TELEMETRY PIPELINE
Amazon CloudWatch

Amazon CloudWatch Logs and Metrics destination plugin

The Amazon CloudWatch Logs and Metrics destination plugin lets you configure Chronosphere Telemetry Pipeline to stream your log data and metrics to CloudWatch Logs and Metrics, respectively.

Supported telemetry types

This plugin supports these telemetry types:

LogsMetricsTraces

Configuration parameters

Use the parameters in this section to configure your plugin. The Telemetry Pipeline web interface uses the values in the Name column to describe the parameters. Items in the Key column are the YAML keys to use in pipeline configuration files.

Required

NameKeyDescriptionDefault
RegionregionRequired. The AWS region to which to send your data.us-east-1
CloudWatch Log Group Namelog_group_nameRequired. CloudWatch Log Group Name.none
CloudWatch Log Stream Namelog_stream_nameRequired. CloudWatch Log Stream Name. Not compatible with Log Stream Prefix.none

AWS Authentication

NameKeyDescriptionDefault
IAM Role ARNrole_arnARN of an IAM role to assume. For example, for cross account access.none
CloudWatch Logs and Metrics API EndpointendpointCustom endpoint for the Firehose API.none
STS API Endpointsts_endpointCustom endpoint for the STS API.none
External ID for STS APIexternal_idSpecify an external ID for the STS API. Can be used with the role_arn parameter if your role requires an external ID.none

Advanced

NameKeyDescriptionDefault
CloudWatch Log Stream Name Prefixlog_stream_prefixPrefix for CloudWatch Log Stream Name. Tag is appended to the prefix to form the stream name.none
CloudWatch Log Group Templatelog_group_templateTemplate for CloudWatch Log Group name using record accessor syntax. If needed, the plugin falls back to the log_group_name value.none
CloudWatch Log Stream Templatelog_stream_templateTemplate for CloudWatch Log Stream name using record accessor syntax. If needed, the plugin falls back to the log_stream_name or log_stream_prefix value.none
Number of days to retain logslog_retention_daysAny newly created log group's retention policy is set to this many days. Accepted values: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653.0
Log Formatlog_formatUsed to tell CloudWatch the format of the data. A value of json/emf enables CloudWatch to extract custom metrics embedded in a JSON payload.none
Log Keylog_keyBy default, the entire log record is sent to CloudWatch. If you specify a key name with this option, only the value of that key is sent to CloudWatch. For example, if you're using the Fluentd Docker log driver, you can specify log_key log, and only the log message is sent to CloudWatch.none
Enable Auto Retry Requestsenable_retry_requestsImmediately retry failed requests to AWS services one time. This option doesn't affect the normal Telemetry Pipeline retry mechanism with backoff. Instead, it enables an immediate retry with no delay for networking errors, which can help improve throughput when there are transient or random networking issues. Accepted values: true, false.false
Enable Auto Create Log Groupauto_create_groupAutomatically create the log group. Log streams are always automatically created. Accepted values: true, false.false
Metric namespace for CloudWatch EMF logsmetric_namespaceMetric namespace for CloudWatch EMF logs.none
Metric Dimension Listmetric_dimensionsMetric dimensions is a list of lists. If you have only one list of dimensions, put the values as a comma-separated string. If you want to put list of lists, use the list as semicolon-separated strings. If your value is d1,d2;d3, the plugin considers it as [d1, d2], [d3].none

Security and TLS

NameKeyDescriptionDefault
TLStlsEnable or disable TLS/SSL support. Accepted values: true, false.false
TLS Certificate Validationtls.verifyEnable or disable TLS/SSL certificate validation. TLS must be enabled for certificates to be validated. Accepted values: off, on.on
TLS Debug Leveltls.debugSet TLS debug verbosity level. Accepted values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose).1
CA Certificate File Pathtls.ca_fileAbsolute path to CA certificate file.none
Certificate File Pathtls.crt_fileAbsolute path to certificate file.none
Private Key File Pathtls.key_fileAbsolute path to private key file.none
Private Key Path Passwordtls.key_passwdPassword for private key file.none
TLS SNI Hostname Extensiontls.vhostHostname to be used for TLS SNI extension.none

Advanced Networking

NameKeyDescriptionDefault
DNS Modenet.dns.modeSelect the primary DNS connection type, which can be TCP or UDP.none
DNS Resolvernet.dns.resolverSelect the primary DNS connection type, which can be LEGACY or ASYNC.none
Prefer IPv4net.dns.prefer_ipv4Prioritize IPv4 DNS results when trying to establish a connection. Accepted values: true, false.false
Keepalivenet.keepaliveEnable or disable Keepalive support. Accepted values: true, false.true
Keepalive Idle Timeoutnet.keepalive_idle_timeoutSet maximum time allowed for an idle Keepalive connection.30s
Max Connect Timeoutnet.connect_timeoutSet maximum time allowed to establish a connection, which includes the TLS handshake.10s
Max Connect Timeout Log Errornet.connect_timeout_log_errorOn connection timeout, specify if it should log an error. When disabled, the timeout is logged as a debug message. Accepted values: true, false.true
Max Keepalive Recyclenet.keepalive_max_recycleSet maximum number of times a keepalive connection can be used before it's retired.2000
Source Addressnet.source_addressSpecify network address to bind for data traffic.none