Amazon CloudWatch Logs is used as centralized place to monitor, store, and access all our log files from different AWS services
CloudWatch organises logs in a log group and when a new log group is created, itβs retention period is set to Never expire by default, which means logs will be retained forever.
Here is a sample python script that helps with changing the retention days to 60.
import boto3
# set the number of retention days
retention_days = 60
# list the regions you are interested to run this script on
regions=['us-east-1']
for region in regions:
client = boto3.client('logs',region)
response = client.describe_log_groups(
)
nextToken=response.get('nextToken',None)
retention = response['logGroups']
while (nextToken is not None):
response = client.describe_log_groups(
nextToken=nextToken
)
nextToken = response.get('nextToken', None)
retention = retention + response['logGroups']
for group in retention:
if 'retentionInDays' in group.keys():
print(group['logGroupName'], group['retentionInDays'],region)
else:
print("Retention Not found for ",group['logGroupName'],region)
setretention = client.put_retention_policy(
logGroupName=group['logGroupName'],
retentionInDays=retention_days
)
print(setretention)
Once this script is run problem is solved for existing log groups but it would be nice to automate it using cloud watch events to run a python code using lambda in that way all the log groups created going forward will have retention value set.
Top comments (0)