This is a sidecar intended to be used along side a service which requires logs to be shipped to cloudwatch.
The application which requires logs to be shipped needs to be linked to this container, and configured to send logs to rsyslog running in this container.
docker run -d -e "TAGS=blobstore-archiver" -e "CLOUD_WATCH_LOG_GROUP=GroupName" --name cloudwatchlogs seek/cloudwatchlogs docker run -d --link cloudwatchlogs:cloudwatchlogs seek/seek.blobstorearchiver
You can pipe stdout to /usr/bin/logger (along with necessary parameters) or a sample log4net configuration is as follows:
<appender name="RemoteSyslogAppender" type="log4net.Appender.RemoteSyslogAppender"> <remoteAddress value="cloudwatchlogs" /> <identity value="blobstore-archiver" /> <layout type="log4net.Layout.PatternLayout, log4net"> <conversionPattern value="%-5level %logger - %message%newline" /> </layout> </appender>
You are required to pass the environment variable TAGS and CLOUD_WATCH_LOG_GROUP into this container.
TAGS is a semicolon separated list of tags to ship to cloudwatch (note tag === identity in the log4net configuration). This environment variable is used to generate the awslogs.conf file based on a template.
CLOUD_WATCH_LOG_GROUP is the name of the CloudWatch logs LogGroup that you want to put the logs in. This environment variable is used to generate the awslogs.conf file based on a template.
REGION is the name of the CloudWatch logs AWS Region that you want to put the logs in. This parameter is optional and will default to ap-southeast-2.
This container is based on this blog post with changes to make it generic enough to use with any application. You may want to refer to the blog post to understand the permissions/IAM roles which need to be assigned to the ec2 instances to make this work.