Home Explore Blog CI



docker
5th chunk of `content/manuals/engine/logging/drivers/awslogs.md`
017d4140f276f6e6284cd36d905c33790f257ffb04bf00820000000100000c1a
This option is ignored if `awslogs-datetime-format` is also configured.

> [!NOTE]
>
> Multi-line logging performs regular expression parsing and matching of all log
> messages. This may have a negative impact on logging performance.

Consider the following log stream, where each log message should start with the
pattern `INFO`:

```console
INFO A message was logged
INFO Another multi-line message was logged
     Some random message
INFO Another message was logged
```

You can use the regular expression of `^INFO`:

```console
$ docker run \
    --log-driver=awslogs \
    --log-opt awslogs-region=us-east-1 \
    --log-opt awslogs-group=myLogGroup \
    --log-opt awslogs-multiline-pattern='^INFO' \
    ...
```

This parses the logs into the following CloudWatch log events:

```console
# First event
INFO A message was logged

# Second event
INFO Another multi-line message was logged
     Some random message

# Third event
INFO Another message was logged
```

### tag

Specify `tag` as an alternative to the `awslogs-stream` option. `tag` interprets
Go template markup, such as `{{.ID}}`, `{{.FullID}}`
or `{{.Name}}` `docker.{{.ID}}`. See
the [tag option documentation](log_tags.md) for details on supported template
substitutions.

When both `awslogs-stream` and `tag` are specified, the value supplied for
`awslogs-stream` overrides the template specified with `tag`.

If not specified, the container ID is used as the log stream.

> [!NOTE]
>
> The CloudWatch log API doesn't support `:` in the log name. This can cause
> some issues when using the `{{ .ImageName }}` as a tag,
> since a Docker image has a format of `IMAGE:TAG`, such as `alpine:latest`.
> Template markup can be used to get the proper format. To get the image name
> and the first 12 characters of the container ID, you can use:
>
> ```bash
> --log-opt tag='{{ with split .ImageName ":" }}{{join . "_"}}{{end}}-{{.ID}}'
> ```
>
> the output is something like: `alpine_latest-bf0072049c76`

### awslogs-force-flush-interval-seconds

The `awslogs` driver periodically flushes logs to CloudWatch.

The `awslogs-force-flush-interval-seconds` option changes log flush interval seconds.

Default is 5 seconds.

### awslogs-max-buffered-events

The `awslogs` driver buffers logs.

The `awslogs-max-buffered-events` option changes log buffer size.

Default is 4K.

## Credentials

You must provide AWS credentials to the Docker daemon to use the `awslogs`
logging driver. You can provide these credentials with the `AWS_ACCESS_KEY_ID`,
`AWS_SECRET_ACCESS_KEY`, and `AWS_SESSION_TOKEN` environment variables, the
default AWS shared credentials file (`~/.aws/credentials` of the root user), or
if you are running the Docker daemon on an Amazon EC2 instance, the Amazon EC2
instance profile.

Credentials must have a policy applied that allows the `logs:CreateLogStream`
and `logs:PutLogEvents` actions, as shown in the following example.

```json
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": ["logs:CreateLogStream", "logs:PutLogEvents"],
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}
```
Title: awslogs tag Option, Flush Interval, Buffer Size, and Credentials
Summary
This section explains the `tag` option as an alternative to `awslogs-stream`, which uses Go templates for stream naming. It details how to handle image names with colons. It also covers `awslogs-force-flush-interval-seconds` and `awslogs-max-buffered-events` options for controlling log flushing and buffer size, respectively. Finally, it describes how to provide AWS credentials to the Docker daemon and the required IAM policy for CloudWatch Logs access.