EC2 (App Server)
↓ 로그 파일 생성
/var/log/test/app.log
↓ CloudWatch Agent가 수집
CloudWatch Logs (/test/application)
↓ Metric Filter
CloudWatch Metrics (ErrorCount)
앱이 실행되는 EC2에 설치합니다.
이 실습에서는 wsi-app-a 또는 wsi-app-c EC2에 설치합니다.
Bastion → SSM으로 App EC2 접속(ssm 권한) → Agent 설치
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "DescribeStreamsForTestApplication",
"Effect": "Allow",
"Action": [
"logs:DescribeLogStreams"
],
"Resource": "arn:aws:logs:ap-northeast-2:954222410428:log-group:/test/application"
}
]
}
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "ReadTestApplicationLogs",
"Effect": "Allow",
"Action": [
"logs:DescribeLogStreams",
"logs:FilterLogEvents"
],
"Resource": "arn:aws:logs:ap-northeast-2:954222410428:log-group:/test/application"
},
{
"Sid": "ReadTestApplicationStreamEvents",
"Effect": "Allow",
"Action": [
"logs:GetLogEvents"
],
"Resource": "arn:aws:logs:ap-northeast-2:954222410428:log-group:/test/application:log-stream:*"
}
]
}
# Bastion에서 App EC2 접속
aws ssm start-session --target <instance-id> --region ap-northeast-2
sudo dnf install -y amazon-cloudwatch-agent