How to send logs from on-premise servers to AWS Cloudwatch?

Question

How can I send logs from our on-premise servers to AWS Cloudwatch logs?

Answer 1

Yes, you can install the CloudWatch Logs Agent EC2 instances or on-premises.

Answer 2

I am able to receive log metrics from my on-premises servers by doing these steps:

1- Create an IAM user (programatic access) with (CloudWatchAgentAdminPolicy & CloudWatchAgentServerPolicy) permissions.

2- Dowonload AWS CLI >> curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"

3- Unzip downloaded file >> unzip awscliv2.zip

4- Install it sudo >> ./aws/install, after that do ">> aws --version" to check if it is installed successfully

5- Configure AmazonCloudWatchAgent profile >> sudo aws configure --profile AmazonCloudWatchAgent, this will require aws_access_key_id & aws_secret_access_key & region fill down the credentials for IAM user you created in 1st step

6- Download CloudWach agent >> wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb

7- Depackage it >> sudo dpkg -i -E ./amazon-cloudwatch-agent.deb

8- Run a wizard and select what you need, make sure to select "onpremise" in this question "Are you using EC2 or On-Premises hosts?" >> sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-config-wizard

9- Finally start the Cloudwatch agent >> sudo /opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m onPremise -s -c file:/opt/aws/amazon-cloudwatch-agent/bin/config.json

10 - Make sure that the Cloudwatch agent working by >> ps aux | grep amazon-cloudwatch-agent