How do I turn on Redis Slow log in an ElastiCache for Redis cache cluster?

3 minute read
0

I want to turn on the Redis Slow log in my ElastiCache for Redis cache cluster. How can I do this?

Short description

The Redis Slow log feature logs queries that exceed a specified time period. The Slow log provides an option to either log slow queries to Amazon CloudWatch or to Amazon Kinesis Data Firehose. Redis Slow Log is a good tool for debugging and tracing your Redis database, especially if you're experiencing high latency and/or high CPU usage.

A new entry is added to the slow log when a command exceeds the execution time set by the slowlog-log-slower-than parameter. Each log entry is delivered to the specified destination (CloudWatch or Kineses) in JSON or text format.

The following are examples of each format:

JSON

{
    "CacheClusterId": "logslowxxxxmsxj",
    "CacheNodeId": "0001",
    "Id": 296,
    "Timestamp": 1605631822,
    "Duration (us)": 0,
    "Command": "GET ... (1 more arguments)",
    "ClientAddress": "192.168.12.104:55452",
    "ClientName": "logslowxxxxmsxj##"
}

Text

logslowxxxxmsxj,0001,1605631822,30,GET ... (1 more arguments),192.168.12.104:55452,logslowxxxxmsxj##

Resolution

Prerequisites

Redis Slow log requires Redis engine version 6.0 and up. If your engine version is lower than 6.0, you can manually retrieve the slow log using the slowlog get 128 command. Each node has its own slow log. So, you must collect the log from each node within the cluster.

Turning on the Slow log feature during cluster creation or modification requires permission to publish to CloudWatch or Kinesis Firehose. Use the following permissions by creating an Identify and Access Management policy and attaching it to the responsible user:

Amazon CloudWatch permissions:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "logs:CreateLogDelivery",
        "logs:GetLogDelivery",
        "logs:UpdateLogDelivery",
        "logs:DeleteLogDelivery",
        "logs:ListLogDeliveries"
      ],
      "Resource": [
        "*"
      ],
      "Effect": "Allow",
      "Sid": "ElastiCacheLogging"
    },
    {
      "Sid": "ElastiCacheLoggingCWL",
      "Action": [
        "logs:PutResourcePolicy",
        "logs:DescribeResourcePolicies",
        "logs:DescribeLogGroups"
      ],
      "Resource": [
        "*"
      ],
      "Effect": "Allow"
    }
  ]
}

Amazon Kinesis Data Firehose permissions:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "logs:CreateLogDelivery",
        "logs:GetLogDelivery",
        "logs:UpdateLogDelivery",
        "logs:DeleteLogDelivery",
        "logs:ListLogDeliveries"
      ],
      "Resource": [
        "*"
      ],
      "Effect": "Allow",
      "Sid": "ElastiCacheLogging"
    },
    {
      "Sid": "ElastiCacheLoggingFHSLR",
      "Action": [
        "iam:CreateServiceLinkedRole"
      ],
      "Resource": "*",
      "Effect": "Allow"
    },
    {
      "Sid": "ElastiCacheLoggingFH",
      "Action": [
        "firehose:TagDeliveryStream"
      ],
      "Resource": "Amazon Kinesis Data Firehose delivery stream ARN",
      "Effect": "Allow"
    }
  ]
}

Turn on Redis slow logs in your ElastiCache cluster

After meeting the prerequisites, you can turn on Slow log while creating your cluster or by modifying an existing cluster.

For directions on turning on Redis Slow logs from the AWS console, see Specifying log delivery using the Console.

Slow log contents

After selecting the log destination, when a query exceeds the specified time frame, the event is logged to the log destination. Each logged event contains the following content:

  • CacheClusterId: The ID of the cache cluster.
  • CacheNodeId: The ID of the cache node.
  • Id: A unique progressive identifier for every slow log entry.
  • Timestamp: The Unix timestamp at which the logged command was processed.
  • Duration: The amount of time needed for its execution, in microseconds.
  • Command: The command used by the client. For example, set foo bar where foo is the key and bar is the value. ElastiCache for Redis replaces the actual key name and value with (2 more arguments) to avoid exposing sensitive data.
  • ClientAddress: Client IP address and port.
  • ClientName: Client name if set via the CLIENT SETNAME command.

AWS OFFICIAL
AWS OFFICIALUpdated 2 years ago