'How To Send Vault logs to CloudWatch

When running Hashicorp Vault on EC2, I'm able to install the CloudWatch agent and ship logs to over CloudWatch in order to create alerts and notifications on specific events.

However, when running Vault via a helm chart in Kubernetes, I'm not sure how to go about the same thing.

Is there a way to install the CloudWatch agent when running Vault in Kubernetes? Or some other way to get the logs to CloudWatch?

I have the file audit device enabled at vault/audit/vault_audit.log but all the logs are currently sitting on that file.

It's back by persistent storage, but ideally, ,I'd like to get it into CloudWatch somehow.

amazon-cloudwatchhashicorp-vaultcloudwatch-alarms


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Amazon Cloudwatch only receiving mem_used_percent and nothing else, despite numerous other metrics specified in config

aws Sagemaker autoscaling with instance metrics per instance

Install SSL certificates in my AWS canary puppeteer script

User is not authorized to perform: SNS:CreateTopic on resource

DiskSpaceUtilization metrics for EC2 instance in python boto script showing empty response

cloudwatch command get-metric-data

CloudWatch Agent: batch size equal to "1" - is it a bad idea?

collectd is reporting "Request is missing Authentication Token" when trying to post the metrics to AWS cloudwatch by custom collectd plugin

Configuring events on the amazon managed blockchain

Cumulative sum of AWS Cloudwatch Metric

CloudWatch Logs Filter case insensitive multiple terms or connected

How to query AWS CloudWatch logs using AWS CloudWatch Insights?

Filtering AWS CloudWatch raw log events by multiple values / AWS CLI

How to Monitor health of AWS cloudwatch agents?

Unable to Start AWS CloudAgent service