CloudWatch Logs is a public service that can aggregate logs from various AWS services, but only when integration is configured properly. As its name suggests, it is a part of CloudWatch.

Log collection is achieved through:

  • CWL’s integration with many AWS services (e.g., Fargate)
  • CloudWatch agent for non-natively supported log sources
  • Manual programmatic logging through AWS SDK

Concepts:

  • metric filter: can generate metrics based on logs
  • log events: timestamp + message
  • log stream: log events from a single source (e.g. one EC2 instance)
  • log group: groups of log streams, also stores log settings (retention, permissions), also sends data to metric filter