Publishing database logs to Amazon CloudWatch Logs - Amazon Aurora
Overview of RDS integration with CloudWatch LogsDeciding which logs to publish to CloudWatch LogsSpecifying the logs to publish to CloudWatch LogsSearching and filtering your logs in CloudWatch Logs

Publishing database logs to Amazon CloudWatch Logs

In an on-premises database, the database logs reside on the file system. Amazon RDS doesn't provide host access to the database logs on the file system of your DB cluster. For this reason, Amazon RDS lets you export database logs to Amazon CloudWatch Logs. With CloudWatch Logs, you can perform real-time analysis of the log data. You can also store the data in highly durable storage and manage the data with the CloudWatch Logs Agent.

Overview of RDS integration with CloudWatch Logs

In CloudWatch Logs, a log stream is a sequence of log events that share the same source. Each separate source of logs in CloudWatch Logs makes up a separate log stream. A log group is a group of log streams that share the same retention, monitoring, and access control settings.

Amazon Aurora continuously streams your DB cluster log records to a log group. For example, you have a log group /aws/rds/cluster/cluster_name/log_type for each type of log that you publish. This log group is in the same AWS Region as the database instance that generates the log.

AWS retains log data published to CloudWatch Logs for an indefinite time period unless you specify a retention period. For more information, see Change log data retention in CloudWatch Logs.

Deciding which logs to publish to CloudWatch Logs

Each RDS database engine supports its own set of logs. To learn about the options for your database engine, review the following topics:

Specifying the logs to publish to CloudWatch Logs

You specify which logs to publish in the console. Make sure that you have a service-linked role in AWS Identity and Access Management (IAM). For more information about service-linked roles, see Using service-linked roles for Amazon Aurora.

To specify the logs to publish

  1. Open the Amazon RDS console at https://console.aws.amazon.com/rds/.

  2. In the navigation pane, choose Databases.

  3. Do either of the following:

    • Choose Create database.

    • Choose a database from the list, and then choose Modify.

  4. In Logs exports, choose which logs to publish.

    The following example specifies the audit log, error logs, general log, and slow query log.

    Choose the logs to publish to CloudWatch Logs

Searching and filtering your logs in CloudWatch Logs

You can search for log entries that meet a specified criteria using the CloudWatch Logs console. You can access the logs either through the RDS console, which leads you to the CloudWatch Logs console, or from the CloudWatch Logs console directly.

To search your RDS logs using the RDS console

  1. Open the Amazon RDS console at https://console.aws.amazon.com/rds/.

  2. In the navigation pane, choose Databases.

  3. Choose a DB cluster or a DB instance.

  4. Choose Configuration.

  5. Under Published logs, choose the database log that you want to view.

To search your RDS logs using the CloudWatch Logs console

  1. Open the CloudWatch console at https://console.aws.amazon.com/cloudwatch/.

  2. In the navigation pane, choose Log groups.

  3. In the filter box, enter /aws/rds.

  4. For Log Groups, choose the name of the log group containing the log stream to search.

  5. For Log Streams, choose the name of the log stream to search.

  6. Under Log events, enter the filter syntax to use.

For more information, see Searching and filtering log data in the Amazon CloudWatch Logs User Guide. For a blog tutorial explaining how to monitor RDS logs, see Build proactive database monitoring for Amazon RDS with Amazon CloudWatch Logs, AWS Lambda, and Amazon SNS.