Export MuleSoft Application Logs To AWS Cloudwatch

Author: Santosh Hazari

The Article below illustrates the steps needed to configure the Anypoint Platform to post the logs on AWS Cloudwatch. 

In this information era, Logging plays a crucial role in any software development projects. Application Logging of data provides insights on the current state of the API depending on the level of logging we have configured for. A good logging strategy is important because it contains information about application events, messages, errors, and warnings, along with a few other informational events. 

What Is AWS CloudWatch? 

AWS CloudWatch is used to store, access and get meaningful insights from the log files. It enables you to centralize the logs from all of your systems, applications, and AWS services that you use, in a single, highly scalable service. You can then easily view them, search them for specific error codes or patterns, filter them based on specific fields, or archive them securely for future analysis. 

Why CloudWatch? 

With CloudWatch, you can collect and access all your performance and operational data in the form of logs and metrics from a single platform. It has the following features: 

● Query your log data 

● Monitor logs from Amazon EC2 instances 

● Monitor AWS CloudTrail logged events 

● Log retention 

● Archive log data

Section 1: AWS Cloudwatch Stream Creation 

1. CloudWatch Configuration 

First of all, a Log Group needs to be created in CloudWatch where the Log Stream resides. 

a) Navigate to Console and Search for Cloudwatch. 

b) Select Log Group 

c) Click on Create Log Group 

d) Select Log Group “AnypointLogs” 

e) Click on Create log Stream

2. IAM Configuration 

We would need the Access Key and Secret Key and region where log steam is created to access the stream from Anypoint. You can get it on IAM following below steps: 

a) Search for IAM from the console 

b) Select Manage Access Key 

c) Create New Access Key and note down the Secret Key (i.e. generated once while the create of Access Key)

Section 2: Anypoint Configuration 

1) We need to add the below 2 dependencies in the POM file of the Project 

POM.xml: 

XML 

1 

<dependencies> 

2 

<dependency> 

<groupId>com.kdgregory.logging</groupId> 

<artifactId>log4j2-aws-appenders</artifactId> 

<version>2.4.1</version> 

</dependency> 

<dependency> 

<groupId>com.amazonaws</groupId> 

<artifactId>aws-java-sdk-logs</artifactId> 

<version>1.11.908</version> 

</dependency> 

12 

</dependencies> 

2) We need to update the Log4j2.xml file of the Project 

log4j2.xml: 

a) Add kdgregory configuration package 

<Configuration 

packages=”com.mulesoft.ch.logging.appender,com.kdgregory.log4 j2.aws” status=”debug”> 

b) Add CloudWatch Appender under <Appenders> 

XML 

1 

<CloudWatchAppender name=”CLOUDWATCH”> 

2 

<logGroup>${sys:log.group.name}</logGroup> 

3 

<logStream>${sys:log.stream.name}</logStream> 

4 

<dedicatedWriter>true</dedicatedWriter> 

5

<PatternLayout pattern=”%d{yyyy-MM-dd HH:mm:ss.SSS} [%t] %p – %c – %m” /> 6 

</CloudWatchAppender> 

c) Reference it in <AsyncLogger> 

XML 

1 

<AsyncRoot level=”INFO”> 

2 

<AppenderRef ref=”CLOUDWATCH” /> 

3 

</AsyncRoot> 

Section 3: Deployment 

It can be deployed on all the deployments options for mule app where custom logging can be configured. I have mentioned deployment steps for Local and Cloudhub. 

1) Deployment on Anypoint Studio (Local) 

Post Configuration of the all the steps, We have to pass the access key, Secret Access Key, Region, Log Group Name and Log Stream Name as Runtime Argument on Anypoint Studio 

Arguments 

1 

-Daws.accessKeyId= ********* 

2 

-Daws.secretKey=******** 

3 

-Daws.region=******** [example: “us-east-1” ] 

4 

-Dlog.group.name=your-Log-Group-Name [example: “AnypointLogs”] 

5 

-Dlog.stream.name=your-Log-Steam-Name [example: “cloudhubtest”]

2) Deployment on Anypoint Platform (Cloudhub): 

a) We need to Disable Cloudhub logs on Runtime Manager Settings. b) We need to pass the Access Key, Secret Access Key and Region as Runtime Properties During the deployment. 

That’s it, all done! 

Now, All your MuleSoft application logs deployed to Cloudhub or on-premises environments will be sent to Amazon CloudWatch.

Note: 

a) If you don’t find the Disable Cloudhub logs checkbox on Runtime Manager. You need to get it enabled by raising a ticket to MuleSoft. b) IAM Role (Access Key and Secret Access Key) Should have necessary permissions to push logs to Cloudwatch. For example (logs:PutLogEvents, logs:CreateLogStream,logs:CreateLogGroup, logs:Describe, 

logs:DescribeLogSteams)