How do I upload my Windows logs to CloudWatch?

Last updated: 2019-06-12

I want to upload my Windows logs to Amazon CloudWatch. How can I do that? 

Resolution

You can upload your Windows logs to CloudWatch. Then, you can store the configuration file in the SSM Parameter Store.

  1. Create server and administrator AWS Identity and Access Management (IAM) roles to use with the CloudWatch agent. The server role allows instances to upload metrics and logs to CloudWatch. The administrator role creates and stores the CloudWatch configuration template in the Systems Manager Parameter Store.
    Note: Be sure to follow both IAM role creation procedures to limit access to the admin role.
  2. Attach the server role to any Elastic Compute Cloud (Amazon EC2) instances that you want to upload your logs for.
  3. Attach the administrator role to your administrator configuration instance.
  4. Download and install the CloudWatch agent package using AWS Systems Manager Run Command. In the Targets area, choose your server instances and your administrator instance.
  5. Create the CloudWatch agent configuration file on your administrator instance using the configuration wizard. Store the file in the Parameter Store. Record the parameter store name that you choose.
  6. To apply the configuration to the server instances and start uploading logs, start the CloudWatch agent using Systems Manager Run Command.
    For Targets, choose your server instances.
    For Optional Configuration Location, enter the parameter store name that you chose in the wizard.