Any recommendations on gathering the logs from AWS ECS containers?

Comments

1 comment

  • Avatar
    Graham Watts

    Hey Edgar,

    There are a few ways you can collect logs from ECS, each has its strengths and weaknesses:

    1. Install a collector directly on the ECS host

    • Allows you to use our host metrics source to measure things like CPU, Memory, Network, Disk, and TCP of the underlying host
    • Use Docker sources to collects logs from workloads running in containers, and metrics (performance stats) about those containers
    • Use a local file source to get OS logs, ECS logs, and any other logs directly from the host's file system

    2. Use the Sumo Logic Docker collector container

    • Good option when you are using a different orchestration tool (Rancher, for example) that doesn't allow you access the docker host
    • Mount directories for Operating System logs or ECS output
    • The main disadvantage is that you won't get host level metrics, although this may not matter if you don't need to manage the host

    3. Agentless - Use the Sumo Logic Docker logging driver

    • Good option if you don't want to use an agent on the host or as a container
    • Stream logs to our HTTPS endpoint (HTTP Source)

    4. Send to CloudWatch, then use our Lambda function to stream data from CloudWatch log groups to Sumo

    • Least common option due to additional storage costs in CloudWatch and added delay to get logs into Sumo
    • Easy approach if you already log to CloudWatch and don't want to change your logging meethod

Please sign in to leave a comment.