Measures reported by AWSCldWatchLogsTest
AWS CloudWatch Logs is a highly available, scalable, durable, and secure service to manage your operating system and application log files. It allows you to ingest, store, filter, search, and archive the logs, reducing your operational burden and allowing you to focus on your application and your business.
Administrators typically reach for logs whenever their applications and systems on the cloud encounter issues. This is because, logs greatly help problem diagnosis and troubleshooting. In fact, if administrators need to perform any custom processing on the logs for deep-dive diagnostics or if they want to load these logs on to other systems for deeper analytics, they even configure these logs to be automatically delivered to other services such as Amazon Kinesis stream, Amazon Kinesis Data Firehose stream, or AWS Lambda. In such situations, if delivery errors occur, logs may not be able to reach the destination services in time. This in turn can impede analysis and delay the administrator's troubleshooting efforts. As a result, the downtime of critical applications on the cloud will increase! To avoid this, it is good practice to frequently run the AWSCldWatchLogsTest test!
This test automatically discovers the log groups that have been configured on AWS. A log group can have one or multiple log streams in it. Each of these streams will share the same retention policy, monitoring setting or access control permissions. For each log group, the test tracks the log events and log data that is forwarded by each group to AWS service destinations such as Amazon Kinesis stream, Amazon Kinesis Data Firehose stream, or AWS Lambda. In the process, the test promptly captures and reports delivery errors and also brings to light instances where delivery has been throttled. This way, the test reveals bottlenecks in the delivery of logs to AWS services, pinpoints the log groups experiencing the bottlenecks, and thus hastens appropriate corrective action.
Optionally, you can configure this test to report metrics for each log destination or for every subscription filter. This enables administrators to quickly and easily understand if specific destinations / filters are problem-prone.
Outputs of the test : One set of results for each log group / destination / subscription filter.
First-level descriptor: AWS Region
Second-level descriptor: Log group / destination / subscription filter, depending upon the option chosen from the LOGS FILTER NAME parameter of this test
The measures made by this test are as follows:
| Measurement |
Description |
Measurement Unit |
Interpretation |
| Incuming_bytes |
Indicates the volume of log events in uncompressed data uploaded to this log group. |
KB |
This measure is reported only if the ‘LOGS FILTER NAME’ flag is set to ‘LogGroupName’. |
| Incuming_logs |
Indicates the number of log events uploaded to this log group. |
Number |
This measure is reported only if the ‘LOGS FILTER NAME’ flag is set to ‘LogGroupName’. |
| Forward_bytes |
By default, this measure represents the volume of log events in uncompressed data that is forwarded from this log group to one/more AWS resource destinations.
If the LOGS FILTER NAME is set to FilterName, then this measure represents the amount of log data that is forwarded via this subscription filter to the resource destinations defined within that filter.
If the LOGS FILTER NAME is set to DestinationType, then this measure represents the amount of log data that is forwarded to this AWS resource destination via one/more subscription filters. |
KB |
|
| Forward_logs |
By default, this measure represents the number of log events forwarded from this log group to one/more AWS resource destinations.
If the LOGS FILTER NAME is set to FilterName, then this measure represents the number of log events forwarded via this subscription filter to the resource destinations defined within that filter.
If the LOGS FILTER NAME is set to DestinationType, then this measure represents the number of log events forwarded to this AWS resource destination via one/more subscription filters. |
Number |
|
| Deliver_errors |
By default, this measure represents the number of log events in this log group that encountered errors when they were being forwarded to one/more AWS resource destinations.
If the LOGS FILTER NAME is set to FilterName, then this measure represents the number of log events that encountered errors when being forwarded via this subscription filter to the resource destinations defined within that filter.
If the LOGS FILTER NAME is set to DestinationType, then this measure represents the number of log events that encountered errors when they were being forwarded to this AWS resource destination via one/more subscription filters. |
Number |
Ideally, the value of this measure should be 0.
If the count of errors consistently increase for log events in a specific log group, or to a specific destination, or via a specific subscription filter, then that log group / filter / destination should be taken up for closer scrutiny.
|
| Deliver_throtle |
By default, the number of log events in this log group that were throttled when being forwarded to one/more resource destinations.
If the LOGS FILTER NAME is set to FilterName, then this measure represents the number of log events that were throttled when being forwarded via this subscription filter to the resource destinations defined within that filter.
If the LOGS FILTER NAME is set to DestinationType, then this measure represents the number of log events that were throttled when they were being forwarded to this AWS resource destination via one/more subscription filters. |
Number |
Ideally, the value of this measure should be low. |
|