通过 
搜索
搜索diephp/ laravel-cloudwatch-logs
Laravel适配AWS CloudWatch
v1.0.1
2024-05-23 18:06 UTC
Requires
- php: ^7.4 || ^8.0
- illuminate/support: ~5.5.0|~5.6.0|~5.7.0|~5.8.0|~6.0|^7.0|^8.0|^9.0|^10.0|^11.0
- maxbanton/cwh: ^2.0
This package is auto-updated.
Last update: 2024-09-23 19:56:26 UTC
README
版本dev-master的破坏性变更
本文档解释了如何使用PHP包与Laravel结合,使用不需要完全访问CloudWatch的安全策略将日志发送到AWS CloudWatch。
安装
您可以通过Composer安装它
composer require diephp/laravel-cloudwatch-logs
或者手动将其添加到您的 composer.json
{
"require": {
"diephp/laravel-cloudwatch-logs": "^1.0.0"
}
}
在Laravel中的使用
您可以使用此包与Laravel的默认 \Log 类。示例用法
\Log::error('Service error', ['message' => 'Message details', 'user_id' => \Auth()?->user_id]);
\Log::debug("Check status", [ "status" => "ok", "ver" => app()->version(), "env" => env("APP_ENV"), "api_url" => env("APP_URL"), ]);
AWS策略配置
创建IAM角色 -> 用户 -> appName 或选择现有的一个。
设置权限策略:(以下示例为测试/开发环境提供完全访问权限)
将自动创建日志组和日志流(不建议在生产环境中使用)
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "CloudWatchLogsFullAccess",
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams"
],
"Resource": "*"
}
]
}
推荐的配置策略(更安全)
您必须手动创建日志组和日志流,并在配置中设置 'createGroup' => false,
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:PutLogEvents",
"logs:DescribeLogGroups",
"logs:DescribeLogStreams"
],
"Resource": "*"
}
]
}
Laravel配置
打开 config/logging.php 并找到 channels 数组,然后添加 cloudwatch 键并进行最小配置
'channels' => [ ... 'cloudwatch' => [ 'driver' => 'custom', 'via' => \DiePHP\LaravelCloudWatchLog\Logger::class, 'region' => env('AWS_REGION', 'eu-west-1'), 'credentials' => [ 'key' => env('AWS_ACCESS_KEY_ID'), 'secret' => env('AWS_SECRET_ACCESS_KEY'), ], ], ... ]
对于更详细的配置,您可能需要以下内容
'channels' => [ ... 'cloudwatch' => [ 'driver' => 'custom', 'region' => env('AWS_REGION', 'eu-west-1'), 'credentials' => [ 'key' => env('AWS_ACCESS_KEY_ID'), 'secret' => env('AWS_SECRET_ACCESS_KEY'), ], 'stream_name' => env('CLOUDWATCH_LOG_STREAM', 'general'), 'retention' => env('CLOUDWATCH_LOG_RETENTION_DAYS', 31), 'group_name' => env('CLOUDWATCH_LOG_GROUP_NAME', env('AWS_SDK_LOG_GROUP_PREFIX', '')."general"), 'version' => env('CLOUDWATCH_LOG_VERSION', 'latest'), 'formatter' => \Monolog\Formatter\JsonFormatter::class, 'batch_size' => env('CLOUDWATCH_LOG_BATCH_SIZE', 10000), // max buffer size to send in one batch 'level' => env('LOG_LEVEL', 'debug'), 'createGroup' => true, // This is related to the AWS policy you choose. 'bubble' => true, // Whether the messages that are handled can bubble up the stack or not 'extra' => [ 'env' => env('APP_ENV'), 'php' => PHP_VERSION, 'laravel' => app()->version(), ], 'tags' => ['tag1', 'tag2'], 'via' => \DiePHP\LaravelCloudWatchLog\Logger::class, ], ... ]
如果您使用AWS基础设施进行部署,您可以删除配置中的 credentials 部分,因为AWS容器已经具有aws-sdk的凭据。
然后,您应该在环境变量中设置 LOG_CHANNEL 为 cloudwatch。
请注意,您应该将 env 值替换为您计划使用的实际值。