logstash-input-cloudwatch_logs
Advanced tools
Stream events from CloudWatch Logs.
Specify an individual log group or array of groups, and this plugin will scan all log streams in that group, and pull in any new log events.
Optionally, you may set the log_group_prefix parameter to true
which will scan for all log groups matching the specified prefix(s)
and ingest all logs available in all of the matching groups.
| Parameter | Input Type | Required | Default |
|---|---|---|---|
| log_group | string or Array of strings | Yes | |
| log_group_prefix | boolean | No | false |
| start_position | beginning, end, or an Integer | No | beginning |
| sincedb_path | string | No | $HOME/.sincedb* |
| interval | number | No | 60 |
| aws_credentials_file | string | No | |
| access_key_id | string | No | |
| secret_access_key | string | No | |
| session_token | string | No | |
| region | string | No | us-east-1 |
| codec | string | No | plain |
start_positionThe start_position setting allows you to specify where to begin processing
a newly encountered log group on plugin boot. Whether the group is 'new' is
determined by whether or not the log group has a previously existing entry in
the sincedb file.
Valid options for start_position are:
beginning - Reads from the beginning of the group (default)end - Sets the sincedb to now, and reads any new messages going forwardOther standard logstash parameters are available such as:
add_fieldtypetagsinput {
cloudwatch_logs {
log_group => [ "/aws/lambda/my-lambda" ]
access_key_id => "AKIAXXXXXX"
secret_access_key => "SECRET"
}
}
The default logstash README which contains development directions and other information has been moved to DEVELOPER.md.
All contributions are welcome: ideas, patches, documentation, bug reports, complaints, and even something you drew up on a napkin.
Programming is not a required skill. Whatever you've seen about open source and maintainers or community members saying "send patches or die" - you will not see that here.
It is more important to the community that you are able to contribute.
For more information about contributing, see the CONTRIBUTING file.
FAQs
Unknown package
We found that logstash-input-cloudwatch_logs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.