ecs container access log > cloudwatch

■ecs IAM 역할에 CloudWatchAgentServerPolicy 넣어주기

 

sudo su

yum install -y awslogs

sed -i "s/region = us-east-1/region = ap-northeast-2/g" /etc/awslogs/awscli.conf

mkdir /access_logs
echo -e '/usr/bin/find /var/lib/docker/volumes/ -name "access_log.*" -exec cp -f {} /access_logs \;' >> /home/ec2-user/accesslog.sh
echo -e 'systemctl restart awslogsd' >> /home/ec2-user/accesslog.sh
cat <(crontab -l) <(echo "* * * * * /bin/bash /home/ec2-user/accesslog.sh") | crontab -
chown 755 /home/ec2-user/accesslog.sh

echo -e '
[/logs/access.log]
datetime_format = %d/%b/%Y:%H:%M:%S %z
file = /access_logs/access_log.*
buffer_duration = 5000
log_stream_name = {hostname},{ip_address}
initial_position = start_of_file
log_group_name = /access-log/toon-api
' >> /etc/awslogs/awslogs.conf

systemctl start awslogsd
systemctl enable awslogsd.service