:plugin: cloudwatch :type: input :default_codec: plain /////////////////////////////////////////// START - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// :version: %VERSION% :release_date: %RELEASE_DATE% :changelog_url: %CHANGELOG_URL% :include_path: ../../../../logstash/docs/include /////////////////////////////////////////// END - GENERATED VARIABLES, DO NOT EDIT! /////////////////////////////////////////// [id="plugins-{type}s-{plugin}"] === Cloudwatch input plugin include::{include_path}/plugin_header.asciidoc[] ==== Description Pull events from the Amazon Web Services CloudWatch API. To use this plugin, you *must* have an AWS account, and the following policy Typically, you should setup an IAM policy, create a user and apply the IAM policy to the user. A sample policy for EC2 metrics is as follows: [source,json] { "Version": "2012-10-17", "Statement": [ { "Sid": "Stmt1444715676000", "Effect": "Allow", "Action": [ "cloudwatch:GetMetricStatistics", "cloudwatch:ListMetrics" ], "Resource": "*" }, { "Sid": "Stmt1444716576170", "Effect": "Allow", "Action": [ "ec2:DescribeInstances" ], "Resource": "*" } ] } See http://aws.amazon.com/iam/ for more details on setting up AWS identities. # Configuration Example [source, ruby] input { cloudwatch { namespace => "AWS/EC2" metrics => [ "CPUUtilization" ] filters => { "tag:Group" => "API-Production" } region => "us-east-1" } } input { cloudwatch { namespace => "AWS/EBS" metrics => ["VolumeQueueLength"] filters => { "tag:Monitoring" => "Yes" } region => "us-east-1" } } input { cloudwatch { namespace => "AWS/RDS" metrics => ["CPUUtilization", "CPUCreditUsage"] filters => { "EngineName" => "mysql" } # Only supports EngineName, DatabaseClass and DBInstanceIdentifier region => "us-east-1" } } [id="plugins-{type}s-{plugin}-options"] ==== Cloudwatch Input Configuration Options This plugin supports the following configuration options plus the <> described later. [cols="<,<,<",options="header",] |======================================================================= |Setting |Input type|Required | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|Yes | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No | <> |<>|No |======================================================================= Also see <> for a list of options supported by all input plugins.   [id="plugins-{type}s-{plugin}-access_key_id"] ===== `access_key_id` * Value type is <> * There is no default value for this setting. This plugin uses the AWS SDK and supports several ways to get credentials, which will be tried in this order: 1. Static configuration, using `access_key_id` and `secret_access_key` params in logstash plugin config 2. External credentials file specified by `aws_credentials_file` 3. Environment variables `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` 4. Environment variables `AMAZON_ACCESS_KEY_ID` and `AMAZON_SECRET_ACCESS_KEY` 5. IAM Instance Profile (available when running inside EC2) [id="plugins-{type}s-{plugin}-aws_credentials_file"] ===== `aws_credentials_file` * Value type is <> * There is no default value for this setting. Path to YAML file containing a hash of AWS credentials. This file will only be loaded if `access_key_id` and `secret_access_key` aren't set. The contents of the file should look like this: [source,ruby] ---------------------------------- :access_key_id: "12345" :secret_access_key: "54321" ---------------------------------- [id="plugins-{type}s-{plugin}-combined"] ===== `combined` * Value type is <> * Default value is `false` Use this for namespaces that need to combine the dimensions like S3 and SNS. [id="plugins-{type}s-{plugin}-endpoint"] ===== `endpoint` * Value type is <> * There is no default value for this setting. The endpoint to connect to. By default it is constructed using the value of `region`. This is useful when connecting to S3 compatible services, but beware that these aren't guaranteed to work correctly with the AWS SDK. [id="plugins-{type}s-{plugin}-filters"] ===== `filters` * This is a required setting. * Value type is <> * There is no default value for this setting. Specify the filters to apply when fetching resources: This needs to follow the AWS convention of specifiying filters. Instances: { 'instance-id' => 'i-12344321' } Tags: { "tag:Environment" => "Production" } Volumes: { 'attachment.status' => 'attached' } Each namespace uniquely support certian dimensions. Please consult the documentation to ensure you're using valid filters. [id="plugins-{type}s-{plugin}-interval"] ===== `interval` * Value type is <> * Default value is `900` Set how frequently CloudWatch should be queried The default, `900`, means check every 15 minutes. Setting this value too low (generally less than 300) results in no metrics being returned from CloudWatch. [id="plugins-{type}s-{plugin}-metrics"] ===== `metrics` * Value type is <> * Default value is `["CPUUtilization", "DiskReadOps", "DiskWriteOps", "NetworkIn", "NetworkOut"]` Specify the metrics to fetch for the namespace. The defaults are AWS/EC2 specific. See http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html for the available metrics for other namespaces. [id="plugins-{type}s-{plugin}-namespace"] ===== `namespace` * Value type is <> * Default value is `"AWS/EC2"` If undefined, LogStash will complain, even if codec is unused. The service namespace of the metrics to fetch. The default is for the EC2 service. See http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/aws-namespaces.html for valid values. [id="plugins-{type}s-{plugin}-period"] ===== `period` * Value type is <> * Default value is `300` Set the granularity of the returned datapoints. Must be at least 60 seconds and in multiples of 60. [id="plugins-{type}s-{plugin}-proxy_uri"] ===== `proxy_uri` * Value type is <> * There is no default value for this setting. URI to proxy server if required [id="plugins-{type}s-{plugin}-region"] ===== `region` * Value type is <> * Default value is `"us-east-1"` The AWS Region [id="plugins-{type}s-{plugin}-role_arn"] ===== `role_arn` * Value type is <> * There is no default value for this setting. The AWS IAM Role to assume, if any. This is used to generate temporary credentials, typically for cross-account access. See the https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html[AssumeRole API documentation] for more information. [id="plugins-{type}s-{plugin}-role_session_name"] ===== `role_session_name` * Value type is <> * Default value is `"logstash"` Session name to use when assuming an IAM role. [id="plugins-{type}s-{plugin}-secret_access_key"] ===== `secret_access_key` * Value type is <> * There is no default value for this setting. The AWS Secret Access Key [id="plugins-{type}s-{plugin}-session_token"] ===== `session_token` * Value type is <> * There is no default value for this setting. The AWS Session token for temporary credential [id="plugins-{type}s-{plugin}-statistics"] ===== `statistics` * Value type is <> * Default value is `["SampleCount", "Average", "Minimum", "Maximum", "Sum"]` Specify the statistics to fetch for each namespace [id="plugins-{type}s-{plugin}-use_ssl"] ===== `use_ssl` * Value type is <> * Default value is `true` Make sure we require the V1 classes when including this module. require 'aws-sdk' will load v2 classes. Should we require (true) or disable (false) using SSL for communicating with the AWS API The AWS SDK for Ruby defaults to SSL so we preserve that [id="plugins-{type}s-{plugin}-common-options"] include::{include_path}/{type}.asciidoc[] :default_codec!: