amazon-web-servicesloggingamazon-ecsaws-fargatefirelens

Awslogs log driver vs AWS Firelens - which one to use and when and cost factor


I am planning to migrate our app to AWS Fargate and so want to set up logging for the same as well and store all the logs in cloudwatch. I could see we have two options in Fargate - either use default awslogs log driver or use AWS Firelens to gather logs. I read the AWS documentation but unfortunately still not able to figure out which option to use and when precisely. Also, can someone advise on the cost side as well- which option costs how much between using awslogs driver vs aws firelens to send logs to cloudwatch in the same account? [I am looking for easy and efficient and cost effective option]

Is it fair to say in general,we use AWS Firelnes when you want to send logs data to non-AWS tools like elastic stack or datadog etc vs use awslogs driver when sending logs to cloudwatch
Can someone please advise?


Solution

  • Using Fargate launch type and want to use CloudWatch: You have to use awslog driver in your task definition. You can find more information about the CloudWatch pricing here. CloudWatch has a free tier and anything after the free tier cap (metrics, dashboards, alarms, logs, events, etc) has a different pricing calculation. For example, first 10K metrics cost 0.3$ in most regions, but the next 240K will cost 0.1$ while events are priced at 1$ for 1 million

    Using Fargate and don't want to use CloudWatch: Use AWS FireLens to push container logs to third party logstorage system. The cost of 3rd party log storage system would come in play here. Data Dog/AppDynamics and others usually offer membership packages (Free/Premium/Enterprise etc). Unlike CloudWatch, each package will give you different capabilities. For example, on the free tier in DataDog you do not have alerts. Also non-AWS native monitoring tools are priced per host/CPU core for a specific amount of hours.

    Firelens would also make sense if you want to ship to CloudWatch but want to do upfront filtering versus sending everything to CloudWatch