How do I publish logs for Amazon RDS or Aurora for MySQL instances to CloudWatch?

Last updated: 2019-06-25

I have an Amazon Relational Database Service (Amazon RDS) or Amazon Aurora instance that's running MySQL. How can I view my DB these logs in Amazon CloudWatch?

Short Description

To view Amazon RDS logs in CloudWatch, you must first enable logging on the DB instance or cluster. Then, you can configure log exports on the DB instance to send the logs to CloudWatch.

Resolution

Enabling logging on your DB instance

For Amazon RDS instances that run MySQL, modify the parameters for the general_log and slow_query_log in a custom DB parameter group that's associated with the DB instance. You can enable the audit logging by adding the MariaDB Audit Plugin to your custom option group. For more information, see How do I enable and monitor logs for an Amazon RDS for MySQL instance?

For Aurora clusters that run MySQL, also modify the parameters for the general_log and slow_query_log. To enable the audit log for Aurora clusters, enable Advanced Auditing for your cluster by using a custom cluster parameter group.

Publishing logs to CloudWatch

To publish logs to CloudWatch, configure log exports on the DB instance and set the log_output parameter to FILE. For Aurora, any selected log types are published for all instances of an Aurora DB cluster.

Configuring log exports

  1. Open the Amazon RDS console.
  2. Choose Databases from the navigation pane.
  3. Select the instance that you want to publish logs to CloudWatch for, and then choose Modify.
  4. From the Log exports section, select the log types that you want to publish.
  5. Choose Continue, and then choose Modify DB Instance.
    Note: This modification doesn't require downtime.

Changing the value of the log_output parameter

Note: This step isn't required for Aurora clusters that run MySQL 5.7 unless the value of the log_output parameter was manually modified to TABLE. For Aurora clusters that run MySQL 5.7, the default value of the log_output parameter is FILE.

  1. Open the Amazon RDS console.
  2. Choose Parameter groups from the navigation pane.
  3. Select the parameter group that's associated with the instance that you want to publish logs for.
  4. Choose Parameter group actions, and then choose Edit.
  5. Use the Filter parameters field to search for the log_output parameter.
  6. Set the value of the log_output parameter to FILE.
  7. Choose Save changes.
    Note: This is a dynamic parameter, so this modification doesn't require a restart. For more information, see Working with DB Parameter Groups.