https://docs.aws.amazon.com/ja_jp/AmazonCloudWatch/latest/logs/S3ExportTasks.html

-- 1. コマンド等のインストール

-- 1.1 aws cli version 2 インストール

curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip awscliv2.zip
sudo ./aws/install

aws --version

-- 1.2 jqインストール
sudo yum -y install jq

-- 2. CloudWatchロググループの作成

aws logs create-log-group --log-group-name app01/test.log

aws logs describe-log-groups --log-group-name-prefix app01/test.log

aws logs put-retention-policy \
--log-group-name app01/test.log \
--retention-in-days 1

-- 3. CloudWatchログストリームの作成

aws logs create-log-stream \
--log-group-name app01/test.log \
--log-stream-name stream01

aws logs describe-log-streams \
--log-group-name app01/test.log

-- 4. テスト用ログ追加

aws logs put-log-events \
--log-group-name app01/test.log \
--log-stream-name stream01 \
--log-events \
timestamp=1646547311000,message="message01" \
timestamp=1646547312000,message="message02" \
timestamp=1646547313000,message="message03" \
timestamp=1646547314000,message="message04" \
timestamp=1646547315000,message="message05"

 

-- 5. S3 バケットを作成する

aws s3 mb s3://bucket123

aws s3 ls

-- 6. Amazon S3 バケットに許可を設定する

vim policy01.json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": "s3:GetBucketAcl",
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::bucket123",
            "Principal": { "Service": "logs.ap-northeast-1.amazonaws.com" }
        },
        {
            "Action": "s3:PutObject" ,
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::bucket123/*",
            "Condition": { "StringEquals": { "s3:x-amz-acl": "bucket-owner-full-control" } },
            "Principal": { "Service": "logs.ap-northeast-1.amazonaws.com" }
        }
    ]
}

aws s3api put-bucket-policy \
--bucket bucket123 \
--policy file://policy01.json

 

-- 7. エクスポートタスクの作成

aws logs create-export-task \
--task-name "task01" \
--log-group-name "app01/test.log" \
--from 1646547312000 \
--to   1646547314000 \
--destination "bucket123" \
--destination-prefix "exportedlogs"

aws logs describe-export-tasks \
--task-id "11111111-2222-3333-4444-555555555555"

 

aws s3 ls s3://bucket123 --recursive

aws s3 cp s3://bucket123/exportedlogs/11111111-2222-3333-4444-555555555555/stream01/000000.gz - | zcat

-- 8. クリーンアップ

-- S3バケットの削除
aws s3 ls
aws s3 rb s3://bucket123 --force

-- CloudWatchログストリームの削除

aws logs describe-log-streams \
--log-group-name app01/test.log

aws logs delete-log-stream \
--log-group-name app01/test.log \
--log-stream-name stream01

-- CloudWatchロググループの削除

aws logs describe-log-groups --log-group-name-prefix app01/test.log

aws logs delete-log-group --log-group-name app01/test.log