Forum Discussion
Push NGINX Plus and App Protect metrics/logs to Cloudwatch
Hi,
I have NGINX Plus with App Protect instances scaling in/out via AWS Autoscaling group. These instances are also connected to an NGINX Controller (after running controller agent script).
I want to collect and push NGINX Controller Agent Metrics to AW Cloudwatch but I don't find any documentation for that.
Please suggest a way to push these metrics to AWS Cloudwatch.
Specifically I am looking to collect system metrics like system.disk.free or system.mem.available etc and push it to Cloudwatch logs.
Ultimately I need to create an alarm in cloudwatch that will send an alert based on disk and mem usage of any NGINX Plus instances of the Autoscaling group.
Are there any nginx plus directives that allow me to push these as a log entry to cloud watch?
My nginx log format is like this:
log_format key_value 'site="$server_name" server="$host" dest_port="$server_port" dest_ip="$server_addr" '
'src="$remote_addr" src_ip="$realip_remote_addr" user="$remote_user" '
'time_local="$time_local" protocol="$server_protocol" status="$status" '
'bytes_out="$bytes_sent" bytes_in="$upstream_bytes_received" '
'http_referer="$http_referer" http_user_agent="$http_user_agent" '
'nginx_version="$nginx_version" http_x_forwarded_for="$http_x_forwarded_for" '
'http_x_header="$http_x_header" uri_query="$query_string" uri_path="$uri" '
'http_method="$request_method" response_time="$upstream_response_time" '
'cookie="$http_cookie" request_time="$request_time" category="$sent_http_content_type" https="$https" '
'CORRELATION_IDENTIFIER="$http_correlationid" ssl_client_fingerprint="$ssl_client_fingerprint" ssl_client_dn="$ssl_client_s_dn"';
log_format security_waf '$remote_addr [$time_local] "$request" '
'$status waf_policy=$app_protect_policy_name, waf_request_id=$app_protect_support_id '
'waf_action=$app_protect_outcome, waf_action_reason=$app_protect_outcome_reason';
access_log /var/log/nginx/access.log key_value;
#WAF access logs
access_log /var/log/app_protect/waf-access.log security_waf;
- bwolmaransEmployee
Hi, you gave examples of system disk and memory metrics, these OS level metrics are not specific to NGINX Plus/WAF so you can actually use CloudWatch agent. Would this be a solution for you? Metrics collected by the CloudWatch agent - Amazon CloudWatch
- nginxpmRet. Employee
Hi,
Have you tried using snippets as described in https://docs.nginx.com/nginx-controller/app-delivery/about-snippets/ .
Please see the example "Forward Error Logs to Remote Syslog".
- nirajbhattNimbostratus
Hi nginxpm ,
Thanks for your reply and apologies for late response. Actually I need to push NGINX Plus/WAF instance logs to cloudwatch as a metrics so that I can directly create dashboard and alarms on Cloudwatch rather than manually pushing those logs in cloudwatch.
Specifically I am looking to collect system metrics like system.disk.free or system.mem.available etc and push it to Cloudwatch.
Ultimately I need to create an alarm in cloudwatch that will send an alert based on disk and mem usage of any NGINX Plus instances of the Autoscaling group.
- Leslie_HubertusRet. Employee
Hi nirajbhatt - I see nobody has answered you yet, so I'm forwarding your post to a colleague who may be able to help.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com