Prerequisites

  • AWS CLI configured
  • Access to:
    • AWS ECR
    • AWS ECS (Fargate)
    • AWS CloudWatch
    • AWS VPC

Overview

This setup sends ECS Fargate logs to Fluent Bit, which then forwards them to both Atatus and Loki.

Step 1: Create ECS Task Definition

Replace the following placeholders with your actual values: <YOUR_LOKI_NAME>, <YOUR_LOKI_HOST>, <YOUR_LOKI_PORT>, <YOUR_LOKI_TLS>, <YOUR_LOKI_TLS_VERIFY>, <YOUR_LOKI_HTTP_USER>, <YOUR_LOKI_HTTP_PASSWORD>, <YOUR_JOB_NAME>, <YOUR_ENVIRONMENT>, <YOUR_REGION>, <YOUR_CONTAINER_NAME>, <YOUR_APP_IMAGE>, <YOUR_ATATUS_LOGS_INGEST_LICENSE_KEY>, <YOUR_SERVICE_NAME>, <YOUR_TASK_EXECUTION_ROLE>.

copy
icon/buttons/copy
{
    "family": "atatus-aws-ecs-fargate-fluent-bit",
    "containerDefinitions": [
        {
            "name": "log_router",
            "image": "atatus/aws-ecs-fargate-fluent-bit:1.0.0",
            "cpu": 0,
            "memoryReservation": 50,
            "portMappings": [],
            "essential": true,
            "environment": [
                  { "name": "LOKI_NAME", "value": "<YOUR_LOKI_NAME>" },
                  { "name": "LOKI_HOST", "value": "<YOUR_LOKI_HOST>" },
                  { "name": "LOKI_PORT", "value": "<YOUR_LOKI_PORT>" },
                  { "name": "LOKI_TLS", "value": "<YOUR_LOKI_TLS>" },
                  { "name": "LOKI_TLS_VERIFY", "value": "<YOUR_LOKI_TLS_VERIFY>" },
                  { "name": "LOKI_HTTP_USER", "value": "<YOUR_LOKI_HTTP_USER>" },
                  { "name": "LOKI_HTTP_PASSWORD", "value": "<YOUR_LOKI_HTTP_PASSWORD>" },
                  { "name": "JOB_NAME", "value": "<YOUR_JOB_NAME>" },
                  { "name": "ENVIRONMENT", "value": "<YOUR_ENVIRONMENT>" }
            ],
            "mountPoints": [],
            "volumesFrom": [],
            "user": "0",
            "logConfiguration": {
                "logDriver": "awslogs",
                "options": {
                    "awslogs-group": "/ecs/log-router",
                    "awslogs-region": "<YOUR_REGION>",
                    "awslogs-stream-prefix": "firelens"
                }
            },
            "systemControls": [],
            "firelensConfiguration": {
                "type": "fluentbit",
                "options": {
                    "enable-ecs-log-metadata": "true",
                    "config-file-type": "file",
                    "config-file-value": "/loki_logs.conf"
                }
            }
        },
        {
            "name": "<YOUR_CONTAINER_NAME>",
            "image": "<YOUR_APP_IMAGE>",
            "cpu": 0,
            "memoryReservation": 100,
            "portMappings": [],
            "essential": true,
            "environment": [],
            "mountPoints": [],
            "volumesFrom": [],
            "logConfiguration": {
                "logDriver": "awsfirelens",
                "options": {
                    "tls.verify": "off",
                    "Header": "x-atatus-ecs-awsfirelens <YOUR_ATATUS_LOGS_INGEST_LICENSE_KEY>:<YOUR_SERVICE_NAME>",
                    "Port": "443",
                    "Host": "intake-logs.atatus.com",
                    "tls": "on",
                    "URI": "/ingest/v1/logs",
                    "Name": "http",
                    "Format": "json_lines"
                }
            },
            "systemControls": []
        }
    ],
    "taskRoleArn": "<YOUR_TASK_EXECUTION_ROLE>",
    "executionRoleArn": "<YOUR_TASK_EXECUTION_ROLE>",
    "networkMode": "awsvpc",
    "requiresCompatibilities": [
        "FARGATE"
    ],
    "cpu": "256",
    "memory": "512"
}

Sample Data for Placeholders:

Use the below values as examples when replacing placeholders in your task definition:

  • <YOUR_LOKI_NAME> - loki
  • <YOUR_LOKI_HOST> - logs-prod-999.grafana.net
  • <YOUR_LOKI_PORT> - 443
  • <YOUR_LOKI_TLS> - on
  • <YOUR_LOKI_TLS_VERIFY> - on
  • <YOUR_LOKI_HTTP_USER> - 1100455
  • <YOUR_LOKI_HTTP_PASSWORD> - glc_eyJvIjoiMTM4NzYxMSIsIm4iOiJzdGFjay0xMjExODMz...
  • <YOUR_JOB_NAME> - ecs-app
  • <YOUR_ENVIRONMENT> - production
  • <YOUR_REGION> - ap-south-1
  • <YOUR_CONTAINER_NAME> - my-app
  • <YOUR_APP_IMAGE> - 123456789012.dkr.ecr.us-east-1.amazonaws.com/my-app:latest
  • <YOUR_ATATUS_LOGS_INGEST_LICENSE_KEY> - lic_**********************
  • <YOUR_SERVICE_NAME> - test-service
  • <YOUR_TASK_EXECUTION_ROLE> - arn:aws:iam::123456789012:role/ecsTaskExecutionRole

Step 2: Deploy Task in ECS

  • Open ECS > Task Definitions in AWS Console
  • Register the new task definition using the JSON above.
  • Launch a task in a suitable Fargate cluster and subnet.

Verification

  • Grafana Loki: Log in to your Grafana Cloud account and navigate to Loki. Verify that the logs are being ingested successfully.
  • Atatus: Go to your Atatus Logs Dashboard and confirm logs are visible.