION",
"LogGroup": "MYLOGGROUP/win-host-ecs-logs",
"LogStream": "THISINSTANCEID"
}
}
],
"Flows": {
"Flows": [
"(ApplicationEventLog,SystemEventLog),CloudWatchLogs"
"CustomLogs,CloudWatchEcsLogs"
]
}
}
}
"@
Add-Content "C:\Program Files\Amazon\SSM\Plugins\awsCloudWatch\AWS.ECS.Windows.CloudWatch.json" $ssmconfig
Restart-Service AmazonSSMAgent
`
根据 documentation: EC2Config 服务未包含在 AWS Windows 2016 AMI 中,您需要手动安装它。安装它,运行它,启用日志集成,并更新位于以下路径的 JSON 文件(通常):
C:\Program Files\Amazon\SSM\Plugins\awsCloudWatch
这是我在服务器上的配置。它工作正常,我得到了日志和性能指标。
{
"IsEnabled": true,
"EngineConfiguration": {
"Components": [{
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "ApplicationEventLog",
"Parameters": {
"Levels": "1",
"LogName": "Application"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "SystemEventLog",
"Parameters": {
"Levels": "7",
"LogName": "System"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "SecurityEventLog",
"Parameters": {
"Levels": "7",
"LogName": "Security"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "ETW",
"Parameters": {
"Levels": "7",
"LogName": "Microsoft-Windows-WinINet/Analytic"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.IisLog.IisLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "IISLog",
"Parameters": {
"LogDirectoryPath": "C:\inetpub\logs\LogFiles\W3SVC1"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "CustomLogs",
"Parameters": {
"CultureName": "en-US",
"Encoding": "UTF-8",
"Filter": "",
"LogDirectoryPath": "C:\Logs\",
"TimeZoneKind": "Local",
"TimestampFormat": "yyyy-MM-dd HH:mm:ss"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "PerformanceCounterMemory",
"Parameters": {
"CategoryName": "Memory",
"CounterName": "Available MBytes",
"DimensionName": "InstanceId",
"DimensionValue": "{instance_id}",
"InstanceName": "",
"MetricName": "Memory",
"Unit": "Megabytes"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "PerformanceCounterDisk",
"Parameters": {
"CategoryName": "LogicalDisk",
"CounterName": "Free Megabytes",
"DimensionName": "InstanceId",
"DimensionValue": "{instance_id}",
"InstanceName": "D:",
"MetricName": "FreeDisk",
"Unit": "Megabytes"
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Id": "CloudWatchLogs",
"Parameters": {
"AccessKey": "",
"LogGroup": "ASG",
"LogStream": "{instance_id}",
"Region": "eu-west-1",
"SecretKey": ""
}
}, {
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
"Id": "CloudWatch",
"Parameters": {
"AccessKey": "",
"NameSpace": "PerformanceMonitor",
"Region": "eu-west-1",
"SecretKey": ""
}
}],
"Flows": {
"Flows": [
"(PerformanceCounterMemory,PerformanceCounterDisk),CloudWatch",
"(ApplicationEventLog,SystemEventLog),CloudWatchLogs"
]
},
"PollInterval": "00:00:15"
}
}