Amazon CloudWatch Agent adds support for Windows Event Log Filters

Amazon CloudWatch agent has added support for configurable Windows Event log filters. This new feature allows customers to selectively collect and send system and application events to CloudWatch from Windows hosts running on Amazon EC2 or on-premises. The addition of customizable filters helps customers to focus on events that meet specific criteria, streamlining log management and analysis.

Using this new functionality of the CloudWatch agent, you can define filter criteria for each Windows Event log stream in the agent configuration file. The filtering options include event levels, event IDs, and regular expressions to either “include” or “exclude” text within events. The agent evaluates each log event against your defined filter criteria to determine whether it should be sent to CloudWatch. Events that don’t match your criteria are discarded. Windows event filters help you to manage your log ingestion by processing only the events you need, such as those containing specific error codes, while excluding verbose or unwanted log entries.

Amazon CloudWatch Agent is available in all commercial AWS Regions, and the AWS GovCloud (US) Regions.

To get started, see Create or Edit the CloudWatch Agent Configuration File in the Amazon CloudWatch User Guide.

Categories: general:products/aws-govcloud-us,general:products/amazon-cloudwatch,marketing:marchitecture/management-and-governance,general:products/amazon-cloudwatch-logs

Source: Amazon Web Services

Latest Posts