Help CenterProblem:
When you install the (legacy) AWS CloudWatch Logs agent using the Amazon documentation, the Agent installation crashes with an error.
Symptoms:
Step 2 of 5: Downloading the latest CloudWatch Logs agent bits ... Traceback (most recent call last):
File "./awslogs-agent-setup.py", line 1352, in <module>
main()
File "./awslogs-agent-setup.py", line 1348, in main
setup.setup_artifacts()
File "./awslogs-agent-setup.py", line 892, in setup_artifacts
self.install_awslogs_cli()
File "./awslogs-agent-setup.py", line 541, in install_awslogs_cli
self.setup_virtualenv()
File "./awslogs-agent-setup.py", line 751, in setup_virtualenv
raise BadRCError("Bad rc (%s) for cmd '%s': %s" % (p.returncode, "cmd", stdout + stderr))
__main__.BadRCError: Bad rc (100) for cmd 'cmd': Already using interpreter /bin/python
New python executable in /var/awslogs/bin/python
ERROR: The executable /var/awslogs/bin/python could not be run: [Errno 13] Permission denied
Cause:
STIG mandates that the /var filesystem not allow executables (noexec), but the AWS log agent installs by default to /var/awslogs. Therefore, the agent is unable to run any of its programs.
Solution:
The best way to fix this is to modify the AWS Logs installation script and have it install the agent to /usr/awslogs instead. We recommend creating a symbolic link to /var/awslogs in the event that anyone that expects it to be there goes looking for it.
$ sed -i 's@/var/aw@/usr/aw@g' awslogs-agent-setup.py
$ sudo ln -s /usr/awslogs /var/awslogs
$ sudo python ./awslogs-agent-setup.py --region XXXXX
Launching interactive setup of CloudWatch Logs agent ... downloading AgentDependencies.tar.gz with urllib ......
Step 1 of 5: Installing pip ...DONE
Step 2 of 5: Downloading the latest CloudWatch Logs agent bits ... DONE
Step 3 of 5: Configuring AWS CLI ...
AWS Access Key ID [None]:
AWS Secret Access Key [None]:
Default region name [us-east-1]:
Default output format [None]:
Step 4 of 5: Configuring the CloudWatch Logs Agent ...
Path of log file to upload [/var/log/messages]:
Destination Log Group name [/var/log/messages]:
Choose Log Stream name:
1. Use EC2 instance id.
2. Use hostname.
3. Custom.
Enter choice [1]:
Choose Log Event timestamp format:
1. %b %d %H:%M:%S (Dec 31 23:59:59)
2. %d/%b/%Y:%H:%M:%S (10/Oct/2000:13:55:36)
3. %Y-%m-%d %H:%M:%S (2008-09-08 11:52:54)
4. Custom
Enter choice [1]:
Choose initial position of upload:
1. From start of file.
2. From end of file.
Enter choice [1]:
More log files to configure? [Y]: n
Step 5 of 5: Setting up agent as a daemon ...DONE
------------------------------------------------------
- Configuration file successfully saved at: /usr/awslogs/etc/awslogs.conf
- You can begin accessing new log events after a few moments at https://console.aws.amazon.com/cloudwatch/home?region=us-east-1#logs:
- You can use 'sudo service awslogs start|stop|status|restart' to control the daemon.
- To see diagnostic information for the CloudWatch Logs Agent, see /var/log/awslogs.log
- You can rerun interactive setup using 'sudo python ./awslogs-agent-setup.py --region us-east-1 --only-generate-config'
------------------------------------------------------