无法在 CloudWatch 日志控制台中获取 IIS 日志组。创建协会后
Can't Get IIS Log Group in CloudWatch Log Console. After creating Association
我尝试使用 aws CloudWatch 分析 IIS 日志。我按照下面的程序 link
[ https://aws.amazon.com/blogs/mt/automate-iis-and-httperr-logs-to-amazon-cloudwatch-using-ec2-systems-manager/ ]
遵循的步骤:
- Set up the configuration json file.
配置json文件:
{
"IsEnabled": true,
"EngineConfiguration": {
"PollInterval": "00:00:15",
"Components": [
{
"Id": "SystemEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "System",
"Levels": "7"
}
},
{
"Id": "SecurityEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Security",
"Levels": "7"
}
},
{
"Id": "ETW",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Microsoft-Windows-WinINet/Analytic",
"Levels": "7"
}
},
{
"Id": "IISLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\inetpub\logs\LogFiles\W3SVC1",
"TimestampFormat": "yyyy-MM-dd HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "UTC",
"LineCount": "3"
}
},
{
"Id": "HttpErr",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\Windows\System32\LogFiles\HTTPERR",
"TimestampFormat": "yyyy-MM-dd HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "UTC",
"LineCount": "3"
}
},
{
"Id": "CustomLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\CustomLogs\",
"TimestampFormat": "MM/dd/yyyy HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "Local"
}
},
{
"Id": "PerformanceCounter",
"FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"CategoryName": "Memory",
"CounterName": "Available MBytes",
"InstanceName": "",
"MetricName": "Memory",
"Unit": "Megabytes",
"DimensionName": "",
"DimensionValue": ""
}
},
{
"Id": "IISCloudWatchLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"AccessKey": "---------------------------------",
"SecretKey": "----------------------------------",
"Region": "us-east-1a",
"LogGroup": "RWEBAPP-SERVER",
"LogStream": "used our instance id"
}
},
{
"Id": "HttpErrCloudWatchLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"AccessKey": "-----------------------------------------",
"SecretKey": "-----------------------------------------",
"Region": "us-east-1a",
"LogGroup": "RckWebServer",
"LogStream": "used our instance id-httpErr"
}
},
{
"Id": "CloudWatch",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"AccessKey": "------------------------------",
"SecretKey": "------------------------------",
"Region": "us-east-1a",
"NameSpace": "Windows/Default"
}
}
],
"Flows": {
"Flows": [
"IISLogs,IISCloudWatchLogs",
"HttpErrLogs,HttpCloudWatchLogs"
]
}
}
}
- Then, Configure integration with CloudWatch. Association was created successfully.
- Can't see log group in cloudwatch log console..
4.Checked the error log in this file path [C:/ProgramData/Amazon/SSM/Logs]
错误日志:
2018-11-12 11:20:06,055 [1] 信息 [框架] - 无法创建组件,因为配置缺少 HttpErrLogs,基于此组件的工作流将无法启动。
2018-11-12 11:20:06,077 [1] INFO [Framework] - 无法创建组件,因为配置缺少 HttpCloudWatchLogs,基于此组件的工作流将无法启动。
2018-11-12 11:20:06,077 [1] INFO [Framework] - 无法创建组件,因为配置缺少 HttpErrLogs,基于此组件的工作流将无法启动。
2018-11-12 11:20:06,077 [1] 错误 [框架] - 工作流创建失败:无法创建组件 ID HttpErrLogs。请验证工作流中的组件是否已在配置中定义。
2018-11-12 11:20:06,077 [1] 错误 [框架] - 无法使用提供的配置设置初始化 CloudWatch 插件。
2018-11-12 11:20:06,077 [1] 错误 [框架] - aws:cloudWatch 插件引发异常。
AWS.EC2.Windows.CloudWatch.CloudwatchConfigurationException:无法使用提供的配置设置初始化 CloudWatch 插件。
工作流创建失败:无法创建组件 ID HttpErrLogs。请验证配置中定义了工作流中的组件。
在 AWS。EC2.Windows.CloudWatch.Host.Configure(字符串配置)
在 Amazon.EC2Services.Config.Plugins.CloudWatch.CloudWatchPlugin.Apply(PluginApplyContext applyContext, PluginArgs pluginArgs)
2018-11-12 11:20:06,102 [1] INFO [Framework] - aws:cloudWatch 插件配置已验证
2018-11-12 11:20:06,102 [1] INFO [aws:cloudWatch] - CloudWatch 执行开始。
2018-11-12 11:20:06,102 [1] 信息 [aws:cloudWatch] - 启动 CloudWatch 插件
2018-11-12 11:20:06,102 [1] 错误 [aws:cloudWatch] - 主机未配置,没有数据将上传到 CloudWatch
您的 ID 不匹配 HttpErr:
{
"Id": "HttpErr",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\Windows\System32\LogFiles\HTTPERR",
"TimestampFormat": "yyyy-MM-dd HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "UTC",
"LineCount": "3"
}
}
但是在你的 Flows 中你使用 HttpErrLogs
"Flows": {
"Flows": [
"IISLogs,IISCloudWatchLogs",
"HttpErrLogs,HttpCloudWatchLogs"
]
}
我尝试使用 aws CloudWatch 分析 IIS 日志。我按照下面的程序 link [ https://aws.amazon.com/blogs/mt/automate-iis-and-httperr-logs-to-amazon-cloudwatch-using-ec2-systems-manager/ ]
遵循的步骤:
- Set up the configuration json file.
配置json文件:
{
"IsEnabled": true,
"EngineConfiguration": {
"PollInterval": "00:00:15",
"Components": [
{
"Id": "SystemEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "System",
"Levels": "7"
}
},
{
"Id": "SecurityEventLog",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Security",
"Levels": "7"
}
},
{
"Id": "ETW",
"FullName": "AWS.EC2.Windows.CloudWatch.EventLog.EventLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogName": "Microsoft-Windows-WinINet/Analytic",
"Levels": "7"
}
},
{
"Id": "IISLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\inetpub\logs\LogFiles\W3SVC1",
"TimestampFormat": "yyyy-MM-dd HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "UTC",
"LineCount": "3"
}
},
{
"Id": "HttpErr",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\Windows\System32\LogFiles\HTTPERR",
"TimestampFormat": "yyyy-MM-dd HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "UTC",
"LineCount": "3"
}
},
{
"Id": "CustomLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\CustomLogs\",
"TimestampFormat": "MM/dd/yyyy HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "Local"
}
},
{
"Id": "PerformanceCounter",
"FullName": "AWS.EC2.Windows.CloudWatch.PerformanceCounterComponent.PerformanceCounterInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"CategoryName": "Memory",
"CounterName": "Available MBytes",
"InstanceName": "",
"MetricName": "Memory",
"Unit": "Megabytes",
"DimensionName": "",
"DimensionValue": ""
}
},
{
"Id": "IISCloudWatchLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"AccessKey": "---------------------------------",
"SecretKey": "----------------------------------",
"Region": "us-east-1a",
"LogGroup": "RWEBAPP-SERVER",
"LogStream": "used our instance id"
}
},
{
"Id": "HttpErrCloudWatchLogs",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatchLogsOutput,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"AccessKey": "-----------------------------------------",
"SecretKey": "-----------------------------------------",
"Region": "us-east-1a",
"LogGroup": "RckWebServer",
"LogStream": "used our instance id-httpErr"
}
},
{
"Id": "CloudWatch",
"FullName": "AWS.EC2.Windows.CloudWatch.CloudWatch.CloudWatchOutputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"AccessKey": "------------------------------",
"SecretKey": "------------------------------",
"Region": "us-east-1a",
"NameSpace": "Windows/Default"
}
}
],
"Flows": {
"Flows": [
"IISLogs,IISCloudWatchLogs",
"HttpErrLogs,HttpCloudWatchLogs"
]
}
}
}
- Then, Configure integration with CloudWatch. Association was created successfully.
- Can't see log group in cloudwatch log console.. 4.Checked the error log in this file path [C:/ProgramData/Amazon/SSM/Logs]
错误日志:
2018-11-12 11:20:06,055 [1] 信息 [框架] - 无法创建组件,因为配置缺少 HttpErrLogs,基于此组件的工作流将无法启动。 2018-11-12 11:20:06,077 [1] INFO [Framework] - 无法创建组件,因为配置缺少 HttpCloudWatchLogs,基于此组件的工作流将无法启动。 2018-11-12 11:20:06,077 [1] INFO [Framework] - 无法创建组件,因为配置缺少 HttpErrLogs,基于此组件的工作流将无法启动。 2018-11-12 11:20:06,077 [1] 错误 [框架] - 工作流创建失败:无法创建组件 ID HttpErrLogs。请验证工作流中的组件是否已在配置中定义。 2018-11-12 11:20:06,077 [1] 错误 [框架] - 无法使用提供的配置设置初始化 CloudWatch 插件。 2018-11-12 11:20:06,077 [1] 错误 [框架] - aws:cloudWatch 插件引发异常。 AWS.EC2.Windows.CloudWatch.CloudwatchConfigurationException:无法使用提供的配置设置初始化 CloudWatch 插件。 工作流创建失败:无法创建组件 ID HttpErrLogs。请验证配置中定义了工作流中的组件。
在 AWS。EC2.Windows.CloudWatch.Host.Configure(字符串配置) 在 Amazon.EC2Services.Config.Plugins.CloudWatch.CloudWatchPlugin.Apply(PluginApplyContext applyContext, PluginArgs pluginArgs) 2018-11-12 11:20:06,102 [1] INFO [Framework] - aws:cloudWatch 插件配置已验证 2018-11-12 11:20:06,102 [1] INFO [aws:cloudWatch] - CloudWatch 执行开始。 2018-11-12 11:20:06,102 [1] 信息 [aws:cloudWatch] - 启动 CloudWatch 插件 2018-11-12 11:20:06,102 [1] 错误 [aws:cloudWatch] - 主机未配置,没有数据将上传到 CloudWatch
您的 ID 不匹配 HttpErr:
{
"Id": "HttpErr",
"FullName": "AWS.EC2.Windows.CloudWatch.CustomLog.CustomLogInputComponent,AWS.EC2.Windows.CloudWatch",
"Parameters": {
"LogDirectoryPath": "C:\Windows\System32\LogFiles\HTTPERR",
"TimestampFormat": "yyyy-MM-dd HH:mm:ss",
"Encoding": "UTF-8",
"Filter": "",
"CultureName": "en-US",
"TimeZoneKind": "UTC",
"LineCount": "3"
}
}
但是在你的 Flows 中你使用 HttpErrLogs
"Flows": {
"Flows": [
"IISLogs,IISCloudWatchLogs",
"HttpErrLogs,HttpCloudWatchLogs"
]
}