├── README.md ├── defaults └── main.yml ├── handlers └── main.yml ├── meta └── main.yml ├── tasks ├── Debian.yml ├── DebianInstall.yml ├── RedHat.yml ├── conf.yml └── main.yml ├── templates └── etc │ ├── aws.conf.j2 │ ├── awslogs │ ├── awscli.conf.j2 │ ├── awslogs.conf.j2 │ └── awslogs.logging.conf.j2 │ └── logrotate.d │ ├── awslogs_debian.j2 │ └── awslogs_redhat.j2 └── vars └── main.yml /README.md: -------------------------------------------------------------------------------- 1 | Role Name 2 | ========= 3 | 4 | Installs AWS CloudWatch Log Agent 5 | 6 | Requirements 7 | ------------ 8 | 9 | Requires ec2_facts. 10 | 11 | Role Variables 12 | -------------- 13 | 14 | `logs`, `extra_logs`: list of logs with the following keys: 15 | 16 | | Name | Description | Required | Default 17 | |-------------|----------------------------|----------|--------- 18 | | file | Full path to log file | Yes | 19 | | format | Datetime format | No | None 20 | | group_name | CloudWatch Log Group | Yes | 21 | | stream_name | CloudWatch Log Stream Name | No | The instance id 22 | 23 | `awslogs_loglevel`: maximal log level for the Log Agent's logs itself 24 | ("debug", "info", "warning", "error" or "critical"). If this parameter is 25 | not specified, no specific logging configuration will take place and the 26 | default level (info) will be used. This parameter is very basic and does not 27 | allow flexible logging configuration, its only goal is to change the amount 28 | of logs going into the log agent's own logfile. 29 | 30 | Dependencies 31 | ------------ 32 | 33 | This role has no dependencies. 34 | 35 | Example Playbook 36 | ---------------- 37 | 38 | - hosts: servers 39 | vars: 40 | logs: 41 | - file: /var/log/auth.log 42 | format: "%b %d %H:%M:%S" 43 | group_name: "auth" 44 | stream_name: "auth-stream" 45 | - file: /home/ubuntu/.bash_history 46 | group_name: "bash_history" 47 | awslogs_loglevel: info 48 | roles: 49 | - { role: dharrisio.aws-cloudwatch-logs } 50 | 51 | License 52 | ------- 53 | 54 | GPLv3 55 | 56 | Author Information 57 | ------------------ 58 | 59 | Created by David Harris 60 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # defaults file for ansible-aws-cloudwatch-logs-agent 3 | extra_logs: {} 4 | stream_name: "{instance_id}" 5 | aws_region: us-east-1 6 | awslogs_loglevel: "" 7 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # handlers file for ansible-aws-cloudwatch-logs-agent 3 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | author: David Harris 4 | description: Install and configure AWS CloudWatch Logs Agent 5 | company: Balihoo 6 | license: license (GPLv3) 7 | min_ansible_version: 1.2 8 | platforms: 9 | - name: EL 10 | versions: 11 | - 6 12 | - name: Amazon 13 | versions: 14 | - all 15 | - name: Ubuntu 16 | versions: 17 | - trusty 18 | 19 | categories: 20 | - cloud 21 | - cloud:ec2 22 | - monitoring 23 | dependencies: [] 24 | -------------------------------------------------------------------------------- /tasks/Debian.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: "Download Install Script (Debian)." 4 | get_url: 5 | url: https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py 6 | dest: /tmp/awslogs-agent-setup.py 7 | mode: 550 8 | 9 | - name: "Create /etc/awslogs (Debian)." 10 | file: 11 | path: /etc/awslogs 12 | state: directory 13 | mode: 755 14 | -------------------------------------------------------------------------------- /tasks/DebianInstall.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: "Get ec2 facts (Debian)." 4 | action: ec2_facts 5 | 6 | - name: "Update Package Lists (Debian)." 7 | apt: 8 | update_cache: yes 9 | 10 | - name: "Install AWS CloudWatch Logs Agent (Debian)." 11 | shell: python /tmp/awslogs-agent-setup.py -n -r {{ ansible_ec2_placement_region }} -c /etc/awslogs/awslogs.conf 12 | 13 | - name: "Override /etc/logrotate.d/awslogs" 14 | template: 15 | src: etc/logrotate.d/awslogs_debian.j2 16 | dest: /etc/logrotate.d/awslogs 17 | owner: root 18 | group: root 19 | mode: 0644 20 | -------------------------------------------------------------------------------- /tasks/RedHat.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: "Install CloudWatch Log Agent (Amazon)" 4 | yum: 5 | name: awslogs 6 | state: present 7 | register: yum_result 8 | ignore_errors: true 9 | 10 | - block: 11 | - name: "Get ec2 facts (RedHat)." 12 | action: ec2_facts 13 | 14 | - name: "Download Install Script (RedHat)." 15 | get_url: 16 | url: https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py 17 | dest: /tmp/awslogs-agent-setup.py 18 | mode: 550 19 | 20 | - name: "Create /etc/awslogs (RedHat)." 21 | file: 22 | path: /etc/awslogs 23 | state: directory 24 | mode: 755 25 | 26 | - name: "Configure Cloudwatch Log Agent." 27 | include: "conf.yml" 28 | 29 | - name: "Install AWS CloudWatch Logs Agent (RedHat)." 30 | shell: python /tmp/awslogs-agent-setup.py -n -r {{ ansible_ec2_placement_region }} -c /etc/awslogs/awslogs.conf 31 | args: 32 | creates: /etc/logrotate.d/awslogs 33 | 34 | - name: "Make symlink for /var/awslogs/etc/awslogs.conf" 35 | file: 36 | src: /etc/awslogs/awslogs.conf 37 | dest: /var/awslogs/etc/awslogs.conf 38 | state: link 39 | owner: root 40 | group: root 41 | mode: 0644 42 | force: true 43 | 44 | - name: "Override /etc/logrotate.d/awslogs" 45 | template: 46 | src: etc/logrotate.d/awslogs_redhat.j2 47 | dest: /etc/logrotate.d/awslogs 48 | owner: root 49 | group: root 50 | mode: 0644 51 | when: "yum_result.failed == true" 52 | -------------------------------------------------------------------------------- /tasks/conf.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: gather EC2 facts 4 | ec2_facts: 5 | 6 | - name: "Make /var/awslogs/state/ directory" 7 | file: 8 | path: /var/awslogs/state/ 9 | state: directory 10 | mode: 755 11 | 12 | - name: "Configure AWS CloudWatch Logs Agent" 13 | template: 14 | src: etc/awslogs/awslogs.conf.j2 15 | dest: /etc/awslogs/awslogs.conf 16 | owner: root 17 | group: root 18 | mode: 0644 19 | 20 | - name: "Configure AWS CloudWatch Log Agent logging" 21 | template: 22 | src: etc/awslogs/awslogs.logging.conf.j2 23 | dest: /etc/awslogs/awslogs.logging.conf 24 | owner: root 25 | group: root 26 | mode: 0644 27 | when: awslogs_loglevel != "" 28 | 29 | - name: "Configure AWS CloudWatch Logs Agent - Region" 30 | template: 31 | src: etc/awslogs/awscli.conf.j2 32 | dest: /etc/awslogs/awscli.conf 33 | owner: root 34 | group: root 35 | mode: 0644 36 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: "Install RedHat/AMZN Linux Cloudwatch Log Agent." 4 | include: "RedHat.yml" 5 | when: ansible_os_family == "RedHat" 6 | 7 | - block: 8 | - name: "Download Debian/Ubuntu Cloudwatch Log Agent Install Script." 9 | include: "Debian.yml" 10 | 11 | - name: "Configure Cloudwatch Log Agent." 12 | include: "conf.yml" 13 | 14 | - name: "Install Debian/Ubuntu Cloudwatch Log Agent." 15 | include: "DebianInstall.yml" 16 | when: ansible_os_family == "Debian" 17 | 18 | - name: "Set region for Cloudwatch endpoint" 19 | template: 20 | src: templates/etc/aws.conf.j2 21 | dest: /var/awslogs/etc/aws.conf 22 | owner: root 23 | group: root 24 | mode: 0600 25 | 26 | - name: "Restart awslogs service." 27 | service: 28 | name: awslogs 29 | state: restarted 30 | enabled: yes 31 | -------------------------------------------------------------------------------- /templates/etc/aws.conf.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | [plugins] 3 | cwlogs = cwlogs 4 | [default] 5 | region = {{ ansible_ec2_placement_region | default(aws_region) }} 6 | -------------------------------------------------------------------------------- /templates/etc/awslogs/awscli.conf.j2: -------------------------------------------------------------------------------- 1 | [plugins] 2 | cwlogs = cwlogs 3 | [default] 4 | region = {{ ansible_ec2_placement_region | default(aws_region) }} 5 | -------------------------------------------------------------------------------- /templates/etc/awslogs/awslogs.conf.j2: -------------------------------------------------------------------------------- 1 | # 2 | # ------------------------------------------ 3 | # CLOUDWATCH LOGS AGENT CONFIGURATION FILE 4 | # ------------------------------------------ 5 | # 6 | # --- DESCRIPTION --- 7 | # This file is used by the CloudWatch Logs Agent to specify what log data to send to the service and how. 8 | # You can modify this file at any time to add, remove or change configuration. 9 | # 10 | # NOTE: A running agent must be stopped and restarted for configuration changes to take effect. 11 | # 12 | # --- CLOUDWATCH LOGS DOCUMENTATION --- 13 | # https://aws.amazon.com/documentation/cloudwatch/ 14 | # 15 | # --- CLOUDWATCH LOGS CONSOLE --- 16 | # https://console.aws.amazon.com/cloudwatch/home?region=us-east-1#logs: 17 | # 18 | # --- AGENT COMMANDS --- 19 | # To check or change the running status of the CloudWatch Logs Agent, use the following: 20 | # 21 | # To check running status: /etc/init.d/awslogs status 22 | # To stop the agent: /etc/init.d/awslogs stop 23 | # To start the agent: /etc/init.d/awslogs start 24 | # 25 | # --- AGENT LOG OUTPUT --- 26 | # You can find logs for the agent in /var/log/awslogs.log 27 | # You can find logs for the agent script in /var/log/awslogs-agent-setup.log 28 | # 29 | 30 | # ------------------------------------------ 31 | # CONFIGURATION DETAILS 32 | # ------------------------------------------ 33 | 34 | [general] 35 | # Path to the CloudWatch Logs agent's state file. The agent uses this file to maintain 36 | # client side state across its executions. 37 | state_file = /var/awslogs/state/agent-state 38 | {% if awslogs_loglevel != '' %} 39 | logging_config_file = /etc/awslogs/awslogs.logging.conf 40 | {% endif %} 41 | 42 | ## Each log file is defined in its own section. The section name doesn't 43 | ## matter as long as its unique within this file. 44 | #[kern.log] 45 | # 46 | ## Path of log file for the agent to monitor and upload. 47 | #file = /var/log/kern.log 48 | # 49 | ## Name of the destination log group. 50 | #log_group_name = kern.log 51 | # 52 | ## Name of the destination log stream. You may use {hostname} to use target machine's hostname. 53 | #log_stream_name = {instance_id} # Defaults to ec2 instance id 54 | # 55 | ## Format specifier for timestamp parsing. Here are some sample formats: 56 | ## Use '%b %d %H:%M:%S' for syslog (Apr 24 08:38:42) 57 | ## Use '%d/%b/%Y:%H:%M:%S' for apache log (10/Oct/2000:13:55:36) 58 | ## Use '%Y-%m-%d %H:%M:%S' for rails log (2008-09-08 11:52:54) 59 | #datetime_format = %b %d %H:%M:%S # Specification details in the table below. 60 | # 61 | ## A batch is buffered for buffer-duration amount of time or 32KB of log events. 62 | ## Defaults to 5000 ms and its minimum value is 5000 ms. 63 | #buffer_duration = 5000 64 | # 65 | # Use 'end_of_file' to start reading from the end of the file. 66 | # Use 'start_of_file' to start reading from the beginning of the file. 67 | #initial_position = start_of_file 68 | # 69 | ## Encoding of file 70 | #encoding = utf-8 # Other supported encodings include: ascii, latin-1 71 | # 72 | # 73 | # 74 | # Following table documents the detailed datetime format specification: 75 | # ---------------------------------------------------------------------------------------------------------------------- 76 | # Directive Meaning Example 77 | # ---------------------------------------------------------------------------------------------------------------------- 78 | # %a Weekday as locale's abbreviated name. Sun, Mon, ..., Sat (en_US) 79 | # ---------------------------------------------------------------------------------------------------------------------- 80 | # %A Weekday as locale's full name. Sunday, Monday, ..., Saturday (en_US) 81 | # ---------------------------------------------------------------------------------------------------------------------- 82 | # %w Weekday as a decimal number, where 0 is Sunday and 6 is Saturday. 0, 1, ..., 6 83 | # ---------------------------------------------------------------------------------------------------------------------- 84 | # %d Day of the month as a zero-padded decimal numbers. 01, 02, ..., 31 85 | # ---------------------------------------------------------------------------------------------------------------------- 86 | # %b Month as locale's abbreviated name. Jan, Feb, ..., Dec (en_US) 87 | # ---------------------------------------------------------------------------------------------------------------------- 88 | # %B Month as locale's full name. January, February, ..., December (en_US) 89 | # ---------------------------------------------------------------------------------------------------------------------- 90 | # %m Month as a zero-padded decimal number. 01, 02, ..., 12 91 | # ---------------------------------------------------------------------------------------------------------------------- 92 | # %y Year without century as a zero-padded decimal number. 00, 01, ..., 99 93 | # ---------------------------------------------------------------------------------------------------------------------- 94 | # %Y Year with century as a decimal number. 1970, 1988, 2001, 2013 95 | # ---------------------------------------------------------------------------------------------------------------------- 96 | # %H Hour (24-hour clock) as a zero-padded decimal number. 00, 01, ..., 23 97 | # ---------------------------------------------------------------------------------------------------------------------- 98 | # %I Hour (12-hour clock) as a zero-padded decimal numbers. 01, 02, ..., 12 99 | # ---------------------------------------------------------------------------------------------------------------------- 100 | # %p Locale's equivalent of either AM or PM. AM, PM (en_US) 101 | # ---------------------------------------------------------------------------------------------------------------------- 102 | # %M Minute as a zero-padded decimal number. 00, 01, ..., 59 103 | # ---------------------------------------------------------------------------------------------------------------------- 104 | # %S Second as a zero-padded decimal numbers. 00, 01, ..., 59 105 | # ---------------------------------------------------------------------------------------------------------------------- 106 | # %f Microsecond as a decimal number, zero-padded on the left. 000000, 000001, ..., 999999 107 | # ---------------------------------------------------------------------------------------------------------------------- 108 | # %z UTC offset in the form +HHMM or -HHMM (empty string if the the object is naive). (empty), +0000, -0400, +1030 109 | # ---------------------------------------------------------------------------------------------------------------------- 110 | # %j Day of the year as a zero-padded decimal number. 001, 002, ..., 365 111 | # ---------------------------------------------------------------------------------------------------------------------- 112 | # %U Week number of the year (Sunday as the first day of the week) as a zero padded 00, 01, ..., 53 113 | # decimal number. All days in a new year preceding the first Sunday are considered 114 | # to be in week 0. 115 | # ---------------------------------------------------------------------------------------------------------------------- 116 | # %W Week number of the year (Monday as the first day of the week) as a decimal number. 00, 01, ..., 53 117 | # All days in a new year preceding the first Monday are considered to be in week 0. 118 | # ---------------------------------------------------------------------------------------------------------------------- 119 | # %c Locale's appropriate date and time representation. Tue Aug 16 21:30:00 1988 (en_US) 120 | # ---------------------------------------------------------------------------------------------------------------------- 121 | 122 | {% for log in logs|list + extra_logs|list %} 123 | [{{ log.file }}] 124 | {% if log.format is defined %} 125 | datetime_format = {{ log.format }} 126 | {% endif %} 127 | file = {{ log.file }} 128 | log_group_name = {{ log.group_name }} 129 | log_stream_name = {{ log.stream_name | default(stream_name) }} 130 | {% endfor %} 131 | -------------------------------------------------------------------------------- /templates/etc/awslogs/awslogs.logging.conf.j2: -------------------------------------------------------------------------------- 1 | # 2 | # Based on the logging configuration example from AWS documentation 3 | # https://docs.aws.amazon.com/fr_fr/AmazonCloudWatch/latest/logs/AgentReference.html 4 | # 5 | [loggers] 6 | keys=root,cwlogs,reader,publisher,event,batch,stream,watcher 7 | 8 | [handlers] 9 | keys=consoleHandler 10 | 11 | [formatters] 12 | keys=simpleFormatter 13 | 14 | [logger_root] 15 | level=INFO 16 | handlers=consoleHandler 17 | 18 | [logger_cwlogs] 19 | level=INFO 20 | handlers=consoleHandler 21 | qualname=cwlogs.push 22 | propagate=0 23 | 24 | [logger_reader] 25 | level={{ awslogs_loglevel | upper }} 26 | handlers=consoleHandler 27 | qualname=cwlogs.push.reader 28 | propagate=0 29 | 30 | [logger_publisher] 31 | level={{ awslogs_loglevel | upper }} 32 | handlers=consoleHandler 33 | qualname=cwlogs.push.publisher 34 | propagate=0 35 | 36 | [logger_event] 37 | level={{ awslogs_loglevel | upper }} 38 | handlers=consoleHandler 39 | qualname=cwlogs.push.event 40 | propagate=0 41 | 42 | [logger_batch] 43 | level={{ awslogs_loglevel | upper }} 44 | handlers=consoleHandler 45 | qualname=cwlogs.push.batch 46 | propagate=0 47 | 48 | [logger_stream] 49 | level={{ awslogs_loglevel | upper }} 50 | handlers=consoleHandler 51 | qualname=cwlogs.push.stream 52 | propagate=0 53 | 54 | [logger_watcher] 55 | level={{ awslogs_loglevel | upper }} 56 | handlers=consoleHandler 57 | qualname=cwlogs.push.watcher 58 | propagate=0 59 | 60 | [handler_consoleHandler] 61 | class=logging.StreamHandler 62 | level={{ awslogs_loglevel | upper }} 63 | formatter=simpleFormatter 64 | args=(sys.stderr,) 65 | 66 | [formatter_simpleFormatter] 67 | format=%(asctime)s - %(name)s - %(levelname)s - %(process)d - %(threadName)s - %(message)s 68 | -------------------------------------------------------------------------------- /templates/etc/logrotate.d/awslogs_debian.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | # Override of logrotate file https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py 3 | 4 | /var/log/awslogs.log { 5 | su root root 6 | missingok 7 | notifempty 8 | size 100M 9 | create 0600 root root 10 | delaycompress 11 | compress 12 | rotate 4 13 | postrotate 14 | service awslogs restart > /dev/null 15 | endscript 16 | } 17 | -------------------------------------------------------------------------------- /templates/etc/logrotate.d/awslogs_redhat.j2: -------------------------------------------------------------------------------- 1 | # {{ ansible_managed }} 2 | # Override of logrotate file https://s3.amazonaws.com/aws-cloudwatch/downloads/latest/awslogs-agent-setup.py 3 | 4 | /var/log/awslogs.log { 5 | su root root 6 | missingok 7 | notifempty 8 | size 100M 9 | create 0600 root root 10 | delaycompress 11 | compress 12 | rotate 4 13 | postrotate 14 | systemctl restart awslogs.service > /dev/null 15 | endscript 16 | } 17 | -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | # vars file for ansible-aws-cloudwatch-logs-agent 3 | --------------------------------------------------------------------------------