Recently our client was concerned about the amount of Event Logs being sent from Windows EC2 instances to CloudWatch Log Groups. They asked us to try to figure out something to lower the costs by only a specific Event IDs are being sent to CloudWatch Log Group, thus excluding all other unnecessary Event IDs.
In one of my previous posts, I was talking about configuring CloudWatch Agent on both Windows and Linux.
I have talked to AWS Support, and they stated that this option is not possible with the current CloudWatch Agent setup. Lame really.
However, there are some good news coming from AWS. They have released Kinesis Agent for Windows OS, which gives you an opportunity to send filtered Events to CloudWatch Log Groups, all along with custom metrics, just like CloudWatch Agent. But way better.
Installing Kinesis Agent for Windows
First thing you need to make sure is that you have at least .NET 4.6 minimum. This is the only requirement, and you won’t be able to start Kinesis Tap Agent service if you don’t have the above mentioned version of .NET Framework or newer.
There are two options of installing Kinesis Agent:
- Thru SSM
- Manually
If you have EC2 instances configured via SSM (Systems Manager), it is easy to install Kinesis Agent.
1. Login to your AWS Console, navigate to SSM, and select Run Command:
2. In the upper right corner, click on Run Command button:
3. Under Command document, click on radio button next to AWS-ConfigureAWSPackage document:
4. Under Command parameters section, paste AWSKinesisTap in Name field:
5. Under Targets, select the targets you wish to deploy Kinesis Agent (note: this is available only for Windows OS)
6. Click on Run button
If you don’t have EC2 instances configured with SSM, then the best way would be to download the installation package and run the installation manually.
Link to deployment package
In the next section, we will talk about configuration file, how to properly set it up to send custom metrics, and only those Event IDs necessary.
Pingback: Configure Kinesis Agent for Windows – Configuration – Vlad's IT Blog