ClickStack - EC2 host logs #4792
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
The latest updates on your projects. Learn more about Vercel for GitHub.
3 Skipped Deployments
|
…into ec2-host-logs
Blargian
approved these changes
Nov 27, 2025
|
|
||
| **Replace the following in the configuration:** | ||
| - `YOUR_CLICKSTACK_HOST`: The hostname or IP address where ClickStack is running | ||
| - For local testing, you can use an SSH tunnel (see Troubleshooting section) |
Member
There was a problem hiding this comment.
Suggested change
| - For local testing, you can use an SSH tunnel (see Troubleshooting section) | |
| - For local testing, you can use an SSH tunnel (see the [Troubleshooting section](#troubleshooting)) |
| This configuration: | ||
| - Reads system log files from standard locations (`/var/log/syslog` for Ubuntu, `/var/log/messages` for Amazon Linux/RHEL) | ||
| - Parses syslog format to extract structured fields (timestamp, hostname, unit/service, PID, message) | ||
| - **Automatically detects and adds EC2 metadata** using the resourcedetection processor |
Member
There was a problem hiding this comment.
Suggested change
| - **Automatically detects and adds EC2 metadata** using the resourcedetection processor | |
| - **Automatically detects and adds EC2 metadata** using the `resourcedetection` processor |
For consistency below
| Once the collector is running, log into HyperDX and verify logs are flowing with EC2 metadata: | ||
|
|
||
| 1. Navigate to the search view | ||
| 2. Set source to Logs |
Member
There was a problem hiding this comment.
Suggested change
| 2. Set source to Logs | |
| 2. Set source to `Logs` |
|
|
||
| Once the collector is running: | ||
|
|
||
| 1. Open [HyperDX](http://localhost:8080/) and log in to your account (you may need to create an account first) |
Member
There was a problem hiding this comment.
Let's link to where you can create an account
| Once the collector is running: | ||
|
|
||
| 1. Open [HyperDX](http://localhost:8080/) and log in to your account (you may need to create an account first) | ||
| 2. Navigate to the Search view and set the source to `Logs` |
Member
There was a problem hiding this comment.
Suggested change
| 2. Navigate to the Search view and set the source to `Logs` | |
| 2. Navigate to the search view and set the source to `Logs` |
| <Image img={search_view_demo} alt="EC2 logs search view"/> | ||
| <Image img={log_view_demo} alt="EC2 log detail with metadata"/> | ||
|
|
||
| :::note[Timezone Display] |
Member
There was a problem hiding this comment.
Suggested change
| :::note[Timezone Display] | |
| :::note[Timezone display] |
Comment on lines
+565
to
+567
| - Filter by EC2 metadata attributes (region, instance type, instance ID) to monitor specific resources | ||
| - Correlate EC2 host logs with application logs for comprehensive troubleshooting | ||
| - Create custom dashboards for security monitoring (SSH attempts, sudo usage, firewall blocks) |
Member
There was a problem hiding this comment.
If we have links for these it will make a nice addition
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
ClickStack - EC2 host logs guide
Checklist