Push NGINX Plus and App Protect metrics/logs to Cloudwatch
Hi,
I have NGINX Plus with App Protect instances scaling in/out via AWS Autoscaling group. These instances are also connected to an NGINX Controller (after running controller agent script).
I want to collect and push NGINX Controller Agent Metrics to AW Cloudwatch but I don't find any documentation for that.
Please suggest a way to push these metrics to AWS Cloudwatch.
Specifically I am looking to collect system metrics like system.disk.free or system.mem.available etc and push it to Cloudwatch logs.
Ultimately I need to create an alarm in cloudwatch that will send an alert based on disk and mem usage of any NGINX Plus instances of the Autoscaling group.
Are there any nginx plus directives that allow me to push these as a log entry to cloud watch?
My nginx log format is like this:
log_format key_value 'site="$server_name" server="$host" dest_port="$server_port" dest_ip="$server_addr" '
'src="$remote_addr" src_ip="$realip_remote_addr" user="$remote_user" '
'time_local="$time_local" protocol="$server_protocol" status="$status" '
'bytes_out="$bytes_sent" bytes_in="$upstream_bytes_received" '
'http_referer="$http_referer" http_user_agent="$http_user_agent" '
'nginx_version="$nginx_version" http_x_forwarded_for="$http_x_forwarded_for" '
'http_x_header="$http_x_header" uri_query="$query_string" uri_path="$uri" '
'http_method="$request_method" response_time="$upstream_response_time" '
'cookie="$http_cookie" request_time="$request_time" category="$sent_http_content_type" https="$https" '
'CORRELATION_IDENTIFIER="$http_correlationid" ssl_client_fingerprint="$ssl_client_fingerprint" ssl_client_dn="$ssl_client_s_dn"';
log_format security_waf '$remote_addr [$time_local] "$request" '
'$status waf_policy=$app_protect_policy_name, waf_request_id=$app_protect_support_id '
'waf_action=$app_protect_outcome, waf_action_reason=$app_protect_outcome_reason';
access_log /var/log/nginx/access.log key_value;
#WAF access logs
access_log /var/log/app_protect/waf-access.log security_waf;