Forum Discussion

Victor1989's avatar
Victor1989
Copper Contributor
Jul 10, 2023

how to collect logs from AWS Linux machine in log analytic workspace

is it possible to collect all machine logs using old log analytics agent from AWS linux machine ?

getting those below but doesn't seem i m getting all 

 

getting below message in those 5 syslog that i recived in last 24 hours.

cannot connect to xx.xx.xx.xx:514: Connection timed out [v8.2001.0 try https://www.rsyslog.com/e/2027 ]

  • LeonPavesic's avatar
    LeonPavesic
    Silver Contributor

    Hi Victor1989,

    To collect logs from an AWS Linux machine in a Log Analytics workspace, you can use the Log Analytics agent:

    1. Prepare the Log Analytics workspace:
    - Create a Log Analytics workspace in Azure. Remember to note down the Workspace ID and Primary Key.

    2. Install the Log Analytics agent on your AWS Linux machine:

    - Connect to your AWS Linux machine via SSH.

    - Download the Log Analytics agent package using the following command:

    wget https://aka.ms/dependencyagentlinux -O InstallDependencyAgent-Linux64.bin

    Make the package executable:

    chmod +x InstallDependencyAgent-Linux64.bin

    - Run the installer:

    sudo ./InstallDependencyAgent-Linux64.bin -s -w <WorkspaceID> -k <PrimaryKey>


    - Replace <WorkspaceID> and <PrimaryKey> with the values from your Log Analytics workspace.

    3. Configure log collection:
    - Once the agent is installed, it will automatically start collecting basic logs such as syslog and performance metrics.
    - If you want to collect additional logs, you can configure specific log sources or directories to be monitored by the agent.

    4. Verify log collection:
    - To check if logs are being collected, you can go to the Azure portal.
    - Access your Log Analytics workspace and navigate to the Logs section.
    - Use the query interface to run a query and verify if logs from your AWS Linux machine are present


    It's important to ensure that the necessary network connectivity and firewall rules are correctly configured between your AWS Linux machine and the syslog server. 


    Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily. It also closes the item. If the post was useful in other ways, please consider giving it Like.

    Kindest regards

    Leon Pavesic

Resources