Fork me on GitHub

Curious to hear any opinions on approaches to log aggregation (sys/app/custom) from AWS-hosted systems; anyone using CloudWatch? Amazon's hosted ES? Trying to understand the benefits/drawbacks to using Amazon's offerings vs other service providers (eg Splunk, Sumo Logic).


CloudWatch logs works fine. Generally pretty straightforward to setup. It is what I would start with again if I were setting up log aggregation from scratch. It works well enough.


I haven’t used ES + things on top for log aggregation before though. I have used Splunk and really enjoyed it too. I moved to CloudWatch when I started a new company and wanted to get something up and running that had minimal moving parts and fit well with the AWS ecosystem. I’d make the same choice again.


At my company we are using (basically hosted ELK stack) for aggregation, it works fine but there are a bunch of deployment hoops to jump through to get it to work on AWS that I'd just as soon avoid. I find the CloudWatch UI to be aesthetically not very appealing. I've heard good things from other people though.


Thanks for the feedback, much appreciated.