How to parse mixed text and JSON log entries in AWS CloudWatch for Log Metric Filter

Question

I am trying to parse log entries which are a mix of text and JSON. The first line is text representation and the next lines are JSON payload of the event. One of the possible ex

Answer 1

you can use fluentd agent to send logs to Cloudwatch. Create custom grok pattern based on your metric filter.

Steps:

• Install fluentd agent in your server
• Install fluent-plugin-cloudwatch-logs plugin and fluent-plugin-grok-parser plugin

• write your custom grok pattern based on your log format

  please refer this blog for more information