How do I publish logs for Amazon RDS or Aurora for MySQL instances to CloudWatch?

Last updated: 2022-06-21

I have an Amazon Relational Database Service (Amazon RDS) or Amazon Aurora instance that's running MySQL. How can I view the DB logs for my instance in Amazon CloudWatch?

Short description

To view Amazon RDS logs in CloudWatch, first allow logging on the DB instance or cluster. Then, you can configure log exports on the DB instance to send the logs to CloudWatch.

Resolution

Allow logging on your DB instance

For Amazon RDS instances that run MySQL, modify the parameters for the general_log and slow_query_log in a custom DB parameter group that's associated with the DB instance. To allow audit logging, add the MariaDB Audit Plugin to your custom option group. For more information, see How do I activate and monitor logs for an Amazon RDS for MySQL instance?

For Aurora clusters that run MySQL, modify the paramters for the general_log and slow_query_log. Allow Advanced Auditing to audit the logs for your Aurora clusters by using a custom cluster parameter group.

Publish logs to CloudWatch

To publish logs to CloudWatch, configure log exports on the DB instance and then set the log_output parameter to FILE. For Aurora, any selected log types are published for all instances of an Aurora DB cluster.

Configure log exports

  1. Open the Amazon RDS console.
  2. Choose Databases from the navigation pane.
  3. Select the instance that you want to publish logs to CloudWatch for, and then choose Modify.
  4. From the Log exports section, select the log types that you want to publish.
  5. Choose Continue, and then choose Modify DB Instance.
    Note: This modification doesn't require downtime.

Change the value of the log_output parameter

Note: This step isn't required for Aurora clusters that run MySQL 5.7 unless the value of the log_output parameter was manually modified to TABLE. For Aurora clusters that run MySQL 5.7, the default value of the log_output parameter is FILE.

  1. Open the Amazon RDS console.
  2. Choose Parameter groups from the navigation pane.
  3. Select the parameter group that's associated with the instance that you want to publish logs for.
  4. Choose Parameter group actions, and then choose Edit.
  5. Use the Filter parameters field to search for the log_output parameter.
  6. Set the value of the log_output parameter to FILE.
  7. Choose Save changes.
    Note: This is a dynamic parameter, so this modification doesn't require a restart. For more information, see Working with parameter groups.