Skip to content

View Logs


Overview

CloudAEye logs service provide the ability to view logs with Kibana (now OpenSearch ) dashboard. This topic describes how user may use the dashboard to view logs.

⚓ Prerequisites

User is required to create a logs service.

View Logs

Dashboard URL

The URL for dashboard is {serviceEndpoint}/_plugin/kibana/

In CloudAEye SaaS console, select Services > Logs from the left navigation menu. User will see a list of logs services that are already created in the system.

To see details of a specific logs service, click on the name of the logs service under Service Name column. A new page will appear under Logs > <Name-of-logs-service>. This page shows the following information:

  • Name: Name of the logs service
  • Region: Name of the region where your service is running.
  • Date created: Date when this service was created.
  • Date updated: Date when this service was last updated.
  • Dashboard: Click on the OPEN button that opens the Kibana (now OpenSearch) dashboard.

Dashboard Authentication

Users from the following groups are automatically congirued for authentication for logs dashboard:

  • TenantAdminGroup,
  • LogsServiceAdminGroup,
  • LogsServiceUserGroup

CloudAEye SaaS uses resource-based policy to greant acess to only logs services for an account. This guarantees isolation of data and access across tenant.

📇 Indexing Data

User may create index in the dashboard. Here are some examples from the official documentation for reference.

Index API

PUT <index>/_doc/<id>
{ "A JSON": "document" }

Bulk API

POST _bulk
{ "index": { "_index": "<index>", "_id": "<id>" } }
{ "A JSON": "document" }

Automatic Index Creation

POST movies/_doc
{ "title": "Spirited Away" }

Specify Index ID

To specify an ID of 1, use the following request:

PUT movies/_doc/1
{ "title": "Spirited Away" }

Naming Restrictions

Indices have the following restrictions:

  • Only lowercase letters are allowed
  • Names cannot begin with _ or -
  • Names can not contain spaces, commas, :, ", *, +, /, \, |, ?, #, >, or <

Alerts

Please use the following steps to configure alerts in logs dashboard.

  • From the dashboard main menu select Alerting
  • Configure destination for the alert
    • Choose one from Slack, Amazon Chime, a custom webhook, or Amazon SNS
  • Create a monitor. Monitor runs on a defined schedule and queries Elasticsearch (now OpenSearch ).
  • Define a condition to trigger the monitor. A conditions is the logic that, if met, generate alerts.
  • (Optional) Add one or more actions to the monitor. Action has the information that you want the monitor to send out after being triggered. It has a destination, a message subject, and a message body.